The Arista Switch Management Platform is a comprehensive web-based management system designed to centrally manage and monitor Arista network switches. This platform provides network administrators with an intuitive, modern interface to:
- Manage Multiple Switches: Add, configure, and monitor multiple Arista switches from a single web interface
- Configure Network Settings: Create and manage VLANs, configure interfaces, set up port channels, and manage network configurations
- Monitor Network Health: Real-time status monitoring, port activity tracking, and system log viewing
- Manage Configurations: Edit switch configurations, create backups, restore previous configurations, and synchronize settings across switches
- Control Access: User management with role-based permissions (Admin, Operator, Viewer) and granular access control per switch
- Maintain Switches: Firmware management, scheduled restarts, time synchronization, and maintenance operations
The platform communicates with Arista switches using the eAPI (eXtensible API) protocol, allowing for programmatic control and configuration without requiring direct console access to each switch.
- Features
- Requirements
- Testing & Compatibility
- Quick Setup Guide
- Configuration
- Getting Started
- User Guide
- Screenshots
- API Documentation
- Troubleshooting
- Contributing
- Security Considerations
- License
- Add/Edit/Delete Switches: Manage multiple Arista switches from a single interface
- Switch Polling: Real-time status monitoring and health checks
- Switch Details: Comprehensive view of switch information, status, and statistics
- Bulk Operations: Perform operations on multiple switches simultaneously
- VLAN Creation & Configuration: Create and manage VLANs across switches
- VLAN Matrix: Visual matrix for managing VLAN assignments
- Trunk Configuration: Configure trunk ports with multiple VLANs
- Access Port Configuration: Set up access ports with single VLAN assignment
- Interface Configuration: Configure individual switch interfaces
- Port Status Monitoring: Real-time port status and activity monitoring
- Port Channel Management: Create and manage port channels (LAG)
- Transceiver Information: View SFP/SFP+ transceiver details
- Configuration Editor: Edit switch configurations with syntax highlighting
- Configuration Backup: Automatic and manual configuration backups
- Configuration Restore: Restore previous configurations
- Configuration Diff: Compare current vs. backup configurations
- Configuration Sync: Synchronize configurations across switches
- Firmware Upload: Upload new firmware files to switches
- Firmware Download: Download firmware from switches
- Firmware Version Tracking: Track firmware versions across switches
- User Management: Create, edit, and delete user accounts
- Role-Based Access Control: Admin, Operator, and Viewer roles
- Permission System: Granular permission management per switch
- Audit Logging: Track all user actions and changes
- Real-time Logs: View switch logs in real-time
- MAC Address Table: View and search MAC address tables
- Port Activity: Monitor port activity and statistics
- Alert System: Receive alerts for switch issues
- Time Settings: Configure NTP and time synchronization
- Restart Scheduler: Schedule switch restarts
- Import/Export: Import switches from CSV, export configurations
- Maintenance Mode: Put switches in maintenance mode
- Web Server: Apache 2.4+ with mod_rewrite enabled
- PHP: PHP 7.4 or higher
- Database: MySQL 5.7+ or MariaDB 10.3+
- Extensions:
- PDO
- PDO_MySQL
- JSON
- cURL
- OpenSSL
- Network connectivity to Arista switches
- Switches must have eAPI enabled
- Appropriate firewall rules for switch communication
- Chrome/Edge 90+
- Firefox 88+
- Safari 14+
- Modern browsers with JavaScript enabled
This application has been tested with:
- Arista 7280SE-64 switch
- Firmware Update Feature: The firmware update feature has not been tested due to lack of an active Arista support subscription. This feature may require additional testing or configuration.
- EOS Version Testing: Testing has been limited to the EOS version available on the test hardware. The application may work with other EOS versions, but comprehensive testing across different versions was not possible without an active support subscription.
- Switch Model Compatibility: While the application is designed to work with Arista switches that support eAPI, it has only been tested with the Arista 7280SE-64 model. Other switch models should work but may require additional testing.
- Test the application with your specific switch models and EOS versions before deploying to production
- Verify firmware update functionality if you have an active support subscription
- Report any compatibility issues or unexpected behavior with different switch models or EOS versions
Follow these five steps to get the Arista Switch Management Platform up and running:
For XAMPP (Windows):
- Copy the
aristafolder toC:\xampp\htdocs\ - Ensure Apache and MySQL services are running in XAMPP Control Panel
For Apache (Linux):
- Copy the project to
/var/www/html/arista/or your web root - Ensure mod_rewrite is enabled:
sudo a2enmod rewrite && sudo systemctl restart apache2
A complete database dump file is included in the document root:
-
Create a MySQL/MariaDB database:
CREATE DATABASE switchdb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
-
Import the database:
mysql -u root -p switchdb < switchdb_clean.sql
Note: The
switchdb_clean.sqlfile in the document root contains a complete database dump with all tables and initial data needed for the application.
IMPORTANT: You must configure your database connection settings before the application will work.
Edit the file api/config.php and update the database configuration section with your database credentials:
// ============================================
// Database Configuration
// ============================================
define('DB_HOST', 'localhost'); // Your database host
define('DB_NAME', 'switchdb'); // Your database name
define('DB_USER', 'your_username'); // Your database username
define('DB_PASS', 'your_password'); // Your database password
define('DB_CHARSET', 'utf8mb4');Replace your_username and your_password with your actual MySQL/MariaDB credentials.
If you're on Linux, ensure the web server can access the files:
chmod -R 755 frontend/
chmod -R 755 api/
chmod -R 777 firmware/ # If firmware uploads are needed-
Open your web browser and navigate to:
- XAMPP:
http://localhost/arista/ - Linux:
http://your-server-ip/arista/
- XAMPP:
-
You will see the login page. Use the default credentials:
- Username:
admin - Password:
password
- Username:
-
After logging in, you can:
- Add your Arista switches
- Create additional user accounts
- Configure permissions
- Start managing your network switches
Security Note: Change the default admin password immediately after first login through the User Management interface. The default credentials (
admin/password) should only be used for initial setup.
Edit api/config.php to adjust session settings:
define('SESSION_LIFETIME', 3600); // Session timeout in seconds
define('SESSION_COOKIE_SECURE', false); // Set to true for HTTPSdefine('CSRF_TOKEN_LIFETIME', 3600);
define('MAX_LOGIN_ATTEMPTS', 5);
define('LOGIN_LOCKOUT_TIME', 900); // 15 minutesBefore you can add switches to the platform, you must configure them to enable eAPI (eXtensible API). The eAPI allows the platform to communicate with your switches programmatically.
- Console or SSH access to your Arista switch
- Administrative privileges on the switch
- Network connectivity between the web server and switch management IP
-
Connect to the switch console or via SSH
-
Enter privileged mode:
switch> enable switch#
-
Enter configuration mode:
switch# configure terminal switch(config)# -
Enable the management API:
switch(config)# management api http-commands switch(config-mgmt-api-http)#
-
Configure the protocol (HTTP or HTTPS):
For HTTP (port 80):
switch(config-mgmt-api-http)# protocol httpFor HTTPS (port 443) - Recommended for production:
switch(config-mgmt-api-http)# protocol https -
Enable the API:
switch(config-mgmt-api-http)# no shutdown -
Save the configuration:
switch(config-mgmt-api-http)# write memory -
Verify eAPI is enabled:
switch# show management api http-commands
You should see output indicating the API is enabled and running.
For eAPI to function properly with the platform, the user account used for eAPI authentication must have privilege level 15 (full administrative access). This is required because the platform needs to execute configuration commands such as creating VLANs, modifying interfaces, and updating switch configurations.
Create a user with privilege level 15:
switch(config)# username admin privilege 15 secret your_password
switch(config)# exit
switch# write memoryVerify the user has correct privileges:
switch# show usersYou should see your user account listed with privilege level 15.
Important: Replace
adminwith your desired username andyour_passwordwith a strong password. Thesecretkeyword stores the password using a secure hash. Privilege level 15 is required for full CLI access and configuration commands.
By default, eAPI users have limited permissions and cannot enter configuration mode or execute administrative commands. To allow the platform to perform configuration operations (such as creating VLANs, modifying interfaces, etc.), you must configure AAA (Authentication, Authorization, and Accounting) authorization on the switch.
Why is this needed?
Without AAA authorization configured, eAPI users will be able to authenticate and run read-only commands (like show commands), but they will not be able to execute configuration commands. The platform requires the ability to modify switch configurations, so AAA authorization is essential.
Configure AAA Authorization:
-
Enter configuration mode:
switch# configure terminal switch(config)# -
Configure AAA authorization for exec sessions:
switch(config)# aaa authorization exec default localThis command tells the switch to use local authentication for login/exec sessions.
-
Configure AAA authorization for command execution:
switch(config)# aaa authorization commands all default localThis command tells the switch to use local authentication for all command execution, allowing the eAPI user to run configuration commands based on their privilege level.
-
Ensure your eAPI user has privilege level 15:
switch(config)# username admin privilege 15(If you already created the user in the previous step, this command ensures it has the correct privilege level)
-
Save the configuration:
switch(config)# exit switch# write memory
Verify AAA Authorization Configuration:
switch# show aaa authorization
switch# show usersYou should see:
- Authorization method lists configured for "exec" and "commands" using "local"
- Your eAPI user account with privilege level 15
What this enables:
Once AAA authorization is configured, your eAPI user will be able to:
- Execute configuration commands (create/modify VLANs, interfaces, etc.)
- Enter configuration mode via eAPI
- Perform all administrative operations required by the platform
Note: If you experience issues with VLAN creation or other configuration operations after setting up eAPI, verify that AAA authorization is properly configured. You can use the Diagnostic Tool in the application to test eAPI permissions and identify any authorization issues.
Restrict API access to specific IP addresses (optional but recommended):
switch(config-mgmt-api-http)# ip access-group API_ACCESS in
switch(config)# ip access-list standard API_ACCESS
switch(config-std-acl)# permit 10.10.50.149 # Your web server IP
switch(config-std-acl)# deny anyEnable HTTPS with SSL certificate (for production):
switch(config-mgmt-api-http)# protocol https
switch(config-mgmt-api-http)# ssl profile SSL_PROFILEView current eAPI status:
switch# show management api http-commandsAfter configuring eAPI, you can test connectivity using the Diagnostic Tool in the application (see Diagnostic Tool section below) or manually test with curl:
curl -k https://switch-ip-address/command-api -u username:password -d '{"jsonrpc": "2.0", "method": "runCmds", "params": {"version": 1, "cmds": ["show version"]}, "id": 1}'Note: For detailed step-by-step instructions on configuring switches, including factory reset, setting IP addresses, and configuring passwords, see the Help section within the application (accessible from the main navigation menu).
- Navigate to
http://localhost/arista/(or your server URL) - You'll see the login page
- Use the default credentials to log in:
- Username:
admin - Password:
password
- Username:
Important: After your first login, immediately change the default password through the User Management interface for security.
After logging in, you'll see the main dashboard with:
- Switch list with status indicators
- Quick action buttons
- Navigation menu
- User information
The application includes two built-in tools to assist with setup and troubleshooting:
The Help section (accessible from the main navigation menu) provides step-by-step guides for:
- Factory Reset Switch: Instructions for resetting a switch to factory defaults
- Set IP Address: How to configure the management IP address on a switch
- Set Admin Password: Steps to change the switch administrator password.
- Enable & Configure eAPI: Detailed instructions for enabling eAPI on Arista switches
- Configure AAA Authorization: Guide for setting up authentication, authorization, and accounting
These guides are especially useful when setting up new switches or troubleshooting connectivity issues.
The Diagnostic tool (accessible from the main navigation menu) is an interactive eAPI diagnostic utility that helps you:
- Test Switch Connectivity: Verify network connectivity to your switches
- Test eAPI Functionality: Check if eAPI is properly configured and responding
- Run Individual Tests: Select specific diagnostic tests to run
- Override Credentials: Test with different credentials without modifying switch settings
- View Detailed Results: See real-time test execution and detailed error messages
Using the Diagnostic Tool:
- Click the Diagnostic button in the main navigation
- Select a switch from the dropdown (or use custom credentials)
- Choose which tests to run (or run all tests)
- Click Run Tests to execute diagnostics
- Review the results to identify any connectivity or configuration issues
The diagnostic tool is particularly useful when:
- Adding a new switch and verifying connectivity
- Troubleshooting why a switch appears offline
- Testing eAPI configuration changes
- Verifying credentials before adding a switch
- Click "Add Switch" button (Admin/Operator only)
- Fill in the switch details:
- Hostname: Friendly name for the switch
- IP Address: Management IP address
- Username: eAPI username
- Password: eAPI password
- Description: Optional description
- Click "Add Switch" to save
- Click on a switch name in the switch list
- View comprehensive switch information:
- General information
- Interface status
- VLAN configuration
- Configuration files
- Logs
- MAC address table
- Navigate to VLAN Management from the menu
- Select a switch
- Click "Create VLAN"
- Enter VLAN ID and name
- Configure VLAN settings
- Click "Create"
- Go to Interface Management
- Select an interface
- Set interface mode to "Trunk"
- Select VLANs to allow on the trunk
- Save configuration
- Open switch details
- Navigate to "Configuration" tab
- Click "Edit Configuration"
- Make your changes in the editor
- Click "Save" to apply changes
- Optionally create a backup before applying
- Navigate to User Management (Admin only)
- Click "Add User"
- Fill in user details:
- Username
- Password
- Role (Admin, Operator, Viewer)
- Assign permissions to specific switches
- Click "Create User"
- Go to Permission Management
- Select a user
- Grant or revoke permissions:
- View: Can view switch information
- Edit: Can edit switch configurations
- Delete: Can delete switches
- Permissions can be set per switch
- Open switch details
- Navigate to "Port Activity" tab
- View real-time port statistics:
- Port status (Up/Down)
- Traffic statistics
- Error counters
- Utilization graphs
- Open switch details
- Go to "Logs" tab
- View system logs, interface logs, or configuration logs
- Use filters to search specific log entries
- Export logs if needed
- Navigate to Firmware Manager
- Select a switch
- Upload Firmware:
- Click "Upload Firmware"
- Select firmware file
- Upload to switch
- Download Firmware:
- View current firmware version
- Download firmware from switch
The following screenshots demonstrate key features of the platform:
Main dashboard showing switch list and status
List of all managed switches with status indicators
VLAN configuration interface
Interface configuration and status
Switch configuration editor with syntax highlighting
Firmware upload and management interface
User account management interface
Real-time log viewing interface
User login interface
Form for adding new switches
Detailed switch information view
VLAN creation and configuration
User permission management interface
Port activity monitoring and statistics
All API endpoints require authentication via session cookies.
POST /arista/api/auth/login.php
Body: { "username": "admin", "password": "password" }
GET /arista/api/auth/session.php
POST /arista/api/auth/logout.php
GET /arista/api/switches/list.php
GET /arista/api/switches/get.php?id={switch_id}
POST /arista/api/switches/add.php
Body: {
"hostname": "switch1",
"ip_address": "192.168.1.1",
"username": "admin",
"password": "password"
}
POST /arista/api/switches/update.php
Body: { "id": 1, "hostname": "new-name", ... }
POST /arista/api/switches/delete.php
Body: { "id": 1 }
POST /arista/api/switches/poll.php
Body: { "id": 1 }
GET /arista/api/switches/vlans/list.php?switch_id={id}
POST /arista/api/switches/vlans/create.php
Body: {
"switch_id": 1,
"vlan_id": 100,
"name": "VLAN100"
}
POST /arista/api/switches/vlans/update.php
Body: { "switch_id": 1, "vlan_id": 100, ... }
POST /arista/api/switches/vlans/delete.php
Body: { "switch_id": 1, "vlan_id": 100 }
GET /arista/api/switches/config/get.php?switch_id={id}
POST /arista/api/switches/config/save.php
Body: {
"switch_id": 1,
"config": "hostname switch1\n..."
}
POST /arista/api/switches/config/backup.php
Body: { "switch_id": 1 }
POST /arista/api/switches/config/restore.php
Body: { "switch_id": 1, "backup_id": 1 }
GET /arista/api/users/list.php
POST /arista/api/users/create.php
Body: {
"username": "user1",
"password": "password",
"role": "operator"
}
POST /arista/api/users/update.php
Body: { "id": 1, "username": "new-name", ... }
POST /arista/api/users/delete.php
Body: { "id": 1 }
Problem: Switches show as "Offline" or connection fails.
Solutions:
- Verify switch IP addresses are correct
- Ensure switches have eAPI enabled
- Check network connectivity
- Verify firewall rules allow connections
- Confirm username/password are correct
Problem: "Database connection failed" error.
Solutions:
- Verify database credentials in
api/config.php - Ensure MySQL/MariaDB service is running
- Check database exists:
SHOW DATABASES; - Verify user has proper permissions
Problem: Getting logged out frequently.
Solutions:
- Increase
SESSION_LIFETIMEinapi/config.php - Check server time synchronization
- Clear browser cookies and cache
Problem: Configuration edits don't persist.
Solutions:
- Verify switch connectivity
- Check switch permissions
- Review error logs in browser console
- Ensure configuration syntax is valid
Problem: Page appears unstyled or JavaScript errors.
Solutions:
- Clear browser cache (Ctrl+F5)
- Verify
.htaccessfile is present - Check Apache mod_rewrite is enabled
- Verify file paths in
index.htmlare correct
Enable debug logging by checking browser console (F12) for detailed error messages.
- Use the Built-in Help Section: The application includes a comprehensive Help section accessible from the main navigation menu with step-by-step guides for switch configuration
- Use the Diagnostic Tool: The Diagnostic tool can help identify connectivity and eAPI configuration issues
- Review error logs in the Logs Viewer
- Check browser console for JavaScript errors (F12)
- Review Apache error logs
Contributions are welcome! Please follow these guidelines:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow PSR-12 for PHP code
- Use ESLint for JavaScript
- Comment complex logic
- Write descriptive commit messages
Before deploying to production:
- Change Default Credentials: Update all default passwords
- Enable HTTPS: Configure SSL/TLS certificates
- Update Security Settings: Set
SESSION_COOKIE_SECUREtotrue - Restrict Database Access: Use dedicated database user with minimal permissions
- Review File Permissions: Ensure proper file/directory permissions
- Regular Updates: Keep PHP and dependencies updated
- Backup Regularly: Implement automated backup strategy
- Monitor Logs: Set up log monitoring and alerts
- Use strong passwords for all accounts
- Regularly review user permissions
- Keep switches updated with latest firmware
- Monitor audit logs for suspicious activity
- Implement network segmentation
- Use firewall rules to restrict access
[Specify your license here]
For support, please:
- Open an issue on GitHub
- Check the documentation
- Review the Help section in the application
- Built with Vue.js 3
- Uses Bootstrap 5 for UI
- Arista eAPI for switch communication
- DataTables for data presentation
Version: 1.0.0
Last Updated: 2024