ON THIS PAGE
Configuring and Monitoring Zero Touch Provisioning
Zero touch provisioning (ZTP) allows you to provision new switches in your network automatically—without manual intervention. When you physically connect a switch to a network and boot it with the factory-default configuration, the switch attempts to upgrade the Junos OS software automatically and autoinstall a configuration file from the network.
The switch uses information that you configure on a Dynamic Host Control Protocol (DHCP) server to determine whether to perform these actions and to locate the necessary software image and configuration files on the network. You can configure the DHCP server by using a zero touch provisioning profile. If you do not configure a DHCP server, the switch boots with the preinstalled software and the default configuration.
The type of DHCP server that you want to use determines whether Network Director configures the DHCP server for you or whether you must manually configure the DHCP server. If you select CentOS or Ubuntu DHCP servers, Network Director configures the DHCP server by using the details that you specified in the zero touch provisioning profile. If you use any other DHCP server, you must manually configure the DHCP server. For such DHCP servers, you can use Network Director only to monitor the switches once they are provisioned. For details on configuring a DHCP server manually, see the DHCP server documentation.
For more information on zero touch provisioning for switches, see Understanding Zero Touch Provisioning.
Before you begin, ensure that you have the necessary privileges on the FTP and the file server that Network Director uses for zero touch provisioning..
For detailed information about DHCP and DHCP options, see RFC2131 (http://www.ietf.org/rfc/rfc2131.txt ) and RFC2132 (http://www.ietf.org/rfc/rfc2132.txt). These documents refers to Internet Systems Consortium (ISC) DHCP version 4.2. For more information about this version, see http://www.isc.org/software/dhcp/documentation.
Configuring Zero Touch Provisioning
Before you begin:
Ensure that the switch has access to the following network resources:
The DHCP server that provides the location of the software image and configuration files on the network
See your DHCP server documentation for configuration instructions.
The File Transfer Protocol (anonymous FTP), the Hypertext Transfer Protocol (HTTP) server, or the Trivial File Transfer Protocol (TFTP) server on which the software image and configuration files are stored. If you are using an FTP server, ensure that the FTP server is configured to enable anonymous access. Refer to your FTP server documentation to know more about this.
Although TFTP is supported, we recommend that you use FTP or HTTP instead, because these transport protocols are more reliable.
(Optional) A Network Time Protocol (NTP) server to perform time synchronization on the network
(Optional) A system log (syslog) server to manage system log messages and alerts
Identify the type of DHCP server that you will be using for zero touch provisioning:
CentOS DHCP Server—If your DHCP server uses the following command to restart the server, then select CentOS as the DHCP server type:
service dhcpd restart
Ubuntu DHCP Server—If your DHCP server uses the following command to restart the server, then select Ubuntu as the DHCP server type:
service isc-dhcp-server restart
Other—If your server is not an ISC DHCP server running on Linux operating system, then you must select Other and configure the DHCP server manually.
CentOS 6.10 is the supported or qualified version of CentOS for the DHCP server in Network Director 4.1 release.
For information about the CentOS and Ubuntu versions supported by Network Director Release 4.1, see the Supported Platforms section of the Network Director Release Notes.
To configure zero touch provisioning:
- While in the Deploy mode, select Zero Touch Provisioning > Manage ZTP from the Tasks pane.
The Manage ZTP Profiles page appears.
- Specify the server details in the Server Setup wizard page as described in Specifying the Server Details.
Specifying the Server Details
To configure the server settings:
- Enter the settings described in Table 1. Required settings are indicated
in the user interface by a red asterisk (*) that appears next to the
Table 1: Server Details
Name of the zero touch provisioning profile.
DHCP Server Info
DHCP Server Type
The type of DHCP server that provides the necessary information to the switch. You can choose to configure a CentOS DHCP server, an Ubuntu DHCP server, or any other DHCP server.
If you select Other, Network Director also selects the Manually Configure Server check box and hides all the other details except the File Server Details. You must configure the DHCP server manually.
Manually Configure Server
Select to indicate that you want to manually configure the DHCP server. You can configure the CentOS and Ubuntu DHCP servers manually or from Network Director.
If you select Manually Configure Server check box, Network Director hides all the other details except the File Server Details.
IP address or the hostname of the DHCP server.
Username for the DHCP server.
Note: This user must have write permission for the dhcpd.conf file.
Password for the specified username.
Confirm the password.
File Transfer Server Info
The type of file server where the software images and the configuration files are to be stored. You can choose to use an FTP, HTTP, or a TFTP file server.
File Server IP
IP address or the hostname of the file server.
File Server Root Dir
The root directory of the file server.
Syslog Server IP
IP address of the system log server, if you want to perform data logging for zero touch provisioning.
NTP Server IP
IP address of the NTP server, if you want to use time synchronization.
- Click Next and proceed to specify the software image, configuration file, and the IP address range to be configured on the DHCP server. For more details, see Specifying the Software Image and Configuration Details.
Specifying the Software Image and Configuration Details
To specify the software image, configuration file, and the IP address range to be configured on the DHCP server:
- Enter the password that you want to set for the root user
on the switch, in the ZTP Devices Root User Password field and confirm
the password in the Confirm Password field.
Once the switch is successfully provisioned, Network Director uses this password for discovering the device.
- In the Configure Settings table, click Add to
specify details for a switch model.
Network Director adds a row to the Configure Settings table.
- In the Device Model field, select the switch model for which you want to specify the image and configuration file details.
- (Only for the CentOS DHCP server) In the Image File field, select the image file that you want to upload for the selected switch model. This field lists the software images that you have uploaded to Network Director from the Device Image Repository page. For details about uploading a software image, see Managing Software Images.
Do one of the following to upload the configuration file to the DHCP server:
Select the factory-default configuration file for the selected switch model in the Config File field. Network Director ships with a factory-default configuration for all supported switch models.
If you want to upload a custom configuration file for the given switch model, click Upload Config and select a configuration file. When you upload a custom configuration file, ensure that the configurations mentioned in Configuration Statements for Custom Configuration of DHCP Server are included in the configuration file.
- In the Subnet field, specify the subnet that the DHCP server caters to.
- In the From IP and To IP fields, specify the range of IP addresses that the DHCP server can assign to new switches.
- (Only for the CentOS or Ubuntu DHCP server) Click Export DHCP Config if you want to view the configuration that
Network Director sends to the DHCP server.
Network Director downloads the configuration and you can view it using any text editor. If you chose to configure the DHCP server manually in the Server Details page, you can use this configuration file to complete the manual configuration.
- Click Next to review the details of the zero touch provisioning profile that you created.
Reviewing and Modifying Zero Touch Provisioning Settings
From this page, you can save or make changes to a zero touch provisioning profile:
To make changes to the profile, click the Edit button associated with the configuration you want to change.
Alternatively, you can click the appropriate buttons in the zero touch provisioning workflow at the top of the page that corresponds to the configuration you want to change.
When you are finished with your modifications, click Review to return to this page.
To save a zero touch provisioning profile or to save modifications to the settings of an existing profile, click Finish.
What To Do Next
For manual configuration, use the DHCP configuration file to manually configure the DHCP server. If you selected the DHCP server as CentOS or Ubuntu, Network Director uploads the software image to the file server that you specified. If you selected any other DHCP server, you must manually upload the software image to the file server and specify the path when you configure the DHCP server.
(Only for the CentOS or Ubuntu DHCP servers) For automatic configuration, Network Director configures the DHCP server with the details that you specified in the zero touch provisioning profile and uploads the software image to the file server that you specified.
Configuration Statements for Custom Configuration of DHCP Server
Insert the following configuration statements to the configuration file, if you want to upload a custom configuration file to the DHCP server:
Monitoring Zero Touch Provisioning Profiles
You can use the Monitor ZTP Profiles page to view details about the switches that were provisioned using a given zero touch provisioning profile and added successfully to the Network Director inventory.
To monitor a zero touch provisioning profile:
- While in the Deploy mode, select Zero Touch Provisioning > Monitor from the Tasks pane. The Monitor ZTP Profiles page appears.
- In the Choose ZTP Profile box, select the zero touch provisioning
profile that you want to monitor.
Network Director displays the zero touch provisioning summary and details of switches that were discovered using the selected profile.