diff --git a/files/epe/config/epe-vmx0-config.txt b/files/epe/config/epe-vmx0-config.txt new file mode 100644 index 0000000..3176806 --- /dev/null +++ b/files/epe/config/epe-vmx0-config.txt @@ -0,0 +1,139 @@ + +version VERSION +system { + host-name epe-vmx0; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; ## SECRET-DATA + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; ## SECRET-DATA + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; ## SECRET-DATA + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description "epe-vmx1" + unit 0 { + family inet { + address 10.0.1.1/24 + } + family inet6; + family mpls; + family iso; + } + } + + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.100/21; + } + } + } + lo0 { + unit 0 { + family inet { + address 10.10.10.10/32; + } + family inet6 { + address fec0:0:0:1111::0/128; + } + + family iso { + address 49.0001.0010.0100.1000.00; + } + + } + } +} +routing-options { + router-id 10.10.10.10; + autonomous-system 64496; + forwarding-table { + export LOAD-BALANCE; + } + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } +} +protocols { + isis { + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 400; + ipv6-index 600; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + mpls { + interface ge-0/0/0.0; + } + lldp { + interface ge-0/0/0; + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} diff --git a/files/epe/config/epe-vmx1-config.txt b/files/epe/config/epe-vmx1-config.txt new file mode 100644 index 0000000..d411058 --- /dev/null +++ b/files/epe/config/epe-vmx1-config.txt @@ -0,0 +1,193 @@ + +version VERSION +system { + host-name epe-vmx1; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; ## SECRET-DATA + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; ## SECRET-DATA + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; ## SECRET-DATA + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description "epe-vmx0" + unit 0 { + family inet { + address 10.0.1.2/24 + } + family inet6; + family mpls; + family iso; + } + } + + ge-0/0/1 { + description "epe-vmx2" + unit 0 { + family inet { + address 10.0.12.1/24 + } + family inet6; + family mpls; + family iso; + } + } + + ge-0/0/2 { + description "epe-vmx3" + unit 0 { + family inet { + address 10.0.13.1/24 + } + family inet6; + family mpls; + family iso; + } + } + + ge-0/0/3 { + description "epe-vmx4" + unit 0 { + family inet { + address 10.0.14.1/24 + } + family inet6; + family mpls; + family iso; + } + } + + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.101/21; + } + } + } + lo0 { + unit 0 { + family inet { + address 1.1.1.1/32; + } + family inet6 { + address fec0:0:0:1111::1/128; + } + + family iso { + address 49.0001.0010.0100.1001.00; + } + + } + } +} +routing-options { + router-id 1.1.1.1; + autonomous-system 64496; + forwarding-table { + export LOAD-BALANCE; + } + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } +} +protocols { + isis { + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 401; + ipv6-index 601; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/1.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/2.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/3.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + interface ge-0/0/2.0; + interface ge-0/0/3.0; + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + interface ge-0/0/3; + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} diff --git a/files/epe/config/epe-vmx2-config.txt b/files/epe/config/epe-vmx2-config.txt new file mode 100644 index 0000000..16e7ece --- /dev/null +++ b/files/epe/config/epe-vmx2-config.txt @@ -0,0 +1,139 @@ + +version VERSION +system { + host-name epe-vmx2; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; ## SECRET-DATA + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; ## SECRET-DATA + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; ## SECRET-DATA + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description "epe-vmx1" + unit 0 { + family inet { + address 10.0.12.2/24 + } + family inet6; + family mpls; + family iso; + } + } + + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.102/21; + } + } + } + lo0 { + unit 0 { + family inet { + address 2.2.2.2/32; + } + family inet6 { + address fec0:0:0:1111::2/128; + } + + family iso { + address 49.0001.0010.0100.1002.00; + } + + } + } +} +routing-options { + router-id 2.2.2.2; + autonomous-system 64496; + forwarding-table { + export LOAD-BALANCE; + } + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } +} +protocols { + isis { + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 402; + ipv6-index 602; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + mpls { + interface ge-0/0/0.0; + } + lldp { + interface ge-0/0/0; + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} diff --git a/files/epe/config/epe-vmx3-config.txt b/files/epe/config/epe-vmx3-config.txt new file mode 100644 index 0000000..ba4a1a5 --- /dev/null +++ b/files/epe/config/epe-vmx3-config.txt @@ -0,0 +1,163 @@ + +version VERSION +system { + host-name epe-vmx3; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; ## SECRET-DATA + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; ## SECRET-DATA + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; ## SECRET-DATA + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description "epe-vmx1" + unit 0 { + family inet { + address 10.0.13.3/24 + } + family inet6; + family mpls; + family iso; + } + } + + ge-0/0/1 { + description "epe-vmx5" + unit 0 { + family inet { + address 10.1.35.3/24 + } + family inet6; + } + } + + ge-0/0/2 { + description "epe-vmx5" + unit 0 { + family inet { + address 10.2.35.3/24 + } + family inet6; + } + } + + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.103/21; + } + } + } + lo0 { + unit 0 { + family inet { + address 3.3.3.3/32; + } + family inet6 { + address fec0:0:0:1111::3/128; + } + + family iso { + address 49.0001.0010.0100.1003.00; + } + + } + } +} +routing-options { + router-id 3.3.3.3; + autonomous-system 64496; + forwarding-table { + export LOAD-BALANCE; + } + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } +} +protocols { + isis { + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 403; + ipv6-index 603; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + interface ge-0/0/2.0; + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} diff --git a/files/epe/config/epe-vmx4-config.txt b/files/epe/config/epe-vmx4-config.txt new file mode 100644 index 0000000..683ca01 --- /dev/null +++ b/files/epe/config/epe-vmx4-config.txt @@ -0,0 +1,151 @@ + +version VERSION +system { + host-name epe-vmx4; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; ## SECRET-DATA + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; ## SECRET-DATA + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; ## SECRET-DATA + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description "epe-vmx1" + unit 0 { + family inet { + address 10.0.14.4/24 + } + family inet6; + family mpls; + family iso; + } + } + + ge-0/0/1 { + description "epe-vmx7" + unit 0 { + family inet { + address 10.0.47.4/24 + } + family inet6; + } + } + + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.104/21; + } + } + } + lo0 { + unit 0 { + family inet { + address 4.4.4.4/32; + } + family inet6 { + address fec0:0:0:1111::4/128; + } + + family iso { + address 49.0001.0010.0100.1004.00; + } + + } + } +} +routing-options { + router-id 4.4.4.4; + autonomous-system 64496; + forwarding-table { + export LOAD-BALANCE; + } + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } +} +protocols { + isis { + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 404; + ipv6-index 604; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} diff --git a/files/epe/config/epe-vmx5-config.txt b/files/epe/config/epe-vmx5-config.txt new file mode 100644 index 0000000..bf7f876 --- /dev/null +++ b/files/epe/config/epe-vmx5-config.txt @@ -0,0 +1,157 @@ + +version VERSION +system { + host-name epe-vmx5; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; ## SECRET-DATA + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; ## SECRET-DATA + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; ## SECRET-DATA + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description "epe-vmx3" + unit 0 { + family inet { + address 10.1.35.5/24 + } + family inet6; + } + } + + ge-0/0/1 { + description "epe-vmx3" + unit 0 { + family inet { + address 10.2.35.5/24 + } + family inet6; + } + } + + ge-0/0/2 { + description "epe-vmx6" + unit 0 { + family inet { + address 10.0.56.5/24 + } + family inet6; + } + } + + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.105/21; + } + } + } + lo0 { + unit 0 { + family inet { + address 5.5.5.5/32; + } + family inet6 { + address fec0:0:0:1111::5/128; + } + + family iso { + address 49.0001.0010.0100.1005.00; + } + + } + } +} +routing-options { + router-id 5.5.5.5; + autonomous-system 64496; + forwarding-table { + export LOAD-BALANCE; + } + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } +} +protocols { + isis { + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 405; + ipv6-index 605; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface lo0.0 { + passive; + } + } + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + interface ge-0/0/2.0; + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} diff --git a/files/epe/config/epe-vmx6-config.txt b/files/epe/config/epe-vmx6-config.txt new file mode 100644 index 0000000..a901fb5 --- /dev/null +++ b/files/epe/config/epe-vmx6-config.txt @@ -0,0 +1,133 @@ + +version VERSION +system { + host-name epe-vmx6; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; ## SECRET-DATA + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; ## SECRET-DATA + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; ## SECRET-DATA + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description "epe-vmx5" + unit 0 { + family inet { + address 10.0.56.6/24 + } + family inet6; + } + } + + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.106/21; + } + } + } + lo0 { + unit 0 { + family inet { + address 6.6.6.6/32; + } + family inet6 { + address fec0:0:0:1111::6/128; + } + + family iso { + address 49.0001.0010.0100.1006.00; + } + + } + } +} +routing-options { + router-id 6.6.6.6; + autonomous-system 64496; + forwarding-table { + export LOAD-BALANCE; + } + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } +} +protocols { + isis { + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 406; + ipv6-index 606; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface lo0.0 { + passive; + } + } + mpls { + interface ge-0/0/0.0; + } + lldp { + interface ge-0/0/0; + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} diff --git a/files/epe/config/epe-vmx7-config.txt b/files/epe/config/epe-vmx7-config.txt new file mode 100644 index 0000000..1ed0187 --- /dev/null +++ b/files/epe/config/epe-vmx7-config.txt @@ -0,0 +1,145 @@ + +version VERSION +system { + host-name epe-vmx7; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; ## SECRET-DATA + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; ## SECRET-DATA + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; ## SECRET-DATA + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description "epe-vmx4" + unit 0 { + family inet { + address 10.0.47.7/24 + } + family inet6; + } + } + + ge-0/0/1 { + description "epe-vmx8" + unit 0 { + family inet { + address 10.0.78.7/24 + } + family inet6; + } + } + + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.107/21; + } + } + } + lo0 { + unit 0 { + family inet { + address 7.7.7.7/32; + } + family inet6 { + address fec0:0:0:1111::7/128; + } + + family iso { + address 49.0001.0010.0100.1007.00; + } + + } + } +} +routing-options { + router-id 7.7.7.7; + autonomous-system 64496; + forwarding-table { + export LOAD-BALANCE; + } + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } +} +protocols { + isis { + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 407; + ipv6-index 607; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface lo0.0 { + passive; + } + } + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} diff --git a/files/epe/config/epe-vmx8-config.txt b/files/epe/config/epe-vmx8-config.txt new file mode 100644 index 0000000..08844aa --- /dev/null +++ b/files/epe/config/epe-vmx8-config.txt @@ -0,0 +1,133 @@ + +version VERSION +system { + host-name epe-vmx8; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; ## SECRET-DATA + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; ## SECRET-DATA + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; ## SECRET-DATA + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description "epe-vmx7" + unit 0 { + family inet { + address 10.0.78.8/24 + } + family inet6; + } + } + + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.108/21; + } + } + } + lo0 { + unit 0 { + family inet { + address 8.8.8.8/32; + } + family inet6 { + address fec0:0:0:1111::8/128; + } + + family iso { + address 49.0001.0010.0100.1008.00; + } + + } + } +} +routing-options { + router-id 8.8.8.8; + autonomous-system 64496; + forwarding-table { + export LOAD-BALANCE; + } + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } +} +protocols { + isis { + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 408; + ipv6-index 608; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface lo0.0 { + passive; + } + } + mpls { + interface ge-0/0/0.0; + } + lldp { + interface ge-0/0/0; + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} diff --git a/files/epe/epe_nodes.yml b/files/epe/epe_nodes.yml new file mode 100644 index 0000000..d75f765 --- /dev/null +++ b/files/epe/epe_nodes.yml @@ -0,0 +1,138 @@ +# +# Nodes in the network +# + + +--- + +common: + bgp_asn: 64496 + gateway: 10.39.0.1 + +nodes: + + epe-vmx0: + mgmt: 10.39.0.100 + rid: 10.10.10.10 + rid6: fec0:0:0:1111::0 + sid: 400 + sid6: 600 + iso: 49.0001.0010.0100.1000.00 + switches: + - epe-vmx0-0--epe-vmx1-0 + links: + ge-0/0/0.0: { ip: 10.0.1.1, remote: epe-vmx1, mask: 24, cost: 1000, vlan: 0, mpls: True, iso: True} + + epe-vmx1: + mgmt: 10.39.0.101 + rid: 1.1.1.1 + rid6: fec0:0:0:1111::1 + sid: 401 + sid6: 601 + iso: 49.0001.0010.0100.1001.00 + switches: + - epe-vmx0-0--epe-vmx1-0 + - epe-vmx1-1--epe-vmx2-0 + - epe-vmx1-2--epe-vmx3-0 + - epe-vmx1-3--epe-vmx4-0 + links: + ge-0/0/0.0: { ip: 10.0.1.2, remote: epe-vmx0, mask: 24, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/1.0: { ip: 10.0.12.1, remote: epe-vmx2, mask: 24, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/2.0: { ip: 10.0.13.1, remote: epe-vmx3, mask: 24, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/3.0: { ip: 10.0.14.1, remote: epe-vmx4, mask: 24, cost: 1000, vlan: 0, mpls: True, iso: True} + + epe-vmx2: + mgmt: 10.39.0.102 + rid: 2.2.2.2 + rid6: fec0:0:0:1111::2 + sid: 402 + sid6: 602 + iso: 49.0001.0010.0100.1002.00 + switches: + - epe-vmx1-1--epe-vmx2-0 + links: + ge-0/0/0.0: { ip: 10.0.12.2, remote: epe-vmx1, mask: 24, cost: 1000, vlan: 0, mpls: True, iso: True} + + epe-vmx3: + mgmt: 10.39.0.103 + rid: 3.3.3.3 + rid6: fec0:0:0:1111::3 + sid: 403 + sid6: 603 + iso: 49.0001.0010.0100.1003.00 + switches: + - epe-vmx1-2--epe-vmx3-0 + - epe-vmx3-1--epe-vmx5-0 + - epe-vmx3-2--epe-vmx5-1 + links: + ge-0/0/0.0: { ip: 10.0.13.3, remote: epe-vmx1, mask: 24, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/1.0: { ip: 10.1.35.3, remote: epe-vmx5, mask: 24, cost: 1000, vlan: 0} + ge-0/0/2.0: { ip: 10.2.35.3, remote: epe-vmx5, mask: 24, cost: 1000, vlan: 0} + + epe-vmx4: + mgmt: 10.39.0.104 + rid: 4.4.4.4 + rid6: fec0:0:0:1111::4 + sid: 404 + sid6: 604 + iso: 49.0001.0010.0100.1004.00 + switches: + - epe-vmx1-3--epe-vmx4-0 + - epe-vmx4-1--epe-vmx7-0 + links: + ge-0/0/0.0: { ip: 10.0.14.4, remote: epe-vmx1, mask: 24, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/1.0: { ip: 10.0.47.4, remote: epe-vmx7, mask: 24, cost: 1000, vlan: 0} + + epe-vmx5: + mgmt: 10.39.0.105 + rid: 5.5.5.5 + rid6: fec0:0:0:1111::5 + sid: 405 + sid6: 605 + iso: 49.0001.0010.0100.1005.00 + switches: + - epe-vmx3-1--epe-vmx5-0 + - epe-vmx3-2--epe-vmx5-1 + - epe-vmx5-2--epe-vmx6-0 + links: + ge-0/0/0.0: { ip: 10.1.35.5, remote: epe-vmx3, mask: 24, cost: 1000, vlan: 0} + ge-0/0/1.0: { ip: 10.2.35.5, remote: epe-vmx3, mask: 24, cost: 1000, vlan: 0} + ge-0/0/2.0: { ip: 10.0.56.5, remote: epe-vmx6, mask: 24, cost: 1000, vlan: 0} + + epe-vmx6: + mgmt: 10.39.0.106 + rid: 6.6.6.6 + rid6: fec0:0:0:1111::6 + sid: 406 + sid6: 606 + iso: 49.0001.0010.0100.1006.00 + switches: + - epe-vmx5-2--epe-vmx6-0 + links: + ge-0/0/0.0: { ip: 10.0.56.6, remote: epe-vmx5, mask: 24, cost: 1000, vlan: 0} + + epe-vmx7: + mgmt: 10.39.0.107 + rid: 7.7.7.7 + rid6: fec0:0:0:1111::7 + sid: 407 + sid6: 607 + iso: 49.0001.0010.0100.1007.00 + switches: + - epe-vmx4-1--epe-vmx7-0 + - epe-vmx7-1--epe-vmx8-0 + links: + ge-0/0/0.0: { ip: 10.0.47.7, remote: epe-vmx4, mask: 24, cost: 1000, vlan: 0} + ge-0/0/1.0: { ip: 10.0.78.7, remote: epe-vmx8, mask: 24, cost: 1000, vlan: 0} + + epe-vmx8: + mgmt: 10.39.0.108 + rid: 8.8.8.8 + rid6: fec0:0:0:1111::8 + sid: 408 + sid6: 608 + iso: 49.0001.0010.0100.1008.00 + switches: + - epe-vmx7-1--epe-vmx8-0 + links: + ge-0/0/0.0: { ip: 10.0.78.8, remote: epe-vmx7, mask: 24, cost: 1000, vlan: 0} diff --git a/files/srlab/backup/2020-02-21@12:12:43/10.39.0.101.config b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.101.config new file mode 100644 index 0000000..b5e7e8f --- /dev/null +++ b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.101.config @@ -0,0 +1,183 @@ + +## Last commit: 2019-05-06 20:34:58 UTC by salt +version 17.4R2.4; +system { + host-name srlab-vmx1; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description srlab-vmx2; + unit 0 { + family inet { + address 10.0.0.0/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description srlab-vmx4; + unit 0 { + family inet { + address 10.0.0.2/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/2 { + description srlab-vmx3; + unit 0 { + family inet { + address 10.0.0.22/31; + } + family iso; + family inet6; + family mpls; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.101/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 192.168.0.1/32; + } + family iso { + address 49.0001.0010.0100.1001.00; + } + family inet6 { + address fec0:0:0:1111::1/128; + } + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + router-id 192.168.0.1; + autonomous-system 65000; +} +protocols { + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + interface ge-0/0/2.0; + } + bgp { + group Core { + type internal; + local-address 192.168.0.1; + family inet { + unicast; + } + family inet-vpn { + unicast; + } + family inet6 { + unicast; + } + export __Ansible_Core_export; + neighbor 192.168.0.4; + neighbor 192.168.0.7; + } + } + isis { + source-packet-routing { + node-segment { + ipv4-index 401; + ipv6-index 601; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/1.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/2.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + } +} +policy-options { + policy-statement __Ansible_Core_export { + term ebgp { + from { + protocol bgp; + external; + } + then { + next-hop self; + accept; + } + } + } +} diff --git a/files/srlab/backup/2020-02-21@12:12:43/10.39.0.102.config b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.102.config new file mode 100644 index 0000000..6ef2615 --- /dev/null +++ b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.102.config @@ -0,0 +1,166 @@ + +## Last commit: 2019-03-25 20:03:50 UTC by salt +version 17.4R2.4; +system { + host-name srlab-vmx2; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description srlab-vmx1; + unit 0 { + family inet { + address 10.0.0.1/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description srlab-vmx5; + unit 0 { + family inet { + address 10.0.0.4/31; + } + family iso; + family inet6; + family mpls; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.102/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 192.168.0.2/32; + } + family iso { + address 49.0001.0010.0100.1002.00; + } + family inet6 { + address fec0:0:0:1111::2/128; + } + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + router-id 192.168.0.2; + autonomous-system 65000; +} +protocols { + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + bgp { + group Core { + type internal; + local-address 192.168.0.2; + family inet { + unicast; + } + family inet-vpn { + unicast; + } + family inet6 { + unicast; + } + export __Ansible_Core_export; + neighbor 192.168.0.4; + neighbor 192.168.0.7; + } + } + isis { + source-packet-routing { + node-segment { + ipv4-index 402; + ipv6-index 602; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/1.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + } +} +policy-options { + policy-statement __Ansible_Core_export { + term ebgp { + from { + protocol bgp; + external; + } + then { + next-hop self; + accept; + } + } + } +} diff --git a/files/srlab/backup/2020-02-21@12:12:43/10.39.0.103.config b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.103.config new file mode 100644 index 0000000..bdb30ed --- /dev/null +++ b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.103.config @@ -0,0 +1,166 @@ + +## Last commit: 2019-03-25 20:04:57 UTC by root +version 17.4R2.4; +system { + host-name srlab-vmx3; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description srlab-vmx1; + unit 0 { + family inet { + address 10.0.0.23/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description srlab-vmx6; + unit 0 { + family inet { + address 10.0.0.24/31; + } + family iso; + family inet6; + family mpls; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.103/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 192.168.0.3/32; + } + family iso { + address 49.0001.0010.0100.1003.00; + } + family inet6 { + address fec0:0:0:1111::3/128; + } + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + router-id 192.168.0.3; + autonomous-system 65000; +} +protocols { + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + bgp { + group Core { + type internal; + local-address 192.168.0.3; + family inet { + unicast; + } + family inet-vpn { + unicast; + } + family inet6 { + unicast; + } + export __Ansible_Core_export; + neighbor 192.168.0.4; + neighbor 192.168.0.7; + } + } + isis { + source-packet-routing { + node-segment { + ipv4-index 403; + ipv6-index 603; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/1.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + } +} +policy-options { + policy-statement __Ansible_Core_export { + term ebgp { + from { + protocol bgp; + external; + } + then { + next-hop self; + accept; + } + } + } +} diff --git a/files/srlab/backup/2020-02-21@12:12:43/10.39.0.104.config b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.104.config new file mode 100644 index 0000000..af4fbbc --- /dev/null +++ b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.104.config @@ -0,0 +1,188 @@ + +## Last commit: 2019-04-24 21:50:28 UTC by salt +version 17.4R2.4; +system { + host-name srlab-vmx4; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description srlab-vmx5; + unit 0 { + family inet { + address 10.0.0.6/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description srlab-vmx1; + unit 0 { + family inet { + address 10.0.0.3/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/2 { + description srlab-vmx6; + unit 0 { + family inet { + address 10.0.0.8/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/3 { + description srlab-vmx6; + unit 0 { + family inet { + address 10.0.0.10/31; + } + family iso; + family inet6; + family mpls; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.104/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 192.168.0.4/32; + } + family iso { + address 49.0001.0010.0100.1004.00; + } + family inet6 { + address fec0:0:0:1111::4/128; + } + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + router-id 192.168.0.4; + autonomous-system 65000; +} +protocols { + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + interface ge-0/0/2.0; + interface ge-0/0/3.0; + } + bgp { + group Core { + type internal; + local-address 192.168.0.4; + family inet { + unicast; + } + family inet-vpn { + unicast; + } + family inet6 { + unicast; + } + cluster 192.168.0.4; + neighbor 192.168.0.1; + neighbor 192.168.0.2; + neighbor 192.168.0.8; + neighbor 192.168.0.9; + } + } + isis { + source-packet-routing { + node-segment { + ipv4-index 404; + ipv6-index 604; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/1.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/2.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/3.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + interface ge-0/0/3; + } +} diff --git a/files/srlab/backup/2020-02-21@12:12:43/10.39.0.105.config b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.105.config new file mode 100644 index 0000000..d7525fa --- /dev/null +++ b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.105.config @@ -0,0 +1,201 @@ + +## Last commit: 2019-03-25 20:07:21 UTC by root +version 17.4R2.4; +system { + host-name srlab-vmx5; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description srlab-vmx4; + unit 0 { + family inet { + address 10.0.0.7/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description srlab-vmx2; + unit 0 { + family inet { + address 10.0.0.5/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/2 { + description "[ae0]"; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/3 { + description "[ae0]"; + gigether-options { + 802.3ad ae0; + } + } + ae0 { + description srlab-vmx7; + unit 0 { + family inet { + address 10.0.0.12/31; + } + family iso; + family inet6; + family mpls; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.105/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 192.168.0.5/32; + } + family iso { + address 49.0001.0010.0100.1005.00; + } + family inet6 { + address fec0:0:0:1111::5/128; + } + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + router-id 192.168.0.5; + autonomous-system 65000; +} +protocols { + mpls { + interface ae0.0; + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + bgp { + group Core { + type internal; + local-address 192.168.0.5; + family inet { + unicast; + } + family inet-vpn { + unicast; + } + family inet6 { + unicast; + } + export __Ansible_Core_export; + neighbor 192.168.0.4; + neighbor 192.168.0.7; + } + } + isis { + source-packet-routing { + srgb start-label 800000 index-range 100000; + node-segment { + ipv4-index 405; + ipv6-index 605; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/1.0 { + point-to-point; + level 2 metric 1000; + } + interface ae0.0 { + point-to-point; + level 2 metric 500; + } + interface lo0.0 { + passive; + } + } + lldp { + interface ae0; + interface ge-0/0/0; + interface ge-0/0/1; + } +} +policy-options { + policy-statement __Ansible_Core_export { + term ebgp { + from { + protocol bgp; + external; + } + then { + next-hop self; + accept; + } + } + } +} diff --git a/files/srlab/backup/2020-02-21@12:12:43/10.39.0.106.config b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.106.config new file mode 100644 index 0000000..3aa5c63 --- /dev/null +++ b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.106.config @@ -0,0 +1,217 @@ + +## Last commit: 2019-03-25 20:06:51 UTC by root +version 17.4R2.4; +system { + host-name srlab-vmx6; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description srlab-vmx7; + unit 0 { + family inet { + address 10.0.0.14/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description srlab-vmx8; + unit 0 { + family inet { + address 10.0.0.16/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/2 { + description srlab-vmx4; + unit 0 { + family inet { + address 10.0.0.9/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/3 { + description srlab-vmx4; + unit 0 { + family inet { + address 10.0.0.11/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/4 { + description srlab-vmx3; + unit 0 { + family inet { + address 10.0.0.25/31; + } + family iso; + family inet6; + family mpls; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.106/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 192.168.0.6/32; + } + family iso { + address 49.0001.0010.0100.1006.00; + } + family inet6 { + address fec0:0:0:1111::6/128; + } + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + router-id 192.168.0.6; + autonomous-system 65000; +} +protocols { + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + interface ge-0/0/2.0; + interface ge-0/0/3.0; + interface ge-0/0/4.0; + } + bgp { + group Core { + type internal; + local-address 192.168.0.6; + family inet { + unicast; + } + family inet-vpn { + unicast; + } + family inet6 { + unicast; + } + export __Ansible_Core_export; + neighbor 192.168.0.4; + neighbor 192.168.0.7; + } + } + isis { + source-packet-routing { + node-segment { + ipv4-index 406; + ipv6-index 606; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/1.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/2.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/3.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/4.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + interface ge-0/0/3; + interface ge-0/0/4; + } +} +policy-options { + policy-statement __Ansible_Core_export { + term ebgp { + from { + protocol bgp; + external; + } + then { + next-hop self; + accept; + } + } + } +} diff --git a/files/srlab/backup/2020-02-21@12:12:43/10.39.0.107.config b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.107.config new file mode 100644 index 0000000..e937434 --- /dev/null +++ b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.107.config @@ -0,0 +1,189 @@ + +## Last commit: 2019-03-25 20:06:23 UTC by root +version 17.4R2.4; +system { + host-name srlab-vmx7; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description srlab-vmx6; + unit 0 { + family inet { + address 10.0.0.15/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description srlab-vmx9; + unit 0 { + family inet { + address 10.0.0.18/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/2 { + description "[ae0]"; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/3 { + description "[ae0]"; + gigether-options { + 802.3ad ae0; + } + } + ae0 { + description srlab-vmx5; + unit 0 { + family inet { + address 10.0.0.13/31; + } + family iso; + family inet6; + family mpls; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.107/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 192.168.0.7/32; + } + family iso { + address 49.0001.0010.0100.1007.00; + } + family inet6 { + address fec0:0:0:1111::7/128; + } + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + router-id 192.168.0.7; + autonomous-system 65000; +} +protocols { + mpls { + interface ae0.0; + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + bgp { + group Core { + type internal; + local-address 192.168.0.7; + family inet { + unicast; + } + family inet-vpn { + unicast; + } + family inet6 { + unicast; + } + cluster 192.168.0.7; + neighbor 192.168.0.1; + neighbor 192.168.0.2; + neighbor 192.168.0.8; + neighbor 192.168.0.9; + } + } + isis { + source-packet-routing { + srgb start-label 800000 index-range 100000; + node-segment { + ipv4-index 407; + ipv6-index 607; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/1.0 { + point-to-point; + level 2 metric 1000; + } + interface ae0.0 { + point-to-point; + level 2 metric 500; + } + interface lo0.0 { + passive; + } + } + lldp { + interface ae0; + interface ge-0/0/0; + interface ge-0/0/1; + } +} diff --git a/files/srlab/backup/2020-02-21@12:12:43/10.39.0.108.config b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.108.config new file mode 100644 index 0000000..160fcf6 --- /dev/null +++ b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.108.config @@ -0,0 +1,166 @@ + +## Last commit: 2019-03-25 20:05:44 UTC by root +version 17.4R2.4; +system { + host-name srlab-vmx8; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description srlab-vmx9; + unit 0 { + family inet { + address 10.0.0.20/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description srlab-vmx6; + unit 0 { + family inet { + address 10.0.0.17/31; + } + family iso; + family inet6; + family mpls; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.108/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 192.168.0.8/32; + } + family iso { + address 49.0001.0010.0100.1008.00; + } + family inet6 { + address fec0:0:0:1111::8/128; + } + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + router-id 192.168.0.8; + autonomous-system 65000; +} +protocols { + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + bgp { + group Core { + type internal; + local-address 192.168.0.8; + family inet { + unicast; + } + family inet-vpn { + unicast; + } + family inet6 { + unicast; + } + export __Ansible_Core_export; + neighbor 192.168.0.4; + neighbor 192.168.0.7; + } + } + isis { + source-packet-routing { + node-segment { + ipv4-index 408; + ipv6-index 608; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/1.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + } +} +policy-options { + policy-statement __Ansible_Core_export { + term ebgp { + from { + protocol bgp; + external; + } + then { + next-hop self; + accept; + } + } + } +} diff --git a/files/srlab/backup/2020-02-21@12:12:43/10.39.0.109.config b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.109.config new file mode 100644 index 0000000..937a1a8 --- /dev/null +++ b/files/srlab/backup/2020-02-21@12:12:43/10.39.0.109.config @@ -0,0 +1,166 @@ + +## Last commit: 2019-03-25 20:04:57 UTC by root +version 17.4R2.4; +system { + host-name srlab-vmx9; + no-redirects; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description srlab-vmx8; + unit 0 { + family inet { + address 10.0.0.21/31; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description srlab-vmx7; + unit 0 { + family inet { + address 10.0.0.19/31; + } + family iso; + family inet6; + family mpls; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.109/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 192.168.0.9/32; + } + family iso { + address 49.0001.0010.0100.1009.00; + } + family inet6 { + address fec0:0:0:1111::9/128; + } + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + router-id 192.168.0.9; + autonomous-system 65000; +} +protocols { + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + bgp { + group Core { + type internal; + local-address 192.168.0.9; + family inet { + unicast; + } + family inet-vpn { + unicast; + } + family inet6 { + unicast; + } + export __Ansible_Core_export; + neighbor 192.168.0.4; + neighbor 192.168.0.7; + } + } + isis { + source-packet-routing { + node-segment { + ipv4-index 409; + ipv6-index 609; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 metric 1000; + } + interface ge-0/0/1.0 { + point-to-point; + level 2 metric 1000; + } + interface lo0.0 { + passive; + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + } +} +policy-options { + policy-statement __Ansible_Core_export { + term ebgp { + from { + protocol bgp; + external; + } + then { + next-hop self; + accept; + } + } + } +} diff --git a/files/srlab/srlab_nodes.yml b/files/srlab/srlab_nodes.yml new file mode 100644 index 0000000..2e8d97c --- /dev/null +++ b/files/srlab/srlab_nodes.yml @@ -0,0 +1,239 @@ +# +# Nodes in the network +# + + +--- + +common: + bgp_asn: 65000 + gateway: 10.39.0.1 + +nodes: + + srlab-vmx1: + mgmt: 10.39.0.101 + rid: 192.168.0.1 + rid6: fec0:0:0:1111::1 + sid: 401 + sid6: 601 + iso: 49.0001.0010.0100.1001.00 + switches: + - srlab-vmx1-0--srlab-vmx2-0 + - srlab-vmx1-1--srlab-vmx4-1 + - srlab-vmx1-2--srlab-vmx3-0 + links: + ge-0/0/0.0: { ip: 10.0.0.0, remote: srlab-vmx2, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/1.0: { ip: 10.0.0.2, remote: srlab-vmx4, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/2.0: { ip: 10.0.0.22, remote: srlab-vmx3, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + bgp: + ibgp: + peers: + - 192.168.0.4 + - 192.168.0.7 + af: + - inet + - inet6 + - inet-vpn + + srlab-vmx2: + mgmt: 10.39.0.102 + rid: 192.168.0.2 + rid6: fec0:0:0:1111::2 + sid: 402 + sid6: 602 + iso: 49.0001.0010.0100.1002.00 + switches: + - srlab-vmx1-0--srlab-vmx2-0 + - srlab-vmx2-1--srlab-vmx5-1 + links: + ge-0/0/0.0: { ip: 10.0.0.1, remote: srlab-vmx1, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/1.0: { ip: 10.0.0.4, remote: srlab-vmx5, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + bgp: + ibgp: + peers: + - 192.168.0.4 + - 192.168.0.7 + af: + - inet + - inet6 + - inet-vpn + + srlab-vmx3: + mgmt: 10.39.0.103 + rid: 192.168.0.3 + rid6: fec0:0:0:1111::3 + sid: 403 + sid6: 603 + iso: 49.0001.0010.0100.1003.00 + switches: + - srlab-vmx1-2--srlab-vmx3-0 + - srlab-vmx3-1--srlab-vmx6-4 + links: + ge-0/0/0.0: { ip: 10.0.0.23, remote: srlab-vmx1, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/1.0: { ip: 10.0.0.24, remote: srlab-vmx6, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + bgp: + ibgp: + peers: + - 192.168.0.4 + - 192.168.0.7 + af: + - inet + - inet6 + - inet-vpn + + srlab-vmx4: + mgmt: 10.39.0.104 + rid: 192.168.0.4 + rid6: fec0:0:0:1111::4 + sid: 404 + sid6: 604 + iso: 49.0001.0010.0100.1004.00 + switches: + - srlab-vmx1-1--srlab-vmx4-1 + - srlab-vmx4-0--srlab-vmx5-0 + - srlab-vmx4-2--srlab-vmx6-2 + - srlab-vmx4-3--srlab-vmx6-3 + links: + ge-0/0/1.0: { ip: 10.0.0.3, remote: srlab-vmx1, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/0.0: { ip: 10.0.0.6, remote: srlab-vmx5, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/2.0: { ip: 10.0.0.8, remote: srlab-vmx6, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/3.0: { ip: 10.0.0.10, remote: srlab-vmx6, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + bgp: + ibgp: + rr: true + peers: + - 192.168.0.1 + - 192.168.0.2 + - 192.168.0.8 + - 192.168.0.9 + af: + - inet + - inet6 + - inet-vpn + + srlab-vmx5: + mgmt: 10.39.0.105 + rid: 192.168.0.5 + rid6: fec0:0:0:1111::5 + sid: 405 + sid6: 605 + iso: 49.0001.0010.0100.1005.00 + switches: + - srlab-vmx2-1--srlab-vmx5-1 + - srlab-vmx4-0--srlab-vmx5-0 + links: + ge-0/0/1.0: { ip: 10.0.0.5, remote: srlab-vmx2, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/0.0: { ip: 10.0.0.7, remote: srlab-vmx4, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ae0.0: { ip: 10.0.0.12, remote: srlab-vmx7, mask: 31, cost: 500, vlan: 0, mpls: True, iso: True} + bgp: + ibgp: + peers: + - 192.168.0.4 + - 192.168.0.7 + af: + - inet + - inet6 + - inet-vpn + + srlab-vmx6: + mgmt: 10.39.0.106 + rid: 192.168.0.6 + rid6: fec0:0:0:1111::6 + sid: 406 + sid6: 606 + iso: 49.0001.0010.0100.1006.00 + switches: + - srlab-vmx3-1--srlab-vmx6-4 + - srlab-vmx4-2--srlab-vmx6-2 + - srlab-vmx4-3--srlab-vmx6-3 + - srlab-vmx6-0--srlab-vmx7-0 + - srlab-vmx6-1--srlab-vmx8-1 + links: + ge-0/0/4.0: { ip: 10.0.0.25, remote: srlab-vmx3, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/2.0: { ip: 10.0.0.9, remote: srlab-vmx4, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/3.0: { ip: 10.0.0.11, remote: srlab-vmx4, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/0.0: { ip: 10.0.0.14, remote: srlab-vmx7, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/1.0: { ip: 10.0.0.16, remote: srlab-vmx8, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + bgp: + ibgp: + peers: + - 192.168.0.4 + - 192.168.0.7 + af: + - inet + - inet6 + - inet-vpn + + srlab-vmx7: + mgmt: 10.39.0.107 + rid: 192.168.0.7 + rid6: fec0:0:0:1111::7 + sid: 407 + sid6: 607 + iso: 49.0001.0010.0100.1007.00 + switches: + - srlab-vmx6-0--srlab-vmx7-0 + - srlab-vmx7-1--srlab-vmx9-1 + links: + ae0.0: { ip: 10.0.0.13, remote: srlab-vmx5, mask: 31, cost: 500, vlan: 0, mpls: True, iso: True} + ge-0/0/0.0: { ip: 10.0.0.15, remote: srlab-vmx6, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/1.0: { ip: 10.0.0.18, remote: srlab-vmx9, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + bgp: + ibgp: + rr: true + peers: + - 192.168.0.1 + - 192.168.0.2 + - 192.168.0.8 + - 192.168.0.9 + af: + - inet + - inet6 + - inet-vpn + + srlab-vmx8: + mgmt: 10.39.0.108 + rid: 192.168.0.8 + rid6: fec0:0:0:1111::8 + sid: 408 + sid6: 608 + iso: 49.0001.0010.0100.1008.00 + switches: + - srlab-vmx6-1--srlab-vmx8-1 + - srlab-vmx8-0--srlab-vmx9-0 + links: + ge-0/0/1.0: { ip: 10.0.0.17, remote: srlab-vmx6, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/0.0: { ip: 10.0.0.20, remote: srlab-vmx9, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + bgp: + ibgp: + peers: + - 192.168.0.4 + - 192.168.0.7 + af: + - inet + - inet6 + - inet-vpn + + srlab-vmx9: + mgmt: 10.39.0.109 + rid: 192.168.0.9 + rid6: fec0:0:0:1111::9 + sid: 409 + sid6: 609 + iso: 49.0001.0010.0100.1009.00 + switches: + - srlab-vmx7-1--srlab-vmx9-1 + - srlab-vmx8-0--srlab-vmx9-0 + links: + ge-0/0/1.0: { ip: 10.0.0.19, remote: srlab-vmx7, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + ge-0/0/0.0: { ip: 10.0.0.21, remote: srlab-vmx8, mask: 31, cost: 1000, vlan: 0, mpls: True, iso: True} + bgp: + ibgp: + peers: + - 192.168.0.4 + - 192.168.0.7 + af: + - inet + - inet6 + - inet-vpn diff --git a/files/srtut-config/srtut-vmx-config.txt b/files/srtut-config/srtut-vmx-config.txt index 7be50ac..cf76882 100644 --- a/files/srtut-config/srtut-vmx-config.txt +++ b/files/srtut-config/srtut-vmx-config.txt @@ -167,7 +167,14 @@ protocols { } } isis { - level 1 disable; + source-packet-routing { + srgb start-label 1000 index-range 9000; + node-segment { + ipv4-index 410; + ipv6-index 610; + } + } + level 1 disable; level 2 wide-metrics-only; interface ge-0/0/0.0 { point-to-point; diff --git a/files/srtut-config/srtut-vmx1-config.txt b/files/srtut-config/srtut-vmx1-config.txt index 60d7767..4beaa36 100644 --- a/files/srtut-config/srtut-vmx1-config.txt +++ b/files/srtut-config/srtut-vmx1-config.txt @@ -178,7 +178,14 @@ protocols { } } isis { - level 1 disable; + source-packet-routing { + srgb start-label 1000 index-range 9000; + node-segment { + ipv4-index 401; + ipv6-index 601; + } + } + level 1 disable; level 2 wide-metrics-only; interface ge-0/0/0.0 { point-to-point; diff --git a/files/srtut-config/srtut-vmx2-config.txt b/files/srtut-config/srtut-vmx2-config.txt index 7ed8140..6a892d1 100644 --- a/files/srtut-config/srtut-vmx2-config.txt +++ b/files/srtut-config/srtut-vmx2-config.txt @@ -159,7 +159,14 @@ protocols { } } isis { - level 1 disable; + source-packet-routing { + srgb start-label 1000 index-range 9000; + node-segment { + ipv4-index 402; + ipv6-index 602; + } + } + level 1 disable; level 2 wide-metrics-only; interface ge-0/0/1.0 { point-to-point; diff --git a/files/srtut-config/srtut-vmx3-config.txt b/files/srtut-config/srtut-vmx3-config.txt index ff48cbf..c03dfa7 100644 --- a/files/srtut-config/srtut-vmx3-config.txt +++ b/files/srtut-config/srtut-vmx3-config.txt @@ -178,7 +178,14 @@ protocols { } } isis { - level 1 disable; + source-packet-routing { + srgb start-label 1000 index-range 9000; + node-segment { + ipv4-index 403; + ipv6-index 603; + } + } + level 1 disable; level 2 wide-metrics-only; interface ge-0/0/0.0 { point-to-point; diff --git a/files/srtut-config/srtut-vmx4-config.txt b/files/srtut-config/srtut-vmx4-config.txt index 30a747b..33b502e 100644 --- a/files/srtut-config/srtut-vmx4-config.txt +++ b/files/srtut-config/srtut-vmx4-config.txt @@ -178,7 +178,14 @@ protocols { } } isis { - level 1 disable; + source-packet-routing { + srgb start-label 1000 index-range 9000; + node-segment { + ipv4-index 404; + ipv6-index 604; + } + } + level 1 disable; level 2 wide-metrics-only; interface ge-0/0/0.0 { point-to-point; diff --git a/files/srtut-config/srtut-vmx5-config.txt b/files/srtut-config/srtut-vmx5-config.txt index 5acc4c1..286e53f 100644 --- a/files/srtut-config/srtut-vmx5-config.txt +++ b/files/srtut-config/srtut-vmx5-config.txt @@ -178,7 +178,14 @@ protocols { } } isis { - level 1 disable; + source-packet-routing { + srgb start-label 1000 index-range 9000; + node-segment { + ipv4-index 405; + ipv6-index 605; + } + } + level 1 disable; level 2 wide-metrics-only; interface ge-0/0/1.0 { point-to-point; diff --git a/files/srtut-config/srtut-vmx6-config.txt b/files/srtut-config/srtut-vmx6-config.txt index e5736f7..285fe56 100644 --- a/files/srtut-config/srtut-vmx6-config.txt +++ b/files/srtut-config/srtut-vmx6-config.txt @@ -159,7 +159,14 @@ protocols { } } isis { - level 1 disable; + source-packet-routing { + srgb start-label 1000 index-range 9000; + node-segment { + ipv4-index 406; + ipv6-index 606; + } + } + level 1 disable; level 2 wide-metrics-only; interface ge-0/0/3.0 { point-to-point; diff --git a/files/tx-proto-config/backup/proto-ce1_config.2019-12-05@15:01:11 b/files/tx-proto-config/backup/proto-ce1_config.2019-12-05@15:01:11 new file mode 100644 index 0000000..753d8b2 --- /dev/null +++ b/files/tx-proto-config/backup/proto-ce1_config.2019-12-05@15:01:11 @@ -0,0 +1,63 @@ +set version 20190606.224121_builder.r1033375 +set system host-name proto-ce1 +set system root-authentication encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7" +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293" +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh root-login allow +set system services extension-service request-response grpc clear-text +set system services extension-service request-response grpc max-connections 10 +set system services extension-service request-response grpc skip-authentication +set system services netconf ssh +set system services netconf traceoptions file nc.txt +set system services netconf traceoptions file size 1m +set system services netconf traceoptions file world-readable +set system services netconf traceoptions flag all +set system no-redirects +set system syslog user * any emergency +set system syslog file messages any any +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set chassis aggregated-devices ethernet device-count 10 +set chassis network-services enhanced-ip +set interfaces ge-0/0/0 description proto-pe1:ge-0/0/0 +set interfaces ge-0/0/0 gigether-options 802.3ad ae0 +set interfaces ge-0/0/1 description proto-pe2 +set interfaces ge-0/0/1 gigether-options 802.3ad ae0 +set interfaces ge-0/0/2 description vm1 +set interfaces ge-0/0/2 flexible-vlan-tagging +set interfaces ge-0/0/2 native-vlan-id 1 +set interfaces ge-0/0/2 encapsulation flexible-ethernet-services +set interfaces ge-0/0/2 unit 0 encapsulation vlan-bridge +set interfaces ge-0/0/2 unit 0 vlan-id 1 +set interfaces ae0 flexible-vlan-tagging +set interfaces ae0 encapsulation flexible-ethernet-services +set interfaces ae0 aggregated-ether-options lacp active +set interfaces ae0 unit 100 description vlan100:EVPN1-to-PE1.PE2-VL100 +set interfaces ae0 unit 100 encapsulation vlan-bridge +set interfaces ae0 unit 100 vlan-id 100 +set interfaces fxp0 description "OOB to MGMT Network" +set interfaces fxp0 unit 0 family inet address 10.39.0.166/20 +set interfaces lo0 unit 0 family inet address 11.11.11.11/32 +set interfaces lo0 unit 0 family inet6 address fec0:0:0:1111::11/128 +set policy-options policy-statement LOAD-BALANCE then load-balance per-packet +set routing-instances EVPN1-to-CE2-VL100 instance-type virtual-router +set routing-instances EVPN1-to-CE2-VL100 interface ge-0/0/0.100 +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options forwarding-table export LOAD-BALANCE +set routing-options router-id 11.11.11.11 +set routing-options autonomous-system 65000 +set protocols mpls interface ge-0/0/0.0 +set protocols mpls interface ge-0/0/1.0 +set protocols lldp port-id-subtype interface-name +set protocols lldp port-description-type interface-alias +set protocols lldp neighbour-port-info-display port-id +set protocols lldp interface ge-0/0/0 +set protocols lldp interface ge-0/0/1 +set protocols lldp interface ge-0/0/2 +set bridge-domains VM1-Untagged vlan-id none +set bridge-domains VM1-Untagged interface ge-0/0/2.0 +set bridge-domains VM1-Untagged interface ae0.100 \ No newline at end of file diff --git a/files/tx-proto-config/backup/proto-ce2_config.2019-12-05@15:01:06 b/files/tx-proto-config/backup/proto-ce2_config.2019-12-05@15:01:06 new file mode 100644 index 0000000..f3f9114 --- /dev/null +++ b/files/tx-proto-config/backup/proto-ce2_config.2019-12-05@15:01:06 @@ -0,0 +1,62 @@ +set version 20190606.224121_builder.r1033375 +set system host-name proto-ce2 +set system root-authentication encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7" +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293" +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh root-login allow +set system services extension-service request-response grpc clear-text +set system services extension-service request-response grpc max-connections 10 +set system services extension-service request-response grpc skip-authentication +set system services netconf ssh +set system services netconf traceoptions file nc.txt +set system services netconf traceoptions file size 1m +set system services netconf traceoptions file world-readable +set system services netconf traceoptions flag all +set system no-redirects +set system syslog user * any emergency +set system syslog file messages any any +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set chassis aggregated-devices ethernet device-count 10 +set chassis network-services enhanced-ip +set interfaces ge-0/0/0 description proto-pe3 +set interfaces ge-0/0/0 gigether-options 802.3ad ae0 +set interfaces ge-0/0/1 description proto-pe4 +set interfaces ge-0/0/1 gigether-options 802.3ad ae0 +set interfaces ge-0/0/2 description vm2 +set interfaces ge-0/0/2 flexible-vlan-tagging +set interfaces ge-0/0/2 native-vlan-id 1 +set interfaces ge-0/0/2 encapsulation flexible-ethernet-services +set interfaces ge-0/0/2 unit 0 encapsulation vlan-bridge +set interfaces ge-0/0/2 unit 0 vlan-id 1 +set interfaces ae0 flexible-vlan-tagging +set interfaces ae0 encapsulation flexible-ethernet-services +set interfaces ae0 mac 00:00:00:00:00:22 +set interfaces ae0 aggregated-ether-options lacp active +set interfaces ae0 unit 100 description vlan100:EVPN1-to-CE3.CE4-VL100 +set interfaces ae0 unit 100 encapsulation vlan-bridge +set interfaces ae0 unit 100 vlan-id 100 +set interfaces fxp0 description "OOB to MGMT Network" +set interfaces fxp0 unit 0 family inet address 10.39.0.167/20 +set interfaces lo0 unit 0 family inet address 22.22.22.22/32 +set interfaces lo0 unit 0 family inet6 address fec0:0:0:1111::22/128 +set policy-options policy-statement LOAD-BALANCE then load-balance per-packet +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options forwarding-table export LOAD-BALANCE +set routing-options router-id 22.22.22.22 +set routing-options autonomous-system 65000 +set protocols mpls interface ge-0/0/0.0 +set protocols mpls interface ge-0/0/1.0 +set protocols lldp port-id-subtype interface-name +set protocols lldp port-description-type interface-alias +set protocols lldp neighbour-port-info-display port-id +set protocols lldp interface ge-0/0/0 +set protocols lldp interface ge-0/0/1 +set protocols lldp interface ge-0/0/2 +set bridge-domains VM2-Untagged vlan-id none +set bridge-domains VM2-Untagged interface ge-0/0/2.0 +set bridge-domains VM2-Untagged interface ae0.100 \ No newline at end of file diff --git a/files/tx-proto-config/backup/proto-ce3_config.2019-12-05@15:01:08 b/files/tx-proto-config/backup/proto-ce3_config.2019-12-05@15:01:08 new file mode 100644 index 0000000..163ca56 --- /dev/null +++ b/files/tx-proto-config/backup/proto-ce3_config.2019-12-05@15:01:08 @@ -0,0 +1,45 @@ +set version 20190606.224121_builder.r1033375 +set system host-name proto-ce3 +set system root-authentication encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7" +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293" +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh root-login allow +set system services extension-service request-response grpc clear-text +set system services extension-service request-response grpc max-connections 10 +set system services extension-service request-response grpc skip-authentication +set system services netconf ssh +set system services netconf traceoptions file nc.txt +set system services netconf traceoptions file size 1m +set system services netconf traceoptions file world-readable +set system services netconf traceoptions flag all +set system no-redirects +set system syslog user * any emergency +set system syslog file messages any any +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set chassis network-services enhanced-ip +set interfaces ge-0/0/0 description proto-pe2 +set interfaces ge-0/0/0 unit 0 family inet address 192.168.33.33/24 +set interfaces ge-0/0/0 unit 0 family inet6 +set interfaces fxp0 description "OOB to MGMT Network" +set interfaces fxp0 unit 0 family inet address 10.39.0.168/20 +set interfaces lo0 unit 0 family inet address 33.33.33.33/32 +set interfaces lo0 unit 0 family inet6 address fec0:0:0:1111::22/128 +set policy-options policy-statement LOAD-BALANCE then load-balance per-packet +set policy-options policy-statement send-direct term 1 from protocol direct +set policy-options policy-statement send-direct term 1 then accept +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options forwarding-table export LOAD-BALANCE +set routing-options router-id 33.33.33.33 +set routing-options autonomous-system 65033 +set protocols bgp group ebgp type external +set protocols bgp group ebgp local-address 192.168.33.33 +set protocols bgp group ebgp family inet unicast +set protocols bgp group ebgp export send-direct +set protocols bgp group ebgp peer-as 65000 +set protocols bgp group ebgp neighbor 192.168.33.2 +set protocols lldp interface ge-0/0/0 \ No newline at end of file diff --git a/files/tx-proto-config/backup/proto-ce4_config.2019-12-05@15:01:14 b/files/tx-proto-config/backup/proto-ce4_config.2019-12-05@15:01:14 new file mode 100644 index 0000000..b3399c4 --- /dev/null +++ b/files/tx-proto-config/backup/proto-ce4_config.2019-12-05@15:01:14 @@ -0,0 +1,46 @@ +set version 20190606.224121_builder.r1033375 +set system host-name proto-ce4 +set system root-authentication encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7" +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293" +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh root-login allow +set system services extension-service request-response grpc clear-text +set system services extension-service request-response grpc max-connections 10 +set system services extension-service request-response grpc skip-authentication +set system services netconf ssh +set system services netconf traceoptions file nc.txt +set system services netconf traceoptions file size 1m +set system services netconf traceoptions file world-readable +set system services netconf traceoptions flag all +set system no-redirects +set system syslog user * any emergency +set system syslog file messages any any +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set chassis network-services enhanced-ip +set interfaces ge-0/0/0 description proto-pe3 +set interfaces ge-0/0/0 unit 0 family inet address 192.168.44.44/24 +set interfaces ge-0/0/0 unit 0 family inet6 +set interfaces fxp0 description "OOB to MGMT Network" +set interfaces fxp0 unit 0 family inet address 10.39.0.169/20 +set interfaces lo0 unit 0 family inet address 44.44.44.44/32 +set interfaces lo0 unit 0 family inet6 address fec0:0:0:1111::22/128 +set policy-options policy-statement LOAD-BALANCE then load-balance per-packet +set policy-options policy-statement send-direct term 1 from protocol direct +set policy-options policy-statement send-direct term 1 then accept +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options forwarding-table export LOAD-BALANCE +set routing-options router-id 44.44.44.44 +set routing-options autonomous-system 65044 +set protocols mpls interface ge-0/0/0.0 +set protocols bgp group ebgp type external +set protocols bgp group ebgp local-address 192.168.44.44 +set protocols bgp group ebgp family inet unicast +set protocols bgp group ebgp export send-direct +set protocols bgp group ebgp peer-as 65000 +set protocols bgp group ebgp neighbor 192.168.44.3 +set protocols lldp interface ge-0/0/0 \ No newline at end of file diff --git a/files/tx-proto-config/backup/proto-p5_config.2019-12-05@15:00:45 b/files/tx-proto-config/backup/proto-p5_config.2019-12-05@15:00:45 new file mode 100644 index 0000000..3e9b144 --- /dev/null +++ b/files/tx-proto-config/backup/proto-p5_config.2019-12-05@15:00:45 @@ -0,0 +1,115 @@ +set version 20190606.224121_builder.r1033375 +set system host-name proto-p5 +set system root-authentication encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7" +set system login class ciena permissions access +set system login class ciena permissions admin +set system login class ciena permissions firewall +set system login class ciena permissions interface +set system login class ciena permissions routing +set system login class ciena permissions snmp +set system login class ciena permissions system +set system login class ciena permissions trace +set system login class ciena permissions view +set system login user ciena uid 2000 +set system login user ciena class ciena +set system login user ciena authentication encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J." +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293" +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh root-login allow +set system services extension-service request-response grpc clear-text +set system services extension-service request-response grpc max-connections 10 +set system services extension-service request-response grpc skip-authentication +set system services netconf ssh +set system services netconf traceoptions file nc.txt +set system services netconf traceoptions file size 1m +set system services netconf traceoptions file world-readable +set system services netconf traceoptions flag all +set system no-redirects +set system syslog user * any emergency +set system syslog file messages any any +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set chassis fpc 0 pic 0 tunnel-services +set chassis network-services enhanced-ip +set services analytics streaming-server ROA remote-address 10.39.16.2 +set services analytics streaming-server ROA remote-port 22222 +set services analytics export-profile ROA-export local-address 5.5.5.5 +set services analytics export-profile ROA-export local-port 21111 +set services analytics export-profile ROA-export reporting-rate 10 +set services analytics export-profile ROA-export format gpb +set services analytics export-profile ROA-export transport udp +set services analytics sensor sensor1 server-name ROA +set services analytics sensor sensor1 export-name ROA-export +set services analytics sensor sensor1 resource /junos/system/linecard/interface/ +set services analytics sensor sensor2 server-name ROA +set services analytics sensor sensor2 export-name ROA-export +set services analytics sensor sensor2 resource /junos/system/linecard/interface/logical/usage/ +set interfaces ge-0/0/0 description proto-pe1 +set interfaces ge-0/0/0 unit 0 family inet address 10.0.15.5/24 +set interfaces ge-0/0/0 unit 0 family iso +set interfaces ge-0/0/0 unit 0 family inet6 +set interfaces ge-0/0/0 unit 0 family mpls +set interfaces gr-0/0/0 unit 0 tunnel source 10.39.16.1 +set interfaces gr-0/0/0 unit 0 tunnel destination 10.39.16.2 +set interfaces gr-0/0/0 unit 0 family inet address 10.39.16.253/30 +set interfaces gr-0/0/0 unit 0 family iso +set interfaces ge-0/0/1 description proto-pe3 +set interfaces ge-0/0/1 unit 0 family inet address 10.0.35.5/24 +set interfaces ge-0/0/1 unit 0 family iso +set interfaces ge-0/0/1 unit 0 family inet6 +set interfaces ge-0/0/1 unit 0 family mpls +set interfaces ge-0/0/2 description to_Ciena_CENI +set interfaces ge-0/0/2 unit 0 family inet address 10.39.16.1/29 +set interfaces ge-0/0/2 unit 0 family iso +set interfaces fxp0 description "OOB to MGMT Network" +set interfaces fxp0 unit 0 family inet address 10.39.0.165/20 +set interfaces lo0 unit 0 family inet address 5.5.5.5/32 +set interfaces lo0 unit 0 family iso address 49.0001.0010.0100.1005.00 +set interfaces lo0 unit 0 family inet6 address fec0:0:0:1111::5/128 +set snmp community public +set policy-options policy-statement LOAD-BALANCE then load-balance per-packet +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options forwarding-table export LOAD-BALANCE +set routing-options router-id 5.5.5.5 +set routing-options autonomous-system 65000 +set protocols isis backup-spf-options use-post-convergence-lfa +set protocols isis source-packet-routing srgb start-label 16000 +set protocols isis source-packet-routing srgb index-range 8000 +set protocols isis source-packet-routing node-segment ipv4-index 405 +set protocols isis source-packet-routing node-segment ipv6-index 605 +set protocols isis level 1 disable +set protocols isis level 2 wide-metrics-only +set protocols isis interface ge-0/0/0.0 point-to-point +set protocols isis interface ge-0/0/0.0 level 2 metric 1000 +set protocols isis interface ge-0/0/0.0 level 2 post-convergence-lfa node-protection +set protocols isis interface gr-0/0/0.0 +set protocols isis interface ge-0/0/1.0 point-to-point +set protocols isis interface ge-0/0/1.0 level 2 metric 1000 +set protocols isis interface ge-0/0/1.0 level 2 post-convergence-lfa node-protection +set protocols isis interface ge-0/0/2.0 passive +set protocols isis interface lo0.0 passive +set protocols isis traceoptions file isis +set protocols isis traceoptions file size 10m +set protocols isis traceoptions file files 10 +set protocols isis traceoptions file world-readable +set protocols isis traceoptions flag all +set protocols mpls icmp-tunneling +set protocols mpls interface ge-0/0/0.0 +set protocols mpls interface ge-0/0/1.0 +set protocols bgp group ibgp type internal +set protocols bgp group ibgp family inet-vpn unicast +set protocols bgp group ibgp family evpn signaling +set protocols bgp group ibgp cluster 5.5.5.5 +set protocols bgp group ibgp neighbor 1.1.1.1 +set protocols bgp group ibgp neighbor 2.2.2.2 +set protocols bgp group ibgp neighbor 3.3.3.3 +set protocols bgp group ibgp neighbor 4.4.4.4 +set protocols bgp group ibgp neighbor 10.39.16.2 local-address 10.39.16.1 +set protocols bgp group ibgp neighbor 10.39.16.2 family inet-vpn unicast add-path send path-count 6 +set protocols lldp interface ge-0/0/0 +set protocols lldp interface ge-0/0/1 +set protocols lldp interface ge-0/0/2 \ No newline at end of file diff --git a/files/tx-proto-config/backup/proto-pe1_config.2019-12-05@15:00:50 b/files/tx-proto-config/backup/proto-pe1_config.2019-12-05@15:00:50 new file mode 100644 index 0000000..5646d50 --- /dev/null +++ b/files/tx-proto-config/backup/proto-pe1_config.2019-12-05@15:00:50 @@ -0,0 +1,113 @@ +set version 20190606.224121_builder.r1033375 +set system host-name proto-pe1 +set system root-authentication encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7" +set system login class ciena permissions access +set system login class ciena permissions admin +set system login class ciena permissions firewall +set system login class ciena permissions interface +set system login class ciena permissions routing +set system login class ciena permissions snmp +set system login class ciena permissions system +set system login class ciena permissions trace +set system login class ciena permissions view +set system login user ciena uid 2000 +set system login user ciena class ciena +set system login user ciena authentication encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J." +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293" +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh root-login allow +set system services extension-service request-response grpc clear-text +set system services extension-service request-response grpc max-connections 10 +set system services extension-service request-response grpc skip-authentication +set system services netconf ssh +set system services netconf traceoptions file nc.txt +set system services netconf traceoptions file size 1m +set system services netconf traceoptions file world-readable +set system services netconf traceoptions flag all +set system no-redirects +set system syslog user * any emergency +set system syslog file messages any any +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set chassis aggregated-devices ethernet device-count 10 +set chassis network-services enhanced-ip +set interfaces ge-0/0/0 description ce1:ge-0/0/0 +set interfaces ge-0/0/0 gigether-options 802.3ad ae0 +set interfaces ge-0/0/1 description proto-p5 +set interfaces ge-0/0/1 unit 0 family inet address 10.0.15.1/24 +set interfaces ge-0/0/1 unit 0 family iso +set interfaces ge-0/0/1 unit 0 family inet6 +set interfaces ge-0/0/1 unit 0 family mpls +set interfaces ge-0/0/2 description proto-pe2 +set interfaces ge-0/0/2 unit 0 family inet address 10.0.12.1/24 +set interfaces ge-0/0/2 unit 0 family iso +set interfaces ge-0/0/2 unit 0 family inet6 +set interfaces ge-0/0/2 unit 0 family mpls +set interfaces ge-0/0/3 description proto-pe3 +set interfaces ge-0/0/3 unit 0 family inet address 10.0.13.1/24 +set interfaces ge-0/0/3 unit 0 family iso +set interfaces ge-0/0/3 unit 0 family inet6 +set interfaces ge-0/0/3 unit 0 family mpls +set interfaces ae0 flexible-vlan-tagging +set interfaces ae0 encapsulation flexible-ethernet-services +set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 +set interfaces ae0 esi all-active +set interfaces ae0 aggregated-ether-options lacp active +set interfaces ae0 aggregated-ether-options lacp system-id 00:01:02:03:04:05 +set interfaces ae0 unit 100 description VLAN100:EVPN1 +set interfaces ae0 unit 100 encapsulation vlan-bridge +set interfaces ae0 unit 100 vlan-id 100 +set interfaces fxp0 description "OOB to MGMT Network" +set interfaces fxp0 unit 0 family inet address 10.39.0.161/20 +set interfaces lo0 unit 0 family inet address 1.1.1.1/32 +set interfaces lo0 unit 0 family iso address 49.0001.0010.0100.1001.00 +set interfaces lo0 unit 0 family inet6 address fec0:0:0:1111::1/128 +set snmp community public +set policy-options policy-statement LOAD-BALANCE then load-balance per-packet +set routing-instances EVPN1 instance-type evpn +set routing-instances EVPN1 protocols evpn encapsulation mpls +set routing-instances EVPN1 interface ae0.100 +set routing-instances EVPN1 route-distinguisher 1.1.1.1:12121 +set routing-instances EVPN1 vrf-target target:65000:12121 +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options forwarding-table export LOAD-BALANCE +set routing-options router-id 1.1.1.1 +set routing-options autonomous-system 65000 +set protocols isis backup-spf-options use-post-convergence-lfa +set protocols isis traffic-engineering igp-topology +set protocols isis source-packet-routing srgb start-label 16000 +set protocols isis source-packet-routing srgb index-range 8000 +set protocols isis source-packet-routing node-segment ipv4-index 401 +set protocols isis source-packet-routing node-segment ipv6-index 601 +set protocols isis level 1 disable +set protocols isis level 2 wide-metrics-only +set protocols isis interface ge-0/0/1.0 point-to-point +set protocols isis interface ge-0/0/1.0 level 2 metric 1000 +set protocols isis interface ge-0/0/1.0 level 2 post-convergence-lfa node-protection +set protocols isis interface ge-0/0/2.0 point-to-point +set protocols isis interface ge-0/0/2.0 level 2 metric 1000 +set protocols isis interface ge-0/0/2.0 level 2 post-convergence-lfa node-protection +set protocols isis interface ge-0/0/3.0 point-to-point +set protocols isis interface ge-0/0/3.0 level 2 metric 1000 +set protocols isis interface ge-0/0/3.0 level 2 post-convergence-lfa node-protection +set protocols isis interface lo0.0 passive +set protocols mpls icmp-tunneling +set protocols mpls interface ge-0/0/1.0 +set protocols mpls interface ge-0/0/2.0 +set protocols mpls interface ge-0/0/3.0 +set protocols bgp group ibgp type internal +set protocols bgp group ibgp local-address 1.1.1.1 +set protocols bgp group ibgp family inet-vpn unicast +set protocols bgp group ibgp family evpn signaling +set protocols bgp group ibgp neighbor 5.5.5.5 +set protocols lldp port-id-subtype interface-name +set protocols lldp port-description-type interface-alias +set protocols lldp neighbour-port-info-display port-id +set protocols lldp interface ge-0/0/0 +set protocols lldp interface ge-0/0/1 +set protocols lldp interface ge-0/0/2 +set protocols lldp interface ge-0/0/3 \ No newline at end of file diff --git a/files/tx-proto-config/backup/proto-pe2_config.2019-12-05@15:00:53 b/files/tx-proto-config/backup/proto-pe2_config.2019-12-05@15:00:53 new file mode 100644 index 0000000..647c3f2 --- /dev/null +++ b/files/tx-proto-config/backup/proto-pe2_config.2019-12-05@15:00:53 @@ -0,0 +1,132 @@ +set version 20190606.224121_builder.r1033375 +set system host-name proto-pe2 +set system root-authentication encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7" +set system login class ciena permissions access +set system login class ciena permissions admin +set system login class ciena permissions firewall +set system login class ciena permissions interface +set system login class ciena permissions routing +set system login class ciena permissions snmp +set system login class ciena permissions system +set system login class ciena permissions trace +set system login class ciena permissions view +set system login user ciena uid 2000 +set system login user ciena class ciena +set system login user ciena authentication encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J." +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293" +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh root-login allow +set system services extension-service request-response grpc clear-text +set system services extension-service request-response grpc max-connections 10 +set system services extension-service request-response grpc skip-authentication +set system services netconf ssh +set system services netconf traceoptions file nc.txt +set system services netconf traceoptions file size 1m +set system services netconf traceoptions file world-readable +set system services netconf traceoptions flag all +set system no-redirects +set system syslog user * any emergency +set system syslog file messages any any +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set chassis aggregated-devices ethernet device-count 10 +set chassis network-services enhanced-ip +set interfaces ge-0/0/0 description ce1 +set interfaces ge-0/0/0 gigether-options 802.3ad ae0 +set interfaces ge-0/0/1 description proto-pe4 +set interfaces ge-0/0/1 unit 0 family inet address 10.0.24.2/24 +set interfaces ge-0/0/1 unit 0 family iso +set interfaces ge-0/0/1 unit 0 family inet6 +set interfaces ge-0/0/1 unit 0 family mpls +set interfaces ge-0/0/2 description proto-pe1 +set interfaces ge-0/0/2 unit 0 family inet address 10.0.12.2/24 +set interfaces ge-0/0/2 unit 0 family iso +set interfaces ge-0/0/2 unit 0 family inet6 +set interfaces ge-0/0/2 unit 0 family mpls +set interfaces ge-0/0/3 description proto-ce3 +set interfaces ge-0/0/3 unit 0 family inet address 192.168.33.2/24 +set interfaces ge-0/0/3 unit 0 family inet6 +set interfaces ae0 vlan-tagging +set interfaces ae0 encapsulation flexible-ethernet-services +set interfaces ae0 esi 00:11:11:11:11:11:11:11:11:11 +set interfaces ae0 esi all-active +set interfaces ae0 aggregated-ether-options lacp active +set interfaces ae0 aggregated-ether-options lacp system-id 00:01:02:03:04:05 +set interfaces ae0 unit 100 encapsulation vlan-bridge +set interfaces ae0 unit 100 vlan-id 100 +set interfaces fxp0 description "OOB to MGMT Network" +set interfaces fxp0 unit 0 family inet address 10.39.0.162/20 +set interfaces lo0 unit 0 family inet address 2.2.2.2/32 +set interfaces lo0 unit 0 family iso address 49.0001.0010.0100.1002.00 +set interfaces lo0 unit 0 family inet6 address fec0:0:0:1111::2/128 +set snmp community public +set policy-options policy-statement LOAD-BALANCE then load-balance per-packet +set policy-options policy-statement color-import then resolution-map color +set policy-options policy-statement color200 term 0 then community add color200 +set policy-options policy-statement color200 term 0 then community add target200 +set policy-options policy-statement color200 term 0 then accept +set policy-options community color200 members color:0:200 +set policy-options community target200 members target:200:200 +set policy-options resolution-map color mode ip-color +set routing-instances EVPN1 instance-type evpn +set routing-instances EVPN1 protocols evpn encapsulation mpls +set routing-instances EVPN1 interface ae0.100 +set routing-instances EVPN1 route-distinguisher 1.1.1.1:12121 +set routing-instances EVPN1 vrf-target target:65000:12121 +set routing-instances l3vpn instance-type vrf +set routing-instances l3vpn protocols bgp group ebgp type external +set routing-instances l3vpn protocols bgp group ebgp local-address 192.168.33.2 +set routing-instances l3vpn protocols bgp group ebgp family inet unicast +set routing-instances l3vpn protocols bgp group ebgp peer-as 65033 +set routing-instances l3vpn protocols bgp group ebgp neighbor 192.168.33.33 +set routing-instances l3vpn interface ge-0/0/3.0 +set routing-instances l3vpn route-distinguisher 2.2.2.2:200 +set routing-instances l3vpn vrf-export color200 +deactivate routing-instances l3vpn vrf-export +set routing-instances l3vpn vrf-target target:200:200 +set routing-instances l3vpn vrf-table-label +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options forwarding-table export LOAD-BALANCE +set routing-options router-id 2.2.2.2 +set routing-options autonomous-system 65000 +set protocols isis backup-spf-options use-post-convergence-lfa +set protocols isis traffic-engineering igp-topology +set protocols isis source-packet-routing srgb start-label 16000 +set protocols isis source-packet-routing srgb index-range 8000 +set protocols isis source-packet-routing node-segment ipv4-index 402 +set protocols isis source-packet-routing node-segment ipv6-index 602 +set protocols isis level 1 disable +set protocols isis level 2 wide-metrics-only +set protocols isis interface ge-0/0/1.0 point-to-point +set protocols isis interface ge-0/0/1.0 level 2 metric 1000 +set protocols isis interface ge-0/0/1.0 level 2 post-convergence-lfa node-protection +set protocols isis interface ge-0/0/2.0 point-to-point +set protocols isis interface ge-0/0/2.0 level 2 metric 1000 +set protocols isis interface ge-0/0/2.0 level 2 post-convergence-lfa node-protection +set protocols isis interface lo0.0 passive +set protocols mpls icmp-tunneling +set protocols mpls interface ge-0/0/1.0 +set protocols mpls interface ge-0/0/2.0 +set protocols source-packet-routing segment-list via-p5-pe3 auto-translate +set protocols source-packet-routing segment-list via-p5-pe3 hop1 ip-address 5.5.5.5 +set protocols source-packet-routing segment-list via-p5-pe3 hop1 label-type node +set protocols source-packet-routing segment-list via-p5-pe3 hop2 ip-address 3.3.3.3 +set protocols source-packet-routing segment-list via-p5-pe3 hop2 label-type node +set protocols source-packet-routing source-routing-path via-p5-pe3 to 3.3.3.3 +set protocols source-packet-routing source-routing-path via-p5-pe3 color 200 +set protocols source-packet-routing source-routing-path via-p5-pe3 primary via-p5-pe3 +set protocols source-packet-routing inherit-label-nexthops +set protocols bgp group ibgp type internal +set protocols bgp group ibgp local-address 2.2.2.2 +set protocols bgp group ibgp import color-import +set protocols bgp group ibgp family inet-vpn unicast +set protocols bgp group ibgp family evpn signaling +set protocols bgp group ibgp neighbor 5.5.5.5 +set protocols lldp interface ge-0/0/0 +set protocols lldp interface ge-0/0/1 +set protocols lldp interface ge-0/0/2 +set protocols lldp interface ge-0/0/3 \ No newline at end of file diff --git a/files/tx-proto-config/backup/proto-pe3_config.2019-12-05@15:00:50 b/files/tx-proto-config/backup/proto-pe3_config.2019-12-05@15:00:50 new file mode 100644 index 0000000..1818804 --- /dev/null +++ b/files/tx-proto-config/backup/proto-pe3_config.2019-12-05@15:00:50 @@ -0,0 +1,144 @@ +set version 20190606.224121_builder.r1033375 +set system host-name proto-pe3 +set system root-authentication encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7" +set system login class ciena permissions access +set system login class ciena permissions admin +set system login class ciena permissions firewall +set system login class ciena permissions interface +set system login class ciena permissions routing +set system login class ciena permissions snmp +set system login class ciena permissions system +set system login class ciena permissions trace +set system login class ciena permissions view +set system login user ciena uid 2000 +set system login user ciena class ciena +set system login user ciena authentication encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J." +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293" +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh root-login allow +set system services extension-service request-response grpc clear-text +set system services extension-service request-response grpc max-connections 10 +set system services extension-service request-response grpc skip-authentication +set system services netconf ssh +set system services netconf traceoptions file nc.txt +set system services netconf traceoptions file size 1m +set system services netconf traceoptions file world-readable +set system services netconf traceoptions flag all +set system no-redirects +set system syslog user * any emergency +set system syslog file messages any any +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set chassis aggregated-devices ethernet device-count 10 +set chassis network-services enhanced-ip +set interfaces ge-0/0/0 description proto-p5 +set interfaces ge-0/0/0 unit 0 family inet address 10.0.35.3/24 +set interfaces ge-0/0/0 unit 0 family iso +set interfaces ge-0/0/0 unit 0 family inet6 +set interfaces ge-0/0/0 unit 0 family mpls +set interfaces ge-0/0/1 description ce1:ge-0/0/0 +set interfaces ge-0/0/1 gigether-options 802.3ad ae0 +set interfaces ge-0/0/2 description proto-pe4 +set interfaces ge-0/0/2 unit 0 family inet address 10.0.34.3/24 +set interfaces ge-0/0/2 unit 0 family iso +set interfaces ge-0/0/2 unit 0 family inet6 +set interfaces ge-0/0/2 unit 0 family mpls +set interfaces ge-0/0/3 description proto-pe1 +set interfaces ge-0/0/3 unit 0 family inet address 10.0.13.3/24 +set interfaces ge-0/0/3 unit 0 family iso +set interfaces ge-0/0/3 unit 0 family inet6 +set interfaces ge-0/0/3 unit 0 family mpls +set interfaces ge-0/0/4 description proto-ce4 +set interfaces ge-0/0/4 unit 0 family inet address 192.168.44.3/24 +set interfaces ge-0/0/4 unit 0 family inet6 +set interfaces ae0 vlan-tagging +set interfaces ae0 encapsulation flexible-ethernet-services +set interfaces ae0 esi 00:33:33:33:33:33:33:33:33:33 +set interfaces ae0 esi all-active +set interfaces ae0 aggregated-ether-options lacp active +set interfaces ae0 aggregated-ether-options lacp system-id 00:01:02:03:04:06 +set interfaces ae0 unit 100 encapsulation vlan-bridge +set interfaces ae0 unit 100 vlan-id 100 +set interfaces fxp0 description "OOB to MGMT Network" +set interfaces fxp0 unit 0 family inet address 10.39.0.163/20 +set interfaces lo0 unit 0 family inet address 3.3.3.3/32 +set interfaces lo0 unit 0 family iso address 49.0001.0010.0100.1003.00 +set interfaces lo0 unit 0 family inet6 address fec0:0:0:1111::3/128 +set snmp community public +set policy-options policy-statement LOAD-BALANCE then load-balance per-packet +set policy-options policy-statement color-import then resolution-map color +set policy-options policy-statement color200 term 0 then community add color200 +set policy-options policy-statement color200 term 0 then community add target200 +set policy-options policy-statement color200 term 0 then accept +set policy-options community color200 members color:0:200 +set policy-options community target200 members target:200:200 +set policy-options resolution-map color mode ip-color +set routing-instances EVPN1 instance-type evpn +set routing-instances EVPN1 protocols evpn encapsulation mpls +set routing-instances EVPN1 interface ae0.100 +set routing-instances EVPN1 route-distinguisher 3.3.3.3:12121 +set routing-instances EVPN1 vrf-target target:65000:12121 +set routing-instances l3vpn instance-type vrf +set routing-instances l3vpn protocols bgp group ebgp type external +set routing-instances l3vpn protocols bgp group ebgp local-address 192.168.44.3 +set routing-instances l3vpn protocols bgp group ebgp family inet unicast +set routing-instances l3vpn protocols bgp group ebgp peer-as 65044 +set routing-instances l3vpn protocols bgp group ebgp neighbor 192.168.44.44 +set routing-instances l3vpn interface ge-0/0/4.0 +set routing-instances l3vpn route-distinguisher 3.3.3.3:200 +set routing-instances l3vpn vrf-export color200 +deactivate routing-instances l3vpn vrf-export +set routing-instances l3vpn vrf-target target:200:200 +set routing-instances l3vpn vrf-table-label +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options forwarding-table export LOAD-BALANCE +set routing-options router-id 3.3.3.3 +set routing-options autonomous-system 65000 +set protocols isis backup-spf-options use-post-convergence-lfa +set protocols isis traffic-engineering igp-topology +set protocols isis source-packet-routing srgb start-label 16000 +set protocols isis source-packet-routing srgb index-range 8000 +set protocols isis source-packet-routing node-segment ipv4-index 403 +set protocols isis source-packet-routing node-segment ipv6-index 603 +set protocols isis level 1 disable +set protocols isis level 2 wide-metrics-only +set protocols isis interface ge-0/0/0.0 point-to-point +set protocols isis interface ge-0/0/0.0 level 2 metric 1000 +set protocols isis interface ge-0/0/0.0 level 2 post-convergence-lfa node-protection +set protocols isis interface ge-0/0/2.0 point-to-point +set protocols isis interface ge-0/0/2.0 level 2 metric 1000 +set protocols isis interface ge-0/0/2.0 level 2 post-convergence-lfa node-protection +set protocols isis interface ge-0/0/3.0 point-to-point +set protocols isis interface ge-0/0/3.0 level 2 metric 1000 +set protocols isis interface ge-0/0/3.0 level 2 post-convergence-lfa node-protection +set protocols isis interface lo0.0 passive +set protocols mpls icmp-tunneling +set protocols mpls interface ge-0/0/0.0 +set protocols mpls interface ge-0/0/2.0 +set protocols mpls interface ge-0/0/3.0 +set protocols source-packet-routing segment-list via-p5-pe2 auto-translate +set protocols source-packet-routing segment-list via-p5-pe2 hop1 ip-address 5.5.5.5 +set protocols source-packet-routing segment-list via-p5-pe2 hop1 label-type node +set protocols source-packet-routing segment-list via-p5-pe2 hop2 ip-address 2.2.2.2 +set protocols source-packet-routing segment-list via-p5-pe2 hop2 label-type node +set protocols source-packet-routing source-routing-path via-p5-pe2 to 2.2.2.2 +set protocols source-packet-routing source-routing-path via-p5-pe2 color 200 +set protocols source-packet-routing source-routing-path via-p5-pe2 primary via-p5-pe2 +set protocols source-packet-routing inherit-label-nexthops +set protocols bgp group ibgp type internal +set protocols bgp group ibgp local-address 3.3.3.3 +set protocols bgp group ibgp family inet-vpn unicast +set protocols bgp group ibgp family evpn signaling +set protocols bgp group ibgp neighbor 5.5.5.5 +set protocols lldp port-id-subtype interface-name +set protocols lldp port-description-type interface-alias +set protocols lldp neighbour-port-info-display port-id +set protocols lldp interface ge-0/0/0 +set protocols lldp interface ge-0/0/1 +set protocols lldp interface ge-0/0/2 +set protocols lldp interface ge-0/0/3 +set protocols lldp interface ge-0/0/4 \ No newline at end of file diff --git a/files/tx-proto-config/backup/proto-pe4_config.2019-12-05@15:00:47 b/files/tx-proto-config/backup/proto-pe4_config.2019-12-05@15:00:47 new file mode 100644 index 0000000..8ef3323 --- /dev/null +++ b/files/tx-proto-config/backup/proto-pe4_config.2019-12-05@15:00:47 @@ -0,0 +1,99 @@ +set version 20190606.224121_builder.r1033375 +set system host-name proto-pe4 +set system root-authentication encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7" +set system login class ciena permissions access +set system login class ciena permissions admin +set system login class ciena permissions firewall +set system login class ciena permissions interface +set system login class ciena permissions routing +set system login class ciena permissions snmp +set system login class ciena permissions system +set system login class ciena permissions trace +set system login class ciena permissions view +set system login user ciena uid 2000 +set system login user ciena class ciena +set system login user ciena authentication encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J." +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293" +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh root-login allow +set system services extension-service request-response grpc clear-text +set system services extension-service request-response grpc max-connections 10 +set system services extension-service request-response grpc skip-authentication +set system services netconf ssh +set system services netconf traceoptions file nc.txt +set system services netconf traceoptions file size 1m +set system services netconf traceoptions file world-readable +set system services netconf traceoptions flag all +set system no-redirects +set system syslog user * any emergency +set system syslog file messages any any +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set chassis aggregated-devices ethernet device-count 10 +set chassis network-services enhanced-ip +set interfaces ge-0/0/0 description proto-pe2 +set interfaces ge-0/0/0 unit 0 family inet address 10.0.24.4/24 +set interfaces ge-0/0/0 unit 0 family iso +set interfaces ge-0/0/0 unit 0 family inet6 +set interfaces ge-0/0/0 unit 0 family mpls +set interfaces ge-0/0/1 description ce1 +set interfaces ge-0/0/1 gigether-options 802.3ad ae0 +set interfaces ge-0/0/2 description proto-pe3 +set interfaces ge-0/0/2 unit 0 family inet address 10.0.34.4/24 +set interfaces ge-0/0/2 unit 0 family iso +set interfaces ge-0/0/2 unit 0 family inet6 +set interfaces ge-0/0/2 unit 0 family mpls +set interfaces ae0 vlan-tagging +set interfaces ae0 encapsulation flexible-ethernet-services +set interfaces ae0 esi 00:33:33:33:33:33:33:33:33:33 +set interfaces ae0 esi all-active +set interfaces ae0 aggregated-ether-options lacp active +set interfaces ae0 aggregated-ether-options lacp system-id 00:01:02:03:04:06 +set interfaces ae0 unit 100 encapsulation vlan-bridge +set interfaces ae0 unit 100 vlan-id 100 +set interfaces fxp0 description "OOB to MGMT Network" +set interfaces fxp0 unit 0 family inet address 10.39.0.164/20 +set interfaces lo0 unit 0 family inet address 4.4.4.4/32 +set interfaces lo0 unit 0 family iso address 49.0001.0010.0100.1004.00 +set interfaces lo0 unit 0 family inet6 address fec0:0:0:1111::4/128 +set snmp community public +set policy-options policy-statement LOAD-BALANCE then load-balance per-packet +set routing-instances EVPN1 instance-type evpn +set routing-instances EVPN1 protocols evpn encapsulation mpls +set routing-instances EVPN1 interface ae0.100 +set routing-instances EVPN1 route-distinguisher 3.3.3.3:12121 +set routing-instances EVPN1 vrf-target target:65000:12121 +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options forwarding-table export LOAD-BALANCE +set routing-options router-id 4.4.4.4 +set routing-options autonomous-system 65000 +set protocols isis backup-spf-options use-post-convergence-lfa +set protocols isis traffic-engineering igp-topology +set protocols isis source-packet-routing srgb start-label 16000 +set protocols isis source-packet-routing srgb index-range 8000 +set protocols isis source-packet-routing node-segment ipv4-index 404 +set protocols isis source-packet-routing node-segment ipv6-index 604 +set protocols isis level 1 disable +set protocols isis level 2 wide-metrics-only +set protocols isis interface ge-0/0/0.0 point-to-point +set protocols isis interface ge-0/0/0.0 level 2 metric 1000 +set protocols isis interface ge-0/0/0.0 level 2 post-convergence-lfa node-protection +set protocols isis interface ge-0/0/2.0 point-to-point +set protocols isis interface ge-0/0/2.0 level 2 metric 1000 +set protocols isis interface ge-0/0/2.0 level 2 post-convergence-lfa node-protection +set protocols isis interface lo0.0 passive +set protocols mpls icmp-tunneling +set protocols mpls interface ge-0/0/0.0 +set protocols mpls interface ge-0/0/2.0 +set protocols bgp group ibgp type internal +set protocols bgp group ibgp local-address 4.4.4.4 +set protocols bgp group ibgp family inet-vpn unicast +set protocols bgp group ibgp family evpn signaling +set protocols bgp group ibgp neighbor 5.5.5.5 +set protocols lldp interface ge-0/0/0 +set protocols lldp interface ge-0/0/1 +set protocols lldp interface ge-0/0/2 \ No newline at end of file diff --git a/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.161.config b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.161.config new file mode 100644 index 0000000..752d6c9 --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.161.config @@ -0,0 +1,264 @@ + +## Last commit: 2019-12-05 16:07:51 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-pe1; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + class ciena { + permissions [ access admin firewall interface routing snmp system trace view ]; + } + user ciena { + uid 2000; + class ciena; + authentication { + encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J."; + } + } + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description ce1:ge-0/0/0; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/1 { + description proto-p5; + unit 0 { + family inet { + address 10.0.15.1/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/2 { + description proto-pe2; + unit 0 { + family inet { + address 10.0.12.1/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/3 { + description proto-pe3; + unit 0 { + family inet { + address 10.0.13.1/24; + } + family iso; + family inet6; + family mpls; + } + } + ae0 { + flexible-vlan-tagging; + encapsulation flexible-ethernet-services; + esi { + 00:11:11:11:11:11:11:11:11:11; + all-active; + } + aggregated-ether-options { + lacp { + active; + system-id 00:01:02:03:04:05; + } + } + unit 100 { + description VLAN100:EVPN1; + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.161/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 1.1.1.1/32; + } + family iso { + address 49.0001.0010.0100.1001.00; + } + family inet6 { + address fec0:0:0:1111::1/128; + } + } + } +} +snmp { + community public; +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} +routing-instances { + EVPN1 { + instance-type evpn; + protocols { + evpn { + encapsulation mpls; + } + } + interface ae0.100; + route-distinguisher 1.1.1.1:12121; + vrf-target target:65000:12121; + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 1.1.1.1; + autonomous-system 65000; +} +protocols { + isis { + backup-spf-options { + use-post-convergence-lfa; + } + traffic-engineering igp-topology; + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 401; + ipv6-index 601; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/1.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/2.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/3.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface lo0.0 { + passive; + } + } + mpls { + icmp-tunneling; + interface ge-0/0/1.0; + interface ge-0/0/2.0; + interface ge-0/0/3.0; + } + bgp { + group ibgp { + type internal; + local-address 1.1.1.1; + family inet-vpn { + unicast; + } + family evpn { + signaling; + } + neighbor 5.5.5.5; + } + } + lldp { + port-id-subtype interface-name; + port-description-type interface-alias; + neighbour-port-info-display port-id; + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + interface ge-0/0/3; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.162.config b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.162.config new file mode 100644 index 0000000..7602b77 --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.162.config @@ -0,0 +1,312 @@ + +## Last commit: 2019-12-05 16:08:04 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-pe2; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + class ciena { + permissions [ access admin firewall interface routing snmp system trace view ]; + } + user ciena { + uid 2000; + class ciena; + authentication { + encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J."; + } + } + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description ce1; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/1 { + description proto-pe4; + unit 0 { + family inet { + address 10.0.24.2/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/2 { + description proto-pe1; + unit 0 { + family inet { + address 10.0.12.2/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/3 { + description proto-ce3; + unit 0 { + family inet { + address 192.168.33.2/24; + } + family inet6; + } + } + ae0 { + vlan-tagging; + encapsulation flexible-ethernet-services; + esi { + 00:11:11:11:11:11:11:11:11:11; + all-active; + } + aggregated-ether-options { + lacp { + active; + system-id 00:01:02:03:04:05; + } + } + unit 100 { + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.162/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 2.2.2.2/32; + } + family iso { + address 49.0001.0010.0100.1002.00; + } + family inet6 { + address fec0:0:0:1111::2/128; + } + } + } +} +snmp { + community public; +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } + policy-statement color-import { + then resolution-map color; + } + policy-statement color200 { + term 0 { + then { + community add color200; + community add target200; + accept; + } + } + } + community color200 members color:0:200; + community target200 members target:200:200; + resolution-map color { + mode ip-color; + } +} +routing-instances { + EVPN1 { + instance-type evpn; + protocols { + evpn { + encapsulation mpls; + } + } + interface ae0.100; + route-distinguisher 1.1.1.1:12121; + vrf-target target:65000:12121; + } + l3vpn { + instance-type vrf; + protocols { + bgp { + group ebgp { + type external; + local-address 192.168.33.2; + family inet { + unicast; + } + peer-as 65033; + neighbor 192.168.33.33; + } + } + } + interface ge-0/0/3.0; + route-distinguisher 2.2.2.2:200; + inactive: vrf-export color200; + vrf-target target:200:200; + vrf-table-label; + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 2.2.2.2; + autonomous-system 65000; +} +protocols { + isis { + backup-spf-options { + use-post-convergence-lfa; + } + traffic-engineering igp-topology; + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 402; + ipv6-index 602; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/1.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/2.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface lo0.0 { + passive; + } + } + mpls { + icmp-tunneling; + interface ge-0/0/1.0; + interface ge-0/0/2.0; + } + source-packet-routing { + segment-list via-p5-pe3 { + auto-translate; + hop1 { + ip-address 5.5.5.5; + label-type { + node; + } + } + hop2 { + ip-address 3.3.3.3; + label-type { + node; + } + } + } + source-routing-path via-p5-pe3 { + to 3.3.3.3; + color 200; + primary { + via-p5-pe3; + } + } + inherit-label-nexthops; + } + bgp { + group ibgp { + type internal; + local-address 2.2.2.2; + import color-import; + family inet-vpn { + unicast; + } + family evpn { + signaling; + } + neighbor 5.5.5.5; + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + interface ge-0/0/3; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.163.config b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.163.config new file mode 100644 index 0000000..892881f --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.163.config @@ -0,0 +1,336 @@ + +## Last commit: 2019-12-11 21:37:50 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-pe3; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + class ciena { + permissions [ access admin firewall interface routing snmp system trace view ]; + } + user ciena { + uid 2000; + class ciena; + authentication { + encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J."; + } + } + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-p5; + unit 0 { + family inet { + address 10.0.35.3/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description ce1:ge-0/0/0; + gigether-options { + 802.3ad ae0; + } + } + inactive: ge-0/0/2 { + description proto-pe4; + unit 0 { + family inet { + address 10.0.34.3/24; + } + family iso; + family inet6; + family mpls; + } + } + inactive: ge-0/0/3 { + description proto-pe1; + unit 0 { + family inet { + address 10.0.13.3/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/4 { + description proto-ce4; + unit 0 { + family inet { + address 192.168.44.3/24; + } + family inet6; + } + } + ae0 { + vlan-tagging; + encapsulation flexible-ethernet-services; + esi { + 00:33:33:33:33:33:33:33:33:33; + all-active; + } + aggregated-ether-options { + lacp { + active; + system-id 00:01:02:03:04:06; + } + } + unit 100 { + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.163/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 3.3.3.3/32; + } + family iso { + address 49.0001.0010.0100.1003.00; + } + family inet6 { + address fec0:0:0:1111::3/128; + } + } + } +} +snmp { + community public; +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } + policy-statement color-import { + then resolution-map color; + } + policy-statement color200 { + term 0 { + then { + community add color200; + community add target200; + accept; + } + } + } + community color200 members color:0:200; + community target200 members target:200:200; + resolution-map color { + mode ip-color; + } +} +routing-instances { + EVPN1 { + instance-type evpn; + protocols { + evpn { + encapsulation mpls; + } + } + interface ae0.100; + route-distinguisher 3.3.3.3:12121; + vrf-target target:65000:12121; + } + l3vpn { + instance-type vrf; + protocols { + bgp { + group ebgp { + type external; + local-address 192.168.44.3; + family inet { + unicast; + } + peer-as 65044; + neighbor 192.168.44.44; + } + } + } + interface ge-0/0/4.0; + route-distinguisher 3.3.3.3:200; + inactive: vrf-export color200; + vrf-target target:200:200; + vrf-table-label; + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 3.3.3.3; + autonomous-system 65000; +} +protocols { + isis { + backup-spf-options { + use-post-convergence-lfa; + } + traffic-engineering igp-topology; + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 403; + ipv6-index 603; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/2.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/3.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface lo0.0 { + passive; + } + } + mpls { + icmp-tunneling; + interface ge-0/0/0.0; + interface ge-0/0/2.0; + interface ge-0/0/3.0; + } + source-packet-routing { + segment-list via-p5-pe2 { + auto-translate; + hop1 { + ip-address 5.5.5.5; + label-type { + node; + } + } + hop2 { + ip-address 2.2.2.2; + label-type { + node; + } + } + } + source-routing-path via-p5-pe2 { + to 2.2.2.2; + color 200; + primary { + via-p5-pe2; + } + } + inherit-label-nexthops; + } + bgp { + group ibgp { + type internal; + local-address 3.3.3.3; + family inet-vpn { + unicast; + } + family evpn { + signaling; + } + neighbor 5.5.5.5; + } + } + lldp { + port-id-subtype interface-name; + port-description-type interface-alias; + neighbour-port-info-display port-id; + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + interface ge-0/0/3; + interface ge-0/0/4; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.164.config b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.164.config new file mode 100644 index 0000000..68659ad --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.164.config @@ -0,0 +1,238 @@ + +## Last commit: 2019-12-10 21:31:17 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-pe4; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + class ciena { + permissions [ access admin firewall interface routing snmp system trace view ]; + } + user ciena { + uid 2000; + class ciena; + authentication { + encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J."; + } + } + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-pe2; + unit 0 { + family inet { + address 10.0.24.4/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description ce1; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/2 { + description proto-pe3; + unit 0 { + family inet { + address 10.0.34.4/24; + } + family iso; + family inet6; + family mpls; + } + } + ae0 { + vlan-tagging; + encapsulation flexible-ethernet-services; + esi { + 00:33:33:33:33:33:33:33:33:33; + all-active; + } + aggregated-ether-options { + lacp { + active; + system-id 00:01:02:03:04:06; + } + } + unit 100 { + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.164/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 4.4.4.4/32; + } + family iso { + address 49.0001.0010.0100.1004.00; + } + family inet6 { + address fec0:0:0:1111::4/128; + } + } + } +} +snmp { + community public; +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} +routing-instances { + EVPN1 { + instance-type evpn; + protocols { + evpn { + encapsulation mpls; + } + } + interface ae0.100; + route-distinguisher 3.3.3.3:12121; + vrf-target target:65000:12121; + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 4.4.4.4; + autonomous-system 65000; +} +protocols { + isis { + backup-spf-options { + use-post-convergence-lfa; + } + traffic-engineering igp-topology; + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 404; + ipv6-index 604; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/2.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface lo0.0 { + passive; + } + } + mpls { + icmp-tunneling; + interface ge-0/0/0.0; + interface ge-0/0/2.0; + } + bgp { + group ibgp { + type internal; + local-address 4.4.4.4; + family inet-vpn { + unicast; + } + family evpn { + signaling; + } + neighbor 5.5.5.5; + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.165.config b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.165.config new file mode 100644 index 0000000..3a800cc --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.165.config @@ -0,0 +1,269 @@ + +## Last commit: 2019-12-05 22:14:22 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-p5; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + class ciena { + permissions [ access admin firewall interface routing snmp system trace view ]; + } + user ciena { + uid 2000; + class ciena; + authentication { + encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J."; + } + } + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + fpc 0 { + pic 0 { + tunnel-services; + } + } + network-services enhanced-ip; +} +services { + analytics { + streaming-server ROA { + remote-address 10.39.16.2; + remote-port 22222; + } + export-profile ROA-export { + local-address 5.5.5.5; + local-port 21111; + reporting-rate 10; + format gpb; + transport udp; + } + inactive: sensor sensor1 { + server-name ROA; + export-name ROA-export; + resource /junos/system/linecard/interface/; + } + inactive: sensor sensor2 { + server-name ROA; + export-name ROA-export; + resource /junos/system/linecard/interface/logical/usage/; + } + } +} +interfaces { + ge-0/0/0 { + description proto-pe1; + unit 0 { + family inet { + address 10.0.15.5/24; + } + family iso; + family inet6; + family mpls; + } + } + gr-0/0/0 { + unit 0 { + tunnel { + source 10.39.16.1; + destination 10.39.16.2; + } + family inet { + address 10.39.16.253/30; + } + family iso; + } + } + ge-0/0/1 { + description proto-pe3; + unit 0 { + family inet { + address 10.0.35.5/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/2 { + description to_Ciena_CENI; + unit 0 { + family inet { + address 10.39.16.1/29; + } + family iso; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.165/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 5.5.5.5/32; + } + family iso { + address 49.0001.0010.0100.1005.00; + } + family inet6 { + address fec0:0:0:1111::5/128; + } + } + } +} +snmp { + community public; +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 5.5.5.5; + autonomous-system 65000; +} +protocols { + isis { + backup-spf-options { + use-post-convergence-lfa; + } + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 405; + ipv6-index 605; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface gr-0/0/0.0; + interface ge-0/0/1.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/2.0 { + passive; + } + interface lo0.0 { + passive; + } + traceoptions { + file isis size 10m files 10 world-readable; + flag all; + } + } + mpls { + icmp-tunneling; + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + bgp { + group ibgp { + type internal; + family inet-vpn { + unicast; + } + family evpn { + signaling; + } + cluster 5.5.5.5; + neighbor 1.1.1.1; + neighbor 2.2.2.2; + neighbor 3.3.3.3; + neighbor 4.4.4.4; + neighbor 10.39.16.2 { + local-address 10.39.16.1; + family inet-vpn { + unicast { + add-path { + send { + path-count 6; + } + } + } + } + } + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.166.config b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.166.config new file mode 100644 index 0000000..c5c1e41 --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.166.config @@ -0,0 +1,165 @@ + +## Last commit: 2019-11-14 23:52:38 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-ce1; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-pe1:ge-0/0/0; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/1 { + description proto-pe2; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/2 { + description vm1; + flexible-vlan-tagging; + native-vlan-id 1; + encapsulation flexible-ethernet-services; + unit 0 { + encapsulation vlan-bridge; + vlan-id 1; + } + } + ae0 { + flexible-vlan-tagging; + encapsulation flexible-ethernet-services; + aggregated-ether-options { + lacp { + active; + } + } + unit 100 { + description vlan100:EVPN1-to-PE1.PE2-VL100; + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.166/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 11.11.11.11/32; + } + family inet6 { + address fec0:0:0:1111::11/128; + } + } + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} +routing-instances { + EVPN1-to-CE2-VL100 { + instance-type virtual-router; + interface ge-0/0/0.100; + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 11.11.11.11; + autonomous-system 65000; +} +protocols { + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + lldp { + port-id-subtype interface-name; + port-description-type interface-alias; + neighbour-port-info-display port-id; + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + } +} +bridge-domains { + VM1-Untagged { + vlan-id none; + interface ge-0/0/2.0; + interface ae0.100; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.167.config b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.167.config new file mode 100644 index 0000000..8f7ccbc --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.167.config @@ -0,0 +1,160 @@ + +## Last commit: 2019-11-14 19:43:52 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-ce2; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-pe3; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/1 { + description proto-pe4; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/2 { + description vm2; + flexible-vlan-tagging; + native-vlan-id 1; + encapsulation flexible-ethernet-services; + unit 0 { + encapsulation vlan-bridge; + vlan-id 1; + } + } + ae0 { + flexible-vlan-tagging; + encapsulation flexible-ethernet-services; + mac 00:00:00:00:00:22; + aggregated-ether-options { + lacp { + active; + } + } + unit 100 { + description vlan100:EVPN1-to-CE3.CE4-VL100; + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.167/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 22.22.22.22/32; + } + family inet6 { + address fec0:0:0:1111::22/128; + } + } + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 22.22.22.22; + autonomous-system 65000; +} +protocols { + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + lldp { + port-id-subtype interface-name; + port-description-type interface-alias; + neighbour-port-info-display port-id; + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + } +} +bridge-domains { + VM2-Untagged { + vlan-id none; + interface ge-0/0/2.0; + interface ae0.100; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.168.config b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.168.config new file mode 100644 index 0000000..807bc6a --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.168.config @@ -0,0 +1,129 @@ + +## Last commit: 2019-11-15 01:25:51 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-ce3; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-pe2; + unit 0 { + family inet { + address 192.168.33.33/24; + } + family inet6; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.168/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 33.33.33.33/32; + } + family inet6 { + address fec0:0:0:1111::22/128; + } + } + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } + policy-statement send-direct { + term 1 { + from protocol direct; + then accept; + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 33.33.33.33; + autonomous-system 65033; +} +protocols { + bgp { + group ebgp { + type external; + local-address 192.168.33.33; + family inet { + unicast; + } + export send-direct; + peer-as 65000; + neighbor 192.168.33.2; + } + } + lldp { + interface ge-0/0/0; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.169.config b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.169.config new file mode 100644 index 0000000..75acbee --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:04:58/10.39.0.169.config @@ -0,0 +1,132 @@ + +## Last commit: 2019-11-15 01:25:49 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-ce4; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-pe3; + unit 0 { + family inet { + address 192.168.44.44/24; + } + family inet6; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.169/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 44.44.44.44/32; + } + family inet6 { + address fec0:0:0:1111::22/128; + } + } + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } + policy-statement send-direct { + term 1 { + from protocol direct; + then accept; + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 44.44.44.44; + autonomous-system 65044; +} +protocols { + mpls { + interface ge-0/0/0.0; + } + bgp { + group ebgp { + type external; + local-address 192.168.44.44; + family inet { + unicast; + } + export send-direct; + peer-as 65000; + neighbor 192.168.44.3; + } + } + lldp { + interface ge-0/0/0; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.161.config b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.161.config new file mode 100644 index 0000000..752d6c9 --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.161.config @@ -0,0 +1,264 @@ + +## Last commit: 2019-12-05 16:07:51 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-pe1; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + class ciena { + permissions [ access admin firewall interface routing snmp system trace view ]; + } + user ciena { + uid 2000; + class ciena; + authentication { + encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J."; + } + } + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description ce1:ge-0/0/0; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/1 { + description proto-p5; + unit 0 { + family inet { + address 10.0.15.1/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/2 { + description proto-pe2; + unit 0 { + family inet { + address 10.0.12.1/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/3 { + description proto-pe3; + unit 0 { + family inet { + address 10.0.13.1/24; + } + family iso; + family inet6; + family mpls; + } + } + ae0 { + flexible-vlan-tagging; + encapsulation flexible-ethernet-services; + esi { + 00:11:11:11:11:11:11:11:11:11; + all-active; + } + aggregated-ether-options { + lacp { + active; + system-id 00:01:02:03:04:05; + } + } + unit 100 { + description VLAN100:EVPN1; + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.161/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 1.1.1.1/32; + } + family iso { + address 49.0001.0010.0100.1001.00; + } + family inet6 { + address fec0:0:0:1111::1/128; + } + } + } +} +snmp { + community public; +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} +routing-instances { + EVPN1 { + instance-type evpn; + protocols { + evpn { + encapsulation mpls; + } + } + interface ae0.100; + route-distinguisher 1.1.1.1:12121; + vrf-target target:65000:12121; + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 1.1.1.1; + autonomous-system 65000; +} +protocols { + isis { + backup-spf-options { + use-post-convergence-lfa; + } + traffic-engineering igp-topology; + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 401; + ipv6-index 601; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/1.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/2.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/3.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface lo0.0 { + passive; + } + } + mpls { + icmp-tunneling; + interface ge-0/0/1.0; + interface ge-0/0/2.0; + interface ge-0/0/3.0; + } + bgp { + group ibgp { + type internal; + local-address 1.1.1.1; + family inet-vpn { + unicast; + } + family evpn { + signaling; + } + neighbor 5.5.5.5; + } + } + lldp { + port-id-subtype interface-name; + port-description-type interface-alias; + neighbour-port-info-display port-id; + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + interface ge-0/0/3; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.162.config b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.162.config new file mode 100644 index 0000000..7602b77 --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.162.config @@ -0,0 +1,312 @@ + +## Last commit: 2019-12-05 16:08:04 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-pe2; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + class ciena { + permissions [ access admin firewall interface routing snmp system trace view ]; + } + user ciena { + uid 2000; + class ciena; + authentication { + encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J."; + } + } + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description ce1; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/1 { + description proto-pe4; + unit 0 { + family inet { + address 10.0.24.2/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/2 { + description proto-pe1; + unit 0 { + family inet { + address 10.0.12.2/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/3 { + description proto-ce3; + unit 0 { + family inet { + address 192.168.33.2/24; + } + family inet6; + } + } + ae0 { + vlan-tagging; + encapsulation flexible-ethernet-services; + esi { + 00:11:11:11:11:11:11:11:11:11; + all-active; + } + aggregated-ether-options { + lacp { + active; + system-id 00:01:02:03:04:05; + } + } + unit 100 { + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.162/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 2.2.2.2/32; + } + family iso { + address 49.0001.0010.0100.1002.00; + } + family inet6 { + address fec0:0:0:1111::2/128; + } + } + } +} +snmp { + community public; +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } + policy-statement color-import { + then resolution-map color; + } + policy-statement color200 { + term 0 { + then { + community add color200; + community add target200; + accept; + } + } + } + community color200 members color:0:200; + community target200 members target:200:200; + resolution-map color { + mode ip-color; + } +} +routing-instances { + EVPN1 { + instance-type evpn; + protocols { + evpn { + encapsulation mpls; + } + } + interface ae0.100; + route-distinguisher 1.1.1.1:12121; + vrf-target target:65000:12121; + } + l3vpn { + instance-type vrf; + protocols { + bgp { + group ebgp { + type external; + local-address 192.168.33.2; + family inet { + unicast; + } + peer-as 65033; + neighbor 192.168.33.33; + } + } + } + interface ge-0/0/3.0; + route-distinguisher 2.2.2.2:200; + inactive: vrf-export color200; + vrf-target target:200:200; + vrf-table-label; + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 2.2.2.2; + autonomous-system 65000; +} +protocols { + isis { + backup-spf-options { + use-post-convergence-lfa; + } + traffic-engineering igp-topology; + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 402; + ipv6-index 602; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/1.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/2.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface lo0.0 { + passive; + } + } + mpls { + icmp-tunneling; + interface ge-0/0/1.0; + interface ge-0/0/2.0; + } + source-packet-routing { + segment-list via-p5-pe3 { + auto-translate; + hop1 { + ip-address 5.5.5.5; + label-type { + node; + } + } + hop2 { + ip-address 3.3.3.3; + label-type { + node; + } + } + } + source-routing-path via-p5-pe3 { + to 3.3.3.3; + color 200; + primary { + via-p5-pe3; + } + } + inherit-label-nexthops; + } + bgp { + group ibgp { + type internal; + local-address 2.2.2.2; + import color-import; + family inet-vpn { + unicast; + } + family evpn { + signaling; + } + neighbor 5.5.5.5; + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + interface ge-0/0/3; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.163.config b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.163.config new file mode 100644 index 0000000..892881f --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.163.config @@ -0,0 +1,336 @@ + +## Last commit: 2019-12-11 21:37:50 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-pe3; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + class ciena { + permissions [ access admin firewall interface routing snmp system trace view ]; + } + user ciena { + uid 2000; + class ciena; + authentication { + encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J."; + } + } + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-p5; + unit 0 { + family inet { + address 10.0.35.3/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description ce1:ge-0/0/0; + gigether-options { + 802.3ad ae0; + } + } + inactive: ge-0/0/2 { + description proto-pe4; + unit 0 { + family inet { + address 10.0.34.3/24; + } + family iso; + family inet6; + family mpls; + } + } + inactive: ge-0/0/3 { + description proto-pe1; + unit 0 { + family inet { + address 10.0.13.3/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/4 { + description proto-ce4; + unit 0 { + family inet { + address 192.168.44.3/24; + } + family inet6; + } + } + ae0 { + vlan-tagging; + encapsulation flexible-ethernet-services; + esi { + 00:33:33:33:33:33:33:33:33:33; + all-active; + } + aggregated-ether-options { + lacp { + active; + system-id 00:01:02:03:04:06; + } + } + unit 100 { + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.163/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 3.3.3.3/32; + } + family iso { + address 49.0001.0010.0100.1003.00; + } + family inet6 { + address fec0:0:0:1111::3/128; + } + } + } +} +snmp { + community public; +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } + policy-statement color-import { + then resolution-map color; + } + policy-statement color200 { + term 0 { + then { + community add color200; + community add target200; + accept; + } + } + } + community color200 members color:0:200; + community target200 members target:200:200; + resolution-map color { + mode ip-color; + } +} +routing-instances { + EVPN1 { + instance-type evpn; + protocols { + evpn { + encapsulation mpls; + } + } + interface ae0.100; + route-distinguisher 3.3.3.3:12121; + vrf-target target:65000:12121; + } + l3vpn { + instance-type vrf; + protocols { + bgp { + group ebgp { + type external; + local-address 192.168.44.3; + family inet { + unicast; + } + peer-as 65044; + neighbor 192.168.44.44; + } + } + } + interface ge-0/0/4.0; + route-distinguisher 3.3.3.3:200; + inactive: vrf-export color200; + vrf-target target:200:200; + vrf-table-label; + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 3.3.3.3; + autonomous-system 65000; +} +protocols { + isis { + backup-spf-options { + use-post-convergence-lfa; + } + traffic-engineering igp-topology; + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 403; + ipv6-index 603; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/2.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/3.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface lo0.0 { + passive; + } + } + mpls { + icmp-tunneling; + interface ge-0/0/0.0; + interface ge-0/0/2.0; + interface ge-0/0/3.0; + } + source-packet-routing { + segment-list via-p5-pe2 { + auto-translate; + hop1 { + ip-address 5.5.5.5; + label-type { + node; + } + } + hop2 { + ip-address 2.2.2.2; + label-type { + node; + } + } + } + source-routing-path via-p5-pe2 { + to 2.2.2.2; + color 200; + primary { + via-p5-pe2; + } + } + inherit-label-nexthops; + } + bgp { + group ibgp { + type internal; + local-address 3.3.3.3; + family inet-vpn { + unicast; + } + family evpn { + signaling; + } + neighbor 5.5.5.5; + } + } + lldp { + port-id-subtype interface-name; + port-description-type interface-alias; + neighbour-port-info-display port-id; + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + interface ge-0/0/3; + interface ge-0/0/4; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.164.config b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.164.config new file mode 100644 index 0000000..68659ad --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.164.config @@ -0,0 +1,238 @@ + +## Last commit: 2019-12-10 21:31:17 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-pe4; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + class ciena { + permissions [ access admin firewall interface routing snmp system trace view ]; + } + user ciena { + uid 2000; + class ciena; + authentication { + encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J."; + } + } + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-pe2; + unit 0 { + family inet { + address 10.0.24.4/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/1 { + description ce1; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/2 { + description proto-pe3; + unit 0 { + family inet { + address 10.0.34.4/24; + } + family iso; + family inet6; + family mpls; + } + } + ae0 { + vlan-tagging; + encapsulation flexible-ethernet-services; + esi { + 00:33:33:33:33:33:33:33:33:33; + all-active; + } + aggregated-ether-options { + lacp { + active; + system-id 00:01:02:03:04:06; + } + } + unit 100 { + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.164/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 4.4.4.4/32; + } + family iso { + address 49.0001.0010.0100.1004.00; + } + family inet6 { + address fec0:0:0:1111::4/128; + } + } + } +} +snmp { + community public; +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} +routing-instances { + EVPN1 { + instance-type evpn; + protocols { + evpn { + encapsulation mpls; + } + } + interface ae0.100; + route-distinguisher 3.3.3.3:12121; + vrf-target target:65000:12121; + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 4.4.4.4; + autonomous-system 65000; +} +protocols { + isis { + backup-spf-options { + use-post-convergence-lfa; + } + traffic-engineering igp-topology; + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 404; + ipv6-index 604; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/2.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface lo0.0 { + passive; + } + } + mpls { + icmp-tunneling; + interface ge-0/0/0.0; + interface ge-0/0/2.0; + } + bgp { + group ibgp { + type internal; + local-address 4.4.4.4; + family inet-vpn { + unicast; + } + family evpn { + signaling; + } + neighbor 5.5.5.5; + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.165.config b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.165.config new file mode 100644 index 0000000..3a800cc --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.165.config @@ -0,0 +1,269 @@ + +## Last commit: 2019-12-05 22:14:22 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-p5; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + class ciena { + permissions [ access admin firewall interface routing snmp system trace view ]; + } + user ciena { + uid 2000; + class ciena; + authentication { + encrypted-password "$6$dbBQTBSC$Ak055LqKufsC5m2k8AK9cU.HsE..z6qFZDN0rmW7sD3vwlaeansQbC5UXlajR2WnHUkSoW/aezSMbBMlxuI0J."; + } + } + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + fpc 0 { + pic 0 { + tunnel-services; + } + } + network-services enhanced-ip; +} +services { + analytics { + streaming-server ROA { + remote-address 10.39.16.2; + remote-port 22222; + } + export-profile ROA-export { + local-address 5.5.5.5; + local-port 21111; + reporting-rate 10; + format gpb; + transport udp; + } + inactive: sensor sensor1 { + server-name ROA; + export-name ROA-export; + resource /junos/system/linecard/interface/; + } + inactive: sensor sensor2 { + server-name ROA; + export-name ROA-export; + resource /junos/system/linecard/interface/logical/usage/; + } + } +} +interfaces { + ge-0/0/0 { + description proto-pe1; + unit 0 { + family inet { + address 10.0.15.5/24; + } + family iso; + family inet6; + family mpls; + } + } + gr-0/0/0 { + unit 0 { + tunnel { + source 10.39.16.1; + destination 10.39.16.2; + } + family inet { + address 10.39.16.253/30; + } + family iso; + } + } + ge-0/0/1 { + description proto-pe3; + unit 0 { + family inet { + address 10.0.35.5/24; + } + family iso; + family inet6; + family mpls; + } + } + ge-0/0/2 { + description to_Ciena_CENI; + unit 0 { + family inet { + address 10.39.16.1/29; + } + family iso; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.165/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 5.5.5.5/32; + } + family iso { + address 49.0001.0010.0100.1005.00; + } + family inet6 { + address fec0:0:0:1111::5/128; + } + } + } +} +snmp { + community public; +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 5.5.5.5; + autonomous-system 65000; +} +protocols { + isis { + backup-spf-options { + use-post-convergence-lfa; + } + source-packet-routing { + srgb start-label 16000 index-range 8000; + node-segment { + ipv4-index 405; + ipv6-index 605; + } + } + level 1 disable; + level 2 wide-metrics-only; + interface ge-0/0/0.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface gr-0/0/0.0; + interface ge-0/0/1.0 { + point-to-point; + level 2 { + metric 1000; + post-convergence-lfa { + node-protection; + } + } + } + interface ge-0/0/2.0 { + passive; + } + interface lo0.0 { + passive; + } + traceoptions { + file isis size 10m files 10 world-readable; + flag all; + } + } + mpls { + icmp-tunneling; + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + bgp { + group ibgp { + type internal; + family inet-vpn { + unicast; + } + family evpn { + signaling; + } + cluster 5.5.5.5; + neighbor 1.1.1.1; + neighbor 2.2.2.2; + neighbor 3.3.3.3; + neighbor 4.4.4.4; + neighbor 10.39.16.2 { + local-address 10.39.16.1; + family inet-vpn { + unicast { + add-path { + send { + path-count 6; + } + } + } + } + } + } + } + lldp { + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.166.config b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.166.config new file mode 100644 index 0000000..c5c1e41 --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.166.config @@ -0,0 +1,165 @@ + +## Last commit: 2019-11-14 23:52:38 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-ce1; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-pe1:ge-0/0/0; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/1 { + description proto-pe2; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/2 { + description vm1; + flexible-vlan-tagging; + native-vlan-id 1; + encapsulation flexible-ethernet-services; + unit 0 { + encapsulation vlan-bridge; + vlan-id 1; + } + } + ae0 { + flexible-vlan-tagging; + encapsulation flexible-ethernet-services; + aggregated-ether-options { + lacp { + active; + } + } + unit 100 { + description vlan100:EVPN1-to-PE1.PE2-VL100; + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.166/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 11.11.11.11/32; + } + family inet6 { + address fec0:0:0:1111::11/128; + } + } + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} +routing-instances { + EVPN1-to-CE2-VL100 { + instance-type virtual-router; + interface ge-0/0/0.100; + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 11.11.11.11; + autonomous-system 65000; +} +protocols { + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + lldp { + port-id-subtype interface-name; + port-description-type interface-alias; + neighbour-port-info-display port-id; + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + } +} +bridge-domains { + VM1-Untagged { + vlan-id none; + interface ge-0/0/2.0; + interface ae0.100; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.167.config b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.167.config new file mode 100644 index 0000000..8f7ccbc --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.167.config @@ -0,0 +1,160 @@ + +## Last commit: 2019-11-14 19:43:52 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-ce2; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + aggregated-devices { + ethernet { + device-count 10; + } + } + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-pe3; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/1 { + description proto-pe4; + gigether-options { + 802.3ad ae0; + } + } + ge-0/0/2 { + description vm2; + flexible-vlan-tagging; + native-vlan-id 1; + encapsulation flexible-ethernet-services; + unit 0 { + encapsulation vlan-bridge; + vlan-id 1; + } + } + ae0 { + flexible-vlan-tagging; + encapsulation flexible-ethernet-services; + mac 00:00:00:00:00:22; + aggregated-ether-options { + lacp { + active; + } + } + unit 100 { + description vlan100:EVPN1-to-CE3.CE4-VL100; + encapsulation vlan-bridge; + vlan-id 100; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.167/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 22.22.22.22/32; + } + family inet6 { + address fec0:0:0:1111::22/128; + } + } + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 22.22.22.22; + autonomous-system 65000; +} +protocols { + mpls { + interface ge-0/0/0.0; + interface ge-0/0/1.0; + } + lldp { + port-id-subtype interface-name; + port-description-type interface-alias; + neighbour-port-info-display port-id; + interface ge-0/0/0; + interface ge-0/0/1; + interface ge-0/0/2; + } +} +bridge-domains { + VM2-Untagged { + vlan-id none; + interface ge-0/0/2.0; + interface ae0.100; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.168.config b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.168.config new file mode 100644 index 0000000..807bc6a --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.168.config @@ -0,0 +1,129 @@ + +## Last commit: 2019-11-15 01:25:51 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-ce3; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-pe2; + unit 0 { + family inet { + address 192.168.33.33/24; + } + family inet6; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.168/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 33.33.33.33/32; + } + family inet6 { + address fec0:0:0:1111::22/128; + } + } + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } + policy-statement send-direct { + term 1 { + from protocol direct; + then accept; + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 33.33.33.33; + autonomous-system 65033; +} +protocols { + bgp { + group ebgp { + type external; + local-address 192.168.33.33; + family inet { + unicast; + } + export send-direct; + peer-as 65000; + neighbor 192.168.33.2; + } + } + lldp { + interface ge-0/0/0; + } +} diff --git a/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.169.config b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.169.config new file mode 100644 index 0000000..75acbee --- /dev/null +++ b/files/tx-proto/backup/2020-02-21@12:05:20/10.39.0.169.config @@ -0,0 +1,132 @@ + +## Last commit: 2019-11-15 01:25:49 UTC by salt +version 20190606.224121_builder.r1033375; +system { + host-name proto-ce4; + root-authentication { + encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; + } + login { + user salt { + uid 2001; + class super-user; + authentication { + encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; + } + } + } + services { + ssh { + root-login allow; + } + extension-service { + request-response { + grpc { + clear-text; + max-connections 10; + skip-authentication; + } + } + } + netconf { + ssh; + traceoptions { + file nc.txt size 1m world-readable; + flag all; + } + } + } + no-redirects; + syslog { + user * { + any emergency; + } + file messages { + any any; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +chassis { + network-services enhanced-ip; +} +interfaces { + ge-0/0/0 { + description proto-pe3; + unit 0 { + family inet { + address 192.168.44.44/24; + } + family inet6; + } + } + fxp0 { + description "OOB to MGMT Network"; + unit 0 { + family inet { + address 10.39.0.169/20; + } + } + } + lo0 { + unit 0 { + family inet { + address 44.44.44.44/32; + } + family inet6 { + address fec0:0:0:1111::22/128; + } + } + } +} +policy-options { + policy-statement LOAD-BALANCE { + then { + load-balance per-packet; + } + } + policy-statement send-direct { + term 1 { + from protocol direct; + then accept; + } + } +} +routing-options { + static { + route 0.0.0.0/0 { + next-hop 10.39.0.1; + no-readvertise; + preference 255; + } + } + forwarding-table { + export LOAD-BALANCE; + } + router-id 44.44.44.44; + autonomous-system 65044; +} +protocols { + mpls { + interface ge-0/0/0.0; + } + bgp { + group ebgp { + type external; + local-address 192.168.44.44; + family inet { + unicast; + } + export send-direct; + peer-as 65000; + neighbor 192.168.44.3; + } + } + lldp { + interface ge-0/0/0; + } +} diff --git a/group_vars/all b/group_vars/all index 63ccf43..32433d2 100644 --- a/group_vars/all +++ b/group_vars/all @@ -2,3 +2,5 @@ ansible_user: salt ansible_ssh_private_key_file: /srv/salt/ssh/id_rsa remote_user: "{{ ansible_user }}" +esxi_hostname: "nsvmware2.mgmt.internet2.edu" +esxi_datastore: "nsvmware2 - datastore1" diff --git a/group_vars/epe b/group_vars/epe new file mode 100644 index 0000000..fb3e8f9 --- /dev/null +++ b/group_vars/epe @@ -0,0 +1,8 @@ +--- +#ansible_connection: local +model: core-model-epe.yml +topo_dir: files/epe +config_dir: "{{ topo_dir }}/config" +tasks_dir: "{{ topo_dir }}/tasks" +dryrun: True +ova_ver: 19.2R1.8 diff --git a/group_vars/srlab b/group_vars/srlab index f013704..8181705 100644 --- a/group_vars/srlab +++ b/group_vars/srlab @@ -1,6 +1,7 @@ --- ansible_connection: local -model: core-model-sr.yml -config_dir: files/srlab-config -tasks_dir: files/srlab-tasks +model: core-model-srlab.yml +topo_dir: files/srlab +config_dir: "{{ topo_dir }}/config" +tasks_dir: "{{ topo_dir }}/tasks" dryrun: True diff --git a/group_vars/srtut_vmx b/group_vars/srtut_vmx index 0014fff..dbaecce 100644 --- a/group_vars/srtut_vmx +++ b/group_vars/srtut_vmx @@ -5,4 +5,6 @@ tasks_dir: files/srtut-tasks dryrun: True ova_ver: 19.2R1.8 template: junosphere +esxi_hostname: nsvmware0.mgmt.internet2.edu +esxi_datastore: host 1 - datastore 2 diff --git a/group_vars/tx_proto b/group_vars/tx_proto index a216e10..daf1bf7 100644 --- a/group_vars/tx_proto +++ b/group_vars/tx_proto @@ -1,7 +1,8 @@ --- #ansible_connection: local model: core-model-prototype.yml -config_dir: files/tx-proto-config -tasks_dir: files/tx-proto-tasks +topo_dir: files/tx-proto +config_dir: "{{ topo_dir }}/config" +tasks_dir: "{{ topo_dir }}/tasks" dryrun: True ova_ver: 19.2R1.8 diff --git a/hosts.ini b/hosts.ini index c49f801..8270f06 100644 --- a/hosts.ini +++ b/hosts.ini @@ -1,13 +1,13 @@ -[srlab] -srlab-vmx1 ansible_host=10.39.0.101 -srlab-vmx2 ansible_host=10.39.0.102 -srlab-vmx3 ansible_host=10.39.0.103 -srlab-vmx4 ansible_host=10.39.0.104 -srlab-vmx5 ansible_host=10.39.0.105 -srlab-vmx6 ansible_host=10.39.0.106 -srlab-vmx7 ansible_host=10.39.0.107 -srlab-vmx8 ansible_host=10.39.0.108 -srlab-vmx9 ansible_host=10.39.0.109 +[epe] +epe-vmx0 ansible_host=10.39.0.100 +epe-vmx1 ansible_host=10.39.0.101 +epe-vmx2 ansible_host=10.39.0.102 +epe-vmx3 ansible_host=10.39.0.103 +epe-vmx4 ansible_host=10.39.0.104 +epe-vmx5 ansible_host=10.39.0.105 +epe-vmx6 ansible_host=10.39.0.106 +epe-vmx7 ansible_host=10.39.0.107 +epe-vmx8 ansible_host=10.39.0.108 [ksr] ksr-vmx1 ansible_host=10.39.0.201 @@ -60,7 +60,7 @@ tx_conn_vmx tx_vmx [vmx:children] -srlab +epe ksr vmxlab mm diff --git a/lab-backup-config.yml b/lab-backup-config.yml index 85c8416..aa0b9b2 100644 --- a/lab-backup-config.yml +++ b/lab-backup-config.yml @@ -2,21 +2,42 @@ - name: backup device config gather_facts: no hosts: "{{ variable_hosts }}" + roles: + - juniper.junos tags: [ backup ] - vars_files: - - "files/{{ variable_hosts }}_nodes.yml" + # vars_files: + # - "files/{{ variable_hosts }}_nodes.yml" tasks: - - name: Backup config (junos) - junos_config: - backup: yes - backup_options: - dir_path: "{{ config_dir }}/backup" - when: ansible_network_os == 'junos' + - name: Get timestamp from the system + shell: "date +%Y-%m-%d@%H:%M:%S" + register: tstamp + run_once: true + + - name: Set tstamp variable + set_fact: + tstamp: "{{ tstamp.stdout }}" + run_once: true + + - name: create the directory for the backup + file: path="{{ topo_dir }}/backup/{{ tstamp }}" state=directory + delegate_to: localhost + run_once: true + + - name: "Save configuration to file" + juniper_junos_config: + retrieve: "committed" + dest_dir: "{{ topo_dir }}/backup/{{ tstamp }}" + # - name: Backup config (junos) + # junos_config: + # backup: yes + # backup_options: + # dir_path: "{{ topo_dir }}/backup" + # when: ansible_network_os == 'junos' - name: Backup config (eos) eos_config: backup: yes backup_options: - dir_path: "{{ config_dir }}/backup" + dir_path: "{{ topo_dir }}/backup" when: ansible_network_os == 'eos' diff --git a/lab-config.yml b/lab-config.yml index ecda103..614e4dc 100644 --- a/lab-config.yml +++ b/lab-config.yml @@ -6,8 +6,12 @@ vars_files: - "vars_files/{{model|default('core-model.yml')}}" tasks: + - name: create the directory for the configuration + file: path="{{ topo_dir }}" state=directory + delegate_to: localhost + run_once: true - name: Create per-node data model from fabric data model - template: src=core-to-nodes.j2 dest="files/{{ variable_hosts }}_nodes.yml" + template: src=core-to-nodes.j2 dest="{{ topo_dir }}/{{ variable_hosts }}_nodes.yml" delegate_to: localhost run_once: True @@ -17,7 +21,7 @@ hosts: "{{ variable_hosts }}" tags: [ template ] vars_files: - - "files/{{ variable_hosts }}_nodes.yml" + - "{{ topo_dir }}/{{ variable_hosts }}_nodes.yml" tasks: # - name: Gather facts (eos) # eos_facts: @@ -43,7 +47,7 @@ hosts: "{{ variable_hosts }}" tags: [ deploy ] vars_files: - - "files/{{ variable_hosts }}_nodes.yml" + - "{{ topo_dir }}/{{ variable_hosts }}_nodes.yml" tasks: - name: Load config (junos) junos_config: diff --git a/lab-deploy.yml b/lab-deploy.yml index 8d82c87..7cee987 100644 --- a/lab-deploy.yml +++ b/lab-deploy.yml @@ -37,7 +37,7 @@ gather_facts: no vars_files: - group_vars/vmware - - "files/{{ variable_hosts }}_nodes.yml" + - "{{ topo_dir }}/{{ variable_hosts }}_nodes.yml" tasks: - name: Create the vswitch vmware_vswitch: @@ -81,7 +81,7 @@ validate_certs: False allow_duplicates: no name: "{{ inventory_hostname }}-vcp" - datastore: "host 2 - datastore 2" + datastore: "{{ esxi_datastore }}" ova: "files/ova/vcp_{{ ova_ver }}.ova" disk_provisioning: thin power_on: no @@ -97,7 +97,7 @@ validate_certs: False allow_duplicates: no name: "{{ inventory_hostname }}-vfpc" - datastore: "host 2 - datastore 2" + datastore: "{{ esxi_datastore }}" ova: "files/ova/vfpc_{{ ova_ver }}.ova" disk_provisioning: thin power_on: no @@ -112,7 +112,7 @@ gather_facts: no tasks: - name: Sort node switches - command: "{{ ansible_python_interpreter }} {{ playbook_dir }}/files/switch_sort.py {{ playbook_dir }}/files/{{ variable_hosts }}_nodes.yml" + command: "{{ ansible_python_interpreter }} {{ playbook_dir }}/files/switch_sort.py {{ playbook_dir }}/{{ topo_dir }}/{{ variable_hosts }}_nodes.yml" args: chdir: "{{ playbook_dir }}" @@ -121,7 +121,7 @@ tags: generate_tasks gather_facts: no vars_files: - - "files/{{ variable_hosts }}_nodes.yml" + - "{{ topo_dir }}/{{ variable_hosts }}_nodes.yml" tasks: - name: Create tasks dir file: path="{{ tasks_dir }}" state=directory diff --git a/lab-teardown.yml b/lab-teardown.yml index 6c8a2ee..0b23826 100644 --- a/lab-teardown.yml +++ b/lab-teardown.yml @@ -5,7 +5,7 @@ gather_facts: no vars_files: - group_vars/vmware - - "files/{{ variable_hosts }}_nodes.yml" + - "{{ topo_dir }}/{{ variable_hosts }}_nodes.yml" tasks: - name: delete vcp and vfpc vmware_guest: @@ -30,7 +30,7 @@ gather_facts: no vars_files: - group_vars/vmware - - "files/{{ variable_hosts }}_nodes.yml" + - "{{ topo_dir }}/{{ variable_hosts }}_nodes.yml" tasks: - name: Delete the vswitch vmware_vswitch: @@ -50,7 +50,7 @@ gather_facts: no vars_files: - group_vars/vmware - - "files/{{ variable_hosts }}_nodes.yml" + - "{{ topo_dir }}/{{ variable_hosts }}_nodes.yml" tasks: - name: Delete the vswitch vmware_vswitch: diff --git a/roles/juniper.junos/.dockerignore b/roles/juniper.junos/.dockerignore new file mode 100644 index 0000000..31441a7 --- /dev/null +++ b/roles/juniper.junos/.dockerignore @@ -0,0 +1,8 @@ +.travis.yml +ISSUE_TEMPLATE.md +docs/ +test/ +tools/ +COPYRIGHT +env-setup +.vscode \ No newline at end of file diff --git a/roles/juniper.junos/.gitignore b/roles/juniper.junos/.gitignore index 7f6e6ab..ef97d41 100644 --- a/roles/juniper.junos/.gitignore +++ b/roles/juniper.junos/.gitignore @@ -53,3 +53,6 @@ desktop.ini # PyCharm .idea + +# VC Code +.vscode diff --git a/roles/juniper.junos/Dockerfile b/roles/juniper.junos/Dockerfile index 8a399cc..86ed50d 100644 --- a/roles/juniper.junos/Dockerfile +++ b/roles/juniper.junos/Dockerfile @@ -1,38 +1,26 @@ FROM juniper/pyez:latest -MAINTAINER Stephen Steiner -ARG ver_ansible=2.4.0.0 -ARG ver_jsnapy=1.2.1 +LABEL net.juniper.image.maintainer="Stephen Steiner " WORKDIR /tmp -RUN mkdir /tmp/ansible-junos-stdlib &&\ - mkdir /tmp/ansible-junos-stdlib/library &&\ - mkdir /tmp/ansible-junos-stdlib/meta &&\ - mkdir /project - -ADD action_plugins /tmp/ansible-junos-stdlib/action_plugins -ADD callback_plugins /tmp/ansible-junos-stdlib/callback_plugins -ADD library /tmp/ansible-junos-stdlib/library -ADD LICENSE /tmp/ansible-junos-stdlib/LICENSE -ADD meta /tmp/ansible-junos-stdlib/meta -ADD module_utils /tmp/ansible-junos-stdlib/module_utils -ADD version.py /tmp/ansible-junos-stdlib/version.py - - - -RUN tar -czf Juniper.junos ansible-junos-stdlib &&\ - apk update && apk add ca-certificates &&\ - apk add openssh-client &&\ - apk add build-base gcc g++ make python-dev &&\ - apk update && apk add py-pip &&\ - pip install --upgrade pip setuptools &&\ - pip install jxmlease &&\ - pip install ansible==$ver_ansible &&\ - pip install jsnapy==$ver_jsnapy &&\ - ansible-galaxy install --roles-path=/etc/ansible/roles Juniper.junos &&\ - apk del -r --purge gcc make g++ &&\ + +RUN apk add --no-cache ca-certificates openssh-client build-base gcc g++ make python-dev py-pip + +COPY requirements.txt . +RUN pip install -r requirements.txt + +RUN apk del -r --purge gcc make g++ &&\ rm -rf /source/* &&\ rm -rf /var/cache/apk/* &&\ rm -rf /tmp/* -WORKDIR /project +WORKDIR /etc/ansible/roles/Juniper.junos +COPY action_plugins action_plugins +COPY callback_plugins callback_plugins +COPY library library +COPY meta meta +COPY module_utils module_utils + +WORKDIR /playbooks + +VOLUME /playbooks diff --git a/roles/juniper.junos/README.md b/roles/juniper.junos/README.md index a6ba521..b3e9225 100644 --- a/roles/juniper.junos/README.md +++ b/roles/juniper.junos/README.md @@ -1,3 +1,5 @@ +# Juniper Ansible roles for Junos + ## About Juniper Networks supports Ansible for managing devices running @@ -9,6 +11,7 @@ retrieving information, and resetting, rebooting, or shutting down managed devic [INSTALLATION](#installation) section for instructions on installing this role. ## Two Sets of Ansible Modules for Junos devices + Since Ansible version >= 2.1, Ansible also natively includes [core modules for Junos](http://docs.ansible.com/ansible/list_of_network_modules.html#junos). The Junos modules included in Ansible core have names which begin with the prefix `junos_`. The Junos modules included in this Juniper.junos role @@ -17,7 +20,9 @@ Ansible control machine, and an Ansible play may invoke a module from either (or using the modules in this role when writing new playbooks that manage Junos devices. ## Overview of Modules + This Juniper.junos role includes the following modules: + - **juniper_junos_command** — Execute one or more CLI commands on a Junos device. - **juniper_junos_config** — Manipulate the configuration of a Junos device. - **juniper_junos_facts** — Retrieve facts from a Junos device. @@ -31,6 +36,7 @@ This Juniper.junos role includes the following modules: - **juniper_junos_table** — Retrieve data from a Junos device using a PyEZ table/view. ### Important Changes + Significant changes to the modules in the Juniper.junos role were made between versions 1.4.3 and 2.0.0. In versions <= 1.4.3 of the Juniper.junos role, the modules used different module and argument names. Versions >= 2.0.0 of the Juniper.junos role provide backwards compatibility with playbooks written to prior versions of the Juniper.junos @@ -47,30 +53,27 @@ In addition to the modules listed above, a callback_plugin `jsnapy` is available The callback_plugin `jsnapy` helps to print on the screen additional information regarding jsnapy failed tests. For each failed test, a log will be printed after the RECAP of the playbook as shown in this example: -``` -PLAY RECAP ********************************************************************* -qfx10002-01 : ok=3 changed=0 unreachable=0 failed=1 -qfx10002-02 : ok=3 changed=0 unreachable=0 failed=1 -qfx5100-01 : ok=1 changed=0 unreachable=0 failed=1 - -JSNAPy Results for: qfx10002-01 ************************************************ -Value of 'peer-state' not 'is-equal' at '//bgp-information/bgp-peer' with {"peer-as": "65200", "peer-state": "Active", "peer-address": "100.0.0.21"} -Value of 'peer-state' not 'is-equal' at '//bgp-information/bgp-peer' with {"peer-as": "60021", "peer-state": "Idle", "peer-address": "192.168.0.1"} -Value of 'oper-status' not 'is-equal' at '//interface-information/physical-interface[normalize-space(admin-status)='up' and logical-interface/address-family/address-family-name ]' with {"oper-status": "down", "name": "et-0/0/18"} - -JSNAPy Results for: qfx10002-02 ************************************************ -Value of 'peer-state' not 'is-equal' at '//bgp-information/bgp-peer' with {"peer-as": "65200", "peer-state": "Active", "peer-address": "100.0.0.21"} -``` + PLAY RECAP ********************************************************************* + qfx10002-01 : ok=3 changed=0 unreachable=0 failed=1 + qfx10002-02 : ok=3 changed=0 unreachable=0 failed=1 + qfx5100-01 : ok=1 changed=0 unreachable=0 failed=1 + + JSNAPy Results for: qfx10002-01 ************************************************ + Value of 'peer-state' not 'is-equal' at '//bgp-information/bgp-peer' with {"peer-as": "65200", "peer-state": "Active", "peer-address": "100.0.0.21"} + Value of 'peer-state' not 'is-equal' at '//bgp-information/bgp-peer' with {"peer-as": "60021", "peer-state": "Idle", "peer-address": "192.168.0.1"} + Value of 'oper-status' not 'is-equal' at '//interface-information/physical-interface[normalize-space(admin-status)='up' and logical-interface/address-family/address-family-name ]' with {"oper-status": "down", "name": "et-0/0/18"} + + JSNAPy Results for: qfx10002-02 ************************************************ + Value of 'peer-state' not 'is-equal' at '//bgp-information/bgp-peer' with {"peer-as": "65200", "peer-state": "Active", "peer-address": "100.0.0.21"} The `jsnapy` plugin is currently in **Experimental** stage, please provide feedback. Callback plugins are not activated by default. They must be manually added to the Ansible configuration file under the `[defaults]` section using the variable `callback_whitelist`. Specifically, these lines should be added to the Ansible configuration file in order to allow the jsnapy callback plugin: -``` -[defaults] -callback_whitelist = jsnapy -``` + + [defaults] + callback_whitelist = jsnapy ## DOCUMENTATION @@ -78,15 +81,47 @@ callback_whitelist = jsnapy [Ansible style documentation](http://junos-ansible-modules.readthedocs.org) - ## INSTALLATION + You must have the [DEPENDENCIES](#dependencies) installed on your system. +### NOTICES + +#### Ubuntu 14.04 + +If you're dealing with Ubuntu 14.04 and faced following error during the installation, it's because the system python which used by Ubuntu 14.04 is locked to 2.7.6 till EOL, as a result, please consider to skip galaxy certification process by appending `-c` option of ansible-galaxy. i.e. `ansible-galaxy install Juniper.junos -c` + + [WARNING]: - Juniper.junos was NOT installed successfully: Failed to get data + from the API server (https://galaxy.ansible.com/api/): Failed to validate the + SSL certificate for galaxy.ansible.com:443. Make sure your managed systems have + a valid CA certificate installed. If the website serving the url uses SNI you + need python >= 2.7.9 on your managed machine (the python executable used + (/usr/bin/python) is version: 2.7.6 (default, Nov 23 2017, 15:49:48) [GCC + 4.8.4]) or you can install the `urllib3`, `pyOpenSSL`, `ndg-httpsclient`, and + `pyasn1` python modules to perform SNI verification in python >= 2.6. You can + use validate_certs=False if you do not need to confirm the servers identity but + this is unsafe and not recommended. Paths checked for this platform: + /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share + /ca-certificates/cacert.org, /etc/ansible. The exception msg was: hostname + u'galaxy.ansible.com' doesn't match either of + '*.c1e4.galaxy.openshiftapps.com', 'c1e4.galaxy.openshiftapps.com'. + + ERROR! - you can use --ignore-errors to skip failed roles and finish processing the list. + +### MacOS Mojave and newer + +In MacOS Mojave and newer (>=10.14), ssh keys created with the system `ssh-keygen` are created using the newer 'OPENSSH' key format, even when specifying `-t rsa` during creation. This directly affects the usage of ssh keys, particularly when using the `ssh_private_key_file`. To create/convert/check keys, follow these steps: + +- Create a new RSA key: `ssh-keygen -m PEM -t rsa -b 4096` +- Check existing keys: `head -n1 ~/.ssh/some_private_key` RSA keys will be `-----BEGIN RSA PRIVATE KEY-----` and OPENSSH keys will be `-----BEGIN OPENSSH PRIVATE KEY-----` +- Convert an OPENSSH key to an RSA key: `ssh-keygen -p -m PEM -f ~/.ssh/some_key` + ### Ansible Galaxy Role + To download the latest released version of the junos role to the Ansible server, execute the ansible-galaxy install command, and specify **Juniper.junos**. -``` +```bash [root@ansible-cm]# ansible-galaxy install Juniper.junos - downloading role 'junos', owned by Juniper - downloading role from https://github.com/Juniper/ansible-junos-stdlib/archive/1.3.1.tar.gz @@ -96,52 +131,65 @@ server, execute the ansible-galaxy install command, and specify **Juniper.junos* You can also use the ansible-galaxy install command to install the latest development version of the junos role directly from GitHub. -``` + +```bash sudo ansible-galaxy install git+https://github.com/Juniper/ansible-junos-stdlib.git,,Juniper.junos ``` ### Git clone + For testing you can `git clone` this repo and run the `env-setup` script in the repo directory: -``` + +```bash user@ansible-junos-stdlib> source env-setup ``` -This will set your `$ANSIBLE_LIBRARY` variable to the repo location and the installed Ansible library path. For example: -``` -[jeremy@ansible-junos-stdlib]$ echo $ANSIBLE_LIBRARY + +This will set your `$ANSIBLE_LIBRARY` variable to the repo location and the installed Ansible library path. For example: + +```bash +$ echo $ANSIBLE_LIBRARY /home/jeremy/Ansible/ansible-junos-stdlib/library:/usr/share/ansible ``` ### Docker -To run this as a Docker container, which includes JSNAPy and PyEZ, simply pull it from the Docker hub and run it. -The following will pull the latest image and run it in an interactive ash shell. -``` -$ docker run -it --rm juniper/pyez-ansible ash -``` -Although, you'll probably want to bind mount a host directory (perhaps the directory containing your playbooks and -associated files). The following will bind mount the current working directory and start the ash shell. + +To run this as a Docker container, which includes JSNAPy and PyEZ, simply pull it from the Docker hub and run it. The following will pull the latest image and run it in an interactive ash shell. + +```bash +docker run -it --rm juniper/pyez-ansible ash ``` -$ docker run -it --rm -v $PWD:/project juniper/pyez-ansible ash + +Although, you'll probably want to bind mount a host directory (perhaps the directory containing your playbooks and associated files). The following will bind mount the current working directory and start the ash shell. + +```bash +docker run -it --rm -v $PWD:/project juniper/pyez-ansible ash ``` + You can also use the container as an executable to run your playbooks. Let's assume we have a typical playbook structure as below: -``` -example -|playbook.yml -|hosts -|-vars -|-templates -|-scripts -``` + + example + |playbook.yml + |hosts + |-vars + |-templates + |-scripts + We can move to the example directory and run the playbook with the following command: + +```bash +cd example/ +docker run -it --rm -v $PWD:/playbooks juniper/pyez-ansible ansible-playbook -i hosts playbook.yml ``` -$ docker run -it --rm -v $PWD:/project juniper/pyez-ansible ansible-playbook -i hosts playbook.yml -``` + You may have noticed that the base command is almost always the same. We can also use an alias to save some keystrokes. -``` -$ alias pb-ansible="docker run -it --rm -v $PWD:/project juniper/pyez-ansible ansible-playbook" -$ pb-ansible -i hosts playbook.yml + +```bash +alias pb-ansible="docker run -it --rm -v $PWD:/project juniper/pyez-ansible ansible-playbook" +pb-ansible -i hosts playbook.yml ``` ## Example Playbook + This example outlines how to use Ansible to install or upgrade the software image on a device running Junos OS. ```yaml @@ -176,21 +224,26 @@ This example outlines how to use Ansible to install or upgrade the software imag - name: wait_reboot wait_for: host={{ inventory_hostname }} port=830 timeout={{ wait_time }} when: not sw.check_mode -``` +``` ## DEPENDENCIES + This modules requires the following to be installed on the Ansible control machine: -* Python >= 2.7 -* [Ansible](http://www.ansible.com) 2.3 or later -* Junos [py-junos-eznc](https://github.com/Juniper/py-junos-eznc) 2.1.7 or later -* [jxmlease](https://github.com/Juniper/jxmlease) 1.0.1 or later + +- Python >= 2.7 +- [Ansible](http://www.ansible.com) 2.3 or later +- Junos [py-junos-eznc](https://github.com/Juniper/py-junos-eznc) 2.1.7 or later +- [jxmlease](https://github.com/Juniper/jxmlease) 1.0.1 or later ## LICENSE + Apache 2.0 ## SUPPORT + Support for this Juniper.junos role is provided by the community and Juniper Networks. If you have an issue with a module in the Juniper.junos role, you may: + - Open a [GitHub issue](https://github.com/Juniper/ansible-junos-stdlib/issues). - Post a question on our [Google Group](https://groups.google.com/forum/#!forum/junos-python-ez) - Email [jnpr-community-netdev@juniper.net](jnpr-community-netdev@juniper.net) @@ -200,15 +253,13 @@ Support for the Junos modules included in Ansible core is provided by Ansible. I core module you should open a [Github issue against the Ansible project](https://github.com/ansible/ansible/issues). ## CONTRIBUTORS + Juniper Networks is actively contributing to and maintaining this repo. Please contact [jnpr-community-netdev@juniper.net](jnpr-community-netdev@juniper.net) for any queries. *Contributors:* -[Nitin Kumar](https://github.com/vnitinv), [Stacy W Smith](https://github.com/stacywsmith), -[David Gethings](https://github.com/dgjnpr) - -* v2.1.0: [Raja Shekar](https://github.com/rsmekala), [Stacy W Smith](https://github.com/stacywsmith) +[Nitin Kumar](https://github.com/vnitinv), [Stacy W Smith](https://github.com/stacywsmith), [Stephen Steiner](https://github.com/ntwrkguru) *Former Contributors:* -[Jeremy Schulman](https://github.com/jeremyschulman), [Rick Sherman](https://github.com/shermdog), -[Damien Garros](https://github.com/dgarros) + +[Jeremy Schulman](https://github.com/jeremyschulman), [Rick Sherman](https://github.com/shermdog), [Damien Garros](https://github.com/dgarros), [David Gethings](https://github.com/dgjnpr) diff --git a/roles/juniper.junos/action_plugins/_junos_cli.py b/roles/juniper.junos/action_plugins/_junos_cli.py deleted file mode 120000 index 7470277..0000000 --- a/roles/juniper.junos/action_plugins/_junos_cli.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_common_action.py \ No newline at end of file diff --git a/roles/juniper.junos/action_plugins/_junos_commit.py b/roles/juniper.junos/action_plugins/_junos_commit.py deleted file mode 100755 index 347912d..0000000 --- a/roles/juniper.junos/action_plugins/_junos_commit.py +++ /dev/null @@ -1,72 +0,0 @@ -# -*- coding: utf-8 -*- - -# -# Copyright (c) 2017-2018, Juniper Networks Inc. All rights reserved. -# -# License: Apache 2.0 -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# * Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# * Neither the name of the Juniper Networks nor the -# names of its contributors may be used to endorse or promote products -# derived from this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY Juniper Networks, Inc. ''AS IS'' AND ANY -# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL Juniper Networks, Inc. BE LIABLE FOR ANY -# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# - -from __future__ import absolute_import, division, print_function - -# Standard library imports -import os.path -import sys - -# The module_utils path must be added to sys.path in order to import -# juniper_junos_common. The module_utils path is relative to the path of this -# file. -module_utils_path = os.path.normpath(os.path.dirname(__file__) + - '/../module_utils') -if module_utils_path is not None: - sys.path.insert(0, module_utils_path) - import juniper_junos_common - del sys.path[0] - - -# Use the custom behavior of JuniperJunosActionModule as the superclass of -# our ActionModule. -class ActionModule(juniper_junos_common.JuniperJunosActionModule): - """Translates junos_commit args to juniper_junos_config args. - - This class is a subclass of JuniperJunosActionModule. It exists solely - for backwards compatibility. It translates the arguments from the old - junos_commit module into the arguments on the new - juniper_junos_config module. - """ - def run(self, tmp=None, task_vars=None): - check = self._task.args.get('check') - if check is True: - # In the old module, check and commit were mutually exclusive. - # In the new module, you can potentially do both. - # If check is set on the old module, then we need to not commit. - self._task.args['commit'] = False - - # Remaining arguments can be passed through transparently. - - # Call the parent action module. - return super(ActionModule, self).run(tmp, task_vars) diff --git a/roles/juniper.junos/action_plugins/_junos_get_config.py b/roles/juniper.junos/action_plugins/_junos_get_config.py deleted file mode 100755 index f874063..0000000 --- a/roles/juniper.junos/action_plugins/_junos_get_config.py +++ /dev/null @@ -1,72 +0,0 @@ -# -*- coding: utf-8 -*- - -# -# Copyright (c) 2017-2018, Juniper Networks Inc. All rights reserved. -# -# License: Apache 2.0 -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# * Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# * Neither the name of the Juniper Networks nor the -# names of its contributors may be used to endorse or promote products -# derived from this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY Juniper Networks, Inc. ''AS IS'' AND ANY -# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL Juniper Networks, Inc. BE LIABLE FOR ANY -# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# - -from __future__ import absolute_import, division, print_function - -# Standard library imports -import os.path -import sys - -# The module_utils path must be added to sys.path in order to import -# juniper_junos_common. The module_utils path is relative to the path of this -# file. -module_utils_path = os.path.normpath(os.path.dirname(__file__) + - '/../module_utils') -if module_utils_path is not None: - sys.path.insert(0, module_utils_path) - import juniper_junos_common - del sys.path[0] - - -# Use the custom behavior of JuniperJunosActionModule as the superclass of -# our ActionModule. -class ActionModule(juniper_junos_common.JuniperJunosActionModule): - """Translates junos_get_config args to juniper_junos_config args. - - This class is a subclass of JuniperJunosActionModule. It exists solely - for backwards compatibility. It translates the arguments from the old - junos_get_config module into the arguments on the new - juniper_junos_config module. - """ - def run(self, tmp=None, task_vars=None): - # No diff, check, or commit - self._task.args['diff'] = False - self._task.args['check'] = False - self._task.args['commit'] = False - # Retrieve candidate - self._task.args['retrieve'] = 'candidate' - - # Remaining arguments can be passed through transparently. - - # Call the parent action module. - return super(ActionModule, self).run(tmp, task_vars) diff --git a/roles/juniper.junos/action_plugins/_junos_get_facts.py b/roles/juniper.junos/action_plugins/_junos_get_facts.py deleted file mode 120000 index 7470277..0000000 --- a/roles/juniper.junos/action_plugins/_junos_get_facts.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_common_action.py \ No newline at end of file diff --git a/roles/juniper.junos/action_plugins/_junos_get_table.py b/roles/juniper.junos/action_plugins/_junos_get_table.py deleted file mode 120000 index 7470277..0000000 --- a/roles/juniper.junos/action_plugins/_junos_get_table.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_common_action.py \ No newline at end of file diff --git a/roles/juniper.junos/action_plugins/_junos_install_config.py b/roles/juniper.junos/action_plugins/_junos_install_config.py deleted file mode 100755 index 55fe8ef..0000000 --- a/roles/juniper.junos/action_plugins/_junos_install_config.py +++ /dev/null @@ -1,97 +0,0 @@ -# -*- coding: utf-8 -*- - -# -# Copyright (c) 2017-2018, Juniper Networks Inc. All rights reserved. -# -# License: Apache 2.0 -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# * Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# * Neither the name of the Juniper Networks nor the -# names of its contributors may be used to endorse or promote products -# derived from this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY Juniper Networks, Inc. ''AS IS'' AND ANY -# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL Juniper Networks, Inc. BE LIABLE FOR ANY -# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# - -from __future__ import absolute_import, division, print_function - -# Standard library imports -import os.path -import sys - -# The module_utils path must be added to sys.path in order to import -# juniper_junos_common. The module_utils path is relative to the path of this -# file. -module_utils_path = os.path.normpath(os.path.dirname(__file__) + - '/../module_utils') -if module_utils_path is not None: - sys.path.insert(0, module_utils_path) - import juniper_junos_common - del sys.path[0] - - -# Use the custom behavior of JuniperJunosActionModule as the superclass of -# our ActionModule. -class ActionModule(juniper_junos_common.JuniperJunosActionModule): - """Translates junos_install_config args to juniper_junos_config args. - - This class is a subclass of JuniperJunosActionModule. It exists solely - for backwards compatibility. It translates the arguments from the old - junos_install_config module into the arguments on the new - juniper_junos_config module. - """ - def run(self, tmp=None, task_vars=None): - # Pop the action arguments - update = self._task.args.pop('update', False) - overwrite = self._task.args.pop('overwrite', False) - replace = self._task.args.pop('replace', False) - action = '' - if update is True: - action += 'update' - if overwrite is True: - action += 'overwrite' - if replace is True: - action += 'replace' - if not action: - action = 'merge' - # Set the load argument based on action - self._task.args['load'] = action - - # Always commit changes to mimic the previous behavior - self._task.args['commit_empty_changes'] = True - - # If check_commit is False, then also bypass the commit. - check = True - # Check for the 'check_commit' option which was an optional boolean - # argument for the junos_install_config module. - if 'check_commit' in self._task.args: - check = self._task.args.pop('check_commit') - if check is not None and self.convert_to_bool(check) is False: - # Translate to check_commit = False, commit = False, and - # commit_empty_changes = False - self._task.args['check_commit'] = False - self._task.args['commit'] = False - self._task.args['commit_empty_changes'] = False - - # Remaining arguments can be passed through transparently. - - # Call the parent action module. - return super(ActionModule, self).run(tmp, task_vars) diff --git a/roles/juniper.junos/action_plugins/_junos_install_os.py b/roles/juniper.junos/action_plugins/_junos_install_os.py deleted file mode 120000 index 7470277..0000000 --- a/roles/juniper.junos/action_plugins/_junos_install_os.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_common_action.py \ No newline at end of file diff --git a/roles/juniper.junos/action_plugins/_junos_jsnapy.py b/roles/juniper.junos/action_plugins/_junos_jsnapy.py deleted file mode 120000 index 7470277..0000000 --- a/roles/juniper.junos/action_plugins/_junos_jsnapy.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_common_action.py \ No newline at end of file diff --git a/roles/juniper.junos/action_plugins/_junos_ping.py b/roles/juniper.junos/action_plugins/_junos_ping.py deleted file mode 120000 index 7470277..0000000 --- a/roles/juniper.junos/action_plugins/_junos_ping.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_common_action.py \ No newline at end of file diff --git a/roles/juniper.junos/action_plugins/_junos_pmtud.py b/roles/juniper.junos/action_plugins/_junos_pmtud.py deleted file mode 120000 index 7470277..0000000 --- a/roles/juniper.junos/action_plugins/_junos_pmtud.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_common_action.py \ No newline at end of file diff --git a/roles/juniper.junos/action_plugins/_junos_rollback.py b/roles/juniper.junos/action_plugins/_junos_rollback.py deleted file mode 100755 index cd12f48..0000000 --- a/roles/juniper.junos/action_plugins/_junos_rollback.py +++ /dev/null @@ -1,73 +0,0 @@ -# -*- coding: utf-8 -*- - -# -# Copyright (c) 2017-2018, Juniper Networks Inc. All rights reserved. -# -# License: Apache 2.0 -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# * Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# * Neither the name of the Juniper Networks nor the -# names of its contributors may be used to endorse or promote products -# derived from this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY Juniper Networks, Inc. ''AS IS'' AND ANY -# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL Juniper Networks, Inc. BE LIABLE FOR ANY -# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# - -from __future__ import absolute_import, division, print_function - -# Standard library imports -import os.path -import sys - -# The module_utils path must be added to sys.path in order to import -# juniper_junos_common. The module_utils path is relative to the path of this -# file. -module_utils_path = os.path.normpath(os.path.dirname(__file__) + - '/../module_utils') -if module_utils_path is not None: - sys.path.insert(0, module_utils_path) - import juniper_junos_common - del sys.path[0] - - -# Use the custom behavior of JuniperJunosActionModule as the superclass of -# our ActionModule. -class ActionModule(juniper_junos_common.JuniperJunosActionModule): - """Translates junos_rollback args to juniper_junos_config args. - - This class is a subclass of JuniperJunosActionModule. It exists solely - for backwards compatibility. It translates the arguments from the old - junos_rollback module into the arguments on the new - juniper_junos_config module. - """ - def run(self, tmp=None, task_vars=None): - rollback = self._task.args.get('rollback') - if rollback is None: - # rollback is mandatory when called as junos_rollback. - # Mimic this behavior be setting rollback to 'value not specified'. - self._task.args['rollback'] = 'value not specified' - # Always commit changes to mimic the previous behavior - self._task.args['commit_empty_changes'] = True - - # Remaining arguments can be passed through transparently. - - # Call the parent action module. - return super(ActionModule, self).run(tmp, task_vars) diff --git a/roles/juniper.junos/action_plugins/_junos_rpc.py b/roles/juniper.junos/action_plugins/_junos_rpc.py deleted file mode 120000 index 7470277..0000000 --- a/roles/juniper.junos/action_plugins/_junos_rpc.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_common_action.py \ No newline at end of file diff --git a/roles/juniper.junos/action_plugins/_junos_shutdown.py b/roles/juniper.junos/action_plugins/_junos_shutdown.py deleted file mode 100755 index 3610639..0000000 --- a/roles/juniper.junos/action_plugins/_junos_shutdown.py +++ /dev/null @@ -1,93 +0,0 @@ -# -*- coding: utf-8 -*- - -# -# Copyright (c) 2017-2018, Juniper Networks Inc. All rights reserved. -# -# License: Apache 2.0 -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# * Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# * Neither the name of the Juniper Networks nor the -# names of its contributors may be used to endorse or promote products -# derived from this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY Juniper Networks, Inc. ''AS IS'' AND ANY -# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL Juniper Networks, Inc. BE LIABLE FOR ANY -# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# - -from __future__ import absolute_import, division, print_function - -# Standard library imports -import os.path -import sys - -# The module_utils path must be added to sys.path in order to import -# juniper_junos_common. The module_utils path is relative to the path of this -# file. -module_utils_path = os.path.normpath(os.path.dirname(__file__) + - '/../module_utils') -if module_utils_path is not None: - sys.path.insert(0, module_utils_path) - import juniper_junos_common - del sys.path[0] - - -# Use the custom behavior of JuniperJunosActionModule as the superclass of -# our ActionModule. -class ActionModule(juniper_junos_common.JuniperJunosActionModule): - """Translates junos_shutdown args to juniper_junos_system args. - - This class is a subclass of JuniperJunosActionModule. It exists solely - for backwards compatibility. It translates the arguments from the old - junos_shutdown module into the arguments on the new juniper_junos_system - module. - """ - def run(self, tmp=None, task_vars=None): - # Check for the 'shutdown' option which was mandatory for - # the junos_shutdown module. - if 'shutdown' in self._task.args: - shutdown = self._task.args.pop('shutdown') - # 'shutdown' was the only valid value for the 'shutdown' option. - if shutdown == 'shutdown': - reboot = False - # Check for the 'reboot' option which was an optional boolean - # argument for the junos_shutdown module. - if 'reboot' in self._task.args: - reboot = self._task.args.pop('reboot') - if reboot is not None and self.convert_to_bool(reboot) is True: - # Translate to action="reboot" - self._task.args['action'] = 'reboot' - elif reboot is None or self.convert_to_bool(reboot) is False: - # Translate to action="shutdown" - self._task.args['action'] = 'shutdown' - else: - # This isn't a valid value for action/reboot - # We'll pass it through and the module will complain - # appropriately. - self._task.args['action'] = reboot - else: - # This isn't a valid value for action/shutdown - # We'll pass it through and the module will complain - # appropriately. - self._task.args['action'] = shutdown - - # Remaining arguments can be passed through transparently. - - # Call the parent action module. - return super(ActionModule, self).run(tmp, task_vars) diff --git a/roles/juniper.junos/action_plugins/_junos_srx_cluster.py b/roles/juniper.junos/action_plugins/_junos_srx_cluster.py deleted file mode 120000 index 7470277..0000000 --- a/roles/juniper.junos/action_plugins/_junos_srx_cluster.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_common_action.py \ No newline at end of file diff --git a/roles/juniper.junos/action_plugins/_junos_zeroize.py b/roles/juniper.junos/action_plugins/_junos_zeroize.py deleted file mode 100755 index bfcfcea..0000000 --- a/roles/juniper.junos/action_plugins/_junos_zeroize.py +++ /dev/null @@ -1,75 +0,0 @@ -# -*- coding: utf-8 -*- - -# -# Copyright (c) 2017-2018, Juniper Networks Inc. All rights reserved. -# -# License: Apache 2.0 -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# * Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# * Neither the name of the Juniper Networks nor the -# names of its contributors may be used to endorse or promote products -# derived from this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY Juniper Networks, Inc. ''AS IS'' AND ANY -# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -# DISCLAIMED. IN NO EVENT SHALL Juniper Networks, Inc. BE LIABLE FOR ANY -# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# - -from __future__ import absolute_import, division, print_function - -# Standard library imports -import os.path -import sys - -# The module_utils path must be added to sys.path in order to import -# juniper_junos_common. The module_utils path is relative to the path of this -# file. -module_utils_path = os.path.normpath(os.path.dirname(__file__) + - '/../module_utils') -if module_utils_path is not None: - sys.path.insert(0, module_utils_path) - import juniper_junos_common - del sys.path[0] - - -# Use the custom behavior of JuniperJunosActionModule as the superclass of -# our ActionModule. -class ActionModule(juniper_junos_common.JuniperJunosActionModule): - """Translates junos_zeroize args to juniper_junos_system args. - - This class is a subclass of JuniperJunosActionModule. It exists solely - for backwards compatibility. It translates the arguments from the old - junos_zeroize module into the arguments on the new juniper_junos_system - module. - """ - def run(self, tmp=None, task_vars=None): - # Check for the 'zeroize' option which was mandatory for - # the junos_zeroize module. - if 'zeroize' in self._task.args: - # Delete the zeroize option. - zeroize = self._task.args.pop('zeroize') - # Add the action option with the value from the zeroize option. - # This should normally be the value 'zeroize'. If it's not, then - # the juniper_junos_system module will throw an appropriate error. - self._task.args['action'] = zeroize - - # Remaining arguments can be passed through transparently. - - # Call the parent action module. - return super(ActionModule, self).run(tmp, task_vars) diff --git a/roles/juniper.junos/action_plugins/juniper_junos_common_action.py b/roles/juniper.junos/action_plugins/juniper_junos_common_action.py index 37e2fbd..a6b8336 100755 --- a/roles/juniper.junos/action_plugins/juniper_junos_common_action.py +++ b/roles/juniper.junos/action_plugins/juniper_junos_common_action.py @@ -32,22 +32,85 @@ # from __future__ import absolute_import, division, print_function +from ansible.plugins.action.normal import ActionModule as ActionNormal +import os -# Standard library imports -import os.path -import sys -# The module_utils path must be added to sys.path in order to import -# juniper_junos_common. The module_utils path is relative to the path of this -# file. -module_utils_path = os.path.normpath(os.path.dirname(__file__) + - '/../module_utils') -if module_utils_path is not None: - sys.path.insert(0, module_utils_path) - import juniper_junos_common - del sys.path[0] +connection_spec_fallbacks = { + 'host': ['ansible_host', 'inventory_hostname'], + 'user': ['ansible_connection_user', 'ansible_ssh_user', 'ansible_user'], + 'passwd': ['ansible_ssh_pass', 'ansible_pass'], + 'port': ['ansible_ssh_port', 'ansible_port'], + 'ssh_private_key_file': ['ansible_ssh_private_key_file', + 'ansible_private_key_file'] +} -# Use the custom behavior of JuniperJunosActionModule as our ActionModule. +# Moved the defintion from module_utils/juniper_junos_common.py to action_plugins/juniper_junos_common_action.py +# Use the custom behavior defined below as our ActionModule. # The Ansible core engine will call ActionModule.run() -from juniper_junos_common import JuniperJunosActionModule as ActionModule +class ActionModule(ActionNormal): + """A subclass of ansible.plugins.action.network.ActionModule used by all juniper_junos_* modules. + + All juniper_junos_* modules share common behavior which is implemented in + this class. This includes specific option fallback/default behavior and + passing the "hidden" _module_utils_path option to the module. + + """ + def run(self, tmp=None, task_vars=None): + # The new connection arguments based on fallback/defaults. + new_connection_args = dict() + + # Get the current connection args from either provider or the top-level + if 'provider' in self._task.args: + connection_args = self._task.args['provider'] + else: + connection_args = self._task.args + + # The environment variables used by Ansible Tower + if 'user' not in connection_args: + net_user = os.getenv('ANSIBLE_NET_USERNAME') + if net_user is not None: + new_connection_args['user'] = net_user + connection_args['user'] = net_user + if 'passwd' not in connection_args: + net_passwd = os.getenv('ANSIBLE_NET_PASSWORD') + if net_passwd is not None: + new_connection_args['passwd'] = net_passwd + connection_args['passwd'] = net_passwd + if 'ssh_private_key_file' not in connection_args: + net_key = os.getenv('ANSIBLE_NET_SSH_KEYFILE') + if net_key is not None: + new_connection_args['ssh_private_key_file'] = net_key + connection_args['ssh_private_key_file'] = net_key + + # The values set by Ansible command line arguments, configuration + # settings, or environment variables. + for key in connection_spec_fallbacks: + if key not in connection_args: + for task_var_key in connection_spec_fallbacks[key]: + if task_var_key in task_vars: + new_connection_args[key] = task_vars[task_var_key] + break + + # Backwards compatible behavior to fallback to USER env. variable. + if 'user' not in connection_args and 'user' not in new_connection_args: + user = os.getenv('USER') + if user is not None: + new_connection_args['user'] = user + + # Copy the new connection arguments back into either top-level or + # the provider dictionary. + if 'provider' in self._task.args: + self._task.args['provider'].update(new_connection_args) + else: + self._task.args.update(new_connection_args) + + # Pass the hidden _module_utils_path option + module_utils_path = os.path.normpath(os.path.dirname(__file__)) + self._task.args['_module_utils_path'] = module_utils_path + # Pass the hidden _module_name option + self._task.args['_module_name'] = self._task.action + + # Call the parent action module. + return super(ActionModule, self).run(tmp, task_vars) diff --git a/roles/juniper.junos/ansible-junos-awx/Makefile b/roles/juniper.junos/ansible-junos-awx/Makefile new file mode 100644 index 0000000..203297a --- /dev/null +++ b/roles/juniper.junos/ansible-junos-awx/Makefile @@ -0,0 +1,85 @@ +PWD = $(shell pwd) +UNAME_S := $(shell uname -s) + +ifeq ($(UNAME_S),Darwin) + SED := sed -i '' +else + SED := sed -i +endif + +include Makefile.variable + +all:prequisite virtual-env ansible-awx docker-start docker-exec ## install ansible-junos-awx + + +.PHONY: prequisite +prequisite: + pip install virtualenv + rm -rf ./awx ./awx-env + +.PHONY: virtual-env +virtual-env: + virtualenv awx-env --no-site-packages + . awx-env/bin/activate && \ + pip install ansible docker-py + +.PHONY: ansible-awx +ansible-awx: + . awx-env/bin/activate && \ + git clone https://github.com/ansible/awx.git --single-branch --depth 1 + +.PHONY: docker-start +docker-start: +ifneq '$(PROJECT_DATA_DIR)' '' + mkdir -p $(PROJECT_DATA_DIR) + @${SED} '/project_data_dir/s/^#//g' $(PWD)/awx/installer/inventory + @${SED} 's|project_data_dir=.*|project_data_dir=$(PROJECT_DATA_DIR)|g' $(PWD)/awx/installer/inventory +endif +ifneq '$(AWX_TASK_TAG)' '' + @${SED} 's/dockerhub_version=.*/dockerhub_version=$(AWX_TASK_TAG)/g' $(PWD)/awx/installer/inventory +endif +ifneq '$(POSTGRES_DATA_DIR)' '' + @${SED} 's|postgres_data_dir=.*|postgres_data_dir=$(POSTGRES_DATA_DIR)|g' $(PWD)/awx/installer/inventory + @mkdir -p ${POSTGRES_DATA_DIR}/pg_snapshots && touch ${POSTGRES_DATA_DIR}/pg_snapshots/.keep + @mkdir -p ${POSTGRES_DATA_DIR}/pg_replslot && touch ${POSTGRES_DATA_DIR}/pg_replslot/.keep + @mkdir -p ${POSTGRES_DATA_DIR}/pg_stat_tmp && touch ${POSTGRES_DATA_DIR}/pg_stat_tmp/.keep + @mkdir -p ${POSTGRES_DATA_DIR}/pg_stat && touch ${POSTGRES_DATA_DIR}/pg_stat/.keep + @mkdir -p ${POSTGRES_DATA_DIR}/pg_twophase && touch ${POSTGRES_DATA_DIR}/pg_twophase/.keep + @mkdir -p ${POSTGRES_DATA_DIR}/pg_tblspc && touch ${POSTGRES_DATA_DIR}/pg_tblspc/.keep +endif +ifneq '$(HOST_FILE)' '' + cp $(HOST_FILE) $(strip $(PROJECT_DATA_DIR))/hosts +endif + + . awx-env/bin/activate && \ + ansible-playbook -i $(PWD)/awx/installer/inventory $(PWD)/awx/installer/install.yml + sleep 120 + +.PHONY: docker-exec +docker-exec: + docker exec -it awx_task pip install jsnapy jxmlease junos-eznc + docker exec -it awx_task ansible-galaxy install Juniper.junos,$(ANSIBLE_JUNOS_VERSION) -p /etc/ansible/roles + docker exec -it awx_task /bin/bash -c 'sed -i '/roles_path/s/^#//g' /etc/ansible/ansible.cfg' +ifneq '$(HOST_FILE)' '' + curl -u admin:password --noproxy '*' http://localhost/api/v2/inventories/ --header "Content-Type: application/json" -x POST -d '{"name":"$(INVENTORY_NAME)" , "organization": 1}' + docker exec -it awx_task /bin/bash -c 'awx-manage inventory_import --source=/var/lib/awx/projects/hosts --inventory-name=$(INVENTORY_NAME) --overwrite' +endif + +.PHONY: docker-stop +docker-stop: ## stop the docker + docker stop awx_task + docker stop awx_web + docker stop memcached + docker stop rabbitmq + docker stop postgres + +.PHONY: docker-remove +docker-remove: docker-stop ##clean the docker + docker rm awx_task + docker rm awx_web + docker rm memcached + docker rm rabbitmq + docker rm postgres + +clean: prequisite ## clean the project + docker system prune -f diff --git a/roles/juniper.junos/ansible-junos-awx/Makefile.variable b/roles/juniper.junos/ansible-junos-awx/Makefile.variable new file mode 100644 index 0000000..90ab278 --- /dev/null +++ b/roles/juniper.junos/ansible-junos-awx/Makefile.variable @@ -0,0 +1,6 @@ +PROJECT_DATA_DIR = +AWX_TASK_TAG = +POSTGRES_DATA_DIR = +ANSIBLE_JUNOS_VERSION = +HOST_FILE = +INVENTORY_NAME = diff --git a/roles/juniper.junos/ansible-junos-awx/README.md b/roles/juniper.junos/ansible-junos-awx/README.md new file mode 100644 index 0000000..e1f08d9 --- /dev/null +++ b/roles/juniper.junos/ansible-junos-awx/README.md @@ -0,0 +1,612 @@ +## About + + Ansible-junos-awx provides a web-based user interface and task engine built on top of [Ansible](https://github.com/ansible/ansible.git) which helps to perform specific +operational and configuration tasks on devices running Junos OS using [ansible-junos-stdlib](https://github.com/Juniper/ansible-junos-stdlib.git). + +## Requirements + Before you can run a deployment, you'll need the following installed in your local environment: + +- [Docker](https://www.docker.com) +- pip module +- [GNU Make](https://ftp.gnu.org/gnu/make/) +- [Git](https://git-scm.com/downloads) Requires Version 1.8.4+ + +## Installation + +Clone repo and run make inside Juniper-awx folder + +``` +$ git clone https://github.com/Juniper/ansible-junos-awx +$ cd ansible-junos-awx +$ make or make all +``` +This will do the following operations: +- Creates virtual environment Juniper-awx. +- Install python modules required for the project in the virtualenv: Ansible,docker-py. +- Clone AWX repository into the Juniper-awx/awx folder +- Change AWX inventory file to include user specifications.Refer [Makefile.variable](#makefilevariable). +- Launch AWX conatiners. +- Install Juniper.junos role with user specified version.Refer [Makefile.variable](#makefilevariable). +- Install python modules required for Juniper.junos role in awx_task container: jxmlease,junos-eznc,jsnappy. +- Change roles_path in ansible.cfg for awx_task container. +- If HOST_FILE is mentioned, an inventory with name INVENTORY_NAME is created and host's loaded into it.Refer [Makefile.variable](#makefilevariable). + +# Example make + +``` + +$ make +pip install virtualenv +Requirement already satisfied: virtualenv in /Library/Python/2.7/site-packages +rm -rf ./awx ./awx-env /private/tmp/pgdocker +virtualenv awx-env --no-site-packages +New python executable in /private/tmp/ansible-junos-awx/awx-env/bin/python +Installing setuptools, pip, wheel...done. +. awx-env/bin/activate && \ + pip install ansible docker-py +Collecting ansible +Collecting docker-py + Using cached docker_py-1.10.6-py2.py3-none-any.whl +Collecting jinja2 (from ansible) + Using cached Jinja2-2.10-py2.py3-none-any.whl +Collecting PyYAML (from ansible) +Collecting cryptography (from ansible) + Using cached cryptography-2.1.4-cp27-cp27m-macosx_10_6_intel.whl +Collecting paramiko (from ansible) + Using cached paramiko-2.4.0-py2.py3-none-any.whl +Requirement already satisfied: setuptools in ./awx-env/lib/python2.7/site-packages (from ansible) +Collecting websocket-client>=0.32.0 (from docker-py) + Using cached websocket_client-0.47.0-py2.py3-none-any.whl +Collecting backports.ssl-match-hostname>=3.5; python_version < "3.5" (from docker-py) +Collecting ipaddress>=1.0.16; python_version < "3.3" (from docker-py) +Collecting six>=1.4.0 (from docker-py) + Using cached six-1.11.0-py2.py3-none-any.whl +Collecting requests!=2.11.0,>=2.5.2 (from docker-py) + Using cached requests-2.18.4-py2.py3-none-any.whl +Collecting docker-pycreds>=0.2.1 (from docker-py) + Using cached docker_pycreds-0.2.2-py2.py3-none-any.whl +Collecting MarkupSafe>=0.23 (from jinja2->ansible) +Collecting cffi>=1.7; platform_python_implementation != "PyPy" (from cryptography->ansible) + Using cached cffi-1.11.5-cp27-cp27m-macosx_10_6_intel.whl +Collecting enum34; python_version < "3" (from cryptography->ansible) + Using cached enum34-1.1.6-py2-none-any.whl +Collecting idna>=2.1 (from cryptography->ansible) + Using cached idna-2.6-py2.py3-none-any.whl +Collecting asn1crypto>=0.21.0 (from cryptography->ansible) + Using cached asn1crypto-0.24.0-py2.py3-none-any.whl +Collecting pynacl>=1.0.1 (from paramiko->ansible) + Using cached PyNaCl-1.2.1-cp27-cp27m-macosx_10_6_intel.whl +Collecting bcrypt>=3.1.3 (from paramiko->ansible) + Using cached bcrypt-3.1.4-cp27-cp27m-macosx_10_6_intel.whl +Collecting pyasn1>=0.1.7 (from paramiko->ansible) + Using cached pyasn1-0.4.2-py2.py3-none-any.whl +Collecting urllib3<1.23,>=1.21.1 (from requests!=2.11.0,>=2.5.2->docker-py) + Using cached urllib3-1.22-py2.py3-none-any.whl +Collecting certifi>=2017.4.17 (from requests!=2.11.0,>=2.5.2->docker-py) + Using cached certifi-2018.1.18-py2.py3-none-any.whl +Collecting chardet<3.1.0,>=3.0.2 (from requests!=2.11.0,>=2.5.2->docker-py) + Using cached chardet-3.0.4-py2.py3-none-any.whl +Collecting pycparser (from cffi>=1.7; platform_python_implementation != "PyPy"->cryptography->ansible) +Installing collected packages: MarkupSafe, jinja2, PyYAML, pycparser, cffi, enum34, idna, asn1crypto, ipaddress, six, cryptography, pynacl, bcrypt, pyasn1, paramiko, ansible, websocket-client, backports.ssl-match-hostname, urllib3, certifi, chardet, requests, docker-pycreds, docker-py +Successfully installed MarkupSafe-1.0 PyYAML-3.12 ansible-2.4.3.0 asn1crypto-0.24.0 backports.ssl-match-hostname-3.5.0.1 bcrypt-3.1.4 certifi-2018.1.18 cffi-1.11.5 chardet-3.0.4 cryptography-2.1.4 docker-py-1.10.6 docker-pycreds-0.2.2 enum34-1.1.6 idna-2.6 ipaddress-1.0.19 jinja2-2.10 paramiko-2.4.0 pyasn1-0.4.2 pycparser-2.18 pynacl-1.2.1 requests-2.18.4 six-1.11.0 urllib3-1.22 websocket-client-0.47.0 +. awx-env/bin/activate && \ + git clone https://github.com/ansible/awx.git --single-branch --depth 1 +Cloning into 'awx'... +remote: Counting objects: 2596, done. +remote: Compressing objects: 100% (2295/2295), done. +remote: Total 2596 (delta 603), reused 1034 (delta 237), pack-reused 0 +Receiving objects: 100% (2596/2596), 7.48 MiB | 482.00 KiB/s, done. +Resolving deltas: 100% (603/603), done. +Checking out files: 100% (2317/2317), done. +mkdir -p /private/tmp/pgdocker +. awx-env/bin/activate && \ + ansible-playbook -i /private/tmp/ansible-junos-awx/awx/installer/inventory /private/tmp/ansible-junos-awx/awx/installer/install.yml +[DEPRECATION WARNING]: DEFAULT_SUDO_USER option, In favor of become which is a generic framework . This feature will be removed in version 2.8. Deprecation +warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. + +PLAY [Build and deploy AWX] ************************************************************************************************************************************ + +TASK [check_vars : include_tasks] ****************************************************************************************************************************** +skipping: [localhost] + +TASK [check_vars : include_tasks] ****************************************************************************************************************************** +included: /private/tmp/ansible-junos-awx/awx/installer/check_vars/tasks/check_docker.yml for localhost + +TASK [check_vars : postgres_data_dir should be defined] ******************************************************************************************************** +ok: [localhost] => { + "changed": false, + "msg": "All assertions passed" +} + +TASK [check_vars : host_port should be defined] **************************************************************************************************************** +ok: [localhost] => { + "changed": false, + "msg": "All assertions passed" +} + +TASK [image_build : Get Version from checkout if not provided] ************************************************************************************************* +skipping: [localhost] + +TASK [image_build : Set global version if not provided] ******************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Verify awx-logos directory exists for official install] ************************************************************************************ +skipping: [localhost] + +TASK [image_build : Copy logos for inclusion in sdist] ********************************************************************************************************* +skipping: [localhost] + +TASK [image_build : Set sdist file name] *********************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : AWX Distribution] ************************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Stat distribution file] ******************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Clean distribution] ************************************************************************************************************************ +skipping: [localhost] + +TASK [image_build : Build sdist builder image] ***************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Build AWX distribution using container] **************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Build AWX distribution locally] ************************************************************************************************************ +skipping: [localhost] + +TASK [image_build : Set docker build base path] **************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Set awx_web image name] ******************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Set awx_task image name] ******************************************************************************************************************* +skipping: [localhost] + +TASK [image_build : Ensure directory exists] ******************************************************************************************************************* +skipping: [localhost] + +TASK [image_build : Stage sdist] ******************************************************************************************************************************* +skipping: [localhost] + +TASK [image_build : Template web Dockerfile] ******************************************************************************************************************* +skipping: [localhost] + +TASK [image_build : Template task Dockerfile] ****************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Stage launch_awx] ************************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Stage launch_awx_task] ********************************************************************************************************************* +skipping: [localhost] + +TASK [image_build : Stage nginx.conf] ************************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Stage supervisor.conf] ********************************************************************************************************************* +skipping: [localhost] + +TASK [image_build : Stage supervisor_task.conf] **************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Stage settings.py] ************************************************************************************************************************* +skipping: [localhost] + +TASK [image_build : Stage requirements] ************************************************************************************************************************ +skipping: [localhost] + +TASK [image_build : Stage config watcher] ********************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Stage Makefile] **************************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Stage ansible repo] ************************************************************************************************************************ +skipping: [localhost] + +TASK [image_build : Stage ansible repo key] ******************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Build base web image] ********************************************************************************************************************** +skipping: [localhost] + +TASK [image_build : Build base task image] ********************************************************************************************************************* +skipping: [localhost] + +TASK [image_build : Clean docker base directory] *************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Authenticate with OpenShift via user and password] ******************************************************************************************* +skipping: [localhost] + +TASK [openshift : Authenticate with OpenShift via token] ******************************************************************************************************* +skipping: [localhost] + +TASK [openshift : Get Project Detail] ************************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Get Postgres Service Detail] ***************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Create AWX Openshift Project] **************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Mark Openshift User as Admin] **************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Set docker registry password] **************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Set docker registry password] **************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Authenticate with Docker registry] *********************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Wait for Openshift] ************************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Tag and push web image to registry] ********************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Wait for the registry to settle] ************************************************************************************************************* +skipping: [localhost] + +TASK [openshift : Tag and push task image to registry] ********************************************************************************************************* +skipping: [localhost] + +TASK [openshift : Enable image stream lookups for awx images] ************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Set full web image path] ********************************************************************************************************************* +skipping: [localhost] + +TASK [openshift : Set full task image path] ******************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Set DockerHub Image Paths] ******************************************************************************************************************* +skipping: [localhost] + +TASK [openshift : Deploy and Activate Postgres] **************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Wait for Postgres to activate] *************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Set openshift base path] ********************************************************************************************************************* +skipping: [localhost] + +TASK [openshift : Ensure directory exists] ********************************************************************************************************************* +skipping: [localhost] + +TASK [openshift : Template Openshift AWX Config] *************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Template Openshift AWX Deployment] *********************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Template Openshift AWX etcd2] **************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Apply etcd deployment] *********************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Apply Configmap] ***************************************************************************************************************************** +skipping: [localhost] + +TASK [openshift : Apply Deployment] **************************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Set the Kubernetes Context] ***************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Get Namespace Detail] *********************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Get Postgres Service Detail] **************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Create AWX Kubernetes Project] ************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Authenticate with Docker registry] ********************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Wait for Openshift] ************************************************************************************************************************* +skipping: [localhost] + +TASK [kubernetes : Tag and push web image to registry] ********************************************************************************************************* +skipping: [localhost] + +TASK [kubernetes : Wait for the registry to settle] ************************************************************************************************************ +skipping: [localhost] + +TASK [kubernetes : Tag and push task image to registry] ******************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Set full web image path] ******************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Set full task image path] ******************************************************************************************************************* +skipping: [localhost] + +TASK [kubernetes : Set DockerHub Image Paths] ****************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Deploy and Activate Postgres] *************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Set postgresql hostname to helm package service] ******************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Wait for Postgres to activate] ************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Set kubernetes base path] ******************************************************************************************************************* +skipping: [localhost] + +TASK [kubernetes : Ensure directory exists] ******************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Template Kubernetes AWX etcd2] ************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Template Kubernetes AWX Config] ************************************************************************************************************* +skipping: [localhost] + +TASK [kubernetes : Template Kubernetes AWX Deployment] ********************************************************************************************************* +skipping: [localhost] + +TASK [kubernetes : Apply etcd deployment] ********************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Apply Configmap] **************************************************************************************************************************** +skipping: [localhost] + +TASK [kubernetes : Apply Deployment] *************************************************************************************************************************** +skipping: [localhost] + +TASK [local_docker : Export Docker web image if it isnt local and there isnt a registry defined] *************************************************************** +skipping: [localhost] + +TASK [local_docker : Export Docker task image if it isnt local and there isnt a registry defined] ************************************************************** +skipping: [localhost] + +TASK [local_docker : Authenticate with Docker registry if registry password given] ***************************************************************************** +skipping: [localhost] + +TASK [local_docker : Set docker base path] ********************************************************************************************************************* +skipping: [localhost] + +TASK [local_docker : Ensure directory exists] ****************************************************************************************************************** +skipping: [localhost] + +TASK [local_docker : Copy web image to docker execution] ******************************************************************************************************* +skipping: [localhost] + +TASK [local_docker : Copy task image to docker execution] ****************************************************************************************************** +skipping: [localhost] + +TASK [local_docker : Load web image] *************************************************************************************************************************** +skipping: [localhost] + +TASK [local_docker : Load task image] ************************************************************************************************************************** +skipping: [localhost] + +TASK [local_docker : include_role] ***************************************************************************************************************************** +skipping: [localhost] + +TASK [local_docker : Set full image path for local install] **************************************************************************************************** +skipping: [localhost] + +TASK [local_docker : Set DockerHub Image Paths] **************************************************************************************************************** +ok: [localhost] + +TASK [local_docker : Activate postgres container] ************************************************************************************************************** +changed: [localhost] + +TASK [local_docker : Activate rabbitmq container] ************************************************************************************************************** +changed: [localhost] + +TASK [local_docker : Activate memcached container] ************************************************************************************************************* +changed: [localhost] + +TASK [local_docker : Wait for postgres and rabbitmq to activate] *********************************************************************************************** +Pausing for 15 seconds +(ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort) +ok: [localhost] + +TASK [local_docker : Set properties without postgres for awx_web] ********************************************************************************************** +skipping: [localhost] + +TASK [local_docker : Set properties with postgres for awx_web] ************************************************************************************************* +ok: [localhost] + +TASK [local_docker : Set properties without postgres for awx_task] ********************************************************************************************* +skipping: [localhost] + +TASK [local_docker : Set properties with postgres for awx_task] ************************************************************************************************ +ok: [localhost] + +TASK [local_docker : Activate AWX Web Container] *************************************************************************************************************** +changed: [localhost] + +TASK [local_docker : Activate AWX Task Container] ************************************************************************************************************** +changed: [localhost] + +TASK [local_docker : Create /var/lib/awx directory] ************************************************************************************************************ +skipping: [localhost] + +TASK [local_docker : Create docker-compose.yml file] *********************************************************************************************************** +skipping: [localhost] + +TASK [local_docker : Start the containers] ********************************************************************************************************************* +skipping: [localhost] + +PLAY RECAP ***************************************************************************************************************************************************** +localhost : ok=12 changed=5 unreachable=0 failed=0 + +sleep 120 +docker exec -it awx_task pip install jsnapy jxmlease junos-eznc +Collecting jsnapy + Downloading jsnapy-1.3.1.tar.gz (50kB) + 100% |################################| 51kB 399kB/s +Collecting jxmlease + Downloading jxmlease-1.0.1-py2.py3-none-any.whl +Collecting junos-eznc + Downloading junos_eznc-2.1.7-py2.py3-none-any.whl (150kB) + 100% |################################| 153kB 1.6MB/s +Collecting colorama (from jsnapy) + Downloading colorama-0.3.9-py2.py3-none-any.whl +Collecting configparser (from jsnapy) + Downloading configparser-3.5.0.tar.gz +Collecting pyparsing (from jsnapy) + Downloading pyparsing-2.2.0-py2.py3-none-any.whl (56kB) + 100% |################################| 61kB 5.5MB/s +Collecting icdiff (from jsnapy) + Downloading icdiff-1.9.1.tar.gz +Collecting future (from jsnapy) + Downloading future-0.16.0.tar.gz (824kB) + 100% |################################| 829kB 937kB/s +Collecting ncclient>=0.5.3 (from junos-eznc) + Downloading ncclient-0.5.3.tar.gz (63kB) + 100% |################################| 71kB 6.5MB/s +Requirement already satisfied (use --upgrade to upgrade): paramiko>=1.15.2 in /usr/lib/python2.7/site-packages (from junos-eznc) +Requirement already satisfied (use --upgrade to upgrade): six in /usr/lib/python2.7/site-packages (from junos-eznc) +Collecting scp>=0.7.0 (from junos-eznc) + Downloading scp-0.10.2-py2.py3-none-any.whl +Requirement already satisfied (use --upgrade to upgrade): jinja2>=2.7.1 in /usr/lib/python2.7/site-packages (from junos-eznc) +Collecting lxml>=3.2.4 (from junos-eznc) + Downloading lxml-4.1.1-cp27-cp27mu-manylinux1_x86_64.whl (5.6MB) + 100% |################################| 5.6MB 229kB/s +Collecting pyserial (from junos-eznc) + Downloading pyserial-3.4-py2.py3-none-any.whl (193kB) + 100% |################################| 194kB 4.3MB/s +Requirement already satisfied (use --upgrade to upgrade): PyYAML>=3.10 in /usr/lib64/python2.7/site-packages (from junos-eznc) +Collecting netaddr (from junos-eznc) + Downloading netaddr-0.7.19-py2.py3-none-any.whl (1.6MB) + 100% |################################| 1.6MB 815kB/s +Requirement already satisfied (use --upgrade to upgrade): setuptools>0.6 in /usr/lib/python2.7/site-packages (from ncclient>=0.5.3->junos-eznc) +Requirement already satisfied (use --upgrade to upgrade): cryptography>=1.1 in /usr/lib64/python2.7/site-packages (from paramiko>=1.15.2->junos-eznc) +Requirement already satisfied (use --upgrade to upgrade): pyasn1>=0.1.7 in /usr/lib/python2.7/site-packages (from paramiko>=1.15.2->junos-eznc) +Requirement already satisfied (use --upgrade to upgrade): MarkupSafe in /usr/lib64/python2.7/site-packages (from jinja2>=2.7.1->junos-eznc) +Requirement already satisfied (use --upgrade to upgrade): idna>=2.0 in /usr/lib/python2.7/site-packages (from cryptography>=1.1->paramiko>=1.15.2->junos-eznc) +Requirement already satisfied (use --upgrade to upgrade): enum34 in /usr/lib/python2.7/site-packages (from cryptography>=1.1->paramiko>=1.15.2->junos-eznc) +Requirement already satisfied (use --upgrade to upgrade): ipaddress in /usr/lib/python2.7/site-packages (from cryptography>=1.1->paramiko>=1.15.2->junos-eznc) +Requirement already satisfied (use --upgrade to upgrade): cffi>=1.4.1 in /usr/lib64/python2.7/site-packages (from cryptography>=1.1->paramiko>=1.15.2->junos-eznc) +Requirement already satisfied (use --upgrade to upgrade): pycparser in /usr/lib/python2.7/site-packages (from cffi>=1.4.1->cryptography>=1.1->paramiko>=1.15.2->junos-eznc) +Installing collected packages: lxml, ncclient, scp, pyserial, netaddr, junos-eznc, colorama, configparser, pyparsing, icdiff, future, jsnapy, jxmlease + Running setup.py install for ncclient ... done + Running setup.py install for configparser ... done + Running setup.py install for icdiff ... done + Running setup.py install for future ... done + Running setup.py install for jsnapy ... done +Successfully installed colorama-0.3.9 configparser-3.5.0 future-0.16.0 icdiff-1.9.1 jsnapy-1.3.1 junos-eznc-2.1.7 jxmlease-1.0.1 lxml-4.1.1 ncclient-0.5.3 netaddr-0.7.19 pyparsing-2.2.0 pyserial-3.4 scp-0.10.2 +You are using pip version 8.1.2, however version 9.0.1 is available. +You should consider upgrading via the 'pip install --upgrade pip' command. +docker exec -it awx_task ansible-galaxy install Juniper.junos, -p /etc/ansible/roles +- downloading role 'junos', owned by Juniper +- downloading role from https://github.com/Juniper/ansible-junos-stdlib/archive/2.0.2.tar.gz +- extracting Juniper.junos to /etc/ansible/roles/Juniper.junos +- Juniper.junos (2.0.2) was installed successfully +docker exec -it awx_task /bin/bash -c 'sed -i '/roles_path/s/^#//g' /etc/ansible/ansible.cfg' + + +``` + +After it has finished executing, check whether all containers are up. + +``` +$ docker ps +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +ee36bb9312bc ansible/awx_task:latest "/tini -- /bin/sh -c…" About an hour ago Up About an hour 8052/tcp awx_task +bc8652bcf6ea ansible/awx_web:latest "/tini -- /bin/sh -c…" About an hour ago Up About an hour 0.0.0.0:80->8052/tcp awx_web +fb820f201e0c memcached:alpine "docker-entrypoint.s…" About an hour ago Up About an hour 11211/tcp memcached +c0b5bfd1bd85 rabbitmq:3 "docker-entrypoint.s…" About an hour ago Up About an hour 4369/tcp, 5671-5672/tcp, 25672/tcp rabbitmq +4411bd57f8d3 postgres:9.6 "docker-entrypoint.s…" About an hour ago Up About an hour 5432/tcp postgres + +``` +Log into 0.0.0.0:80 or localhost to acess the AWX web UI. + +``` +make docker-remove + This command will stop and remove the docker container + +$ make docker-remove +docker stop awx_task +awx_task +docker stop awx_web +awx_web +docker stop memcached +memcached +docker stop rabbitmq +rabbitmq +docker stop postgres +postgres +docker rm awx_task +awx_task +docker rm awx_web +awx_web +docker rm memcached +memcached +docker rm rabbitmq +rabbitmq +docker rm postgres +postgres + +``` + +## Makefile.variable + +This file helps to pass arguments to make file.User can specific the path, name of the project and postgres data +directory.Docker hub version and ansible junos version helps to control the version of the docker and juniper +ansible-galaxy respectively. + +``` +Example: + +PROJECT_DATA_DIR = +AWX_TASK_TAG = +POSTGRES_DATA_DIR = +ANSIBLE_JUNOS_VERSION = +HOST_FILE = /etc/ansible/hosts +INVENTORY_NAME = Junos + +``` +1. `PROJECT_DATA_DIR` : Provide absolute path to directory where the ansible projects reside.If the directory is not present Makefile will create the path. +2. `AWX_TASK_TAG`: Mention the awx_task tag to be installed.For available versions refer [Dockerhub](https://hub.docker.com/r/ansible/awx_task/tags/). +3. `POSTGRES_DATA_DIR`: Provide absolute path to postgres directory.If the directory is not present Makefile will create the path and create folders required for postgres to run. +4. `ANSIBLE_JUNOS_VERSION`: Mention the Juniper.junos version to be installed.By default, it installs the latest version. +5. `HOST_FILE`: Provide the absolute path to the host file.This option can be only used if PROJECT_DATA_DIR is mentioned. +By default, it doesnot load any host file.Please ensure that a unique INVENTORY_NAME is mentioned to avoid errors e.g Hosts. +6. `INVENTORY_NAME`: The name of the inventory to which HOST_FILE is to be loaded. + +Note: +- `PROJECT_DATA_DIR` is the location where the Ansible projects will be manually sourced from. But it doesn't directly contain any playbook, AWX expects Ansible project folders at this location. +For more information about Ansible project structure, please refer [here](http://docs.ansible.com/ansible/latest/user_guide/playbooks_best_practices.html#content-organization)
+
A sample directory structure is explained below. +``` +XYZ/ +└── Ansible_Project_1 + └── getFacts.yml +``` +In the above case, the `PROJECT_DATA_DIR = XYZ` +- If a variable is left blank, it is considered to be built with default values. +- If postgres container keeps on restarting, source the `POSTGRES_DATA_DIR` into any other location other than /tmp. +- Ensure docker has permission to bind the location mentioned in Makefile.variable + +## LICENSE + +Apache 2.0 + +## CONTRIBUTORS + +Juniper Networks is actively contributing to and maintaining this repo. Please contact jnpr-community-netdev@juniper.net for any queries. + +*Contributors:* + +- v0.0.1: [Raja Shekar M](https://github.com/rsmekala),[Dinesh Babu R](https://github.com/dineshbaburam91), [Jasminderpal Sidhu](https://github.com/sidhujasminder) diff --git a/roles/juniper.junos/library/_junos_cli.py b/roles/juniper.junos/library/_junos_cli.py deleted file mode 120000 index cc8aaf8..0000000 --- a/roles/juniper.junos/library/_junos_cli.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_command.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_commit.py b/roles/juniper.junos/library/_junos_commit.py deleted file mode 120000 index 5383605..0000000 --- a/roles/juniper.junos/library/_junos_commit.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_config.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_get_config.py b/roles/juniper.junos/library/_junos_get_config.py deleted file mode 120000 index 5383605..0000000 --- a/roles/juniper.junos/library/_junos_get_config.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_config.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_get_facts.py b/roles/juniper.junos/library/_junos_get_facts.py deleted file mode 120000 index cbdd3b9..0000000 --- a/roles/juniper.junos/library/_junos_get_facts.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_facts.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_get_table.py b/roles/juniper.junos/library/_junos_get_table.py deleted file mode 120000 index 32df1a4..0000000 --- a/roles/juniper.junos/library/_junos_get_table.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_table.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_install_config.py b/roles/juniper.junos/library/_junos_install_config.py deleted file mode 120000 index 5383605..0000000 --- a/roles/juniper.junos/library/_junos_install_config.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_config.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_install_os.py b/roles/juniper.junos/library/_junos_install_os.py deleted file mode 120000 index 0a63f35..0000000 --- a/roles/juniper.junos/library/_junos_install_os.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_software.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_jsnapy.py b/roles/juniper.junos/library/_junos_jsnapy.py deleted file mode 120000 index e14ff8d..0000000 --- a/roles/juniper.junos/library/_junos_jsnapy.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_jsnapy.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_ping.py b/roles/juniper.junos/library/_junos_ping.py deleted file mode 120000 index 3ca2aa7..0000000 --- a/roles/juniper.junos/library/_junos_ping.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_ping.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_pmtud.py b/roles/juniper.junos/library/_junos_pmtud.py deleted file mode 120000 index b7bdfe9..0000000 --- a/roles/juniper.junos/library/_junos_pmtud.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_pmtud.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_rollback.py b/roles/juniper.junos/library/_junos_rollback.py deleted file mode 120000 index 5383605..0000000 --- a/roles/juniper.junos/library/_junos_rollback.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_config.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_rpc.py b/roles/juniper.junos/library/_junos_rpc.py deleted file mode 120000 index 9e5b8b3..0000000 --- a/roles/juniper.junos/library/_junos_rpc.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_rpc.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_shutdown.py b/roles/juniper.junos/library/_junos_shutdown.py deleted file mode 120000 index 95f3297..0000000 --- a/roles/juniper.junos/library/_junos_shutdown.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_system.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_srx_cluster.py b/roles/juniper.junos/library/_junos_srx_cluster.py deleted file mode 120000 index 511a3de..0000000 --- a/roles/juniper.junos/library/_junos_srx_cluster.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_srx_cluster.py \ No newline at end of file diff --git a/roles/juniper.junos/library/_junos_zeroize.py b/roles/juniper.junos/library/_junos_zeroize.py deleted file mode 120000 index 95f3297..0000000 --- a/roles/juniper.junos/library/_junos_zeroize.py +++ /dev/null @@ -1 +0,0 @@ -juniper_junos_system.py \ No newline at end of file diff --git a/roles/juniper.junos/library/juniper_junos_config.py b/roles/juniper.junos/library/juniper_junos_config.py index c7f1386..10101d4 100644 --- a/roles/juniper.junos/library/juniper_junos_config.py +++ b/roles/juniper.junos/library/juniper_junos_config.py @@ -698,10 +698,12 @@ diff: description: - The configuration differences between the previous and new - configurations. The value is a single multi-line string in "diff" format. + configurations. The value is a dict that contains a single key named + "prepared". Value associated with that key is a single multi-line string + in "diff" format. returned: when I(load) or I(rollback) is specified, I(diff) is C(true), and I(return_output) is C(true). - type: str + type: dict diff_lines: description: - The configuration differences between the previous and new @@ -748,6 +750,7 @@ def main(): juniper_junos_common.CONFIG_DATABASE_CHOICES config_action_choices = [None] + juniper_junos_common.CONFIG_ACTION_CHOICES config_mode_choices = juniper_junos_common.CONFIG_MODE_CHOICES + config_model_choices = juniper_junos_common.CONFIG_MODEL_CHOICES # Create the module instance. junos_module = juniper_junos_common.JuniperJunosModule( @@ -790,6 +793,16 @@ def main(): type='str', required=False, default=None), + model=dict(required=False, + choices=config_model_choices, + type='str', + default=None), + remove_ns=dict(required=False, + type='bool', + default=None), + namespace=dict(required=False, + type='str', + default=None), check=dict(required=False, type='bool', aliases=['check_commit', 'commit_check'], @@ -885,6 +898,10 @@ def main(): confirmed = junos_module.params.get('confirmed') comment = junos_module.params.get('comment') check_commit_wait = junos_module.params.get('check_commit_wait') + model = junos_module.params.get('model') + remove_ns = junos_module.params.get('remove_ns') + namespace = junos_module.params.get('namespace') + # If retrieve is set and load and rollback are not set, then # check, diff, and commit default to False. @@ -1001,7 +1018,7 @@ def main(): junos_module.logger.debug("Step 1 - Open a candidate configuration " "database.") - junos_module.open_configuration(mode=config_mode) + junos_module.open_configuration(mode=config_mode, ignore_warning=ignore_warning) results['msg'] += 'opened' junos_module.logger.debug("Step 2 - Load configuration data into the " @@ -1054,12 +1071,12 @@ def main(): junos_module.logger.debug("Step 4 - Determine differences between the " "candidate and committed configuration " "databases.") - if diff is True: + if diff is True or junos_module._diff: diff = junos_module.diff_configuration() if diff is not None: results['changed'] = True - if return_output is True: - results['diff'] = diff + if return_output is True or junos_module._diff: + results['diff'] = {'prepared': diff} results['diff_lines'] = diff.splitlines() # Save the diff output junos_module.save_text_output('diff', 'diff', diff) @@ -1076,7 +1093,10 @@ def main(): database=retrieve, format=format, options=options, - filter=filter) + filter=filter, + model=model, + namespace=namespace, + remove_ns=remove_ns) if return_output is True: if config is not None: results['config'] = config diff --git a/roles/juniper.junos/library/juniper_junos_facts.py b/roles/juniper.junos/library/juniper_junos_facts.py index ec1e820..3c5fc81 100644 --- a/roles/juniper.junos/library/juniper_junos_facts.py +++ b/roles/juniper.junos/library/juniper_junos_facts.py @@ -178,6 +178,7 @@ # Ansiballz packages module_utils into ansible.module_utils from ansible.module_utils.basic import AnsibleModule from ansible.module_utils import juniper_junos_common +from ansible.module_utils._text import to_bytes def get_facts_dict(junos_module): @@ -241,6 +242,7 @@ def save_facts(junos_module, facts): file_path = os.path.normpath(os.path.join(save_dir, file_name)) junos_module.logger.debug("Saving facts to: %s.", file_path) try: + # TODO: Verify does thsi work with Python3 with open(file_path, 'w') as fact_file: json.dump(facts, fact_file) junos_module.logger.debug("Facts saved to: %s.", file_path) @@ -272,7 +274,7 @@ def save_inventory(junos_module, inventory): junos_module.logger.debug("Saving inventory to: %s.", file_path) try: with open(file_path, 'wb') as fact_file: - fact_file.write(inventory.encode(encoding='utf-8')) + fact_file.write(to_bytes(inventory, encoding='utf-8')) junos_module.logger.debug("Inventory saved to: %s.", file_path) except IOError: junos_module.fail_json(msg="Unable to save inventory. Failed to " diff --git a/roles/juniper.junos/library/juniper_junos_ping.py b/roles/juniper.junos/library/juniper_junos_ping.py index 19f6e80..ce6c81e 100644 --- a/roles/juniper.junos/library/juniper_junos_ping.py +++ b/roles/juniper.junos/library/juniper_junos_ping.py @@ -150,31 +150,31 @@ - Juniper.junos tasks: - - name: Ping 10.0.0.1 with default parameters. Fails if any packets lost. + - name: Ping 192.68.1.1 with default parameters. Fails if any packets lost. juniper_junos_ping: - dest: "10.0.0.1" + dest: "192.68.1.1" - - name: Ping 10.0.0.1. Allow 50% packet loss. Register response. + - name: Ping 192.68.1.1 Allow 50% packet loss. Register response. juniper_junos_ping: - dest: "10.0.0.1" + dest: "192.68.1.1" acceptable_percent_loss: 50 register: response - name: Print all keys in the response. debug: var: response - - name: Ping 10.0.0.1. Send 20 packets. Register response. + - name: Ping 192.68.1.1. Send 20 packets. Register response. juniper_junos_ping: - dest: "10.0.0.1" + dest: "192.68.1.1" count: 20 register: response - name: Print packet sent from the response. debug: var: response.packets_sent - - name: Ping 10.0.0.1. Send 10 packets wihtout rapid. Register response. + - name: Ping 192.68.1.1. Send 10 packets wihtout rapid. Register response. juniper_junos_ping: - dest: "10.0.0.1" + dest: "192.68.1.1" count: 10 rapid: false register: response @@ -191,28 +191,28 @@ debug: var: response.packet_loss - - name: Ping 10.0.0.1 with IP packet size of 1500. Register response. + - name: Ping 192.68.1.1 with IP packet size of 1500. Register response. juniper_junos_ping: - dest: "10.0.0.1" + dest: "192.68.1.1" size: 1472 register: response - name: Print the packets_received from the response. debug: var: response.packets_received - - name: Ping 10.0.0.1 with do-not-fragment bit set. Register response. + - name: Ping 192.68.1.1 with do-not-fragment bit set. Register response. juniper_junos_ping: - dest: "10.0.0.1" + dest: "192.68.1.1" do_not_fragment: true register: response - name: Print the maximum round-trip-time from the response. debug: var: response.rtt_maximum - - name: Ping 10.0.0.1 with source set to 10.0.0.2. Register response. + - name: Ping 192.68.1.1 with source set to 192.68.1.2. Register response. juniper_junos_ping: - dest: "10.0.0.1" - source: "10.0.0.2" + dest: "192.68.1.1" + source: "192.68.1.2" register: response - name: Print the source from the response. debug: diff --git a/roles/juniper.junos/library/juniper_junos_pmtud.py b/roles/juniper.junos/library/juniper_junos_pmtud.py index d0e7eda..7947b7b 100644 --- a/roles/juniper.junos/library/juniper_junos_pmtud.py +++ b/roles/juniper.junos/library/juniper_junos_pmtud.py @@ -136,21 +136,21 @@ - Juniper.junos tasks: - - name: Perform PMTUD to 10.0.0.1 with default parameters. + - name: Perform PMTUD to 192.68.1.1 with default parameters. juniper_junos_pmtud: - dest: "10.0.0.1" + dest: "192.68.1.1" - - name: Perform PMTUD to 10.0.0.1. Register response. + - name: Perform PMTUD to 192.68.1.1. Register response. juniper_junos_pmtud: - dest: "10.0.0.1" + dest: "192.68.1.1" register: response - name: Print the discovered MTU. debug: var: response.inet_mtu - - name: Perform PMTUD to 10.0.0.1. Search all possible MTU values. + - name: Perform PMTUD to 192.68.1.1. Search all possible MTU values. juniper_junos_pmtud: - dest: "10.0.0.1" + dest: "192.68.1.1" max_size: 65496 max_range: 65536 register: response @@ -158,27 +158,27 @@ debug: var: response.inet_mtu - - name: Perform PMTUD to 10.0.0.1. Source from ge-0/0/0.0 interface. + - name: Perform PMTUD to 192.68.1.1. Source from ge-0/0/0.0 interface. juniper_junos_pmtud: - dest: "10.0.0.1" + dest: "192.68.1.1" interface: "ge-0/0/0.0" register: response - name: Print the discovered MTU. debug: var: response.inet_mtu - - name: Perform PMTUD to 10.0.0.1. Source from 192.168.1.1. + - name: Perform PMTUD to 192.68.1.1. Source from 192.168.1.2. juniper_junos_pmtud: - dest: "10.0.0.1" - source: "192.168.1.1" + dest: "192.68.1.1" + source: "192.168.1.2" register: response - name: Print the discovered MTU. debug: var: response.inet_mtu - - name: Perform PMTUD to 10.0.0.1. Source from the red routing-instance. + - name: Perform PMTUD to 192.68.1.1. Source from the red routing-instance. juniper_junos_pmtud: - dest: "10.0.0.1" + dest: "192.68.1.1" routing_instance: "red" register: response - name: Print the discovered MTU. diff --git a/roles/juniper.junos/library/juniper_junos_rpc.py b/roles/juniper.junos/library/juniper_junos_rpc.py index a8f738b..8f848f3 100644 --- a/roles/juniper.junos/library/juniper_junos_rpc.py +++ b/roles/juniper.junos/library/juniper_junos_rpc.py @@ -510,6 +510,8 @@ def main(): attr = {} if kwarg is None: kwarg = {} + if format is not None: + attr['format'] = format junos_module.logger.debug('Executing "get-config" RPC. ' 'filter_xml=%s, options=%s, ' 'kwargs=%s', diff --git a/roles/juniper.junos/library/juniper_junos_software.py b/roles/juniper.junos/library/juniper_junos_software.py index 97df8bf..ccfa5a7 100644 --- a/roles/juniper.junos/library/juniper_junos_software.py +++ b/roles/juniper.junos/library/juniper_junos_software.py @@ -263,6 +263,13 @@ required: false default: C(/var/tmp/) + filename portion of I(local_package) type: path + pkg_set: + description: + - install software on the members in a mixed Virtual Chassis. Currently + we are not doing target package check this option is provided. + required: false + default: false + type: list validate: description: - Whether or not to have the target Junos device should validate the @@ -449,6 +456,9 @@ def main(): # Default is '/var/tmp/' + filename from the # local_package option, if set. default=None), + pkg_set=dict(required=False, + type='list', + default=None), version=dict(required=False, aliases=['target_version', 'new_version', 'desired_version'], @@ -517,13 +527,14 @@ def main(): # Mutually exclusive options. mutually_exclusive=[['issu', 'nssu']], # One of local_package and remote_package is required. - required_one_of=[['local_package', 'remote_package']], + required_one_of=[['local_package', 'remote_package', 'pkg_set']], supports_check_mode=True ) # Straight from params local_package = junos_module.params.pop('local_package') remote_package = junos_module.params.pop('remote_package') + pkg_set = junos_module.params.pop('pkg_set') target_version = junos_module.params.pop('version') no_copy = junos_module.params.pop('no_copy') reboot = junos_module.params.pop('reboot') @@ -552,14 +563,15 @@ def main(): if url is not None and local_package is not None: junos_module.fail_json(msg='There remote_package (%s) is a URL. ' 'The local_package option is not allowed.' % - (remote_package)) + remote_package) if url is not None and no_copy is True: junos_module.fail_json(msg='There remote_package (%s) is a URL. ' 'The no_copy option is not allowed.' % - (remote_package)) + remote_package) if url is None: + local_filename = None if local_package is not None: # Expand out the path. local_package = os.path.abspath(local_package) @@ -567,16 +579,23 @@ def main(): if local_filename == '': junos_module.fail_json(msg='There is no filename component to ' 'the local_package (%s).' % - (local_package)) - else: - # Local package was not specified, so we must assume no_copy. + local_package) + elif remote_package is not None: + # remote package was, so we must assume no_copy. no_copy = True - local_filename = None - if no_copy is False and not os.path.isfile(local_package): - junos_module.fail_json(msg='The local_package (%s) is not a valid ' - 'file on the local Ansible control ' - 'machine.' % (local_package)) + if no_copy is False: + if local_package is not None and not os.path.isfile(local_package): + junos_module.fail_json(msg='The local_package (%s) is not a ' + 'valid file on the local Ansible ' + 'control machine.' % local_package) + elif pkg_set is not None: + pkg_set = [os.path.abspath(item) for item in pkg_set] + for pkg_set_item in pkg_set: + if not os.path.isfile(pkg_set_item): + junos_module.fail_json( + msg='The pkg (%s) is not a valid file on the local' + ' Ansible control machine.' % pkg_set_item) if remote_filename == '': # Use the same name as local_filename @@ -593,7 +612,7 @@ def main(): if no_copy is True: cleanfs = False - if target_version is None: + if target_version is None and pkg_set is None: target_version = parse_version_from_filename(remote_filename) junos_module.logger.debug("New target version is: %s.", target_version) @@ -615,15 +634,23 @@ def main(): current_version, current_re, target_version) results['changed'] = True + else: + results['msg'] += "Current version on %s: %s same as Targeted " \ + "version: %s.\n" % (current_version, current_re, + target_version) else: current_version = junos_module.dev.facts['version'] + re_name = junos_module.dev.re_name if target_version != current_version: - re_name = junos_module.dev.re_name junos_module.logger.debug("Current version on %s: %s. " "Target version: %s.", current_version, re_name, target_version) results['changed'] = True + else: + results['msg'] += "Current version on %s: %s same as Targeted " \ + "version: %s.\n" % (current_version, re_name, + target_version) else: # A non-Junos install. Always attempt to install. results['changed'] = True @@ -638,6 +665,8 @@ def main(): install_params['package'] = url elif local_package is not None: install_params['package'] = local_package + elif pkg_set is not None: + install_params['pkg_set'] = pkg_set else: install_params['package'] = remote_filename if remote_dir is not None: @@ -655,16 +684,17 @@ def main(): install_params.update(kwargs) try: junos_module.logger.debug("Install parameters are: %s", - str(install_params)) + str(install_params)) junos_module.add_sw() ok = junos_module.sw.install(**install_params) if ok is not True: results['msg'] = 'Unable to install the software' junos_module.fail_json(**results) - results['msg'] = 'Package %s successfully installed.' % \ - (install_params['package']) - junos_module.logger.debug('Package %s successfully installed.', - install_params['package']) + msg = 'Package %s successfully installed.' % ( + install_params.get('package') or + install_params.get('pkg_set')) + results['msg'] = msg + junos_module.logger.debug(msg) except (junos_module.pyez_exception.ConnectError, junos_module.pyez_exception.RpcError) as ex: results['msg'] = 'Installation failed. Error: %s' % str(ex) @@ -680,8 +710,16 @@ def main(): "to 5 seconds.") junos_module.dev.timeout = 5 junos_module.logger.debug('Initiating reboot.') - rpc = junos_module.etree.Element('request-reboot') xpath_list = ['.//request-reboot-status'] + if junos_module.dev.facts['_is_linux']: + rpc = junos_module.etree.Element('request-shutdown-reboot') + elif install_params.get('vmhost'): + rpc = junos_module.etree.Element('request-vmhost-reboot') + # RPC reply can contain multiple output tags + xpath_list.append('output') + else: + rpc = junos_module.etree.Element('request-reboot') + if all_re is True: if (junos_module.sw._multi_RE is True and junos_module.sw._multi_VC is False): @@ -690,7 +728,7 @@ def main(): # At least on some platforms stopping/rebooting both # REs produces messages and # messages. - xpath_list.append('..//output') + xpath_list.append('output') elif junos_module.sw._mixed_VC is True: junos_module.etree.SubElement(rpc, 'all-members') resp = junos_module.dev.rpc(rpc, @@ -698,17 +736,38 @@ def main(): normalize=True) junos_module.logger.debug("Reboot RPC executed cleanly.") if len(xpath_list) > 0: + obj = resp.getparent() for xpath in xpath_list: - got = resp.findtext(xpath) + if junos_module.dev.facts['_is_linux']: + got = resp.text + else: + # there are cases where rpc-reply will have multiple + # child element, hence lets work on parent. + # for ex: + # Rebooting fpc1 + # + # + # Shutdown at Mon Jun 24 10:16:35 2019. + # [pid 1949] + # + # + if xpath == 'output': + got = '\n'.join([i.text for i in obj.findall('output') + if i.text is not None]) + else: + got = obj.findtext(xpath) if got is not None: - results['msg'] += ' Reboot successfully initiated.' + results['msg'] += ' Reboot successfully initiated. ' \ + 'Reboot message: %s' % got break else: # This is the else clause of the for loop. # It only gets executed if the loop finished without # hitting the break. results['msg'] += ' Did not find expected response ' \ - 'from reboot RPC.' + 'from reboot RPC. RPC response is ' \ + '%s' % \ + junos_module.etree.tostring(resp) junos_module.fail_json(**results) else: results['msg'] += ' Reboot successfully initiated.' diff --git a/roles/juniper.junos/library/juniper_junos_system.py b/roles/juniper.junos/library/juniper_junos_system.py index d05c731..b186f03 100644 --- a/roles/juniper.junos/library/juniper_junos_system.py +++ b/roles/juniper.junos/library/juniper_junos_system.py @@ -343,13 +343,22 @@ def main(): rpc = None xpath_list = [] if action == 'reboot': - rpc = junos_module.etree.Element('request-reboot') + if junos_module.dev.facts['_is_linux']: + rpc = junos_module.etree.Element('request-shutdown-reboot') + else: + rpc = junos_module.etree.Element('request-reboot') xpath_list.append('.//request-reboot-status') elif action == 'shutdown': - rpc = junos_module.etree.Element('request-power-off') + if junos_module.dev.facts['_is_linux']: + rpc = junos_module.etree.Element('request-shutdown-power-off') + else: + rpc = junos_module.etree.Element('request-power-off') xpath_list.append('.//request-reboot-status') elif action == 'halt': - rpc = junos_module.etree.Element('request-halt') + if junos_module.dev.facts['_is_linux']: + rpc = junos_module.etree.Element('request-shutdown-halt') + else: + rpc = junos_module.etree.Element('request-halt') xpath_list.append('.//request-reboot-status') elif action == 'zeroize': rpc = junos_module.etree.Element('request-system-zeroize') @@ -420,7 +429,10 @@ def main(): junos_module.logger.debug("RPC executed cleanly.") if len(xpath_list) > 0: for xpath in xpath_list: - got = resp.findtext(xpath) + if junos_module.dev.facts['_is_linux']: + got = resp.text + else: + got = resp.findtext(xpath) if got is not None: results['msg'] = '%s successfully initiated.' % \ (action) diff --git a/roles/juniper.junos/library/juniper_junos_table.py b/roles/juniper.junos/library/juniper_junos_table.py index 008c5a8..7391667 100644 --- a/roles/juniper.junos/library/juniper_junos_table.py +++ b/roles/juniper.junos/library/juniper_junos_table.py @@ -140,12 +140,12 @@ debug: var: response - - name: Retrieve routes within 10.0.0/8 + - name: Retrieve routes within 192.68.1/8 juniper_junos_table: file: "routes.yml" table: "RouteTable" kwargs: - destination: "10.0.0.0/8" + destination: "192.68.1.0/8" response_type: "juniper_items" register: response - name: Print response diff --git a/roles/juniper.junos/meta/.galaxy_install_info b/roles/juniper.junos/meta/.galaxy_install_info index 9cefadb..bd5b6de 100644 --- a/roles/juniper.junos/meta/.galaxy_install_info +++ b/roles/juniper.junos/meta/.galaxy_install_info @@ -1 +1,2 @@ -{install_date: 'Tue Feb 19 16:43:28 2019', version: 2.1.0} +install_date: Fri Feb 21 16:50:43 2020 +version: 2.3.0 diff --git a/roles/juniper.junos/meta/main.yml b/roles/juniper.junos/meta/main.yml index 3b4daf4..068cffa 100644 --- a/roles/juniper.junos/meta/main.yml +++ b/roles/juniper.junos/meta/main.yml @@ -1,16 +1,15 @@ --- galaxy_info: author: Juniper #Stacy W. Smith @stacywsmith - description: Network build automation of Junos devices. + role_name: junos + description: Network build automation of Junos devices. company: Juniper Networks, Inc. license: Apache 2.0 - min_ansible_version: 2.1 + min_ansible_version: 2.4 platforms: - name: junos versions: - all - categories: - - networking galaxy_tags: - networking - junos diff --git a/roles/juniper.junos/module_utils/juniper_junos_common.py b/roles/juniper.junos/module_utils/juniper_junos_common.py index 4051394..d7f0151 100644 --- a/roles/juniper.junos/module_utils/juniper_junos_common.py +++ b/roles/juniper.junos/module_utils/juniper_junos_common.py @@ -32,12 +32,11 @@ # from __future__ import absolute_import, division, print_function -from six import iteritems # Ansible imports from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils.basic import BOOLEANS_TRUE, BOOLEANS_FALSE -from ansible.plugins.action.normal import ActionModule as ActionNormal +from ansible.module_utils.basic import boolean +from ansible.module_utils._text import to_bytes # Standard library imports from argparse import ArgumentParser @@ -119,10 +118,9 @@ # Python 3 basestring = str - # Constants # Minimum PyEZ version required by shared code. -MIN_PYEZ_VERSION = "2.1.7" +MIN_PYEZ_VERSION = "2.2.0" # Installation URL for PyEZ. PYEZ_INSTALLATION_URL = "https://github.com/Juniper/py-junos-eznc#installation" # Minimum lxml version required by shared code. @@ -142,26 +140,6 @@ MIN_YAML_VERSION = "3.08" YAML_INSTALLATION_URL = "http://pyyaml.org/wiki/PyYAMLDocumentation" -def convert_to_bool_func(arg): - """Try converting arg to a bool value using Ansible's aliases for bool. - - Args: - arg: The value to convert. - - Returns: - A boolean value if successfully converted, or None if not. - """ - if arg is None or type(arg) == bool: - return arg - if isinstance(arg, basestring): - arg = arg.lower() - if arg in BOOLEANS_TRUE: - return True - elif arg in BOOLEANS_FALSE: - return False - else: - return None - class ModuleDocFragment(object): """Documentation fragment for connection-related parameters. @@ -277,6 +255,13 @@ class ModuleDocFragment(object): is found using the algorithm below, then the SSH private key file specified in the user's SSH configuration, or the operating-system-specific default is used. + - This must be in the RSA PEM format, and not the newer OPENSSH + format. To check if the private key is in the correct format, issue + the command `head -n1 ~/.ssh/some_private_key` and ensure that + it's RSA and not OPENSSH. To create a key in the RSA PEM format, + issue the command `ssh-keygen -m PEM -t rsa -b 4096`. To convert + an OPENSSH key to an RSA key, issue the command `ssh-keygen -p -m + PEM -f ~/.ssh/some_private_key` required: false default: The first defined value from the following list 1) The C(ANSIBLE_NET_SSH_KEYFILE) environment variable. @@ -325,6 +310,24 @@ class ModuleDocFragment(object): type: str aliases: - username + cs_user: + description: + - The username used to authenticate with the console server over SSH. + This option is only required if you want to connect to a device over console + using SSH as transport. Mutually exclusive with the I(console) option. + required: false + type: str + aliases: + - console_username + cs_passwd: + description: + - The password used to authenticate with the console server over SSH. + This option is only required if you want to connect to a device over console + using SSH as transport. Mutually exclusive with the I(console) option. + required: false + type: str + aliases: + - console_password ''' LOGGING_DOCUMENTATION = ''' @@ -468,6 +471,15 @@ class ModuleDocFragment(object): # Default behavior coded in JuniperJunosActionModule.run() default=None, no_log=True), + 'cs_user': dict(type='str', + aliases=['console_username'], + required=False, + default=None), + 'cs_passwd': dict(type='str', + aliases=['console_password'], + required=False, + default=None, + no_log=True), 'ssh_private_key_file': dict(type='path', required=False, aliases=['ssh_keyfile'], @@ -502,20 +514,14 @@ class ModuleDocFragment(object): required=False, default=30), } + # Connection arguments which are mutually exclusive. connection_spec_mutually_exclusive = [['mode', 'console'], ['port', 'console'], ['baud', 'console'], - ['attempts','console']] -# Keys are connection options. Values are a list of task_vars to use as the -# default value. -connection_spec_fallbacks = { - 'host': ['inventory_hostname'], - 'user': ['ansible_connection_user', 'ansible_ssh_user', 'ansible_user'], - 'passwd': ['ansible_ssh_pass', 'ansible_pass'], - 'ssh_private_key_file': ['ansible_ssh_private_key_file', - 'ansible_private_key_file'] -} + ['attempts','console'], + ['cs_user', 'console'], + ['cs_passwd', 'console']] # Specify the provider spec with options matching connection_spec. provider_spec = { @@ -573,27 +579,8 @@ class ModuleDocFragment(object): 'replace', 'override', 'overwrite'] # Supported configuration modes CONFIG_MODE_CHOICES = ['exclusive', 'private'] - - -def convert_to_bool_func(arg): - """Try converting arg to a bool value using Ansible's aliases for bool. - - Args: - arg: The value to convert. - - Returns: - A boolean value if successfully converted, or None if not. - """ - if arg is None or type(arg) == bool: - return arg - if isinstance(arg, basestring): - arg = arg.lower() - if arg in BOOLEANS_TRUE: - return True - elif arg in BOOLEANS_FALSE: - return False - else: - return None +# Supported configuration models +CONFIG_MODEL_CHOICES = ['openconfig', 'custom', 'ietf', 'True'] class JuniperJunosModule(AnsibleModule): @@ -614,7 +601,6 @@ class JuniperJunosModule(AnsibleModule): check_lxml_etree: Verify the lxml Etree library is present and functional. check_yaml: Verify the YAML library is present and functional. - convert_to_bool: Try converting to bool using aliases for bool. parse_arg_to_list_of_dicts: Parses string_val into a list of dicts. parse_ignore_warning_option: Parses the ignore_warning option. parse_rollback_option: Parses the rollback option. @@ -1018,7 +1004,7 @@ def check_pyez(self, minimum=None, - PyEZ not installed (unable to import). - PyEZ version < minimum. - check_device and PyEZ Device object can't be imported - - check_exception and PyEZ excepetions can't be imported + - check_exception and PyEZ exceptions can't be imported """ self._check_library('junos-eznc', HAS_PYEZ_VERSION, PYEZ_INSTALLATION_URL, minimum=minimum, @@ -1105,17 +1091,6 @@ def check_yaml(self, minimum=None): self._check_library('yaml', HAS_YAML_VERSION, YAML_INSTALLATION_URL, minimum=minimum) - def convert_to_bool(self, arg): - """Try converting arg to a bool value using Ansible's aliases for bool. - - Args: - arg: The value to convert. - - Returns: - A boolean value if successfully converted, or None if not. - """ - return convert_to_bool_func(arg) - def parse_arg_to_list_of_dicts(self, option_name, string_val, @@ -1198,7 +1173,10 @@ def parse_arg_to_list_of_dicts(self, if allow_bool_values is True: # Try to convert it to a boolean value. Will be None if it # can't be converted. - bool_val = self.convert_to_bool(v) + try: + bool_val = boolean(v) + except TypeError: + bool_val = None if bool_val is not None: v = bool_val return_item[k] = v @@ -1223,7 +1201,7 @@ def parse_ignore_warning_option(self): if ignore_warn_list is None: return ignore_warn_list if len(ignore_warn_list) == 1: - bool_val = self.convert_to_bool(ignore_warn_list[0]) + bool_val = boolean(ignore_warn_list[0]) if bool_val is not None: return bool_val elif isinstance(ignore_warn_list[0], basestring): @@ -1296,6 +1274,9 @@ def open(self): self.close() log_connect_args = dict(connect_args) log_connect_args['passwd'] = 'NOT_LOGGING_PARAMETER' + if 'cs_passwd' in log_connect_args: + log_connect_args['cs_passwd'] = 'NOT_LOGGING_PARAMETER' + self.logger.debug("Creating device parameters: %s", log_connect_args) timeout = connect_args.pop('timeout') @@ -1344,7 +1325,7 @@ def add_sw(self): """ self.sw = jnpr.junos.utils.sw.SW(self.dev) - def open_configuration(self, mode): + def open_configuration(self, mode, ignore_warning=None): """Open candidate configuration database in exclusive or private mode. Failures: @@ -1352,6 +1333,18 @@ def open_configuration(self, mode): - RpcError: When there's a RPC problem including an already locked config or an already opened private config. """ + + ignore_warn=['uncommitted changes will be discarded on exit'] + # if ignore_warning is a bool, pass the bool + # if ignore_warning is a string add to the list + # if ignore_warning is a list, merge them + if ignore_warning != None and isinstance(ignore_warning, bool): + ignore_warn = ignore_warning + elif ignore_warning != None and isinstance(ignore_warning, str): + ignore_warn.append(ignore_warning) + elif ignore_warning != None and isinstance(ignore_warning, list): + ignore_warn = ignore_warn + ignore_warning + # Already have an open configuration? if self.config is None: if mode not in CONFIG_MODE_CHOICES: @@ -1365,8 +1358,7 @@ def open_configuration(self, mode): elif config.mode == 'private': self.dev.rpc.open_configuration( private=True, - ignore_warning='uncommitted changes will be ' - 'discarded on exit') + ignore_warning=ignore_warn) except (pyez_exception.ConnectError, pyez_exception.RpcError) as ex: self.fail_json(msg='Unable to open the configuration in %s ' @@ -1400,10 +1392,11 @@ def close_configuration(self): (str(ex))) def get_configuration(self, database='committed', format='text', - options={}, filter=None): + options={}, filter=None, model=None, + namespace=None, remove_ns=True): """Return the device configuration in the specified format. - Return the datbase device configuration datbase in the format format. + Return the database device configuration database in the format format. Pass the options specified in the options dict and the filter specified in the filter argument. @@ -1448,7 +1441,10 @@ def get_configuration(self, database='committed', format='text', config = None try: config = self.dev.rpc.get_config(options=options, - filter_xml=filter) + filter_xml=filter, + model=model, + remove_ns=remove_ns, + namespace=namespace) self.logger.debug("Configuration retrieved.") except (self.pyez_exception.RpcError, self.pyez_exception.ConnectError) as ex: @@ -1460,7 +1456,7 @@ def get_configuration(self, database='committed', format='text', if not isinstance(config, self.etree._Element): self.fail_json(msg='Unexpected configuration type returned. ' 'Configuration is: %s' % (str(config))) - if config.tag != 'configuration-text': + if model is None and config.tag != 'configuration-text': self.fail_json(msg='Unexpected XML tag returned. ' 'Configuration is: %s' % (etree.tostring(config, pretty_print=True))) @@ -1469,7 +1465,7 @@ def get_configuration(self, database='committed', format='text', if not isinstance(config, self.etree._Element): self.fail_json(msg='Unexpected configuration type returned. ' 'Configuration is: %s' % (str(config))) - if config.tag != 'configuration-set': + if model is None and config.tag != 'configuration-set': self.fail_json(msg='Unexpected XML tag returned. ' 'Configuration is: %s' % (etree.tostring(config, pretty_print=True))) @@ -1478,7 +1474,7 @@ def get_configuration(self, database='committed', format='text', if not isinstance(config, self.etree._Element): self.fail_json(msg='Unexpected configuration type returned. ' 'Configuration is: %s' % (str(config))) - if config.tag != 'configuration': + if model is None and config.tag != 'configuration': self.fail_json(msg='Unexpected XML tag returned. ' 'Configuration is: %s' % (etree.tostring(config, pretty_print=True))) @@ -1858,7 +1854,7 @@ def save_text_output(self, name, format, text): if getattr(self, 'destfile', None) is None: self.destfile = self.params.get('dest') else: - mode = 'a' + mode = 'ab' elif self.params.get('dest_dir') is not None: dest_dir = self.params.get('dest_dir') hostname = self.params.get('host') @@ -1871,89 +1867,11 @@ def save_text_output(self, name, format, text): file_path = os.path.normpath(os.path.join(dest_dir, file_name)) if file_path is not None: try: + # Use ansible utility to convert objects to bytes + # to achieve Python2/3 compatibility with open(file_path, mode) as save_file: - save_file.write(text.encode(encoding='utf-8')) + save_file.write(to_bytes(text, encoding='utf-8')) self.logger.debug("Output saved to: %s.", file_path) except IOError: self.fail_json(msg="Unable to save output. Failed to " "open the %s file." % (file_path)) - - -class JuniperJunosActionModule(ActionNormal): - """A subclass of ActionNormal used by all juniper_junos_* modules. - - All juniper_junos_* modules share common behavior which is implemented in - this class. This includes specific option fallback/default behavior and - passing the "hidden" _module_utils_path option to the module. - - Public Methods: - convert_to_bool: Try converting to bool using aliases for bool. - """ - def run(self, tmp=None, task_vars=None): - # The new connection arguments based on fallback/defaults. - new_connection_args = dict() - - # Get the current connection args from either provider or the top-level - if 'provider' in self._task.args: - connection_args = self._task.args['provider'] - else: - connection_args = self._task.args - - # The environment variables used by Ansible Tower - if 'user' not in connection_args: - net_user = os.getenv('ANSIBLE_NET_USERNAME') - if net_user is not None: - new_connection_args['user'] = net_user - connection_args['user'] = net_user - if 'passwd' not in connection_args: - net_passwd = os.getenv('ANSIBLE_NET_PASSWORD') - if net_passwd is not None: - new_connection_args['passwd'] = net_passwd - connection_args['passwd'] = net_passwd - if 'ssh_private_key_file' not in connection_args: - net_key = os.getenv('ANSIBLE_NET_SSH_KEYFILE') - if net_key is not None: - new_connection_args['ssh_private_key_file'] = net_key - connection_args['ssh_private_key_file'] = net_key - - # The values set by Ansible command line arguments, configuration - # settings, or environment variables. - for key in connection_spec_fallbacks: - if key not in connection_args: - for task_var_key in connection_spec_fallbacks[key]: - if task_var_key in task_vars: - new_connection_args[key] = task_vars[task_var_key] - break - - # Backwards compatible behavior to fallback to USER env. variable. - if 'user' not in connection_args and 'user' not in new_connection_args: - user = os.getenv('USER') - if user is not None: - new_connection_args['user'] = user - - # Copy the new connection arguments back into either top-level or - # the provider dictionary. - if 'provider' in self._task.args: - self._task.args['provider'].update(new_connection_args) - else: - self._task.args.update(new_connection_args) - - # Pass the hidden _module_utils_path option - module_utils_path = os.path.normpath(os.path.dirname(__file__)) - self._task.args['_module_utils_path'] = module_utils_path - # Pass the hidden _module_name option - self._task.args['_module_name'] = self._task.action - - # Call the parent action module. - return super(JuniperJunosActionModule, self).run(tmp, task_vars) - - def convert_to_bool(self, arg): - """Try converting arg to a bool value using Ansible's aliases for bool. - - Args: - arg: The value to convert. - - Returns: - A boolean value if successfully converted, or None if not. - """ - return convert_to_bool_func(arg) diff --git a/roles/juniper.junos/requirements.txt b/roles/juniper.junos/requirements.txt index fc1f4b0..c9d1b98 100644 --- a/roles/juniper.junos/requirements.txt +++ b/roles/juniper.junos/requirements.txt @@ -1,5 +1,6 @@ -junos-eznc>=2.1.7 -jsnapy>=1.2.1 -jxmlease>=1.0.1 -lxml>3.2.4 -yaml>=3.08 \ No newline at end of file +ansible >= 2.4 +junos-eznc +jsnapy==1.3.2 +jxmlease +docker +junos-netconify \ No newline at end of file diff --git a/roles/juniper.junos/.travis.yml b/roles/juniper.junos/tests/.travis.yml similarity index 100% rename from roles/juniper.junos/.travis.yml rename to roles/juniper.junos/tests/.travis.yml diff --git a/roles/juniper.junos/tests/pb.juniper_junos_config.yml b/roles/juniper.junos/tests/pb.juniper_junos_config.yml new file mode 100644 index 0000000..5ecbc4c --- /dev/null +++ b/roles/juniper.junos/tests/pb.juniper_junos_config.yml @@ -0,0 +1,118 @@ +--- +- name: Test juniper_junos_config module + hosts: all + connection: local + gather_facts: no + roles: + - Juniper.junos + tasks: +################# + - name: Retrieve the committed configuration + juniper_junos_config: + retrieve: 'committed' + diff: false + check: false + commit: false + register: test1 + ignore_errors: True + tags: [ test1 ] + + - name: Check TEST 1 + assert: + that: + - test1.config + - "'host-name choc-qfx-a;' in test1.config" +################# + - name: Append .foo to the hostname using private config mode. + juniper_junos_config: + config_mode: 'private' + load: 'merge' + lines: + - "set system host-name {{ inventory_hostname }}.foo" + register: test2 + ignore_errors: True + tags: [ test2 ] + + - name: Check TEST 2 + assert: + that: + - test2.diff_lines + - "'+ host-name choc-qfx-a.foo;' in test2.diff_lines" +################# + - name: Rollback to the previous config. + juniper_junos_config: + config_mode: 'private' + rollback: "1" + register: test3 + ignore_errors: True + tags: [ test3 ] + + - name: Check TEST 3 + assert: + that: + - test3.diff_lines + - "'- host-name choc-qfx-a.foo;' in test3.diff_lines" +################# + - name: Creates directory + file: + path: out + state: directory + + - name: Configure LLDP + juniper_junos_config: + load: 'merge' + lines: + - "set protocols lldp advertisement-interval 30" + - "set protocols lldp transmit-delay 2" + - "set protocols lldp hold-multiplier 4" + - "set protocols lldp ptopo-configuration-trap-interval 30" + - "set protocols lldp ptopo-configuration-maximum-hold-time 300" + - "set protocols lldp lldp-configuration-notification-interval 30" + - "set protocols lldp interface all disable" + - "set protocols lldp interface ge-1/1/1" + format: 'set' + comment: 'Start LLDP with given options' + dest_dir: './out' + register: test4 + ignore_errors: True + tags: [ test4 ] + + - name: Rollback to the rescue config. + juniper_junos_config: + rollback: 'rescue' + + - name: Check out/choc-qfx-a.diff exists + stat: + path: out/choc-qfx-a.diff + register: stat_result_1 + + - name: Check TEST 4 + assert: + that: + - stat_result_1.stat.exists == True + - test4.diff_lines + - "'+ interface ge-1/1/1;' in test4.diff_lines" + + - name: Clean up TEST 4 + file: + path: out + state: absent +################# + - name: Retrieve [edit system services] of current committed config. + juniper_junos_config: + retrieve: 'committed' + filter: 'system/services' + diff: true + check: false + commit: false + register: test5 + ignore_errors: True + tags: [ test5 ] + + - name: Check TEST 5 + assert: + that: + - test5.failed == False + - "'system {' in test5.config_lines" +################# +#TODO: Add tests for commit check and commit confirmed workflows diff --git a/roles/juniper.junos/tests/pb.junos_get_facts.yaml b/roles/juniper.junos/tests/pb.juniper_junos_facts.yml similarity index 89% rename from roles/juniper.junos/tests/pb.junos_get_facts.yaml rename to roles/juniper.junos/tests/pb.juniper_junos_facts.yml index a94f6d9..c585b02 100644 --- a/roles/juniper.junos/tests/pb.junos_get_facts.yaml +++ b/roles/juniper.junos/tests/pb.juniper_junos_facts.yml @@ -1,5 +1,5 @@ --- -- name: Test junos_get_facts module +- name: Test juniper_junos_facts module hosts: all connection: local gather_facts: no @@ -7,7 +7,7 @@ - Juniper.junos tasks: - name: "TEST 1 - Gather Facts" - junos_get_facts: + juniper_junos_facts: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" diff --git a/roles/juniper.junos/tests/pb.junos_jsnapy.yaml b/roles/juniper.junos/tests/pb.juniper_junos_jsnapy.yml similarity index 94% rename from roles/juniper.junos/tests/pb.junos_jsnapy.yaml rename to roles/juniper.junos/tests/pb.juniper_junos_jsnapy.yml index 874ccd8..4318c76 100644 --- a/roles/juniper.junos/tests/pb.junos_jsnapy.yaml +++ b/roles/juniper.junos/tests/pb.juniper_junos_jsnapy.yml @@ -1,5 +1,5 @@ --- -- name: Test junos_ping module +- name: Test juniper_junos_ping module hosts: all connection: local gather_facts: no @@ -10,7 +10,7 @@ #### TEST 1 ## ################################################## - name: "TEST 1 - Execute SNAPCHECK with 1 test file / no dir" - junos_jsnapy: + juniper_junos_jsnapy: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -34,7 +34,7 @@ #### TEST 2 ## ################################################## - name: "TEST 2 - Execute SNAPCHECK with 2 test file & dir" - junos_jsnapy: + juniper_junos_jsnapy: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -61,7 +61,7 @@ #### TEST 3 ## ################################################## - name: "TEST 3 - Wrong test file" - junos_jsnapy: + juniper_junos_jsnapy: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -83,7 +83,7 @@ #### TEST 4 ## ################################################## - name: "TEST 4 - SNAP_PRE" - junos_jsnapy: + juniper_junos_jsnapy: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -106,7 +106,7 @@ #### TEST 5 ## ################################################## - name: "TEST 5 - SNAP_POST" - junos_jsnapy: + juniper_junos_jsnapy: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -129,7 +129,7 @@ #### TEST 6 ## ################################################## - name: "TEST 6 - CHECK" - junos_jsnapy: + juniper_junos_jsnapy: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -153,13 +153,13 @@ #### TEST 7 ## ################################################## - name: "PRE-TEST 7 - Add loopback address" - junos_install_config: + juniper_junos_config: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" passwd: "{{ ansible_ssh_pass }}" + load: 'merge' file: junos_jsnapy/add_loopback.set - overwrite: no register: test7_1 ignore_errors: True tags: [ test7 ] @@ -168,7 +168,7 @@ pause: seconds=15 - name: "TEST 7 - SNAP_POST with additional loopback" - junos_jsnapy: + juniper_junos_jsnapy: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -181,7 +181,7 @@ # - debug: var=pretest7 - name: "TEST 7 - CHECK" - junos_jsnapy: + juniper_junos_jsnapy: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -194,13 +194,13 @@ - debug: var=test7 - name: "TEST 7 - Cleanup" - junos_install_config: + juniper_junos_config: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" passwd: "{{ ansible_ssh_pass }}" file: junos_jsnapy/delete_loopback.set - overwrite: no + load: 'merge' register: test7_3 ignore_errors: True tags: [ test7 ] diff --git a/roles/juniper.junos/tests/pb.junos_ping.yaml b/roles/juniper.junos/tests/pb.juniper_junos_ping.yml similarity index 93% rename from roles/juniper.junos/tests/pb.junos_ping.yaml rename to roles/juniper.junos/tests/pb.juniper_junos_ping.yml index a12e672..c8fb77c 100644 --- a/roles/juniper.junos/tests/pb.junos_ping.yaml +++ b/roles/juniper.junos/tests/pb.juniper_junos_ping.yml @@ -1,5 +1,5 @@ --- -- name: Test junos_ping module +- name: Test juniper_junos_ping module hosts: all connection: local gather_facts: no @@ -7,7 +7,7 @@ - Juniper.junos tasks: - name: "TEST 1 - Ping Google DNS" - junos_ping: + juniper_junos_ping: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -25,7 +25,7 @@ ############ - name: "TEST 2 - Ping Wrong IP" - junos_ping: + juniper_junos_ping: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -42,7 +42,7 @@ ################# - name: "TEST 3 - Change nbr packets" - junos_ping: + juniper_junos_ping: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -61,7 +61,7 @@ ################# - name: "TEST 4 - Ping with DF-bit set" - junos_ping: + juniper_junos_ping: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" @@ -82,7 +82,7 @@ ################# - name: "TEST 5 - Ping with DF-bit set and size that well exceeds jumbo sizes" - junos_ping: + juniper_junos_ping: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" diff --git a/roles/juniper.junos/tests/pb.junos_pmtud.yaml b/roles/juniper.junos/tests/pb.juniper_junos_pmtud.yml similarity index 88% rename from roles/juniper.junos/tests/pb.junos_pmtud.yaml rename to roles/juniper.junos/tests/pb.juniper_junos_pmtud.yml index 7b39039..cdf3fb4 100644 --- a/roles/juniper.junos/tests/pb.junos_pmtud.yaml +++ b/roles/juniper.junos/tests/pb.juniper_junos_pmtud.yml @@ -1,5 +1,5 @@ --- -- name: Test junos_pmtud module +- name: Test juniper_junos_pmtud module hosts: all connection: local gather_facts: no @@ -7,7 +7,7 @@ - Juniper.junos tasks: - name: "TEST 1 - Check path MTU to Google DNS" - junos_pmtud: + juniper_junos_pmtud: host: "{{ ansible_ssh_host }}" port: "{{ ansible_ssh_port }}" user: "{{ ansible_ssh_user }}" diff --git a/roles/juniper.junos/tests/pb.juniper_junos_rpc.yml b/roles/juniper.junos/tests/pb.juniper_junos_rpc.yml new file mode 100644 index 0000000..22a195d --- /dev/null +++ b/roles/juniper.junos/tests/pb.juniper_junos_rpc.yml @@ -0,0 +1,217 @@ +--- +- name: Test juniper_junos_rpc module + hosts: all + connection: local + gather_facts: no + roles: + - Juniper.junos + + tasks: +################# + - name: "Execute single RPC get-software-information without any kwargs" + juniper_junos_rpc: + host: "{{ ansible_ssh_host }}" + port: "{{ ansible_ssh_port }}" + user: "{{ ansible_ssh_user }}" + passwd: "{{ ansible_ssh_pass }}" + rpcs: + - "get-software-information" + register: test1 + ignore_errors: True + tags: [ test1 ] + + - name: Check TEST 1 + assert: + that: + - test1.msg == "The RPC executed successfully." + tags: [ test1 ] + +################# + - name: "Get Device Configuration with dest" + juniper_junos_rpc: + host: "{{ ansible_ssh_host }}" + port: "{{ ansible_ssh_port }}" + user: "{{ ansible_ssh_user }}" + passwd: "{{ ansible_ssh_pass }}" + rpc: get-config + dest: get_config.conf + register: test2 + ignore_errors: True + tags: [ test2 ] + + - name: Check that the get_config.conf exists + stat: + path: get_config.conf + register: stat_result + + - name: Check TEST 2 + assert: + that: + - test2.msg == "The \"get-config\" RPC executed successfully." + - stat_result.stat.exists == True + tags: [ test2 ] + + - name: Clean up TEST 2 + file: + path: get_config.conf + state: absent +################# + + - name: "Get Device Configuration in text" + juniper_junos_rpc: + host: "{{ ansible_ssh_host }}" + port: "{{ ansible_ssh_port }}" + user: "{{ ansible_ssh_user }}" + passwd: "{{ ansible_ssh_pass }}" + rpc: get-interface-information + kwargs: "interface_name=em0" + format: text + register: test3 + ignore_errors: True + tags: [ test3 ] + + - name: Check TEST 3 + assert: + that: + - test3.msg == "The RPC executed successfully." + tags: [ test3 ] + +################# + + - name: "Execute multiple RPCs without any kwargs" + juniper_junos_rpc: + host: "{{ ansible_ssh_host }}" + port: "{{ ansible_ssh_port }}" + user: "{{ ansible_ssh_user }}" + passwd: "{{ ansible_ssh_pass }}" + rpcs: + - "get-software-information" + - "get-interface-information" + dest: get_config.conf + register: test4 + ignore_errors: True + tags: [ test4 ] + + - name: Check TEST 4 + assert: + that: + - test4.results[0].msg == "The RPC executed successfully." + - test4.results[1].msg == "The RPC executed successfully." + tags: [ test4 ] + + - name: Clean up TEST 4 + file: + path: get_config.conf + state: absent + +################# + + - name: "Execute multiple RPCs with multiple kwargs" + juniper_junos_rpc: + host: "{{ ansible_ssh_host }}" + port: "{{ ansible_ssh_port }}" + user: "{{ ansible_ssh_user }}" + passwd: "{{ ansible_ssh_pass }}" + rpcs: + - "get-software-information" + - "get-interface-information" + kwargs: + - {} + - "interface_name=em0" + register: test5 + ignore_errors: True + tags: [ test5 ] + + - name: Check TEST 5 + assert: + that: + - test5.results[0].msg == "The RPC executed successfully." + - test5.results[1].msg == "The RPC executed successfully." + tags: [ test5 ] + +################# + - name: Creates directory + file: + path: out + state: directory + + - name: "Execute multiple RPCs with multiple kwargs and dest-dir" + juniper_junos_rpc: + host: "{{ ansible_ssh_host }}" + port: "{{ ansible_ssh_port }}" + user: "{{ ansible_ssh_user }}" + passwd: "{{ ansible_ssh_pass }}" + rpcs: + - "get-software-information" + - "get-interface-information" + kwargs: + - {} + - "interface_name=em0" + dest_dir: "out" + register: test6 + ignore_errors: True + tags: [ test6 ] + + - name: Check get-interface-information.xml exists + stat: + path: "out/{{ ansible_ssh_host }}_get-interface-information.xml" + register: stat_result_1 + + - name: Check get-software-information.xml exists + stat: + path: "out/{{ ansible_ssh_host }}_get-software-information.xml" + register: stat_result_2 + + - name: Check TEST 6 + assert: + that: + - test6.results[0].msg == "The RPC executed successfully." + - test6.results[1].msg == "The RPC executed successfully." + - stat_result_1.stat.exists == True + - stat_result_2.stat.exists == True + tags: [ test6 ] + + - name: Clean up TEST 6 + file: + path: out + state: absent + +################# + - name: Get Device Configuration for interface + juniper_junos_rpc: + host: "{{ ansible_ssh_host }}" + port: "{{ ansible_ssh_port }}" + user: "{{ ansible_ssh_user }}" + passwd: "{{ ansible_ssh_pass }}" + rpc: get-config + filter_xml: "" + register: test7 + ignore_errors: True + tags: [ test7 ] + + - name: Check TEST 7 + assert: + that: + - test7.msg == "The \"get-config\" RPC executed successfully." + tags: [ test7 ] + +################# + - name: "Execute wrong RPC to generate RPC error" + juniper_junos_rpc: + host: "{{ ansible_ssh_host }}" + port: "{{ ansible_ssh_port }}" + user: "{{ ansible_ssh_user }}" + passwd: "{{ ansible_ssh_pass }}" + rpcs: + - "wrong-rpc" + register: test8 + ignore_errors: True + tags: [ test8 ] + + - name: Check TEST 8 + assert: + that: + - '"Unable to execute the RPC" in test8.msg' + tags: [ test8 ] + +################# diff --git a/roles/juniper.junos/tests/pb.rav.token.app_stop.yaml b/roles/juniper.junos/tests/pb.rav.token.app_stop.yml similarity index 100% rename from roles/juniper.junos/tests/pb.rav.token.app_stop.yaml rename to roles/juniper.junos/tests/pb.rav.token.app_stop.yml diff --git a/roles/juniper.junos/tests/pb.rav.token.create-deploy.yaml b/roles/juniper.junos/tests/pb.rav.token.create-deploy.yml similarity index 100% rename from roles/juniper.junos/tests/pb.rav.token.create-deploy.yaml rename to roles/juniper.junos/tests/pb.rav.token.create-deploy.yml diff --git a/roles/juniper.junos/tests/pb.rav.token.fqdn_get.yaml b/roles/juniper.junos/tests/pb.rav.token.fqdn_get.yml similarity index 100% rename from roles/juniper.junos/tests/pb.rav.token.fqdn_get.yaml rename to roles/juniper.junos/tests/pb.rav.token.fqdn_get.yml diff --git a/roles/juniper.junos/version.py b/roles/juniper.junos/version.py index 13f6726..dfff5cd 100755 --- a/roles/juniper.junos/version.py +++ b/roles/juniper.junos/version.py @@ -1,2 +1,2 @@ -VERSION = "2.1.0" -DATE = "2018-June-1" +VERSION = "2.3.0" +DATE = "2019-Dec-13" diff --git a/templates/junosphere.j2 b/templates/junosphere.j2 index 7cd31d7..4d40ffd 100644 --- a/templates/junosphere.j2 +++ b/templates/junosphere.j2 @@ -283,15 +283,17 @@ protocols { #} {% if node.iso is defined %} isis { - {# source-packet-routing { - srgb start-label 16000 index-range 8000; +{% if sr_enabled is defined %} + source-packet-routing { + srgb start-label 1000 index-range 9000; node-segment { ipv4-index {{ node.sid }}; {% if node.sid6 is defined %} ipv6-index {{ node.sid6 }}; {% endif %} } - } #} + } +{% endif %} level 1 disable; level 2 wide-metrics-only; {% for intf, intf_attr in node.links.items()|sort %} diff --git a/vars_files/core-model-epe.yml b/vars_files/core-model-epe.yml new file mode 100644 index 0000000..fcba511 --- /dev/null +++ b/vars_files/core-model-epe.yml @@ -0,0 +1,120 @@ +--- + +common: + bgp_asn: 64496 + gateway: 10.39.0.1 + +nodes: + - name: epe-vmx0 + mgmt: 10.39.0.100 + rid: 10.10.10.10 + rid6: fec0:0:0:1111::0 + sid: 400 + sid6: 600 + iso: 49.0001.0010.0100.1000.00 + + - name: epe-vmx1 + mgmt: 10.39.0.101 + rid: 1.1.1.1 + rid6: fec0:0:0:1111::1 + sid: 401 + sid6: 601 + iso: 49.0001.0010.0100.1001.00 + + - name: epe-vmx2 + mgmt: 10.39.0.102 + rid: 2.2.2.2 + rid6: fec0:0:0:1111::2 + sid: 402 + sid6: 602 + iso: 49.0001.0010.0100.1002.00 + + - name: epe-vmx3 + mgmt: 10.39.0.103 + rid: 3.3.3.3 + rid6: fec0:0:0:1111::3 + sid: 403 + sid6: 603 + iso: 49.0001.0010.0100.1003.00 + + - name: epe-vmx4 + mgmt: 10.39.0.104 + rid: 4.4.4.4 + rid6: fec0:0:0:1111::4 + sid: 404 + sid6: 604 + iso: 49.0001.0010.0100.1004.00 + + - name: epe-vmx5 + mgmt: 10.39.0.105 + rid: 5.5.5.5 + rid6: fec0:0:0:1111::5 + sid: 405 + sid6: 605 + iso: 49.0001.0010.0100.1005.00 + + - name: epe-vmx6 + mgmt: 10.39.0.106 + rid: 6.6.6.6 + rid6: fec0:0:0:1111::6 + sid: 406 + sid6: 606 + iso: 49.0001.0010.0100.1006.00 + + - name: epe-vmx7 + mgmt: 10.39.0.107 + rid: 7.7.7.7 + rid6: fec0:0:0:1111::7 + sid: 407 + sid6: 607 + iso: 49.0001.0010.0100.1007.00 + + - name: epe-vmx8 + mgmt: 10.39.0.108 + rid: 8.8.8.8 + rid6: fec0:0:0:1111::8 + sid: 408 + sid6: 608 + iso: 49.0001.0010.0100.1008.00 + + +links: + - {left: epe-vmx0, left_port: ge-0/0/0, left_ip: 10.0.1.1, + right: epe-vmx1, right_port: ge-0/0/0, right_ip: 10.0.1.2, + mask: 24, cost: 1000, mpls: True, iso: True } + - {left: epe-vmx1, left_port: ge-0/0/1, left_ip: 10.0.12.1, + right: epe-vmx2, right_port: ge-0/0/0, right_ip: 10.0.12.2, + mask: 24, cost: 1000, mpls: True, iso: True } + - {left: epe-vmx1, left_port: ge-0/0/2, left_ip: 10.0.13.1, + right: epe-vmx3, right_port: ge-0/0/0, right_ip: 10.0.13.3, + mask: 24, cost: 1000, mpls: True, iso: True } + - {left: epe-vmx1, left_port: ge-0/0/3, left_ip: 10.0.14.1, + right: epe-vmx4, right_port: ge-0/0/0, right_ip: 10.0.14.4, + mask: 24, cost: 1000, mpls: True, iso: True } + - {left: epe-vmx3, left_port: ge-0/0/1, left_ip: 10.1.35.3, + right: epe-vmx5, right_port: ge-0/0/0, right_ip: 10.1.35.5, + mask: 24, cost: 1000, mpls: False, iso: False } + - {left: epe-vmx3, left_port: ge-0/0/2, left_ip: 10.2.35.3, + right: epe-vmx5, right_port: ge-0/0/1, right_ip: 10.2.35.5, + mask: 24, cost: 1000, mpls: False, iso: False } + - {left: epe-vmx4, left_port: ge-0/0/1, left_ip: 10.0.47.4, + right: epe-vmx7, right_port: ge-0/0/0, right_ip: 10.0.47.7, + mask: 24, cost: 1000, mpls: False, iso: False } + - {left: epe-vmx5, left_port: ge-0/0/2, left_ip: 10.0.56.5, + right: epe-vmx6, right_port: ge-0/0/0, right_ip: 10.0.56.6, + mask: 24, cost: 1000, mpls: False, iso: False } + - {left: epe-vmx7, left_port: ge-0/0/1, left_ip: 10.0.78.7, + right: epe-vmx8, right_port: ge-0/0/0, right_ip: 10.0.78.8, + mask: 24, cost: 1000, mpls: False, iso: False } + + +# bgp: +# rr: [192.168.0.4, 192.168.0.7] +# clients: [192.168.0.1, 192.168.0.2, 192.168.0.8, 192.168.0.9] +# af: +# - inet +# - inet6 +# - inet-vpn + +#isis: +# network: p2p diff --git a/vars_files/core-model-prototype.yml b/vars_files/core-model-prototype.yml index e35f608..1556360 100644 --- a/vars_files/core-model-prototype.yml +++ b/vars_files/core-model-prototype.yml @@ -2,6 +2,7 @@ common: bgp_asn: 65000 + gateway: 10.39.0.1 nodes: - name: proto-pe1 diff --git a/vars_files/core-model-sr.yml b/vars_files/core-model-srlab.yml similarity index 99% rename from vars_files/core-model-sr.yml rename to vars_files/core-model-srlab.yml index 8398aa3..3e98a10 100644 --- a/vars_files/core-model-sr.yml +++ b/vars_files/core-model-srlab.yml @@ -2,6 +2,7 @@ common: bgp_asn: 65000 + gateway: 10.39.0.1 nodes: - name: srlab-vmx1