Course Outline
Exam Objectives - Click Here for a graphic of the objectivces
Juniper Knowledgebase Articles
- XPath Terminology
JSNAPY - Junos PyEZ Developer Guide
- Authenticate Junos PyEZ Users
- Examples of using the Docker image
- Junos PyEZ - Start here to evaluate, install, or use the Juniper Networks® Junos® PyEZ, a Python microframework that enables you to manage and automate devices running Junos OS.
- DAY ONE:JUNOS® PyEZCOOKBOOK
- Automation Forum - The Automation Forum on the Juniper Tech Wiki is a great place to seek help and see more script examples.
The Junos XML protocol server is integrated into the Junos operating system and does not appear as a separate entry in process listings. The Junos XML protocol server directs the request to the appropriate software modules within the device, encodes the response in Junos XML protocol and Junos XML API tag elements, and returns the result to the client application.
A file called a document type definition, or DTD, lists every tag element that can appear in the document or data set, defines the parent-child relationships between the tags, and specifies other tag characteristics. The same DTD can apply to many XML documents or data sets.
XML Overview - Start here if you are new to XML
XSLT Overview - Commit Scripts, operation scripts and SNMP scripts can be written in eXtensible Stylesheet Language Tranformations (XSLT).
Automation Scripting User Guide
Junos XML API Explorer - Configuration Tags
Junos XML Management Protocol Developer Guide
- Virtual labs for automation - Scroll down to the automation section.
- vLab Sandbox: PyEZ for Junos – Instructions - Instructions for running the PyEZ scripts in the lab.
- Juniper vLabs User Guide
Vlab instructions
On-box (vMX device)
Login to router R1.
To view a list of available PyEZ apps, enter the following operational command:
request extension-service start ?
To execute a PyEZ app, enter the following operational command:
request extension-service start <app-name>
Off-box (Ubuntu Linux server)
Login to server pyez-vm
Go to /home/jcluser/JUNOS_PyEZ_AUTOMATION
Type ls to view the available PyEZ apps
To run an app, enter the following command:
python <app-name> <arguments>
To see which arguments are required, see the Command Samples and Syntax section of this page, or enter the following command:
python <app-name> -h
Protip - NETCONF must be enabled (it runs on port 830), before PyE can connect. Use this command to verify:
show configuration system services netconf
Protip 2 A user account must be setup to allow the remote ssh session to connect to the switch. Use the following to determine if an account exists:
[edit system login]
user@host# show user account-name
Protip 3
Copy your ssh public key to the Ubuntu VM so that you can ssh without a passord
ssh-copy-id -i ~/.ssh/juniper_ed25519_key.pub -p 33010 jcluser@66.129.234.214
jcluser is the username for all the lab equipment. The passord is Juniper!1
Once the copy finishes, log in using:
ssh -p 33010 jcluser@66.129.234.214
If it works you are done. If not, log in using the password and run the following to see if the key was copied:
jcluser@pyez-vm:~$ cd .ssh/
jcluser@pyez-vm:~/.ssh$ ls -l
total 8
-rw------- 1 jcluser jcluser 105 Nov 2 10:11 authorized_keys
-rw-r--r-- 1 jcluser jcluser 222 Sep 10 2018 known_hosts
jcluser@pyez-vm:~/.ssh$ cat authorized_keys
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDoDOV0IobtYAgQXMDSvNPHVH7wVsD3iI9QBcF14hYUL mhubbard@HP8600-4.local
If you don't understand what I'm talking about follow this article. You should definitely learn how to use ssh keys if you want to be a DevOps engineer
When running the PyEZ apps off-box, from the Ubuntu Linux server, additional parameters must be included.
Below are command syntax examples for each PyEZ app.
python Pyez-tester.py -device 100.123.1.0 -user jcluser -password 'Juniper!1'
python Get_device_config.py -device 100.123.1.0 -user jcluser -password 'Juniper!1' -output_format set
python Load_configuration.py -device 100.123.1.0 -user jcluser -password 'Juniper!1'
python Get_interface_information.py -device 100.123.1.0 -user jcluser -password 'Juniper!1' -interface lo0
python Config_rollback.py -device 100.123.1.0 -user jcluser -password 'Juniper!1'
python File_list.py -device 100.123.1.0 -user jcluser -password 'Juniper!1' -path /var/db/scripts/jet/
Command Arguments:
- -device => Router R1’s management interface IP address
- -user => Router R1’s user name
- -password => Router R1’s user password
- -path => Router R1’s shell path to list the files from
- -output_format => Output format: set, json, txt, or unicode
git clone git@git.cloudlabs.juniper.net:shantabain/PyEZ_config
cd PyEZ_config
ansible-playbook install-config-to-device.yml
cd PLAYBOOK/
ansible-playbook install-ansible2-6-4-to-device.yml
ansible-playbook install-script-to-device.yml
The outbound SSH feature allows the initiation of an SSH session between devices running Junos OS and Network and System Management servers where client-initiated TCP/IP connections are blocked (for example, when the device is behind a firewall).
NETCONF Library
Junos PyEZ library
JAVA toolkit for NETCONF server
NETCONF Ruby gem Installation
Welcome to Junos PyEZ’s documentation! - Module documentation
Junos PyEZ Source Code - Github repo for PyEZ source code
This table lists the packages and libraries required to install Junos PyEZ on a CentOS Linux host.
Packages | Description |
---|---|
pip | A utility used to install packages and modules from the Python package index. |
gcc | The GNU compiler collection of utilities and libraries. |
python-devel | Header files, a static library and development tools for building Python modules, extending the Python interpreter, or embedding Python inapplications. |
libxml2-devel | Development files for the GNOME XML library. |
libxslt-dev | XML stylesheet transformation library development files. |
libssl-dev | Part of the OpenSSL project's implementation of the SSL and Transport Layer Security (TLS) cryptographic protocols for secure communication over the Internet. |
libffi-devel | Contains a foreign function interface that enables code written in one language to call codewritten in another language. |
openssl-dev | The SSL development toolkit. |
redhat-rpmconfig | Custom RedHat macros used to build RedHat Package Manager (RPM) packages |
Copy your public key to the junos device
┌─[mhubbard@HP8600-150] - [~/GoogleDrive/04_Tools/AutoPWN-Suite] - [2652]
└─[$] scp ~/.ssh/juniper_ed25519_key vector@66.129.234.214:/tmp