Zero-Touch Provisioning Overview
Zero Touch Provisioning (ZTP) enables you to configure and manage devices automatically, reducing the manual intervention required for adding devices to a network. The ZTP solution uses DHCP protocol to provision devices that are on the same subnet as Paragon Automation and also on a different subnet.
In Paragon Automation Release 21.1, you can only add the MX Series and QFX Series devices by using ZTP.
For ZTP, the image loaded on the device should be Junos OS Release 21.1 or later. The Image should be added through the image upgrade workflow; see Deploy an Image.
ZTP for onboarding a device involves the following steps:
Provide inputs such as available IP addresses (range) to be leased, corresponding gateway information and device details like root password, serial number to onboard the devices.
A job is created and the job lists the progress of ZTP.
A DHCP server, configured in Paragon Automation, leases an available IP address to the device requesting for an IP address.
The device uses the IP address received from the DHCP server to connect with Paragon Automation.
The bootstrapping configuration and software images, required for ZTP, served through the internal HTTP server of Paragon Automation, are installed on the device.
Once the bootstrap configuration is installed on the device, the device establishes a NetConf session with Paragon Automaton for syncing of inventory, configurations, configuration template, and configuration version.
The ZTP progress is updated in the database.
To perform ZTP on devices that are present on a subnet that is different from the subnet in which Paragon Automation is installed, you must configure a relay. as shown in Figure 1.
The relay can be an MX Series device or a Linux-based or CentOS-based Virtual Machine (VM). For information about using an MX Series device as a DHCP relay, see DHCP Relay Agent.
To configure DHCP relay in a Linux-based or CentOS-based VM.
- Log in to the VM.
- Check if the DHCP relay is already installed or not by
executing the ~]# yum list installed | grep dhcp command.
If DHCP relay is already installed, the output of the command should list the DHCP image version installed on the VM. For example:
~]# yum list installed | grep dhcp dhcp.x86_64 12:4.2.5-83.el7.centos.1 @updates dhcp-common.x86_64 12:4.2.5-83.el7.centos.1 @updates dhcp-libs.x86_64 12:4.2.5-83.el7.centos.1 @updates
- If DHCP is not installed, Install the DHCP relay package
on the VM.
root@device yum install dhcp
The DHCP relay package is usually available by default with an Ubuntu or CentOS-based VM. If the package is not available, the install command fetches the package and installs it.
- Execute the following command to run the DHCP relay service.
root@device dhcrelay -4 -d -i <interface-name> <dhcp-service-external-ip > where, <interface-name> is the interface on the VM that is facing the device to be added to Paragon Automation. <dhcp-service-external-ip> is provided during the deployment of Paragon Automation. You can also fetch it from the Paragon Automation installation by running the following command in the Paragon Automation master node: root@device:~# kubectl get svc -n ems | grep -i ztpservicedhcp NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE ztpservicedhcp LoadBalancer 10.102.3.100 192.168.15.155 67:30241/UDP 37h
The EXTERNAL IP is the <dhcp-service-external-ip> address.
You can now use the VM as a DHCP relay to connect Paragon Automation and the devices to be onboarded to Paragon Automation.
ZTP in Paragon Automation offers the following benefits:
Simplified, faster, and automated deployment of configurations.
Auto-generated configurations that are more accurate.
Faster scaling of the network because you need not manually apply configuration on each device in the network.