From 18ca22bad88d05079b676e71f421edbe7cfb4aa8 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Tue, 15 Oct 2024 20:47:50 +0530 Subject: [PATCH 1/8] Feat(eos_cli_config_gen): Add support for monitor-server-radius --- .../devices/monitor-server-radius-1.md | 34 +++++++++++++ .../devices/monitor-server-radius-2.md | 34 +++++++++++++ .../devices/monitor-server-radius.md | 34 +++++++++++++ .../configs/monitor-server-radius-1.cfg | 10 ++++ .../configs/monitor-server-radius-2.cfg | 8 ++++ .../host_vars/monitor-server-radius-1.yml | 10 ++++ .../host_vars/monitor-server-radius-2.yml | 4 ++ .../eos_cli_config_gen/inventory/hosts.ini | 2 + .../docs/tables/monitor-server-radius.md | 47 ++++++++++++++++++ .../j2templates/eos-intended-config.j2 | 2 + .../j2templates/eos/monitor-server-radius.j2 | 26 ++++++++++ .../schema/eos_cli_config_gen.schema.yml | 44 +++++++++++++++++ .../monitor_server_radius.schema.yml | 48 +++++++++++++++++++ 13 files changed, 303 insertions(+) create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius.md create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-1.cfg create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-2.cfg create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-1.yml create mode 100644 ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-2.yml create mode 100644 ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md create mode 100644 python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 create mode 100644 python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md new file mode 100644 index 00000000000..cc913c8fcc8 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md @@ -0,0 +1,34 @@ +# monitor-server-radius-1 + +## Table of Contents + +- [Management](#management) + - [Management Interfaces](#management-interfaces) + +## Management + +### Management Interfaces + +#### Management Interfaces Summary + +##### IPv4 + +| Management Interface | Description | Type | VRF | IP Address | Gateway | +| -------------------- | ----------- | ---- | --- | ---------- | ------- | +| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | + +##### IPv6 + +| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | +| -------------------- | ----------- | ---- | --- | ------------ | ------------ | +| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | + +#### Management Interfaces Device Configuration + +```eos +! +interface Management1 + description OOB_MANAGEMENT + vrf MGMT + ip address 10.73.255.122/24 +``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md new file mode 100644 index 00000000000..61284486cf5 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md @@ -0,0 +1,34 @@ +# monitor-server-radius-2 + +## Table of Contents + +- [Management](#management) + - [Management Interfaces](#management-interfaces) + +## Management + +### Management Interfaces + +#### Management Interfaces Summary + +##### IPv4 + +| Management Interface | Description | Type | VRF | IP Address | Gateway | +| -------------------- | ----------- | ---- | --- | ---------- | ------- | +| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | + +##### IPv6 + +| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | +| -------------------- | ----------- | ---- | --- | ------------ | ------------ | +| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | + +#### Management Interfaces Device Configuration + +```eos +! +interface Management1 + description OOB_MANAGEMENT + vrf MGMT + ip address 10.73.255.122/24 +``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius.md new file mode 100644 index 00000000000..302701a2171 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius.md @@ -0,0 +1,34 @@ +# monitor-server-radius + +## Table of Contents + +- [Management](#management) + - [Management Interfaces](#management-interfaces) + +## Management + +### Management Interfaces + +#### Management Interfaces Summary + +##### IPv4 + +| Management Interface | Description | Type | VRF | IP Address | Gateway | +| -------------------- | ----------- | ---- | --- | ---------- | ------- | +| Management1 | OOB_MANAGEMENT | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 | + +##### IPv6 + +| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway | +| -------------------- | ----------- | ---- | --- | ------------ | ------------ | +| Management1 | OOB_MANAGEMENT | oob | MGMT | - | - | + +#### Management Interfaces Device Configuration + +```eos +! +interface Management1 + description OOB_MANAGEMENT + vrf MGMT + ip address 10.73.255.122/24 +``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-1.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-1.cfg new file mode 100644 index 00000000000..7bc1aa43eda --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-1.cfg @@ -0,0 +1,10 @@ +! +monitor server radius + service dot1x + probe interval 100 seconds + probe method access-request username arista password 7 141600021F102B +! +interface Management1 + description OOB_MANAGEMENT + vrf MGMT + ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-2.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-2.cfg new file mode 100644 index 00000000000..dbbb94a8b53 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-2.cfg @@ -0,0 +1,8 @@ +! +monitor server radius + probe method status-server +! +interface Management1 + description OOB_MANAGEMENT + vrf MGMT + ip address 10.73.255.122/24 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-1.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-1.yml new file mode 100644 index 00000000000..d63d7eb08fd --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-1.yml @@ -0,0 +1,10 @@ +--- +monitor_server_radius: + service_dot1x: true + probe: + interval: 100 + method: access-request + access_request: + username: arista + password: 141600021F102B + password_type: 7 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-2.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-2.yml new file mode 100644 index 00000000000..8591b26a0c7 --- /dev/null +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-2.yml @@ -0,0 +1,4 @@ +--- +monitor_server_radius: + probe: + method: status-server diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.ini b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.ini index 92bbbadf08c..0489178bfbe 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.ini +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/hosts.ini @@ -97,6 +97,8 @@ mlag-configuration monitor-layer1 monitor-connectivity monitor-connectivity-2 +monitor-server-radius-1 +monitor-server-radius-2 monitor-sessions monitor-session-default-encapsulation-gre monitor-telemetry-influx diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md new file mode 100644 index 00000000000..0a80e9974f3 --- /dev/null +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md @@ -0,0 +1,47 @@ + +=== "Table" + + | Variable | Type | Required | Default | Value Restrictions | Description | + | -------- | ---- | -------- | ------- | ------------------ | ----------- | + | [monitor_server_radius](## "monitor_server_radius") | Dictionary | | | | Settings to monitor radius servers. | + | [  service_dot1x](## "monitor_server_radius.service_dot1x") | Boolean | | | | Monitor servers used for 802.1X authentication. | + | [  probe](## "monitor_server_radius.probe") | Dictionary | | | | Settings for probe sent to the server. | + | [    interval](## "monitor_server_radius.probe.interval") | Integer | | | Min: 1
Max: 1000 | Server probe period in seconds. | + | [    method](## "monitor_server_radius.probe.method") | String | | | Valid Values:
- status-server
- access-request | Method used to probe the server. `status-server` is the EOS default method. | + | [    access_request](## "monitor_server_radius.probe.access_request") | Dictionary | | | | Use RADIUS Access-Request packets as probes. | + | [      username](## "monitor_server_radius.probe.access_request.username") | String | | | | Set the username to be used in the access-request packets. | + | [      password](## "monitor_server_radius.probe.access_request.password") | String | | | | Set the password to be used in the access-request packets. | + | [      password_type](## "monitor_server_radius.probe.access_request.password_type") | String | | `7` | Valid Values:
- 0
- 7
- 8a | | + +=== "YAML" + + ```yaml + # Settings to monitor radius servers. + monitor_server_radius: + + # Monitor servers used for 802.1X authentication. + service_dot1x: + + # Settings for probe sent to the server. + probe: + + # Server probe period in seconds. + interval: + + # Method used to probe the server. `status-server` is the EOS default method. + method: + + # Use RADIUS Access-Request packets as probes. + access_request: + + # Set the username to be used in the access-request packets. + username: + + # Set the password to be used in the access-request packets. + password: + password_type: + ``` diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos-intended-config.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos-intended-config.j2 index 083157239e1..081816342e6 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos-intended-config.j2 +++ b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos-intended-config.j2 @@ -86,6 +86,8 @@ {% include 'eos/match-list-input.j2' %} {# mcs client #} {% include 'eos/mcs-client.j2' %} +{# monitor server radius #} +{% include 'eos/monitor-server-radius.j2' %} {# platform - trident#} {% include 'eos/platform-trident.j2' %} {# IP NAT - Part 1#} diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 new file mode 100644 index 00000000000..4fde72c49fc --- /dev/null +++ b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 @@ -0,0 +1,26 @@ +{# + Copyright (c) 2023-2024 Arista Networks, Inc. + Use of this source code is governed by the Apache License 2.0 + that can be found in the LICENSE file. +#} +{# eos - monitor server radius #} +{% if monitor_server_radius is arista.avd.defined %} +! +monitor server radius +{% if monitor_server_radius.service_dot1x is arista.avd.defined(true) %} + service dot1x +{% endif %} +{% if monitor_server_radius.probe.interval is arista.avd.defined %} + probe interval {{ monitor_server_radius.probe.interval }} seconds +{% endif %} +{% if monitor_server_radius.probe.method is arista.avd.defined("status-server") %} + probe method status-server +{% elif monitor_server_radius.probe.method is arista.avd.defined("access-request") %} +{% set access_request = monitor_server_radius.probe.access_request %} +{% if access_request.username is arista.avd.defined + and access_request.password is arista.avd.defined + and access_request.password_type is arista.avd.defined %} + probe method access-request username {{ access_request.username }} password {{ access_request.password_type }} {{ access_request.password }} +{% endif %} +{% endif %} +{% endif %} diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml index 2a4b8346936..cecdcfec235 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml @@ -8048,6 +8048,50 @@ keys: type: bool description: Some platforms support only the `logging transceiver` command. `enabled` key configures this command. + monitor_server_radius: + type: dict + description: Settings to monitor radius servers. + keys: + service_dot1x: + type: bool + description: Monitor servers used for 802.1X authentication. + probe: + type: dict + description: Settings for probe sent to the server. + keys: + interval: + type: int + description: Server probe period in seconds. + convert_types: + - str + min: 1 + max: 1000 + method: + type: str + description: Method used to probe the server. `status-server` is the EOS + default method. + valid_values: + - status-server + - access-request + access_request: + type: dict + description: Use RADIUS Access-Request packets as probes. + keys: + username: + type: str + description: Set the username to be used in the access-request packets. + password: + type: str + description: Set the password to be used in the access-request packets. + password_type: + type: str + convert_types: + - int + valid_values: + - '0' + - '7' + - 8a + default: '7' monitor_session_default_encapsulation_gre: documentation_options: table: monitor-sessions diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml new file mode 100644 index 00000000000..37d1fcdc17c --- /dev/null +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml @@ -0,0 +1,48 @@ +# Copyright (c) 2023-2024 Arista Networks, Inc. +# Use of this source code is governed by the Apache License 2.0 +# that can be found in the LICENSE file. +# yaml-language-server: $schema=../../../_schema/avd_meta_schema.json +# Line above is used by RedHat's YAML Schema vscode extension +# Use Ctrl + Space to get suggestions for every field. Autocomplete will pop up after typing 2 letters. +type: dict +keys: + monitor_server_radius: + type: dict + description: Settings to monitor radius servers. + keys: + service_dot1x: + type: bool + description: Monitor servers used for 802.1X authentication. + probe: + type: dict + description: Settings for probe sent to the server. + keys: + interval: + type: int + description: Server probe period in seconds. + convert_types: + - str + min: 1 + max: 1000 + method: + type: str + description: Method used to probe the server. `status-server` is the EOS default method. + valid_values: + - "status-server" + - "access-request" + access_request: + type: dict + description: Use RADIUS Access-Request packets as probes. + keys: + username: + type: str + description: Set the username to be used in the access-request packets. + password: + type: str + description: Set the password to be used in the access-request packets. + password_type: + type: str + convert_types: + - int + valid_values: ["0", "7", "8a"] + default: "7" From 56a82ec9e8ed07a329b80f15f35caa8d58ab7824 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Tue, 15 Oct 2024 20:58:55 +0530 Subject: [PATCH 2/8] Remove description for username and password --- .../docs/tables/monitor-server-radius.md | 8 ++------ .../schema/eos_cli_config_gen.schema.yml | 2 -- .../schema_fragments/monitor_server_radius.schema.yml | 2 -- 3 files changed, 2 insertions(+), 10 deletions(-) diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md index 0a80e9974f3..a20777f3bf4 100644 --- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md @@ -13,8 +13,8 @@ | [    interval](## "monitor_server_radius.probe.interval") | Integer | | | Min: 1
Max: 1000 | Server probe period in seconds. | | [    method](## "monitor_server_radius.probe.method") | String | | | Valid Values:
- status-server
- access-request | Method used to probe the server. `status-server` is the EOS default method. | | [    access_request](## "monitor_server_radius.probe.access_request") | Dictionary | | | | Use RADIUS Access-Request packets as probes. | - | [      username](## "monitor_server_radius.probe.access_request.username") | String | | | | Set the username to be used in the access-request packets. | - | [      password](## "monitor_server_radius.probe.access_request.password") | String | | | | Set the password to be used in the access-request packets. | + | [      username](## "monitor_server_radius.probe.access_request.username") | String | | | | | + | [      password](## "monitor_server_radius.probe.access_request.password") | String | | | | | | [      password_type](## "monitor_server_radius.probe.access_request.password_type") | String | | `7` | Valid Values:
- 0
- 7
- 8a | | === "YAML" @@ -37,11 +37,7 @@ # Use RADIUS Access-Request packets as probes. access_request: - - # Set the username to be used in the access-request packets. username: - - # Set the password to be used in the access-request packets. password: password_type: ``` diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml index cecdcfec235..3a3361064d9 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml @@ -8079,10 +8079,8 @@ keys: keys: username: type: str - description: Set the username to be used in the access-request packets. password: type: str - description: Set the password to be used in the access-request packets. password_type: type: str convert_types: diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml index 37d1fcdc17c..6e451c9e4f9 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml @@ -36,10 +36,8 @@ keys: keys: username: type: str - description: Set the username to be used in the access-request packets. password: type: str - description: Set the password to be used in the access-request packets. password_type: type: str convert_types: From 90f14d35af86afb57d31799a49cb5822b011e665 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Tue, 15 Oct 2024 21:05:34 +0530 Subject: [PATCH 3/8] Adding threshold failure command --- .../intended/configs/monitor-server-radius-1.cfg | 1 + .../inventory/host_vars/monitor-server-radius-1.yml | 1 + .../docs/tables/monitor-server-radius.md | 4 ++++ .../j2templates/eos/monitor-server-radius.j2 | 3 +++ .../schema/eos_cli_config_gen.schema.yml | 8 ++++++++ .../schema_fragments/monitor_server_radius.schema.yml | 7 +++++++ 6 files changed, 24 insertions(+) diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-1.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-1.cfg index 7bc1aa43eda..5422a6cef32 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-1.cfg +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/monitor-server-radius-1.cfg @@ -2,6 +2,7 @@ monitor server radius service dot1x probe interval 100 seconds + probe threshold failure 100 probe method access-request username arista password 7 141600021F102B ! interface Management1 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-1.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-1.yml index d63d7eb08fd..f07c5da00b5 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-1.yml +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/monitor-server-radius-1.yml @@ -3,6 +3,7 @@ monitor_server_radius: service_dot1x: true probe: interval: 100 + threshold_failure: 100 method: access-request access_request: username: arista diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md index a20777f3bf4..d970e501041 100644 --- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md @@ -11,6 +11,7 @@ | [  service_dot1x](## "monitor_server_radius.service_dot1x") | Boolean | | | | Monitor servers used for 802.1X authentication. | | [  probe](## "monitor_server_radius.probe") | Dictionary | | | | Settings for probe sent to the server. | | [    interval](## "monitor_server_radius.probe.interval") | Integer | | | Min: 1
Max: 1000 | Server probe period in seconds. | + | [    threshold_failure](## "monitor_server_radius.probe.threshold_failure") | Integer | | | Min: 1
Max: 255 | Number of consecutive failed probes before a server is marked as dead | | [    method](## "monitor_server_radius.probe.method") | String | | | Valid Values:
- status-server
- access-request | Method used to probe the server. `status-server` is the EOS default method. | | [    access_request](## "monitor_server_radius.probe.access_request") | Dictionary | | | | Use RADIUS Access-Request packets as probes. | | [      username](## "monitor_server_radius.probe.access_request.username") | String | | | | | @@ -32,6 +33,9 @@ # Server probe period in seconds. interval: + # Number of consecutive failed probes before a server is marked as dead + threshold_failure: + # Method used to probe the server. `status-server` is the EOS default method. method: diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 index 4fde72c49fc..4b5f1a8a705 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 +++ b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 @@ -13,6 +13,9 @@ monitor server radius {% if monitor_server_radius.probe.interval is arista.avd.defined %} probe interval {{ monitor_server_radius.probe.interval }} seconds {% endif %} +{% if monitor_server_radius.probe.threshold_failure is arista.avd.defined %} + probe threshold failure {{ monitor_server_radius.probe.threshold_failure }} +{% endif %} {% if monitor_server_radius.probe.method is arista.avd.defined("status-server") %} probe method status-server {% elif monitor_server_radius.probe.method is arista.avd.defined("access-request") %} diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml index 3a3361064d9..a1f3cddc386 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml @@ -8066,6 +8066,14 @@ keys: - str min: 1 max: 1000 + threshold_failure: + type: int + description: Number of consecutive failed probes before a server is marked + as dead + convert_types: + - str + min: 1 + max: 255 method: type: str description: Method used to probe the server. `status-server` is the EOS diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml index 6e451c9e4f9..a84a2ca992d 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml @@ -24,6 +24,13 @@ keys: - str min: 1 max: 1000 + threshold_failure: + type: int + description: Number of consecutive failed probes before a server is marked as dead + convert_types: + - str + min: 1 + max: 255 method: type: str description: Method used to probe the server. `status-server` is the EOS default method. From 970170b1b483aabd29ac8d0c4378fc214dda2ed1 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Tue, 15 Oct 2024 21:18:48 +0530 Subject: [PATCH 4/8] Modify description for access_request key. --- .../docs/tables/monitor-server-radius.md | 8 ++++---- .../schema/eos_cli_config_gen.schema.yml | 4 ++-- .../schema_fragments/monitor_server_radius.schema.yml | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md index d970e501041..e3d7fecfc30 100644 --- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md @@ -11,9 +11,9 @@ | [  service_dot1x](## "monitor_server_radius.service_dot1x") | Boolean | | | | Monitor servers used for 802.1X authentication. | | [  probe](## "monitor_server_radius.probe") | Dictionary | | | | Settings for probe sent to the server. | | [    interval](## "monitor_server_radius.probe.interval") | Integer | | | Min: 1
Max: 1000 | Server probe period in seconds. | - | [    threshold_failure](## "monitor_server_radius.probe.threshold_failure") | Integer | | | Min: 1
Max: 255 | Number of consecutive failed probes before a server is marked as dead | + | [    threshold_failure](## "monitor_server_radius.probe.threshold_failure") | Integer | | | Min: 1
Max: 255 | Number of consecutive failed probes before a server is marked as dead. | | [    method](## "monitor_server_radius.probe.method") | String | | | Valid Values:
- status-server
- access-request | Method used to probe the server. `status-server` is the EOS default method. | - | [    access_request](## "monitor_server_radius.probe.access_request") | Dictionary | | | | Use RADIUS Access-Request packets as probes. | + | [    access_request](## "monitor_server_radius.probe.access_request") | Dictionary | | | | This can only be set when `method` is `access_request`. | | [      username](## "monitor_server_radius.probe.access_request.username") | String | | | | | | [      password](## "monitor_server_radius.probe.access_request.password") | String | | | | | | [      password_type](## "monitor_server_radius.probe.access_request.password_type") | String | | `7` | Valid Values:
- 0
- 7
- 8a | | @@ -33,13 +33,13 @@ # Server probe period in seconds. interval: - # Number of consecutive failed probes before a server is marked as dead + # Number of consecutive failed probes before a server is marked as dead. threshold_failure: # Method used to probe the server. `status-server` is the EOS default method. method: - # Use RADIUS Access-Request packets as probes. + # This can only be set when `method` is `access_request`. access_request: username: password: diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml index a1f3cddc386..140075be88b 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml @@ -8069,7 +8069,7 @@ keys: threshold_failure: type: int description: Number of consecutive failed probes before a server is marked - as dead + as dead. convert_types: - str min: 1 @@ -8083,7 +8083,7 @@ keys: - access-request access_request: type: dict - description: Use RADIUS Access-Request packets as probes. + description: This can only be set when `method` is `access_request`. keys: username: type: str diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml index a84a2ca992d..c2f834f9c9e 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml @@ -26,7 +26,7 @@ keys: max: 1000 threshold_failure: type: int - description: Number of consecutive failed probes before a server is marked as dead + description: Number of consecutive failed probes before a server is marked as dead. convert_types: - str min: 1 @@ -39,7 +39,7 @@ keys: - "access-request" access_request: type: dict - description: Use RADIUS Access-Request packets as probes. + description: This can only be set when `method` is `access_request`. keys: username: type: str From 0408f829b0bf2715343c0561ca5030516e7e042c Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Wed, 16 Oct 2024 06:11:55 +0000 Subject: [PATCH 5/8] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- .../schema/schema_fragments/monitor_server_radius.schema.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml index c2f834f9c9e..9c96e1a3b0e 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml @@ -39,7 +39,7 @@ keys: - "access-request" access_request: type: dict - description: This can only be set when `method` is `access_request`. + description: This can only be set when `method` is `access_request`. keys: username: type: str From a70287e1cac480aaf694238ac5714119c32977fd Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Wed, 16 Oct 2024 14:26:11 +0530 Subject: [PATCH 6/8] Add doc template --- .../devices/monitor-server-radius-1.md | 26 ++++++++++++++ .../devices/monitor-server-radius-2.md | 19 ++++++++++ .../docs/tables/monitor-server-radius.md | 8 ++--- .../documentation/monitor-server-radius.j2 | 36 +++++++++++++++++++ .../j2templates/eos-device-documentation.j2 | 2 ++ .../j2templates/eos/monitor-server-radius.j2 | 4 --- .../schema/eos_cli_config_gen.schema.yml | 2 ++ .../monitor_server_radius.schema.yml | 2 ++ 8 files changed, 91 insertions(+), 8 deletions(-) create mode 100644 python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md index cc913c8fcc8..5a973fdbfe3 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md @@ -4,6 +4,9 @@ - [Management](#management) - [Management Interfaces](#management-interfaces) +- [Monitor Server Radius Summary](#monitor-server-radius-summary) + - [Probe Settings](#probe-settings) + - [Monitor Server Radius Device Configuration](#monitor-server-radius-device-configuration) ## Management @@ -32,3 +35,26 @@ interface Management1 vrf MGMT ip address 10.73.255.122/24 ``` + +## Monitor Server Radius Summary + +Monitor servers are used for 802.1x authentication. + +### Probe Settings + +| Setting | Value | +| ------- | ----- | +| Probe interval | 100 | +| Threshold failure | 100 | +| Probe method | access-request | + +### Monitor Server Radius Device Configuration + +```eos +! +monitor server radius + service dot1x + probe interval 100 seconds + probe threshold failure 100 + probe method access-request username arista password 7 141600021F102B +``` diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md index 61284486cf5..abfe1143a20 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md @@ -4,6 +4,9 @@ - [Management](#management) - [Management Interfaces](#management-interfaces) +- [Monitor Server Radius Summary](#monitor-server-radius-summary) + - [Probe Settings](#probe-settings) + - [Monitor Server Radius Device Configuration](#monitor-server-radius-device-configuration) ## Management @@ -32,3 +35,19 @@ interface Management1 vrf MGMT ip address 10.73.255.122/24 ``` + +## Monitor Server Radius Summary + +### Probe Settings + +| Setting | Value | +| ------- | ----- | +| Probe method | status-server | + +### Monitor Server Radius Device Configuration + +```eos +! +monitor server radius + probe method status-server +``` diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md index e3d7fecfc30..26894d6d2e1 100644 --- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md +++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/monitor-server-radius.md @@ -14,8 +14,8 @@ | [    threshold_failure](## "monitor_server_radius.probe.threshold_failure") | Integer | | | Min: 1
Max: 255 | Number of consecutive failed probes before a server is marked as dead. | | [    method](## "monitor_server_radius.probe.method") | String | | | Valid Values:
- status-server
- access-request | Method used to probe the server. `status-server` is the EOS default method. | | [    access_request](## "monitor_server_radius.probe.access_request") | Dictionary | | | | This can only be set when `method` is `access_request`. | - | [      username](## "monitor_server_radius.probe.access_request.username") | String | | | | | - | [      password](## "monitor_server_radius.probe.access_request.password") | String | | | | | + | [      username](## "monitor_server_radius.probe.access_request.username") | String | Required | | | | + | [      password](## "monitor_server_radius.probe.access_request.password") | String | Required | | | | | [      password_type](## "monitor_server_radius.probe.access_request.password_type") | String | | `7` | Valid Values:
- 0
- 7
- 8a | | === "YAML" @@ -41,7 +41,7 @@ # This can only be set when `method` is `access_request`. access_request: - username: - password: + username: + password: password_type: ``` diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 new file mode 100644 index 00000000000..8f777637bac --- /dev/null +++ b/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 @@ -0,0 +1,36 @@ +{# + Copyright (c) 2023-2024 Arista Networks, Inc. + Use of this source code is governed by the Apache License 2.0 + that can be found in the LICENSE file. +#} +{# doc - monitor server radius #} +{% if monitor_server_radius is arista.avd.defined %} + +## Monitor Server Radius Summary +{% if monitor_server_radius.service_dot1x is arista.avd.defined(true) %} + +Monitor servers are used for 802.1x authentication. +{% endif %} +{% if monitor_server_radius.probe is arista.avd.defined %} + +### Probe Settings + +| Setting | Value | +| ------- | ----- | +{% if monitor_server_radius.probe.interval is arista.avd.defined %} +| Probe interval | {{ monitor_server_radius.probe.interval }} | +{% endif %} +{% if monitor_server_radius.probe.threshold_failure is arista.avd.defined %} +| Threshold failure | {{ monitor_server_radius.probe.threshold_failure }} | +{% endif %} +{% if monitor_server_radius.probe.method is arista.avd.defined %} +| Probe method | {{ monitor_server_radius.probe.method }} | +{% endif %} +{% endif %} + +### Monitor Server Radius Device Configuration + +```eos +{% include 'eos/monitor-server-radius.j2' %} +``` +{% endif %} diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos-device-documentation.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos-device-documentation.j2 index 467984203a9..44b3fdcd91d 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos-device-documentation.j2 +++ b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos-device-documentation.j2 @@ -121,6 +121,8 @@ {% include 'documentation/quality-of-service.j2' %} {# InfluxDB Telemetry #} {% include 'documentation/monitor-telemetry-influx.j2' %} +{# Monitor Server Radius #} +{% include 'documentation/monitor-server-radius.j2' %} {# Priority Flow Control #} {% include 'documentation/priority-flow-control.j2' %} {# STUN #} diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 index 4b5f1a8a705..3e084ec74b7 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 +++ b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/monitor-server-radius.j2 @@ -20,10 +20,6 @@ monitor server radius probe method status-server {% elif monitor_server_radius.probe.method is arista.avd.defined("access-request") %} {% set access_request = monitor_server_radius.probe.access_request %} -{% if access_request.username is arista.avd.defined - and access_request.password is arista.avd.defined - and access_request.password_type is arista.avd.defined %} probe method access-request username {{ access_request.username }} password {{ access_request.password_type }} {{ access_request.password }} -{% endif %} {% endif %} {% endif %} diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml index 140075be88b..6e8f7d87b15 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml @@ -8087,8 +8087,10 @@ keys: keys: username: type: str + required: true password: type: str + required: true password_type: type: str convert_types: diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml index 9c96e1a3b0e..8f4353fa793 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml +++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/monitor_server_radius.schema.yml @@ -43,8 +43,10 @@ keys: keys: username: type: str + required: true password: type: str + required: true password_type: type: str convert_types: From 88830fb6e182dddfd6d8b6714135e0d59ba3f640 Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Wed, 16 Oct 2024 14:34:41 +0530 Subject: [PATCH 7/8] Fix CI. --- .../j2templates/documentation/monitor-server-radius.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 index 8f777637bac..9112ed6343a 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 +++ b/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 @@ -31,6 +31,6 @@ Monitor servers are used for 802.1x authentication. ### Monitor Server Radius Device Configuration ```eos -{% include 'eos/monitor-server-radius.j2' %} +{% include 'eos/monitor-server-radius.j2' %} ``` {% endif %} From 6ef46b1374bf8d07b175c1660009325a713265dd Mon Sep 17 00:00:00 2001 From: Laxmikant Chintakindi Date: Wed, 16 Oct 2024 14:52:39 +0530 Subject: [PATCH 8/8] Update heading of table --- .../documentation/devices/monitor-server-radius-1.md | 4 ++-- .../documentation/devices/monitor-server-radius-2.md | 4 ++-- .../j2templates/documentation/monitor-server-radius.j2 | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md index 5a973fdbfe3..3fd1a31a54c 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-1.md @@ -5,7 +5,7 @@ - [Management](#management) - [Management Interfaces](#management-interfaces) - [Monitor Server Radius Summary](#monitor-server-radius-summary) - - [Probe Settings](#probe-settings) + - [Server Probe Settings](#server-probe-settings) - [Monitor Server Radius Device Configuration](#monitor-server-radius-device-configuration) ## Management @@ -40,7 +40,7 @@ interface Management1 Monitor servers are used for 802.1x authentication. -### Probe Settings +### Server Probe Settings | Setting | Value | | ------- | ----- | diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md index abfe1143a20..a07ed3b4dff 100644 --- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md +++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/monitor-server-radius-2.md @@ -5,7 +5,7 @@ - [Management](#management) - [Management Interfaces](#management-interfaces) - [Monitor Server Radius Summary](#monitor-server-radius-summary) - - [Probe Settings](#probe-settings) + - [Server Probe Settings](#server-probe-settings) - [Monitor Server Radius Device Configuration](#monitor-server-radius-device-configuration) ## Management @@ -38,7 +38,7 @@ interface Management1 ## Monitor Server Radius Summary -### Probe Settings +### Server Probe Settings | Setting | Value | | ------- | ----- | diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 index 9112ed6343a..0976cc84f5e 100644 --- a/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 +++ b/python-avd/pyavd/_eos_cli_config_gen/j2templates/documentation/monitor-server-radius.j2 @@ -13,7 +13,7 @@ Monitor servers are used for 802.1x authentication. {% endif %} {% if monitor_server_radius.probe is arista.avd.defined %} -### Probe Settings +### Server Probe Settings | Setting | Value | | ------- | ----- |