Introduction to Junos Platform Automation and Devops

Module 07: Junos PyEZ Operations

Junos PyEZ is a Python library. It consists of the jnpr.junos Python package. It is Apache 2.0 open source licenced. Starting with Junos 16.1R3, Python and Junos PyEZ are available for on-box scripting.

• device - connect to Junos devices and retrieve facts
• utils - configuration, file system, shell, SCP, and software installation modules
• command and ops - predefined tables and views used to extract specific information
• resources - predefined tables and views to configure specific devices
• exception - PyEZ exception handling

‘utils’ has sub modules: * config * fs - manage the Junos filesystem * scp * ftp * start_shell * sw - for automated software upgrades

pip3 install junos-eznc
pip3 list | grep junos-eznc

PyEZ was designed to operate over a NETCONF connection. Since PyEZ 2.2.0, serial console, Telnet, NETCONF and SSH are supported. NETCONF over SSH is still the most common method. PyEZ also supports SSH connections initiated by the device, in case the device is behind a firewall.

Junos Device Configuration

Enable remote connections.

show system services

ssh;
netconf {
    ssh;
}

Create a user account for PyEZ operations. The ‘super-user’ login class can be used.

from jnpr.junos import Device
dev = Device('172.25.11.1')
dev.open()
print(dev.facts)
dev.close()

is equivalent to

from jnpr.junos import Device
with Device('172.25.11.1') as dev:
    print(dev.facts)

Note that dev.open and dev.close are no longer called.

Authenticate device connections with SSH public key authentication.

ssh-keygen -t rsa
scp .ssh/id_rsa.pub lab@172.25.11.1:/tmp

edit system login user lab
set class super-user
set authentication load-key-file /tmp/id_rsa.pub
commit

RPC’s

Once the RPC is known, it can be called from PyEZ.

route_lxml_element = dev.rpc.get_route_information(table="inet.0")
list_of_routes = route_lxml_element.findall('.//rt')
for route in list_of_routes:
    print(
        "route: {} protocol: {}".format(
            route.findtext('rt-destination'),
            route.findtext('rt-entry/protocol')
            )
        )

The ‘jnpr.junos.utils.sw’ SW class contains ‘reboot()’ and ‘poweroff()’ methods.

from jnpr.junos import Device
from jnpr.junos.utils.sw import SW

with Device('172.25.11.1') as dev:
    sw = SW(dev)
    print(sw.poweroff(in_min='5'))

or

    print(sw.reboot(at='23:59'))

Use the ‘jnpr.junos.utils.scp’ SCP class to securely copy files.

from jnpr.junos import Device
from jnpr.junos.utils.scp import SCP

dev = Device('172.25.11.1')
with SCP(dev, progress=True) as scp:
    scp.put(
        '/home/lab/jinstall-ppc-20.2R2.11-signed.tgz',
        remote_path='/var/tmp'
        )

‘scp’ can also be used to copy remote files to the local host.

Use the ‘jnpr.junos.utils.sw.SW’ class ‘install()’ method to install and upgrade the Junos OS.

from jnpr.junos import Device
from jnpr.junos.utils.sw import SW

pkg = 'filename.tgz'

with Device('172.25.11.1') as dev:
    sw = SW(dev)
    ok, msg = sw.install(
        package=pkg, validate=True, checksum_algorithm='sha256'
        )
    if ok:
        sw.reboot()

The ‘jnpr.junos.utils.start_shell’ module StartShell object class can initiate an SSH connection to a target device and access a Junos or Unix shell.

from jnpr.junos import Device

peers_established = 0
peers_other = 0

with Device('172.25.11.1') as dev:
    bgp_data = dev.rpc.get_bgp_summary_information()
    neighbour_states = bgp_data.xpath("bgp-peer/peer-state")
    for state in neighbour_states:
        if state.text == "Established":
            peers_established += 1
        else:
            peers_other += 1

print(
    "sessions established: {} out of {}",
    peers_established,
    peers_established + peers_other
    )