Pub. Date:
Automating Junos Administration: Doing More with Less

Automating Junos Administration: Doing More with Less

by Jonathan Looney, Stacy Smith


View All Available Formats & Editions
Choose Expedited Shipping at checkout for delivery by Friday, October 1


How can you grow and maintain a reliable, flexible, and cost-efficient network in the face of ever-increasing demands? With this practical guide, network engineers will learn how to program Juniper network devices to perform day-to-day tasks, using the automation features of the Junos OS.

Junos supports several automation tools that provide powerful solutions to common network automation tasks. Authors Jonathan Looney and Stacy Smith, senior testing engineers at Juniper, will help you determine which tools work best for your particular network requirements. If you have experience with Junos, this book will show you how automation can make a big difference in the operation of your existing network.

  • Manage Junos software with remote procedure calls and a RESTful API
  • Represent devices as Python objects and manage them with Python’s PyEZ package
  • Customize Junos software to detect and block commits that violate your network standards
  • Develop custom CLI commands to present information the way you want
  • Program Junos software to automatically respond to network events
  • Rapidly deploy new Junos devices into your network with ZTP and Netconify tools
  • Learn how to use Ansible or Puppet to manage Junos software

Related collections and offers

Product Details

ISBN-13: 9781491928882
Publisher: O'Reilly Media, Incorporated
Publication date: 05/08/2016
Pages: 682
Product dimensions: 7.00(w) x 9.30(h) x 1.50(d)

About the Author

Jonathan Looney (JNCIE-SP #254, JNCIE-ER #2, JNCIE-SEC #43, CCIE Routing & Switching #7797 [Emeritus]), is a senior testing engineer with Juniper Networks. He has managed and automated networks. He has also written tools to automate testing and debugging. He has written training courses for Juniper Networks and also taught an information security course at Syracuse University for several semesters. At Juniper, he currently focuses on testing the Junos kernel and UI features, and conducts product security testing.

Stacy Smith is a senior testing engineer with Juniper Networks. He has over 20 years of experience developing network automation for enterprise and service provider networks, as well as automating internal testing of new Junos features at Juniper Networks. His experience with Junos dates back to version 3.1 with one of the first customers to deploy Juniper’s first product, the M40 router. He holds a B.S. degree in Computer Science from the United States Air Force Academy and is certified with Juniper Networks as JNCIE-SP #4 and JNCIE-ER #4.

Table of Contents

Foreword xiii

Preface xv

1 Introduction 1

Benefits of Automation 1

Automation Saves Time 2

Automation Prevents Human Error 3

Automation Saves Memory 4

Automation Prevents Copy/Paste Errors 4

Automation Enables New Services 5

Management System Internals 6

Accessing the Management System 6

Operational Command Flow 7

Configuration Data Flow 9

Configuration Databases and the Commit Model 11

Configuration Databases 11

The Commit Process 21

Information About the Book 25

2 RPC Mechanisms 27

Structured Data Model 27

Structured Data Formats 31

Using Structured Data in Python 42

Running RPCs on a Junos Device 54

RPC Authorization 56

Operational RPCs 57

RPC Output Formats 59

Discovering Operational RPC Syntax 63

Discovering RPC Reply Syntax 68

Configuration with RPCs 71

Configuration Representation in XML 72

Discovering XML Configuration Syntax 75

Operational RPCs to View and Change the Configuration 78

Viewing the Configuration 79

Changing the Configuration 81

Chapter Summary 91

3 The RESTful API Service 93

Enabling the RESTful API Service 94

HTTP GET Requests 95

Authentication and Authorization 99

Formatting HTTP Responses 103

HTTP POST Requests 110

Adding Parameters to RPCs 112

Multiple RPCs in One Request 117

Configuration 121

RESTful API Explorer 126

Using the RESTful APIs in Python 131

The Preamble 134

Loop Through Each Device 136

Gather LLDP Neighbor Information 139

Gather and Parse Interface Descriptions 143

Check for XML Warnings and Errors 147

Compare Current and Previous LLDP Neighbor Information 148

Build a Candidate Configuration 151

Apply and Commit the Candidate Configuration 152

Parse Multi-RPC Responses 155

Putting It All Together 157

Additional RESTful API Service Configuration 157

Internal Design 159

Limitations 160

Chapter Summary 161

4 Junos PyEZ 163

Installation 164

Device Connectivity 165

Creating a Device Instance 166

Making the Connection 169

Authentication and Authorization 170

Connection Exceptions 171

Facts Gathering 173

Closing the Connection 174

RPC Execution 175

RPC on Demand 175

RPC Parameters 178

RPC Timeout 178

RPC Exceptions 180

RPC Responses 183

lxml Elements 183

Response Normalization 190

jxmlease 192

JSON 193

Operational Tables and Views 194

Prepackaged Operational Tables and Views 194

Creating New Operational Tables and Views 200

Using the New Operational Table and View 212

Applying a Different View 215

Saving and Loading XML Files from Tables 217

Configuration 218

Loading Configuration Changes 218

Configuration Templates 220

Viewing Configuration Differences 226

Committing Configuration Changes 227

Using the Rescue Configuration 229

Utilities 230

A PyEZ Example 231

The Preamble 233

Loop Through Each Device 235

Gather LLDP Neighbor Information 239

Gather and Parse Interface Descriptions 240

Compare Current and Previous LLDP Neighbor Information 242

Build, Apply, and Commit the Candidate Configuration 243

Putting It All Together 247

Limitations 247

NETCONF Libraries for Other Languages 247

Chapter Summary 248

5 Commit Scripts 249

Use Cases 249

Custom Configuration Checks 249

Automatically Fixing Mistakes 250

Dynamically Expanding Configuration 250

Basic Execution Flow 253

XML Transformations 254

Commit Script XML Input and Output Documents 255

Performing Other Operations 257

Changing the Configuration 258

Handling Transient Changes 258

Handling Permanent Changes 260

Writing Commit Scripts in SLAX/XSLT 261

Overview of a SLAX Script 262

Building an Output Document 264

Working with Variables and XML Data 270

Templates 275

Flow Control 282

Predefined Templates 286

Commit Script Examples 288

Example: Custom Configuration Checks 288

Example: Automatically Fixing Mistakes 302

Example: Dynamically Expanding Configuration 309

Chapter Summary 327

6 Op Scripts 329

Use Cases 329

Custom CLI Commands 329

Automatically Responding to Events 330

Customizing Your Device 330

Overview of Op Script Operation 331

Op Script Input Document 333

Op Script Arguments 334

Op Script Document Processing 335

Op Script Output Document 337

Operational and Configuration State 338

Interacting with Operational State 338

Interacting with Configuration State 344

Op Script Input and Output 350

Formatting Output 351

Displaying Immediate Output 351

Obtaining User Input 352

Some Useful Tools for Op and Event Scripts 355

Dampening Events 355

Parsing Strings 356

Generating SNMP Objects and Traps 356

Debugging Op and Event Scripts 357

Printing Progress Messages 357

Trace Messages 358

Syslog Messages 362

The SLAX Debugger 362

Configuring Op Scripts 367

Examples 369

Example: Custom CLI Command 369

Example: Filtering CLI Output 380

Chapter Summary 395

7 Event Scripts and Event Policies 397

Overview of Event Script Operation 397

Event Script Input Document 399

Event Script Arguments 402

Event Script Document Processing 402

Event Script Output Document 403

Event Policies 403

Event Discovery 403

Defining Event Policy Match Criteria 405

Defining Event Policy Actions 412

Event Policy Loops 421

Embedding Event Policies in Event Scripts 423

Testing Event Policies 428

Configuring Event Scripts 429

Example: Responding to a Flapping Link 430

The Event 431

The Event Policy 432

The Event Script 433

The Results 438

Chapter Summary 440

8 Initial Provisioning 441

ZTP 441

Netconify 452

Chapter Summary 455

9 Puppet 457

Puppet Architecture 457

Components for Junos Devices 460

Installation and Configuration 461

Puppet Master 461

Junos Device 463

Creating a Minimal Manifest 468

Executing the Puppet Agent for the First Time 469

The Puppet Language 471

Basic Resource Syntax 471

Variables 473

Strings 474

Classes 474

Conditional Statements 474

Node Definitions 476

Manifest Organization 476

Using Core Resource Types 477

Managing ∼/.cshrc with the file Resource 477

Managing puppet.conf with an ERB Template 481

Managing the Puppet Agent with the cron Resource 484

Using the netdev Resource Types 488

The netdev_device Resource 488

The netdev_vlan Resource 489

The netdev_interface Resource 493

The netdev_l2_interface Resource 496

The netdev_lag Resource 500

The netdev_stdlib_junos::apply_group Resource 503

Chapter Summary 508

10 Ansible 509

Architecture and Communication 509

Typical Communication 510

Communicating with Junos Managed Nodes 513

Installation and Configuration 514

Installing Ansible 514

Installing the Juniper.junos Role 516

The Ansible Configuration File 516

Junos Authentication and Authorization 518

Creating Ansible Playbooks 520

Inventory 520

Playbooks and Plays 523

Tasks and Modules 528

Handlers 529

Execution 531

Variables 537

Roles 548

Conditionals 552

Loops 553

Vaults 555

Ansible for Junos Modules 556

Junos_get_facts 557

Junos_zeroize 558

Junos_srx_cluster 559

Junos_shutdown 560

Junos_install_os 561

Junos_get_config 562

Junos_install_config 563

Junos_rollback 565

Junos_commit 566

Example Playbooks 567

Inventory, Variables, and Ansible Configuration Settings 567

Gathering Junos Facts and Dynamic Groups 573

Zeroize 583

Initial Configuration 587

Core OSPF Configuration 597

Chapter Summary 603

11 Putting Automation into Practice 605

Use Cases 605

Configuration Use Cases 605

Operational Use Cases 611

Best Practices 615

General Recommendations 615

Tool-Specific Recommendations 626

Wrap-Up 631

Glossary 633

Index 637

Customer Reviews