Creating Device configuration snippets [CREATED] h1: initial,routing [CREATED] h2: initial,routing [CREATED] h3: initial,routing [CREATED] h4: initial,routing [CREATED] h5: initial,routing [CREATED] h6: initial,routing [CREATED] s1: initial,vlan [CREATED] s2: normalize,initial,vlan Checking Are lab devices ready to be configured? [INFO] Checking SSH server(s) on s2 [INFO] Checking lab devices with an Ansible playbook [WARNING]: Found variable using reserved name: hosts PLAY [Wait for SSH servers] **************************************************** PLAY [Wait for device-specific conditions] ************************************* TASK [Set variables that cannot be set with VARS] ****************************** ok: [s1] TASK [Find device readiness script] ******************************************** ok: [s1] TASK [Wait for device to become ready] ***************************************** included: /home/pipi/net101/tools/netsim/ansible/tasks/readiness-check/vyos-clab.yml for s1 TASK [wait_for_connection] ***************************************************** ok: [s1] TASK [wait_for] **************************************************************** ok: [s1] PLAY RECAP ********************************************************************* s1 : ok=5 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Config Deploying device configurations [INFO] Executing initial configuration for node h1 (namespace clab- ml-17-h1) [INFO] Executing initial configuration for node h2 (namespace clab- ml-17-h2) [INFO] Executing initial configuration for node h3 (namespace clab- ml-17-h3) [INFO] Executing initial configuration for node h4 (namespace clab- ml-17-h4) [INFO] Executing initial configuration for node h5 (namespace clab- ml-17-h5) [INFO] Executing initial configuration for node h6 (namespace clab- ml-17-h6) [INFO] Executing normalize configuration for node s2 [INFO] Executing routing configuration for node h1 (namespace clab- ml-17-h1) [INFO] Executing routing configuration for node h3 (namespace clab- ml-17-h3) [INFO] Executing routing configuration for node h4 (namespace clab- ml-17-h4) [INFO] Executing routing configuration for node h2 (namespace clab- ml-17-h2) [INFO] Executing routing configuration for node h5 (namespace clab- ml-17-h5) [INFO] Executing routing configuration for node h6 (namespace clab- ml-17-h6) [INFO] Executing initial configuration for node s2 [INFO] Executing vlan configuration for node s2 [INFO] Starting Ansible playbook to deploy the rest of the configurations [WARNING]: Found variable using reserved name: hosts PLAY [Deploy initial device configuration] ************************************* TASK [Set variables that cannot be set with VARS] ****************************** ok: [s1] TASK [Normalize config on bridge-like devices] ********************************* included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1 TASK [Figure out whether to deploy the module normalize on current device] ***** ok: [s1] TASK [Find configuration template for normalize] ******************************* ok: [s1] TASK [fail] ******************************************************************** skipping: [s1] TASK [Find configuration deployment deploy_script for normalize] *************** ok: [s1] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [s1] TASK [Deploy normalize configuration] ****************************************** skipping: [s1] TASK [Deploy initial configuration] ******************************************** included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1 TASK [Figure out whether to deploy the module initial on current device] ******* ok: [s1] TASK [Find configuration template for initial] ********************************* ok: [s1] TASK [fail] ******************************************************************** skipping: [s1] TASK [Find configuration deployment deploy_script for initial] ***************** ok: [s1] TASK [Print deployed configuration when running in verbose mode] *************** ok: [s1] => { "msg": "initial configuration for s1\n=========================================\n#!/bin/vbash\nsource /opt/vyatta/etc/functions/script-template\n\nif [ \"$(id -g -n)\" != 'vyattacfg' ] ; then\n exec sg vyattacfg -c \"/bin/vbash $(readlink -f $0) $@\"\nfi\n\n# Configuration items start here\n\nconfigure\nset system host-name 's1'\n\n\nset interfaces bridge br0 description 'Global Switch Bridge'\nset interfaces bridge br0 enable-vlan\n\nset interfaces bridge br0 vif 700\nset interfaces bridge br0 vif 701\n\nset interfaces dummy dum0 address 10.0.0.7/32\n\n\n\nset interfaces ethernet eth1 description 's1 -> s2'\n\nset interfaces ethernet eth1 mtu 1500\n\n\n\n\n\n\nset interfaces ethernet eth2 description '[Access VLAN red] s1 -> h1'\n\nset interfaces ethernet eth2 mtu 1500\n\n\n\n\n\n\nset interfaces ethernet eth3 description '[Access VLAN blue] s1 -> h3'\n\nset interfaces ethernet eth3 mtu 1500\n\n\n\n\n\n\nset interfaces ethernet eth4 description '[Access VLAN untagged] s1 -> h5'\n\nset interfaces ethernet eth4 mtu 1500\n\n\n\n\n\n\nset interfaces bridge br0 vif 700 description 'VLAN red (700) -> [h1,h2,s2]'\n\n\n\n\n\n\n\nset interfaces bridge br0 vif 701 description 'VLAN blue (701) -> [h3,h4,s2]'\n\n\n\n\n\n\n\nset interfaces bridge br0 description 'VLAN untagged (1) -> [h5,h6,s2]'\n\n\n\n\n\n\nset service lldp interface all\n>/dev/null 2>/dev/null set service lldp interface eth0 disable\n>/dev/null 2>/dev/null set service lldp interface eth0 mode disable\n\n\nset service ssh\n\n# Commit, save and exit from subshell\n\ncommit\nsave\nexit\n\n# Restart FRR to pick up the new hostname\nsudo service frr restart\n" } TASK [Deploy initial configuration] ******************************************** included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/vyos.yml for s1 TASK [set_fact] **************************************************************** ok: [s1] TASK [template] **************************************************************** changed: [s1] TASK [execute config-initial.sh to deploy initial config from /work/netlab_cicd/node_files/s1/initial] *** changed: [s1] PLAY [Deploy module-specific configurations] *********************************** TASK [Set variables that cannot be set with VARS] ****************************** ok: [s1] TASK [Deploy individual configuration modules] ********************************* included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1 => (item=vlan) included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-module.yml for s1 => (item=routing) TASK [Figure out whether to deploy the module vlan on current device] ********** ok: [s1] TASK [Find configuration template for vlan] ************************************ ok: [s1] TASK [fail] ******************************************************************** skipping: [s1] TASK [Find configuration deployment deploy_script for vlan] ******************** ok: [s1] TASK [Print deployed configuration when running in verbose mode] *************** ok: [s1] => { "msg": "vlan configuration for s1\n=========================================\nset interfaces bridge br0 member interface eth1 allowed-vlan 700\nset interfaces bridge br0 member interface eth1 allowed-vlan 701\nset interfaces bridge br0 member interface eth2 native-vlan 700\nset interfaces bridge br0 member interface eth3 native-vlan 701\nset interfaces bridge br0 member interface eth4 native-vlan 1\n" } TASK [Deploy vlan configuration] *********************************************** included: /home/pipi/net101/tools/netsim/ansible/tasks/deploy-config/vyos.yml for s1 TASK [set_fact] **************************************************************** ok: [s1] TASK [template] **************************************************************** changed: [s1] TASK [execute config-vlan.sh to deploy vlan config from /work/netlab_cicd/node_files/s1/vlan] *** changed: [s1] TASK [Figure out whether to deploy the module routing on current device] ******* ok: [s1] TASK [Find configuration template for routing] ********************************* skipping: [s1] TASK [fail] ******************************************************************** skipping: [s1] TASK [Find configuration deployment deploy_script for routing] ***************** skipping: [s1] TASK [Print deployed configuration when running in verbose mode] *************** skipping: [s1] TASK [Deploy routing configuration] ******************************************** skipping: [s1] PLAY [Deploy custom deployment templates] ************************************** skipping: no hosts matched PLAY RECAP ********************************************************************* s1 : ok=26 changed=4 unreachable=0 failed=0 skipped=10 rescued=0 ignored=0 Results of configuration script deployments ================================================================================ h1 OK: 2 h2 OK: 2 h3 OK: 2 h4 OK: 2 h5 OK: 2 h6 OK: 2 s2 OK: 3 The devices under test are simple bridges with a VLAN trunk between them. Both VLANs are using the same IP prefix to identify potential inter-VLAN leaking. * h1 and h2 should be able to ping each other * h3 and h4 should be able to ping each other * h1 should not be able to reach h3 * h5 should not be able to reach h6 over its untagged native vlan Please note it might take a while for the lab to work due to STP learning phase