Skip to content

rikosintie/Juniper-DevOps

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Juniper DevOps

Course Outline
Exam Objectives - Click Here for a graphic of the objectivces

Juniper Knowledgebase Articles

XML

The Junos XML protocol server is integrated into the Junos operating system and does not appear as a separate entry in process listings. The Junos XML protocol server directs the request to the appropriate software modules within the device, encodes the response in Junos XML protocol and Junos XML API tag elements, and returns the result to the client application.

Document Type Definition

A file called a document type definition, or DTD, lists every tag element that can appear in the document or data set, defines the parent-child relationships between the tags, and specifies other tag characteristics. The same DTD can apply to many XML documents or data sets.

XML Overview - Start here if you are new to XML
XSLT Overview - Commit Scripts, operation scripts and SNMP scripts can be written in eXtensible Stylesheet Language Tranformations (XSLT).
Automation Scripting User Guide
Junos XML API Explorer - Configuration Tags
Junos XML Management Protocol Developer Guide

Virtual Labs

Vlab instructions
On-box (vMX device)
Login to router R1.

To view a list of available PyEZ apps, enter the following operational command:
request extension-service start ?

To execute a PyEZ app, enter the following operational command: request extension-service start <app-name>

Off-box (Ubuntu Linux server)
Login to server pyez-vm
Go to /home/jcluser/JUNOS_PyEZ_AUTOMATION
Type ls to view the available PyEZ apps

To run an app, enter the following command:
python <app-name> <arguments>

To see which arguments are required, see the Command Samples and Syntax section of this page, or enter the following command:
python <app-name> -h

Protip - NETCONF must be enabled (it runs on port 830), before PyE can connect. Use this command to verify: show configuration system services netconf

Protip 2 A user account must be setup to allow the remote ssh session to connect to the switch. Use the following to determine if an account exists:

[edit system login]  
user@host# show user account-name 

Protip 3 Copy your ssh public key to the Ubuntu VM so that you can ssh without a passord ssh-copy-id -i ~/.ssh/juniper_ed25519_key.pub -p 33010 jcluser@66.129.234.214

jcluser is the username for all the lab equipment. The passord is Juniper!1

Once the copy finishes, log in using: ssh -p 33010 jcluser@66.129.234.214

If it works you are done. If not, log in using the password and run the following to see if the key was copied:

jcluser@pyez-vm:~$ cd .ssh/
jcluser@pyez-vm:~/.ssh$ ls -l
total 8
-rw------- 1 jcluser jcluser 105 Nov  2 10:11 authorized_keys
-rw-r--r-- 1 jcluser jcluser 222 Sep 10  2018 known_hosts
jcluser@pyez-vm:~/.ssh$ cat authorized_keys
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDoDOV0IobtYAgQXMDSvNPHVH7wVsD3iI9QBcF14hYUL mhubbard@HP8600-4.local

If you don't understand what I'm talking about follow this article. You should definitely learn how to use ssh keys if you want to be a DevOps engineer

Command Samples and Syntax

When running the PyEZ apps off-box, from the Ubuntu Linux server, additional parameters must be included.

Below are command syntax examples for each PyEZ app. python Pyez-tester.py -device 100.123.1.0 -user jcluser -password 'Juniper!1'
python Get_device_config.py -device 100.123.1.0 -user jcluser -password 'Juniper!1' -output_format set python Load_configuration.py -device 100.123.1.0 -user jcluser -password 'Juniper!1'
python Get_interface_information.py -device 100.123.1.0 -user jcluser -password 'Juniper!1' -interface lo0
python Config_rollback.py -device 100.123.1.0 -user jcluser -password 'Juniper!1'
python File_list.py -device 100.123.1.0 -user jcluser -password 'Juniper!1' -path /var/db/scripts/jet/

Command Arguments:

  • -device => Router R1’s management interface IP address
  • -user => Router R1’s user name
  • -password => Router R1’s user password
  • -path => Router R1’s shell path to list the files from
  • -output_format => Output format: set, json, txt, or unicode

git clone git@git.cloudlabs.juniper.net:shantabain/PyEZ_config
cd PyEZ_config
ansible-playbook install-config-to-device.yml
cd PLAYBOOK/
ansible-playbook install-ansible2-6-4-to-device.yml
ansible-playbook install-script-to-device.yml

Setup the Juniper for Outbound SSH

The outbound SSH feature allows the initiation of an SSH session between devices running Junos OS and Network and System Management servers where client-initiated TCP/IP connections are blocked (for example, when the device is behind a firewall).

Outbound setup

Language Links

NETCONF Library
Junos PyEZ library
JAVA toolkit for NETCONF server
NETCONF Ruby gem Installation

PyEZ

Welcome to Junos PyEZ’s documentation! - Module documentation
Junos PyEZ Source Code - Github repo for PyEZ source code

This table lists the packages and libraries required to install Junos PyEZ on a CentOS Linux host.

Packages Description
pip A utility used to install packages and modules from the Python package index.
gcc The GNU compiler collection of utilities and libraries.
python-devel Header files, a static library and development tools for building Python modules, extending the Python interpreter, or embedding Python inapplications.
libxml2-devel Development files for the GNOME XML library.
libxslt-dev XML stylesheet transformation library development files.
libssl-dev Part of the OpenSSL project's implementation of the SSL and Transport Layer Security (TLS) cryptographic protocols for secure communication over the Internet.
libffi-devel Contains a foreign function interface that enables code written in one language to call codewritten in another language.
openssl-dev The SSL development toolkit.
redhat-rpmconfig Custom RedHat macros used to build RedHat Package Manager (RPM) packages

Copy your public key to the junos device

┌─[mhubbard@HP8600-150] - [~/GoogleDrive/04_Tools/AutoPWN-Suite] - [2652]
└─[$] scp ~/.ssh/juniper_ed25519_key vector@66.129.234.214:/tmp

About

Juniper DevOps Certification information

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published