CASMNET-1641: Create CSM 1.3 initial configurations (#180)

* Create CSM 1.3 config path.

* Bump versions.

.version

@@ -1 +1 @@
-1.6.5
+1.6.6

canu/.version

@@ -1 +1 @@
-1.6.5~develop
+1.6.6~develop

canu/canu.yaml

@@ -78,6 +78,36 @@ csm:
         - 3.9.1014
       MSN2700:
         - 3.9.1014
+  "1.3":
+    aruba:
+      "6300":
+        - FL.10.06.0010
+      "8320":
+        - GL.10.06.0010
+      "8325":
+        - GL.10.06.0010
+      "8360":
+        - LL.10.06.0010
+        - LL.10.06.0110
+      X86-64:
+        - Virtual.10.06.0001
+    dell:
+      "S3048-ON":
+        - "10.5.1.4"
+      "S4148F-ON":
+        - "10.5.1.4"
+      "S4148T-ON":
+        - "10.5.1.4"
+      "S4048-VM":
+        - "10.5.0.0"
+      "S4048T-ON":
+        - "10.5.1.4"
+    mellanox:
+      MSN2100:
+        - 3.9.1014
+      MSN2700:
+        - 3.9.1014
 csm_versions:
   - "1.0"
   - "1.2"
+  - "1.3"

network_modeling/configs/templates/1.3/arista/sw-edge.primary.j2

@@ -0,0 +1,38 @@
+{#- edge_router #}
+
+interface loopback 0
+    ip address {{ variables.LOOPBACK_IP }}/32
+
+vlan 4091
+ name mlag-ibgp
+ trunk group mlag-peer
+!
+int vlan 4091
+ ip address {{ variables.EDGE_BGP_IP_PRIMARY }}/31
+ mtu 9214
+!
+ no spanning-tree vlan-id 4091
+
+interface Vlan{{ variables.CHN_VLAN }}
+   ip address {{ variables.CHN_IP }}/{{variables.CHN_PREFIX_LEN}}
+   ip virtual-router address {{ variables.CHN_IP_GATEWAY }}
+ip routing
+
+ip prefix-list HSN seq 10 permit {{ variables.CHN }} ge {{ variables.CHN_PREFIX_LEN }}
+!
+route-map HSN permit 5
+   match ip address prefix-list HSN
+
+router bgp {{ variables.SWITCH_ASN }}
+   distance bgp 20 200 200
+   router-id {{ variables.LOOPBACK_IP }}
+   maximum-paths 32
+   neighbor {{ variables.EDGE_BGP_IP_SECONDARY }} remote-as {{ variables.SWITCH_ASN }}
+   neighbor {{ variables.EDGE_BGP_IP_SECONDARY }} next-hop-self
+   {%- for name, ip in variables.CHN_IPs.items() if "ncn-w" in name %}
+   neighbor {{ ip }} remote-as {{ variables.CHN_ASN }}
+   neighbor {{ ip }} passive
+   neighbor {{ ip }} route-map HSN in
+   {%- endfor %}
+
+{#- end edge_router #}

network_modeling/configs/templates/1.3/arista/sw-edge.secondary.j2

@@ -0,0 +1,38 @@
+{#- edge_router #}
+
+interface loopback 0
+    ip address {{ variables.LOOPBACK_IP }}/32
+
+vlan 4091
+ name mlag-ibgp
+ trunk group mlag-peer
+!
+int vlan 4091
+ ip address {{ variables.EDGE_BGP_IP_SECONDARY }}/31
+ mtu 9214
+!
+ no spanning-tree vlan-id 4091
+
+interface Vlan{{ variables.CHN_VLAN }}
+   ip address {{ variables.CHN_IP }}/{{variables.CHN_PREFIX_LEN}}
+   ip virtual-router address {{ variables.CHN_IP_GATEWAY }}
+ip routing
+
+ip prefix-list HSN seq 10 permit {{ variables.CHN }} ge {{ variables.CHN_PREFIX_LEN }}
+!
+route-map HSN permit 5
+   match ip address prefix-list HSN
+
+router bgp {{ variables.SWITCH_ASN }}
+   distance bgp 20 200 200
+   router-id {{ variables.LOOPBACK_IP }}
+   maximum-paths 32
+   neighbor {{ variables.EDGE_BGP_IP_PRIMARY }} remote-as {{ variables.SWITCH_ASN }}
+   neighbor {{ variables.EDGE_BGP_IP_PRIMARY }} next-hop-self
+   {%- for name, ip in variables.CHN_IPs.items() if "ncn-w" in name %}
+   neighbor {{ ip }} remote-as {{ variables.CHN_ASN }}
+   neighbor {{ ip }} passive
+   neighbor {{ ip }} route-map HSN in
+   {%- endfor %}
+
+{#- end edge_router #}

network_modeling/configs/templates/1.3/aruba/common/acl.j2

@@ -0,0 +1,69 @@
+{#- acl #}
+access-list ip mgmt
+{% set sequence = 10 %}    {{ sequence }} comment ALLOW SSH, HTTPS, AND SNMP ON HMN SUBNET and CMN
+{% set sequence = sequence+10 %}    {{ sequence }} permit tcp {{ variables.HMN_NETWORK_IP }}/{{ variables.HMN_NETMASK }} any eq ssh
+{% set sequence = sequence+10 %}    {{ sequence }} permit tcp {{ variables.HMN_NETWORK_IP }}/{{ variables.HMN_NETMASK }} any eq https
+{% set sequence = sequence+10 %}    {{ sequence }} permit udp {{ variables.HMN_NETWORK_IP }}/{{ variables.HMN_NETMASK }} any eq snmp
+{% set sequence = sequence+10 %}    {{ sequence }} permit udp {{ variables.HMN_NETWORK_IP }}/{{ variables.HMN_NETMASK }} any eq snmp-trap
+{%- if variables.CMN != None %}
+{% set sequence = sequence+10 %}    {{ sequence }} permit tcp {{ variables.CMN_NETWORK_IP }}/{{ variables.CMN_NETMASK }} any eq ssh
+{% set sequence = sequence+10 %}    {{ sequence }} permit tcp {{ variables.CMN_NETWORK_IP }}/{{ variables.CMN_NETMASK }} any eq https
+{% set sequence = sequence+10 %}    {{ sequence }} permit udp {{ variables.CMN_NETWORK_IP }}/{{ variables.CMN_NETMASK }} any eq snmp
+{% set sequence = sequence+10 %}    {{ sequence }} permit udp {{ variables.CMN_NETWORK_IP }}/{{ variables.CMN_NETMASK }} any eq snmp-trap
+{%- endif %}
+{% set sequence = sequence+10 %}    {{ sequence }} comment ALLOW SNMP FROM HMN METALLB SUBNET
+{% set sequence = sequence+10 %}    {{ sequence }} permit udp {{ variables.HMNLB_NETWORK_IP }}/{{ variables.HMNLB_NETMASK }} any eq snmp
+{% set sequence = sequence+10 %}    {{ sequence }} permit udp {{ variables.HMNLB_NETWORK_IP }}/{{ variables.HMNLB_NETMASK }} any eq snmp-trap
+{% set sequence = sequence+10 %}    {{ sequence }} comment BLOCK SSH, HTTPS, AND SNMP FROM EVERYWHERE ELSE
+{% set sequence = sequence+10 %}    {{ sequence }} deny tcp any any eq ssh
+{% set sequence = sequence+10 %}    {{ sequence }} deny tcp any any eq https
+{% set sequence = sequence+10 %}    {{ sequence }} deny udp any any eq snmp
+{% set sequence = sequence+10 %}    {{ sequence }} deny udp any any eq snmp-trap
+{% set sequence = sequence+10 %}    {{ sequence }} comment ALLOW ANYTHING ELSE
+{% set sequence = sequence+10 %}    {{ sequence }} permit any any any
+access-list ip nmn-hmn
+{%- if variables.NMN and variables.HMN %}
+{% set sequence = 10 %}    {{ sequence }} deny any {{ variables.NMN_NETWORK_IP }}/{{ variables.NMN_NETMASK }} {{ variables.HMN_NETWORK_IP }}/{{ variables.HMN_NETMASK }}
+{%- endif %}
+{%- if variables.HMN and variables.NMN %}
+{% set sequence = sequence+10 %}    {{ sequence }} deny any {{ variables.HMN_NETWORK_IP }}/{{ variables.HMN_NETMASK }} {{ variables.NMN_NETWORK_IP }}/{{ variables.NMN_NETMASK }}
+{%- endif %}
+{%- if variables.NMN and variables.HMN_MTN %}
+{% set sequence = sequence+10 %}    {{ sequence }} deny any {{ variables.NMN_NETWORK_IP }}/{{ variables.NMN_NETMASK }} {{ variables.HMN_MTN_NETWORK_IP }}/{{ variables.HMN_MTN_NETMASK }}
+{%- endif %}
+{%- if variables.HMN and variables.NMN_MTN %}
+{% set sequence = sequence+10 %}    {{ sequence }} deny any {{ variables.HMN_NETWORK_IP }}/{{ variables.HMN_NETMASK }} {{ variables.NMN_MTN_NETWORK_IP }}/{{ variables.NMN_MTN_NETMASK }}
+{%- endif %}
+{%- if variables.NMN_MTN and variables.HMN %}
+{% set sequence = sequence+10 %}    {{ sequence }} deny any {{ variables.NMN_MTN_NETWORK_IP }}/{{ variables.NMN_MTN_NETMASK }} {{ variables.HMN_NETWORK_IP }}/{{ variables.HMN_NETMASK }}
+{%- endif %}
+{%- if variables.NMN_MTN and variables.HMN_MTN %}
+{% set sequence = sequence+10 %}    {{ sequence }} deny any {{ variables.NMN_MTN_NETWORK_IP }}/{{ variables.NMN_MTN_NETMASK }} {{ variables.HMN_MTN_NETWORK_IP }}/{{ variables.HMN_MTN_NETMASK }}
+{%- endif %}
+{%- if variables.HMN_MTN and variables.NMN %}
+{% set sequence = sequence+10 %}    {{ sequence }} deny any {{ variables.HMN_MTN_NETWORK_IP }}/{{ variables.HMN_MTN_NETMASK }} {{ variables.NMN_NETWORK_IP }}/{{ variables.NMN_NETMASK }}
+{%- endif %}
+{%- if variables.HMN_MTN and variables.NMN_MTN %}
+{% set sequence = sequence+10 %}    {{ sequence }} deny any {{ variables.HMN_MTN_NETWORK_IP }}/{{ variables.HMN_MTN_NETMASK }} {{ variables.NMN_MTN_NETWORK_IP }}/{{ variables.NMN_MTN_NETMASK }}
+{%- endif %}
+{% set sequence = sequence+10 %}    {{ sequence }} permit any any any
+access-list ip cmn-can
+{%- if variables.CMN and variables.CAN %}
+{% set sequence = 10 %}    {{ sequence }} deny any {{ variables.CMN_NETWORK_IP }}/{{ variables.CMN_NETMASK }} {{ variables.CAN_NETWORK_IP }}/{{ variables.CAN_NETMASK }}
+{%- endif %}
+{%- if variables.CMN and variables.CAN %}
+{% set sequence = sequence+10 %}    {{ sequence }} deny any {{ variables.CAN_NETWORK_IP }}/{{ variables.CAN_NETMASK }} {{ variables.CMN_NETWORK_IP }}/{{ variables.CMN_NETMASK }}
+{%- endif %}
+{%- if variables.CMN and variables.CHN %}
+{% set sequence = sequence+10 %}    {{ sequence }} deny any {{ variables.CMN_NETWORK_IP }}/{{ variables.CMN_NETMASK }} {{ variables.CHN_NETWORK_IP }}/{{ variables.CHN_NETMASK }}
+{%- endif %}
+{%- if not variables.CAN %}
+{% set sequence = 0 %}
+{%- endif %}
+{%- if variables.CMN and variables.CHN %}
+{% set sequence = sequence+10 %}    {{ sequence }} deny any {{ variables.CHN_NETWORK_IP }}/{{ variables.CHN_NETMASK }} {{ variables.CMN_NETWORK_IP }}/{{ variables.CMN_NETMASK }}
+{%- endif %}
+{% set sequence = sequence+10 %}    {{ sequence }} permit any any any
+apply access-list ip mgmt control-plane vrf default
+apply access-list ip mgmt control-plane vrf Customer
+{#- end acl #}

network_modeling/configs/templates/1.3/aruba/common/banner-motd.j2

@@ -0,0 +1,8 @@
+{# blank line below required #}
+
+banner exec {{ '!' }}
+###############################################################################
+# CSM version:  {{ variables.CSM_VERSION }}
+# CANU version: {{ variables.CANU_VERSION }}
+###############################################################################
+{{ '!' }}

network_modeling/configs/templates/1.3/aruba/common/bgp.primary.j2

@@ -0,0 +1,44 @@
+{#- bgp #}
+router bgp {{ variables.SWITCH_ASN }}
+    bgp router-id {{ variables.LOOPBACK_IP }}
+    maximum-paths 8
+    timers bgp 1 3
+    distance bgp 20 70
+    {%- for name, ip in variables.NMN_IPs.items() if "sw-spine-002" in name %}
+    neighbor {{ ip }} remote-as {{ variables.SWITCH_ASN }}
+    {%- endfor %}
+    {%- for name, ip in variables.NMN_IPs.items() if "ncn-w" in name %}
+    neighbor {{ ip }} remote-as {{ variables.NMN_ASN }}
+    neighbor {{ ip }} passive
+    {%- endfor %}
+    address-family ipv4 unicast
+        {%- for name, ip in variables.NMN_IPs.items() if "sw-spine-002" in name %}
+        neighbor {{ ip }} activate
+        {%- endfor %}
+        {%- for name, ip in variables.NMN_IPs.items() if "ncn-w" in name %}
+        neighbor {{ ip }} activate
+        neighbor {{ ip }} route-map {{ name }} in
+        {%- endfor %}
+    exit-address-family
+    vrf Customer
+        bgp router-id {{ variables.LOOPBACK_IP }}
+        maximum-paths 8
+        timers bgp 1 3
+        distance bgp 20 70
+        {%- for name, ip in variables.CMN_IPs.items() if "sw-spine-002" in name %}
+        neighbor {{ ip }} remote-as {{ variables.SWITCH_ASN }}
+        {%- endfor %}
+        {%- for name, ip in variables.CMN_IPs.items() if "ncn-w" in name %}
+        neighbor {{ ip }} remote-as {{ variables.CMN_ASN }}
+        neighbor {{ ip }} passive
+        {%- endfor %}
+        address-family ipv4 unicast
+            {%- for name, ip in variables.CMN_IPs.items() if "sw-spine-002" in name %}
+            neighbor {{ ip }} activate
+            {%- endfor %}
+            {%- for name, ip in variables.CMN_IPs.items() if "ncn-w" in name %}
+            neighbor {{ ip }} activate
+            neighbor {{ ip }} route-map {{ name }}-Customer in
+            {%- endfor %}
+        exit-address-family
+{#- end bgp #}

network_modeling/configs/templates/1.3/aruba/common/bgp.secondary.j2

@@ -0,0 +1,44 @@
+{#- bgp #}
+router bgp {{ variables.SWITCH_ASN }}
+    bgp router-id {{ variables.LOOPBACK_IP }}
+    maximum-paths 8
+    timers bgp 1 3
+    distance bgp 20 70
+    {%- for name, ip in variables.NMN_IPs.items() if "sw-spine-001" in name %}
+    neighbor {{ ip }} remote-as {{ variables.SWITCH_ASN }}
+    {%- endfor %}
+    {%- for name, ip in variables.NMN_IPs.items() if "ncn-w" in name %}
+    neighbor {{ ip }} remote-as {{ variables.NMN_ASN }}
+    neighbor {{ ip }} passive
+    {%- endfor %}
+    address-family ipv4 unicast
+        {%- for name, ip in variables.NMN_IPs.items() if "sw-spine-001" in name %}
+        neighbor {{ ip }} activate
+        {%- endfor %}
+        {%- for name, ip in variables.NMN_IPs.items() if "ncn-w" in name %}
+        neighbor {{ ip }} activate
+        neighbor {{ ip }} route-map {{ name }} in
+        {%- endfor %}
+    exit-address-family
+    vrf Customer
+        bgp router-id {{ variables.LOOPBACK_IP }}
+        maximum-paths 8
+        timers bgp 1 3
+        distance bgp 20 70
+        {%- for name, ip in variables.CMN_IPs.items() if "sw-spine-001" in name %}
+        neighbor {{ ip }} remote-as {{ variables.SWITCH_ASN }}
+        {%- endfor %}
+        {%- for name, ip in variables.CMN_IPs.items() if "ncn-w" in name %}
+        neighbor {{ ip }} remote-as {{ variables.CMN_ASN }}
+        neighbor {{ ip }} passive
+        {%- endfor %}
+        address-family ipv4 unicast
+            {%- for name, ip in variables.CMN_IPs.items() if "sw-spine-001" in name %}
+            neighbor {{ ip }} activate
+            {%- endfor %}
+            {%- for name, ip in variables.CMN_IPs.items() if "ncn-w" in name %}
+            neighbor {{ ip }} activate
+            neighbor {{ ip }} route-map {{ name }}-Customer in
+            {%- endfor %}
+        exit-address-family
+{#- end bgp #}

network_modeling/configs/templates/1.3/aruba/common/bmc.j2

@@ -0,0 +1,13 @@
+{#- bmc #}
+{%- for node in cabling.nodes if node.slot == "bmc" or node.slot == "cmc" or node.subtype == "sw-hsn" or node.subtype == "pdu" %}
+interface 1/1/{{ node.config.PORT }}
+    no shutdown
+    mtu 9198
+    description {{ node.config.DESCRIPTION }}
+    no routing
+    vlan access {{ variables.HMN_VLAN }}
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+
+{%- endfor %}
+{#- end bmc #}

network_modeling/configs/templates/1.3/aruba/common/cdu-to-spine.lag.j2

@@ -0,0 +1,24 @@
+{#- cdu-to-spine.lag #}
+{%- set ns = namespace(lag_displayed=false) %}
+{%- for node in cabling.nodes if node.subtype == "spine" %}
+{%- if ns.lag_displayed == false %}
+{%- set ns.lag_displayed = true %}
+interface lag {{ node.config.LAG_NUMBER }} multi-chassis
+    no shutdown
+    description cdu_to_spines_lag
+    no routing
+    vlan trunk native {{ variables.NATIVE_VLAN }}
+    vlan trunk allowed {{ variables.LEAF_BMC_VLANS }}
+    lacp mode active
+{%- endif %}
+{%- endfor %}
+
+{%- for node in cabling.nodes if node.subtype == "spine"%}
+
+interface 1/1/{{ node.config.PORT }}
+    no shutdown
+    mtu 9198
+    description {{ node.config.DESCRIPTION }}
+    lag {{ node.config.LAG_NUMBER }}
+{%- endfor %}
+{#- end cdu-to-spine.lag #}

network_modeling/configs/templates/1.3/aruba/common/cec.j2

@@ -0,0 +1,13 @@
+{#- cec #}
+{%- for node in cabling.nodes if node.subtype == "cec" %}
+interface 1/1/{{ node.config.INTERFACE_NUMBER }}
+    no shutdown
+    mtu 9198
+    description {{ node.config.DESCRIPTION }}
+    no routing
+    vlan access {{ node.config.NATIVE_VLAN }}
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+
+{%- endfor %}
+{#- end cec #}

network_modeling/configs/templates/1.3/aruba/common/cmm.j2

@@ -0,0 +1,18 @@
+{#- cmm #}
+{%- for node in cabling.nodes if node.subtype == "cmm" %}
+interface lag {{ node.config.LAG_NUMBER }} multi-chassis static
+    no shutdown
+    description {{ node.config.DESCRIPTION }}
+    no routing
+    vlan trunk native {{ node.config.NATIVE_VLAN }}
+    vlan trunk allowed {{ node.config.NATIVE_VLAN}},{{ node.config.TAGGED_VLAN }}
+    spanning-tree root-guard
+
+interface 1/1/{{ node.config.PORT }}
+    no shutdown
+    mtu 9198
+    description {{ node.config.DESCRIPTION }}
+    lag {{ node.config.LAG_NUMBER }}
+
+{%- endfor %}
+{#- end cmm #}

network_modeling/configs/templates/1.3/aruba/common/compute.j2

@@ -0,0 +1,13 @@
+{#- compute #}
+{%- for node in cabling.nodes if node.subtype == "compute" and node.slot == "onboard" %}
+interface 1/1/{{ node.config.PORT }}
+    no shutdown
+    mtu 9198
+    description {{ node.config.DESCRIPTION }}
+    no routing
+    vlan access {{ variables.NMN_VLAN }}
+    spanning-tree bpdu-guard
+    spanning-tree port-type admin-edge
+
+{%- endfor %}
+{#- end compute #}

network_modeling/configs/templates/1.3/aruba/common/leaf_bmc_unused_port.j2

@@ -0,0 +1,9 @@
+{#- unused #}
+{%- for port in variables.UNUSED_PORTS %}
+interface 1/1/{{ port }}
+    shutdown
+    no routing
+    vlan access 1
+
+{%- endfor %}
+{#- end unused #}