Apstra ZTP Introduction
Use the Apstra ZTP version corresponding to the Juniper Apstra version you are using. This document applies to Apstra ZTP 4.2 versions.
Apstra ZTP is a Zero-Touch-Provisioning server for data center infrastructure systems. With Apstra ZTP you can bootstrap Apstra data center devices without considering the differences in underlying NOS mechanisms. ZTP, from an Apstra perspective, is a process that takes a device from initial boot to a point where it's managed by Apstra via device system agents.
Depending on how ZTP is configured, the process may include (but not always) the following capabilities:
- DHCP service
- Setting the device admin/root password
- Creating a device user for device system agent
- Upgrading / downgrading NOS
- Installing onbox or offbox device system agents
See also vendor-specific information:
To prevent being locked out of a device when there is a problem during the ZTP process, ZTP uses default, hard-coded credentials. These credentials are:
- root / admin
- aosadmin / aosadmin
Apstra provides a VM image (.ova, .qcow2.gz,
.vhdx.gz). You can use the Apstra-provided device provisioning scripts as
part of the existing ZTP/DHCP process to automatically install agents on devices as part of
the boot process. The Apstra ZTP reference implementation consists of the following three
phases:
- Generic DHCP Phase
- The device requests an IP address via DHCP.
- The device receives the assigned IP address and a pointer to the OS image to install.
- Initialization Phase
- The device downloads the ZTP script using TFTP.
- The device executes the downloaded script to prepare it to be managed. This includes verifying that the device is running a supported OS.
- Agent Installation Phase
- The ZTP script makes an API call to install a device system agent on the device.
Apstra ZTP VM Server Resource Requirements
Apstra ZTP runs as an Ubuntu 22.04.3 LTS server running MySQL, DHCP, HTTP, and TFTP servers. To configure the Apstra ZTP server, edit configuration files, such as dhcpd.conf and ztp.json. You can edit the files via CLI, or, as of Apstra version 4.2.0, you can use the Apstra ZTP GUI. The table below shows the minimum server specifications for a production environment:
| Resource | Setting |
|---|---|
| Guest OS Type | Ubuntu 22.04.3 LTS 64-bit |
| Memory | 2 GB |
| CPU | 1 vCPU |
| Disk Storage | 64 GB |
| Network | At least 1 network adapter. Configured for DHCP initially |
Apstra ZTP Network requirements
| Source | Destination | Ports | Role |
|---|---|---|---|
| Device agents | DHCP Server (renewals) & Broadcast (requests) | udp/67 -> udp/68 | DHCP Client |
| Device agents | Apstra ZTP | any → tcp/80 | Bootstrap and API scripts |
| Arista and Cisco Device agents | Apstra ZTP | any → udp/69 | TFTP for POAP and ZTP |
| Apstra ZTP | Controller | any → tcp/443 | Device System Agent Installer API |
| User | Controller | any → tcp/443 | Apstra ZTP GUI |
In addition to the ZTP-specific network requirements, the Apstra ZTP server and device agents require connectivity to the controller. Refer to Required Communication Ports in the Juniper Apstra Installation and Upgrade Guide for more information.
You can monitor device ZTP status from the Apstra GUI. From the left navigation menu,
navigate to Devices > ZTP Status > Devices.
Each device interacting with DHCP and ZTP is listed along with its System ID (serial number) if known, ZTP Status, ZTP Latest Event and when the device status was last updated.
To see the full DHCP and ZTP log for the device, click the "Show Log" button (the eye in the
Actions panel). 
Any device that interacts with DHCP or ZTP is listed. If you don't need the logs for a device anymore, click the Delete button.
Log files for all processes are in the /containers_data/logs directory.
root@apstra-ztp:/containers_data/logs# ls -l
total 7132
-rw-r--r-- 1 root root 6351759 Oct 28 17:47 debug.log
drwxr-xr-x 2 root root 4096 Oct 27 19:20 devices
-rw------- 1 root root 0 Oct 23 20:02 dhcpd.leases
-rw-r--r-- 1 root root 926980 Oct 28 17:39 info.log
-rw------- 1 root root 58 Oct 23 20:02 README
-rw------- 1 root root 469 Oct 27 02:13 rsyslog.log
root@apstra-ztp:/containers_data/logs# tail info.log
2020-10-28 17:16:38,786 root.status INFO Incoming: dhcpd dhcpd[18]: DHCPACK on 192.168.59.9 to 04:f8:f8:6b:36:91 via eth0
2020-10-28 17:18:04,299 root.status INFO Incoming: dhcpd dhcpd[18]: DHCPREQUEST for 192.168.59.9 from 04:f8:f8:6b:36:91 via eth0
2020-10-28 17:18:04,300 root.status INFO Incoming: dhcpd dhcpd[18]: DHCPACK on 192.168.59.9 to 04:f8:f8:6b:36:91 via eth0
2020-10-28 17:19:29,250 root.status INFO Incoming: dhcpd : -- MARK --
2020-10-28 17:19:29,442 root.status ERROR Failed to update status of all containers: /api/ztp/service 404 b'{"errors":"Resource not found"}'
2020-10-28 17:33:29,353 root.status INFO Incoming: tftp : -- MARK --
2020-10-28 17:33:29,538 root.status ERROR Failed to update status of all containers: /api/ztp/service 404 b'{"errors":"Resource not found"}'
2020-10-28 17:33:34,768 root.status INFO Incoming: status : -- MARK --
2020-10-28 17:39:29,349 root.status INFO Incoming: dhcpd : -- MARK --
2020-10-28 17:39:29,539 root.status ERROR Failed to update status of all containers: /api/ztp/service 404 b'{"errors":"Resource not found"}'
root@apstra-ztp:/containers_data/logs#You can monitor the ZTP services on the Apstra ZTP server from the Apstra GUI. From the left navigation menu, navigate to Devices > ZTP Status > Services.
Each service name includes its Docker IP address, service status and when the service status was last updated.