diff --git a/labs/NET_TESTING/Makefile b/labs/NET_TESTING/Makefile new file mode 100644 index 000000000..4cc018944 --- /dev/null +++ b/labs/NET_TESTING/Makefile @@ -0,0 +1,73 @@ +.PHONY: help +help: ## Display help message + @grep -E '^[0-9a-zA-Z_-]+\.*[0-9a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' + +######################################################## +# Site 1 +######################################################## + +.PHONY: ping-site-1 +ping-site-1: ## Ping Nodes + ansible-playbook playbooks/ping.yml -i sites/site_1/inventory.yml -e "target_hosts=SITE1_FABRIC" + +.PHONY: build-site-1 +build-site-1: ## Build Configs + ansible-playbook playbooks/build.yml -i sites/site_1/inventory.yml -e "target_hosts=SITE1_FABRIC" + +.PHONY: deploy-site-1 +deploy-site-1: ## Deploy Configs via eAPI + ansible-playbook playbooks/deploy.yml -i sites/site_1/inventory.yml -e "target_hosts=SITE1_FABRIC" + +.PHONY: validate-site-1 +validate-site-1: ## Validate network state + ansible-playbook playbooks/validate.yml -i sites/site_1/inventory.yml -e "target_hosts=SITE1_FABRIC" + +.PHONY: cvp-site-1 +cvp-site-1: ## Deploy Configs via eAPI + ansible-playbook playbooks/cvp1.yml -i sites/site_1/inventory.yml + +######################################################## +# Site 2 +######################################################## + +.PHONY: ping-site-2 +ping-site-2: ## Ping Nodes + ansible-playbook playbooks/ping.yml -i sites/site_2/inventory.yml -e "target_hosts=SITE2_FABRIC" + +.PHONY: build-site-2 +build-site-2: ## Build Configs + ansible-playbook playbooks/build.yml -i sites/site_2/inventory.yml -e "target_hosts=SITE2_FABRIC" + +.PHONY: deploy-site-2 +deploy-site-2: ## Deploy Configs via eAPI + ansible-playbook playbooks/deploy.yml -i sites/site_2/inventory.yml -e "target_hosts=SITE2_FABRIC" + +.PHONY: validate-site-2 +validate-site-2: ## Validate network state + ansible-playbook playbooks/validate.yml -i sites/site_2/inventory.yml -e "target_hosts=SITE2_FABRIC" + +.PHONY: cvp-site-2 +cvp-site-2: ## Deploy Configs via eAPI + ansible-playbook playbooks/cvp2.yml -i sites/site_2/inventory.yml + +######################################################## +# WAN & Hosts - Lab Prep +######################################################## + +.PHONY: preplab +preplab: ## Deploy Configs via eAPI + ansible-playbook playbooks/preplab.yml -i extra_configs/inventory.yml -e "target_hosts=LAB" + +######################################################## +# ANTA COMMANDS +######################################################## + + +.PHONY: anta-inv-site-1 +anta-inv-site-1: ## Generate ANTA Inventory + anta get from-ansible --ansible-inventory sites/site_1/inventory.yml -g SITE1_FABRIC -o sites/site_1/anta_inventory.yml + +.PHONY: anta-inv-site-2 +anta-inv-site-2: ## Generate ANTA Inventory + anta get from-ansible --ansible-inventory sites/site_2/inventory.yml -g SITE2_FABRIC -o sites/site_2/anta_inventory.yml + diff --git a/labs/NET_TESTING/ansible.cfg b/labs/NET_TESTING/ansible.cfg new file mode 100644 index 000000000..8ec730b25 --- /dev/null +++ b/labs/NET_TESTING/ansible.cfg @@ -0,0 +1,55 @@ +[defaults] + +# Disable host key checking by the underlying tools Ansible uses to connect to target hosts +host_key_checking = False + +# Location of inventory file containing target hosts +# inventory = ./inventory/inventory.yml + +# Only gather Ansible facts if explicity directed to in a given play +gathering = explicit + +# Disable the creation of .retry files if a playbook fails +retry_files_enabled = False + +# Path(s) to search for installed Ansible Galaxy Collections +collections_paths = ~/.ansible/collections + +# Enable additional Jinja2 Extensions (https://jinja.palletsprojects.com/en/3.1.x/extensions/) +jinja2_extensions = jinja2.ext.loopcontrols,jinja2.ext.do,jinja2.ext.i18n + +# Enable the YAML callback plugin, providing much easier to read terminal output. (https://docs.ansible.com/ansible/latest/plugins/callback.html#callback-plugins) +stdout_callback = yaml + +# Permit the use of callback plugins when running ad-hoc commands +bin_ansible_callbacks = True + +# List of enabled callbacks. Many callbacks shipped with Ansible are not enabled by default +callbacks_enabled = profile_roles, profile_tasks, timer + +# Maximum number of forks that Ansible will use to execute tasks on target hosts +forks = 15 + +# Disable cowsay (Why?) +nocows = True + +# Disable deprecation warnings, more readable output +deprecation_warnings = False + +#enable global vars +vars_plugins_enabled = arista.avd.global_vars, host_group_vars + +#define global vars path +[vars_global_vars] +paths = ../../global_vars + +[paramiko_connection] +# Automatically add the keys of target hosts to known hosts +host_key_auto_add = True + +[persistent_connection] +# Set the amount of time, in seconds, to wait for response from remote device before timing out persistent connection. +command_timeout = 60 + +# Set the amount of time, in seconds, that a persistent connection will remain idle before it is destroyed. +connect_timeout = 60 diff --git a/labs/NET_TESTING/extra_configs/inventory.yml b/labs/NET_TESTING/extra_configs/inventory.yml new file mode 100644 index 000000000..c37e02e56 --- /dev/null +++ b/labs/NET_TESTING/extra_configs/inventory.yml @@ -0,0 +1,11 @@ +--- +LAB: + hosts: + s1-core1: + s1-core2: + s1-host1: + s1-host2: + s2-core1: + s2-core2: + s2-host1: + s2-host2: diff --git a/labs/NET_TESTING/extra_configs/s1-core1.cfg b/labs/NET_TESTING/extra_configs/s1-core1.cfg new file mode 100644 index 000000000..b4aab4442 --- /dev/null +++ b/labs/NET_TESTING/extra_configs/s1-core1.cfg @@ -0,0 +1,57 @@ +! Command: show running-config +! device: s1-core1 (cEOSLab, EOS-4.29.0.2F-29226602.42902F (engineering build)) +! +no aaa root +! +transceiver qsfp default-mode 4x10G +! +service routing protocols model multi-agent +! +hostname s1-core1 +dns domain atd.lab +! +spanning-tree mode mstp +! +management api http-commands + no shutdown +! +vlan 1000 + name dci +! +radius-server host 192.168.0.1 key 7 0207165218120E +! +aaa group server radius atds + server 192.168.0.1 +! +aaa authentication login default group atds local +aaa authorization exec default group atds local +aaa authorization commands all default local +! +interface Ethernet1 + shutdown +! +interface Ethernet2 + switchport + switchport mode access + switchport access vlan 1000 +! +interface Ethernet3 + shutdown +! +interface Ethernet4 + switchport + switchport mode access + switchport access vlan 1000 +! +interface Ethernet6 + shutdown +! +interface Management0 + ip address 192.168.0.102/24 +! +ip routing +! +ntp server 192.168.0.1 iburst source Management0 +! +ip radius source-interface Management0 +! diff --git a/labs/NET_TESTING/extra_configs/s1-core2.cfg b/labs/NET_TESTING/extra_configs/s1-core2.cfg new file mode 100644 index 000000000..6f6696062 --- /dev/null +++ b/labs/NET_TESTING/extra_configs/s1-core2.cfg @@ -0,0 +1,57 @@ +! Command: show running-config +! device: s1-core2 (cEOSLab, EOS-4.29.0.2F-29226602.42902F (engineering build)) +! +no aaa root +! +transceiver qsfp default-mode 4x10G +! +service routing protocols model multi-agent +! +hostname s1-core2 +dns domain atd.lab +! +spanning-tree mode mstp +! +management api http-commands + no shutdown +! +vlan 1000 + name dci +! +radius-server host 192.168.0.1 key 7 0207165218120E +! +aaa group server radius atds + server 192.168.0.1 +! +aaa authentication login default group atds local +aaa authorization exec default group atds local +aaa authorization commands all default local +! +interface Ethernet1 + shutdown +! +interface Ethernet2 + shutdown +! +interface Ethernet3 + switchport + switchport mode access + switchport access vlan 1000 +! +interface Ethernet4 + switchport + switchport mode access + switchport access vlan 1000 +! +interface Ethernet6 + shutdown +! +interface Management0 + ip address 192.168.0.103/24 +! +ip routing +! +ntp server 192.168.0.1 iburst source Management0 +! +ip radius source-interface Management0 +! diff --git a/labs/NET_TESTING/extra_configs/s1-host1.cfg b/labs/NET_TESTING/extra_configs/s1-host1.cfg new file mode 100644 index 000000000..6d12478e9 --- /dev/null +++ b/labs/NET_TESTING/extra_configs/s1-host1.cfg @@ -0,0 +1,16 @@ +!----------------------------------------- +! s1-host1 - Lab config +!----------------------------------------- +! +interface Port-Channel1 + no switchport + ip address 10.10.10.100/24 +! +interface Ethernet1 + channel-group 1 mode active +! +interface Ethernet2 + channel-group 1 mode active +! +ip route 10.0.0.0/8 10.10.10.1 +! diff --git a/labs/NET_TESTING/extra_configs/s1-host2.cfg b/labs/NET_TESTING/extra_configs/s1-host2.cfg new file mode 100644 index 000000000..ff42c979a --- /dev/null +++ b/labs/NET_TESTING/extra_configs/s1-host2.cfg @@ -0,0 +1,16 @@ +!----------------------------------------- +! s1-host2 - Lab config +!----------------------------------------- +! +interface Port-Channel1 + no switchport + ip address 10.20.20.100/24 +! +interface Ethernet1 + channel-group 1 mode active +! +interface Ethernet2 + channel-group 1 mode active +! +ip route 10.0.0.0/8 10.20.20.1 +! diff --git a/labs/NET_TESTING/extra_configs/s2-core1.cfg b/labs/NET_TESTING/extra_configs/s2-core1.cfg new file mode 100644 index 000000000..0c86de045 --- /dev/null +++ b/labs/NET_TESTING/extra_configs/s2-core1.cfg @@ -0,0 +1,57 @@ +! Command: show running-config +! device: s2-core1 (cEOSLab, EOS-4.29.0.2F-29226602.42902F (engineering build)) +! +no aaa root +! +transceiver qsfp default-mode 4x10G +! +service routing protocols model multi-agent +! +hostname s2-core1 +dns domain atd.lab +! +spanning-tree mode mstp +! +management api http-commands + no shutdown +! +vlan 1000 + name dci +! +radius-server host 192.168.0.1 key 7 0207165218120E +! +aaa group server radius atds + server 192.168.0.1 +! +aaa authentication login default group atds local +aaa authorization exec default group atds local +aaa authorization commands all default local +! +interface Ethernet1 + shutdown +! +interface Ethernet2 + switchport + switchport mode access + switchport access vlan 1000 +! +interface Ethernet3 + shutdown +! +interface Ethernet4 + switchport + switchport mode access + switchport access vlan 1000 +! +interface Ethernet6 + shutdown +! +interface Management0 + ip address 192.168.0.202/24 +! +ip routing +! +ntp server 192.168.0.1 iburst source Management0 +! +ip radius source-interface Management0 +! diff --git a/labs/NET_TESTING/extra_configs/s2-core2.cfg b/labs/NET_TESTING/extra_configs/s2-core2.cfg new file mode 100644 index 000000000..ea7c147b6 --- /dev/null +++ b/labs/NET_TESTING/extra_configs/s2-core2.cfg @@ -0,0 +1,57 @@ +! Command: show running-config +! device: s2-core2 (cEOSLab, EOS-4.29.0.2F-29226602.42902F (engineering build)) +! +no aaa root +! +transceiver qsfp default-mode 4x10G +! +service routing protocols model multi-agent +! +hostname s2-core2 +dns domain atd.lab +! +spanning-tree mode mstp +! +management api http-commands + no shutdown +! +vlan 1000 + name dci +! +radius-server host 192.168.0.1 key 7 0207165218120E +! +aaa group server radius atds + server 192.168.0.1 +! +aaa authentication login default group atds local +aaa authorization exec default group atds local +aaa authorization commands all default local +! +interface Ethernet1 + shutdown +! +interface Ethernet2 + shutdown +! +interface Ethernet3 + switchport + switchport mode access + switchport access vlan 1000 +! +interface Ethernet4 + switchport + switchport mode access + switchport access vlan 1000 +! +interface Ethernet6 + shutdown +! +interface Management0 + ip address 192.168.0.203/24 +! +ip routing +! +ntp server 192.168.0.1 iburst source Management0 +! +ip radius source-interface Management0 +! diff --git a/labs/NET_TESTING/extra_configs/s2-host1.cfg b/labs/NET_TESTING/extra_configs/s2-host1.cfg new file mode 100644 index 000000000..bf6bf2678 --- /dev/null +++ b/labs/NET_TESTING/extra_configs/s2-host1.cfg @@ -0,0 +1,16 @@ +!----------------------------------------- +! s2-host1 - Lab config +!----------------------------------------- +! +interface Port-Channel1 + no switchport + ip address 10.10.10.200/24 +! +interface Ethernet1 + channel-group 1 mode active +! +interface Ethernet2 + channel-group 1 mode active +! +ip route 10.0.0.0/8 10.10.10.1 +! diff --git a/labs/NET_TESTING/extra_configs/s2-host2.cfg b/labs/NET_TESTING/extra_configs/s2-host2.cfg new file mode 100644 index 000000000..8f602ef13 --- /dev/null +++ b/labs/NET_TESTING/extra_configs/s2-host2.cfg @@ -0,0 +1,16 @@ +!----------------------------------------- +! s2-host2 - Lab config +!----------------------------------------- +! +interface Port-Channel1 + no switchport + ip address 10.20.20.200/24 +! +interface Ethernet1 + channel-group 1 mode active +! +interface Ethernet2 + channel-group 1 mode active +! +ip route 10.0.0.0/8 10.20.20.1 +! diff --git a/labs/NET_TESTING/global_vars/global_dc_vars.yml b/labs/NET_TESTING/global_vars/global_dc_vars.yml new file mode 100644 index 000000000..7b1d8edc0 --- /dev/null +++ b/labs/NET_TESTING/global_vars/global_dc_vars.yml @@ -0,0 +1,118 @@ +--- + +# Credentials for CVP and EOS Switches +ansible_user: arista +ansible_password: "{{ lookup('env', 'LABPASSPHRASE') }}" +ansible_network_os: arista.eos.eos +# Configure privilege escalation +ansible_become: true +ansible_become_method: enable +# HTTPAPI configuration +ansible_connection: httpapi +ansible_httpapi_port: 443 +ansible_httpapi_use_ssl: true +ansible_httpapi_validate_certs: false +ansible_python_interpreter: $(which python3) +avd_data_conversion_mode: error +avd_data_validation_mode: error + +# CVP node variables +cv_collection: v3 +execute_tasks: true + +# Local Users +local_users: + - name: arista + privilege: 15 + role: network-admin + sha512_password: "{{ ansible_password | password_hash('sha512', salt='arista') }}" + ssh_key: "{{ lookup('ansible.builtin.file', '~/.ssh/id_rsa.pub') }}" + +# AAA +aaa_authorization: + exec: + default: local + +# OOB Management network default gateway. +mgmt_gateway: 192.168.0.1 +mgmt_interface_vrf: default + +# NTP Servers IP or DNS name, first NTP server will be preferred, and sourced from Management VRF +ntp: + servers: + - name: 192.168.0.1 + iburst: true + local_interface: Management0 + +# Domain/DNS +dns_domain: atd.lab + +# TerminAttr +daemon_terminattr: + # Address of the gRPC server on CloudVision + # TCP 9910 is used on on-prem + # TCP 443 is used on CV as a Service + cvaddrs: # For single cluster + - 192.168.0.5:9910 + # Authentication scheme used to connect to CloudVision + cvauth: + method: token + token_file: "/tmp/token" + # Exclude paths from Sysdb on the ingest side + ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent + # Exclude paths from the shared memory table + smashexcludes: ale,flexCounter,hardware,kni,pulse,strata + +# Point to Point Links MTU Override for Lab +p2p_uplinks_mtu: 1500 + +# Set IPv4 Underlay Routing and EVPN Overlay Routing to use eBGP +underlay_routing_protocol: ebgp +overlay_routing_protocol: ebgp + +# Configure password authentication for BGP peerings +bgp_peer_groups: + evpn_overlay_peers: + password: Q4fqtbqcZ7oQuKfuWtNGRQ== + ipv4_underlay_peers: + password: 7x4B4rnJhZB438m9+BrBfQ== + mlag_ipv4_underlay_peer: + password: 4b21pAdCvWeAqpcKDFMdWw== + +# Add a logging server to both our sites to sastify compliance +# logging: +# buffered: +# size: 8000 +# level: notifications +# trap: debugging +# vrfs: +# - name: "default" +# source_interface: "Management0" +# hosts: +# - name: 10.100.100.100 +# protocol: udp + +# # L3 Edge port definitions. This can be any port in the entire Fabric, where IP interfaces are defined. +l3_edge: + # Define a new IP pool that will be used to assign IP addresses to L3 Edge interfaces. + p2p_links_ip_pools: + - name: S1_to_S2_IP_pool + ipv4_pool: 172.16.255.0/24 + # Define a new link profile which will match the IP pool, the used ASNs and include the defined interface into underlay routing + p2p_links_profiles: + - name: S1_to_S2_profile + ip_pool: S1_to_S2_IP_pool + as: [ 65103, 65203 ] + include_in_underlay_protocol: true + # Define each P2P L3 link and link the nodes, the interfaces and the profile used. + p2p_links: + - id: 1 + nodes: [ s1-brdr1, s2-brdr1 ] + interfaces: [ Ethernet4, Ethernet4 ] + profile: S1_to_S2_profile + - id: 2 + nodes: [ s1-brdr2, s2-brdr2 ] + interfaces: [ Ethernet5, Ethernet5 ] + profile: S1_to_S2_profile + + diff --git a/labs/NET_TESTING/playbooks/build.yml b/labs/NET_TESTING/playbooks/build.yml new file mode 100644 index 000000000..958d097b7 --- /dev/null +++ b/labs/NET_TESTING/playbooks/build.yml @@ -0,0 +1,14 @@ +--- +- name: Build Switch configuration + hosts: "{{ target_hosts }}" + gather_facts: false + + tasks: + + - name: Generate Structured Variables per Device + ansible.builtin.import_role: + name: arista.avd.eos_designs + + - name: Generate Intended Config and Documentation + ansible.builtin.import_role: + name: arista.avd.eos_cli_config_gen diff --git a/labs/NET_TESTING/playbooks/cvp1.yml b/labs/NET_TESTING/playbooks/cvp1.yml new file mode 100644 index 000000000..27ef13ff8 --- /dev/null +++ b/labs/NET_TESTING/playbooks/cvp1.yml @@ -0,0 +1,14 @@ +--- +- name: Build Switch configuration + hosts: cvp + gather_facts: false + + tasks: + + - name: Generate Intended Config and Documentation + ansible.builtin.import_role: + name: arista.avd.eos_config_deploy_cvp + vars: + container_root: 'SITE1_FABRIC' + configlets_prefix: 'AVD' + state: present diff --git a/labs/NET_TESTING/playbooks/cvp2.yml b/labs/NET_TESTING/playbooks/cvp2.yml new file mode 100644 index 000000000..96c244631 --- /dev/null +++ b/labs/NET_TESTING/playbooks/cvp2.yml @@ -0,0 +1,14 @@ +--- +- name: Build Switch configuration + hosts: cvp + gather_facts: false + + tasks: + + - name: Generate Intended Config and Documentation + ansible.builtin.import_role: + name: arista.avd.eos_config_deploy_cvp + vars: + container_root: 'SITE2_FABRIC' + configlets_prefix: 'AVD' + state: present diff --git a/labs/NET_TESTING/playbooks/deploy.yml b/labs/NET_TESTING/playbooks/deploy.yml new file mode 100644 index 000000000..a0a06322d --- /dev/null +++ b/labs/NET_TESTING/playbooks/deploy.yml @@ -0,0 +1,10 @@ +--- +- name: Deploy Switch configuration + hosts: "{{ target_hosts }}" + gather_facts: false + + tasks: + + - name: Deploy Configuration to Device + ansible.builtin.import_role: + name: arista.avd.eos_config_deploy_eapi diff --git a/labs/NET_TESTING/playbooks/ping.yml b/labs/NET_TESTING/playbooks/ping.yml new file mode 100644 index 000000000..357bbfced --- /dev/null +++ b/labs/NET_TESTING/playbooks/ping.yml @@ -0,0 +1,15 @@ +--- +- name: Test Connectivity to Lab Nodes + hosts: "{{ target_hosts }}" + connection: local + gather_facts: false + + tasks: + + - name: Import Global Vars + ansible.builtin.include_vars: "{{ item }}" + with_items: + - "../global_vars/global_dc_vars.yml" + + - name: Ping Hosts + ping: diff --git a/labs/NET_TESTING/playbooks/preplab.yml b/labs/NET_TESTING/playbooks/preplab.yml new file mode 100644 index 000000000..3d7ad9db4 --- /dev/null +++ b/labs/NET_TESTING/playbooks/preplab.yml @@ -0,0 +1,16 @@ +--- +- name: Deploy WAN & Host configurations + hosts: "{{ target_hosts }}" + gather_facts: false + + tasks: + + - name: Import Global Vars + ansible.builtin.include_vars: "{{ item }}" + with_items: + - "../global_vars/global_dc_vars.yml" + + - name: load configuration from file + arista.eos.eos_config: + src: ../extra_configs/{{inventory_hostname}}.cfg + replace: line diff --git a/labs/NET_TESTING/playbooks/validate.yml b/labs/NET_TESTING/playbooks/validate.yml new file mode 100644 index 000000000..62c61daf1 --- /dev/null +++ b/labs/NET_TESTING/playbooks/validate.yml @@ -0,0 +1,15 @@ +--- +- name: Validate Network State + hosts: "{{ target_hosts }}" + connection: httpapi + gather_facts: false + + tasks: + + - name: validate states on EOS devices + ansible.builtin.import_role: + name: arista.avd.eos_validate_state + # vars: + # use_anta: true + # save_catalog: true + # eos_validate_state_md_report_path: "{{ eos_validate_state_dir }}/{{ fabric_name }}-state-anta.md" diff --git a/labs/NET_TESTING/sites/site_1/custom_anta_catalogs/SITE1_FABRIC.yml b/labs/NET_TESTING/sites/site_1/custom_anta_catalogs/SITE1_FABRIC.yml new file mode 100644 index 000000000..d28afa190 --- /dev/null +++ b/labs/NET_TESTING/sites/site_1/custom_anta_catalogs/SITE1_FABRIC.yml @@ -0,0 +1,12 @@ +########################################################### +# ------------------- Logging Tests --------------------- # +########################################################### +# anta.tests.logging: +# - VerifyLoggingHosts: +# hosts: +# - 10.100.100.100 +# vrf: default + +# - VerifyLoggingSourceIntf: +# interface: Management0 +# vrf: default diff --git a/labs/NET_TESTING/sites/site_1/custom_anta_catalogs/SITE1_SPINES.yml b/labs/NET_TESTING/sites/site_1/custom_anta_catalogs/SITE1_SPINES.yml new file mode 100644 index 000000000..b1f5b657b --- /dev/null +++ b/labs/NET_TESTING/sites/site_1/custom_anta_catalogs/SITE1_SPINES.yml @@ -0,0 +1,8 @@ +########################################################## +# -------------------- System Tests -------------------- # +########################################################## + +# anta.tests.system: +# - VerifyCPUUtilization: +# - VerifyMemoryUtilization: +# - VerifyFileSystemUtilization: diff --git a/labs/NET_TESTING/sites/site_1/group_vars/SITE1_CONNECTED_ENDPOINTS.yml b/labs/NET_TESTING/sites/site_1/group_vars/SITE1_CONNECTED_ENDPOINTS.yml new file mode 100644 index 000000000..f91fda3b1 --- /dev/null +++ b/labs/NET_TESTING/sites/site_1/group_vars/SITE1_CONNECTED_ENDPOINTS.yml @@ -0,0 +1,45 @@ +--- +port_profiles: + + - profile: PP-VLAN10 + mode: "access" + vlans: "10" + spanning_tree_portfast: edge + - profile: PP-VLAN20 + mode: "access" + vlans: "20" + spanning_tree_portfast: edge + +########################################################### +# ---------------- Endpoint Connectivity ---------------- # +########################################################### + +servers: + +# --------------------------------------------------------# +# Site1 RACK1 Endpoints +# --------------------------------------------------------# + + - name: s1-host1 # Server name + rack: RACK1 # Informational RACK (optional) + adapters: + - endpoint_ports: [ eth1, eth2 ] # Server port to connect (optional) + switch_ports: [ Ethernet4, Ethernet4 ] # Switch port to connect server (required) + switches: [ s1-leaf1, s1-leaf2 ] # Switch to connect server (required) + profile: PP-VLAN10 # Port profile to apply (required) + port_channel: + mode: active + +# --------------------------------------------------------# +# Site1 RACK2 Endpoints +# --------------------------------------------------------# + + - name: s1-host2 # Server name + rack: RACK2 # Informational RACK (optional) + adapters: + - endpoint_ports: [ eth1, eth2 ] # Server port to connect (optional) + switch_ports: [ Ethernet4, Ethernet4 ] # Switch port to connect server (required) + switches: [ s1-leaf3, s1-leaf4 ] # Switch to connect server (required) + profile: PP-VLAN20 # Port profile to apply (required) + port_channel: + mode: active diff --git a/labs/NET_TESTING/sites/site_1/group_vars/SITE1_FABRIC.yml b/labs/NET_TESTING/sites/site_1/group_vars/SITE1_FABRIC.yml new file mode 100644 index 000000000..3babac1cf --- /dev/null +++ b/labs/NET_TESTING/sites/site_1/group_vars/SITE1_FABRIC.yml @@ -0,0 +1,87 @@ +--- +fabric_name: SITE1_FABRIC + +# Set Design Type to L3L2 with EVPN VXLAN +design: + type: l3ls-evpn + +# Spine Switches +spine: + defaults: + platform: cEOS + loopback_ipv4_pool: 10.250.1.0/24 + bgp_as: 65100 + nodes: + - name: s1-spine1 + id: 1 + mgmt_ip: 192.168.0.10/24 + - name: s1-spine2 + id: 2 + mgmt_ip: 192.168.0.11/24 + +# Leaf Switches +l3leaf: + defaults: + platform: cEOS + spanning_tree_priority: 4096 + spanning_tree_mode: mstp + loopback_ipv4_pool: 10.250.1.0/24 + loopback_ipv4_offset: 2 + vtep_loopback_ipv4_pool: 10.255.1.0/24 + uplink_switches: [ s1-spine1, s1-spine2 ] + uplink_interfaces: [ Ethernet2, Ethernet3 ] + uplink_ipv4_pool: 172.16.1.0/24 + mlag_interfaces: [ Ethernet1, Ethernet6 ] + mlag_peer_ipv4_pool: 10.251.1.0/24 + mlag_peer_l3_ipv4_pool: 10.252.1.0/24 + virtual_router_mac_address: 00:1c:73:00:00:99 + node_groups: + - group: S1_RACK1 + bgp_as: 65101 + nodes: + - name: s1-leaf1 + id: 1 + mgmt_ip: 192.168.0.12/24 + uplink_switch_interfaces: [ Ethernet2, Ethernet2 ] + - name: s1-leaf2 + id: 2 + mgmt_ip: 192.168.0.13/24 + uplink_switch_interfaces: [ Ethernet3, Ethernet3 ] + - group: S1_RACK2 + bgp_as: 65102 + nodes: + - name: s1-leaf3 + id: 3 + mgmt_ip: 192.168.0.14/24 + uplink_switch_interfaces: [ Ethernet4, Ethernet4 ] + - name: s1-leaf4 + id: 4 + mgmt_ip: 192.168.0.15/24 + uplink_switch_interfaces: [ Ethernet5, Ethernet5 ] + - group: S1_BRDR + bgp_as: 65103 + evpn_gateway: + evpn_l2: + enabled: true + evpn_l3: + enabled: true + inter_domain: true + nodes: + - name: s1-brdr1 + id: 5 + mgmt_ip: 192.168.0.100/24 + uplink_switch_interfaces: [ Ethernet6, Ethernet6 ] + evpn_gateway: + remote_peers: + - hostname: s2-brdr1 + bgp_as: 65203 + ip_address: 10.250.2.7 + - name: s1-brdr2 + id: 6 + mgmt_ip: 192.168.0.101/24 + uplink_switch_interfaces: [ Ethernet8, Ethernet8 ] + evpn_gateway: + remote_peers: + - hostname: s2-brdr2 + bgp_as: 65203 + ip_address: 10.250.2.8 diff --git a/labs/NET_TESTING/sites/site_1/group_vars/SITE1_LEAFS.yml b/labs/NET_TESTING/sites/site_1/group_vars/SITE1_LEAFS.yml new file mode 100644 index 000000000..2f6d52d1c --- /dev/null +++ b/labs/NET_TESTING/sites/site_1/group_vars/SITE1_LEAFS.yml @@ -0,0 +1,2 @@ +--- +type: l3leaf diff --git a/labs/NET_TESTING/sites/site_1/group_vars/SITE1_NETWORK_SERVICES.yml b/labs/NET_TESTING/sites/site_1/group_vars/SITE1_NETWORK_SERVICES.yml new file mode 100644 index 000000000..c0ccbf20e --- /dev/null +++ b/labs/NET_TESTING/sites/site_1/group_vars/SITE1_NETWORK_SERVICES.yml @@ -0,0 +1,20 @@ +--- +tenants: + - name: S1_FABRIC + mac_vrf_vni_base: 10000 + vrfs: + - name: OVERLAY + vrf_vni: 10 + svis: + - id: 10 + name: 'Ten' + enabled: true + ip_address_virtual: 10.10.10.1/24 + - id: 20 + name: 'Twenty' + enabled: true + ip_address_virtual: 10.20.20.1/24 + # - id: 30 + # name: 'Thiry' + # enabled: true + # ip_address_virtual: 10.30.30.1/24 diff --git a/labs/NET_TESTING/sites/site_1/group_vars/SITE1_SPINES.yml b/labs/NET_TESTING/sites/site_1/group_vars/SITE1_SPINES.yml new file mode 100644 index 000000000..ea38f466b --- /dev/null +++ b/labs/NET_TESTING/sites/site_1/group_vars/SITE1_SPINES.yml @@ -0,0 +1,2 @@ +--- +type: spine diff --git a/labs/NET_TESTING/sites/site_1/inventory.yml b/labs/NET_TESTING/sites/site_1/inventory.yml new file mode 100644 index 000000000..1f9cc68bd --- /dev/null +++ b/labs/NET_TESTING/sites/site_1/inventory.yml @@ -0,0 +1,36 @@ +--- +SITE1: + children: + CVP: + hosts: + cvp: + SITE1_FABRIC: + children: + SITE1_SPINES: + hosts: + s1-spine1: + ansible_host: 192.168.0.10 + s1-spine2: + ansible_host: 192.168.0.11 + SITE1_LEAFS: + hosts: + s1-leaf1: + ansible_host: 192.168.0.12 + s1-leaf2: + ansible_host: 192.168.0.13 + s1-leaf3: + ansible_host: 192.168.0.14 + s1-leaf4: + ansible_host: 192.168.0.15 + s1-brdr1: + ansible_host: 192.168.0.100 + s1-brdr2: + ansible_host: 192.168.0.101 + SITE1_NETWORK_SERVICES: + children: + SITE1_SPINES: + SITE1_LEAFS: + SITE1_CONNECTED_ENDPOINTS: + children: + SITE1_SPINES: + SITE1_LEAFS: diff --git a/labs/NET_TESTING/sites/site_2/custom_anta_catalogs/SITE2_FABRIC.yml b/labs/NET_TESTING/sites/site_2/custom_anta_catalogs/SITE2_FABRIC.yml new file mode 100644 index 000000000..d28afa190 --- /dev/null +++ b/labs/NET_TESTING/sites/site_2/custom_anta_catalogs/SITE2_FABRIC.yml @@ -0,0 +1,12 @@ +########################################################### +# ------------------- Logging Tests --------------------- # +########################################################### +# anta.tests.logging: +# - VerifyLoggingHosts: +# hosts: +# - 10.100.100.100 +# vrf: default + +# - VerifyLoggingSourceIntf: +# interface: Management0 +# vrf: default diff --git a/labs/NET_TESTING/sites/site_2/custom_anta_catalogs/SITE2_SPINES.yml b/labs/NET_TESTING/sites/site_2/custom_anta_catalogs/SITE2_SPINES.yml new file mode 100644 index 000000000..b1f5b657b --- /dev/null +++ b/labs/NET_TESTING/sites/site_2/custom_anta_catalogs/SITE2_SPINES.yml @@ -0,0 +1,8 @@ +########################################################## +# -------------------- System Tests -------------------- # +########################################################## + +# anta.tests.system: +# - VerifyCPUUtilization: +# - VerifyMemoryUtilization: +# - VerifyFileSystemUtilization: diff --git a/labs/NET_TESTING/sites/site_2/group_vars/SITE2_CONNECTED_ENDPOINTS.yml b/labs/NET_TESTING/sites/site_2/group_vars/SITE2_CONNECTED_ENDPOINTS.yml new file mode 100644 index 000000000..e1e7c89bb --- /dev/null +++ b/labs/NET_TESTING/sites/site_2/group_vars/SITE2_CONNECTED_ENDPOINTS.yml @@ -0,0 +1,45 @@ +--- +port_profiles: + + - profile: PP-VLAN10 + mode: "access" + vlans: "10" + spanning_tree_portfast: edge + - profile: PP-VLAN20 + mode: "access" + vlans: "20" + spanning_tree_portfast: edge + +########################################################### +# ---------------- Endpoint Connectivity ---------------- # +########################################################### + +servers: + +# --------------------------------------------------------# +# Site2 RACK1 Endpoints +# --------------------------------------------------------# + + - name: s2-host1 # Server name + rack: RACK1 # Informational RACK (optional) + adapters: + - endpoint_ports: [ eth1, eth2 ] # Server port to connect (optional) + switch_ports: [ Ethernet4, Ethernet4 ] # Switch port to connect server (required) + switches: [ s2-leaf1,s2-leaf2 ] # Switch to connect server (required) + profile: PP-VLAN10 # Port profile to apply (required) + port_channel: + mode: active + +# --------------------------------------------------------# +# Site2 RACK2 Endpoints +# --------------------------------------------------------# + + - name: s2-host2 # Server name + rack: RACK2 # Informational RACK (optional) + adapters: + - endpoint_ports: [ eth1, eth2 ] # Server port to connect (optional) + switch_ports: [ Ethernet4, Ethernet4 ] # Switch port to connect server (required) + switches: [ s2-leaf3, s2-leaf4 ] # Switch to connect server (required) + profile: PP-VLAN20 # Port profile to apply (required) + port_channel: + mode: active diff --git a/labs/NET_TESTING/sites/site_2/group_vars/SITE2_FABRIC.yml b/labs/NET_TESTING/sites/site_2/group_vars/SITE2_FABRIC.yml new file mode 100644 index 000000000..2e0875ccd --- /dev/null +++ b/labs/NET_TESTING/sites/site_2/group_vars/SITE2_FABRIC.yml @@ -0,0 +1,87 @@ +--- +fabric_name: SITE2_FABRIC + +# Set Design Type to L3L2 with EVPN VXLAN +design: + type: l3ls-evpn + +# Spine Switches +spine: + defaults: + platform: cEOS + loopback_ipv4_pool: 10.250.2.0/24 + bgp_as: 65200 + nodes: + - name: s2-spine1 + id: 1 + mgmt_ip: 192.168.0.20/24 + - name: s2-spine2 + id: 2 + mgmt_ip: 192.168.0.21/24 + +# Leaf Switches +l3leaf: + defaults: + platform: cEOS + spanning_tree_priority: 4096 + spanning_tree_mode: mstp + loopback_ipv4_pool: 10.250.2.0/24 + loopback_ipv4_offset: 2 + vtep_loopback_ipv4_pool: 10.255.2.0/24 + uplink_switches: [ s2-spine1, s2-spine2 ] + uplink_interfaces: [ Ethernet2, Ethernet3 ] + uplink_ipv4_pool: 172.16.2.0/24 + mlag_interfaces: [ Ethernet1, Ethernet6 ] + mlag_peer_ipv4_pool: 10.251.2.0/24 + mlag_peer_l3_ipv4_pool: 10.252.2.0/24 + virtual_router_mac_address: 00:1c:73:00:00:99 + node_groups: + - group: S2_RACK1 + bgp_as: 65201 + nodes: + - name: s2-leaf1 + id: 1 + mgmt_ip: 192.168.0.22/24 + uplink_switch_interfaces: [ Ethernet2, Ethernet2 ] + - name: s2-leaf2 + id: 2 + mgmt_ip: 192.168.0.23/24 + uplink_switch_interfaces: [ Ethernet3, Ethernet3 ] + - group: S2_RACK2 + bgp_as: 65202 + nodes: + - name: s2-leaf3 + id: 3 + mgmt_ip: 192.168.0.24/24 + uplink_switch_interfaces: [ Ethernet4, Ethernet4 ] + - name: s2-leaf4 + id: 4 + mgmt_ip: 192.168.0.25/24 + uplink_switch_interfaces: [ Ethernet5, Ethernet5 ] + - group: S2_BRDR + bgp_as: 65203 + evpn_gateway: + evpn_l2: + enabled: true + evpn_l3: + enabled: true + inter_domain: true + nodes: + - name: s2-brdr1 + id: 5 + mgmt_ip: 192.168.0.200/24 + uplink_switch_interfaces: [ Ethernet7, Ethernet7 ] + evpn_gateway: + remote_peers: + - hostname: s1-brdr1 + bgp_as: 65103 + ip_address: 10.250.1.7 + - name: s2-brdr2 + id: 6 + mgmt_ip: 192.168.0.201/24 + uplink_switch_interfaces: [ Ethernet8, Ethernet8 ] + evpn_gateway: + remote_peers: + - hostname: s1-brdr2 + bgp_as: 65103 + ip_address: 10.250.1.8 \ No newline at end of file diff --git a/labs/NET_TESTING/sites/site_2/group_vars/SITE2_LEAFS.yml b/labs/NET_TESTING/sites/site_2/group_vars/SITE2_LEAFS.yml new file mode 100644 index 000000000..2f6d52d1c --- /dev/null +++ b/labs/NET_TESTING/sites/site_2/group_vars/SITE2_LEAFS.yml @@ -0,0 +1,2 @@ +--- +type: l3leaf diff --git a/labs/NET_TESTING/sites/site_2/group_vars/SITE2_NETWORK_SERVICES.yml b/labs/NET_TESTING/sites/site_2/group_vars/SITE2_NETWORK_SERVICES.yml new file mode 100644 index 000000000..42f8aaacc --- /dev/null +++ b/labs/NET_TESTING/sites/site_2/group_vars/SITE2_NETWORK_SERVICES.yml @@ -0,0 +1,16 @@ +--- +tenants: + - name: S2_FABRIC + mac_vrf_vni_base: 10000 + vrfs: + - name: OVERLAY + vrf_vni: 10 + svis: + - id: 10 + name: 'Ten' + enabled: true + ip_address_virtual: 10.10.10.1/24 + - id: 20 + name: 'Twenty' + enabled: true + ip_address_virtual: 10.20.20.1/24 diff --git a/labs/NET_TESTING/sites/site_2/group_vars/SITE2_SPINES.yml b/labs/NET_TESTING/sites/site_2/group_vars/SITE2_SPINES.yml new file mode 100644 index 000000000..ea38f466b --- /dev/null +++ b/labs/NET_TESTING/sites/site_2/group_vars/SITE2_SPINES.yml @@ -0,0 +1,2 @@ +--- +type: spine diff --git a/labs/NET_TESTING/sites/site_2/inventory.yml b/labs/NET_TESTING/sites/site_2/inventory.yml new file mode 100644 index 000000000..6abd10cbe --- /dev/null +++ b/labs/NET_TESTING/sites/site_2/inventory.yml @@ -0,0 +1,36 @@ +--- +SITE2: + children: + CVP: + hosts: + cvp: + SITE2_FABRIC: + children: + SITE2_SPINES: + hosts: + s2-spine1: + ansible_host: 192.168.0.20 + s2-spine2: + ansible_host: 192.168.0.21 + SITE2_LEAFS: + hosts: + s2-leaf1: + ansible_host: 192.168.0.22 + s2-leaf2: + ansible_host: 192.168.0.23 + s2-leaf3: + ansible_host: 192.168.0.24 + s2-leaf4: + ansible_host: 192.168.0.25 + s2-brdr1: + ansible_host: 192.168.0.200 + s2-brdr2: + ansible_host: 192.168.0.201 + SITE2_NETWORK_SERVICES: + children: + SITE2_SPINES: + SITE2_LEAFS: + SITE2_CONNECTED_ENDPOINTS: + children: + SITE2_SPINES: + SITE2_LEAFS: diff --git a/labs/NET_TESTING/tests/all.yml b/labs/NET_TESTING/tests/all.yml new file mode 100644 index 000000000..27ce9af9e --- /dev/null +++ b/labs/NET_TESTING/tests/all.yml @@ -0,0 +1,17 @@ +anta.tests.system: + - VerifyUptime: + minimum: 600 + +anta.tests.hardware: + # Verifies the status of power supply fans and all fan trays. + - VerifyEnvironmentCooling: + states: + - ok + +anta.tests.software: + + # Verifies the device is running one of the allowed TerminAttr version. + - VerifyTerminAttrVersion: + versions: + - v1.32.0 +