Automating Junos Administration: Doing More with Less
684Automating Junos Administration: Doing More with Less
684eBook
Related collections and offers
Overview
How can you grow and maintain a reliable, flexible, and cost-efficient network in the face of ever-increasing demands? With this practical guide, network engineers will learn how to program Juniper network devices to perform day-to-day tasks, using the automation features of the Junos OS.
Junos supports several automation tools that provide powerful solutions to common network automation tasks. Authors Jonathan Looney and Stacy Smith, senior testing engineers at Juniper, will help you determine which tools work best for your particular network requirements. If you have experience with Junos, this book will show you how automation can make a big difference in the operation of your existing network.
- Manage Junos software with remote procedure calls and a RESTful API
- Represent devices as Python objects and manage them with Python’s PyEZ package
- Customize Junos software to detect and block commits that violate your network standards
- Develop custom CLI commands to present information the way you want
- Program Junos software to automatically respond to network events
- Rapidly deploy new Junos devices into your network with ZTP and Netconify tools
- Learn how to use Ansible or Puppet to manage Junos software
Product Details
ISBN-13: | 9781491929308 |
---|---|
Publisher: | O'Reilly Media, Incorporated |
Publication date: | 04/27/2016 |
Sold by: | Barnes & Noble |
Format: | eBook |
Pages: | 684 |
File size: | 5 MB |
About the Author
Jonathan Looney (JNCIE-SP #254, JNCIE-ER #2, JNCIE-SEC #43, CCIE Routing & Switching #7797 [Emeritus]), is a senior testing engineer with Juniper Networks. He has managed and automated networks. He has also written tools to automate testing and debugging. He has written training courses for Juniper Networks and also taught an information security course at Syracuse University for several semesters. At Juniper, he currently focuses on testing the Junos kernel and UI features, and conducts product security testing.
Stacy Smith is a senior testing engineer with Juniper Networks. He has over 20 years of experience developing network automation for enterprise and service provider networks, as well as automating internal testing of new Junos features at Juniper Networks. His experience with Junos dates back to version 3.1 with one of the first customers to deploy Juniper’s first product, the M40 router. He holds a B.S. degree in Computer Science from the United States Air Force Academy and is certified with Juniper Networks as JNCIE-SP #4 and JNCIE-ER #4.
Table of Contents
Foreword xiii
Preface xv
1 Introduction 1
Benefits of Automation 1
Automation Saves Time 2
Automation Prevents Human Error 3
Automation Saves Memory 4
Automation Prevents Copy/Paste Errors 4
Automation Enables New Services 5
Management System Internals 6
Accessing the Management System 6
Operational Command Flow 7
Configuration Data Flow 9
Configuration Databases and the Commit Model 11
Configuration Databases 11
The Commit Process 21
Information About the Book 25
2 RPC Mechanisms 27
Structured Data Model 27
Structured Data Formats 31
Using Structured Data in Python 42
Running RPCs on a Junos Device 54
RPC Authorization 56
Operational RPCs 57
RPC Output Formats 59
Discovering Operational RPC Syntax 63
Discovering RPC Reply Syntax 68
Configuration with RPCs 71
Configuration Representation in XML 72
Discovering XML Configuration Syntax 75
Operational RPCs to View and Change the Configuration 78
Viewing the Configuration 79
Changing the Configuration 81
Chapter Summary 91
3 The RESTful API Service 93
Enabling the RESTful API Service 94
HTTP GET Requests 95
Authentication and Authorization 99
Formatting HTTP Responses 103
HTTP POST Requests 110
Adding Parameters to RPCs 112
Multiple RPCs in One Request 117
Configuration 121
RESTful API Explorer 126
Using the RESTful APIs in Python 131
The Preamble 134
Loop Through Each Device 136
Gather LLDP Neighbor Information 139
Gather and Parse Interface Descriptions 143
Check for XML Warnings and Errors 147
Compare Current and Previous LLDP Neighbor Information 148
Build a Candidate Configuration 151
Apply and Commit the Candidate Configuration 152
Parse Multi-RPC Responses 155
Putting It All Together 157
Additional RESTful API Service Configuration 157
Internal Design 159
Limitations 160
Chapter Summary 161
4 Junos PyEZ 163
Installation 164
Device Connectivity 165
Creating a Device Instance 166
Making the Connection 169
Authentication and Authorization 170
Connection Exceptions 171
Facts Gathering 173
Closing the Connection 174
RPC Execution 175
RPC on Demand 175
RPC Parameters 178
RPC Timeout 178
RPC Exceptions 180
RPC Responses 183
lxml Elements 183
Response Normalization 190
jxmlease 192
JSON 193
Operational Tables and Views 194
Prepackaged Operational Tables and Views 194
Creating New Operational Tables and Views 200
Using the New Operational Table and View 212
Applying a Different View 215
Saving and Loading XML Files from Tables 217
Configuration 218
Loading Configuration Changes 218
Configuration Templates 220
Viewing Configuration Differences 226
Committing Configuration Changes 227
Using the Rescue Configuration 229
Utilities 230
A PyEZ Example 231
The Preamble 233
Loop Through Each Device 235
Gather LLDP Neighbor Information 239
Gather and Parse Interface Descriptions 240
Compare Current and Previous LLDP Neighbor Information 242
Build, Apply, and Commit the Candidate Configuration 243
Putting It All Together 247
Limitations 247
NETCONF Libraries for Other Languages 247
Chapter Summary 248
5 Commit Scripts 249
Use Cases 249
Custom Configuration Checks 249
Automatically Fixing Mistakes 250
Dynamically Expanding Configuration 250
Basic Execution Flow 253
XML Transformations 254
Commit Script XML Input and Output Documents 255
Performing Other Operations 257
Changing the Configuration 258
Handling Transient Changes 258
Handling Permanent Changes 260
Writing Commit Scripts in SLAX/XSLT 261
Overview of a SLAX Script 262
Building an Output Document 264
Working with Variables and XML Data 270
Templates 275
Flow Control 282
Predefined Templates 286
Commit Script Examples 288
Example: Custom Configuration Checks 288
Example: Automatically Fixing Mistakes 302
Example: Dynamically Expanding Configuration 309
Chapter Summary 327
6 Op Scripts 329
Use Cases 329
Custom CLI Commands 329
Automatically Responding to Events 330
Customizing Your Device 330
Overview of Op Script Operation 331
Op Script Input Document 333
Op Script Arguments 334
Op Script Document Processing 335
Op Script Output Document 337
Operational and Configuration State 338
Interacting with Operational State 338
Interacting with Configuration State 344
Op Script Input and Output 350
Formatting Output 351
Displaying Immediate Output 351
Obtaining User Input 352
Some Useful Tools for Op and Event Scripts 355
Dampening Events 355
Parsing Strings 356
Generating SNMP Objects and Traps 356
Debugging Op and Event Scripts 357
Printing Progress Messages 357
Trace Messages 358
Syslog Messages 362
The SLAX Debugger 362
Configuring Op Scripts 367
Examples 369
Example: Custom CLI Command 369
Example: Filtering CLI Output 380
Chapter Summary 395
7 Event Scripts and Event Policies 397
Overview of Event Script Operation 397
Event Script Input Document 399
Event Script Arguments 402
Event Script Document Processing 402
Event Script Output Document 403
Event Policies 403
Event Discovery 403
Defining Event Policy Match Criteria 405
Defining Event Policy Actions 412
Event Policy Loops 421
Embedding Event Policies in Event Scripts 423
Testing Event Policies 428
Configuring Event Scripts 429
Example: Responding to a Flapping Link 430
The Event 431
The Event Policy 432
The Event Script 433
The Results 438
Chapter Summary 440
8 Initial Provisioning 441
ZTP 441
Netconify 452
Chapter Summary 455
9 Puppet 457
Puppet Architecture 457
Components for Junos Devices 460
Installation and Configuration 461
Puppet Master 461
Junos Device 463
Creating a Minimal Manifest 468
Executing the Puppet Agent for the First Time 469
The Puppet Language 471
Basic Resource Syntax 471
Variables 473
Strings 474
Classes 474
Conditional Statements 474
Node Definitions 476
Manifest Organization 476
Using Core Resource Types 477
Managing ∼/.cshrc with the file Resource 477
Managing puppet.conf with an ERB Template 481
Managing the Puppet Agent with the cron Resource 484
Using the netdev Resource Types 488
The netdev_device Resource 488
The netdev_vlan Resource 489
The netdev_interface Resource 493
The netdev_l2_interface Resource 496
The netdev_lag Resource 500
The netdev_stdlib_junos::apply_group Resource 503
Chapter Summary 508
10 Ansible 509
Architecture and Communication 509
Typical Communication 510
Communicating with Junos Managed Nodes 513
Installation and Configuration 514
Installing Ansible 514
Installing the Juniper.junos Role 516
The Ansible Configuration File 516
Junos Authentication and Authorization 518
Creating Ansible Playbooks 520
Inventory 520
Playbooks and Plays 523
Tasks and Modules 528
Handlers 529
Execution 531
Variables 537
Roles 548
Conditionals 552
Loops 553
Vaults 555
Ansible for Junos Modules 556
Junos_get_facts 557
Junos_zeroize 558
Junos_srx_cluster 559
Junos_shutdown 560
Junos_install_os 561
Junos_get_config 562
Junos_install_config 563
Junos_rollback 565
Junos_commit 566
Example Playbooks 567
Inventory, Variables, and Ansible Configuration Settings 567
Gathering Junos Facts and Dynamic Groups 573
Zeroize 583
Initial Configuration 587
Core OSPF Configuration 597
Chapter Summary 603
11 Putting Automation into Practice 605
Use Cases 605
Configuration Use Cases 605
Operational Use Cases 611
Best Practices 615
General Recommendations 615
Tool-Specific Recommendations 626
Wrap-Up 631
Glossary 633
Index 637