Tuesday, August 27, 2013

Arista Networks vEOS and eAPI

It has been a few months since I worked on Arista switches. Recently I received a copy of vEOS from the Arista Account Manager (Thanks! Mike) in the region, also around the same time I saw a post by Mark Berly on eAPI. The vEOS build is 4.12.1, several releases newer than the last version I worked on so I have decided to see if I can test drive the eAPI on the vEOS.

The steps I took are listed below. I have to say I am pretty impress with the combination. This allows network engineers to quickly try, test, and deploy scripts to quickly gather information from switches in production. The only drawback at this time is that not all CLI commands are supported, but this should be less of an issue as the API matures.

Here are the steps I took. Basically 1. Get vEOS online, 2. Enable eAPI, 3. Use Python to enable query.

Step 1. Download Aboot and vEOS disk image.

Here is the instruction link by Andre Pech: https://eos.aristanetworks.com/2011/11/running-eos-in-a-vm/. If you want to test eAPI like I did, make sure you download the 4.12.3 image (at the bottom of the page). If this is your first time, make sure you read the instruction on creating vmx file and change the path / version accordingly.

Step 2. Create the vmx file.

As indicated by the instruction, create the .vmx file and change the displayName and the paths to Aboot and Flash image. If you use a different version than the one listed in the file, don't forget to change that as well (such as EOS 4.12.3).
 9 displayName = "vEOS"
 56 # Boot loader
 57 ide0:0.present = "TRUE"
 58 ide0:0.fileName = "<your path>/Aboot-veos-2.0.8.iso"
 59 ide0:0.deviceType = "cdrom-image"
 61 # Internal flash
 62 ide0:1.present = "TRUE"
 63 ide0:1.fileName = "<your path>/EOS-4.12.3-veos.vmdk"
 64 ide0:1.redo = ""
For me, I put the vmx file in the same directory as the aboot and flash disk image for management, but still specify full path. VMWare Fusion is installed on my Mac and double click the file will open the file via Fusion.

Step 3. Start vEOS.

Step 4. Make the device accessible from the network.

In order to bypass ZTP, the startup config is not empty. For my image, the username is 'admin' and it will drop you directly into user prompt, there is no enable password. Note that this was not in Andre's instruction as far as I can see.

As indicated by the vmx file, the Management1 interface is in the Fusion bridge network. So I just put an IP that is in the same network as my Ethernet network on the host machine in order to access vEOS.

You can optionally follow these two post if you want to use any of the Ethernet ports off the switch.


Step 5. Follow Mark Berly's instruction on enable eAPI:


Here is my snippet for the username/password (http/http) and http server:

Don't forget to create the username and password to access the http interface later on.

Step 6. Access eAPI using your browser. Find a few commands that is supported, not all CLI commands are supported at this time. I have tried 'show version', 'show sflow', and 'show ip interface'.

Step 7. [optional] Install jsonlibrpc if you don't already have it. Since this is the package listed in the example, I just pip installed it.

$ sudo pip install jsonrpclib
Downloading/unpacking jsonrpclib
  Downloading jsonrpclib-0.1.3.tar.gz
  Running setup.py egg_info for package jsonrpclib
Installing collected packages: jsonrpclib
  Running setup.py install for jsonrpclib
Successfully installed jsonrpclib
Cleaning up...

Step 8. Experiment with the AIP with IPython. In my experience, IPython with autocomplete and question mark query is awesome in trying out new packages.

$ ipython
Enthought Python Distribution -- www.enthought.com

Python 2.7.3 | 32-bit | (default, Aug  8 2013, 05:53:56) 
Type "copyright", "credits" or "license" for more information.

IPython 0.13.1 -- An enhanced Interactive Python.
?         -> Introduction and overview of IPython's features.
%quickref -> Quick reference.
help      -> Python's own help system.
object?   -> Details about 'object', use 'object??' for extra details.

In [1]: from jsonrpclib import Server

In [2]: switch = Server("http://http:http@[management1 ip]/command-api")

In [3]: response = switch.runCmds(1, ["show version"])

In [4]: response
[{u'architecture': u'i386',
  u'bootupTimestamp': 1377616889.2462718,
  u'hardwareRevision': u'',
  u'internalBuildId': u'8051864e-5a59-4349-86c6-1d3725dcd811',
  u'internalVersion': u'4.12.1-1365021.EOS41231',
  u'memFree': 658800,
  u'memTotal': 2033888,
  u'modelName': u'vEOS',
  u'serialNumber': u'',
  u'systemMacAddress': u'00:0c:29:45:1b:64',
  u'version': u'4.12.1-1365021.EOS41231 (engineering build)'}]

In [5]: response = switch.runCmds(1, ["show sflow"])

In [6]: response
[{u'datagrams': 0,
  u'enabled': False,
  u'hardwareSampleRate': 1048576,
  u'hardwareSamples': 0,
  u'ipv4Destinations': [],
  u'ipv4Sources': [{u'ipv4Address': u'', u'vrfName': u'default'}],
  u'ipv6Destinations': [],
  u'ipv6Sources': [{u'ipv6Address': u'::', u'vrfName': u'default'}],
  u'polling': False,
  u'pollingInterval': 2.0,
  u'samplePool': 0,
  u'sampleRate': 1048576,
  u'samplingEnabled': True,
  u'sendingDatagrams': [{u'reason': u'notRunning',
    u'sending': False,
    u'vrfName': u'default'}],
  u'softwareSamples': 0,
  u'totalPackets': 0,
  u'warnings': [u'Displaying counters that may be stale']}]

In [7]: 

To walk thru the keys in the response, we can use two simple nested loop:

In [8]: response = switch.runCmds(1, ["show version"])

In [10]: for i in response:
   ....:     for j in i:
   ....:         print j

Now we can see the keys, then you can simply pick the field you want to see:

In [16]: response[0]['version']
Out[16]: u'4.12.1-1365021.EOS41231 (engineering build)'

In [17]: response[0]['memTotal']
Out[17]: 2033888

In [18]: 

The eAPI is probably one of the most simple and straight forward ways of query network switches out there. Kudos to Arista for coming up with it. WAY easier than screen scraping. Combine with vEOS, it allows the network engineer to easily experiment with the API before deploying in production. 

Leave me comments and let me know what you think of it!