juniper_ex adapter¶
Inmanta module to manage juniper ex series router/switch configuration
Features¶
The main feature of this module is the handling of the whole configuration of juniper ex router/switch. It uses netconf as networking management protocol and yang as high level configuration modeling language. This module can manage any configuration node defined in https://github.com/Juniper/yang and present in docs/yang_models. Instead of using the yang files directly, the module uses pre-compiled xml obtained from the yang models in docs/yang_models.
Tooling is available to convert yang configuration from the device into model code automatically (as shown below). For more information contact sales.
Requirements¶
This module requires device to communicate using yang and rfc-compliant format. For this purpose, please pre-configure a device with the following configuration lines:
set system services netconf rfc-compliant
set system services netconf yang-compliant
Environment variables¶
Netconf credentials can be stored in environment variables if storing them in the model is not desired.
For this purpose, use username_env_var instead of username attribute of yang::Credentials entity, which is attached as yang_credentials relation to juniper_mx::NetconfDevice.
The same rule applies for password - use password_env_var instead of password.
Usage example¶
The following xml configuration sets up a LAG with mtu and active LACP. It defines a policy to reject certain routes or traffic and establishes a virtual router (VRF). The configuration also sets the system to be NETCONF and YANG compliant, and defines a VLAN with an associated Layer 3 interface.
<nc:config xmlns:...>
<services>
<netconf>
<rfc-compliant nc:operation="replace"/>
<yang-compliant nc:operation="replace"/>
</netconf>
</services>
</system>
<chassis xmlns="http://yang.juniper.net/junos-ex/conf/chassis">
<aggregated-devices>
<ethernet>
<device-count>1</device-count>
</ethernet>
</aggregated-devices>
</chassis>
<interfaces xmlns="http://yang.juniper.net/junos-ex/conf/interfaces">
<interface nc:operation="replace">
<name>ae3</name>
<mtu>9000</mtu>
<aggregated-ether-options>
<lacp>
<active/>
</lacp>
</aggregated-ether-options>
<unit>
<name>0</name>
<family>
<ethernet-switching>
<interface-mode>trunk</interface-mode>
<vlan>
<members>5gc-clustering-1</members>
</vlan>
</ethernet-switching>
</family>
</unit>
</interface>
<interface>
<name>irb</name>
<unit>
<name>3010</name>
<family>
<inet>
<address>
<name>19.2.0.18/31</name>
</address>
</inet>
<inet6>
</inet6>
</family>
</unit>
</interface>
</interfaces>
<policy-options xmlns="http://yang.juniper.net/junos-ex/conf/policy-options">
<policy-statement nc:operation="replace">
<name>INTO_INT_DN01</name>
<then>
<reject/>
</then>
</policy-statement>
</policy-options>
<routing-instances xmlns="http://yang.juniper.net/junos-ex/conf/routing-instances">
<instance nc:operation="replace">
<name>INT_DN01</name>
<instance-type>virtual-router</instance-type>
<interface>
<name>irb.3010</name>
</interface>
<protocols>
<bgp>
<group>
<name>sw</name>
<type>external</type>
<export>SEND-DIRECT</export>
<export>SEND-STATIC</export>
<neighbor>
<name>19.2.0.19</name>
<peer-as>4202200106</peer-as>
</neighbor>
</group>
</bgp>
</protocols>
<routing-options>
<instance-import>INTO_INT_DN01</instance-import>
<autonomous-system>
<as-number>4201200106</as-number>
</autonomous-system>
</routing-options>
</instance>
</routing-instances>
<vlans xmlns="http://yang.juniper.net/junos-ex/conf/vlans">
<vlan nc:operation="replace">
<name>5gc-clustering-1</name>
<vlan-id>3010</vlan-id>
<l3-interface>irb.3010</l3-interface>
</vlan>
</vlans>
</junos-ex-conf-root:configuration>
</nc:config>
And its exact representation in the inmanta language is the following:
import juniper_ex
import juniper_ex::chassis
import juniper_ex::chassis::aggregated_devices
import juniper_ex::interfaces
import juniper_ex::interfaces::interface
import juniper_ex::interfaces::interface::aggregated_ether_options
import juniper_ex::interfaces::interface::unit
import juniper_ex::interfaces::interface::unit::family
import juniper_ex::interfaces::interface::unit::family::ethernet_switching
import juniper_ex::interfaces::interface::unit::family::inet
import juniper_ex::policy_options
import juniper_ex::policy_options::policy_statement
import juniper_ex::routing_instances
import juniper_ex::routing_instances::instance
import juniper_ex::routing_instances::instance::protocols
import juniper_ex::routing_instances::instance::protocols::bgp
import juniper_ex::routing_instances::instance::protocols::bgp::group
import juniper_ex::routing_instances::instance::routing_options
import juniper_ex::system
import juniper_ex::system::services
import juniper_ex::vlans
import yang
device = juniper_ex::NetconfDevice(
mgmt_ip="127.0.0.1",
name="router",
yang_credentials=Credentials(
username_env_var="NETCONF_DEVICE_USER",
password_env_var="NETCONF_DEVICE_PASSWORD",
),
)
juniper_ex::Chassis(
device=device,
aggregated_devices=AggregatedDevices(
ethernet=Ethernet(
device_count="1",
),
),
)
juniper_ex::System(
device=device,
services=Services(
netconf=Netconf(
rfc_compliant=true,
yang_compliant=true,
),
),
)
juniper_ex::Interfaces(
device=device,
interface=[
juniper_ex::interfaces::Interface(
name="ae3",
mtu="9000",
aggregated_ether_options=AggregatedEtherOptions(
lacp=Lacp(
active=true,
),
),
unit=Unit(
name="0",
family=Family(
ethernet_switching=EthernetSwitching(
interface_mode="trunk",
vlan=Vlan(
members=["5gc-clustering-1"],
),
),
),
),
),
juniper_ex::interfaces::Interface(
name="irb",
unit=Unit(
name="3010",
family=Family(
inet=Inet(
address=Address(
name="19.2.0.18/31",
),
),
inet6=Inet6(),
),
),
),
],
)
juniper_ex::PolicyOptions(
device=device,
policy_statement=PolicyStatement(
name="INTO_INT_DN01",
then=Then(
reject=true,
),
),
)
juniper_ex::RoutingInstances(
device=device,
instance=Instance(
name="INT_DN01",
instance_type="virtual-router",
routing_options=RoutingOptions(
instance_import=["INTO_INT_DN01"],
autonomous_system=AutonomousSystem(
as_number="4201200106",
),
),
protocols=Protocols(
bgp=Bgp(
group=Group(
name="sw",
type="external",
export=[
"SEND-DIRECT",
"SEND-STATIC",
],
neighbor=Neighbor(
name="19.2.0.19",
peer_as="4202200106",
),
),
),
),
interface=Interface(
name="irb.3010",
),
),
)
juniper_ex::Vlans(
device=device,
vlan=Vlan(
name="5gc-clustering-1",
vlan_id="3010",
l3_interface="irb.3010",
),
)