Ansible is a very powerful tool for automating provisioning and maintenance tasks on Junos devices using the Py-EZ module. Usually you require at least SSH or Netconf set on the device for Ansible to work but there will be times a student breaks your ansible-able configuration. Using the Juniper device’s console port we can have Ansible overwrite the Junos configuration. In this guide we use a bash script to define variables which are passed to Ansible. In part 2 the bash script will prompt the user for the device, configuration file to load and login credentials.
You will need to have installed Ansible and the python modules (junos-py-EZ and py-junos-netconify). We tested this with SRX240 and EX4200 devices.
Load Junos Config using Ansible + Console + Bash Part 1
When searching I found very little documentation about using the console port as a serial port with Junos devices. It turns out the arguments you give to the console= are the same ones you use when using netconify in a shell prompt. By default netconify assumes you are using the serial port /dev/USBtty0 so all we had to do was pass the username and password. Using the serial port does require sudo privileges to access, you will therefore need to use sudo to run the playbook or modify the privileges for the user to access the USB port without sudo.
Create the Ansible playbook for using the Junos console port and passing bash variables
nano playbookconsoleconfig
Here is the Ansible playbook to use with Juniper console port using your host’s serial port. You will need to set your username and password for the Junos device. You also need to specify a host to test on since Ansible won’t run without a specified host, note that the host still needs to be in the Ansible inventory file. The variables will be passed from the bash script into the playbook.
- hosts: '{{ hostrouter }}'
roles:
- Juniper.junos
connection: local
gather_facts: no
tasks:
- name: Installing Junos configuration via console port
junos_install_config:
host="{{ inventory_hostname }}"
console="-u {{ junosu }}"
passwd="{{ junosp }}"
file="{{ junosc }}"
overwrite=yes
Ctrl+X, Y and Enter to save
Create the Ansible bash script to load a default Junos configuration using the console port.
This Ansible bash script is perfect for technicians who need to load the same configuration on multiple devices. It allows you to define variables for the hostname, absolute path of the configuration file and login credentials and attempts to load the configuration using the playbook and passing the bash variables to Ansible using –extra-vars.
nano ansibleconsoleconfig.sh
Paste the Ansible Junos load default configuration bash script.
#!/usr/bin/env bash
# from https://ittechnologist.wordpress.com
# Check if root
if [ $(id -u) != "0" ]; then
echo "Error: You must be root to run this script, please use the root user."
exit 1
fi
# Define variables, routertouse can be any IP in the inventory file since we are using the console port
routertouse=10.210.14.180
junosuser=root
junospass=Juniper1
junosconfig="/home/user/ex-48-m.conf"
echo Installing config on $routertouse
ansible-playbook playbookconsoleconfig -i inventory --extra-vars "hostrouter=$routertouse junosu=$junosuser junosp=$junospass junosc=$junosconfig"
Run the Ansible as root or a sudo user, you can just use the -s switch instead of sudo provided your user has sudo privileges
sudo bash ansibleconsoleconfig.sh
IT Technologist 