[j-nsp] Templates for logging from EX series

Phil Shafer phil at juniper.net
Wed Jun 23 18:09:51 EDT 2010


Ross Vandegrift writes:
>Is there any software to help with this task?  Common group config has
>some of the same issues.  Should be like the inverse of RANCID -
>manage versions of JUNOS groups and scripts with options to push out
>approved new versions.

Take a look at the "share-data" script:

http://junoscriptorium.googlecode.com/svn/trunk/library/juniper/op/network/share-data/share-data.xml

The docs aren't complete, but the basic operation is that you built
a config group with an apply-macro called "share-data" that contains
a list of hosts that you want to share the config group with.

groups {
    test {
        share-data {
            apply-macro share-data {
                10.0.0.7;
                10.0.0.8;
                10.0.0.9;
                10.0.0.101;
                10.0.0.103;
                10.0.0.106;
                10.0.0.109;
                10.0.0.111;
                10.0.0.113;
            }
            interfaces {
                <*> {
                    unit <*> {
                        accounting-profile all-interfaces;
                    }
                }
            }
        }
    }
}

The op script "share-data" then copies the contents of this group
to all the named targets.  The "group" argument can limit it to
a single group, or omit it and it will sync any group that contains
a "share-data" apply-macro.

user at cli> op share-data ?     
Possible completions:
  <[Enter]>            Execute this command
  <name>               Argument name
  database             Database for configuration ('candidate' or 'committed')
  detail               Display detailed output
  group                Name of config group to share
  target               Target for transfer (one or space-delimited list)
  |                    Pipe through a command
user at cli> op share-data group share-data 
sharing group 'share-data'
  target: 10.0.0.7
    skipping local address
  target: 10.0.0.8
    connecting to 10.0.0.8
    connected; transfering group share-data
    successfully committed on 10.0.0.8
  target: 10.0.0.9
    connecting to 10.0.0.9
    connected; transfering group share-data
    successfully committed on 10.0.0.9
...

Note that it's smart enough to avoid copying to the local machine [1],
so you can update the group from any member, but the issue of
avoiding conflicts is not solved.

This is definitely not a scalable solution, but certainly hits the
"fast" and "cheap" points of the Project Triangle.

Thanks,
 Phil

[1] where "local" is defined as:

                ...
	    } else if ($proto == "Local"
		       || ($proto == "Direct" && $rt/nh/via == "lo0.0")) {
		expr jcs:output("    skipping local address");
            } ...

See:
    http://code.google.com/p/junoscriptorium/source/browse/trunk/library/juniper/op/network/share-data/share-data.slax#254


More information about the juniper-nsp mailing list