Merge branch 'devel' into wan-example

aristanetworks · Oct 1, 2024 · 72071e3 · 72071e3
2 parents fa63cd5 + 28051ac
commit 72071e3
Show file tree

Hide file tree

Showing 937 changed files with 13,681 additions and 8,024 deletions.
diff --git a/.github/workflows/pull-request-management.yml b/.github/workflows/pull-request-management.yml
@@ -459,7 +459,7 @@ jobs:
         # The version conflicts with our requirements,
         # so we let the galaxy-importer version resolve remaining requirements.
         run: |
-          pip install "galaxy-importer==0.4.22"
+          pip install "galaxy-importer==0.4.25"
       - name: 'Build ansible package'
         run: make collection-build
       - name: 'Run galaxy-importer checks'

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -75,7 +75,7 @@ repos:
 
   - repo: https://github.com/astral-sh/ruff-pre-commit
     # Ruff version.
-    rev: v0.6.7
+    rev: v0.6.8
     hooks:
       # Run the linter.
       - id: ruff
@@ -85,7 +85,7 @@ repos:
       - id: ruff-format
 
   - repo: https://github.com/pycqa/pylint
-    rev: "v3.3.0"
+    rev: "v3.3.1"
     hooks:
       - id: pylint # Use pylintrc file in repository
         name: Check for Linting errors on Python files outside the Ansible collection.
@@ -213,7 +213,7 @@ repos:
         additional_dependencies: ['Jinja2>=3.0.0', 'cryptography>=38.0.4', 'deepmerge>=1.1.0']
 
   - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: v0.41.0
+    rev: v0.42.0
     hooks:
       - id: markdownlint
         name: Check for Linting errors on Markdown files with settings defined in `.github/.markdownlint.yaml`.

diff --git a/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md b/ansible_collections/arista/avd/docs/porting-guides/5.x.x.md
@@ -391,6 +391,40 @@ The description can be reverted manually if needed:
 +vtep_loopback_description: "VTEP_VXLAN_Tunnel_Source"
 ```
 
+#### Underlay point-to-point L3 ethernet interfaces
+
+The interface description for the L3 point-to-point interfaces changes to `P2P_<peer>_<peer_interface>_VRF_<vrf>`. Previously the description was `P2P_LINK_TO_<peer | upper>_<peer_interface>_vrf_<vrf>`. The VRF suffix is only added when using `uplink_type: p2p-vrfs`.
+
+The interfaces using this are routed uplinks and `p2p_links` defined under `l3_edge` or `core_interfaces`.
+
+Setting the description directly on `p2p_links` defined under `l3_edge` or `core_interfaces` still takes precedence.
+
+The default descriptions can be reverted manually if needed:
+
+```diff
++default_underlay_p2p_ethernet_description: "P2P_LINK_TO_{peer!u}_{peer_interface}{vrf?<_vrf_}"
+```
+
+The description fields support templates. See the input variables documentation for available fields.
+
+#### Underlay point-to-point L3 port-channel interfaces
+
+The interface description for the L3 point-to-point port-channels changes to `P2P_<peer>_<peer_interface>`. Previously the default description was `P2P_LINK_TO_<peer>_<peer_interface>`.
+
+The port-channels using this are `p2p_links` defined under `l3_edge` or `core_interfaces`.
+
+Setting the description directly on `p2p_links` defined under `l3_edge` or `core_interfaces` still takes precedence.
+
+In AVD 5.0.0 it is also possible to control the port-channel description separately by setting the `description` key under `port_channel`. It will replace the full port-channel interface description.
+
+The default descriptions can be reverted manually if needed:
+
+```diff
++default_underlay_p2p_port_channel_description: "P2P_LINK_TO_{peer}_{peer_interface}"
+```
+
+The description fields support templates. See the input variables documentation for available fields.
+
 #### Out-of-band management interface
 
 The default interface description for the management interface changes to `OOB_MANAGEMENT`.
@@ -832,6 +866,42 @@ To retain the vxlan encapsulation on WAN EVPN iBGP peerings use `wan_encapsulati
 + wan_encapsulation: vxlan
 ```
 
+### PREVIEW WAN HA Direct Link now uses Port-Channel by default
+
+For WAN direct HA, AVD will now configure a port-channel by default. This feature was introduced in EOS 4.33.0F.
+
+To retain the previous configuration use custom_platform_settings use `use_port_channel_for_direct_ha: false` under `wan_ha`.
+
+```diff
+  wan_router:
+    node_groups:
+      - group: Site42
+        cv_pathfinder_region: AVD_Land_West
+        cv_pathfinder_site: Site42
+        wan_ha:
+          enabled: true
++         use_port_channel_for_direct_ha: false
+          ha_interfaces: [Ethernet52]
+          ha_ipv4_pool: 10.10.10.0/24
+```
+
+### Prevent redistributing the MLAG peer link subnets into BGP for all VRFs by default
+
+With AVD version 5.0.0 the subnet of VRF L3 peering VLANs between MLAG peers are no longer redistributed into BGP by default. Previously all connected routes were redistributed to BGP.
+
+To retain the previous behavior, set `redistribute_mlag_ibgp_peering_vrfs` to `true` per tenant or VRF:
+
+```diff
+tenants:
+  - name: Tenant_A
++   redistribute_mlag_ibgp_peering_vrfs: true
+    <...>
+    vrfs:
+      - name: Tenant_A_OP
++       redistribute_mlag_ibgp_peering_vrfs: true
+        <...>
+```
+
 ## Changes to role `arista.avd.eos_cli_config_gen`
 
 TODO: Level 3 sections for each change with details on how to migrate

diff --git a/ansible_collections/arista/avd/docs/release-notes/5.x.x.md b/ansible_collections/arista/avd/docs/release-notes/5.x.x.md
@@ -237,6 +237,21 @@ With AVD version 5.0.0 the default encapsulation used for EVPN iBGP peering betw
 
 See the [porting guide](../porting-guides/5.x.x.md#default-encapsulation-for-wan-evpn-ibgp-peerings-changed-to-path-selection) for details.
 
+#### PREVIEW WAN HA Direct Link now uses Port-Channel by default
+
+TODO: Keep PREVIEW changes at the end as we warn users that PREVIEW mean changes
+
+For WAN direct HA, AVD will now configure a port-channel by default.
+This feature was introduced recently in EOS and may not be supported on your version.
+
+See the [porting guide](../porting-guides/5.x.x.md#preview-wan-ha-direct-link-now-uses-port-channel-by-default) for details.
+
+### Prevent redistributing the MLAG peer link subnets into BGP for all VRFs by default
+
+Starting AVD 5.0.0, default value of `redistribute_mlag_ibgp_peering_vrfs` changed to `false`.
+
+See the [porting guide](../porting-guides/5.x.x.md#prevent-redistributing-the-mlag-peer-link-subnets-into-bgp-for-all-vrfs-by-default)
+
 ### Other breaking or behavioral changes
 
 Breaking changes may require modifications to the inventory or playbook. See the [Porting guide for AVD 5.x.x](../porting-guides/5.x.x.md)

diff --git a/...e_collections/arista/avd/examples/campus-fabric/documentation/devices/SPINE1.md b/...e_collections/arista/avd/examples/campus-fabric/documentation/devices/SPINE1.md
@@ -324,7 +324,7 @@ vlan 4094
 
 | Interface | Description | Channel Group | IP Address | VRF |  MTU | Shutdown | ACL In | ACL Out |
 | --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- |
-| Ethernet52/1 | P2P_LINK_TO_WAN_Ethernet1/1 | - | 10.0.0.3/31 | default | 1500 | False | - | - |
+| Ethernet52/1 | P2P_WAN_Ethernet1/1 | - | 10.0.0.3/31 | default | 1500 | False | - | - |
 
 #### Ethernet Interfaces Device Configuration
 
@@ -351,7 +351,7 @@ interface Ethernet51/1
    channel-group 501 mode active
 !
 interface Ethernet52/1
-   description P2P_LINK_TO_WAN_Ethernet1/1
+   description P2P_WAN_Ethernet1/1
    no shutdown
    mtu 1500
    no switchport

diff --git a/...e_collections/arista/avd/examples/campus-fabric/documentation/devices/SPINE2.md b/...e_collections/arista/avd/examples/campus-fabric/documentation/devices/SPINE2.md
@@ -324,7 +324,7 @@ vlan 4094
 
 | Interface | Description | Channel Group | IP Address | VRF |  MTU | Shutdown | ACL In | ACL Out |
 | --------- | ----------- | ------------- | ---------- | ----| ---- | -------- | ------ | ------- |
-| Ethernet52/1 | P2P_LINK_TO_WAN_Ethernet1/1 | - | 10.0.0.5/31 | default | 1500 | False | - | - |
+| Ethernet52/1 | P2P_WAN_Ethernet1/1 | - | 10.0.0.5/31 | default | 1500 | False | - | - |
 
 #### Ethernet Interfaces Device Configuration
 
@@ -351,7 +351,7 @@ interface Ethernet51/1
    channel-group 501 mode active
 !
 interface Ethernet52/1
-   description P2P_LINK_TO_WAN_Ethernet1/1
+   description P2P_WAN_Ethernet1/1
    no shutdown
    mtu 1500
    no switchport

diff --git a/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF1A.cfg b/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF1A.cfg
@@ -4,13 +4,6 @@ no aaa root
 !
 username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/.
 !
-management api http-commands
-   protocol https
-   no shutdown
-   !
-   vrf MGMT
-      no shutdown
-!
 vlan internal order ascending range 1006 1199
 !
 transceiver qsfp default-mode 4x10G
@@ -43,6 +36,13 @@ vlan 4094
 !
 vrf instance MGMT
 !
+management api http-commands
+   protocol https
+   no shutdown
+   !
+   vrf MGMT
+      no shutdown
+!
 aaa authorization exec default local
 !
 interface Port-Channel51

diff --git a/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF1B.cfg b/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF1B.cfg
@@ -4,13 +4,6 @@ no aaa root
 !
 username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/.
 !
-management api http-commands
-   protocol https
-   no shutdown
-   !
-   vrf MGMT
-      no shutdown
-!
 vlan internal order ascending range 1006 1199
 !
 transceiver qsfp default-mode 4x10G
@@ -43,6 +36,13 @@ vlan 4094
 !
 vrf instance MGMT
 !
+management api http-commands
+   protocol https
+   no shutdown
+   !
+   vrf MGMT
+      no shutdown
+!
 aaa authorization exec default local
 !
 interface Port-Channel51

diff --git a/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF2A.cfg b/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF2A.cfg
@@ -4,13 +4,6 @@ no aaa root
 !
 username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/.
 !
-management api http-commands
-   protocol https
-   no shutdown
-   !
-   vrf MGMT
-      no shutdown
-!
 vlan internal order ascending range 1006 1199
 !
 transceiver qsfp default-mode 4x10G
@@ -38,6 +31,13 @@ vlan 230
 !
 vrf instance MGMT
 !
+management api http-commands
+   protocol https
+   no shutdown
+   !
+   vrf MGMT
+      no shutdown
+!
 aaa authorization exec default local
 !
 interface Port-Channel11

diff --git a/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF3A.cfg b/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF3A.cfg
@@ -4,13 +4,6 @@ no aaa root
 !
 username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/.
 !
-management api http-commands
-   protocol https
-   no shutdown
-   !
-   vrf MGMT
-      no shutdown
-!
 vlan internal order ascending range 1006 1199
 !
 transceiver qsfp default-mode 4x10G
@@ -43,6 +36,13 @@ vlan 4094
 !
 vrf instance MGMT
 !
+management api http-commands
+   protocol https
+   no shutdown
+   !
+   vrf MGMT
+      no shutdown
+!
 aaa authorization exec default local
 !
 interface Port-Channel971

diff --git a/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF3B.cfg b/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF3B.cfg
@@ -4,13 +4,6 @@ no aaa root
 !
 username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/.
 !
-management api http-commands
-   protocol https
-   no shutdown
-   !
-   vrf MGMT
-      no shutdown
-!
 vlan internal order ascending range 1006 1199
 !
 transceiver qsfp default-mode 4x10G
@@ -43,6 +36,13 @@ vlan 4094
 !
 vrf instance MGMT
 !
+management api http-commands
+   protocol https
+   no shutdown
+   !
+   vrf MGMT
+      no shutdown
+!
 aaa authorization exec default local
 !
 interface Port-Channel971

diff --git a/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF3C.cfg b/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF3C.cfg
@@ -4,13 +4,6 @@ no aaa root
 !
 username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/.
 !
-management api http-commands
-   protocol https
-   no shutdown
-   !
-   vrf MGMT
-      no shutdown
-!
 vlan internal order ascending range 1006 1199
 !
 transceiver qsfp default-mode 4x10G
@@ -38,6 +31,13 @@ vlan 330
 !
 vrf instance MGMT
 !
+management api http-commands
+   protocol https
+   no shutdown
+   !
+   vrf MGMT
+      no shutdown
+!
 aaa authorization exec default local
 !
 interface Port-Channel971

diff --git a/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF3D.cfg b/ansible_collections/arista/avd/examples/campus-fabric/intended/configs/LEAF3D.cfg
@@ -4,13 +4,6 @@ no aaa root
 !
 username admin privilege 15 role network-admin secret sha512 $6$eucN5ngreuExDgwS$xnD7T8jO..GBDX0DUlp.hn.W7yW94xTjSanqgaQGBzPIhDAsyAl9N4oScHvOMvf07uVBFI4mKMxwdVEUVKgY/.
 !
-management api http-commands
-   protocol https
-   no shutdown
-   !
-   vrf MGMT
-      no shutdown
-!
 vlan internal order ascending range 1006 1199
 !
 transceiver qsfp default-mode 4x10G
@@ -38,6 +31,13 @@ vlan 330
 !
 vrf instance MGMT
 !
+management api http-commands
+   protocol https
+   no shutdown
+   !
+   vrf MGMT
+      no shutdown
+!
 aaa authorization exec default local
 !
 interface Port-Channel971