Skip to content

eos_validate_state

Overview

eos_validate_state is a role leveraged to validate Arista EOS devices’ operational states.

eos_validate_state role:

  • Consumes structured EOS configuration file, the same input as the role eos_cli_config_gen. This input is considered the source of truth (the desired state).
  • Connects to EOS devices to collect operational states (actual state). This requires access to the configured devices.
  • Compares the actual states against the desired state.
  • Generates CSV and Markdown reports of the results.

Role Inputs and Outputs

Figure 1 below provides a visualization of the role’s inputs, outputs, and tasks in order executed by the role.

Figure 1: Ansible Role eos_validate_state Figure 1: Ansible Role eos_validate_state

Inputs:

  • Device structured configuration generated by abstraction role.
  • Device state with eos_command module.
  • CSV report, leveraged to generate Markdown summary report.

Outputs:

  • CSV report.
  • Markdown summary report.

Tasks:

  1. Include device structured configuration.

  2. Collect and assert device state:

    • (hardware) Validate environment (power supplies status).
    • (hardware) Validate environment (fan status).
    • (hardware) Validate environment (temperature).
    • (hardware) Validate transceivers manufacturer.
    • (NTP) Validate NTP status.
    • (interface_state) Validate Ethernet interfaces admin and operational status.
    • (interface_state) Validate Port-Channel interfaces admin and operational status.
    • (interface_state) Validate VLAN interfaces admin and operational status.
    • (interface_state) Validate VXLAN interfaces admin and operational status.
    • (interface_state) Validate Loopback interfaces admin and operational status.
    • (lldp_topology_fqdn) Validate LLDP topology when there is a domain name configured.
    • (lldp_topology_no_fqdn) Validate LLDP topology when there is no domain name configured.
    • (MLAG) Validate MLAG status.
    • (ip_reachability) Validate IP reachability (on directly connected interfaces).
    • (loopback_reachability) Validate loopback reachability (between devices).
    • (bgp_check) Validate ArBGP is configured and operating.
    • (bgp_check) Validate IP BGP and BGP EVPN sessions state.
    • (reload_cause) Validate last reload cause. (Optional)
    • (routing_table) Validate remote Lo0 addresses and remote Lo1 addresses are in the routing table (based on devices type).

  3. Create CSV report.

  4. Read CSV file (leveraged to generate summary report).
  5. Create Markdown Summary report.

Default Variables

The following default variables are defined and can be modified as desired:

# configure playbook to ingnore errors and continue testing.
eos_validate_state_validation_mode_loose: true

# Format for path to r/w reports. Sync with default values configured in arista.avd.build_output_folders
root_dir: '{{ inventory_dir }}'
eos_validate_state_name: 'reports'
eos_validate_state_dir: '{{ root_dir }}/{{ eos_validate_state_name }}'

# Reports name
eos_validate_state_md_report_path: '{{ eos_validate_state_dir }}/{{ fabric_name }}-state.md'
eos_validate_state_csv_report_path: '{{ eos_validate_state_dir }}/{{ fabric_name }}-state.csv'

# Markdown flavor to support non-text rendering
# Only support default and github
validate_state_markdown_flavor: "default"

# Fabric Name, required to match Ansible Group name covering all devices in the Fabric | Required and **must** be an inventory group name.
fabric_name: "all"

# Allow different manufacturers
accepted_xcvr_manufacturers: "{{ validation_role.xcvr_own_manufacturers | arista.avd.default(['Arastra, Inc.', 'Arista Networks']) }}"

# Allow different states for power supplies
accepted_pwr_supply_states: "{{ validation_role.pwr_supply_states | arista.avd.default(['ok']) }}"

# Allow different states for fans
accepted_fan_states: "{{ validation_role.fan_states | arista.avd.default(['ok']) }}"


# Generate CSV results file
validation_report_csv: "{{ validation_role.validation_report_csv | arista.avd.default(true) }}"

# Generate MD results file
validation_report_md: "{{ validation_role.validation_report_md | arista.avd.default(true) }}"

# Print only FAILED tests
only_failed_tests: "{{ validation_role.only_failed_tests | arista.avd.default(false) }}"

The variable fabric_name is used to select the inventory group covering all devices in the report. This variable is also required for the role eos_designs, but the user can set a name if this role is not used. The default value is all pointing to the built-in inventory group all. Therefore all devices in the inventory will be selected for the report.

The default accepted manufacturers are “Arastra, Inc.” and “Arista Networks.” If validation_role.xcvr_own_manufacturers is set, it takes precedence and overrides the defined default variables.

By default, all fans and power supplies are expected to be in the ok state. However chassis switches may intentionally be missing some fans or power supplies as they are not fully populated. In this case, validation_role.fan_states and validation_role.pwr_supply_states can be updated to include the notInserted state, as per the example below to avoid failures on missing fans/power supplies.

Two user-defined variables control the generation of CSV and MD reports. These are validation_role.validation_report_csv and validation_role.validation_report_md respectively.

The variable validation_role.only_failed_tests is used to limit the number of tests shown in the reports. When set, all reports will only show failed tests.

Requirements

Requirements are located here: avd-requirements

Example Playbook

---
- name: validate states on EOS devices
  hosts: DC1
  connection: httpapi
  gather_facts: false
  collections:
    - arista.avd

  tasks:

    - name: validate states on EOS devices
      ansible.builtin.import_role:
         name: arista.avd.eos_validate_state

Input example

inventory/inventory.ini

---
all:
  children:
    DC1:
      children:
        DC1_FABRIC:
          children:
            DC1_SPINES:
              hosts:
                switch2:
                  ansible_host: 10.83.28.190
            DC1_L3LEAFS:
              children:
                DC1_LEAF1:
                  hosts:
                    switch1:
                      ansible_host: 10.83.28.216
                DC1_LEAF2:
                  hosts:
                    switch3:
                      ansible_host: 10.83.28.191

inventory/group_vars/DC1.yml

ansible_user: 'arista'
ansible_password: 'arista'
ansible_network_os: eos
ansible_become: yes
ansible_become_method: enable

fabric_name: "DC1"

validation_mode_loose: true

validation_role:
  xcvr_own_manufacturers:
    - Manufacturer 1
    - Manufacturer 2
  pwr_supply_states:
    - ok
    - notInserted
  fan_states:
    - ok
    - notInserted

inventory/intended/structured_configs/switch1.yml

router_bgp:
  neighbors:
    10.10.10.1:
      remote_as: 65002
    10.10.10.3:
      remote_as: 65003

ethernet_interfaces:
  Ethernet2:
    peer: switch3
    peer_interface: Ethernet4
    ip_address: 10.10.10.2/31
    type: routed
  Ethernet5:
    peer: switch2
    peer_interface: Ethernet5
    ip_address: 10.10.10.0/31
    type: routed

mlag_configuration:
  domain_id: MLAG12
  local_interface: Vlan4094
  peer_address: 172.16.12.1
  peer_link: Port-Channel10
  reload_delay_mlag: 300
  reload_delay_non_mlag: 330

ntp_server:
  local_interface:
    vrf: MGMT
    interface: Management1
  nodes:
    - 0.fr.pool.ntp.org
    - 1.fr.pool.ntp.org

dns_domain: lab.local

Usage example

ansible-playbook playbooks/pb_validate_yml --inventory inventory/inventory.yml

License

Project is published under Apache 2.0 License

Last update: February 10, 2023