juniper.junos

Juniper Ansible Collection for Junos

About

Juniper Networks supports the use of Ansible for managing devices that run the Junos operating system (Junos OS and Junos Evolved). This collection can be found on the Ansible Galaxy website under the collection named juniper.device.

The juniper.device collection provides various Ansible modules for performing tasks related to device operations and configurations on devices using Junos OS. These tasks include installing and upgrading Junos OS, setting up new Junos devices in the network, applying configuration changes, gathering information, and resetting, rebooting, or shutting down devices. For installation instructions, please see the INSTALLATION section.

Two Sets of Ansible Modules for Junos Devices

Since Ansible version 2.1 or later, Ansible has included core modules for Junos. The core Junos modules start with the prefix junos_, while the modules in the juniper.device collection begin with their specific module types. Both sets can be used together on the same Ansible control machine, and you can use modules from either or both sets in an Ansible playbook. It is recommended to use the juniper.device collection for new playbooks that manage Junos devices.

Overview of Modules

The juniper.device collection includes the following modules:

command — Run one or more CLI commands on a Junos device.
config — Change the configuration of a Junos device.
facts — Get facts from a Junos device.
file_copy - Copy files to and from a Junos device.
jsnapy — Run JSNAPy tests on a Junos device.
ping — Send a ping from a Junos device.
pmtud — Perform path MTU discovery from a Junos device to a destination.
rpc — Run one or more NETCONF RPCs on a Junos device.
software — Install software on a Junos device.
srx_cluster — Manage SRX chassis cluster configuration.
system — Perform operational actions on the Junos system.
table — Get data from a Junos device using a PyEZ table/view.

PyEZ Version Requirement

To use the juniper.device collection, you must install junos-eznc version 2.6.0 or higher.

Overview of Plugins

In addition to the modules, there is a callback plugin named jsnapy for the jsnapy module. This plugin provides additional information on jsnapy failed tests. For each failed test, a log will appear after the playbook recap, demonstrating the failed tests.

Callback plugins are not enabled by default and need to be added to the Ansible configuration file under the [defaults] section using the callback_whitelist variable. Add the following lines to activate the jsnapy callback plugin:

[defaults]
callback_whitelist = jsnapy

Documentation

For detailed information, including examples, check the Official Juniper documentation and Ansible style documentation.

Installation

Ensure you have the DEPENDENCIES required for this collection installed. Refer to requirements.txt for details.

Notices

MacOS Mojave and Newer

On MacOS Mojave and later (>=10.14), SSH keys created using the system's ssh-keygen will use a new 'OPENSSH' key format. To manage SSH keys, use the following steps:

Create a new RSA key: ssh-keygen -m PEM -t rsa -b 4096
Check existing keys: head -n1 ~/.ssh/some_private_key
Convert an OPENSSH key to an RSA key: ssh-keygen -p -m PEM -f ~/.ssh/some_key

Ansible Galaxy Collection

You can install the latest version of the juniper.device collection using the ansible-galaxy install command:

sudo ansible-galaxy collection install juniper.device

You can also install the latest development version directly from GitHub:

sudo ansible-galaxy collection install git+https://github.com/Juniper/ansible-junos-stdlib.git#/ansible_collections/juniper/device

For more information visit - https://docs.ansible.com/ansible/latest/user_guide/collections_using.html#specifying-the-location-to-search-for-collections

Git Clone

For testing, you can clone this repo and run the env-setup script:

user@ansible-junos-stdlib> source env-setup

Docker

To run this as a Docker container, pull it from Docker Hub and run it:

docker run -it --rm juniper/pyez-ansible

To mount a host directory, run:

docker run -it --rm -v $PWD:/project juniper/pyez-ansible

If you have a typical playbook structure, navigate to the directory and run the playbook:

cd example/
docker run -it --rm -v $PWD:/playbooks juniper/pyez-ansible ansible-playbook -i hosts playbook.yml

You can also create an alias to save keystrokes:

alias pb-ansible="docker run -it --rm -v $PWD:/project juniper/pyez-ansible ansible-playbook"
pb-ansible -i hosts playbook.yml

Extending the Container with Additional Packages

You can install extra OS packages, Python packages, and Ansible collections when starting the container:

OS Packages

Set the Environment Variable: $APK Use Bind Mount: /extras/apk.txt List packages one per line.

Python Packages

Set the Environment Variable: $REQ Use Bind Mount: /extras/requirements.txt Use a pip requirements file.

Ansible Packages

Set the Environment Variable: $ROLES Use Bind Mount: /extras/requirements.yml Use an Ansible requirements file.

Example Playbook

This example shows how to use Ansible to install or upgrade the software on a device running Junos OS:

---
- name: Install Junos OS
  hosts: dc1
  connection: local
  gather_facts: false
  vars:
    wait_time: 3600
    pkg_dir: /var/tmp/junos-install
    os_version: 14.1R1.10
    os_package: jinstall-14.1R1.10-domestic-signed.tgz
    log_dir: /var/log/ansible

  tasks:
    - name: Checking NETCONF connectivity
      ansible.builtin.wait_for:
        host: "{{ inventory_hostname }}"
        port: 830
        timeout: 5
    - name: Install Junos OS package
      juniper.device.software:
        reboot: true
        version: "{{ os_version }}"
        package: "{{ pkg_dir }}/{{ os_package }}"
        logfile: "{{ log_dir }}/software.log"
      register: sw
      notify:
        - Wait_reboot

  handlers:
    - name: Wait_reboot
      ansible.builtin.wait_for:
        host: "{{ inventory_hostname }}"
        port: 830
        timeout: "{{ wait_time }}"
      when: not sw.check_mode