This repository was archived by the owner on Oct 12, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
09. Junos proxy end to end examples
Khelil Sator edited this page Jun 27, 2017
·
18 revisions
You can use any junos version and any device running Junos.
The only requirement is to enable netconf on your Junos devices:
set system services netconf ssh
commit
You can install Carbon but we highly recommand Nitrogen.
Nitrogen should be available on pypi by July 2017.
Meanwhile, install Nitrogen on the Master using the branch 2017.7 from the github Salt repository:
# pip install git+https://github.com/saltstack/[email protected]
# salt --version
salt 2017.7.0-202-g3c8dee0 (Nitrogen)
# more /etc/salt/master
file_roots:
base:
- /srv/salt
pillar_roots:
base:
- /srv/pillar
engines_dirs:
- /srv/engines
engines:
- junos_syslog:
port: 516
reactor:
- 'jnpr/syslog/*/UI_COMMIT_COMPLETED':
- /srv/reactor/on_commit.sls
# more /srv/pillar/top.sls
base:
'ex4200-7':
- ex4200-7-details
'vsrx01':
- vsrx01-details
'vqfx01':
- vqfx01-details
This vqfx is a vagrant box.
# more /srv/pillar/vqfx01-details.sls
proxy:
proxytype: junos
host: 192.168.233.158
username: root
port: 8331
passwd: Juniper
to start it with a debug log level, use this command:
# salt-master -l debug
we do not install minions on junos devices as we are using a salt proxy.
Junos proxy provides:
- execution modules for junos so you can run junos commands on various devices in parallel with a flexible targeting system (remote execution).
- state modules for junos so you can apply sls files (configuration management).
Get the ip address of the master:
# ifconfig ens33 | grep "inet addr"
inet addr:192.168.233.17 Bcast:192.168.233.255 Mask:255.255.255.0
On the server that will run the salt proxy:
# more /etc/salt/proxy
master: 192.168.233.17
multiprocessing: False
On the server that will run the salt proxy, install junos-eznc python library:
sudo apt-get install -y python-dev libxml2-dev python-pip libxslt1-dev build-essential libssl-dev libffi-dev
sudo pip install junos-eznc jxmlease cryptography==1.8.1
You need one salt proxy process per device.
to start the proxy for vqfx01 with a debug log level, use this command:
sudo salt-proxy -l debug --proxyid=vqfx01
if you prefer to run it as a daemon, use this command:
sudo salt-proxy -d --proxyid=vqfx01
sudo salt-proxy -d --proxyid=ex4200-7
sudo salt-proxy -d --proxyid=vsrx01
On the master, you need to accept the minions/proxies public keys:
To list all public keys:
# salt-key -L
To accept a specified public key:
# salt-key -a vqfx01 -y
# salt-key -a vsrx01 -y
# salt-key -a ex4200-7 -y
Or, to accept all pending keys:
# salt-key -A -y
Verify:
# salt-key -L
# sudo salt "vqfx01" test.ping -d
test.ping:
Used to make sure the minion is up and responding. Not an ICMP ping.
Returns ``True``.
CLI Example:
salt '*' test.ping
# sudo salt "vqfx01" test.ping
vqfx01:
True
https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.junos.html
# salt "vq*" junos.cli -d
junos.cli:
Executes the CLI commands and returns the output in specified format. (default is text) The ouput can also be stored in a file.
Usage:
salt 'device_name' junos.cli 'show system commit'
salt 'device_name' junos.cli 'show version' dev_timeout=40
salt 'device_name' junos.cli 'show system alarms' 'xml' dest=/home/user/cli_output.txt
Parameters:
Required
* command:
The command that need to be executed on Junos CLI. (default = None)
Optional
* format:
Format in which to get the CLI output. (text or xml, default = 'text')
* kwargs: Keyworded arguments which can be provided like-
* dev_timeout:
Set NETCONF RPC timeout. Can be used for commands which
take a while to execute. (default = 30 seconds)
* dest:
The destination file where the CLI output can be stored. (default = None)
# salt "vq*" junos.cli "show version"
vqfx01:
----------
message:
fpc0:
--------------------------------------------------------------------------
Hostname: vqfx01
Model: vqfx-10000
Junos: 15.1X53-D63.9
JUNOS Base OS boot [15.1X53-D63.9]
JUNOS Base OS Software Suite [15.1X53-D63.9]
JUNOS Online Documentation [15.1X53-D63.9]
JUNOS Crypto Software Suite [15.1X53-D63.9]
JUNOS Packet Forwarding Engine Support (qfx-10-f) [15.1X53-D63.9]
JUNOS Kernel Software Suite [15.1X53-D63.9]
JUNOS Web Management [15.1X53-D63.9]
JUNOS Enterprise Software Suite [15.1X53-D63.9]
JUNOS SDN Software Suite [15.1X53-D63.9]
JUNOS Routing Software Suite [15.1X53-D63.9]
JUNOS py-base-i386 [15.1X53-D63.9]
out:
True
# salt "vq*" junos.rpc get-software-information
vqfx01:
----------
out:
True
rpc_reply:
----------
multi-routing-engine-results:
----------
multi-routing-engine-item:
----------
re-name:
fpc0
software-information:
----------
host-name:
vqfx01
junos-version:
15.1X53-D63.9
package-information:
|_
----------
comment:
JUNOS Base OS boot [15.1X53-D63.9]
name:
junos
|_
----------
comment:
JUNOS Base OS Software Suite [15.1X53-D63.9]
name:
jbase
|_
----------
comment:
JUNOS Online Documentation [15.1X53-D63.9]
name:
jdocs
|_
----------
comment:
JUNOS Crypto Software Suite [15.1X53-D63.9]
name:
jcrypto
|_
----------
comment:
JUNOS Packet Forwarding Engine Support (qfx-10-f) [15.1X53-D63.9]
name:
jpfe
|_
----------
comment:
JUNOS Kernel Software Suite [15.1X53-D63.9]
name:
jkernel
|_
----------
comment:
JUNOS Web Management [15.1X53-D63.9]
name:
jweb
|_
----------
comment:
JUNOS Enterprise Software Suite [15.1X53-D63.9]
name:
jswitch
|_
----------
comment:
JUNOS SDN Software Suite [15.1X53-D63.9]
name:
jsdn-i386
|_
----------
comment:
JUNOS Routing Software Suite [15.1X53-D63.9]
name:
jroute
|_
----------
comment:
JUNOS py-base-i386 [15.1X53-D63.9]
name:
py-base-i386
product-model:
vqfx-10000
product-name:
vqfx-10000
# salt "vq*" junos.rpc get-software-information "" 'text'
vqfx01:
----------
out:
True
rpc_reply:
fpc0:
--------------------------------------------------------------------------
Hostname: vqfx01
Model: vqfx-10000
Junos: 15.1X53-D63.9
JUNOS Base OS boot [15.1X53-D63.9]
JUNOS Base OS Software Suite [15.1X53-D63.9]
JUNOS Online Documentation [15.1X53-D63.9]
JUNOS Crypto Software Suite [15.1X53-D63.9]
JUNOS Packet Forwarding Engine Support (qfx-10-f) [15.1X53-D63.9]
JUNOS Kernel Software Suite [15.1X53-D63.9]
JUNOS Web Management [15.1X53-D63.9]
JUNOS Enterprise Software Suite [15.1X53-D63.9]
JUNOS SDN Software Suite [15.1X53-D63.9]
JUNOS Routing Software Suite [15.1X53-D63.9]
JUNOS py-base-i386 [15.1X53-D63.9]
# salt "vq*" junos.rpc get-software-information "file1" 'text'
vqfx01:
----------
out:
True
rpc_reply:
fpc0:
--------------------------------------------------------------------------
Hostname: vqfx01
Model: vqfx-10000
Junos: 15.1X53-D63.9
JUNOS Base OS boot [15.1X53-D63.9]
JUNOS Base OS Software Suite [15.1X53-D63.9]
JUNOS Online Documentation [15.1X53-D63.9]
JUNOS Crypto Software Suite [15.1X53-D63.9]
JUNOS Packet Forwarding Engine Support (qfx-10-f) [15.1X53-D63.9]
JUNOS Kernel Software Suite [15.1X53-D63.9]
JUNOS Web Management [15.1X53-D63.9]
JUNOS Enterprise Software Suite [15.1X53-D63.9]
JUNOS SDN Software Suite [15.1X53-D63.9]
JUNOS Routing Software Suite [15.1X53-D63.9]
JUNOS py-base-i386 [15.1X53-D63.9]
# more file1
fpc0:
--------------------------------------------------------------------------
Hostname: vqfx01
Model: vqfx-10000
Junos: 15.1X53-D63.9
JUNOS Base OS boot [15.1X53-D63.9]
JUNOS Base OS Software Suite [15.1X53-D63.9]
JUNOS Online Documentation [15.1X53-D63.9]
JUNOS Crypto Software Suite [15.1X53-D63.9]
JUNOS Packet Forwarding Engine Support (qfx-10-f) [15.1X53-D63.9]
JUNOS Kernel Software Suite [15.1X53-D63.9]
JUNOS Web Management [15.1X53-D63.9]
JUNOS Enterprise Software Suite [15.1X53-D63.9]
JUNOS SDN Software Suite [15.1X53-D63.9]
JUNOS Routing Software Suite [15.1X53-D63.9]
JUNOS py-base-i386 [15.1X53-D63.9]
# salt "vq*" junos.rpc 'get-interface-information' '/home/ksator/interface.log' 'text' interface_name='lo0' terse=True
vqfx01:
----------
out:
True
rpc_reply:
Interface Admin Link Proto Local Remote
lo0 up up
lo0.0 up up inet
inet6 fe80::200:f:fc00:0
lo0.16385 up up inet
# more interface.log
Interface Admin Link Proto Local Remote
lo0 up up
lo0.0 up up inet
inet6 fe80::200:f:fc00:0
lo0.16385 up up inet
# salt "vq*" junos.rpc 'get_config' '' 'text' filter='<configuration><system/></configuration>'
https://docs.saltstack.com/en/latest/ref/states/all/salt.states.junos.html
Please visit this section for examples.
https://docs.saltstack.com/en/develop/ref/engines/all/salt.engines.junos_syslog.html
Please visit this section for examples.