The process of upgrading an Arista switch is pretty straightforward. But you still need to follow some steps and doing these on a large number of switches is error-prone and boring. That’s why it is a good idea to automate it.
In my case, I wanted to upgrade just one switch at a time, because the switches did not have the same north/south interfaces and I needed to check/shutdown them prior to upgrading.
The project is made of a main yml file, a vars file, and an inventory file.
In the vars file, I’ve defined how we connect to the switches (API/CLI),
and also the target version, the URL from where we download the image file, etc. The only time I am using the CLI transport is when I gather the facts using the “eos_facts” module.
# Credentials
username: admin
password: admin
# Connection to switches using eapi
provider:
host: '{{ ansible_host }}'
username: "{{ username }}"
password: "{{ password }}"
authorize: true
use_ssl: yes
transport: eapi
validate_certs: false
provider_cli:
host: "{{ ansible_host }}"
username: "{{ username }}"
password: "{{ password }}"
authorize: yes
use_ssl: no
transport: cli
# Upgrade related vars
target_version: 4.22.5M
eos_md5: 99023bf39cb53eec586d5f9989188caa
eos_file_size: 400
target_file: vEOS-lab-4.22.5M.swi
swi_url: "ftp:/admin:admin1234@10.0.0.200/vEOS-lab-4.22.5M.swi"
install_pause: 180
For the upgrade to take place there are some conditions to be met: the current version should be different than the target version, there should be enough space on the disk, the MD5 checksum should be valid and the MLAG status should be ‘active’. If one of these is not right, the upgrade will not take place.
So now let’s see these conditions.
“the current version should be different than the target version” and “ the MLAG status should be ‘active’“. These are done with a variable and using it with a “when” statement on all the following tasks. If the variable is not true, all tasks that use it in the “when” statement will not take place.
- set_fact:
perform_upgrade: "{{ target_version != current_version and mlag_status == 'active' }}"
“There should be enough space on the disk”. For this one, I am using the assert module. If there is not enough space the script will stop.
- name: Check for disk space
assert:
that:
- (flash_free_space | int) > eos_file_size
success_msg: "There is enough disk space so the installation will continue."
fail_msg: "There is NOT enough disk space."
And last, “the MD5 checksum should be valid“. After I am uploading the image file, I check the MD5 checksum and see if it matches the one in the vars file.
- name: Check MD5 hash
assert:
that:
- eos_md5 in showMD5.stdout[0].messages[0]
success_msg: "The hash for image version {{ target_version }} is OK"
fail_msg: "The hash for image version {{ target_version }} is NOT OK"
when: perform_upgrade
If all the conditions are met, the next tasks:
will save and backup the running config,
- name: Save config
eos_config:
save_when: always
backup: yes
provider: '{{ provider }}'
when: perform_upgrade
then reload the switch,
- name: Reload the Switch
eos_command:
commands:
- 'reload now'
provider: '{{ provider }}'
when: "perform_upgrade"
ignore_errors: yes
wait for the switch to come back
- name: Wait for switch to come back online
wait_for:
host={{ ansible_host }}
delay={{ install_pause }}
port=443
when: perform_upgrade
and then do the last check and see if the current version == the target version.
- name: Check EOS Version
assert:
that:
- target_version == ansible_net_version
success_msg: "The installation of {{ target_version }} has been succesful"
fail_msg: "The installation of {{ target_version }} has FAILED"
when: perform_upgrade
I’ve tested this script by upgrading from the 4.19 version to 4.22.
You can find the project here:
https://github.com/czirakim/Ansible.upgrade.Arista
