Hey everyone, Do we need a special account privilege to download CVP for testing? I have a customer account, but the software download page doesn\’t have any links to CVp download and there is a message indicating that I might not have necessary privileges for downloads. Note: cEOS and vEOS are available for download Any hint? Thanks a lot!
CVP AAA TACACS+ authorization with Cisco ISE Introduction We saw last time how to correctly integrate Aruba ClearPass CPPM with CVP so TACACS+ users can authenticate with the correct network role. The purpose of this document is to show the same for Cisco ISE (successor of ACS) TACACS+. Our goal is to make Cisco ISE send us the cvp-roles=network-admin attribute in the Authorization reply packet. NOTE If you are running CVP versions 2018.2.0 and 2018.2.1 you might hit BUG 345723 due to which in tacacs-provider authorization we are not checking for TAC_PLUS_AUTHOR_STATUS_PASS_ADD flag. We can provide a binary patch...
Continue reading →
Intro Network simulation environments have always been limited to a single compute node, which made the labbing of a full-scale production network an exercise in compromise and trade-offs. At the same time compute resources are cheap and abundant and modern application designs are making use of them by adopting meshed scale-out architectures, treating multiple hosts as a single pool of resources. In this post, we’ll see how (with just a few clicks*) we can build a replica of a real production network, orchestrated by Kubernetes based on information extracted from Arista’s CloudVision Portal (CVP). * Assuming all the prerequisites are met
Introduction There are many advantages to using Arista’s vEOS Router and CloudVision Portal (CVP) in hybrid cloud environments. Among those advantages are: Arista EOS is a proven and stable network operating system used in some of the largest networks in the world. The same EOS that runs on our physical switches also runs in the public cloud. CloudVision Portal provides a common management model for network devices whether running in a customer’s private data center or in public cloud environments. CloudVision Portal provides turn-key automation and real-time telemetry across private and public cloud environments. One of the primary challenges to...
Continue reading →
ClearPass TACACS+ Authorization with CVP Introduction The purpose of this article is to learn how to correctly set up the TACACS+ service in Aruba ClearPass in order to successfully authenticate on the CVP GUI as a network admin. Our goal is to configure ClearPass Policy Manager [CPPM] to send us the cvp-roles=network-admin attribute in the TACACS+ Authorization reply packet. By default this does not happen, because cvp-roles is a custom attribute that has to be added to the TACACS+ dictionary on any type of TACACS+ implementation. Without this, the default role of network-operator will be allocated to the user, that...
Continue reading →
Hi, since CVP 2018.1 introduced the SSL/TLS certificate management to the web ui I wondered if there is also a supported way to change it via the cli on the system itself? I would like to automatically deploy and update the certificates with letsencrypt. Since the renewal happens every few weeks that would be better done via a cron job than by hand in the gui. I guess replacing the file on disk and then restarting nginx is not the best or supported way for our multinode cluster ;) What would you recommend to to besides buying a certificate with...
Continue reading →
What’s the best way of handling error conditions in a python configlet builder? My script takes data from a git repository to generate the configlet, the script validates the data before generating the configuration. If it’s invalid it will need to signal an error to CVP. What’s the best way to do this? I’m thinking I should raise and exception, however this simple test doesn’t seem to do the right thing:- <pre> from cvpServices import CvpErrorimport errorCodes CvpError(errorCodes.CONFIGLET_GENERATION_ERROR, ‘error an error occured’) </pre> Any suggestions?
Arista Cloudvision® Portal (CVP) provides a central point of management for Arista network switches through shared snippets of configuration (configlets) enabling Network Engineers to provision the network more consistently and efficiently. While CVP highlights a graphical user interface for configuration and management of devices, it also includes a full-featured RESTful API that provides all of the same functionality available via the GUI which can be used to automate workflows and integrate with other tools. CVPRAC is a wrapper client for CVP’s RESTful APIs which greatly simplifies usage of the API and more elegantly handles the connections to the CVP nodes....
Continue reading →
1. What are CVP APIs? Most CloudVision Portal (CVP) users are familiar with the web user interface (UI) that facilitates network provisioning, inventory management, tasks management, change control and so on. CVP application programming interfaces (APIs) offer an alternative means of realizing the same functionality. The key difference is that, with the CVP APIs, the functionality is realized over a programmatic interface (i.e typically by a piece of software communicating with another piece of software) rather than by a user navigating over a web page and clicking and/or typing. Figure 1 shows a simplified example of these two methods of...
Continue reading →
Great APIs accelerate development of new applications and integration with existing tools and services. Check out the sample CloudVision skill for Amazon Alexa that the EOS+ Consulting Services team put together one afternoon! Please share and use the comments to tell us about other integrations that you would find interesting and useful!
In some network environments there is a separation of responsibility for the network infrastructure and the server side equipment. In these environments, different groups responsible for managing different equipment could use different tools for the job. This guide will discuss one of the several options for integrating Arista’s network management tool, CloudVision Portal (CVP), into an Ansible environment. Summary In this example, the environment uses Ansible as the configuration management tool for server provisioning but uses CVP for network management. The environment is set up to allow the server team to provision top of rack switch ports for servers using...
Continue reading →
This guide will discuss one of several options for integrating Arista’s network management tool, CloudVision Portal (CVP), into an Ansible environment. Summary In data center environments where Ansible is used for configuration management of all devices including networking equipment, the network operations team may want to leverage the telemetry and Zero Touch Provisioning (ZTP) functionality provided by the CloudVision Portal product. In this example, CVP will be used for ZTP, image upgrades, and telemetry while Ansible will be used to manage the switch configuration directly. Documentation for setting up ZTP can be found in the CloudVision configuration guide. Implementation This...
Continue reading →
Documentation for the new major features is available in the CloudVision User Guide for release 2017.1.0. This TOI provide details for the minor features 2017.1.0 release. Major Features (Documented in CloudVision User Guide) Change Control Management Snapshots Network Rollback Minor Features Support for AAA managed enable password on switches Configlet Builder enhancements Configurable default ZTP Image Bundle on Undefined Container Comma separated multi-word searches are supported on Inventory and Task list pages Cron job support for scheduling compliance checks, snapshots, backups System Enhancements Scale, Performance and Infrastructure Support for AAA managed enable password on switches In releases before 2017.1.0, CVP...
Continue reading →
Hello, Is there a better way than compiling GIT client source if I want using it on CVP ? Do you provide a RPM / YUM package for that purpose ? I’d like to have CVP comiting code and/or getting them from our GIT repository. Thx in advance.
I am running CVP 2016.1.1 and I ran into a locking condition which prevent user from modifying the configlet builder once there’s a device attach to that builder generated configlet. My intention was to have a configlet builder script act as a questionaire during initial device deployment. The configlet builder is a combination of forms and Python script. The forms will have drop down options providing information for that device. For example, I created a drop down box name Regions. It contains values such as AMER, EMEA. Based on the region values, the Python script will map the respective static configlet(s) to...
Continue reading →
Hi, We have got CVP 2016.1.1 talking to Cisco TACACS+ with Authentication Tacacs Authorization Local and the “test” button works fine. We get to log in, but as a User (not admin). What tweaks do we need to make to uplift the users to Admin? With Authentication Tacacs Authorization Tacas CVP gives a RuntimeException. Thanks Andrew
Introduction The Quick Start Guide is intended to provide an introduction to Arista Networks switches, Extensible Operating System (EOS) and recently released CloudVision management. It is intended to help the reader quickly deploy Arista switches and leverage the power of automation by using CloudVision. The setup, installation and configuration from start to finish should not take more than a couple hours. Audience This guide is intended for the following audience: • End user getting familiar with CloudVision • End user getting familiar with Arista’s EOS CLI CloudVision – Network Automation Key CloudVision features include point and click interface to simplify bulk tasks,...
Continue reading →
