• ZTP basic setup guide

 
 
Print Friendly, PDF & Email

Introduction

This guide details how to use Zero Touch Provisioning (ZTP) on Arista switches.

Arista’s Zero Touch Provisioning is used to configure a switch without user intervention. Built to fully leverage the power of Arista’s Extensible Operating System (EOS), ZTP provides a flexible solution, provisioning the network infrastructure without requiring a network engineer present at install.

Compatibility:

  • ZTP is supported with EOS version 4.7.0 or later
  • Supported on Arista 7xxx Fixed Configuration switches
  • Supported on Arista 7500 platform with version 4.10.1 or later
  • From version 4.10.1 ZTP is supported in all Arista hardware with minimum version requirement.

Note: As of EOS 4.7.3 ZTP is not supported over a port-channel. A single connection from either the front panel interfaces or the management network port is recommended for ZTP.

ZTP is a simple hands-off approach to both initial set up and upgrading an existing network.  ZTP does not require entering into the switch CLI, speeds up and simplifies deployment, reduces the risk of human error, and can adapt to many deployment scenarios. It offers scripting extensibility for complex networks and flexible provisioning using standard tools.  Additionally the switch can be ZTP booted using a variety of identifiers, such as its MAC address, serial number, or LLDP neighbors.

ZTP Figure 1 Figure 1 shows an Arista switch ZTP process communicating with a DHCP Server and a File Server to obtain boot information. ZTP is automatically performed when an Arista switch don’t have a startup config, except in case of ZTP is cancelled or disabled in the boot. In ZTP mode, the switch:

  1. looks for a DHCP server to get an IP address and get a boot-file name via DHCP option 67
  2. downloads the boot-file
  3. executes the boot-file, which is a script that can be written in bash, Cli or Python

Notes:

  • The File and DHCP Servers can be installed on a single host
  • Files services examples: TFTP, FTP, HTTP
  • The script can ask for other files to download (for example an EOS image, pre-built config. etc.)

ZTP Deployment

ZTP deployment requires:

  1. a working DHCP Server with option 67 (boot file name) for Arista switches
  2. a working File Server to download script file
  3. a valid script file

The following config examples can be used as reference for a basic ZTP setup.

The network topology is described in figure 1. Both servers are Ubuntu Linux that uses free DHCP Server (ISC) and a free TFTP server (TFTPd). These servers were installed using the apt-get tool. Other Linux distributions like RedHat (you can use Yum in this case) , Debian, CentOS and many others can also be used. The Ubuntu references for the two servers can be found here:

https://help.ubuntu.com/community/isc-dhcp-server https://help.ubuntu.com/community/Installation/Netboot

Configuring DHCP Server

After successfully installed, the DHCP server should be properly configured with file option. In the ISC DHCP server dhcpd.conf file should be configured – here is an example:

option domain-name “ztp.arista.com;

default-lease-time 600;

max-lease-time 7200;

log-facility local7;

subnet 192.168.111.0 netmask 255.255.255.0 {

range 192.168.111.111 192.168.111.120;

}

host ztp-switch {

hardware ethernet 00:0c:29:33:67:2e;

fixed-address 192.168.111.11;

option bootfile-name “tftp://192.168.111.2/ztp-switch-script”;

}

For every change you make in DHCP server config file, you have to restart services using “sudo service isc-dhcp-server restart” command.

Configuring TFTP Server

After installing TFTPd server, a /etc/xinetd.d/tftp file is required to start. A working config example:

service tftp {

 disable = no

 socket_type = dgram

 wait = yes

 user = root

 server = /usr/sbin/in.tftpd

 server_args = -v -s /var/lib/tftpboot

 only_from = 192.168.111.0/24

 interface = 192.168.111.2

}

After creating a /etc/xinetd.d/tftp, tftpd services can be started using the “sudo killall -HUP xinetd” command.

Creating a script file in TFTP Server

The script file is written in bash, which offers configuration flexibility and is executed when the switch does not detect a startup-config.  It provides the switch with information on where to download the new startup-config and EOS image.

  • Scripting tools can be used to automatically generate the boot scripts on the server, taking all repetition out of the process (refer to below for a sample script file).

#!/usr/bin/Cli -p2

enable

copy tftp://192.168.111.2/ztp-switch-startup-config flash:startup-config

  • Access the script folder on the file server must be configured (in this example /var/lib/tftpboot).
  • The corresponding startup configuration files must also be created in the server file folder.
  • For each switch that is to ZTP boot there must be one script and startup-configuration file.

A sample startup-config file

Here is a startup config file sample.

hostname ZTP-Switch

!

interface Management1

 description ZTP_Mgmt_Interface

 ip address 192.168.111.3/24

!

end

ZTP Boot

Now that we have a working DHCP and File server, script and startup-config files, the switch can be automatically provisioned.

  • If the switch is being deployed for the first time, power it on, and ZTP will configure and load the image on the switch.
  • If an existing switch is being upgraded delete the startup-config on switch and enter reload now, (do not save any changes if prompted). The switch will reboot and download its new startup-config using ZTP.
  • In case ZTP was disabled in the past, remove zerotouch config file from the flash using “delete flash:zerotouch-config” command.

To view the output of ZTP during the boot process, connect to the console of the switch. The figure below show a ZTP initial message: ZTP Inicial display 1   The figure below show a successful DHCP lease, file transfer and script execution: ZTP Msg Display

ZTP in not only about configuration…

In addition to the above example, ZTP can do a lot more – for example, one can automatically upgrade the EOS image running on the switch. In order to do this, simply change our first script a little and add the desired EOS image in the File Server:

#!/usr/bin/Cli -p2

enable copy http://192.168.111.2/ztp-startup-config flash:startup-config

copy http://192.168.111.2/EOS.swi flash:EOS.swi

config

boot system flash:EOS.swi

Troubleshooting Tips

When a ZTP deployment is not working, the easiest way to troubleshoot is reading the Arista switch console messages. Here are some tips to help in the troubleshooting process

DHCP Server Troubleshooting

First, be sure you have at least one switch port correctly connected, then you’ll see the following message:

%ZTP-5-DHCP_QUERY: Sending DHCP request on [ <list of ports> ]

If DHCP process is not successful timeout messages are sent after one minute:

%ZTP-5-DHCP_QUERY_FAIL: Failed to get a valid DHCP response

In this case you should check:

  • Physical connectivity issues
  • DHCP lease process
  • DHCP bootfile-name option. Even in case of DHCP are leasing successfully IP address, if no boot file-name option is passed the IP lease will be rejected

File Server Troubleshooting

In case of successful DHCP process, the following message is displayed:

%ZTP-5-DHCP_SUCCESS: DHCP response received on <port> [ <DHCP parameters> ]

However, in script download issues, we’ll see the message below:

%ZTP-5-CONFIG_DOWNLOAD_FAIL: Failed to download the startup-config from <bootfile option>. Error: <type of error>

In this case, read the console log message carefully, looking for tips. For example, if error type is timeout, you should look at IP connectivity between switch and file server or if file server is working properly. Check if provided file server IP address is correct. If the message is about a missing filename, check if the file exists in the file server and is correctly placed in the right path. Also check if its name is matching configured boot file-name option.

Summary

ZTP is a key part of network deployment at large scale and is suited to a wide array of network topologies.  It can be extended to support the use of serial number, LLDP neighbors or other unique identifiers. With the use of scripting tools, the configuration file creation can be fully automated, leading to the elimination of repetitive tasks in network switch deployment and upgrading.  ZTP is a powerful new feature for the modern data center.

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: