add junos device management
This commit is contained in:
parent
6ae90733c3
commit
f1a775b5c9
GPG key ID:
12E3D2136B818350
5 changed files with 304 additions and 0 deletions
141
configs/junos-template.conf
Normal file
141
configs/junos-template.conf
Normal file
|
|
@ -0,0 +1,141 @@
|
|||
version ${'.'.join(node.metadata.get('junos/version'))};
|
||||
system {
|
||||
host-name ${node.name.split('.')[-1]};
|
||||
time-zone GMT;
|
||||
root-authentication {
|
||||
encrypted-password "$5$1hGrR8Kk$lx3CIdxqvesBrZUtDftROEoyXQuMENEu62JVtHw6WGD"; ## SECRET-DATA
|
||||
}
|
||||
name-server {
|
||||
% for srv in repo.libs.defaults.nameservers_ipv4:
|
||||
${srv};
|
||||
% endfor
|
||||
}
|
||||
login {
|
||||
% for uid, (uname, uconfig) in enumerate(sorted(users.items())):
|
||||
user ${uname} {
|
||||
full-name ${uname};
|
||||
uid ${1000+uid};
|
||||
class super-user;
|
||||
authentication {
|
||||
% for pubkey in sorted(uconfig['ssh_pubkey']):
|
||||
${pubkey.split(' ', 1)[0]} "${pubkey}";
|
||||
% endfor
|
||||
}
|
||||
}
|
||||
% endfor
|
||||
}
|
||||
services {
|
||||
ssh {
|
||||
protocol-version v2;
|
||||
}
|
||||
netconf {
|
||||
ssh;
|
||||
}
|
||||
# web-management {
|
||||
# http;
|
||||
# }
|
||||
}
|
||||
syslog {
|
||||
user * {
|
||||
any emergency;
|
||||
}
|
||||
file messages {
|
||||
any notice;
|
||||
authorization info;
|
||||
}
|
||||
file interactive-commands {
|
||||
interactive-commands any;
|
||||
}
|
||||
}
|
||||
ntp {
|
||||
% for srv in sorted(ntp_servers):
|
||||
server ${srv};
|
||||
% endfor;
|
||||
}
|
||||
}
|
||||
interfaces {
|
||||
% for iface, config in sorted(interfaces.items()):
|
||||
${iface} {
|
||||
unit 0 {
|
||||
% if not config['enabled']:
|
||||
disable;
|
||||
% endif
|
||||
% if config['mode'] == 'trunk':
|
||||
family ethernet-switching {
|
||||
port-mode trunk;
|
||||
vlan {
|
||||
members [ ${' '.join(sorted(config['tagged_vlans']))} ];
|
||||
}
|
||||
% if config['untagged_vlan']:
|
||||
native-vlan-id ${config['untagged_vlan']};
|
||||
% endif
|
||||
}
|
||||
% else:
|
||||
family ethernet-switching;
|
||||
% endif
|
||||
}
|
||||
}
|
||||
% endfor
|
||||
vlan {
|
||||
% for idx, (vlan, vconfig) in enumerate(sorted(vlans.items())):
|
||||
% if vconfig['ip_address']:
|
||||
unit ${idx} {
|
||||
family inet {
|
||||
address ${vconfig['ip_address']};
|
||||
}
|
||||
}
|
||||
% endif
|
||||
% endfor
|
||||
}
|
||||
}
|
||||
snmp {
|
||||
contact "${repo.libs.defaults.hostmaster_email}";
|
||||
community public {
|
||||
authorization read-only;
|
||||
}
|
||||
}
|
||||
routing-options {
|
||||
static {
|
||||
route 0.0.0.0/0 next-hop ${gateway};
|
||||
}
|
||||
}
|
||||
protocols {
|
||||
igmp-snooping {
|
||||
vlan all;
|
||||
}
|
||||
rstp;
|
||||
lldp {
|
||||
interface all;
|
||||
}
|
||||
lldp-med {
|
||||
interface all;
|
||||
}
|
||||
}
|
||||
ethernet-switching-options {
|
||||
voip;
|
||||
storm-control {
|
||||
interface all;
|
||||
}
|
||||
}
|
||||
vlans {
|
||||
% for idx, (vlan, vconfig) in enumerate(sorted(vlans.items())):
|
||||
${vlan} {
|
||||
% if vconfig['id']:
|
||||
vlan-id ${vconfig['id']};
|
||||
% endif
|
||||
interface {
|
||||
% for iface, iconfig in sorted(interfaces.items()):
|
||||
% if iconfig['untagged_vlan'] == vlan:
|
||||
${iface}.0;
|
||||
% endif
|
||||
% endfor
|
||||
}
|
||||
% if vconfig['ip_address']:
|
||||
l3-interface vlan.${idx};
|
||||
% endif
|
||||
}
|
||||
% endfor
|
||||
}
|
||||
poe {
|
||||
interface all;
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue