Juniper, Zero Touch Provisioning, and Raspberry Pi

Recently, a client had the need to replace about 500 switches at multiple remote sites. ZTP came to mind as a possible shortcut to getting this done with the littlest possible work effort. After doing some reading about automation and Junos, I started playing around with python, jinja, and yaml. During this time period, it turned out that a colleague of mine was actually going through the same exercise with one of his clients. Special thanks to Vince Loschiavo, who came up with a way to build device-specific configuration files while also leveraging ZTP. His Git repository can be found here, which goes over all the steps one must take to get things working. I would highly recommend reading through his, and other documentation prior to moving forward, but in a nutshell, here's how ZTP works:

1. By default, when a new Juniper switch's management interface is plugged in, it attempts to go through the ZTP process.
1. It requests an IP address.
2. It attempts to download and upgrade the Junos OS.
3. It attempts to download and install a configuration.

 This process can be manipulated to satisfy more complex requirements. Below is a brief overview:

1. A user scans/enters the MAC address of each switch's management interface into a CSV file, along with other device-specific data (i.e. host name, IP addressing, VLANs, etc.).
2. This CSV file is then placed on a server somewhere on the network where python, jinja2, apache2, the required Junos OS version, and a DHCP server are installed/loaded.
3. Two jinja templates exist on this server that allow for the generation of device-specific configuration files.
1. A configuration template that contains variables for all data that differs per device.
2. A DHCP reservation template that contains variables for certain device-specific information (i.e MAC address of a switch's management interface).
4. A single python script exists on this server, which when executed, analyzes the CSV file, generates configuration files, as well as creates DHCP reservations for each switch.
5. Upon plugging each switch into the network, the ZTP process is triggered, and switches are deployment-ready in minutes.

This is awesome! However, in my case the customer did not have a management network built, and time constraints would not allow it...

Discussing my constraints with Vince and other team members, we came to the conclusion that a small, portable mini-computer just might work for this type of scenario. Enter Raspberry Pi!

Together we were able to validate that a Raspberry Pi gets the job done. It is super cheap and can be powered via a USB port on a switch. Once everything is loaded and the python script is executed, it is very plug and play. The Raspberry Pi can then be shipped from site to site to perform OS upgrades and provision configuration data.

In effort to make things a little simpler for network engineers that would like to try this out, I have taken a snapshot of my 8GB microSD with all the necessary applications installed and configured. It even has a sample CSV file, and generated samples from the python script. If you would like a copy just let me know. If you would like to build your own, here is what I installed:

• Snappy Ubuntu Core - https://wiki.ubuntu.com/ARM/RaspberryPi
• apache2 - used to transfer files via http
• python - used to generate files
• jinja2 - used to create templates
• isc-dhcp-server - used to serve IP addresses
• openssh-server - used to allow SSH access

 Enjoy!