Step 2: Up and Running
To onboard a Juniper device to Paragon Automation, you must commit the outbound SSH command to connect with Paragon Automation, on the device. This method of onboarding a device by committing the outbound SSH commands is also referred to as "Adopting a Device".
You can onboard a Juniper device to Paragon Automation by using any of the following methods:
-
Onboard a Juniper device; see Onboard a Juniper Device.
-
Onboard a device by using ZTP; see Onboard a Device by Using ZTP.
To onboard a non-Juniper device, see Onboard a non-Juniper Device.
Among non-Juniper devices, only Cisco Systems devices are supported in this release. For a list of supported Cisco Systems devices, see Supported Hardware.
Onboard a Juniper Device
Paragon Automation provides the outbound SSH configuration that you can commit on the device to enable the device to connect with Paragon Automation.
To onboard a Juniper device by committing the SSH configuration:
After the device is onboarded, the status of the device on the Inventory page (Inventory > Devices > Network Inventory) shows as Connected, You can now start managing the device. See Device Management Workflow.
Also, you can move the device to In Service after onboarding so that services can be provisioned on the device. See Approve a Device for Service.
Onboard a Device by Using ZTP
Prerequisites:
-
(Recommended) A network implementation plan be configured for the device.
-
The device should be zeroized or in its factory-default settings.
-
A TFTP server reachable from the device.
-
A DHCP server reachable from the device, with the ability to respond to the device with the TFTP server and configuration file (Python or SLAX script) name.
To onboard a device by using ZTP:
Sample Onboarding Script for Committing SSH Configuration on a Device
The following is a sample of the onboarding script that is downloaded from the TFTP server to the device:
#!/usr/bin/python from jnpr.junos import Device from jnpr.junos.utils.config import Config from jnpr.junos.exception import * import sys def main(): config = "set system services ssh protocol-version v2\n\ set system authentication-order password\n\ set system login user jcloud class super-user\n\ set system login user jcloud authentication encrypted-password $6$Oi4IvHbFYT.XgXP7$43sTeEU7V0Uw3CBlN/HFKQT.Xl2wsm6GEBaS9pfE9d3VrINIKBqlYlJfE2cTcHsCSSVboNnVtqJEaLNUBAfbu.\n\ set system login user jcloud authentication ssh-rsa \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuVTpIyaDwBuB8aTVrzxDQO50BS5GtoGnMBkWbYi5EEc0n8eJGmmbINE8auRGGOtY/CEbIHKSp78ptdzME0uQhc7UZm4Uel8C3FRb3qEYjr1AMJMU+hf4L4MYWYXqk+Y9RvnWBzsTO2iEqGU0Jk0y7Mev5z/YI9r8u8MZlWKdQzegBRIkL4HYYOAeAbenNw6ddxRzAP1bPESpmsT+0kChu3jYg8dzKbI+xjDBhQsKCFfO5cXyALjBMI3beaxmXRV02UGCEBl+5Xw6a3OCiP7jplr92rFBjbqgh/bYoJRYz1Rc3AirDjROQuDdpHRn+DuUjPlyV17QR9Qvwn4OAmWM9YKWS/LZ375L8nacOHmlv4f0KETU4LScTFQXR6xiJ6RizEpO338+xmiVq6mOcv5VuXfNApdl8F3LWOxLGFlmieB4cEEyJ7MK9U+TgS7MlcAP+XAeXYM2Vx1b+UCyYoEyDizaRXZvmP5BPpxpb5L2iuXencZMbbpEbnNX/sk3teDc= jcloud@5c96fb73-4e3a-4d8b-8257-7361ef0b95e7\"\n\ set system services outbound-ssh client jcloud secret f72b785d71ea9017f911a5d6c8c95f12a265e19e886f07a364ce12aa99c6c1ca072a1ccc7d39b3f8a7c94e7da761d1396714c0b32ef32b6e7d3c9ab62cf49d8d\n\ set system services outbound-ssh client jcloud services netconf keep-alive retry 12 timeout 5\n\ set system services outbound-ssh client jcloud oc-term.cloud.juniper.net port 2200 timeout 60 retry 1000\n\ set system services outbound-ssh client jcloud device-id 5c96fb73-4e3a-4d8b-8257-7361ef0b95e7.0ad21cc9-1fd6-4467-96fd-1f0750ad2678\n\ set system root-authentication encrypted-password \"$6$OeRp2LWC$/ZLm9CMiR.SeEunv.5sDksFHIkzafuHLf5f7sp1ZANYT0iiz6rk2A1d/4Bq1gmxBhEb1XFtskrocLD7VHvPU10\"" dev = Device() dev.open() try: with Config(dev, mode="exclusive") as cu: print ("Loading and committing configuration changes") cu.load(config, format="set", merge=True) cu.commit() except Exception as err: print (err) dev.close() if __name__ == "__main__": main()
Onboard a non-Juniper Device
In this release, you can onboard a non-Juniper device by using REST APIs. Onboarding a non-Juniper device by using GUI is a Beta feature and may not work as expected. See Help > API Docs for information about Paragon Automation REST APIs.
To onboard a non-Juniper device: