Sunday, May 24, 2015

Juniper, Zero Touch Provisioning, and Raspberry Pi

Recently, a client had the need to replace about 500 switches at multiple remote sites. ZTP came to mind as a possible shortcut to getting this done with the littlest possible work effort. After doing some reading about automation and Junos, I started playing around with python, jinja, and yaml. During this time period, it turned out that a colleague of mine was actually going through the same exercise with one of his clients. Special thanks to Vince Loschiavo, who came up with a way to build device-specific configuration files while also leveraging ZTP. His Git repository can be found here, which goes over all the steps one must take to get things working. I would highly recommend reading through his, and other documentation prior to moving forward, but in a nutshell, here's how ZTP works:
  1. By default, when a new Juniper switch's management interface is plugged in, it attempts to go through the ZTP process.
    1. It requests an IP address.
    2. It attempts to download and upgrade the Junos OS.
    3. It attempts to download and install a configuration.
 This process can be manipulated to satisfy more complex requirements. Below is a brief overview:
  1. A user scans/enters the MAC address of each switch's management interface into a CSV file, along with other device-specific data (i.e. host name, IP addressing, VLANs, etc.).
  2. This CSV file is then placed on a server somewhere on the network where python, jinja2, apache2, the required Junos OS version, and a DHCP server are installed/loaded.
  3. Two jinja templates exist on this server that allow for the generation of device-specific configuration files.
    1. A configuration template that contains variables for all data that differs per device.
    2. A DHCP reservation template that contains variables for certain device-specific information (i.e MAC address of a switch's management interface).
  4. A single python script exists on this server, which when executed, analyzes the CSV file, generates configuration files, as well as creates DHCP reservations for each switch.
  5. Upon plugging each switch into the network, the ZTP process is triggered, and switches are deployment-ready in minutes.
This is awesome! However, in my case the customer did not have a management network built, and time constraints would not allow it...

Discussing my constraints with Vince and other team members, we came to the conclusion that a small, portable mini-computer just might work for this type of scenario. Enter Raspberry Pi!

Together we were able to validate that a Raspberry Pi gets the job done. It is super cheap and can be powered via a USB port on a switch. Once everything is loaded and the python script is executed, it is very plug and play. The Raspberry Pi can then be shipped from site to site to perform OS upgrades and provision configuration data.

In effort to make things a little simpler for network engineers that would like to try this out, I have taken a snapshot of my 8GB microSD with all the necessary applications installed and configured. It even has a sample CSV file, and generated samples from the python script. If you would like a copy just let me know. If you would like to build your own, here is what I installed:
  • Snappy Ubuntu Core - https://wiki.ubuntu.com/ARM/RaspberryPi
  • apache2 - used to transfer files via http
  • python - used to generate files
  • jinja2 - used to create templates
  • isc-dhcp-server - used to serve IP addresses
  • openssh-server - used to allow SSH access
 Enjoy!

29 comments:

  1. hey Spencer,

    Let me know how to get a copy of your 8GB microSD please.

    ReplyDelete
    Replies
    1. greyhunter, send me your email and I will send you a link.

      Delete
  2. how can i send it privately to you? could not find any contact me link

    ReplyDelete
    Replies
    1. This comment has been removed by the author.

      Delete
    2. Thanks. You may delete the file as i finished downloading.

      Appreciate your support.

      Delete
  3. Hi Spencer,

    This is exactly like a project I've been trying to get working. Can you send me your snapshot? I can't find any contact information on this page.

    Thanks!

    ReplyDelete
    Replies
    1. Here is a link. It will be valid for 48 hours and then I will remove it.

      https://drive.google.com/file/d/0B3xuJU9ioNLJWGhyQ0paemRlOWs/view?usp=sharing

      Delete
  4. Hi Spencer,

    Is your snapshot working on Pi 3? I am having a tough time of running on Pi 3.

    ReplyDelete
  5. No this image is for Pi 2. That could be why you are having issues.

    ReplyDelete
  6. hey Spencer,

    Let me know how to get a copy of your 8GB microSD please.

    Here is my email address

    yanlouze@gmail.com

    Thanks so much

    ReplyDelete
    Replies
    1. Hello, you should have access now. Please let me know if it is not working.

      Delete
    2. Hi Spencer,

      Ran across this post. Could I try out your image? You can get a hold of me at cis.rmullaney@gmail.com.

      Thank you!

      Delete
    3. Ryan,

      You should now have access.

      Spencer

      Delete
  7. i am interested in your image as well. theisgroup@gmail.com

    ReplyDelete
  8. any chance i got get a copy of the image avrillafuze@gmail.com

    ReplyDelete
  9. Hi Spencer, I would like to have copy of your card please
    email jupekki16@gmail.com

    ReplyDelete
  10. Hi Spencer, great project!
    Could you send me a copy of your card please
    email: david.benoudiz@gmail.com
    Thanks!

    ReplyDelete
  11. Hi Spencer,

    I'm very interested in this image as well. Can you please share? webnetwiz@gmail.com

    ReplyDelete
  12. Hi Spencer,

    Late to the party, but can I also have access to your image? - gquinones83@gmail.com

    ReplyDelete
  13. I would like to check out the image as well bcording@cordingley.net

    ReplyDelete