The process of upgrading an Arista switch is pretty straightforward. But you still need to follow some steps and doing these on a large number of switches is error-prone and boring. That’s why it is a good idea to automate it.
In my case, I wanted to upgrade just one switch at a time, because the switches did not have the same north/south interfaces and I needed to check/shutdown them prior to upgrading.
The project is made of a main yml file , a vars file and an inventory file.
In the vars file I’ve defined how we connect to the switches (API/CLI),
and also the target version, the url from where we download the image file etc. The only time I am using the CLI transport is when I gather the facts using the “eos_facts” module.
# Credentials username: admin password: admin # Connection to switches using eapi provider: host: '{{ ansible_host }}' username: "{{ username }}" password: "{{ password }}" authorize: true use_ssl: yes transport: eapi validate_certs: false provider_cli: host: "{{ ansible_host }}" username: "{{ username }}" password: "{{ password }}" authorize: yes use_ssl: no transport: cli # Upgrade related vars target_version: 4.22.5M eos_md5: 99023bf39cb53eec586d5f9989188caa eos_file_size: 400 target_file: vEOS-lab-4.22.5M.swi swi_url: "ftp:/admin:admin1234@10.0.0.200/vEOS-lab-4.22.5M.swi" install_pause: 180
For the upgrade to take place there are some conditions to be met: the current version should be different than the target version, there should be enough space on the disk, the MD5 checksum should be valid and the MLAG status should be ‘active’. If one of these is not right, the upgrade will not take place.
So now let’s see these conditions.
“the current version should be different than the target version” and “ the MLAG status should be ‘active’“. These are done with a variable and using it with “when” statement on all the following tasks. If the variable is not true , all tasks that use it in “when” statement will not take place.
- set_fact: perform_upgrade: "{{ target_version != current_version and mlag_status == 'active' }}"
“there should be enough space on the disk“. For this one i am using the assert module. If there is not enough space the script will stop.
- name: Check for disk space assert: that: - (flash_free_space | int) > eos_file_size success_msg: "There is enough disk space so the installation will continue." fail_msg: "There is NOT enough disk space."
And last, “the MD5 checksum should be valid“. After I am uploading the image file, I check the MD5 checksum and see if it matches the one in the vars file.
- name: Check MD5 hash assert: that: - eos_md5 in showMD5.stdout[0].messages[0] success_msg: "The hash for image version {{ target_version }} is OK" fail_msg: "The hash for image version {{ target_version }} is NOT OK" when: perform_upgrade
If all the conditions are met, next tasks:
will save and backup the running config,
- name: Save config eos_config: save_when: always backup: yes provider: '{{ provider }}' when: perform_upgrade
then reload the switch ,
- name: Reload the Switch eos_command: commands: - 'reload now' provider: '{{ provider }}' when: "perform_upgrade" ignore_errors: yes
wait for the switch to come back
- name: Wait for switch to come back online wait_for: host={{ ansible_host }} delay={{ install_pause }} port=443 when: perform_upgrade
and then do a last check and see if the current version == the target version.
- name: Check EOS Version assert: that: - target_version == ansible_net_version success_msg: "The installation of {{ target_version }} has been succesful" fail_msg: "The installation of {{ target_version }} has FAILED" when: perform_upgrade
I’ve tested this script by upgrading from 4.19 version to 4.22.
You can find the project here:
https://github.com/czirakim/Ansible.upgrade.Arista