Fix avd validation issues (#13)

* update_evpn_avd_asym_irb

* update_evpn_avd_asym_multihoming

* update_evpn_avd_asym_multihoming_remove_mlag_default

* update_evpn_avd_asym_multihoming_playbook

* update_evpn_avd_central_any_gw

* update_evpn_avd_sym_irb

* update_evpn_avd_sym_irb_ibgp

* update_evpn_avd_sym_sa_mh

* update_evpn_labs_makefile

* update_mpls_labs_evpn_irb

* update_mpls_labs_l2evpn

* fix playbook indent

* update README

Author: UchihaItachiSama

README.md

@@ -26,8 +26,8 @@
 
 This repository contains ansible playbooks which allow the user to quickly:
 
-1. Deploy cEOS-Lab Leaf Spine topology using [containerlab](https://containerlab.dev/).
-2. Configure the Leaf Spine Fabric using Arista Ansible [AVD](https://avd.sh/en/stable/)
+1. Deploy cEOS-Lab based Leaf Spine topology using [containerlab](https://containerlab.dev/).
+2. Configure the Leaf Spine Fabric using Arista Ansible [AVD](https://avd.arista.com/)
 
 The same AVD templates can also be used with vEOS-Lab and physical Lab switches with slight changes to lab files.
 
@@ -40,8 +40,8 @@ Clone the repository and ensure to have the required libraries and software inst
 #### AVD
 
 - Python 3.8 or above
-- `ansible-core` from 2.11.3 to 2.12.x
-- arista.avd ansible collection (3.0.0 or above)
+- Install `ansible-core` from 2.12.6 to 2.15.x excluding 2.13.0
+- [arista.avd](https://galaxy.ansible.com/ui/namespaces/arista/) ansible collection (3.0.0 or above)
 - containerlab (0.15 or above)
 - arista.avd requirements
 
@@ -51,7 +51,7 @@ Clone the repository and ensure to have the required libraries and software inst
 - Arista cEOS-Lab image (4.21.8M or above)
 - Alpine-host image (optional)
 
-For arista.avd installation please refer to the [official](https://avd.sh/en/stable/docs/installation/requirements.html) documenation.
+For arista.avd installation please refer to the [official](https://avd.arista.com/stable/docs/installation/collection-installation.html) documenation.
 
 For containerlab installation please refer to the [official](https://containerlab.dev/install/) documentation.
 
@@ -394,4 +394,5 @@ round-trip min/avg/max = 5.946/13.238/20.531 ms
 
 ## Upcoming
 
-CVX VxLAN Lab
+- CVX VxLAN Lab
+- Improved Wiki

ceos_lab_template/ceos.cfg.tpl

@@ -11,6 +11,9 @@ interface Management0
 {{ if .MgmtIPv4Address }}   ip address {{ .MgmtIPv4Address }}/{{ .MgmtIPv4PrefixLength }}{{end}}
 {{ if .MgmtIPv6Address }}   ipv6 address {{ .MgmtIPv6Address }}/{{ .MgmtIPv6PrefixLength }}{{end}}
 !
+{{ if .MgmtIPv4Gateway }}ip route vrf MGMT 0.0.0.0/0 {{ .MgmtIPv4Gateway }}{{end}}
+{{ if .MgmtIPv6Gateway }}ipv6 route vrf MGMT ::0/0 {{ .MgmtIPv6Gateway }}{{end}}
+!
 management security
    ssl profile eAPI
       cipher-list HIGH:!eNULL:!aNULL:!MD5:!ADH:!ANULL
@@ -23,4 +26,4 @@ management api http-commands
    vrf MGMT
       no shutdown
 !
-end
+end

labs/evpn/avd_asym_irb/Makefile

@@ -18,4 +18,4 @@ deploy: ## Complete AVD & cEOS-Lab Deployment
 destroy: ## Delete cEOS-Lab Deployment and AVD generated config and documentation
 	@echo -e "\n############### \e[1;30;42mWiping nodes and deleting AVD configuration\e[0m ###############\n"
 	@sudo containerlab destroy -t topology.yaml --cleanup
-	@rm -rf .topology.yml.bak config_backup/ snapshots/ reports/ documentation/ intended/
+	@rm -rf .topology.yaml.bak config_backup/ snapshots/ reports/ documentation/ intended/

labs/evpn/avd_asym_irb/group_vars/AVD_LAB.yaml

@@ -1,6 +1,6 @@
 ---
 local_users:
-  admin:
+  - name: admin
     privilege: 15
     role: network-admin
     sha512_password: "$6$7GTxsrRjnwheeKfR$zhJ8qycVjAJz41rf5JRSfWIzp93IL5WL7sMS/Taz1yfShz.MAnoajCf7R2n1/EZW7PN5QA3Huayl0lVQesBYN1"
@@ -18,34 +18,28 @@ ntp:
 
 service_routing_protocols_model: multi-agent
 
-spanning_tree:
+custom_structured_configuration_spanning_tree:
   mode: mstp
 
 ip_routing: true
 
 # hardcoding management0 for cEOS lab compatibility (default: Management1)
 mgmt_interface: Management0
 mgmt_gateway: 172.100.100.1
+mgmt_interface_vrf: MGMT
 
 # Management eAPI | Required for this Lab
 custom_structured_configuration_management_api_http:
   https_ssl_profile: eAPI
 
 # Management security required for SSL profile with strong ciphers
-#custom_structured_configuration_management_security:
-#  ssl_profiles:
-#    - name: eAPI
-#      certificate:
-#        file: eAPI.crt
-#        key: eAPI.key
-#      cipher_list: HIGH,!eNULL,!aNULL,!MD5,!ADH,!ANULL
-
-# cipher_list will be added in AVD rel 3.8.x till then using raw_eos_cli
-eos_cli: |
-  management security
-     ssl profile eAPI
-        cipher-list HIGH:!eNULL:!aNULL:!MD5:!ADH:!ANULL
-        certificate eAPI.crt key eAPI.key
+custom_structured_configuration_management_security:
+  ssl_profiles:
+    - name: eAPI
+      certificate:
+        file: eAPI.crt
+        key: eAPI.key
+      cipher_list: 'HIGH:!eNULL:!aNULL:!MD5:!ADH:!ANULL'
 
 # Management GNMI | Optional
 #management_api_gnmi:

labs/evpn/avd_asym_irb/group_vars/DC1_CONNECTED_ENDPOINTS.yaml

@@ -0,0 +1,78 @@
+---
+port_profiles:
+  - profile: Tenant_A_pod1_clientA
+    mode: trunk
+    vlans: '110'
+  - profile: Tenant_A_pod1_clientB
+    mode: trunk
+    vlans: '111'
+
+servers:
+  - name: server01
+    rack: rack01
+    adapters:
+      - endpoint_ports:
+          - Eth1
+          - Eth2
+        switch_ports:
+          - Ethernet5
+          - Ethernet5
+        switches:
+          - DC1_LEAF1A
+          - DC1_LEAF1B
+        profile: Tenant_A_pod1_clientA
+        spanning_tree_portfast: edge
+        port_channel:
+          description: PortChannel5
+          mode: active
+  - name: server02
+    rack: rack01
+    adapters:
+      - endpoint_ports:
+          - Eth1
+          - Eth2
+        switch_ports:
+          - Ethernet6
+          - Ethernet6
+        switches:
+          - DC1_LEAF1A
+          - DC1_LEAF1B
+        profile: Tenant_A_pod1_clientB
+        spanning_tree_portfast: edge
+        port_channel:
+          description: PortChannel6
+          mode: active
+  - name: server03
+    rack: rack02
+    adapters:
+      - endpoint_ports:
+          - Eth1
+          - Eth2
+        switch_ports:
+          - Ethernet5
+          - Ethernet5
+        switches:
+          - DC1_LEAF2A
+          - DC1_LEAF2B
+        profile: Tenant_A_pod1_clientA
+        spanning_tree_portfast: edge
+        port_channel:
+          description: PortChannel5
+          mode: active
+  - name: server04
+    rack: rack02
+    adapters:
+      - endpoint_ports:
+          - Eth1
+          - Eth2
+        switch_ports:
+          - Ethernet6
+          - Ethernet6
+        switches:
+          - DC1_LEAF2A
+          - DC1_LEAF2B
+        profile: Tenant_A_pod1_clientB
+        spanning_tree_portfast: edge
+        port_channel:
+          description: PortChannel6
+          mode: active

labs/evpn/avd_asym_irb/group_vars/DC1_FABRIC.yaml

@@ -1,47 +1,55 @@
 ---
 fabric_name: DC1_FABRIC
 
-underlay_routing_protocol: EBGP
+underlay_routing_protocol: ebgp
 
-overlay_routing_protocol: EBGP
+overlay_routing_protocol: ebgp
 
 evpn_vlan_aware_bundles: false
 
 # bgp peer groups passwords
 bgp_peer_groups:
-  IPv4_UNDERLAY_PEERS:
+  ipv4_underlay_peers:
     password: "AQQvKeimxJu+uGQ/yYvv9w=="
-  EVPN_OVERLAY_PEERS:
+  evpn_overlay_peers:
       password: "q+VNViP5i4rVjW1cxFv2wA=="
-  MLAG_IPv4_UNDERLAY_PEER:
+  mlag_ipv4_underlay_peer:
       password: "vnEaG8gMeQf3d3cN6PktXQ=="
 
+# BGP defaults
+bgp_default_ipv4_unicast: false
+bgp_update_wait_install: false
+bgp_update_wait_for_convergence: false
+bgp_distance:
+  external_routes: 20
+  internal_routes: 200
+  local_routes: 200
+
 spine:
   defaults:
     platform: cEOS-LAB
-    bgp_as: 65001
+    bgp_as: '65001'
     loopback_ipv4_pool: 192.168.255.0/24
-    bgp_defaults:
-        #- update wait-for-convergence
-        #- update wait-install
-        - no bgp default ipv4-unicast
-        - distance bgp 20 200 200
-        #- graceful-restart restart-time 300
-        #- graceful-restart
   nodes:
-    DC1_SPINE1:
+    - name: DC1_SPINE1
       id: 1
       mgmt_ip: 172.100.100.2/24
-    DC1_SPINE2:
+    - name: DC1_SPINE2
       id: 2
       mgmt_ip: 172.100.100.3/24
 
 l3leaf:
   defaults:
     platform: cEOS-LAB
-    uplink_switches: [DC1_SPINE1, DC1_SPINE2]
-    uplink_interfaces: [Ethernet1, Ethernet2]
-    mlag_interfaces: [Ethernet3, Ethernet4]
+    uplink_switches:
+      - DC1_SPINE1
+      - DC1_SPINE2
+    uplink_interfaces:
+      - Ethernet1
+      - Ethernet2
+    mlag_interfaces:
+      - Ethernet3
+      - Ethernet4
     spanning_tree_mode: mstp
     spanning_tree_priority: 4096
     evpn_services_l2_only: true
@@ -51,33 +59,35 @@ l3leaf:
     vtep_loopback_ipv4_pool: 192.168.254.0/24
     mlag_peer_ipv4_pool: 10.255.252.0/24
     mlag_peer_l3_ipv4_pool: 10.255.251.0/24
-    bgp_defaults:
-      #- update wait-install
-      - no bgp default ipv4-unicast
-      - distance bgp 20 200 200
-      #- graceful-restart restart-time 300
-      #- graceful-restart
   node_groups:
-    DC1_LEAF1:
-      bgp_as: 65101
+    - group: DC1_LEAF1
+      bgp_as: '65101'
       nodes:
-        DC1_LEAF1A:
+        - name: DC1_LEAF1A
           id: 1
           mgmt_ip: 172.100.100.4/24
-          uplink_switch_interfaces: [Ethernet1, Ethernet1]
-        DC1_LEAF1B:
+          uplink_switch_interfaces:
+            - Ethernet1
+            - Ethernet1
+        - name: DC1_LEAF1B
           id: 2
           mgmt_ip: 172.100.100.5/24
-          uplink_switch_interfaces: [Ethernet2, Ethernet2]
-    DC1_LEAF2:
-      bgp_as: 65102
+          uplink_switch_interfaces:
+            - Ethernet2
+            - Ethernet2
+    - group: DC1_LEAF2
+      bgp_as: '65102'
       nodes:
-        DC1_LEAF2A:
+        - name: DC1_LEAF2A
           id: 3
           mgmt_ip: 172.100.100.6/24
-          uplink_switch_interfaces: [Ethernet3, Ethernet3]
-        DC1_LEAF2B:
+          uplink_switch_interfaces:
+            - Ethernet3
+            - Ethernet3
+        - name: DC1_LEAF2B
           id: 4
           mgmt_ip: 172.100.100.7/24
-          uplink_switch_interfaces: [Ethernet4, Ethernet4]
+          uplink_switch_interfaces:
+            - Ethernet4
+            - Ethernet4
 

labs/evpn/avd_asym_irb/group_vars/DC1_LEAFS.yaml

@@ -1,11 +1,11 @@
 type: l3leaf
 custom_structured_configuration_list_merge: append
 custom_structured_configuration_vlan_interfaces:
-  Vlan110:
+  - name: Vlan110
     description: Tenant_A_OP_Zone_1
     shutdown: false
     ip_address_virtual: 10.1.10.1/24
-  Vlan111:
+  - name: Vlan111
     description: Tenant_A_OP_Zone_2
     shutdown: false
     ip_address_virtual: 10.1.11.1/24

…irb/group_vars/DC1_TENANTS_NETWORKS.yaml …irb/group_vars/DC1_NETWORK_SERVICES.yamllabs/evpn/avd_asym_irb/group_vars/DC1_TENANTS_NETWORKS.yaml renamed to labs/evpn/avd_asym_irb/group_vars/DC1_NETWORK_SERVICES.yaml labs/evpn/avd_asym_irb/group_vars/DC1_TENANTS_NETWORKS.yaml renamed to labs/evpn/avd_asym_irb/group_vars/DC1_NETWORK_SERVICES.yaml

@@ -1,12 +1,14 @@
 ---
 tenants:
   # Tenant A VRFs / VLANs
-  Tenant_A:
+  - name: Tenant_A
     mac_vrf_vni_base: 10000
     l2vlans:
-      110:
+      - id: 110
         name: Tenant_A_OP_Zone_1
-        tags: [ opzone_pod1 ]
-      111:
+        tags:
+          - opzone_pod1
+      - id: 111
         name: Tenant_A_OP_Zone_2
-        tags: [ opzone_pod1 ]
+        tags:
+          - opzone_pod1