Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Config difference after adopting arista avd v5.0.0 #4899

Open
1 task done
duddis1 opened this issue Jan 20, 2025 · 1 comment
Open
1 task done

Config difference after adopting arista avd v5.0.0 #4899

duddis1 opened this issue Jan 20, 2025 · 1 comment
Labels
type: enhancement New feature or request

Comments

@duddis1
Copy link

duddis1 commented Jan 20, 2025

Enhancement summary

We have resolved all the errors, and the configuration has been generated successfully with Arista AVD v5.0.0. However, we still need to address the following differences in the configuration:

Difference 1: The output is populating "no enable password" in each config file, but we want it to populate as "enable password key". I am providing the following fields as input in the fabric defaults, but the config is still generating with "no enable password":

enable_password:
  key: XXXXX
  disabled: false
  hash_algorithm: sha51

Difference 2: You previously requested moving EAPOL to the structured_config section. However, if we move it there, it will be applied to all switches, but we need it specifically for campus switches. Therefore, we have populated this in port_profiles before.

custom_structured_configuration:
  dot1x:
    dynamic_authorization: true
    eapol:
      disabled: true

Can you please suggest if there is any alternative solution for this?

Difference 3: The Interface Type column is not populated for IPv4 and L2 interfaces. This is not causing any issues with the config but is showing as a difference in the .md file.

Which component of AVD is impacted

eos_cli_config_gen

Use case example

Difference 1: I passed the following structure in the input, but the config is generated with "no enable password":

enable_password:
  key: XXXXX
  disabled: false
  hash_algorithm: sha512

Difference 2: I placed the EAPOL flag at the platform level to populate it only on campus switches, but it is not allowing it at this level. If we place it in the fabric defaults, it gets populated for all switches, but we need it only for campus switches.

custom_structured_configuration:
  dot1x:
    dynamic_authorization: true
    eapol:
      disabled: true

Difference 3: The "Interface Type" field is not being populated in the .md file, but there is no difference for this in the config file.

Describe the solution you would like

Difference 1: The config should be generated with "enable password key" when we set disabled: false.

Difference 2: EAPOL should be available at the platform level or in the port profile; otherwise, it will be populated for all switches.

Difference 3: The "Interface Type" field should be populated as before in the .md files.

Describe alternatives you have considered

No response

Additional context

No response

Contributing Guide

  • I agree to follow this project's Code of Conduct
@duddis1 duddis1 added the type: enhancement New feature or request label Jan 20, 2025
@ClausHolbechArista
Copy link
Contributor

re 1:

custom_structured_configuration_enable_password:
  key: XXXXX
  disabled: false
  hash_algorithm: sha512

re 2:

# Guessing the node type here - adjust as needed
l2leaf:
  defaults:
    structured_config:
      dot1x:
        dynamic_authorization: true
        eapol:
          disabled: true

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ClausHolbechArista @duddis1