[j-nsp] Centralized scripts and copying to redundant routing-engines..

Richard A Steenbergen ras at e-gerbil.net
Thu Sep 9 23:52:56 EDT 2010


On Thu, Sep 09, 2010 at 09:31:55PM -0400, Chris Evans wrote:
> I have a question, hopefully someone has an answer..
> 
> I have setup centralized stored commit scripts, however I'm running 
> into issues with devices (EX and MX) that have redundant 
> routing-engines. The files have to be on both RE's to successfully 
> commit as I use commit sync. How do I get the files on both RE's when 
> using a central server??

I've begged and pleaded for an automatic commit script sync feature (the 
same way you can configure an automatic config sync on commit with 
"system commit synchronize") since day 1, but there seems to be some 
kind of philosophical opposition to it that I don't understand. :) 

You can, of course, script it. :) I've just never gotten around to doing 
it (so far down my list of broken Juniper crap it's not even funny :(), 
but it'd be pretty simple. Somthing like this.

var $other-re = {
    if (jcs:sysctl("hw.re.slotid", "i") == 0) {
        expr "re1";
    else {
        expr "re0";
    }
}

var $cs_delete = {
    <file-delete> {
        <path> $other-re _ ":/var/db/scripts/commit/*";
    }
}

var $cs_copy = {
    <file-copy> {
        <source> "/var/db/scripts/commit/*"
        <destination> $other-re _ ":/var/db/scripts/commit";
    }
}

jcs:invoke($cs_delete);
jcs:invoke($cs_copy);

You want to use the delete to handle cases where you don't have 
permission to modify the file, for example if you've ever upgraded 
scripts as "root" instead of a standard tacacs user, etc.

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)


More information about the juniper-nsp mailing list