Junos Automation (Scripting)
Highlighted
Junos Automation (Scripting)

pushing a statement to 1500 srx devices

[ Edited ]
‎06-13-2019 09:41 PM

Hi all,

Is there a simple workable python script that pushing ONLY one statement (set system syslog file messages match "!RT_ALG_WRN_CFG_NEED") to over 1500 branch srx devices and comiting change configuration. And the script should be partially doing this at the multiple specified time and day. Can I ask about simple script one?

 

 

Thanks

Ar

7 REPLIES 7
Junos Automation (Scripting)

Re: pushing a statement to 1500 srx devices

‎06-14-2019 03:20 AM

Hi Arix,

 

Here is an example:

 

from jnpr.junos import Device
from jnpr.junos.utils.config import Config
from netaddr import IPAddress

f=open("devices.txt","r")
#print (f"IPs are: {IPs}")
config1 = """
system {
	syslog {
        file messsages {
            match "!RT_ALG_WRN_CFG_NEED";
        }
    }
}
"""

for line in f:
	line=line.rstrip()
	print (line)
	dev = Device(host=line,user='labroot',passwd='lab123')
	dev.open()
	with Config(dev, mode='private') as cu: 
		cu.load(config1, format='text', merge=True)
		cu.pdiff() 
		cu.commit()
	dev.close()

f.close()

And sample content of devices.txt file are device IPs (i saved this file in the directory where the script was executed) is:

10.85.155.10
10.85.168.38

 

Sample Output:

>python commit_script.py
10.85.155.10

[edit system]
+   syslog {
+       file messsages {
+           match "!RT_ALG_WRN_CFG_NEED";
+       }
+   }

10.85.168.38

[edit system syslog]
     file messages { ... }
+    file messsages {
+        match "!RT_ALG_WRN_CFG_NEED";
+    }

You can play around with this to modify it to your requirement. 

 

Hope this helps.

Regards,
-r.

--------------------------------------------------

If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated Smiley Happy.

Junos Automation (Scripting)

Re: pushing a statement to 1500 srx devices

‎06-15-2019 01:58 AM
Hi Ar, As we are talking of managing 1500 devices, I think its better to consider configuration management system options like Salt/Ansible to manage daily operations at this scale instead of individual scripts. Here are few excellent resources to get started with Automating Junos https://www.juniper.net/us/en/training/jnbooks/day-one/automating-junos-with-salt/ https://www.juniper.net/us/en/training/jnbooks/day-one/automation-series/automating-junos-ansible/ https://www.juniper.net/us/en/training/jnbooks/day-one/automation-series/junos-pyez-cookbook/
Regards,
Pradeep 2xJNCIE(SEC/ENT)
Junos Automation (Scripting)

Re: pushing a statement to 1500 srx devices

‎06-15-2019 09:50 AM

If you plan to push configuration to that number of devices I would also think about using Ansible or a similar tool.

 

You would also want to have some error handling to deal with devices that fail to have their configuration applied for whatever reasons, and be able to execute the task again just to those devices that have failed rather than processing all devices again.

 

You would also need to have NETCONF enabled on all the devices too.  Ansible does offer the ability to perform one-liners for this sort of request.  For example, with a suitable Ansible inventory file available you could push the NETCONF configuration to the devices using something like the following approach:

 

ansible all -m junos_netconf -c network_cli -i inventory.ini -e '{"ansible_network_os": "junos","ansible_user": "foo","ansible_ssh_pass": "bar"}' -o

Likewise, you can also use a similar approach to push set commands to the devices e.g.

ansible all -m junos_config -c netconf -i inventory.ini -e '{"ansible_user": "foo","ansible_ssh_pass": "bar"}' -a "src=configuration.set"

The inventory file for Ansible doesn't have to be a static file and could easily leverage a dynamic inventory script (Python etc.), and that could retrieve the details of the devices from some external source e.g. NetBox etc.  You don't necessarily need to go down the route of creating playbooks, roles, jinja2 template etc.

 

Regards,

Andy

Junos Automation (Scripting)

Re: pushing a statement to 1500 srx devices

‎06-18-2019 03:17 AM

Thanks all,

First I need to understand your all points, so I need time more... I then will give a feedback...

 I appreciated.

thx

A

Junos Automation (Scripting)

Re: pushing a statement to 1500 srx devices

‎06-18-2019 04:07 AM

@Arix,

 

Just to set things in the right perspective, although I love my PyEZ script shared above and it's tested for a sample size of two switches and it worked like a charm, the points raised by gentlemen in the above posts are pretty valid and basicially they suggest these for reasons like:

 

a) Error handling while pushing configuration to a large number of devices.  If some devices fail commit or log etc.

b) Authenticating user login to each devices.

c) Perform such tasks repeatedly means a lot of maintenance of PyEZ scripts

etc.

 

Other than that, the "simple" PyEZ script that you asked for is already here and it works.  So if you have a common at least one user login with same credentials on all your 1500 srx devices, the script will still work.  However, if you have such tasks to perform over time and want to consider a more sophisticated automation approach, please consider the suggested Junos Automation options include Ansible at the top of the list.

 

Hope this helps.

Regards,
-r.

--------------------------------------------------

If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated Smiley Happy.

 

Junos Automation (Scripting)

Re: pushing a statement to 1500 srx devices

4 weeks ago

Hi Arix,

It would be kind of you if you can update if we've answered your query and if that helped. Appreciate your feedback so we can all benefit from your post.

Thanks in advance for your time.


Regards,
-r.
--------------------------------------------------
If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated Smiley Happy.



Junos Automation (Scripting)

Re: pushing a statement to 1500 srx devices

3 weeks ago

Hello Arix,

 

Any update on this post?

 

Would you mind sharing the resolution and marking it as resolution if your query is resolved? As I said, that'll make the post useful for others.

 

Regards,
-r.

--------------------------------------------------

If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated Smiley Happy.