Try SpotterManage and configure Arista EOS eAPI.
| "added in version" 2.1 of ansible.builtin"
Authors: Peter Sprygada (@privateip)
preview | supported by network
pipInstall with pip install ansible==2.9.17
Use to enable or disable eAPI access, and set the port and state of http, https, local_http and unix-socket servers.
When enabling eAPI access the default is to enable HTTP on port 80, enable HTTPS on port 443, disable local HTTP, and disable Unix socket server. Use the options listed below to override the default configuration.
Requires EOS v4.12 or greater.
- name: Enable eAPI access with default configuration
eos_eapi:
state: started
- name: Enable eAPI with no HTTP, HTTPS at port 9443, local HTTP at port 80, and socket enabled
eos_eapi:
state: started
http: false
https_port: 9443
local_http: yes
local_http_port: 80
socket: yes
- name: Shutdown eAPI access
eos_eapi:
state: stopped
vrf:
default: default
description:
- The C(vrf) argument will configure eAPI to listen for connections in the specified
VRF. By default, eAPI transports will listen for connections in the global table. This
value requires the VRF to already be created otherwise the task will fail.
version_added: '2.2'
version_added_collection: ansible.builtin
http:
aliases:
- enable_http
default: 'no'
description:
- The C(http) argument controls the operating state of the HTTP transport protocol
when eAPI is present in the running-config. When the value is set to True, the HTTP
protocol is enabled and when the value is set to False, the HTTP protocol is disabled.
By default, when eAPI is first configured, the HTTP protocol is disabled.
type: bool
https:
aliases:
- enable_https
default: 'yes'
description:
- The C(https) argument controls the operating state of the HTTPS transport protocol
when eAPI is present in the running-config. When the value is set to True, the HTTPS
protocol is enabled and when the value is set to False, the HTTPS protocol is disabled.
By default, when eAPI is first configured, the HTTPS protocol is enabled.
type: bool
state:
choices:
- started
- stopped
default: started
description:
- The C(state) argument controls the operational state of eAPI on the remote device. When
this argument is set to C(started), eAPI is enabled to receive requests and when
this argument is C(stopped), eAPI is disabled and will not receive requests.
config:
description:
- The module, by default, will connect to the remote device and retrieve the current
running-config to use as a base for comparing against the contents of source. There
are times when it is not desirable to have the task get the current running-config
for every task in a playbook. The I(config) argument allows the implementer to
pass in the configuration to use as the base config for comparison.
version_added: '2.2'
version_added_collection: ansible.builtin
socket:
aliases:
- enable_socket
default: 'no'
description:
- The C(socket) argument controls the operating state of the UNIX Domain Socket used
to receive eAPI requests. When the value of this argument is set to True, the UDS
will listen for eAPI requests. When the value is set to False, the UDS will not
be available to handle requests. By default when eAPI is first configured, the
UDS is disabled.
type: bool
provider:
description:
- B(Deprecated)
- 'Starting with Ansible 2.5 we recommend using C(connection: network_cli).'
- 'Starting with Ansible 2.6 we recommend using C(connection: httpapi) for eAPI.'
- This option will be removed in a release after 2022-06-01.
- For more information please see the L(EOS Platform Options guide, ../network/user_guide/platform_eos.html).
- HORIZONTALLINE
- A dict object containing connection details.
suboptions:
auth_pass:
description:
- Specifies the password to use if required to enter privileged mode on the remote
device. If I(authorize) is false, then this argument does nothing. If the value
is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS)
will be used instead.
type: str
authorize:
default: false
description:
- Instructs the module to enter privileged mode on the remote device before sending
any commands. If not specified, the device will attempt to execute all commands
in non-privileged mode. If the value is not specified in the task, the value
of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
type: bool
host:
description:
- Specifies the DNS host name or address for connecting to the remote device over
the specified transport. The value of host is used as the destination address
for the transport.
type: str
password:
description:
- Specifies the password to use to authenticate the connection to the remote device. This
is a common argument used for either I(cli) or I(eapi) transports. If the value
is not specified in the task, the value of environment variable C(ANSIBLE_NET_PASSWORD)
will be used instead.
type: str
port:
default: 0
description:
- Specifies the port to use when building the connection to the remote device. This
value applies to either I(cli) or I(eapi).
- The port value will default to the appropriate transport common port if none
is provided in the task (cli=22, http=80, https=443).
type: int
ssh_keyfile:
description:
- Specifies the SSH keyfile to use to authenticate the connection to the remote
device. This argument is only used for I(cli) transports. If the value is not
specified in the task, the value of environment variable C(ANSIBLE_NET_SSH_KEYFILE)
will be used instead.
type: path
timeout:
description:
- Specifies the timeout in seconds for communicating with the network device for
either connecting or sending commands. If the timeout is exceeded before the
operation is completed, the module will error.
type: int
transport:
choices:
- cli
- eapi
default: cli
description:
- Configures the transport connection to use when connecting to the remote device.
type: str
use_proxy:
default: true
description:
- If C(no), the environment variables C(http_proxy) and C(https_proxy) will be
ignored.
type: bool
use_ssl:
default: true
description:
- Configures the I(transport) to use SSL if set to C(yes) only when the C(transport=eapi). If
the transport argument is not eapi, this value is ignored.
type: bool
username:
description:
- Configures the username to use to authenticate the connection to the remote
device. This value is used to authenticate either the CLI login or the eAPI
authentication depending on which transport is used. If the value is not specified
in the task, the value of environment variable C(ANSIBLE_NET_USERNAME) will
be used instead.
type: str
validate_certs:
default: true
description:
- If C(no), SSL certificates will not be validated. This should only be used on
personally controlled sites using self-signed certificates. If the transport
argument is not eapi, this value is ignored.
type: bool
type: dict
http_port:
default: 80
description:
- Configures the HTTP port that will listen for connections when the HTTP transport
protocol is enabled. This argument accepts integer values in the valid range of
1 to 65535.
https_port:
default: 443
description:
- Configures the HTTP port that will listen for connections when the HTTP transport
protocol is enabled. This argument accepts integer values in the valid range of
1 to 65535.
local_http:
aliases:
- enable_local_http
default: 'no'
description:
- The C(local_http) argument controls the operating state of the local HTTP transport
protocol when eAPI is present in the running-config. When the value is set to True,
the HTTP protocol is enabled and restricted to connections from localhost only. When
the value is set to False, the HTTP local protocol is disabled.
- Note is value is independent of the C(http) argument
type: bool
local_http_port:
default: 8080
description:
- Configures the HTTP port that will listen for connections when the HTTP transport
protocol is enabled. This argument accepts integer values in the valid range of
1 to 65535.
commands:
description: The list of configuration mode commands to send to the device
returned: always
sample:
- management api http-commands
- protocol http port 81
- no protocol https
type: list
session_name:
description: The EOS config session name used to load the configuration
returned: when changed is True
sample: ansible_1479315771
type: str
urls:
description: Hash of URL endpoints eAPI is listening on per interface
returned: when eAPI is started
sample:
Management1:
- http://172.26.10.1:80
type: dict