Is there a way to get a handle for the session that Ansible uses, when
connecting to Arista switches to run commands? I am trying to build some
config validation/testing into a continuous integration pipeline with
Batfish.
Batfish (https://www.batfish.org/) however expects a full configuration
file that it can load and parse[1], and I have spent some time in the
Batfish slack discussing my use case with them. The main problem is that
I use a number of Ansible modules, and I don't see a way to use these
roles and render a full config that Batfish can consume, prior to it
being pushed to the router and impacting the dataplane forwarding.
I have a couple Arista EOS+ roles that I utilize:
* arista.eos-bgp
* arista.eos-route-control
* arista.eos-mlag
* arista.eos-virtual-router
As well as many of the built in modules, such as:
* eos_l2_interface
* eos_l3_interface
* eos_linkagg
* eos_vlan
Ideally, I'd like some way to have an Ansible playbook where I have
these roles apply inside an eos session, then have some tasks in the
playbook that executes the Batfish validation, and if it succeeds,
commit it to running-config[2]. If it fails, discard the session and do
not modify running-config.
If there was a way to expose the session that the `network_cli` plugin
already establishes[3], in a way that I could hold on to that reference,
that would be great. I looked into building vEOS instances in OpenStack
but never could get it working reliably enough where I could run
playbooks against the vEOS instances and then have Batfish pull the
configs off to evaluate.
Or perhaps another idea?
Thanks!
[2]: https://www.arista.com/en/um-eos/eos-section-2-5-session-management-commands#ww1217237
--- transcript - if slack archive deletes