eos_validate_state¶
Warning
Starting AVD 5.0.0, eos_validate_state
will use ANTA as backend, which will change the default behavior (same as setting use_anta: true
in older versions).
Please review the changes described on the ANTA integration page
Overview¶
eos_validate_state is a role leveraged to validate Arista EOS devices’ operational states.
eos_validate_state role:
- Consumes structured EOS configuration file, the same input as the role eos_cli_config_gen. This input is considered the system of record (the desired state).
- Connects to EOS devices to collect operational states (actual state). This requires access to the configured devices.
- Compares the actual states against the desired state.
- Generates CSV and Markdown reports of the results.
Role Inputs and Outputs¶
Figure 1 below provides a visualization of the role’s inputs, outputs, and tasks in order executed by the role.
Inputs:
- Device structured configuration generated by abstraction role.
- Device state with
eos_command
module. - CSV report, leveraged to generate Markdown summary report.
Outputs:
- CSV report.
- Markdown summary report.
Tasks:
- Include device structured configuration.
-
Collect and assert device state:
- (hardware) Validate environment (power supplies status).
- (hardware) Validate environment (fan status).
- (hardware) Validate environment (temperature).
- (hardware) Validate transceivers manufacturer.
- (NTP) Validate NTP status.
- (interface_state) Validate Ethernet interfaces admin and operational status.
- (interface_state) Validate Port-Channel interfaces admin and operational status.
- (interface_state) Validate VLAN interfaces admin and operational status.
- (interface_state) Validate VXLAN interfaces admin and operational status.
- (interface_state) Validate Loopback interfaces admin and operational status.
- (lldp_topology_fqdn) Validate LLDP topology when there is a domain name configured.
- (lldp_topology_no_fqdn) Validate LLDP topology when there is no domain name configured.
- (MLAG) Validate MLAG status.
- (ip_reachability) Validate IP reachability (on directly connected interfaces).
- (loopback_reachability) Validate loopback reachability (between devices).
- (bgp_check) Validate ArBGP is configured and operating.
- (bgp_check) Validate IP BGP and BGP EVPN sessions state.
- (reload_cause) Validate last reload cause. (Optional)
- (routing_table) Validate remote Lo0 addresses and remote Lo1 addresses are in the routing table (based on devices type).
-
Create CSV report.
- Read CSV file (leveraged to generate summary report).
- Create Markdown Summary report.
Default Variables¶
The following default variables are defined and can be modified as desired:
# configure playbook to ignore errors and continue testing.
eos_validate_state_validation_mode_loose: true
# Format for path to r/w reports. Sync with default values configured in arista.avd.build_output_folders
root_dir: '{{ inventory_dir }}'
eos_validate_state_name: 'reports'
eos_validate_state_dir: '{{ root_dir }}/{{ eos_validate_state_name }}'
# Reports name
eos_validate_state_md_report_path: '{{ eos_validate_state_dir }}/{{ fabric_name }}-state.md'
eos_validate_state_csv_report_path: '{{ eos_validate_state_dir }}/{{ fabric_name }}-state.csv'
# Markdown flavor to support non-text rendering
# Only support default and github
validate_state_markdown_flavor: "default"
# Fabric Name, required to match Ansible Group name covering all devices in the Fabric | Required and **must** be an inventory group name.
fabric_name: "all"
# Allow different manufacturers
accepted_xcvr_manufacturers: "{{ validation_role.xcvr_own_manufacturers | arista.avd.default(['Arastra, Inc.', 'Arista Networks']) }}"
# Allow different states for power supplies
accepted_pwr_supply_states: "{{ validation_role.pwr_supply_states | arista.avd.default(['ok']) }}"
# Allow different states for fans
accepted_fan_states: "{{ validation_role.fan_states | arista.avd.default(['ok']) }}"
# Generate CSV results file
validation_report_csv: "{{ validation_role.validation_report_csv | arista.avd.default(true) }}"
# Generate MD results file
validation_report_md: "{{ validation_role.validation_report_md | arista.avd.default(true) }}"
# Print only FAILED tests
only_failed_tests: "{{ validation_role.only_failed_tests | arista.avd.default(false) }}"
The variable fabric_name
is used to select the inventory group covering all devices in the report. This variable is also required for the role eos_designs
, but the user can set a name if this role is not used. The default value is all
pointing to the built-in inventory group all
. Therefore all devices in the inventory will be selected for the report.
The default accepted manufacturers are “Arastra, Inc.” and “Arista Networks.” If validation_role.xcvr_own_manufacturers
is set, it takes precedence and overrides the defined default variables.
By default, all fans and power supplies are expected to be in the ok
state. However chassis switches may intentionally be missing some fans or power supplies as they are not fully populated. In this case, validation_role.fan_states
and validation_role.pwr_supply_states
can be updated to include the notInserted
state, as per the example below to avoid failures on missing fans/power supplies.
Two user-defined variables control the generation of CSV and MD reports. These are validation_role.validation_report_csv
and validation_role.validation_report_md
respectively.
The variable validation_role.only_failed_tests is used to limit the number of tests shown in the reports. When set, all reports will only show failed tests.
Requirements¶
Requirements are located here: avd-requirements
Example Playbook¶
---
- name: validate states on EOS devices
hosts: DC1
connection: httpapi
gather_facts: false
collections:
- arista.avd
tasks:
- name: validate states on EOS devices
ansible.builtin.import_role:
name: arista.avd.eos_validate_state
Input example¶
inventory/inventory.ini¶
---
all:
children:
DC1:
children:
DC1_FABRIC:
children:
DC1_SPINES:
hosts:
switch2:
ansible_host: 10.83.28.190
DC1_L3LEAFS:
children:
DC1_LEAF1:
hosts:
switch1:
ansible_host: 10.83.28.216
DC1_LEAF2:
hosts:
switch3:
ansible_host: 10.83.28.191
inventory/group_vars/DC1.yml¶
ansible_user: 'arista'
ansible_password: 'arista'
ansible_network_os: eos
ansible_become: yes
ansible_become_method: enable
fabric_name: "DC1"
validation_mode_loose: true
validation_role:
xcvr_own_manufacturers:
- Manufacturer 1
- Manufacturer 2
pwr_supply_states:
- ok
- notInserted
fan_states:
- ok
- notInserted
inventory/intended/structured_configs/switch1.yml¶
router_bgp:
neighbors:
10.10.10.1:
remote_as: 65002
10.10.10.3:
remote_as: 65003
ethernet_interfaces:
Ethernet2:
peer: switch3
peer_interface: Ethernet4
ip_address: 10.10.10.2/31
type: routed
Ethernet5:
peer: switch2
peer_interface: Ethernet5
ip_address: 10.10.10.0/31
type: routed
mlag_configuration:
domain_id: MLAG12
local_interface: Vlan4094
peer_address: 172.16.12.1
peer_link: Port-Channel10
reload_delay_mlag: 300
reload_delay_non_mlag: 330
ntp_server:
local_interface:
vrf: MGMT
interface: Management1
nodes:
- 0.fr.pool.ntp.org
- 1.fr.pool.ntp.org
dns_domain: lab.local
Usage example¶
License¶
Project is published under Apache 2.0 License