Ansible preparation Juniper equipment

   # Recently been studying ginger teacher Ansible tutorials, but also specifically to see the "Ender's Game."

    Writing this be regarded as a record of learning and experimentation, afraid in case when the next job requires that they have forgotten, and white to. #

    

    The first is to install Ansible control panel, there is a pit. When we execute the playbook will have Error: xxxxx, Msg: xxxxx, you will be prompted to install ncclient. Because netconf is Py3 modules, Ansible default is Py2.7.

     Attach solution links: https://acozine.github.io/html/reference_appendices/python_3_support.html

  First understand the next juniper.junos:

Juniper.junos Ansible Modules

Contents:

• juniper_junos_jsnapy

• juniper_junos_srx_cluster

• juniper_junos_ping

• juniper_junos_command

• juniper_junos_system

• juniper_junos_facts

• juniper_junos_config

• juniper_junos_software

• juniper_junos_pmtud

• juniper_junos_table

• juniper_junos_rpc

  Even find HA module. junos system for collecting information on facts, config used today to help us do the configuration.

    Config into the module, the module can see the introduction, options, and examples. Can perform include: loading or rolling back, checking, diffing, retrieving, and committing the configuration so versatile, we will start with the most simple commit. Before using, please install the eznc.

    Started configuration:

    The host and var written to the hosts file:

    [ex3300]

    192.168.11.169

    [Ex3300: whose]

    ansible_connection=network_cli

    #ansible_connection=netconf

    ansible_network_os=junos

    ansible_user=netops

    ansible_password=juniper123

    Preparation configuration file:

    more junos_config_vars/vsrx_vars_ex3300.yaml 

    ---

     vsrx_config_ex3300:

      - set routing-options static route 2.2.2.2/32 discard

    Experiments with the Srx320 19.1R3, Vsrx15.1R and Ex3300 12.3R9 version of the test. The file name is written here has little confusion.

    Device Initialization:

    MGT interface device ssh / netconf user and ssh:

    set system root-authentication encrypted-password "$1$d2G1wOPF$Lth.0XBee52ROKcFwayxr/"
    set system login user netops uid 203
    set system login user netops class super-user
    set system login user netops authentication encrypted-password "$1$HFIwO3Kj$OQ9IDKraR5rYSns2mRXJh/"
    set system services ftp
    set system services ssh root-login allow
    set system services netconf ssh port 830
    set interfaces me0 unit 0 family inet address 192.168.11.169/24 

    write script:

    Configuration variables introduced by way of the variable file, by positioning vars_files parameters.

    vars_files:

        - junos_config_vars/vsrx_vars_ex3300.yaml

     Edit juniper_junos_config of options:

     juniper_junos_config:

          config_mode: 'exclusive' # default is exclusive

          load: 'set' #set merge mode or

          lines: "{{vsrx_config_ex3300}}" # string arrangement contains a list of

          commit: yes # Why not check or direct commit

    运行。Ansible-playbook junos_config_ex3300.yaml 

    PLAY [configure SRX] ****************************************************************************************

    TASK [configure infomation :] *******************************************************************************

    ok: [192.168.11.169] => {

        "Vsrx_config_ex3300": [#debug output var variable is the configuration file.

            "set routing-options static route 3.3.3.3/32 discard"

        ]

    }

    TASK [load configure into vSRX] *****************************************************************************

    Here there will be a large segment of the alarm but does not affect the result temporarily ignored (in fact, I did not understand looked Quguan network).

    changed: [192.168.11.169]

    TASK [print configure results] ******************************************************************************

    ok: [192.168.11.169] => {#changed == true so debug msg

        "msg": "vSRX configure completed thanks"

    }

    PLAY RECAP **************************************************************************************************

    192.168.11.169             : ok=3    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

    Ideas finishing below: device initialization; Ansible the host and var; configuration variables (variables with documents); Playbook (you can do so many things with positioning of the variables used in the file location, output configuration before the first configuration, the use of modules import configuration to the appropriate host, the output configuration after a successful prompt changed).

    In the case of the official website there is a direct came about:

    lines:

      - 'set system services netconf ssh'

     

   And finally back to look up the device configuration compare | rollback 1:

 +    route 3.3.3.3/32 discard 

    You're done, simply use Ansible configuration Juniper equipment!