[j-nsp] Templates for logging from EX series
Phil Shafer
phil at juniper.net
Wed Jun 23 18:09:51 EDT 2010
Ross Vandegrift writes:
>Is there any software to help with this task? Common group config has
>some of the same issues. Should be like the inverse of RANCID -
>manage versions of JUNOS groups and scripts with options to push out
>approved new versions.
Take a look at the "share-data" script:
http://junoscriptorium.googlecode.com/svn/trunk/library/juniper/op/network/share-data/share-data.xml
The docs aren't complete, but the basic operation is that you built
a config group with an apply-macro called "share-data" that contains
a list of hosts that you want to share the config group with.
groups {
test {
share-data {
apply-macro share-data {
10.0.0.7;
10.0.0.8;
10.0.0.9;
10.0.0.101;
10.0.0.103;
10.0.0.106;
10.0.0.109;
10.0.0.111;
10.0.0.113;
}
interfaces {
<*> {
unit <*> {
accounting-profile all-interfaces;
}
}
}
}
}
}
The op script "share-data" then copies the contents of this group
to all the named targets. The "group" argument can limit it to
a single group, or omit it and it will sync any group that contains
a "share-data" apply-macro.
user at cli> op share-data ?
Possible completions:
<[Enter]> Execute this command
<name> Argument name
database Database for configuration ('candidate' or 'committed')
detail Display detailed output
group Name of config group to share
target Target for transfer (one or space-delimited list)
| Pipe through a command
user at cli> op share-data group share-data
sharing group 'share-data'
target: 10.0.0.7
skipping local address
target: 10.0.0.8
connecting to 10.0.0.8
connected; transfering group share-data
successfully committed on 10.0.0.8
target: 10.0.0.9
connecting to 10.0.0.9
connected; transfering group share-data
successfully committed on 10.0.0.9
...
Note that it's smart enough to avoid copying to the local machine [1],
so you can update the group from any member, but the issue of
avoiding conflicts is not solved.
This is definitely not a scalable solution, but certainly hits the
"fast" and "cheap" points of the Project Triangle.
Thanks,
Phil
[1] where "local" is defined as:
...
} else if ($proto == "Local"
|| ($proto == "Direct" && $rt/nh/via == "lo0.0")) {
expr jcs:output(" skipping local address");
} ...
See:
http://code.google.com/p/junoscriptorium/source/browse/trunk/library/juniper/op/network/share-data/share-data.slax#254
More information about the juniper-nsp
mailing list