Scripting How-To: Use local scripts with an external data set

by Cordelia on ‎08-10-2015 07:32 PM - edited on ‎09-11-2017 05:21 PM by Administrator Administrator (2,010 Views)

Use Local Scripts with an External Data Set

This article shows how to pull information from an external data set (XML file) to use in a local (commit) script to configure devices that may or may not have unique configuration needs. 
Before getting started, you should review SLAX and local/commit scripts information in Junos Space:


Junos Space enables you to upload and execute local (commit) scripts on any given device. This is a very useful feature, and it works great if you have the same configuration that you need to change across multiple devices. 
But what if you need to configure a unique set of parameters for each device? Ones that don’t already exist within the device’s configuration that you can pull from and manipulate?

You can accomplish this by following these extra steps:


Step 1


Create an XML file to store the required configuration data for each device. We’ll name this example file “data.xml.”
01 <data>
02     <device>
03         <name>srx-detroit</name>
04         <loopback-ip></loopback-ip>
05         <loopback-desc>Detroit SRX Loopback</loopback-desc>
06         <security-zone>Alpha</security-zone>
07     </device>
08     <device>
09         <name>srx-baltimore</name>
10         <loopback-ip></loopback-ip>
11         <loopback-desc>Baltimore SRX Loopback</loopback-desc>
12         <security-zone>Bravo</security-zone>
13     </device>
14     <device>
15         <name>srx-gr</name>
16         <loopback-ip></loopback-ip>
17         <loopback-desc>Grand Rapids SRX Loopback</loopback-desc>
18         <security-zone>Charlie</security-zone>
19     </device>
20 </data>

Step 2


Next, you'll need to upload the XML data file to the Junos Space server. Unfortunately, you cannot do this by the usual method to import scripts into Space through the GUI. So you’ll have to copy the file manually.

When you import scripts into Junos Space, they are all stored locally on the servers in the following directory:


1 /var/cache/jboss/LocalScript/


Place your data file here as well, using SCP to transfer the file. If you prefer using SFTP, then make sure that you just specify the above directory. Be sure to use the admin user account to authenticate:


1 scp data.xml


Now that the data file resides on the server, let’s work on how you are going to use that information in your local/commit script.


Step 3


First, let’s reference your external data file in your script. This is done by using the document function within SLAX:


1 var $info = document("/var/cache/jboss/LocalScript/data.xml");


I recommend storing this information in a variable so you can easily search against it. You will do this later on.


For your local/commit script to identify how each device gets the correct configuration, you’ll need a key to match against. Use the device’s host-name since it typically will be different for each device.


NOTE: You can pick other parameters to match against, but I recommend using the host-name since typically each device will be unique.


1 var $get-config-rpc = <command> "show configuration | display xml";
2 var $configuration = jcs:invoke($get-config-rpc);
3 var $host-name = $configuration/system/host-name;


The above lines grab the host-name from the current device’s configuration, and store it in a variable that we reference against.


Now you can grab the information in your XML file and build the configuration that you want to deploy:


01 var $ip = $info/data/device[name = $host-name]/loopback-ip;
02 var $desc = $info/data/device[name = $host-name]/loopback-desc;
03 var $sec-zone = $info/data/device[name = $host-name]/security-zone;
04 var $config = {
05     <load-configuration action="set" format="text"> {
06         <configuration-set> {
07             expr "set interfaces lo0.0 family inet address " _ $ip _ "\n";
08             expr "set interfaces lo0.0 description \"" _ $desc _ "\"\n";
09             expr "set security zones security-zone " _ $sec-zone _ " interfaces lo0.0\n";
10         }
11     }
12 }


Check $info/data/device[name = $host-name] to see if your current device host-name matches up with the name you identified in your data file. If it does, then it pulls the relevant configuration. If not, then we run the script.


Running the Script


Now that your script is built and ready to go, you need to execute it against your devices. You can do using either of these methods:


  • Under Devices > Device Management in the navigation tree, select your devices, right-click on them, and select Device Operations > Execute Script.
  • Use the Operation feature by selecting Images and Scripts > Operations in the navigation tree, and creating your operation referencing your script. Once you’ve added your script, select the edit option on your script and change the Action to Execute instead of Stage.

(I prefer the latter, but it’s all personal preference.)


Here is the fully completed script for your reference:



01 version 1.1;
03 ns junos = "*/junos";
06 ns slax extension = "";
08 import "../import/junos.xsl";
10 /* @ISLOCAL = "true" */
13 match / {
14     <op-script-results> {
15         var $info = document("/var/cache/jboss/LocalScript/data.xml");
16         var $get-config-rpc = <command> "show configuration | display xml";
17         var $configuration = jcs:invoke($get-config-rpc);
18         var $host-name = $configuration/system/host-name;
19         var $conn = jcs:open();
20         var $lock-result = jcs:execute($conn, "lock-configuration");
22         if ($lock-result//self::xnm:error) {
23             <xsl:message terminate="yes"> "Couldn't lock database";
24         }
26         var $ip = $info/data/device[name = $host-name]/loopback-ip;
27         var $desc = $info/data/device[name = $host-name]/loopback-desc;
28         var $sec-zone = $info/data/device[name = $host-name]/security-zone;
29         var $config = {
30             <load-configuration action="set" format="text"> {
31                 <configuration-set> {
32                     expr "set interfaces lo0.0 family inet address " _ $ip _ "\n";
33                     expr "set interfaces lo0.0 description \"" _ $desc _ "\"\n";
34                     expr "set security zones security-zone " _ $sec-zone _ " interfaces lo0.0\n";
35                 }
36             }
37         }
39         var $load-result = jcs:execute($conn, $config);
41         if ($load-result//self::xnm:error) {
42             copy-of jcs:execute($conn, "unlock-configuration");
43             <xsl:message terminate="yes"> "Error loading the configuration";
44         }
46         var $commit = jcs:execute($conn, "commit-configuration");
48         if ($commit//self::xnm:error) {
49             copy-of jcs:execute($conn, "unlock-configuration");
50             <xsl:message terminate="yes"> "Error committing the configuration";
51         }
53         copy-of jcs:execute($conn, "unlock-configuration");
55         expr jcs:close($conn);
56     }
57 }