Apstra ZTP - Juniper
EX switches require Junos OS version 21.2 or higher. The Python module that's required for ZTP is missing on EX switches using Junos OS versions below 21.2.
Juniper and ZTP Disk Space
Apstra ZTP manages the bootstrap and lifecycle of Juniper Junos devices. It uses a custom script to create offbox agents, create local users and set other system configuration. The ZTP process copies a new OS image to the switch. Before installing Apstra ZTP, ensure that the switch has sufficient disk space for the OS image.
root@leaf001-001-2> show system storage Filesystem Size Used Avail Capacity Mounted on /dev/gpt/junos 6.0G 1.0G 4.5G 18% /.mount <...>
Example: Juniper Junos - ztp.json
- Juniper Junos Offbox Agent / Apstra ZTP 4.2 UI
- Juniper Junos Offbox Agent / Apstra ZTP 4.2 ztp.json File
Juniper Junos Offbox Agent / Apstra ZTP 4.2 UI
Juniper Junos Offbox Agent / Apstra ZTP 4.2 ztp.json File
{ "junos": { "junos-versions": [ "21.4R3-S4.13" ], "junos-image": "http://192.168.59.4/jinstall-host-qfx-5e-x86-64-21.4R3-S4.13-secure-signed.tgz", "device-root-password": "root-password", "device-user": "admin", "device-user-password": "admin-password", "custom-config": "junos_custom.sh", "system-agent-params": { "platform": "junos", "agent_type": "offbox", "job_on_create": "install" } } }
Example: Juniper Junos OS Evolved - ztp.json
- Juniper Junos OS Evolved Onbox Agent / Apstra ZTP 4.2 GUI
- Juniper Junos OS Evolved Onbox Agent / Apstra ZTP 4.2 ztp.json File
Juniper Junos OS Evolved Onbox Agent / Apstra ZTP 4.2 GUI
Juniper Junos OS Evolved Onbox Agent / Apstra ZTP 4.2 ztp.json File
{ "junos-evo": { "junos-evo-versions": [ "22.4R2.11-EVO" ], "junos-evo-image": "http://192.168.59.4/junos-evo-install-qfx-ms-x86-64-22.4R2.11-EVO.iso", "device-root-password": "root-password", "device-user": "admin", "device-user-password": "admin-password", "custom-config": "junos_custom.sh", "system-agent-params": { "agent_type": "onbox", "job_on_create": "install" } } }
You can use the following additional fields for dual RE platforms, such as PTX10004.
"dual-routing-engine": true, "management-ip": "10.161.37.7", "management-gw-ip": "10.161.39.254", "management-subnet-prefixlen": "21", "management-master-ip": "10.161.37.8", "management-backup-ip": "10.161.37.9",
Juniper Junos Bootstrap File
Apstra ZTP uses a Python script to provision the device during ZTP. To allow the
Python script (ztp.py
) to run on a device that is not Junos OS
Evolved, additional configuration is required. Use the
junos_apstra_ztp_bootstrap.sh
script to bootstrap Apstra ZTP on
Junos. It downloads and runs the ZTP script.
Junos OS Evolved devices don't require this bootstrap; they run the Apstra ZTP python script (ztp.py) directly.
Juniper Junos Custom Config File
When configuring custom-config
for Juniper Junos devices, refer to
the example junos_custom.sh
, a bash executable file executed during
the ZTP process. It can set system configuration (such as Syslog, NTP, SNMP
authentication) prior to device system agent installation.
You can edit the custom config file in the Apstra ZTP GUI, as of Apstra ZTP version 4.2.0.
Junos OS and Junos OS Evolved platforms with dual-RE setups require the
set system commit synchronize
command. Without this
configuration, the ZTP process fails. We recommend adding the command to the
junos_custom.sh
file.
#!/bin/sh SOURCE_IP=$(cli -c "show conf interfaces em0.0" | grep address | sed 's/.*address \([0-9.]*\).*/\1/') # Syslog SYSLOG_SERVER="192.168.59.4" SYSLOG_PORT="514" # NTP NTP_SERVER="192.168.59.4" # SNMP SNMP_NAME="SAMPLE" SNMP_SERVER="192.168.59.3" # Syslog cli -c "configure; \ set system syslog host $SYSLOG_SERVER any notice ; \ set system syslog host $SYSLOG_SERVER authorization any ; \ set system syslog host $SYSLOG_SERVER port $SYSLOG_PORT ; \ set system syslog host $SYSLOG_SERVER routing-instance mgmt_junos ; \ commit and-quit" cli -c "configure; \ set system syslog file messages any notice ; \ set system syslog file messages authorization any ; \ commit and-quit" # NTP cli -c "configure; \ set system ntp server $NTP_SERVER routing-instance mgmt_junos ; \ set system ntp source-address $SOURCE_IP routing-instance mgmt_junos ; \ commit and-quit;" # SNMP cli -c "configure; \ set snmp name $SNMP_NAME; \ set snmp community public clients $SNMP_SERVER/32 ; \ set snmp community public routing-instance mgmt_junos ; \ set snmp routing-instance-access access-list mgmt_junos ; \ commit and-quit"
If you set external AAA authentication (for example
authentication-order
), replicate the device system agent
device-user
and device-user-password
in
the AAA system. Otherwise, the device system agent generates an authentication
error.
Restart Juniper Junos ZTP
To erase (zeroize) the device and restart Juniper Junos ZTP process:
root@leaf3> request system zeroize
Troubleshoot Juniper Junos ZTP
When in ZTP mode, the Juniper switch downloads the ztp.py
and
ztp.json
files to the /var/preserve/apstra
directory. For diagnostics, take note of the
/var/preserve/apstra/aosztp.log
file.
You can find additional useful messages in /var/log/messages
(search
for 'ztp').