Agents (Devices)
Apstra device system agents handle configuration management, device-to-server communication, and telemetry collection. If you're not using Apstra ZTP to bootstrap your devices (or if you have a one-off installation) you can use this device installer to automatically install and verify devices. You can install device agents in the following ways:
- on-box - agent is installed on the device
- off-box - agent is installed on the Apstra server and communicates with devices via API
The types of agents supported on devices are as follows:
Device | On-box | Off-box |
---|---|---|
Juniper Junos OS | No | Yes |
Juniper Junos OS Evolved | No | No |
Cisco NX-OS | Yes | Yes |
Arista EOS | Yes | Yes |
Cumulus Linux | Yes | No |
Enterprise SONiC | Yes | No |
The following configuration must not be on the device when you install a device agent:
- VLANs other than VLAN 1
- VRFs other than "management"
- Interface IP addresses other than "management"
- Loopback interfaces
- VLAN interfaces
- VXLAN interfaces
- AS-Path access-lists
- IP prefix-lists
- Route maps or policies
- BGP configuration
During the agent install process, device configuration is validated, and if the device contains configuration that could prevent the deployment of service configuration, the agent install process raises an error (as of Apstra 4.0.1).
In this case, manually remove conflicting configuration and start the agent installation process again.
If you must complete the agent installation with configuration validation errors, you can disable pristine configuration validation. To do this, from Devices > System Agents > Agents select Advanced Settings and select Skip Pristine Configuration Validation.
For information about retaining pre-existing configuration when bringing devices under Apstra management, see Device Configuration Lifecycle. For more information about managing devices in the Apstra environment see the guides.
On some platforms (Junos for example) you can configure rate-limiting for management traffic (SSH for example). When the Apstra server interacts directly with devices it can be more bursty than when it interacts with a user. Rate-limiting configurations that are used for hardening security can impact device management, and lead to deployment failures and other agent-related issues.
Agents include the following parameters:
Parameter | Description |
---|---|
Device addresses | Management IP(s) of the device(s) |
Operation Mode |
|
Platform (off-box only) | For off-box agents only: drop-down list includes supported platforms. |
Username / Password | If you're not using an agent profile with credentials, check these boxes and add credentials. |
Agent Profile | If you don't want to manually enter credentials and packages, use agent profiles that you previously defined. |
Job to run after creation |
|
Install Requirements (servers only) | For servers only: If servers don't have Internet connectivity, uncheck the box. |
Packages | Before creating the agent, install required packages so they are available. Packages associated with selected agent profiles are listed here as well. |
Open Options (off-box only) | Passes configured parameters to off-box agents. For example, to use
HTTPS as the API connection from off-box agents to devices, use the
key-value pair: proto-https - port-443. The following default values can
be overridden with open options:
|
From the left navigation menu, navigate to Devices > System Agents > Agents to go to the agent list view.
You can select one or more agents or select actions for individual agents.
You can delete an agent only if that agent has been uninstalled and is no longer running on a device.
Additional actions are available on the line with the agent. For example, if a device is not assigned to a blueprint, you can restore the device's pristine configuration by clicking the Revert to Pristine Config button (as of Apstra version 4.0.1).