diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/README.md b/ansible_collections/arista/avd/examples/single-dc-l3ls/README.md index e07dd352690..df8486eac25 100644 --- a/ansible_collections/arista/avd/examples/single-dc-l3ls/README.md +++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/README.md @@ -1,6 +1,6 @@ --- # This title is used for search results -title: AVD example for a single data center using L3LS +title: Single Data Center - L3LS --- -# AVD example for a single data center using L3LS +# Single Data Center - L3LS ## Introduction @@ -168,50 +168,9 @@ ansible_collections/arista/avd/examples/single-dc-l3ls/inventory.yml The above is what is included in this example, *purely* to make it as simple as possible to get started. However, in the future, please do not carry over this practice to a production environment, where an inventory file for an identical topology should look as follows when using DNS: ```yaml title="inventory.yml" ---- -all: - children: - CLOUDVISION: # (1)! - hosts: - cvp: - # Ansible variables used by the ansible_avd and ansible_cvp roles to push configuration to devices via CVP - ansible_httpapi_host: cvp - ansible_host: cvp - ansible_user: ansible - ansible_password: ansible - ansible_connection: httpapi - ansible_httpapi_use_ssl: true - ansible_httpapi_validate_certs: false - ansible_network_os: eos - # Configuration to get Virtual Env information - ansible_python_interpreter: $(which python3) - FABRIC: - children: - DC1: - children: - DC1_SPINES: - hosts: - dc1-spine1: - dc1-spine2: - DC1_L3_LEAVES: - hosts: - dc1-leaf1a: - dc1-leaf1b: - dc1-leaf2a: - dc1-leaf2b: - DC1_L2_LEAVES: - hosts: - dc1-leaf1c: - dc1-leaf2c: - - NETWORK_SERVICES: # (2)! - children: - DC1_L3_LEAVES: - DC1_L2_LEAVES: - CONNECTED_ENDPOINTS: # (3)! - children: - DC1_L3_LEAVES: - DC1_L2_LEAVES: +--8<-- +examples/single-dc-l3ls/inventory_without_ip.yml +--8<-- ``` 1. `CLOUDVISION` @@ -240,27 +199,27 @@ all: Since this example covers building an L3LS network, AVD must know about the device types, for example, spines, L3 leaves, L2 leaves, etc. The devices are already grouped in the inventory, so the device types are specified in the group variable files with the following names and content: -=== "DC1_SPINES.yml" +=== "spines.yml" ```yaml --8<-- - ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_SPINES.yml + examples/single-dc-l3ls/group_vars/DC1_SPINES/spines.yml --8<-- ``` -=== "DC1_L3_LEAVES.yml" +=== "l3_leaves.yml" ```yaml --8<-- - ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L3_LEAVES.yml + examples/single-dc-l3ls/group_vars/DC1_L3_LEAVES/l3_leaves.yml --8<-- ``` -=== "DC1_L2_LEAVES.yml" +=== "l2_leaves.yml" ```yaml --8<-- - ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L2_LEAVES.yml + examples/single-dc-l3ls/group_vars/DC1_L2_LEAVES/l2_leaves.yml:l2leaf --8<-- ``` @@ -268,347 +227,84 @@ For example, all switches that are children of the DC1_SPINES group defined in t ## Setting fabric-wide configuration parameters -The `ansible-avd-examples/single-dc-l3ls/group_vars/FABRIC.yml` file defines generic settings that apply to all children of the `FABRIC` group as specified in the inventory described earlier. +The `ansible-avd-examples/single-dc-l3ls/group_vars/FABRIC` folder contain files that defines generic settings that apply to all children of the `FABRIC` group as specified in the inventory described earlier. -The first section defines how the Ansible host connects to the devices: +The first file defines how the Ansible host connects to the devices: -```yaml title="FABRIC.yml" -ansible_connection: ansible.netcommon.httpapi # (1)! -ansible_network_os: arista.eos.eos # (2)! -ansible_user: ansible # (3)! -ansible_password: ansible -ansible_become: true -ansible_become_method: enable # (4)! -ansible_httpapi_use_ssl: true # (5)! -ansible_httpapi_validate_certs: false # (6)! +```yaml title="fabric_ansible_connectivity.yml" +--8<-- +examples/single-dc-l3ls/group_vars/FABRIC/fabric_ansible_connectivity.yml +--8<-- ``` -1. The Ansible host must use eAPI -2. Network OS which in this case is Arista EOS -3. The username/password combo -4. How to escalate privileges to get write access -5. Use SSL -6. Do not validate SSL certificates - The following section specifies variables that generate configuration to be applied to all devices in the fabric: -```yaml title="FABRIC.yml" -fabric_name: FABRIC # (1)! - -underlay_routing_protocol: ebgp -overlay_routing_protocol: ebgp - -local_users: # (2)! - - name: ansible - privilege: 15 - role: network-admin - sha512_password: $6$7u4j1rkb3VELgcZE$EJt2Qff8kd/TapRoci0XaIZsL4tFzgq1YZBLD9c6f/knXzvcYY0NcMKndZeCv0T268knGKhOEwZAxqKjlMm920 - - name: admin - privilege: 15 - role: network-admin - no_password: true - -bgp_peer_groups: # (3)! - evpn_overlay_peers: - password: Q4fqtbqcZ7oQuKfuWtNGRQ== - ipv4_underlay_peers: - password: 7x4B4rnJhZB438m9+BrBfQ== - mlag_ipv4_underlay_peer: - password: 4b21pAdCvWeAqpcKDFMdWw== - -p2p_uplinks_mtu: 1500 # (4)! - -default_interfaces: # (5)! - - types: [ spine ] - platforms: [ default ] - uplink_interfaces: [ Ethernet1-2 ] - downlink_interfaces: [ Ethernet1-8 ] - - types: [ l3leaf ] - platforms: [ default ] - uplink_interfaces: [ Ethernet1-2 ] - mlag_interfaces: [ Ethernet3-4 ] - downlink_interfaces: [ Ethernet8 ] - - types: [ l2leaf ] - platforms: [ default ] - uplink_interfaces: [ Ethernet1-2 ] - -cvp_instance_ips: - - 192.168.1.12 # (6)! -terminattr_smashexcludes: "ale,flexCounter,hardware,kni,pulse,strata" -terminattr_ingestexclude: "/Sysdb/cell/1/agent,/Sysdb/cell/2/agent" -terminattr_disable_aaa: true - -name_servers: # (7)! - - 192.168.1.1 - -ntp_settings: # (8)! - server_vrf: use_mgmt_interface_vrf - servers: - - name: 192.168.200.5 +```yaml title="fabric_variables.yml" +--8<-- +examples/single-dc-l3ls/group_vars/FABRIC/fabric_variables.yml +--8<-- ``` -1. The name of the fabric for internal AVD use. This name *must* match the name of an Ansible Group (and therefore a corresponding group_vars file) covering all network devices. -2. Local users/passwords and their privilege levels. In this case, the `ansible` user is set with the password `ansible` and an `admin` user is set with no password. -3. BGP peer groups and their passwords (all passwords are "arista"). -4. Point-to-point interface MTU, in this case, is set to 1500 since the example uses vEOS, but when using hardware, this should be set to 9214 instead. -5. Defines which interfaces to use for uplinks, MLAG peer-links and downlinks. In this example they are specified per node type. - 1. `uplink_interfaces` specify which local interfaces connect to an upstream device. - 2. `mlag_interfaces` specify which local interfaces connect to an MLAG peer. - 3. `downlink_interfaces` specify which local interfaces connect to a downstream device. -6. Relevant settings for the `TerminAttr` software agent on EOS, responsible for streaming telemetry back to CloudVision Portal. -7. DNS Server specification. Used in this example primarily to resolve the IP address of the NTP server. -8. NTP server settings. Correct and synchronized time on EOS is required for proper connectivity to CloudVision Portal. - ## Setting device specific configuration parameters -The `ansible-avd-examples/single-dc-l3ls/group_vars/DC1.yml` file defines settings that apply to all children of the `DC1` group as specified in the inventory described earlier. However, this time the settings defined are no longer fabric-wide but are limited to DC1. This example is of limited benefit with only a single data center. Still, it allows us to scale the configuration to a scenario with multiple data centers in the future. +The `ansible-avd-examples/single-dc-l3ls/group_vars/DCI/dc1.yml` file defines settings that apply to all children of the `DC1` group as specified in the inventory described earlier. However, this time the settings defined are no longer fabric-wide but are limited to DC1. This example is of limited benefit with only a single data center. Still, it allows us to scale the configuration to a scenario with multiple data centers in the future. -```yaml title="DC1.yml" ---- -mgmt_gateway: 172.16.1.1 # (1)! - -spine: - defaults: - platform: vEOS-lab # (2)! - loopback_ipv4_pool: 10.255.0.0/27 # (3)! - bgp_as: 65100 # (4)! - - nodes: # (5)! - - name: dc1-spine1 - id: 1 # (6)! - mgmt_ip: 172.16.1.11/24 # (7)! - - - name: dc1-spine2 - id: 2 - mgmt_ip: 172.16.1.12/24 +```yaml title="dc1.yml" +--8<-- +examples/single-dc-l3ls/group_vars/DC1/dc1.yml +--8<-- ``` -1. The default gateway for the management interface of all devices in DC1 is defined. -2. `platform` references default settings defined in AVD specific to certain switch platforms. -3. `loopback_ipv4_pool` defines the IP scope from which AVD assigns IPv4 addresses for Loopback0. -4. `bgp_as` defines the BGP AS number. -5. `nodes` defines the actual spine switches, using the hostnames defined in the inventory. -6. `id` is used to calculate the various IP addresses, for example, the IPv4 address for the Loopback0 interface. In this case, dc1-spine1 will get the IPv4 address 10.255.0.1/27 assigned to the Loopback0 interface. -7. `mgmt_ip` defines the IPv4 address of the management interface. As stated earlier, Ansible will perform name lookups using the hostnames specified in the inventory unless using the `ansible_host` option. However, there is no automatic mechanism to grab the result of the name lookup and use that to generate the management interface configuration. - -The following section covers the L3 leaf switches. Significantly more settings need to be set compared to the spine switches: - -```yaml title="DC1.yml" -l3leaf: - defaults: - platform: vEOS-lab # (1)! - loopback_ipv4_pool: 10.255.0.0/27 # (2)! - loopback_ipv4_offset: 2 # (3)! - vtep_loopback_ipv4_pool: 10.255.1.0/27 # (4)! - uplink_interfaces: ['Ethernet1', 'Ethernet2'] # (5)! - uplink_switches: ['dc1-spine1', 'dc1-spine2'] # (6)! - uplink_ipv4_pool: 10.255.255.0/26 # (7)! - mlag_interfaces: ['Ethernet3', 'Ethernet4'] # (8)! - mlag_peer_ipv4_pool: 10.255.1.64/27 # (9)! - mlag_peer_l3_ipv4_pool: 10.255.1.96/27 # (10)! - virtual_router_mac_address: 00:1c:73:00:00:99 # (11)! - spanning_tree_priority: 4096 # (12)! - spanning_tree_mode: mstp # (13)! - - node_groups: # (14)! - - group: DC1_L3_LEAF1 - bgp_as: 65101 # (15)! - nodes: - - name: dc1-leaf1a - id: 1 - mgmt_ip: 172.16.1.101/24 - uplink_switch_interfaces: # (16)! - - Ethernet1 - - Ethernet1 - - name: dc1-leaf1b - id: 2 - mgmt_ip: 172.16.1.102/24 - uplink_switch_interfaces: - - Ethernet2 - - Ethernet2 - - DC1_L3_LEAF2: - bgp_as: 65102 - nodes: - - name: dc1-leaf2a - id: 3 - mgmt_ip: 172.16.1.103/24 - uplink_switch_interfaces: - - Ethernet3 - - Ethernet3 - - name: dc1-leaf2b - id: 4 - mgmt_ip: 172.16.1.104/24 - uplink_switch_interfaces: - - Ethernet4 - - Ethernet4 +The `ansible-avd-examples/single-dc-l3ls/group_vars/DC1_SPINES/spines.yml` covers the spine switches. + +```yaml title="spines.yml" +--8<-- +examples/single-dc-l3ls/group_vars/DC1_SPINES/spines.yml +--8<-- ``` -1. `platform` references default settings defined in AVD specific to certain switch platforms. -2. `loopback_ipv4_pool` defines the IP scope from which AVD assigns IPv4 addresses for Loopback0. Please note that this IP pool is identical to the one used for the spine switches in this example. To avoid setting the same IP addresses for several devices, we define the option `loopback_ipv4_offset`. -3. `loopback_ipv4_offset` offsets all assigned loopback IP addresses counting from the beginning of the IP scope. This is required to avoid overlapping IPs when the same IP pool is used for two different node_types (like spine and l3leaf in this example). The offset is "2" because each spine switch uses one loopback address. -4. `vtep_loopback_ipv4_pool` defines the IP scope from which AVD assigns IPv4 addresses for the VTEP (Loopback1). -5. `uplink_interfaces` used by the `l3leaf` nodes to connect to the spine switches. -6. `uplink_switches` defines the uplink switches, which are dc1-spine1 and dc1-spine2. Note that the `uplink_interfaces` and `uplink_switches` are paired vertically. -7. `uplink_ipv4_pool` defines the IP scope from which AVD assigns IPv4 addresses for the uplink interfaces that were just defined. -8. `mlag_interfaces` defines the MLAG interfaces used on each leaf switch. -9. `mlag_peer_ipv4_pool` defines the IP scope from which AVD assigns IPv4 addresses for the MLAG peer link interface VLAN4094. -10. `mlag_peer_l3_ipv4_pool` defines the IP scope from which AVD assigns IPv4 addresses for the iBGP peering established between the two leaf switches via the SVI/IRB interface VLAN4093. -11. `virtual_router_mac_address` defines the MAC address used for the anycast gateway on the various subnets. This is the MAC address connected endpoints will learn when ARPing for their default gateway. -12. `spanning_tree_priority` sets the spanning tree priority. Since spanning tree in an L3LS network is effectively only running locally on the switch, the same priority across all L3 leaf switches can be reused. -13. `spanning_tree_mode` defines the spanning tree mode. In this case, we are using MSTP, which is the default. However, other modes are supported should they be required, for example, for connectivity to legacy or third-party vendor environments. -14. `node_groups` defines settings common to more than one node. For example, when exactly two nodes are part of a node group for leaf switches, AVD will, by default, automatically generate MLAG configuration. -15. `bgp_as` is defined once since an MLAG pair shares a single BGP AS number. -16. `uplink_switch_interfaces` defines the interfaces used on the uplink switches (Ethernet1 on dc1-spine1 and dc1-spine2 in this example). +The `ansible-avd-examples/single-dc-l3ls/group_vars/DC1_L3_LEAVES/l3_leaves.yml` covers the L3 leaf switches. Significantly more settings need to be set compared to the spine switches. + +```yaml title="l3_leaves.yml" +--8<-- +examples/single-dc-l3ls/group_vars/DC1_L3_LEAVES/l3_leaves.yml +--8<-- +``` Finally, more of the same, but this time for the L2 leaf switches: -```yaml title="DC1.yml" -l2leaf: - defaults: - platform: vEOS-lab - spanning_tree_mode: mstp - - node_groups: - - group: DC1_L2_LEAF1 - uplink_switches: ['dc1-leaf1a', 'dc1-leaf1b'] - nodes: - - name: dc1-leaf1c - id: 1 - mgmt_ip: 172.16.1.151/24 - uplink_switch_interfaces: - - Ethernet8 - - Ethernet8 - - - group: DC1_L2_LEAF2 - uplink_switches: ['dc1-leaf2a', 'dc1-leaf2b'] - nodes: - - name: dc1-leaf2c - id: 2 - mgmt_ip: 172.16.1.152/24 - uplink_switch_interfaces: - - Ethernet8 - - Ethernet8 +```yaml title="l2_leaves.yml" +--8<-- +examples/single-dc-l3ls/group_vars/DC1_L2_LEAVES/l2_leaves.yml +--8<-- ``` -An L2 leaf switch is more simple than an L3 switch. Hence there are fewer settings to define. +An L2 leaf switch is simpler than an L3 switch. Hence there are fewer settings to define. ## Specifying network services (VRFs and VLANs) in the EVPN/VXLAN fabric -The `ansible-avd-examples/single-dc-l3ls/group_vars/NETWORK_SERVICES.yml` file defines All VRF and VLANs. This means that regardless of where a given VRF or VLAN must exist, its existence is defined in this file, but it does not indicate ***where*** in the fabric it exists. That was done at the bottom of the inventory file previously described in the [Inventory](#content-of-the-inventoryyml-file) section. - -```yaml title="NETWORK_SERVICES.yml" -tenants: # (1)! - - name: TENANT1 - mac_vrf_vni_base: 10000 # (2)! - vrfs: # (3)! - - name: VRF10 - vrf_vni: 10 # (4)! - vtep_diagnostic: # (5)! - loopback: 10 # (6)! - loopback_ip_range: 10.255.10.0/27 # (7)! - svis: # (8)! - - id: 11 - name: VRF10_VLAN11 # (9)! - enabled: true - ip_address_virtual: 10.10.11.1/24 # (10)! - - id: 12 - name: VRF10_VLAN12 - enabled: true - ip_address_virtual: 10.10.12.1/24 - - name: VRF11 - vrf_vni: 11 - vtep_diagnostic: - loopback: 11 - loopback_ip_range: 10.255.11.0/27 - svis: - - id: 21 - name: VRF11_VLAN21 - enabled: true - ip_address_virtual: 10.10.21.1/24 - - name: 22 - name: VRF11_VLAN22 - enabled: true - ip_address_virtual: 10.10.22.1/24 - - l2vlans: # (11)! - - id: 3401 - name: L2_VLAN3401 - - id: 3402 - name: L2_VLAN3402 -``` +The `ansible-avd-examples/single-dc-l3ls/group_vars/NETWORK_SERVICES/network_services.yml` file defines All VRF and VLANs. This means that regardless of where a given VRF or VLAN must exist, its existence is defined in this file, but it does not indicate ***where*** in the fabric it exists. That was done at the bottom of the inventory file previously described in the [Inventory](#content-of-the-inventoryyml-file) section. -1. Definition of tenants. Additional level of abstraction in addition to VRFs. In this example just one tenant named `TENANT1` is specified. -2. The base number (`10000`) used to generate the L2VNI numbers automatically, `L2VNI = base number + VLAN-id`. For example, L2VNI for VLAN11 = 10000 + 11 = 10011. -3. VRF definitions inside the tenant. -4. VRF VNI definition. -5. Enable VTEP Network diagnostics. This will create a loopback with virtual source-nat enable to perform diagnostics from the switch: - - ```eos - interface Loopback10 - description VRF10_VTEP_DIAGNOSTICS - no shutdown - vrf VRF10 - ip address 10.255.10.3/32 - ! - ip address virtual source-nat vrf VRF10 address 10.255.10.3 - ``` - -6. Loopback interface number. -7. Loopback IP range, a unique IP is derived from this range and assigned to each l3 leaf based on its unique id. -8. SVI Definitions for all SVIs within this tenant. -9. SVI Description. -10. IP anycast gateway to be used in the SVI in every leaf across the fabric. -11. These are pure L2 VLANs. They do not have an SVI defined in the l3leafs and they will be bridged inside the VXLAN fabric. +```yaml title="network_services.yml" +--8<-- +examples/single-dc-l3ls/group_vars/NETWORK_SERVICES/network_services.yml +--8<-- +``` AVD offers granular control of where Tenants and VLANs are configured using `tags` and `filter`. Those areas are not covered in this basic example. ## Specifying endpoint connectivity in the EVPN/VXLAN fabric -After the previous section, all VRFs and VLANs across the fabric are now defined. The `ansible-avd-examples/single-dc-l3ls/group_vars/CONNECTED_ENDPOINTS.yml` file specifies the connectivity for all endpoints in the fabric (typically servers): +After the previous section, all VRFs and VLANs across the fabric are now defined. The `ansible-avd-examples/single-dc-l3ls/group_vars/CONNECTED_ENDPOINTS/connected_endpoints.yml` file specifies the connectivity for all endpoints in the fabric (typically servers): -```yaml title="CONNECTED_ENDPOINTS.yml" +```yaml title="connected_endpoints.yml" --8<-- -ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/CONNECTED_ENDPOINTS.yml +examples/single-dc-l3ls/group_vars/CONNECTED_ENDPOINTS/connected_endpoints.yml --8<-- ``` This defines the settings for the relevant switch ports to which the endpoints connect, in this case the two servers `dc1-leaf1-server1` and `dc1-leaf2-server1`. -As an example, here is the configuration for `dc1-leaf1-server1`: - -```yaml title="CONNECTED_ENDPOINTS.yml" - dc1-leaf1-server1: - adapters: # (1)! - - endpoint_ports: [ PCI1, PCI2 ] # (2)! - switch_ports: [ Ethernet5, Ethernet5 ] # (3)! - switches: [ dc1-leaf1a, dc1-leaf1b ] # (4)! - vlans: 11-12,21-22 # (5)! - native_vlan: 4092 # (6)! - mode: trunk # (7)! - spanning_tree_portfast: edge # (8)! - port_channel: # (9)! - endpoint_port_channel: Bond1 - mode: active - - - endpoint_ports: [ iLO ] - switch_ports: [ Ethernet5 ] - switches: [ dc1-leaf1c ] - vlans: 11 - mode: access - spanning_tree_portfast: edge -``` - -1. The relevant `adapters` are defined. For example, the `type` set to `server` and `ilo` is purely for documentation and readability. It has no operational significance. -2. `endpoint_ports` are defined for use in the interface descriptions on the switch. This does not configure anything on the server. -3. `switch_ports` defines the interfaces used in the switches. In this example the server is dual-connected to Ethernet5 and Ethernet5. These two ports exist on switch dc1-leaf1a and dc1-leaf1b defined in the following line. -4. `switches` defines the switches used, in this case dc1-leaf1a and dc1-leaf1b. Note that the `endpoint_ports`, `switch_ports` and `switches` definitions are paired vertically. -5. `vlans` defines which VLANs are allowed on the switch_ports, in this case it is two ranges, VLAN11-12 and VLAN21-22 for the dual-attached server ports and VLAN11 for the iLO port. -6. `native_vlan` specifies the native VLAN when the switch port mode is set to trunk. -7. `mode` is set to trunk for the dual-attached server ports and access for the iLO port. -8. `spanning_tree_portfast` defines whether the switch port should be a spanning tree edge or network port. -9. `port_channel` defines the port-channel name on the endpoint that will be used in the port-channel description and mode for the port-channel. - ## The playbooks In this example, three playbooks are included, of which two must be used: diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/CONNECTED_ENDPOINTS.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/CONNECTED_ENDPOINTS/connected_endpoints.yml similarity index 74% rename from ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/CONNECTED_ENDPOINTS.yml rename to ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/CONNECTED_ENDPOINTS/connected_endpoints.yml index a7fe951dae4..78ae9be9d58 100644 --- a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/CONNECTED_ENDPOINTS.yml +++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/CONNECTED_ENDPOINTS/connected_endpoints.yml @@ -6,11 +6,11 @@ servers: # Definition of adapters on the server. adapters: # Name of the server interfaces that will be used in the description of each interface - - endpoint_ports: [ PCI1, PCI2 ] + - endpoint_ports: [PCI1, PCI2] # Device ports where the server ports are connected. - switch_ports: [ Ethernet5, Ethernet5 ] + switch_ports: [Ethernet5, Ethernet5] # Device names where the server ports are connected. - switches: [ dc1-leaf1a, dc1-leaf1b ] + switches: [dc1-leaf1a, dc1-leaf1b] # VLANs that will be configured on these ports. vlans: 11-12,21-22 # Native VLAN to be used on these ports. @@ -26,18 +26,18 @@ servers: # Port channel mode for LACP. mode: active - - endpoint_ports: [ iLO ] - switch_ports: [ Ethernet5 ] - switches: [ dc1-leaf1c ] + - endpoint_ports: [iLO] + switch_ports: [Ethernet5] + switches: [dc1-leaf1c] vlans: 11 mode: access spanning_tree_portfast: edge - name: dc1-leaf2-server1 adapters: - - endpoint_ports: [ PCI1, PCI2 ] - switch_ports: [ Ethernet5, Ethernet5 ] - switches: [ dc1-leaf2a, dc1-leaf2b ] + - endpoint_ports: [PCI1, PCI2] + switch_ports: [Ethernet5, Ethernet5] + switches: [dc1-leaf2a, dc1-leaf2b] vlans: 11-12,21-22 native_vlan: 4092 mode: trunk @@ -45,9 +45,9 @@ servers: port_channel: mode: active - - endpoint_ports: [ iLO ] - switch_ports: [ Ethernet5 ] - switches: [ dc1-leaf2c ] + - endpoint_ports: [iLO] + switch_ports: [Ethernet5] + switches: [dc1-leaf2c] vlans: 11 mode: access spanning_tree_portfast: edge diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1/dc1.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1/dc1.yml new file mode 100644 index 00000000000..111bff05815 --- /dev/null +++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1/dc1.yml @@ -0,0 +1,3 @@ +--- +# Default gateway used for the management interface +mgmt_gateway: 172.16.1.1 diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L2_LEAVES.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L2_LEAVES.yml deleted file mode 100644 index 327c882d1e7..00000000000 --- a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L2_LEAVES.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -type: l2leaf diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L2_LEAVES/l2_leaves.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L2_LEAVES/l2_leaves.yml new file mode 100644 index 00000000000..f5332ee71ce --- /dev/null +++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L2_LEAVES/l2_leaves.yml @@ -0,0 +1,23 @@ +--- +type: l2leaf + +l2leaf: + defaults: + platform: vEOS-lab + spanning_tree_mode: mstp + + node_groups: + - group: DC1_L2_LEAF1 + uplink_switches: [dc1-leaf1a, dc1-leaf1b] + nodes: + - name: dc1-leaf1c + id: 1 + mgmt_ip: 172.16.1.151/24 + uplink_switch_interfaces: [Ethernet8, Ethernet8] + - group: DC1_L2_LEAF2 + uplink_switches: [dc1-leaf2a, dc1-leaf2b] + nodes: + - name: dc1-leaf2c + id: 2 + mgmt_ip: 172.16.1.152/24 + uplink_switch_interfaces: [Ethernet8, Ethernet8] diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L3_LEAVES.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L3_LEAVES.yml deleted file mode 100644 index 2f6d52d1ce7..00000000000 --- a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L3_LEAVES.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -type: l3leaf diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L3_LEAVES/l3_leaves.yml similarity index 52% rename from ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1.yml rename to ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L3_LEAVES/l3_leaves.yml index c0028a7f411..a5ddd22ccca 100644 --- a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1.yml +++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_L3_LEAVES/l3_leaves.yml @@ -1,31 +1,5 @@ --- -# Default gateway used for the management interface -mgmt_gateway: 172.16.1.1 - -# Spine switch group -spine: - # Definition of default values that will be configured to all nodes defined in this group - defaults: - # Set the relevant platform as each platform has different default values in Ansible AVD - platform: vEOS-lab - # Pool of IPv4 addresses to configure interface Loopback0 used for BGP EVPN sessions - loopback_ipv4_pool: 10.255.0.0/27 - # ASN to be used by BGP - bgp_as: 65100 - - # Definition of nodes contained in this group. - # Specific configuration of device must take place under the node definition. Each node inherits all values defined under 'defaults' - nodes: - # Name of the node to be defined (must be consistent with definition in inventory) - - name: dc1-spine1 - # Device ID definition. An integer number used for internal calculations (ie. IPv4 address of the loopback_ipv4_pool among others) - id: 1 - # Management IP to be assigned to the management interface - mgmt_ip: 172.16.1.11/24 - - - name: dc1-spine2 - id: 2 - mgmt_ip: 172.16.1.12/24 +type: l3leaf # L3 Leaf switch group l3leaf: @@ -53,7 +27,7 @@ l3leaf: spanning_tree_priority: 4096 spanning_tree_mode: mstp - # If two nodes (and only two) are in the same node_group, they will automatically form an MLAG pair +# If two nodes (and only two) are in the same node_group, they will automatically form an MLAG pair node_groups: # Definition of a node group that will include two devices in MLAG. # Definitions under the group will be inherited by both nodes in the group @@ -67,55 +41,19 @@ l3leaf: mgmt_ip: 172.16.1.101/24 # Definition of the port to be used in the uplink device facing this device. # Note that the number of elements in this list must match the length of 'uplink_switches' as well as 'uplink_interfaces' - uplink_switch_interfaces: - - Ethernet1 - - Ethernet1 + uplink_switch_interfaces: [Ethernet1, Ethernet1] - name: dc1-leaf1b id: 2 mgmt_ip: 172.16.1.102/24 - uplink_switch_interfaces: - - Ethernet2 - - Ethernet2 - + uplink_switch_interfaces: [Ethernet2, Ethernet2] - group: DC1_L3_LEAF2 bgp_as: 65102 nodes: - name: dc1-leaf2a id: 3 mgmt_ip: 172.16.1.103/24 - uplink_switch_interfaces: - - Ethernet3 - - Ethernet3 + uplink_switch_interfaces: [Ethernet3, Ethernet3] - name: dc1-leaf2b id: 4 mgmt_ip: 172.16.1.104/24 - uplink_switch_interfaces: - - Ethernet4 - - Ethernet4 - -# L2 Leaf switch group -l2leaf: - defaults: - platform: vEOS-lab - spanning_tree_mode: mstp - - node_groups: - - group: DC1_L2_LEAF1 - uplink_switches: ['dc1-leaf1a', 'dc1-leaf1b'] - nodes: - - name: dc1-leaf1c - id: 1 - mgmt_ip: 172.16.1.151/24 - uplink_switch_interfaces: - - Ethernet8 - - Ethernet8 - - - group: DC1_L2_LEAF2 - uplink_switches: ['dc1-leaf2a', 'dc1-leaf2b'] - nodes: - - name: dc1-leaf2c - id: 2 - mgmt_ip: 172.16.1.152/24 - uplink_switch_interfaces: - - Ethernet8 - - Ethernet8 + uplink_switch_interfaces: [Ethernet4, Ethernet4] diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_SPINES.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_SPINES.yml deleted file mode 100644 index ea38f466bf5..00000000000 --- a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_SPINES.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -type: spine diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_SPINES/spines.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_SPINES/spines.yml new file mode 100644 index 00000000000..188a0514c3f --- /dev/null +++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/DC1_SPINES/spines.yml @@ -0,0 +1,25 @@ +--- +type: spine + +spine: + # Define variables for all nodes of this type + defaults: + # Set the relevant platform as each platform has different default values in Ansible AVD + # Arista platform family <- from the documentation page https://avd.arista.com/5.1/roles/eos_designs/docs/input-variables.html#node-type-settings TOREVISE + platform: vEOS-lab + # Pool of IPv4 addresses to configure interface Loopback0 used for BGP EVPN sessions + loopback_ipv4_pool: 10.255.0.0/27 + # Autonous System Number for BGP + bgp_as: 65100 + # Define variables per node + nodes: + # The Node Name is used as "hostname" + - name: dc1-spine1 + # Unique identifier used for IP addressing and other algorithms + id: 1 + # Node management interface IPv4 address + mgmt_ip: 172.16.1.11/24 + + - name: dc1-spine2 + id: 2 + mgmt_ip: 172.16.1.12/24 diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/FABRIC/fabric_ansible_connectivity.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/FABRIC/fabric_ansible_connectivity.yml new file mode 100644 index 00000000000..0c049d00ddd --- /dev/null +++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/FABRIC/fabric_ansible_connectivity.yml @@ -0,0 +1,14 @@ +--- +# Ansible connectivity definitions +# eAPI connectivity via HTTPS is specified (as opposed to CLI via SSH) +ansible_connection: ansible.netcommon.httpapi +# Specifies that we are indeed using Arista EOS +ansible_network_os: arista.eos.eos +# This user/password must exist on the switches to enable Ansible access +ansible_user: ansible +ansible_password: ansible +# User escalation (to enter enable mode) +ansible_become: true +ansible_become_method: enable +ansible_httpapi_use_ssl: true +ansible_httpapi_validate_certs: false diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/FABRIC.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/FABRIC/fabric_variables.yml similarity index 65% rename from ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/FABRIC.yml rename to ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/FABRIC/fabric_variables.yml index 01a07191d04..652d26a8049 100644 --- a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/FABRIC.yml +++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/FABRIC/fabric_variables.yml @@ -1,20 +1,4 @@ --- -# Ansible connectivity definitions -# eAPI connectivity via HTTPS is specified (as opposed to CLI via SSH) -ansible_connection: ansible.netcommon.httpapi -# Specifies that we are indeed using Arista EOS -ansible_network_os: arista.eos.eos -# This user/password must exist on the switches to enable Ansible access -ansible_user: ansible -ansible_password: ansible -# User escalation (to enter enable mode) -ansible_become: true -ansible_become_method: enable -# Use SSL (HTTPS) -ansible_httpapi_use_ssl: true -# Do not try to validate certs -ansible_httpapi_validate_certs: false - # Common AVD group variables fabric_name: FABRIC @@ -57,18 +41,18 @@ p2p_uplinks_mtu: 1500 # Set default uplink, downlink, and MLAG interfaces based on node type default_interfaces: - - types: [ spine ] - platforms: [ default ] - uplink_interfaces: [ Ethernet1-2 ] - downlink_interfaces: [ Ethernet1-8 ] - - types: [ l3leaf ] - platforms: [ default ] - uplink_interfaces: [ Ethernet1-2 ] - mlag_interfaces: [ Ethernet3-4 ] - downlink_interfaces: [ Ethernet8 ] - - types: [ l2leaf ] - platforms: [ default ] - uplink_interfaces: [ Ethernet1-2 ] + - types: [spine] + platforms: [default] + uplink_interfaces: [Ethernet1-2] + downlink_interfaces: [Ethernet1-8] + - types: [l3leaf] + platforms: [default] + uplink_interfaces: [Ethernet1-2] + mlag_interfaces: [Ethernet3-4] + downlink_interfaces: [Ethernet8] + - types: [l2leaf] + platforms: [default] + uplink_interfaces: [Ethernet1-2] # CloudVision Portal definitions cvp_instance_ips: diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/NETWORK_SERVICES.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/NETWORK_SERVICES/network_services.yml similarity index 100% rename from ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/NETWORK_SERVICES.yml rename to ansible_collections/arista/avd/examples/single-dc-l3ls/group_vars/NETWORK_SERVICES/network_services.yml diff --git a/ansible_collections/arista/avd/examples/single-dc-l3ls/inventory_without_ip.yml b/ansible_collections/arista/avd/examples/single-dc-l3ls/inventory_without_ip.yml new file mode 100644 index 00000000000..878c712b3e1 --- /dev/null +++ b/ansible_collections/arista/avd/examples/single-dc-l3ls/inventory_without_ip.yml @@ -0,0 +1,43 @@ +--- +all: + children: + CLOUDVISION: # (1)! + hosts: + cvp: + ansible_httpapi_host: cvp + ansible_host: cvp + ansible_user: ansible + ansible_password: ansible + ansible_connection: httpapi + ansible_httpapi_use_ssl: true + ansible_httpapi_validate_certs: false + ansible_network_os: eos + ansible_python_interpreter: $(which python3) + + FABRIC: + children: + DC1: + children: + DC1_SPINES: + hosts: + dc1-spine1: + dc1-spine2: + DC1_L3_LEAVES: + hosts: + dc1-leaf1a: + dc1-leaf1b: + dc1-leaf2a: + dc1-leaf2b: + DC1_L2_LEAVES: + hosts: + dc1-leaf1c: + dc1-leaf2c: + + NETWORK_SERVICES: # (2)! + children: + DC1_L3_LEAVES: + DC1_L2_LEAVES: + CONNECTED_ENDPOINTS: # (3)! + children: + DC1_L3_LEAVES: + DC1_L2_LEAVES: