Porting Guide for Ansible AVD 6.x.x¶
Major releases of AVD can contain breaking changes. This porting guide addresses how to update your inventory and playbooks to be compatible with new default behaviors and changed data models when upgrading from AVD 5.x versions.
Note
To upgrade from AVD version 4.x, first upgrade to AVD 5.7 using the Porting Guide for Ansible AVD 5.x.x and then upgrade to 6.x with this guide.
Users of eos_designs need to consider the changes in eos_cli_config_gen when using structured configuration.
Common changes¶
// TODO: potentially remove if empty
Removal of Ansible tags from AVD roles¶
// TODO: potentially remove if empty
Removal of Ansible components¶
// TODO: complete table
The following Ansible components have been removed from the arista.avd Ansible collection in version 6.0.0.
| Component type | Name | Replacement |
|---|---|---|
| Filter | arista.avd.xxx |
|
| Action plugin/Module | arista.avd.xxx |
|
| Role | arista.avd.dhcp_provisioner |
The role is not compatible with modern DHCP servers and should not be used for production. The arista.avd.dhcp_provisioner role is released as open source, so it can be copied and reused according to the license and copyright. |
Changes to role arista.avd.eos_designs¶
Removal of deprecated eos_designs data models¶
The following data model keys have been removed from eos_designs in AVD 6.0.0.
| Removed key | New key |
|---|---|
aaa_settings.accounting.exec.console.group |
aaa_settings.accounting.exec.console.methods[].group |
aaa_settings.accounting.exec.console.logging |
aaa_settings.accounting.exec.console.methods[].method |
aaa_settings.accounting.exec.default.group |
aaa_settings.accounting.exec.default.methods[].group |
aaa_settings.accounting.exec.default.logging |
aaa_settings.accounting.exec.default.methods[].method |
aaa_settings.accounting.system.default.group |
aaa_settings.accounting.system.default.methods[].group |
aaa_settings.accounting.dot1x.default.group |
aaa_settings.accounting.dot1x.default.methods[].group |
aaa_settings.accounting.commands[].console[].group |
aaa_settings.accounting.commands[].console[].methods[].group |
aaa_settings.accounting.commands[].console[].logging |
aaa_settings.accounting.commands[].console[].methods[].method |
aaa_settings.accounting.commands[].default[].group |
aaa_settings.accounting.commands[].default[].methods[].group |
aaa_settings.accounting.commands[].default[].logging |
aaa_settings.accounting.commands[].default[].methods[].method |
avd_6_behaviors |
- |
core_interfaces.p2p_links[].underlay_multicast |
core_interfaces.p2p_links.multicast_pim_sm |
core_interfaces.p2p_links_profiles[].underlay_multicast |
core_interfaces.p2p_links_profiles.multicast_pim_sm |
design |
- |
flow_tracking_settings.trackers.exporters.collector |
flow_tracking_settings.trackers.exporters.collectors |
l3_edge.p2p_links[].underlay_multicast |
l3_edge.p2p_links.multicast_pim_sm |
l3_edge.p2p_links_profiles[].underlay_multicast |
l3_edge.p2p_links_profiles.multicast_pim_sm |
name_servers |
dns_settings.servers |
<network_services_key>[].vrfs[].ipv6_static_routes[].destination_address_prefix |
<network_services_key>[].vrfs[].ipv6_static_routes[].prefix |
<network_services_key>[].vrfs[].ipv6_static_routes[].gateway |
<network_services_key>[].vrfs[].ipv6_static_routes[].next_hop |
<network_services_key>[].vrfs[].static_routes[].destination_address_prefix |
<network_services_key>[].vrfs[].static_routes[].prefix |
<network_services_key>[].vrfs[].static_routes[].gateway |
<network_services_key>[].vrfs[].static_routes[].next_hop |
node_type_keys[].interface_descriptions.overlay_loopback_interface |
node_type_keys[].interface_descriptions.router_id_loopback_interface |
overlay_loopback_description |
router_id_loopback_description |
snmp_settings.enable_inband_mgmt_vrf |
snmp_settings.vrfs[name="use_inband_mgmt_vrf"].enabled |
snmp_settings.enable_mgmt_interface_vrf |
snmp_settings.vrfs[name="use_mgmt_interface_vrf"].enabled |
snmp_settings.hosts[].use_inband_mgmt_vrf |
snmp_settings.hosts[vrf=use_inband_mgmt_vrf] |
snmp_settings.hosts[].use_mgmt_interface_vrf |
snmp_settings.hosts[vrf=use_mgmt_interface_vrf] |
snmp_settings.ipv4_acls |
snmp_settings.vrfs[].ipv4_acl |
snmp_settings.ipv6_acls |
snmp_settings.vrfs[].ipv6_acl |
source_interfaces.domain_lookup |
dns_settings |
source_interfaces.radius |
aaa_settings.radius.vrfs[].source_interface or aaa_settings.radius.servers[].vrf: use_mgmt_interface_vrf or aaa_settings.radius.servers[].vrf: use_inband_mgmt_vrf |
source_interfaces.snmp |
snmp_settings.vrfs[].source_interface or snmp_settings.hosts[].vrf: use_mgmt_interface_vrf or snmp_settings.hosts[].vrf: use_inband_mgmt_vrf or avd_6_behaviors.snmp_settings_vrfs |
source_interfaces.tacacs |
aaa_settings.tacacs.vrfs[].source_interface or aaa_settings.tacacs.servers[].vrf: use_mgmt_interface_vrf or aaa_settings.tacacs.servers[].vrf: use_inband_mgmt_vrf |
underlay_mutlticast |
underlay_mutlticast_pim_sm or <node_type_key>.defaults.underlay_multicast.pim_sm.enabled or <node_type_key>.node_groups[].underlay_multicast.pim_sm.enabled or <node_type_key>.node_groups[].nodes[].underlay_multicast.pim_sm.enabled or <node_type_key>.nodes[].underlay_multicast.pim_sm.enabled |
underlay_ospf_authentication.message_digest_keys[].key |
underlay_ospf_authentication.message_digest_keys[].cleartext_key |
OSPF Graceful Restart is now enable by default in the underlay¶
In AVD 5.x, the default value of underlay_ospf_graceful_restart was false.
Starting with AVD 6.0.0, the default value of underlay_ospf_graceful_restart has been changed to true.
To retain the previous behavior, the following change is required:
Change of default behavior for PIM-SM multicast for core_interfaces.p2p_links and l3_edge.p2p_links¶
In AVD 5.X.X, enabling PIM-SM on a core_interface or l3_edge link required all of the following settings:
underlay_multicast: trueat the global levelunderlay_multicast: trueandinclude_in_underlay_protocol: trueat the link or profile level
As of AVD 6.0.0, the global underlay_mutlicast is replaced with node setting underlay_multicast.pim_sm.enabled or global underlay_mutlicast_pim_sm.
Additionally, the underlay_multicast key has been replaced by multicast_pim_sm for both core_interfaces.p2p_links[] and l3_edge.p2p_links[].
The breaking change in default behavior is for l3_edge and core_interfaces P2P links. PIM-SM is now automatically configured on links when include_in_underlay_protocol: true, provided that PIM-SM is already enabled globally (either through node settings or the global key).
To retain the previous behavior, the following change is required:
- underlay_multicast: true
# # The next line enables globally
+ underlay_mutlicast_pim_sm: true
l3leafs:
[...]
nodes:
- name: MULTICAST_LEAF
+ # Alternatively, PIM-SM can be enabled at the node setting level
+ underlay_multicast:
+ pim_sm:
+ enabled: true
# The same applies for l3_edge
core_interfaces:
p2p_links:
- nodes: [MULTICAST_LEAF, MULTICAST_PEER]
[...]
include_in_underlay_protocol: true
+ # previously `underlay_multicast` had a default of `false`
+ multicast_pim_sm: false
Tip
To avoid editing every single p2p_links, it is possible to leverage p2p_links_profiles.
SNMP snmp-server IPv4 and IPv6 ACLs are now only configured when the VRF is enabled under snmp_settings.vrfs¶
In AVD 5.x, SNMP snmp-server IPv4 and IPv6 ACLs were rendered even when the VRF was not enabled under snmp_settings.vrfs.
Starting AVD 6.0.0, it is required to set enable: true under the VRF in order to render IPV4 and IPV6 ACLs or use custom_structured_config.
Custom keys starting without _ in structured config are no longer supported¶
In AVD 5.x, custom keys starting with or without _ were accepted in structured config.
Starting AVD 6.0.0, only custom keys that begin with _ are accepted in structured config.
l3leaf:
nodes:
- name: host1
id: 101
bgp_as: 101
structured_config:
- custom_key: [ custom_value ]
+ _custom_key: [ custom_value ]
vrfs[].ospf.process_id and underlay_ospf_process_id must have different values for all VRFs other than default¶
In AVD 5.x, it was possible to configure the same value for vrfs[].ospf.process_id and underlay_ospf_process_id for any VRF which was leading to potentially overwritten configuration.
Starting AVD 6.0.0, setting the same value for vrfs[].ospf.process_id and underlay_ospf_process_id is not allowed for any VRF other than default vrf.
An error is raised if any VRF have the same ospf.process_id as underlay_ospf_process_id.
Removal of design.type¶
In AVD 5.x, the variable design.type was used to select between different variants of default values for node_type_keys.
As of AVD 6.x, the design.type variable has been removed. The default values of node_type_keys combine all the default node type from all designs.
Required keys for eos_designs data models¶
Starting AVD 6.0.0, the following data model keys have been made required in eos_designs.
| Required keys |
|---|
aaa_settings.accounting.exec.default.type |
aaa_settings.accounting.system.default.type |
aaa_settings.accounting.dot1x.default.type |
aaa_settings.accounting.commands.console[].type |
aaa_settings.accounting.commands.default[].type |
Changes to role arista.avd.eos_cli_config_gen¶
Removal of deprecated eos_cli_config_gen data models¶
The following data model keys have been removed from eos_cli_config_gen in AVD 6.0.0.
| Removed key | New key |
|---|---|
vxlan_interface.Vxlan1 |
vxlan_interface.vxlan1 |
aaa_accounting.exec.console.group |
aaa_accounting.exec.console.methods[].group |
aaa_accounting.exec.console.logging |
aaa_accounting.exec.console.methods[].method |
aaa_accounting.exec.default.group |
aaa_accounting.exec.default.methods[].group |
aaa_accounting.exec.default.logging |
aaa_accounting.exec.default.methods[].method |
aaa_accounting.system.default.group |
aaa_accounting.system.default.methods[].group |
aaa_accounting.dot1x.default.group |
aaa_accounting.dot1x.default.methods[].group |
aaa_accounting.commands[].console[].group |
aaa_accounting.commands[].console[].methods[].group |
aaa_accounting.commands[].console[].logging |
aaa_accounting.commands[].console[].methods[].method |
aaa_accounting.commands[].default[].group |
aaa_accounting.commands[].default[].methods[].group |
aaa_accounting.commands[].default[].logging |
aaa_accounting.commands[].default[].methods[].method |
community_lists |
ip_community_lists |
ethernet_interfaces[].vlans |
ethernet_interfaces[].switchport.access_vlan or switchport.trunk.allowed_vlan |
ethernet_interfaces[].native_vlan |
ethernet_interfaces[].switchport.trunk.native_vlan |
ethernet_interfaces[].native_vlan_tag |
ethernet_interfaces[].switchport.trunk.native_vlan_tag |
ethernet_interfaces[].mode |
ethernet_interfaces[].switchport.mode |
ethernet_interfaces[].phone |
ethernet_interfaces[].switchport.phone |
ethernet_interfaces[].trunk_groups |
ethernet_interfaces[].switchport.trunk.groups |
ethernet_interfaces[].type |
- |
ethernet_interfaces[].encapsulation_dot1q_vlan |
ethernet_interfaces[].encapsulation_dot1q.vlan |
ethernet_interfaces[].encapsulation_vlan.client.dot1q |
ethernet_interfaces[].encapsulation_vlan.client.encapsulation |
ethernet_interfaces[].encapsulation_vlan.client.unmatched |
ethernet_interfaces[].encapsulation_vlan.client.encapsulation |
ethernet_interfaces[].encapsulation_vlan.network.dot1q |
ethernet_interfaces[].encapsulation_vlan.network.encapsulation |
ethernet_interfaces[].encapsulation_vlan.network.client |
ethernet_interfaces[].encapsulation_vlan.network.encapsulation |
ethernet_interfaces[].tcp_mss_ceiling.ipv4_segment_size |
ethernet_interfaces[].tcp_mss_ceiling.ipv4 |
ethernet_interfaces[].tcp_mss_ceiling.ipv6_segment_size |
ethernet_interfaces[].tcp_mss_ceiling.ipv6 |
ethernet_interfaces[].isis_authentication_mode |
ethernet_interfaces[].isis_authentication.both.mode or ethernet_interfaces[].isis_authentication.level_1.mode or ethernet_interfaces[].isis_authentication.level_2.mode |
ethernet_interfaces[].isis_authentication_key |
ethernet_interfaces[].isis_authentication.both.key or ethernet_interfaces[].isis_authentication.level_1.key or ethernet_interfaces[].isis_authentication.level_2.key |
ethernet_interfaces[].trunk_private_vlan_secondary |
ethernet_interfaces[].switchport.trunk.private_vlan_secondary |
ethernet_interfaces[].pvlan_mapping |
ethernet_interfaces[].switchport.pvlan_mapping |
ethernet_interfaces[].vlan_translations |
ethernet_interfaces[].switchport.vlan_translations |
ethernet_interfaces[].vrrp_ids[].ipv6.address |
ethernet_interfaces[].vrrp_ids[].ipv6.addresses |
ethernet_interfaces[].traffic_engineering.srlg |
ethernet_interfaces[].traffic_engineering.srlgs |
flow_tracking.trackers[].exporters[].collector |
flow_tracking.trackers[].exporters[].collectors |
generate_default_config |
- |
generate_device_documentation |
eos_cli_config_gen_documentation.enable |
ip_name_server_groups[].ip_domain_list |
ip_name_server_groups[].ip_domain_lists |
ipv6_static_routes[].destination_address_prefix |
ipv6_static_routes[].prefix |
ipv6_static_routes[].gateway |
ipv6_static_routes[].next_hop |
local_users |
aaa_settings.local_users |
management_api_models.providers |
management_api_models.provider |
management_ssh.access_groups |
management_ssh.ip_access_group_in or management_ssh.vrfs.ip_access_group_in |
management_ssh.ipv6_access_groups |
management_ssh.ipv6_access_group_in or management_ssh.vrfs.ipv6_access_group_in |
port_channel_interfaces[].encapsulation_dot1q_vlan |
port_channel_interfaces[].encapsulation_dot1q.vlan |
port_channel_interfaces[].encapsulation_vlan.client.dot1q |
port_channel_interfaces[].encapsulation_vlan.client.encapsulation |
port_channel_interfaces[].encapsulation_vlan.client.unmatched |
port_channel_interfaces[].encapsulation_vlan.client.encapsulation |
port_channel_interfaces[].encapsulation_vlan.network.client |
port_channel_interfaces[].encapsulation_vlan.network.encapsulation |
port_channel_interfaces[].encapsulation_vlan.network.dot1q |
port_channel_interfaces[].encapsulation_vlan.network.encapsulation |
port_channel_interfaces[].isis_authentication_key |
port_channel_interfaces[].isis_authentication.both.key or port_channel_interfaces[].isis_authentication.level_1.key or port_channel_interfaces[].isis_authentication.level_2.key |
port_channel_interfaces[].isis_authentication_mode |
port_channel_interfaces[].isis_authentication.both.mode or port_channel_interfaces[].isis_authentication.level_1.mode or port_channel_interfaces[].isis_authentication.level_2.mode |
port_channel_interfaces[].mode |
port_channel_interfaces[].switchport.mode |
port_channel_interfaces[].native_vlan |
port_channel_interfaces[].switchport.trunk.native_vlan |
port_channel_interfaces[].native_vlan_tag |
port_channel_interfaces[].switchport.trunk.native_vlan_tag |
port_channel_interfaces[].phone |
port_channel_interfaces[].switchport.phone |
port_channel_interfaces[].pvlan_mapping |
port_channel_interfaces[].switchport.pvlan_mapping |
port_channel_interfaces[].traffic_engineering.srlg |
port_channel_interfaces[].traffic_engineering.srlgs |
port_channel_interfaces[].trunk_groups |
port_channel_interfaces[].switchport.trunk.groups |
port_channel_interfaces[].trunk_private_vlan_secondary |
port_channel_interfaces[].switchport.trunk.private_vlan_secondary |
port_channel_interfaces[].type |
- |
port_channel_interfaces[].vlans |
port_channel_interfaces[].switchport.access_vlan or switchport.trunk.allowed_vlan |
port_channel_interfaces[].vlan_translations |
port_channel_interfaces[].switchport.vlan_translations |
router_bgp.address_family_evpn.bgp_additional_paths |
router_bgp.address_family_evpn.bgp.additional_paths |
router_bgp.address_family_ipv4.redistribute_routes |
router_bgp.address_family_ipv4.redistribute |
router_bgp.address_family_ipv4_multicast.redistribute_routes |
router_bgp.address_family_ipv4_multicast.redistribute |
router_bgp.address_family_ipv6.redistribute_routes |
router_bgp.address_family_ipv6.redistribute |
router_bgp.address_family_ipv6_multicast.redistribute_routes |
router_bgp.address_family_ipv6_multicast.redistribute |
router_bgp.redistribute_routes |
router_bgp.redistribute |
router_bgp.vrfs[].address_family_ipv4.redistribute_routes |
router_bgp.vrfs[].address_family_ipv4.redistribute |
router_bgp.vrfs[].address_family_ipv6.redistribute_routes |
router_bgp.vrfs[].address_family_ipv6.redistribute |
router_bgp.vrfs[].address_family_ipv4_multicast.redistribute_routes |
router_bgp.vrfs[].address_family_ipv4_multicast.redistribute |
router_bgp.vrfs[].address_family_ipv6_multicast.redistribute_routes |
router_bgp.vrfs[].address_family_ipv6_multicast.redistribute |
router_path_selection.tcp_mss_ceiling.ipv4_segment_size |
router_path_selection.tcp_mss_ceiling.ipv4 |
static_routes[].destination_address_prefix |
static_routes[].prefix |
static_routes[].gateway |
static_routes[].next_hop |
vlan_interfaces[].vrrp_ids[].ipv6.address |
vlan_interfaces[].vrrp_ids[].ipv6.addresses |
ntp.servers[].vrf |
ntp.vrf |
ip_name_servers[].vrf is required to generate name servers configuration¶
In AVD 5.x, the key ip_name_servers[].vrf was not required. If this key was not set, the name server configuration was generated without an explicitly specified VRF, which the EOS CLI treats as the default VRF.
This key must be set to default for default VRF in AVD 6.0.0.
Traffic policy named counters must now be explicitly defined under traffic_policies.policies[].counters¶
In AVD 5.0.0, named counters were generated automatically based on the traffic_policies.policies[].matches[].actions[].count key.
Starting AVD 6.0.0, this automatic generation has been removed. All named counters must be defined under the new traffic_policies.policies[].counters key.
traffic_policies:
policies:
- name: BLUE-C1-POLICY
+ counters:
+ - DEMO-TRAFFIC
matches:
- name: BLUE-C2-POLICY-01
actions:
count: DEMO-TRAFFIC
errdisable.recovery.causes is now a list of dictionaries¶
In AVD 5.x, errdisable.recovery.causes was modeled as a list of strings.
As of AVD 6.0.0, this data model has been updated to a list of dictionaries to allow configuring a recovery interval for each cause.
The diff below shows an example on how to update your inputs to match the new data model:
ntp.servers[].vrf moved to ntp.vrf since all NTP servers must use the same VRF¶
In AVD 5.x, the VRF for NTP servers was defined individually under ntp.servers[].vrf.
Starting with AVD 6.0.0, because in EOS all NTP servers must be in the same VRF, ntp.servers[].vrf has been replaced by ntp.vrf to avoid misconfigurations.
Required keys for eos_cli_config_gen data models¶
Starting AVD 6.0.0, the following data model keys have been made required in eos_cli_config_gen.
| Required keys |
|---|
aaa_accounting.exec.default.type |
aaa_accounting.system.default.type |
aaa_accounting.dot1x.default.type |
aaa_accounting.commands.console[].type |
aaa_accounting.commands.default[].type |
Changes to role arista.avd.anta_runner¶
// TODO: potentially remove if empty