Book Image

JUNOS Automation Cookbook

By : Adam Chappell
Book Image

JUNOS Automation Cookbook

By: Adam Chappell

Overview of this book

The JUNOS Automation Cookbook is a companion guide for the complex field of automating tasks on JUNOS devices. With a foundation in industry-standrd XML, JUNOS provides an ideal environment for programmatic interation, allowing you to build upon the capabilities provided by Juniper, with your own original code. You will begin by learning about, and setting up, the industry-standard NETCONF remote procedure call mechanisms on your device. After initial setup, you'll walk through SLAX - Juniper's foundation scripting language - for manipulating XML representations of JUNOS concepts and elements. You'll learn how to write your own SLAX scripts to customise the operating environment, and also how to write proactive event handlers that deal with situations as they happen. You'll then delve into PyEZ - Juniper's bridging framework to make automation accessible to Python code - allowing you to build automation applications in the popular scripting language. You'll witness some examples of how to write applications that can monitor configuration changes, implement BGP security policies and implement ad-hoc routing protocols, for those really tricky situations. You'll also leaarn how asynchronous I/O frameworks like Node.js can be used to implement automation applications that present an acceptable web interface. Along with way, you'll explore how to make use of the latest RESTful APIs that JUNOS provides, how to visualize aspects of your JUNOS network, and how to integrate your automation capabilities with enterprise-wide orchestration systems like Ansible. By the end of the book, you'll be able to tackle JUNOS automation challenges with confidence and understanding, and without hassle.

Related Content you might be interested in

Current Title:

Small book image
JUNOS Automation Cookbook
Adam Chappell
Sep, 2017 | 382 pages
Small book image
Network Automation Cookbook
Karim Okasha
Apr, 2020 | 482 pages
Small book image
Mastering Python Networking
Eric Chou
Aug, 2018 | 466 pages
Small book image
Mastering Python Networking
Eric Chou
Jun, 2017 | 446 pages
Table of Contents (10 chapters)
Preface
Preface
What this book covers?
Sections
Conventions
Reader feedback
Customer support
Free Chapter
1
Configuring JUNOS through NETCONF
Configuring JUNOS through NETCONF
Introduction
JUNOS NETCONF over SSH setup
Making NETCONF RPC requests and replies
Discovering NETCONF RPCs
Using NETCONF to apply configuration changes
Processing NETCONF using classic Expect/TCL
Processing NETCONF with Python
Processing NETCONF with Node.js
2
Working with the Junos REST API
Working with the Junos REST API
Introduction
Junos REST API setup
Making REST API calls to Junos with Python
Making REST API calls to Junos with Node.js
Managing passwords safely
Applying configuration changes through the REST API
3
Using SLAX to Write Op Scripts
Using SLAX to Write Op Scripts
Introduction
Making remote procedure calls
Using XPath predicate expressions
Working with regular expressions
Working with IP addresses
Debugging SLAX scripts
Making custom show commands
Making configuration changes
4
Event Programming
Event Programming
Introduction
Archiving configurations after a change
Capturing output after an event
Custom responses to an event
Dealing with a flapping interface
Dealing with a flapping OSPF neighbor
DIY routing protocol
Debugging event scripts
5
Automating JUNOS with PyEZ
Automating JUNOS with PyEZ
Introduction
Setting up a PyEZ environment
Exploring the XML RPC using PyEZ
Calling operational RPCs and setting timeouts
Configuration analysis and reporting
Making raw CLI commands from PyEZ
Using tables and views
Using custom tables and views
Making configuration changes with PyEZ
Template configurations with Jinja2
6
Advanced Visualization Applications
Advanced Visualization Applications
Introduction
Visualizing graphs
Extracting graphs from ISIS
Extracting graphs from OSPF
Extracting graphs from MPLS VPNs
7
Monitoring and Maintaining JUNOS
Monitoring and Maintaining JUNOS
Introduction
Monitoring configuration changes network-wide
Monitoring interface performance
Monitoring system health
Monitoring MPLS LDP statistics
8
Security Applications
Security Applications
Introduction
Enforcing configuration standards through commit scripts
Building BGP route filters
Applying anti-spoofing filters
Operating a distributed ACL function
9
Extending JUNOS with Ansible
Extending JUNOS with Ansible
Introduction
Installing Ansible
Configuring Ansible for JUNOS
Extracting estate-wide configurations
Performing platform-specific or group-specific operations
Using variables and vaults

Making NETCONF RPC requests and replies

With NETCONF-over-SSH happily configured on our network of JUNOS OS devices, we can now connect over the network and make RPCs in order to inspect the operational status of the device. Lets look at a couple of examples to learn the fundamentals of how the JUNOS OS XML RPCs work.

Getting ready

Ensure you've completed the JUNOS NETCONF-over-SSH setup recipe previously and have a working JUNOS OS device with a NETCONF interface in place. It doesn't necessarily matter what the configuration of that device is.

How to do it...

The steps for making NETCONF RPC requests and replies are as follows:

  1. Connect to the NETCONF-over-SSH server in a similar manner to the previous recipe:
      unix$ ssh -i JUNOS_auto_id_rsa [email protected] netconf
  1. Query the system ARP table by connecting to the NETCONF-over-SSH session in a similar manner to the previous recipe and issuing the appropriate RPC:
      <rpc><get-arp-table-information/></rpc>
      <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"    
      xmlns:JUNOS="http://xml.juniper.net/JUNOS/15.1F6/JUNOS">
      <arp-table-information    
      xmlns="http://xml.juniper.net/JUNOS/15.1F6/JUNOS-arp"    
      JUNOS:style="normal">
      <arp-table-entry>
      <mac-address> 
      0a:00:27:00:00:00
      </mac-address>
      <ip-address>
      10.0.201.1
      </ip-address>
      <hostname>
      adamc-mac
      </hostname>
      <interface-name>
      em0.0
      </interface-name>
      <arp-table-entry-flags>
      <none/>
      </arp-table-entry-flags>
      </arp-table-entry>
      </arp-table-information>
      </rpc-reply>
      ]]>]]>
  1. Repeat the query, but use the format tag to modify the output to be a plain text:
      <rpc><get-arp-table-information format="text"/></rpc>
      <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"      
      xmlns:JUNOS="http://xml.juniper.net/JUNOS/15.1F6/JUNOS">
      <output> 
      MAC Address Address Name Interface Flags
      0a:00:27:00:00:00 10.0.201.1 adamc-mac em0.0 none
      </output>
      </rpc-reply>
      ]]>]]>
  1. Use an option to the ARP table RPC in order to disable the name resolution:
   <rpc><get-arp-table-information format="text"><no-resolve/></get-   
   arp-table-information></rpc>
   <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"    
   xmlns:JUNOS="http://xml.juniper.net/JUNOS/15.1F6/JUNOS">
   <output>
   MAC Address Address Interface Flags
   0a:00:27:00:00:00 10.0.201.1 em0.0 none
   </output>
   </rpc-reply>
   ]]>]]>
  1. Query the system routing table and inspect the output:
   <rpc><get-route-information/></rpc>
   [...]
  1. Repeat the system routing table query, but apply an argument for a particular destination:
   <rpc><get-route-information>  
   <destination>10.0.201.201</destination></get-route-information>  
   </rpc>
   [...]

How it works...

In steps 1 and step 2, we connected and issued a simple RPC to query the ARP table from the router. The rather verbose XML response encodes structure that is the machine-readable version of what we see in the CLI when we issue the show arp command. Each data atom is enclosed hierarchically within XML tags indicating its type and any associated properties. This structured output format lends itself particularly well for machine-to-machine automation applications.

In step 3, we issued the same RPC, but requested JUNOS OS to give us the plain text output so that we could compare the difference. In almost all cases, the plain text output seen when we use the format="text" modifier to the RPC is identical to what we would see in the CLI.

Since JUNOS OS 14.2, the XML API has also been able to output in the JavaScript Object Notation (JSON) format. The popularity of this format as a lightweight alternative to XML is bolstered by its support in languages like Python and Node.js. If you're working with JUNOS OS 14.2 or later and using NETCONF directly with one of these languages, JSON might be a useful feature for you.

In step 4, we see how options to the CLI commands are encoded within the XML RPC format. In this case the show arp no-resolve option is typically used to prevent any name resolution of IP addresses. It's simply an XML subtag to the main <get-arp-table-information> tag.

Steps 5 and 6 go a step further looking at the RPC that implements the show route command. In step 5, we show how arguments are added to the RPC.

There's more...

Looking at these example RPCs and the XML format within, we can see two clear styles. One pairs together the opening and closing tags in a strict manner, allowing the inclusion of options and arguments. The other allows an abbreviation of an otherwise empty pair of tags by simply using a leading slash. Compare the following two RPCs, which are identically supported by the JUNOS OS XML NETCONF interpreter:

<rpc><get-route-information/></rpc>
<rpc><get-route-information></get-route-information></rpc>
Previous Section
End of Section 4
Next Section