Example: Using Ansible to Install Software


Juniper Networks provides support for using Ansible to manage devices running Junos OS. The juniper_junos_software module in the Juniper.junos role enables you to install a Junos OS software image or other software package on a device running Junos OS. This example outlines how to use the juniper_junos_software Ansible module to install a software image on a device running Junos OS.


Starting in Ansible for Junos OS Release 2.0.0, the juniper_junos_software module replaces the functionality of the junos_install_os module.


This example uses the following hardware and software components:

  • Configuration management server running Ansible 2.1 or later with version 2.0.0 or later of the Juniper.junos role installed

  • Device running Junos OS with NETCONF enabled and a user account configured with appropriate permissions

  • SSH public/private key pair configured for the appropriate user on the Ansible server and device running Junos OS

  • Existing Ansible inventory file with required hosts defined


The juniper_junos_software module enables you to install a software image on a device running Junos OS. This example presents an Ansible playbook that uses the juniper_junos_software module to upgrade Junos OS on the hosts in the specified inventory group. In this example, the software image resides on the Ansible control machine, and the module copies the image to the target device before installing it. The module does not explicitly define a host argument, so the module operates on the default host, which is {{ inventory_hostname }}.

This playbook includes the Checking NETCONF connectivity task, which utilizes the wait_for module to try to establish a NETCONF session with the device running Junos OS using the default NETCONF port 830. If the control machine fails to establish a NETCONF session with a device during playbook execution, then it skips over the other tasks in the play for that device.

The task to install the Junos OS software image on the device executes the juniper_junos_software module provided that the NETCONF check was successful. The version argument defines the desired Junos OS version as it would be reported by the show version command on the device running Junos OS. During playbook execution, the module first checks that the requested version is not already installed on the device. If the requested version is different from the currently installed version, the module installs the requested version.

The local_package argument defines the path to the new Junos OS image on the Ansible control machine. During the installation, the module performs a storage cleanup operation on the target device, copies the software image to the /var/tmp directory on the device, verifies the file’s checksum, validates the new software against the active configuration, and then installs the software on each Routing Engine on the target host. By default, the juniper_junos_software module reboots the device after the installation is complete; however, this task explicitly sets reboot: true for clarity.

The task stores the module result in the sw variable and notifies one handler. If the user does not execute the playbook using check mode, the wait_reboot handler then tries to establish a session with the device to verify that the device is back online. The wait_time variable defines the length of time that the control machine attempts to reconnect with the device.

This example includes the logfile parameter to log the progress of the installation. This is important for debugging purposes should the installation fail as well as for logging the dates and times of installations on the devices. The user executing the playbook must have permissions to write to the specified log file. By default, only messages of severity level WARNING or higher are logged. In this example, the playbook is executed with the -v option to log messages of severity level INFO or higher to monitor the installation.


Creating the Ansible Playbook

Step-by-Step Procedure

To create a playbook that uses the juniper_junos_software module to install a software image on a device running Junos OS:

  1. Include the boilerplate for the playbook and this play, which must contain connection: local and the Juniper.junos role.

  2. Define or import any necessary variables, which for this example, includes the desired Junos OS version and the path to the new image, among others.

  3. (Optional) Create a task to verify NETCONF connectivity.

  4. Create the task to install the Junos OS package on the device and notify the handler.

  5. (Optional) Create a task to print the module response.

  6. Create the handler that verifies that the device comes back online after rebooting.

    The handler name should be the same as that referenced in the installation task.


On the Ansible control machine, review the completed playbook. If the playbook does not display the intended code, repeat the instructions in this example to correct the playbook.

Executing the Playbook

Step-by-Step Procedure

To execute the playbook:

  • Issue the ansible-playbook command on the control machine, and provide the playbook path and any desired options.

    user@ansible-cm:~/ansible$ ansible-playbook -v ansible-pb-junos-install-os.yaml


Verifying the Installation


Verify that the software installation was successful.


The playbook output should indicate any failed tasks. However, you can also review the contents of the log file defined in the playbook for details about the installation. Sample log file output is shown here. Some output has been omitted for brevity.

user@ansible-cm:~/ansible$ cat /var/log/ansible/software.log


The log file contents indicate that the image was successfully copied to and installed on the target device.