Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Agents (Devices)

Apstra device system agents handle configuration management, device-to-server communication, and telemetry collection. If you're not using Apstra ZTP to bootstrap your devices (or if you have a one-off installation) you can use this device installer to automatically install and verify devices. You can install device agents in the following ways:

  • on-box - agent is installed on the device
  • off-box - agent is installed on the Apstra server and communicates with devices via API

The types of agents supported on devices are as follows:

Table 1: On-box and Off-box Agent Support
Device On-box Off-box
Juniper Junos OS No Yes
Juniper Junos OS Evolved No No
Cisco NX-OS Yes Yes
Arista EOS Yes Yes
Cumulus Linux Yes No
Enterprise SONiC Yes No

The following configuration must not be on the device when you install a device agent:

  • VLANs other than VLAN 1
  • VRFs other than "management"
  • Interface IP addresses other than "management"
  • Loopback interfaces
  • VLAN interfaces
  • VXLAN interfaces
  • AS-Path access-lists
  • IP prefix-lists
  • Route maps or policies
  • BGP configuration

During the agent install process, device configuration is validated, and if the device contains configuration that could prevent the deployment of service configuration, the agent install process raises an error (as of Apstra 4.0.1).

In this case, manually remove conflicting configuration and start the agent installation process again.

If you must complete the agent installation with configuration validation errors, you can disable pristine configuration validation. To do this, from Devices > System Agents > Agents select Advanced Settings and select Skip Pristine Configuration Validation.

For information about retaining pre-existing configuration when bringing devices under Apstra management, see Device Configuration Lifecycle. For more information about managing devices in the Apstra environment see the guides.


On some platforms (Junos for example) you can configure rate-limiting for management traffic (SSH for example). When the Apstra server interacts directly with devices it can be more bursty than when it interacts with a user. Rate-limiting configurations that are used for hardening security can impact device management, and lead to deployment failures and other agent-related issues.

Agents include the following parameters:

Table 2: Agent Creation Parameters
Parameter Description
Device addresses Management IP(s) of the device(s)
Operation Mode
  • Full Control - deploys configuration and collects telemetry
  • Telemetry Only - configuration is not deployed
Platform (off-box only) For off-box agents only: drop-down list includes supported platforms.
Username / Password If you're not using an agent profile with credentials, check these boxes and add credentials.
Agent Profile If you don't want to manually enter credentials and packages, use agent profiles that you previously defined.
Job to run after creation
  • Install (default) - installs the agent on the device
  • Check - creates the agent, but does not install it. It appears in the list view where you can install it later.
Install Requirements (servers only) For servers only: If servers don't have Internet connectivity, uncheck the box.
Packages Before creating the agent, install required packages so they are available. Packages associated with selected agent profiles are listed here as well.
Open Options (off-box only) Passes configured parameters to off-box agents. For example, to use HTTPS as the API connection from off-box agents to devices, use the key-value pair: proto-https - port-443. The following default values can be overridden with open options:
  • commit_timeout - 60 (integer: seconds)
  • telemetry_timeout - 100 (integer: seconds)
  • probe_timeout: 5 (integer: seconds)
  • log_config_diff - True (boolean)

From the left navigation menu, navigate to Devices > System Agents > Agents to go to the agent list view.

You can select one or more agents or select actions for individual agents.

You can delete an agent only if that agent has been uninstalled and is no longer running on a device.

Additional actions are available on the line with the agent. For example, if a device is not assigned to a blueprint, you can restore the device's pristine configuration by clicking the Revert to Pristine Config button (as of Apstra version 4.0.1).