arista.eos-system
System Role for EOS
The arista.eos-system role is designed to simplify global system configuration. You don't have to write any Ansible tasks yourself. Instead, just create an object that meets the requirements listed below, and this role will handle the rest.
This role allows you to configure IP Routing, hostname, and CLI users.
Installation
To install the role, run this command:
ansible-galaxy install arista.eos-system
Requirements
You need an SSH connection to your Arista device. You can use built-in EOS connection variables or the provider dictionary for convenience.
Role Variables
This role uses the following key variables: hostname, eos_ip_routing_enabled, and eos_users.
hostname
| Key | Type | Notes |
|---|---|---|
| hostname | string | The name to set as the hostname for the device. |
eos_ip_routing_enabled
| Key | Type | Notes |
|---|---|---|
| eos_ip_routing_enabled | boolean: true, false* | Enables or disables IPv4 routing on the switch. By default, switches have 'no ip routing'. |
eos_users (list)
Each entry should include the following keys:
| Key | Type | Notes |
|---|---|---|
| name | string (required) | The unique username. Usernames must follow specific format rules. Valid names can start with A-Z, a-z, or 0-9. |
| encryption | choices: md5, sha512 | The password encryption method. |
| secret | string | The hashed password that has been generated before. |
| nopassword | boolean: true, false* | If true, creates a user without a password. Cannot be used with secret and encryption. |
| role | string | The role assigned to the user. |
| privilege | int: 0-15 | Sets the user’s privilege level (0 to 15). Default is 1 if this key is omitted. |
| sshkey | string | The SSH key for the user, stored in /home/USER/.ssh/authorized_keys. |
| state | choices: present*, absent | Indicates if the CLI User should be created or removed. |
* Default value if none specified
Configuration Variables
| Key | Choices | Description |
|---|---|---|
| eos_save_running_config | true*, false | Determines if changes to the running-config should be saved to memory and startup-config. |
* Default value if none specified
Connection Variables
You need to provide the connection details for Ansible EOS roles to communicate with the devices. This may be set in group_vars, host_vars, or the playbook.
| Key | Required | Choices | Description |
|---|---|---|---|
| host | yes | The DNS name or IP address of the remote device. | |
| port | no | The port to connect to on the remote device. Defaults to common transport ports (cli=22, http=80, https=443). | |
| username | no | The username for authenticating the connection. Uses the environment variable ANSIBLE_NET_USERNAME if not specified. | |
| password | no | The password for authenticating the connection. Uses the environment variable ANSIBLE_NET_PASSWORD if not specified. | |
| ssh_keyfile | no | The SSH key file for authentication (for cli transport only). Uses the environment variable ANSIBLE_NET_SSH_KEYFILE if not specified. | |
| authorize | no | yes, no* | Indicates if privileged mode should be used before sending commands. Defaults to non-privileged mode. |
| auth_pass | no | The password for entering privileged mode, if necessary. Does nothing if authorize=no. | |
| transport | yes | cli*, eapi | The connection type (cli for SSH, eapi for API). |
| use_ssl | no | yes*, no | Specifies if SSL should be used with eapi transport. Ignored if transport=cli. |
| provider | no | Allows passing all connection arguments as a dictionary. |
* Default value if none specified
Ansible Variables
| Key | Choices | Description |
|---|---|---|
| no_log | true, false* | Prevents logging of module arguments and output during playbook execution. Defaults to true for tasks that manage EOS configuration. |
* Default value if none specified
Dependencies
This role is based on modules included in Ansible core, which were added in version 2.1.0.
- Requires Ansible 2.1.0 or later.
Example Playbook
Here's a simple example of using the arista.eos-system role to set up CLI users, IP routing, and hostname without writing any tasks.
Sample hosts file:
[leafs]
leaf1.example.com
Sample host_vars/leaf1.example.com file:
provider:
host: "{{ inventory_hostname }}"
username: admin
password: admin
use_ssl: no
authorize: yes
transport: cli
eos_users:
- name: superadmin
encryption: md5
secret: '$1$J0auuPhz$Pkr5NnHssW.Jqlk17Ylpk0'
privilege: 15
role: network-admin
- name: simplebob
nopassword: true
privilege: 0
role: network-operator
hostname: leaf1
eos_ip_routing_enabled: yes
Simple Playbook to Apply Configuration (leaf.yml):
- hosts: leafs
roles:
- arista.eos-system
Run the Playbook:
Execute the following command:
ansible-playbook -i hosts leaf.yml
Developer Information
Contributions are welcome! For development guidelines, please refer to Arista Roles for Ansible - Development Guidelines (test/arista-ansible-role-test/README) for more information, including how to test and develop role enhancements.
License
Copyright (c) 2015, Arista Networks EOS+ All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted under certain conditions.
Conditions apply regarding copyright notice, documentation, and endorsement of this software.
This software is provided "as is," without warranties. Liability for damages is not covered.
Author Information
If you have any issues, please use our GitHub repo or email us at ansible-dev@arista.com.
Role for managing EOS global system configuration
ansible-galaxy install arista.eos-system