aristanetworks / atd-public Goto Github PK

Assign to me

When I ran the MLAG portion of the ATD lab, it did not configure the host2 uplink ports to the leaf3 and leaf4. I did not see a configlet for it in CVP. It's been a while since I've done a datacenter ATD (lots of routing ones :) ) but I thought that used to be applied automatically. I didn't see anything in the guide instructing me to configure host2, just test it.

Possible enhancement for the VxLAN lab, although not necessary.

The /30's between the leafs & spines are not advertised anywhere, so if someone was on Leaf1 and tried to execute:
leaf1()# ping 172.16.0.56 there is no route back from Leaf3 or Leaf4 (the owner's of shared loopback1) to the interface that was used for the source IP address in the outgoing Ping Request (which will be one of the /30's from Leaf1 - Eth2 or Eth3).

Of course, someone could execute:
leaf1()# ping 172.16.0.56 source 172.16.0.34 to take care of the source IP address of the Ping Request, but then due to ECMP hashing the Ping Reply may never come back to Leaf1 but to Leaf2, which to the user my look like a failure.

While there are no loopback1's in the BGP (L3LS) lab, the /30's are not advertised either. Perhaps the same enhancement could be added.

I think at this point with the documentation looking pretty good and clear as to which leaf switch that the user will manipulate as part of the lab, do we need to have "excludes leaf3 instead of leaf4" in the options anymore?

Describe the bug
With the recent changes to the labvm, the screen option was removed. This option is utilized and should be added back.

To Reproduce
N/A

Expected behavior
Screen option should be present on the login.py menu

Screenshots
N/A

Additional context
The option is added into media.py for the Broadcaster-Training module.

Describe the bug
The option, cvp doesn't stand out and match the formatting as other commands do in the labguides.

Screenshots
Currently it looks like this rendered:

Should look like this like the mlag cmd:

Update the labguide screenshots with the programmability labs.

Need to update the topology type check for media labs from:

if topology == ‘datacenter’

To:

if ‘datacenter’ in topology

When selecting option 7 or 8 to load the host1 or host2 ssh sessions in the main datacenter topology, they work just fine. However, when selecting media Lab Controls option, option 7 and 8 do not work. The login.py script acts as if it was an invalid cmd.

Dropping down into bash on the labvm and ssh'ing into host1 and host2 work just fine, as well as using the screen option.

Is your feature request related to a problem? Please describe.
At the moment, gitConfigletSync.py is only able to upload to CVP static configlets. It would be good to be able to upload configlet builders into CVP so we can track and update configlets as needed.

Describe the solution you'd like
Modify the script to check for file type (static or configlet builder) and add logic to make a separate API call to add a configetlet builder into CVP.

Describe alternatives you've considered
N/A

Additional context
This will help us modify and update the configlets into CVP quicker, and will be beneficial for when we move to a customized CVP instance per ATD topology type.

At the moment the cvpUpdater.py script references the vxlan underlay IP address for CVP. This is not an issue in the current ADC environment, but does cause an issue when running outside of the ADC.

There are a few labs that need this update. When you log into Host1 or Host2, you are usually greeted with non-privileged mode. Either we update the ATD lab guides or we allow a login to the "#" prompt and not ">"... @networkRob Just a user config issue for the login credentials? Might be an enhancement tied to #35

From Robert Welch (original request)
Team,

On PDF page 12, need to add the enable command before ping.

6. Log into Host 1 and Host 2, ping the gateway and the other host.

7. Host 1
   enable
   ping 172.16.112.1
   ping 172.16.112.202
   !! Note the MAC address returned by the command below:
   show interface po1 | grep Hardware

8. Host 2
   enable
   ping 172.16.112.1
   ping 172.16.112.201
   !! Note the MAC address returned by the command below:
   show interface po1 | grep Hardware

Since we are applying the configlet to enable multi-agent on the switches on initial deployment, multi-agent is not enabled since it needs to reboot.

In the Media STP and SVI Lab ("media-vlan" or "12") lab, there's a couple spots with superfluous STP output:

spine2#show spanning-tree
MST0
  Spanning tree enabled protocol mstp
  Root ID    Priority    4096
             Address     2cc2.6056.df93
             Cost        0 (Ext) 2000 (Int)
             Port        1 (Ethernet1)
             Hello Time  2.000 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority     8192  (priority 8192 sys-id-ext 0)
             Address     2cc2.6094.d76c
             Hello Time  2.000 sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role       State      Cost      Prio.Nbr Type
---------------- ---------- ---------- --------- -------- --------------------
Et1              root       forwarding 2000      128.1    P2p
Et2              designated forwarding 2000      128.2    P2p
Et5              designated forwarding 2000      128.5    P2p

Et6              designated forwarding 2000      128.6    P2p Edge
Et7              designated forwarding 2000      128.7    P2p Edge

There's nothing relevant connected to Spine1 for this lab on Et6 & Et7, so remove those lines.

Also, further down (twice) for Leaf4 Et6-Et10 which aren't needed:

leaf4(config-if-Et2-3)#show spanning-tree
MST0
  Spanning tree enabled protocol mstp
  Root ID    Priority    4096
             Address     2cc2.6056.df93
             Cost        0 (Ext) 2000 (Int)
             Port        2 (Ethernet2)
             Hello Time  2.000 sec  Max Age 20 sec  Forward Delay 15 sec

Bridge ID  Priority    32768  (priority 32768 sys-id-ext 0)
             Address     2cc2.60b5.96d9
             Hello Time  2.000 sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role       State      Cost      Prio.Nbr Type
---------------- ---------- ---------- --------- -------- --------------------
Et2              root       forwarding 2000      128.2    P2p
Et3              alternate  discarding 2000      128.3    P2p
Et4              designated forwarding 2000      128.4    P2p Edge

Et6              designated forwarding 2000      128.6    P2p Edge
Et7              designated forwarding 2000      128.7    P2p Edge
Et8              designated forwarding 2000      128.8    P2p Edge
Et9              designated forwarding 2000      128.9    P2p Edge
Et10             designated forwarding 2000      128.10   P2p Edge

Updated menu does not reflect the listed menu options for in the current lab guides. Will need to update the lab guides to match accordingly.

Is your feature request related to a problem? Please describe.
In the connecting.rst and programmability_connecting.rst files, it would be helpful to show the user's public IP for their topo within the labguide for their ssh cmds.

Describe the solution you'd like
Modify the atdFiles.sh script to get current public IP for the topo and to update the string in the above labguides to reflect the IP.

Describe alternatives you've considered
Nope

Additional context
Add any other context or screenshots about the feature request here.

Update version number for topo and labguides based off of CVP version utilized.

Describe the bug
Read the title

To Reproduce
Re-read the title

Expected behavior
Do what title says

When executing the BGP lab, host1 and host2 become inaccessible and can no longer communicate with CVP. The Tasks that get generated in CVP never complete.

The nodes can still be reached via their "in-band" interface from the leaves. For example, from leaf1...

ssh -l arista 172.16.115.100

drops you into host1. The config seems correct from first glance, but CVP is not pingable via the Ma1 interface. I can look into the config more when I'm back at home this afternoon.

Describe the bug
At the end of the lab there is an optional "try this" suggestion which does not actually exist in the command set.

"neighbor fall-over bfd"

Expected behavior
The command should be:
neighbor <neighbor_ip> fall-over bfd

Additional context
Issue brought over from other repo.

Describe the bug
In certain situations when the labvm boots up, the atdFiles.sh script runs and copies over only part of the /tmp/atd/topologies/datacenter/files/ directory to /home/arista. This can occur when the atdServiceUpdater.py script has not finished cloning the full atd-public repo.

To Reproduce
Very rare occurrence, but will occur when a topology has been deployed the first time (rare since there is a scheduled reboot on initial deployment) or redeployed after it has been undeployed. This can also occur when the MenuOptions.yaml file is not present in /home/arista/ directory, which is persistent storage.

Expected behavior
ssh into the labvm and the menu appears.

Screenshots

robmartin$ ssh arista@{IP_REMOVED}
arista@{IP_REMOVED}'s password:

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

Traceback (most recent call last):
  File "/usr/local/bin/login.py", line 12, in <module>
    f = open('/home/arista/MenuOptions.yaml')
IOError: [Errno 2] No such file or directory: '/home/arista/MenuOptions.yaml'
Connection to {IP_REMOVED} closed.

Additional context
It might be a good idea to look at all service files and how we implement them on the labvm. Should take a look on how we can implement timers to delay the start of certain services. This will ensure the previous service completed.

After choosing media (28) on menu, host1 should have 172.16.15.5/24 on Eth1 and host2 172.16.46.6 on Eth2, but they still have Port-channels for regular menus.

host1# show ip interface brief

Interface IP Address Status Protocol MTU

Management1 192.168.0.31/24 down notpresent 1500

Port-Channel1 172.16.112.201/24 down lowerlayerdown 1500

Port-Channel2 172.16.115.100/24 down lowerlayerdown 1500

host1# show running-config interfaces Ethernet 1

interface Ethernet1

channel-group 1 mode active

lacp rate fast

host2# show ip interface brief

Interface IP Address Status Protocol MTU

Management1 192.168.0.32/24 down notpresent 1500

Port-Channel1 172.16.112.202/24 down lowerlayerdown 1500

Port-Channel2 172.16.116.100/24 down lowerlayerdown 1500

host2# show running-config interfaces Ethernet 2

interface Ethernet2

channel-group 1 mode active

There are a number of old CLI commands in the RATD configlets. This issue will serve for me to track fixing them. I will also be adjusting the formatting of the of the configlets to be more uniform with the data center ATD. In addition, we'll match the ATD-INFRA configlet across them as well and remove unneeded commands to clean things up.

Need to go through and update the labguides with screenshots and any workflow changes that have been updated in the Grant release.

Any work on this should be put into the grant-rel branch.

In the datacenter topology, it will be easier to push configlet changes for the Broadcaster Training and other modules if host1 and host2 were imported into CVP.

This should be easy with the proposed cvpUpdater.py service script. Some backend work will need to be completed:

• Modify phpIPAM to incorporate host1/2
• Create configlets and add into the repo
• Modify cvp_info.yaml to incorporate these devices and create a Hosts container.

Describe the bug
There are some pieces of config (DNS, API) that can be better served in the ATD-INFRA configlet. This is already in process for the RATD.

To Reproduce
Just look at the configlets :)

Expected behavior
Configlets should follow Arista best-practice structure on re-use where possible.

In the grant-rel branch, please review the labguides in topologies/datacenter-latest directory. There are references in the labguides to the older syntax style and they need to be updated. The datacenter-latest topology will leverage 4.23.X release train.

Describe the bug
In atdFiles.sh the following line fails due to a mis-typed remote location for scp.

scp /home/arista/ConfigureTopology.py [email protected]/~/

It should read:

scp /home/arista/ConfigureTopology.py [email protected]:~/

However, since atdFiles.sh runs on-boot as root, it requires a password for the arista user.
This may require a modification/creation of a script/service that runs as the arista user to send the updated ConfigureTopology.py file to CVP.

This may not be necessary in the near future as we look to migrate away from ConfigureTopology.py

When kicking off a routing topology, login.py is looking for the non-existent media-options parameter in MenuOptions.yaml. There needs to be a check added in login.py to base the topology off of.

(virtual) robmartin:source robmartin$ ssh arista@{IP}
arista@{IP}'s password:

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

Traceback (most recent call last):
  File "/usr/local/bin/login.py", line 17, in <module>
    labcontrols2 = menuoptions['media-options']
  File "/usr/local/lib/python2.7/dist-packages/ruamel/yaml/comments.py", line 747, in __getitem__
    return ordereddict.__getitem__(self, key)
KeyError: 'media-options'
Connection to {IP} closed.
(virtual) robmartin:source robmartin$

Describe the bug
EOS3 has the following configuration on Eth6. This needs to be adjusted to fit the standard model (this is already fixed in the SVC configlet).

interface Ethernet6
   description EOS20
   no switchport
   ip address 10.3.20.2/24 !! change to 10.3.20.3/24

Is your feature request related to a problem? Please describe.
The "ping 172.16.116.100" validation step at the end works regardless if Leaf4 is configured or not, since the traffic from Host 1 to Host 2 hashes via Leaf3 - leading one to believe that you've successfully configured the lab correctly.

Possibly revisit to enhance the validation.

Describe the solution you'd like
Possibly add in a step to shutdown the link to Leaf3 to force traffic through Leaf4.

Additional context
Issue brought over from other repo.

The idea behind this is the ability to run a script on the labvm that will:

1. Pull from the atd-public repo
2. Change branches to the desired branch for testing
3. Run any necessary service scripts afterwards.

Another idea is to modify the atdServiceUpdater.py script to allow for a '--branch` parameter that will take a branch to clone directly from GitHub. If none is provided, clone the master.

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
When enter is pressed in the login menu and there is no value in the text entry, the script stops and closes the ssh connection.

Describe the solution you'd like
A clear and concise description of what you want to happen.
To allow the prompt to keep running on a null value.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Maybe prompt invalid entry, but this is likely not necessary.

Additional context
Add any other context or screenshots about the feature request here.

When selecting the reset options, CVP updates it's database on the device configuration, but a task is not being created and executed. So the devices will remain/maintain their configuration and then show out of compliance.

Currently the CVX ATD lab uses the "vxlan" (option 24) jumphost script to execute configlets. Part of the "vxlan" configlets add a VTEP flood list which is not necessary when running CVX/VCS (because CVX assembles its own flood list).

This just confirms that perhaps the CVX lab needs it's own jumphost option called "cvx". This is tightly coupled to issue #70

Describe the bug
atdFiles.sh service is not copying hidden files from local repo copy to /home/arista

Describe the bug
NTP is not configured when choosing "cvp" or "27" in Jumphost.
The effect is when we go to CVP Telemetry we'll see "red" flags recommending to have it configured.

To Reproduce
Fresh start, go to Jumphost, select "cvp". Log in any leaf switch and run:
leaf1#show run | grep ntp
leaf1#

Expected behavior
Better described as "desired behavior".
NTP configured and no error messaged displayed in CVP telemetry.

Screenshots

Additional context
No additional comments.

Describe the bug
Labguide shows to enter option 13 to reset all devices to base, since the updated login.py went in, the numbering now starts at 21. Graphics should also be updated to reflect new login menu.

To Reproduce
View the Programmability connecting labguide

Expected behavior
Should reflect what the user sees on their screen.

Screenshots
N/A

Additional context
N/A

We can remove this from MenuOptions.yaml since it's not needed in the VXLAN lab nor the CVX lab:

Even though the CVX ATD lab uses "vxlan" (option 24), the beginning of the ATD lab guide for the CVX lab has the user handjam the CLI anyways:

... which is exactly what the "cvx01-Controller" configlet is anyways:

SVI for VLAN 12 is incorrect for VLAN 12. Should be 172.16.112.3 and not 172.16.112.4 (which is already assigned to Leaf3).

Current connecting labguide for the routing topology needs to have both screenshots updated. It would probably look better to have these updated based on the topology deployed.

The first image still shows the datacenter topology landing page.

And the labaccess menu options shows the datacenter menu.

Describe the bug
Update screenshots used within labguide to correspond to new CVP Folsom release.

As ATD is becoming more modular, SEs would use modules as building blocks for training or presentation events, then having an estimated time for module execution will help SE teams to organize their agenda.

While this configlet does not seem to be invoke by MenuOption.yaml, it appears that its intention was for the CVX ATD lab. That being said the loopback 1 addresses should be used for the shared vVTEP addresses (172.16.0.34 & 172.16.0.56) in the vxlan source-interface Loopback0 CLI config and instead should be vxlan source-interface Loopback1.

While this configlet doesn't seem to be in use at the moment, use of it in the future will dictate Loopback 1 shared addresses.

The device menu on the login screen is not sorting nodes naturally as it should:

Device Menu:            Lab Controls


   1. leaf3		  21. Reset All Devices to Base ATD (reset)
   2. spine1		  22. MLAG Lab (mlag)
   3. cvx01		  23. BGP Lab (bgp)
   4. spine2		  24. VXLAN Lab (vxlan) excludes leaf3 instead of leaf4
   5. leaf2		  25. EVPN Type 2 Lab (l2evpn) excludes leaf3 instead of leaf4
   6. host1		  26. EVPN Type 5 Lab (l3evpn) excludes leaf3 instead of leaf4
   7. leaf4		  27. CVP lab (cvp)
   8. leaf1		  28. Broadcast Engineer Training (media)
   9. host2
  97. Screen (screen)
  98. Shell (bash)
  99. Quit (quit/exit)```

Currently on the login.py menu, the screen option line displays as:

97. Screen (screen)

The requested display would be:

97. Screen (screen) - Opens a screen session to each of the hosts

This can be updated in the following file:
topologies/all/login.py
It is located around line 139. Here is the line that needs to be updated.

    print "  97. Screen (screen)"

Describe the bug
A clear and concise description of what the bug is. Please include the lab module if applicable.
cvx.html labguide contains error in syntax for setting lacp timer

To Reproduce
Steps to reproduce the behavior.
leaf3(config-if-Et4)#lacp rate fast
% Unavailable command (This command is deprecated by 'lacp timer')
leaf3(config-if-Et4)#lacp timer ?
fast 1 second whether synchronized or not
normal 30 seconds while synchronized, 1 second while synchronizing

leaf3(config-if-Et4)#lacp timer fast

Expected behavior
A clear and concise description of what you expected to happen.
labguide update

interface Ethernet4
description HOST2
channel-group 4 mode active
lacp timer fast
Screenshots
If applicable, add screenshots to help explain your problem.

Additional context
Add any other context about the problem here.

The gitConfigletsync.py service is failing with the following error message. It is only failing in the Routing topology, it is successful in the Datacenter topo.

Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]: Local copy exists....continuing
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]: Traceback (most recent call last):
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]:   File "/usr/local/bin/gitConfigletSync.py", line 84, in <module>
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]:     syncConfiglet(clnt,configletName,configletConfig)
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]:   File "/usr/local/bin/gitConfigletSync.py", line 64, in syncConfiglet
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]:     addConfiglet = cvpClient.api.add_configlet(configletName,configletConfig)
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]:   File "/usr/local/lib/python2.7/dist-packages/cvprac/cvp_api.py", line 672, in add_configlet
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]:     timeout=self.request_timeout)
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]:   File "/usr/local/lib/python2.7/dist-packages/cvprac/cvp_client.py", line 700, in post
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]:     return self._make_request('POST', url, timeout, data=data, files=files)
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]:   File "/usr/local/lib/python2.7/dist-packages/cvprac/cvp_client.py", line 478, in _make_request
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]:     raise error
Oct 22 18:09:11 ip-10-33-4-164 gitConfigletSync.py[3859]: cvprac.cvp_client_errors.CvpApiError: POST: https://192.168.0.5:443/web/configlet/addConfiglet.do : Request Error: Data already exists in Database

The way the media labs are leveraged and configured need to be updated for the new topology. Here are the notes from Ryan M.

Media Labs - adjust reset menu option to match above
-config replace failing on hosts as static syntax need to be changed to new style for AAA user.
-change media-host#.cfg to configlet and push as configlet