Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Puppet Manifests for Devices Running Junos OS

 

Creating Puppet Manifests Using the netdev Resources

Puppet manifests are files written in the Puppet language that describe your desired system configuration. The Puppet master compiles the manifests into catalogs. The agent nodes periodically download the catalogs and make the required changes so that the resulting system configuration matches the desired configuration.

Puppet manifest files are identified by the .pp extension. In the manifest, you use the Puppet language to describe the resources to manage on each agent node.

The netdev_stdlib module defines resource types that model properties for various network resources. The module includes resource definitions for the network device, physical interfaces, Layer 2 switching services, VLANs, and link aggregation groups (LAGs). For a list of available resource types, see Puppet netdev Resources.

The Juniper Networks netdev_stdlib_junos module, which you install on the Puppet master when managing devices running Junos OS, contains the Junos OS-specific Puppet provider code that implements the resource types defined in the netdev_stdlib module. Starting in netdev_stdlib_junos module version 2.0.2, the module also provides the apply_group defined resource type, which enables you to manage network resources that do not have type specifications in the netdev_stdlib module. For more information, see Puppet for Junos OS apply_group Defined Resource Type.

The following sample Puppet manifest is for a switch with the hostname jd.example.com. The manifest defines three VLANs, Pink, Green, and Red, with VLAN IDs 105, 101, and 103, respectively. The manifest defines that the ge-0/0/20 trunk interface accept tagged packets for both Pink and Green VLANs. By default, the ge-0/0/19 interface will be configured as an access port, which accepts untagged packets. The Red VLAN is the native VLAN for both ge-0/0/19 and ge-0/0/20.

Example: Creating Puppet Manifests for Devices Running Junos OS

This example shows how to create a sample Puppet manifest to manage VLANs and Layer 2 interfaces on a Puppet agent node running Junos OS. The manifest takes advantage of class definitions and variables in the Puppet language to create a more flexible and scalable manifest file.

Requirements

  • EX Series switch running Junos OS Release 12.3R2 or later 12.3 release with the jpuppet software package installed and a Junos OS user account for Puppet.

  • Puppet master with the Juniper Networks NETCONF Ruby gem and juniper/netdev_stdlib_junos Puppet module installed.

Overview

In this example, you create a Puppet manifest to manage VLANs and Layer 2 interfaces on switches running Junos OS that are in the “database” pod. The netdev_stdlib module defines the netdev_device, netdev_vlan, and netdev_l2_interface resource types that are used in this example to model the connection properties, VLANs, and Layer 2 interfaces on devices running Junos OS.

The Puppet class definition, database_switch, contains the settings for switches that are members of the “database” pod. Within the class definition, you must define a netdev_device resource that models the connection properties of the target switch. The netdev_device argument is the $hostname variable, which is provided by Facter. Within the class definition, you also create the netdev_vlan and netdev_l2_interface resources for the switches.

To create the necessary resources, this example uses the Puppet function create_resources, which converts a hash into a set of resources of the specified type. The function has two mandatory arguments, the resource type and a hash table that describes the resource titles and parameters. An optional third argument contains a hash table of default parameters that are applied to each new resource. If you specify the same parameter in both hash arguments, the parameter value in the mandatory argument overrides the default value in the optional argument.

In this example, you construct the variables $vlans, $db_ports, and $db_port_settings, which contain hashes that describe the VLAN and Layer 2 interface resources on the agent node. The hash values must be attributes that are defined in the netdev module for that resource type. You use the hashes as arguments to the create_resources Puppet function to create the resources that are added to the catalog.

The $vlans variable is a hash defining five VLAN resources spanning VLAN IDs in the range 100 through 104. Each hash entry defines the resource title (VLAN name) as the hash key and the resource attributes (vlan_id and description) as the hash values. For example:

The $db_ports variable is a hash defining which switch interfaces will be managed, and the $db_port_settings variable defines the default settings for these ports. The default settings configure the interface as a trunk interface that accepts tagged packets from the Blue, Green, and Yellow VLANs with the Red VLAN as the native VLAN.

After you construct the hashes that define the resources, you use the create_resources function to create the resources. You create the VLAN resources by using the create_resources Puppet function with the netdev_vlan resource type and the $vlan hash as arguments. You create the Layer 2 interface resources by using the create_resources Puppet function with the netdev_l2_interface resource type and the $db_ports hash as arguments. Additionally, include the $db_port_settings hash as the optional third argument containing the default settings for those ports.

Configuration

Step-by-Step Procedure

To create a sample Puppet manifest to manage VLANs and Layer 2 interfaces on a Puppet agent node running Junos OS:

  1. Create a file named database_switch.pp.
  2. Define the VLANs that the Puppet agent will create on the agent nodes running Junos OS.

  3. Create the code block for the database_switch class, which will contain the settings for switches in the “database” pod.

  4. Within the database_switch class definition, define the netdev_device resource for the switch.

  5. Within the database_switch class definition, create the VLAN resources by using the create_resources Puppet function with the netdev_vlan resource type and the $vlans hash as arguments.

  6. Within the database_switch class definition, define the Layer 2 interfaces and port settings on the member switches.

  7. Within the database_switch class definition, create the Layer 2 interface resources by using the create_resources Puppet function with the netdev_l2_interface resource type, the $db_ports hash, and the $db_port_settings hash as arguments.

  8. Use the class definition for that node.

Results

On the Puppet master, review the completed database_switch.pp manifest file. If the file does not display the intended code, repeat the instructions in this example to correct the manifest.

After the Puppet agent applies the configuration changes, the resulting configuration updates are:

Verification

Verifying the Puppet Manifest

Purpose

After the Puppet agent applies the configuration changes, verify that the Puppet agent node has the correct configuration.

Action

View the configuration or configuration differences, and verify that the Puppet agent made the correct changes. To view the full configuration, use the show configuration operational mode command. To view the configuration differences, use the show configuration | compare rollback rollback-number operational mode command.

Meaning

If the changes to the configuration include the updates defined in the manifest, then the manifest was created and applied correctly.

Troubleshooting

Troubleshooting Configuration Issues

Problem

The configuration on the agent node does not reflect the changes requested in the manifest.

If you do not see any updates to the configuration, the switch might not be included in the managed agent nodes, or the Puppet agent might not have downloaded the latest catalog and performed the configuration update. If you do see updates to the configuration, but they are incorrect, the Puppet manifest might contain incorrect information.

Solution

Make sure that the Puppet master is properly configured to create the catalog for that node. If the Puppet master is properly configured, review the Puppet manifest file to ensure that it contains the correct configuration changes, and if necessary, correct the manifest.

If you have reporting enabled, also review the log files on the Puppet master to verify that the agent node downloaded the latest catalog and committed the configuration changes. If the Puppet agent could not obtain a lock on the configuration database, could not upload the configuration changes due to a syntax error, or could not commit the configuration on the device, the configuration remains unchanged.