Merge branch 'devel' into feat/port_channel_interfaces/isis_auth

.pre-commit-config.yaml

@@ -1,7 +1,7 @@
 # See https://pre-commit.com for more information
 # See https://pre-commit.com/hooks.html for more hooks
 ci:
-  autoupdate_commit_msg: "Bump: pre-commit autoupdate"
+  autoupdate_commit_msg: "CI: pre-commit autoupdate"
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.6.0
@@ -75,7 +75,7 @@ repos:
 
   - repo: https://github.com/astral-sh/ruff-pre-commit
     # Ruff version.
-    rev: v0.6.3
+    rev: v0.6.5
     hooks:
       # Run the linter.
       - id: ruff

Makefile

@@ -83,3 +83,11 @@ unit-tests: ## Run unit test cases using ansible-test. Specify `ANSIBLE_TEST_MOD
 integration-tests: ## Run integration test cases using ansible-test. Specify `ANSIBLE_TEST_MODE=<venv|docker>` (default: `venv`).
 	cd ansible_collections/arista/avd/ ; \
 	ansible-test integration --requirements --$(ANSIBLE_TEST_MODE)
+
+####################
+# Random shortcuts #
+####################
+
+.PHONY: config-diff
+config-diff: ## Run git diff comparing molecule configs with 'devel' using our special config diff ignoring reordering of config lines.
+	@GIT_EXTERNAL_DIFF=development/compare.py git diff devel --ext-diff -- **/configs/*.cfg

ansible_collections/arista/avd/docs/plugins/Filter_plugins/add_md_toc.md

@@ -42,7 +42,6 @@ The below requirements are needed on the host that executes this module.
 ---
 tasks:
 - name: Generate fabric documentation
-  tags: [build, provision, documentation]
   run_once: true
   delegate_to: localhost
   check_mode: no

ansible_collections/arista/avd/docs/plugins/Modules_and_action_plugins/configlet_build_config.md

@@ -33,7 +33,6 @@ Build configuration to publish configlets to Cloudvision.
 ```yaml
 # tasks file for configlet_build_config
 - name: generate intended variables
-  tags: [build, provision]
   configlet_build_config:
     configlet_dir: '/path/to/configlets/folder/'
     configlet_prefix: 'AVD_'

ansible_collections/arista/avd/docs/plugins/Modules_and_action_plugins/eos_designs_documentation.md

@@ -43,12 +43,11 @@ The `arista.avd.eos_designs_documentation` module is an Ansible Action Plugin pr
 ---
 
 - name: Generate fabric documentation
-  tags: [build, provision, documentation]
   arista.avd.eos_designs_documentation:
     structured_config_dir: "{{ structured_dir }}"
     structured_config_suffix: "{{ avd_structured_config_file_format }}"
     fabric_documentation_file: "{{ fabric_dir }}/{{ fabric_name }}-documentation.md"
-    fabric_documentation: "{{ eos_designs_documentation.enabled | arista.avd.default(true) }}"
+    fabric_documentation: "{{ eos_designs_documentation.enable | arista.avd.default(true) }}"
     include_connected_endpoints: "{{ eos_designs_documentation.connected_endpoints | arista.avd.default(false) }}"
     topology_csv_file: "{{ fabric_dir }}/{{ fabric_name }}-topology.csv"
     topology_csv: "{{ eos_designs_documentation.topology_csv | arista.avd.default(true) }}"

ansible_collections/arista/avd/docs/plugins/Modules_and_action_plugins/eos_designs_facts.md

@@ -44,14 +44,12 @@ The module is used in `arista.avd.eos_designs` to set facts for devices, which a
 ```yaml
 ---
 - name: Set eos_designs facts
-  tags: [build, provision, facts]
   arista.avd.eos_designs_facts:
     schema_id: eos_designs
   check_mode: False
   run_once: True
 
 - name: Set eos_designs facts per device
-  tags: [build, provision, facts]
   ansible.builtin.set_fact:
     switch: "{{ avd_switch_facts[inventory_hostname].switch }}"
   delegate_to: localhost

ansible_collections/arista/avd/docs/plugins/Modules_and_action_plugins/set_vars.md

@@ -27,7 +27,6 @@ Arguments are treated as one dict so all arguments will be set as vars.
 
 ```yaml
 - name: Remove avd_switch_facts
-  tags: [build, provision, facts, remove_avd_switch_facts]
   arista.avd.set_vars:
     avd_switch_facts: null
   run_once: true

ansible_collections/arista/avd/docs/porting-guides/5.x.x.md

@@ -54,6 +54,66 @@ ethernet_interfaces:
     <...>
 ```
 
+## Removal Ansible tags from AVD roles
+
+Support for Ansible tags across AVD roles has been replaced with variables to control this execution of various parts of AVD.
+
+The previous implementation of Ansible tags was not consistent and mostly undocumented. It often lead to inconsistent behaviors depending
+when the tags were used with `--tags` vs. `--skip-tags`.
+
+AVD now supports a number of variables which allow detailed control of which areas of AVD should be executed.
+Variables are only added for the roles providing multiple optional functionalities.
+
+| Ansible Role | Variable | Default value | Description |
+| ------------ | -------- | ------------- | ----------- |
+| All | `avd_verify_requirements` | `true` | Verify Ansible and Python requirements. |
+| All | avd_create_directories | `true` | Create required output directories if not present. |
+| `arista.avd.eos_designs` | `avd_eos_designs_debug` | `false` | Dump all vars and facts per device after generating `avd_switch_facts`. |
+| `arista.avd.eos_designs` | `avd_eos_designs_structured_config` | `true` | Generate structured configuration per device. |
+| `arista.avd.eos_designs` | `eos_designs_documentation.enable` | `true` | Generate fabric Markdown documentation. |
+| `arista.avd.eos_designs` | `eos_designs_documentation.topology_csv` | `false` | Generate Topology CSV with all interfaces towards other devices. |
+| `arista.avd.eos_designs` | `eos_designs_documentation.p2p_links_csv` | `false` | Generate P2P links CSV with all routed point-to-point links between devices. |
+| `arista.avd.eos_designs` | `avd_eos_designs_unset_facts` | `true` | Unset `avd_switch_facts` to gain a small performance improvement since Ansible needs to handle fewer variables. |
+| `arista.avd.eos_cli_config_gen` | `eos_cli_config_gen_configuration.enable` | `true` | Generate device EOS configurations. |
+| `arista.avd.eos_cli_config_gen` | `eos_cli_config_gen_documentation.enable` | `true` | Generate device Markdown documentation. |
+| `arista.avd.cvp_configlet_upload` | `execute_tasks` | `false` | Execute pending tasks on CloudVision after uploading configlets. |
+| `arista.avd.dhcp_provisioner` | `avd_dhcp_provisioner_provision` | `true` | Run `arista.cvp.dhcp_configuration` in either online or offline mode. |
+| `arista.avd.eos_config_deploy_cvp` | `avd_eos_config_deploy_cvp_provision` | `true` | Deploy/remove the generated configs and containers on CloudVision. |
+| `arista.avd.eos_config_deploy_cvp` | `avd_eos_config_deploy_cvp_execute_existing_tasks` or `execute_tasks` | `false` | `cv_collection: v1` only<br>Execute *existing* tasks on CloudVision *before* uploading configlets. |
+| `arista.avd.eos_config_deploy_cvp` | `avd_eos_config_deploy_cvp_execute_configlet_tasks` or `execute_tasks` | `false` | Execute pending tasks on CloudVision after uploading configlets. |
+| `arista.avd.eos_config_deploy_cvp` | `avd_eos_config_deploy_cvp_execute_container_tasks` or `execute_tasks` | `false` | Execute pending tasks on CloudVision after creating containers. |
+| `arista.avd.eos_config_deploy_cvp` | `avd_eos_config_deploy_cvp_execute_device_tasks` or `execute_tasks` | `false` | Execute pending tasks on CloudVision after onboarding, moving or changing devices. |
+| `arista.avd.eos_validate_state` | - | - | See [here](#changes-to-role-aristaavdeos_validate_state) for details on changes in `eos_validate_state`. |
+
+The tasks or functions mentioned will execute when the role is imported/included if the variable is set to `true`. Otherwise it will not.
+
+This change may require updates to playbooks, "Makefiles" or scripts, to execute the same parts of AVD. It is still possible to skip importing a role by using
+Ansible tags in the playbook. The tags will be applied to/match all tasks in the imported/included AVD role.
+
+The default behavior is the same as for previous versions of AVD, except for the CSV files which are no longer generated by default.
+
+For example to run AVD without generating documentation, the playbook can be updated like this:
+
+```diff
+ - name: Build Configurations and Documentation # (1)!
+   hosts: FABRIC
+   gather_facts: false
+   tasks:
+
+     - name: Generate AVD Structured Configurations and Fabric Documentation # (2)!
+       ansible.builtin.import_role:
+         name: arista.avd.eos_designs
+       vars:
+         eos_designs_documentation:
+           enabled: false
+
+     - name: Generate Device Configurations and Documentation # (3)!
+       ansible.builtin.import_role:
+         name: arista.avd.eos_cli_config_gen
+       vars:
+         generate_device_documentation: false
+```
+
 ## Removal of Ansible plugins
 
 The following ansible plugins have been removed from the `arista.avd` Ansible collection in v5.0.0.
@@ -108,6 +168,27 @@ tenants:
 +             always_redistribute_igmp: true
 ```
 
+### `vrf_id` is used instead of `vrf_vni` to calculate the IP address of EVPN underlay multicast group for a VRF
+
+AVD versions below 5.0.0 uses `vrf_vni` in the algorithm to set the offset in order to get the IP address of EVPN underlay multicast group.
+
+In AVD version 5.0.0, `vrf_id` is used instead of `vrf_vni` to calculate the offset for IP address of EVPN underlay multicast group for a VRF when `evpn_l3_multicast` is enabled. The configurations will only change in case `vrf_id` and `vrf_vni` are set to different values or `evpn_l3_multicast.evpn_underlay_l3_multicast_group` is set under `vrfs`.
+
+To retain the previous configuration, set group ip directly under the `vrfs` using `evpn_l3_multicast.evpn_underlay_l3_multicast_group`
+
+```diff
+tenants:
+  - name: Tenant_C
+    evpn_l3_multicast:
+      enabled: true
+    vrfs:
+      - name: TEN_C_L3_MULTICAST_ENABLED_130_131
+        evpn_l3_multicast:
+          enabled: true
++         evpn_underlay_l3_multicast_group: 232.0.64.2
+        <...>
+```
+
 ### Base class for custom IP addressing `AvdIpAddressing` was moved
 
 The `AvdIpAddressing` class was moved from the Ansible collection to `pyavd.api.ip_addressing`. Import statements must be updated.
@@ -195,7 +276,7 @@ To retain the old configuration with no TCAM profile the default platform settin
 +      non_mlag: 1020
 ```
 
-#### Structured Configuration merged from SVI profiles is now deep merged instead of replaced
+### Structured Configuration merged from SVI profiles is now deep merged instead of replaced
 
 When merging `structured_config` from SVI profiles and parent profiles, AVD versions below 5.0.0 replaced the entire `structured_config` object with the most specific definition of `structured_config`.
 
@@ -242,7 +323,7 @@ no_autostate: false   # <-- Set on SVI, overriding the setting from svi_profile
 
 Depending on the complexity of the deployment, it may require changes to the SVI and profiles to retain the previous configuration output.
 
-#### MLAG L3 Peering VLAN 4093 is no longer created when `underlay_routing_protocol: 'none'`
+### MLAG L3 Peering VLAN 4093 is no longer created when `underlay_routing_protocol: 'none'`
 
 AVD versions below 5.0.0 created the MLAG L3 peering VLAN 4093, even when no L3 MLAG peering was created using an underlay routing protocol.
 This happened in cases where `underlay_routing_protocol` was set to `none`.
@@ -253,7 +334,7 @@ other VRFs; `<mlag_ibgp_peering_vrfs.base_vlan - default 3000> - 1 + <vrf_id>`.
 
 The peer VLAN config can be retained by setting `mlag_ibgp_peering_vlan: 4093` under the VRF, by using `custom_structured_configuration` or by setting `underlay_routing_protocol` to something else than `none`.
 
-#### BGP is now configured for Network services VRFs even if 'evpn' is not part of the address-families
+### BGP is now configured for Network services VRFs even if 'evpn' is not part of the address-families
 
 AVD versions below 5.0.0 did not generate BGP configuration for VRFs unless the node type included `evpn` or `mpls` under `default_address_families` *and* the
 VRF had the same `evpn` or `mpls` defined under `address_families` (default is `['evpn']`).
@@ -280,6 +361,50 @@ It is possible to forcefully add or remove BGP configuration per VRF by setting:
           enabled: <bool>  # <-- New optional setting to either always or never configure BGP for the VRF
 ```
 
+### Default interface descriptions are changed for more consistency
+
+With AVD version 5.0.0 the default interface descriptions are changed to give better consistency.
+
+The default interface description for `Loopback0` changes to `ROUTER_ID` for all designs.
+Previously this description varied depending on the network design and chosen protocols.
+
+The `router_id_loopback_description` or the deprecated `overlay_loopback_description` settings still takes precedence,
+so no changes will be seen if either of these are set.
+
+The description can be reverted manually if needed:
+
+```diff
+ # Using the new 'router_id_loopback_description' which replaces the deprecated 'overlay_loopback_description'
++router_id_loopback_description: "EVPN_Overlay_Peering"
+```
+
+The default interface description for `Loopback1` (or the interface set with `vtep_loopback`) changes to `VXLAN_TUNNEL_SOURCE`.
+Previously the description was `VTEP_VXLAN_Tunnel_Source`.
+
+The description can be reverted manually if needed:
+
+```diff
++vtep_loopback_description: "VTEP_VXLAN_Tunnel_Source"
+```
+
+The default interface description for the management interface changes to `OOB_MANAGEMENT`.
+Previously the description was `oob_management`.
+
+The description can be reverted manually if needed:
+
+```diff
++mgmt_interface_description: "oob_management"
+```
+
+### `wan_mode: autovpn` renamed `wan_mode: legacy-autovpn`
+
+With AVD version 5.0.0 the valid values for `wan_mode` key have changed. If using the `autovpn` mode in AVD 4.x, the `wan_mode` key needs to be updated to `legacy-autovpn`.
+
+```diff
+-  wan_mode: autovpn
++  wan_mode: legacy-autovpn
+```
+
 ### custom_structured_configuration_prefix no longer accepts a string
 
 Starting AVD 5.0.0, `custom_structured_configuration_prefix` only accepts a list of strings.
@@ -398,6 +523,76 @@ To retain the previous behaviour, set the value to `false`:
 +shutdown_interfaces_towards_undeployed_peers: false
 ```
 
+### Only render IGMP snooping querier version and address when enabled
+
+In AVD 4.0.0, the `ip igmp snooping vlan` command for version and address was rendered even when the IGMP snooping querier was not enabled.
+Starting from AVD 5.0.0, the `ip igmp snooping vlan` command for version and address is rendered only when the IGMP snooping querier is enabled.
+
+To retain the old configuration use custom structured configuration.
+
+```diff
+custom_structured_configuration_ip_igmp_snooping:
+  vlans:
+  - id: 1
+    querier:
+      enabled: false
+      address: 192.168.255.1
+      version: 3
+```
+
+### Default MTU value changed from `9214` to `9194` for Dps1, WAN HA and WAN p2p uplink interfaces
+
+In AVD 4.0.0, the default MTU for Dps1, WAN HA and WAN p2p uplink interfaces was `9214`.
+In AVD 5.0.0, the default MTU for Dps1, WAN HA and WAN p2p uplink interfaces has been changed to `9194`.
+
+To retain the old MTU on WAN HA interfaces use `<node_type>.defaults/node_groups[]/node_groups[].nodes[]/nodes[].wan_ha.mtu` as `9214`.
+
+```diff
+wan_router:
+  node_groups:
+    - group: SITE_HA_ENABLED
+      wan_ha:
+        enabled: true
+        ha_interfaces: [Ethernet52]
++       mtu: 9214
+```
+
+To retain the old MTU on Dps1 interface use custom structured configuration
+
+```diff
+custom_structured_configuration_dps_interfaces:
+  - name: Dps1
++   mtu: 9214
+```
+
+To retain the old MTU on WAN p2p uplink interfaces use custom_platform_settings
+
+```diff
+custom_platform_settings:
+  - feature_support:
+      bgp_update_wait_for_convergence: true
+      bgp_update_wait_install: false
+      interface_storm_control: false
+      queue_monitor_length_notify: false
+    management_interface: Management1/1
++   p2p_uplinks_mtu: 9214
+    platforms:
+      - AWE-5310
+      - AWE-5510
+      - AWE-7250R
+      - AWE-7230R
+  - feature_support:
+      bgp_update_wait_for_convergence: true
+      bgp_update_wait_install: false
+      interface_storm_control: false
+      poe: true
+      queue_monitor_length_notify: false
+    management_interface: Management1
++   p2p_uplinks_mtu: 9214
+    platforms:
+      - AWE-7220R
+```
+
 ## Changes to role `arista.avd.eos_cli_config_gen`
 
 TODO: Level 3 sections for each change with details on how to migrate
@@ -729,6 +924,8 @@ port_channel_interfaces:
 +           to: 5
 ```
 
+The change has been incorporated into `eos_designs`, so action is only required when defining `structured_configuration` directly.
+
 #### `encapsulation` configuration and documentation
 
 In AVD 4.0.0, the configuration and documentation for `encapsulation` in ethernet and port-channel interfaces were renderend only if `ethernet_interfaces[].type` or `port_channel_interfaces[].type` was set to `l2dot1q/l3dot1q` along with the keys `encapsulation_dot1q_vlan` and `encapsulation_vlan`.

ansible_collections/arista/avd/docs/release-notes/5.x.x.md

@@ -150,6 +150,18 @@ Previously it also accepted a string, which was autoconverted to a list.
 
 See the [porting guide](../porting-guides/5.x.x.md#) for details.
 
+#### Default MTU value changed from `9214` to `9194` for Dps1, WAN HA and WAN p2p uplink interfaces
+
+Starting AVD 5.0.0, the default MTU for Dps1, WAN HA and WAN p2p uplink interfaces changed from `9214` to `9194`.
+
+See the [porting guide](../porting-guides/5.x.x.md#default-mtu-value-changed-from-9214-to-9194-for-dps1-wan-ha-and-wan-p2p-uplink-interfaces) for details.
+
+#### Only render IGMP snooping querier version and address when enabled
+
+Starting from AVD 5.0.0, the `ip igmp snooping vlan` command for version and address is rendered only when the IGMP snooping querier is enabled.
+
+See the [porting guide](../porting-guides/5.x.x.md#only-render-igmp-snooping-querier-version-and-address-when-enabled) for details.
+
 #### ipv6_virtual_router_addresses are now configured if ipv6_enable is true on SVIs
 
 For SVIs with `ipv6_virtual_router_addresses` set, AVD versions below 5.0.0 only rendered the configuration if `ipv6_address`
@@ -176,6 +188,12 @@ Starting AVD 5.0.0, by default `redistribute igmp` will only get configured when
 
 See the [Porting guide for AVD 5.x.x](../porting-guides/5.x.x.md#removed-redistribute-igmp-from-bgp-vlan-config-belong-to-a-vrf-with-evpn-multicast)
 
+#### vrf_id will be used instead of vrf_vni to get the ip address of evpn underlay multicast group
+
+Starting AVD 5.0.0, `vrf_id` is used instead of `vrf_vni` in the algorithm to set the offset for IP address of EVPN underlay multicast group when `evpn_l3_multicast` is enabled.
+
+See the [Porting guide for AVD 5.x.x](../porting-guides/5.x.x.md#vrf_id-is-used-instead-of-vrf_vni-to-calculate-the-ip-address-of-evpn-underlay-multicast-group-for-a-vrf)
+
 #### AvdInterfaceDescriptions breaking changes
 
 The class `AvdInterfaceDescriptions` was moved to `pyavd` and heavily modified.
@@ -184,6 +202,12 @@ The updated version gives more flexibility to customizing interface descriptions
 
 See the [Porting guide for AVD 5.x.x](../porting-guides/5.x.x.md#avdinterfacedescriptions-breaking-changes)
 
+#### `wan_mode: autovpn` renamed `wan_mode: legacy-autovpn`
+
+With AVD version 5.0.0 the valid values for `wan_mode` key are now `legacy-autovpn | cv-pathfinder`.
+
+See the [porting guide](../porting-guides/5.x.x.md#wan-mode-autovpn-renamed-wan-mode-legacy-vpn) for details.
+
 ### Other breaking or behavioral changes
 
 Breaking changes may require modifications to the inventory or playbook. See the [Porting guide for AVD 5.x.x](../porting-guides/5.x.x.md)