Commit f6a55247 authored by Bill Grant's avatar Bill Grant

Part 5 complete

parent 7d3a203b
# LeafSpineAutomation
! Base configuration
!
hostname {{ hostname }}
ip name-server {{ defaults.nameserver1 }}
ip name-server {{ defaults.nameserver2 }}
ip domain-name {{ defaults.domainname }}
!
ntp source Management1
ntp server {{ defaults.ntpserver1 }} prefer
ntp server {{ defaults.ntpserver2 }}
!
username admin role network-admin secret {{ defaults.password }}
!
clock timezone {{ site.timezone }}
!
vrf definition management
!
! Use https in production
!
management api http-commands
protocol http
no shutdown
!
vrf management
no shutdown
!
interface Management1
vrf forwarding management
ip address {{ host.managementip }}
!
ip route vrf management 0.0.0.0/0 {{ host.managementgw }}
!
end
\ No newline at end of file
! Base configuration
!
hostname leaf-1
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip domain-name example.net
!
ntp source Management1
ntp server 0.pool.ntp.org prefer
ntp server 1.pool.ntp.org
!
username admin role network-admin secret admin
!
clock timezone America/New_York
!
vrf definition management
!
! Use https in production
!
management api http-commands
protocol http
no shutdown
!
vrf management
no shutdown
!
interface Management1
vrf forwarding management
ip address 198.51.100.252/24
!
ip route vrf management 0.0.0.0/0 198.51.100.1
!
end
\ No newline at end of file
ip routing
!
lldp run
!
vlan 100
name Servers1
!
vlan 200
name Servers2
!
interface Ethernet1
description P2P Link to Spine-1
logging event link-status
no switchport
ip address 172.16.0.2/30
arp timeout 900
mtu 9214
no shutdown
!
interface Ethernet2
description P2P Link to Spine-2
logging event link-status
no switchport
ip address 172.16.0.10/30
arp timeout 900
mtu 9214
no shutdown
!
interface loopback0
ip address 192.168.0.3/32
!
interface Ethernet9
switchport access vlan 100
no snmp trap link-status
spanning-tree portfast
spanning-tree bpduguard enable
no shutdown
!
interface Ethernet10
switchport access vlan 200
no snmp trap link-status
spanning-tree portfast
spanning-tree bpduguard enable
no shutdown
!
interface Vlan100
description Servers1
mtu 9214
ip address 10.1.100.1/24
arp timeout 900
no shutdown
!
interface Vlan200
description Servers2
ip address 10.1.200.1/24
arp timeout 900
no shutdown
!
route-map ROUTE-MAP-OUT permit 10
match ip address prefix-list PREFIX-LIST-OUT
!
ip prefix-list PREFIX-LIST-OUT seq 10 permit 192.168.0.3/32
ip prefix-list PREFIX-LIST-OUT seq 20 permit 172.16.0.0/16
ip prefix-list PREFIX-LIST-OUT seq 30 permit 10.1.100.0/24
ip prefix-list PREFIX-LIST-OUT seq 40 permit 10.1.200.0/24
!
router bgp 65100
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 4
neighbor EBGP-TO-SPINE peer-group
neighbor EBGP-TO-SPINE remote-as 65000
neighbor EBGP-TO-SPINE maximum-routes 12000
neighbor EBGP-TO-SPINE allowas-in 1
neighbor 172.16.0.1 peer-group EBGP-TO-SPINE
neighbor 172.16.0.9 peer-group EBGP-TO-SPINE
network 192.168.0.3/32
redistribute connected
!
end
\ No newline at end of file
! Base configuration
!
hostname leaf-2
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip domain-name example.net
!
ntp source Management1
ntp server 0.pool.ntp.org prefer
ntp server 1.pool.ntp.org
!
username admin role network-admin secret admin
!
clock timezone America/New_York
!
vrf definition management
!
! Use https in production
!
management api http-commands
protocol http
no shutdown
!
vrf management
no shutdown
!
interface Management1
vrf forwarding management
ip address 198.51.100.251/24
!
ip route vrf management 0.0.0.0/0 198.51.100.1
!
end
\ No newline at end of file
ip routing
!
lldp run
!
vlan 100
name Servers1
!
vlan 200
name Servers2
!
interface Ethernet1
description P2P Link to Spine-1
logging event link-status
no switchport
ip address 172.16.0.6/30
arp timeout 900
mtu 9214
no shutdown
!
interface Ethernet2
description P2P Link to Spine-2
logging event link-status
no switchport
ip address 172.16.0.14/30
arp timeout 900
mtu 9214
no shutdown
!
interface loopback0
ip address 192.168.0.4/32
!
interface Ethernet9
switchport access vlan 100
no snmp trap link-status
spanning-tree portfast
spanning-tree bpduguard enable
no shutdown
!
interface Ethernet10
switchport access vlan 200
no snmp trap link-status
spanning-tree portfast
spanning-tree bpduguard enable
no shutdown
!
interface Vlan100
description Servers1
mtu 9214
ip address 10.2.100.1/24
arp timeout 900
no shutdown
!
interface Vlan200
description Servers2
ip address 10.2.200.1/24
arp timeout 900
no shutdown
!
route-map ROUTE-MAP-OUT permit 10
match ip address prefix-list PREFIX-LIST-OUT
!
ip prefix-list PREFIX-LIST-OUT seq 10 permit 192.168.0.4/32
ip prefix-list PREFIX-LIST-OUT seq 20 permit 172.16.0.0/16
ip prefix-list PREFIX-LIST-OUT seq 30 permit 10.2.100.0/24
ip prefix-list PREFIX-LIST-OUT seq 40 permit 10.2.200.0/24
!
router bgp 65100
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 4
neighbor EBGP-TO-SPINE peer-group
neighbor EBGP-TO-SPINE remote-as 65000
neighbor EBGP-TO-SPINE maximum-routes 12000
neighbor EBGP-TO-SPINE allowas-in 1
neighbor 172.16.0.5 peer-group EBGP-TO-SPINE
neighbor 172.16.0.13 peer-group EBGP-TO-SPINE
network 192.168.0.4/32
redistribute connected
!
end
\ No newline at end of file
! Base configuration
!
hostname spine-1
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip domain-name example.net
!
ntp source Management1
ntp server 0.pool.ntp.org prefer
ntp server 1.pool.ntp.org
!
username admin role network-admin secret admin
!
clock timezone America/New_York
!
vrf definition management
!
! Use https in production
!
management api http-commands
protocol http
no shutdown
!
vrf management
no shutdown
!
interface Management1
vrf forwarding management
ip address 198.51.100.254/24
!
ip route vrf management 0.0.0.0/0 198.51.100.1
!
end
\ No newline at end of file
ip routing
!
lldp run
!
interface Ethernet1
description P2P Link to Leaf-1
logging event link-status
no switchport
ip address 172.16.0.1/30
arp timeout 900
no shutdown
!
interface Ethernet2
description P2P Link to Leaf-2
logging event link-status
no switchport
ip address 172.16.0.5/30
arp timeout 900
no shutdown
!
interface loopback0
ip address 192.168.0.1/32
!
router bgp 65000
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 64
neighbor EBGP-TO-LEAF peer-group
neighbor EBGP-TO-LEAF remote-as 65100
neighbor EBGP-TO-LEAF maximum-routes 12000
neighbor 172.16.0.2 peer-group EBGP-TO-LEAF
neighbor 172.16.0.6 peer-group EBGP-TO-LEAF
network 192.168.0.1/32
!
end
\ No newline at end of file
! Base configuration
!
hostname spine-2
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip domain-name example.net
!
ntp source Management1
ntp server 0.pool.ntp.org prefer
ntp server 1.pool.ntp.org
!
username admin role network-admin secret admin
!
clock timezone America/New_York
!
vrf definition management
!
! Use https in production
!
management api http-commands
protocol http
no shutdown
!
vrf management
no shutdown
!
interface Management1
vrf forwarding management
ip address 198.51.100.253/24
!
ip route vrf management 0.0.0.0/0 198.51.100.1
!
end
\ No newline at end of file
ip routing
!
lldp run
!
interface Ethernet1
description P2P Link to Leaf-1
logging event link-status
no switchport
ip address 172.16.0.9/30
arp timeout 900
no shutdown
!
interface Ethernet2
description P2P Link to Leaf-2
logging event link-status
no switchport
ip address 172.16.0.13/30
arp timeout 900
no shutdown
!
interface loopback0
ip address 192.168.0.2/32
!
router bgp 65000
bgp log-neighbor-changes
distance bgp 20 200 200
maximum-paths 4 ecmp 64
neighbor EBGP-TO-LEAF peer-group
neighbor EBGP-TO-LEAF remote-as 65100
neighbor EBGP-TO-LEAF maximum-routes 12000
neighbor 172.16.0.10 peer-group EBGP-TO-LEAF
neighbor 172.16.0.14 peer-group EBGP-TO-LEAF
network 192.168.0.2/32
!
end
\ No newline at end of file
#!/usr/bin/env python3
from jinja2 import Environment, FileSystemLoader
import yaml
from napalm import get_network_driver
class ConfigureLeafSpine():
"""Class to configure and maintain leaf spine switches"""
def __init__(
self,
hosts,
groups,
baseconfig,
spines,
spineconfig,
leafs,
leafconfig
):
with open(hosts) as file1:
self.hosts = yaml.load(file1)
with open(groups) as file2:
self.groups = yaml.load(file2)
with open(spines) as file3:
self.spines = yaml.load(file3)
with open(leafs) as file4:
self.leafs = yaml.load(file4)
self.baseconfig = baseconfig
self.spineconfig = spineconfig
self.leafconfig = leafconfig
self.ENV = Environment(loader=FileSystemLoader('.'))
def generatebaseconfig(self):
"""Generates base configuration files"""
template = self.ENV.get_template(self.baseconfig)
for key, value in self.hosts.items():
config = template.render(
defaults=self.groups['defaults'],
hostname=key,
host=value,
site=self.groups[value['site']]
)
filename = 'configs/{0}-base.config'.format(key)
with open(filename, 'w') as file:
file.writelines(config)
def generatespineconfig(self):
"""Generates the spine configuration"""
template = self.ENV.get_template(self.spineconfig)
for key, value in self.hosts.items():
if value['role'] == 'spine':
config = template.render(
host=value,
bgp=self.spines['bgp']
)
filename = 'configs/{0}.config'.format(key)
with open(filename, 'w') as file:
file.writelines(config)
def generateleafconfig(self):
"""Generates the leaf configuration"""
template = self.ENV.get_template(self.leafconfig)
for key, value in self.hosts.items():
if value['role'] == 'leaf':
config = template.render(
host=value,
vlans=self.leafs['vlans'],
routemaps=self.leafs['routemaps'],
accessinterfaces=self.leafs['accessinterfaces'],
bgp=self.leafs['bgp']
)
filename = 'configs/{0}.config'.format(key)
with open(filename, 'w') as file:
file.writelines(config)
def deployconfig(self):
"""Checks for diffs and deploys configs using NAPALM"""
driver = get_network_driver('eos')
for key, value in self.hosts.items():
device = driver(key, 'admin', 'admin')
device.open()
device.load_merge_candidate(
filename='configs/{0}.config'.format(key)
)
diffs = device.compare_config()
if diffs:
print("{0} Diffs: ".format(key))
print("\n{0}".format(diffs))
device.commit_config()
device.close()
if __name__ == "__main__":
lsconfig = ConfigureLeafSpine(
'hosts.yaml',
'groups.yaml',
'baseconfig.j2',
'spine.yaml',
'spine.j2',
'leaf.yaml',
'leaf.j2'
)
lsconfig.generatebaseconfig()
lsconfig.generatespineconfig()
lsconfig.generateleafconfig()
lsconfig.deployconfig()
\ No newline at end of file
---
defaults:
domain: example.net
ntpserver1: 0.pool.ntp.org
ntpserver2: 1.pool.ntp.org
nameserver1: 8.8.8.8
nameserver2: 8.8.4.4
domainname: example.net
username: admin
password: admin
ny:
timezone: America/New_York
arista_eos:
nos: eos
iprouting: True
lldp: True
---
spine-1:
managementip: 198.51.100.254/24
managementgw: 198.51.100.1
site: ny
role: spine
interfaces:
- number: 1
ip: 172.16.0.1/30
description: P2P Link to Leaf-1
- number: 2
ip: 172.16.0.5/30
description: P2P Link to Leaf-2
loopbacks:
- number: 0
ip: 192.168.0.1/32
routerid: 192.168.0.1
bgpnetworks:
- 192.168.0.1/32
peergroups:
- name: EBGP-TO-LEAF
maxroutes: 12000
remoteas: 65100
neighbors:
- 172.16.0.2
- 172.16.0.6
spine-2:
managementip: 198.51.100.253/24
managementgw: 198.51.100.1
site: ny
role: spine
interfaces:
- number: 1
ip: 172.16.0.9/30
description: P2P Link to Leaf-1
- number: 2
ip: 172.16.0.13/30
description: P2P Link to Leaf-2
loopbacks:
- number: 0
ip: 192.168.0.2/32
routerid: 192.168.0.2
bgpnetworks:
- 192.168.0.2/32
peergroups:
- name: EBGP-TO-LEAF
maxroutes: 12000
remoteas: 65100
neighbors:
- 172.16.0.10
- 172.16.0.14
leaf-1:
managementip: 198.51.100.252/24
managementgw: 198.51.100.1
site: ny
role: leaf
interfaces:
- number: 1
ip: 172.16.0.2/30
description: P2P Link to Spine-1
- number: 2
ip: 172.16.0.10/30
description: P2P Link to Spine-2
loopbacks:
- number: 0
ip: 192.168.0.3/32
routerid: 192.168.0.3
bgpnetworks:
- 192.168.0.3/32
peergroups:
- name: EBGP-TO-SPINE
maxroutes: 12000
remoteas: 65000
neighbors:
- 172.16.0.1
- 172.16.0.9
allowasin: 1
routemaps:
- name: ROUTE-MAP-OUT
direction: out
prefixlists:
- name: PREFIX-LIST-OUT
action: permit
sequence: 10
ip: 192.168.0.3/32
- name: PREFIX-LIST-OUT
action: permit
sequence: 20
ip: 172.16.0.0/16
- name: PREFIX-LIST-OUT
action: permit
sequence: 30
ip: 10.1.100.0/24
- name: PREFIX-LIST-OUT
action: permit
sequence: 40
ip: 10.1.200.0/24
vlaninterfaces:
- number: 100
description: Servers1
mtu: 9214
ip: 10.1.100.1/24
arptimeout: 900
- number: 200
description: Servers2
ip: 10.1.200.1/24
arptimeout: 900
leaf-2:
managementip: 198.51.100.251/24
managementgw: 198.51.100.1
site: ny
role: leaf
interfaces:
- number: 1
ip: 172.16.0.6/30
description: P2P Link to Spine-1
- number: 2
ip: 172.16.0.14/30
description: P2P Link to Spine-2
loopbacks:
- number: 0
ip: 192.168.0.4/32
routerid: 192.168.0.6
bgpnetworks:
- 192.168.0.4/32
peergroups:
- name: EBGP-TO-SPINE
maxroutes: 12000
remoteas: 65000
neighbors:
- 172.16.0.5
- 172.16.0.13
allowasin: 1
routemaps:
- name: ROUTE-MAP-OUT
direction: out
prefixlists:
- name: PREFIX-LIST-OUT
action: permit
sequence: 10
ip: 192.168.0.4/32
- name: PREFIX-LIST-OUT
action: permit
sequence: 20
ip: 172.16.0.0/16
- name: PREFIX-LIST-OUT
action: permit
sequence: 30
ip: 10.2.100.0/24
- name: PREFIX-LIST-OUT
action: permit
sequence: 40
ip: 10.2.200.0/24
vlaninterfaces:
- number: 100
description: Servers1
mtu: 9214
ip: 10.2.100.1/24
arptimeout: 900
- number: 200
description: Servers2
ip: 10.2.200.1/24
arptimeout: 900
\ No newline at end of file
ip routing
!
lldp run
!
{% for vlan in vlans -%}
vlan {{ vlan.number }}
name {{ vlan.description }}
!
{% endfor -%}
{% for interface in host.interfaces -%}
interface Ethernet{{ interface.number }}
description {{ interface.description }}
logging event link-status
no switchport
ip address {{ interface.ip }}
arp timeout 900
mtu 9214
no shutdown
!
{% endfor -%}
{% for loopback in host.loopbacks -%}
interface loopback{{ loopback.number }}
ip address {{ loopback.ip }}
!
{% endfor -%}
{% for accessinterface in accessinterfaces -%}
interface Ethernet{{ accessinterface.number }}
switchport access vlan {{ accessinterface.vlan }}
no snmp trap link-status
spanning-tree portfast
spanning-tree bpduguard enable
no shutdown
!
{% endfor -%}
{% for vlaninterface in host.vlaninterfaces -%}
interface Vlan{{ vlaninterface.number }}
description {{ vlaninterface.description }}
{% if vlaninterface.mtu -%}