Network Automation Minilab
-
- 2.1. Git
- 2.2. VirtualBox
- 2.3. Vagrant
- 2.3.1. Vagrant plugins
- 2.4. vSRX Images
 |
DISCLAIMER This setup has been tested on Linux and OSX; it may not work on Windows. |
The full mini-lab consists of:
- 1 Ubuntu VM (for the Ansible control node)
- 3 fully-interconnected Juniper vSRXs
The VM specifications are as follows:
- The vSRXs each have 2 vCPUs and 4GB RAM
- The Ansible control node has 2 vCPUs and 1GB RAM
In order to keep the initial demands on the host machine low, only one vSRX will be spun up; the second and third vSRX's are commented out in the relevant Vagrant control file (imaginatively called Vagrantfile).
1. What's in this repository?
Here is the directory structure:
├── docs // Other documentation in addition to this readme file.
│ └── virtualbox_create_vsrx3.0.md
├── images // Images (for the documentation)
│ ├── DevEnvironment.drawio
│ ├── DevEnvironment.png
│ └── warning_icon.png
├── README.md // This file
└── Vagrantfile // The Vagrantfile that describes the resources you are going to spin up2. Requirements
2.1. Git
The easiest way to download this repository is to use Git.
- Windows: Download git from: https://git-scm.com/download/win
- Linux: Install git using:
sudo apt-get install gitsudo yum install git- OsX: Download git from: https://git-scm.com/download/mac
If want to know more about git, you can refer to this book: https://git-scm.com/book/en/v2
2.2. VirtualBox
This is the framework which allows users to run virtual devices on Windows, Linux, MacOS and Solaris hosts.
Download and install VirtualBox from: https://www.virtualbox.org/wiki/Downloads
|
VirtualBox does not work on M1 Macs. Sorry, Mac users! |
2.3. Vagrant
Vagrant uses node and connectivity definitions in a control file (by default called Vagrantfile) to orchestrate the creation of multi-device virtual environments. It can use several such environments - we are going to use VirtualBox.
Download Vagrant from: https://www.vagrantup.com/downloads.html
Some documentation about Vagrant is available here: https://www.vagrantup.com/intro/getting-started/index.html
You need at least Vagrant version 2.2.7 if you are using Virtualbox 6.1+
2.3.1. Vagrant plugins
Vagrant needs these plugins to be able to spin up JunOS 12 virtual devices.
➜ vagrant plugin list
vagrant-host-shell (0.0.4, global)
- Version Constraint: > 0
vagrant-junos (0.2.1, global)
- Version Constraint: > 0
vagrant-junos_cli (1.1.0, global)
- Version Constraint: > 0
Plugins can be installed using :
vagrant plugin install vagrant-host-shell vagrant-junos vagrant-junos_cli |
WARNING If you are upgrading Virtualbox or Vagrant, run: vagrant plugin update
|
2.4. vSRX Images
We use a public JunOS 12.1 vSRX image: (https://app.vagrantup.com/juniper/boxes/ffp-12.1X47-D15.4-packetmode, if you're curious).
3. How to use
-
Install Virtualbox, Vagrant and the vagrant plugins as shown above.
-
Clone this repository using the following command:
testhost> git clone git@gitlab.geant.org:geant-oav/ansible-minilab.git
Cloning into 'ansible-minilab'...
remote: Enumerating objects: 21, done.
remote: Total 21 (delta 0), reused 0 (delta 0), pack-reused 21
Receiving objects: 100% (21/21), 51.72 KiB | 999.00 KiB/s, done.
Resolving deltas: 100% (2/2), done.
testhost> cd ansible-minilab/- Check the status of the Vagrant environment.
testhost> vagrant status
vsrx1 not created (virtualbox)
ansible-node not created (virtualbox)
This environment represents multiple VMs. The VMs are all listed
above with their current state. For more information about a specific
VM, run `vagrant status NAME`.Good. Vagrant know about the two devices (remember, the second and third devices are commented out in the control file) but they are not yet active.
Yet.
- Activate Vagrant
Type vagrant up (yes, without any arguments) to activate all of the virtual devices. This may take between and 15 mins depending on your host machine device and its connection to the Internet.
testhost> vagrant up
Bringing machine 'vsrx1' up with 'virtualbox' provider...
Bringing machine 'ansible-node' up with 'virtualbox' provider...
==> vsrx1: Box 'juniper/ffp-12.1X47-D15.4-packetmode' could not be found. Attempting to find and install...
vsrx1: Box Provider: virtualbox
vsrx1: Box Version: >= 0
==> vsrx1: Loading metadata for box 'juniper/ffp-12.1X47-D15.4-packetmode'
vsrx1: URL: https://vagrantcloud.com/juniper/ffp-12.1X47-D15.4-packetmode
==> vsrx1: Adding box 'juniper/ffp-12.1X47-D15.4-packetmode' (v0.5.0) for provider: virtualbox
vsrx1: Downloading: https://vagrantcloud.com/juniper/boxes/ffp-12.1X47-D15.4-packetmode/versions/0.5.0/providers/virtualbox.box
==> vsrx1: Successfully added box 'juniper/ffp-12.1X47-D15.4-packetmode' (v0.5.0) for 'virtualbox'!
==> vsrx1: Importing base box 'juniper/ffp-12.1X47-D15.4-packetmode'...
...
...lots and lots of output including software downloads and OS updates...
...
==> ansible-node: Running provisioner: file...
ansible-node: ./ansible-minilab => /home/vagrant/ansible-minilab- Post-activation vSRX commands
Once the vSRX device is fully active you have to do a little manual configuration. The commands are as follows;
set system login user vagrant class super-user
set system login user vagrant authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
set interfaces ge-0/0/1 description "HostOnly network"
set interfaces ge-0/0/1 unit 0 family inet address 192.168.56.11/24
set system services netconf sshTo connect to the vSRX, use the vagrant ssh command and the name of the virtual device.
testhost> vagrant ssh vsrx1
--- JUNOS 12.1X47-D15.4 built 2014-11-12 02:13:59 UTC
root@vsrx1% cli
root@vsrx1> configure
Entering configuration mode
[edit]
root@vsrx1# set system login user vagrant class super-user
[edit]
root@vsrx1# ...OzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key”
[edit]
root@vsrx1# set interfaces ge-0/0/1 description “HostOnly network”
[edit]
root@vsrx1# set interfaces ge-0/0/1 unit 0 family inet address 192.168.56.11/24
[edit]
root@vsrx1# set system services netconf ssh
[edit]
root@vsrx1# commit check
configuration check succeeds
[edit]
root@vsrx1# commit comment “Running set commands as per install instructions” and-quit
commit complete
Exiting configuration mode
root@vsrx1> exit
root@vsrx1% exit
logout
Connection to 127.0.0.1 closed.- Once this is done, you can log into the Ansible control node (using
vagrant ssh ansible-node) and launch your first playbook!
testhost> vagrant ssh ansible-node
Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 5.4.0-91-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Thu Dec 9 16:22:59 UTC 2021
System load: 0.1 Processes: 114
Usage of /: 4.9% of 38.71GB Users logged in: 0
Memory usage: 25% IPv4 address for enp0s3: 10.0.2.15
Swap usage: 0% IPv4 address for enp0s8: 192.168.56.199
0 updates can be applied immediately.
vagrant@ansible-node:~$ cd ansible-minilab/
vagrant@ansible-node:~/ansible-minilab$ ansible-playbook -i minilab-inventory/ playbooks/get_facts.yaml
PLAY [all] *******************************************************************************************************************************************************************************************************
TASK [Gathering Facts] *******************************************************************************************************************************************************************************************
[WARNING]: Ignoring timeout(10) for junos_facts
[WARNING]: default value for `gather_subset` will be changed to `min` from `!config` v2.11 onwards
[WARNING]: Platform linux on host 192.168.56.11 is using the discovered Python interpreter at /usr/bin/python3, but future installation of another Python interpreter could change this. See
https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information.
ok: [192.168.56.11]
TASK [collect default set of facts] ******************************************************************************************************************************************************************************
ok: [192.168.56.11]
TASK [show facts] ************************************************************************************************************************************************************************************************
ok: [192.168.56.11] => {
"msg": {
"ansible_facts": {
"ansible_net_api": "netconf",
"ansible_net_filesystems": [
"/dev/ad0s1a",
"devfs",
"/dev/md0",
"/cf",
"devfs",
"procfs",
"/dev/bo0s1e",
"/dev/md1",
"/cf/var/jail",
"/cf/var/log",
"devfs",
"/dev/md2"
],
"ansible_net_gather_network_resources": [],
"ansible_net_gather_subset": [
"default",
"hardware",
"interfaces"
],
"ansible_net_has_2RE": false,
"ansible_net_hostname": "vsrx1",
"ansible_net_interfaces": {
".local.": {
"admin-status": "up",
"macaddress": "Unspecified",
"mtu": "Unlimited",
"oper-status": "up",
"speed": "Unlimited",
"type": "Loopback"
},
"dsc": {
"admin-status": "up",
"macaddress": "Unspecified",
"mtu": "Unlimited",
"oper-status": "up",
"speed": "Unspecified",
"type": "Software-Pseudo"
},
"ge-0/0/0": {
"admin-status": "up",
"macaddress": "08:00:27:ae:f4:51",
"mtu": "1514",
"oper-status": "up",
"speed": "1000mbps",
"type": null
},
"ge-0/0/1": {
"admin-status": "up",
"macaddress": "08:00:27:99:c1:78",
"mtu": "1514",
"oper-status": "up",
"speed": "1000mbps",
"type": null
},
"ge-0/0/2": {
"admin-status": "up",
"macaddress": "08:00:27:54:17:91",
"mtu": "1514",
"oper-status": "up",
"speed": "1000mbps",
"type": null
},
"ge-0/0/3": {
"admin-status": "up",
"macaddress": "08:00:27:61:90:9f",
"mtu": "1514",
"oper-status": "up",
"speed": "1000mbps",
"type": null
},
"gr-0/0/0": {
"admin-status": "up",
"macaddress": null,
"mtu": "Unlimited",
"oper-status": "up",
"speed": "800mbps",
"type": "GRE"
},
"gre": {
"admin-status": "up",
"macaddress": null,
"mtu": "Unlimited",
"oper-status": "up",
"speed": "Unlimited",
"type": "GRE"
},
"ip-0/0/0": {
"admin-status": "up",
"macaddress": null,
"mtu": "Unlimited",
"oper-status": "up",
"speed": "800mbps",
"type": "IPIP"
},
"ipip": {
"admin-status": "up",
"macaddress": null,
"mtu": "Unlimited",
"oper-status": "up",
"speed": "Unlimited",
"type": "IPIP"
},
"irb": {
"admin-status": "up",
"macaddress": "4c:96:14:10:01:30",
"mtu": "1514",
"oper-status": "up",
"speed": "Unspecified",
"type": "Ethernet"
},
"lo0": {
"admin-status": "up",
"macaddress": "Unspecified",
"mtu": "Unlimited",
"oper-status": "up",
"speed": "Unspecified",
"type": "Loopback"
},
"lsi": {
"admin-status": "up",
"macaddress": "Unspecified",
"mtu": "1496",
"oper-status": "up",
"speed": "Unlimited",
"type": "Software-Pseudo"
},
"lsq-0/0/0": {
"admin-status": "up",
"macaddress": null,
"mtu": "1504",
"oper-status": "up",
"speed": null,
"type": null
},
"lt-0/0/0": {
"admin-status": "up",
"macaddress": "02:96:14:10:01:33",
"mtu": "Unlimited",
"oper-status": "up",
"speed": "800mbps",
"type": "Logical-tunnel"
},
"mt-0/0/0": {
"admin-status": "up",
"macaddress": null,
"mtu": "Unlimited",
"oper-status": "up",
"speed": "800mbps",
"type": "Multicast-GRE"
},
"mtun": {
"admin-status": "up",
"macaddress": null,
"mtu": "Unlimited",
"oper-status": "up",
"speed": "Unlimited",
"type": "Multicast-GRE"
},
"pimd": {
"admin-status": "up",
"macaddress": null,
"mtu": "Unlimited",
"oper-status": "up",
"speed": "Unlimited",
"type": "PIMD"
},
"pime": {
"admin-status": "up",
"macaddress": null,
"mtu": "Unlimited",
"oper-status": "up",
"speed": "Unlimited",
"type": "PIME"
},
"pp0": {
"admin-status": "up",
"macaddress": "Unspecified",
"mtu": "1532",
"oper-status": "up",
"speed": "Unspecified",
"type": "PPPoE"
},
"ppd0": {
"admin-status": "up",
"macaddress": null,
"mtu": "Unlimited",
"oper-status": "up",
"speed": "800mbps",
"type": "PIMD"
},
"ppe0": {
"admin-status": "up",
"macaddress": null,
"mtu": "Unlimited",
"oper-status": "up",
"speed": "800mbps",
"type": "PIME"
},
"sp-0/0/0": {
"admin-status": "up",
"macaddress": "Unspecified",
"mtu": "9192",
"oper-status": "up",
"speed": "800mbps",
"type": "Adaptive-Services"
},
"st0": {
"admin-status": "up",
"macaddress": null,
"mtu": "9192",
"oper-status": "up",
"speed": "Unspecified",
"type": "Secure-Tunnel"
},
"tap": {
"admin-status": "up",
"macaddress": "Unspecified",
"mtu": "Unlimited",
"oper-status": "up",
"speed": "Unlimited",
"type": "Software-Pseudo"
},
"vlan": {
"admin-status": "up",
"macaddress": "00:00:00:00:00:00",
"mtu": "1518",
"oper-status": "down",
"speed": "1000mbps",
"type": "VLAN"
}
},
"ansible_net_memfree_mb": 604700,
"ansible_net_memtotal_mb": 2080148,
"ansible_net_model": "firefly-perimeter",
"ansible_net_modules": [
{
"name": "Midplane"
},
{
"name": "System IO"
},
{
"description": "FIREFLY-PERIMETER RE",
"name": "Routing Engine"
},
{
"chassis_sub_module": null,
"description": "Virtual FPC",
"name": "FPC 0"
},
{
"name": "Power Supply 0"
}
],
"ansible_net_python_version": "3.8.10",
"ansible_net_routing_engines": {
"null": {
"cpu_background": "0",
"cpu_idle": "99",
"cpu_interrupt": "0",
"cpu_system": "1",
"cpu_user": "0",
"last_reboot_reason": "Router rebooted after a normal shutdown.",
"load_average_fifteen": "0.10",
"load_average_five": "0.14",
"load_average_one": "0.40",
"memory_control_plane": "1150",
"memory_control_plane_used": "357",
"memory_control_plane_util": "31",
"memory_data_plane": "898",
"memory_data_plane_used": "323",
"memory_data_plane_util": "36",
"memory_system_total": "2048",
"memory_system_total_used": "676",
"memory_system_total_util": "33",
"model": "FIREFLY-PERIMETER RE",
"slot": null,
"start_time": "2021-12-07 10:23:23 UTC",
"status": "Testing",
"up_time": "12 minutes, 47 seconds"
}
},
"ansible_net_serialnum": "46bc1397f531",
"ansible_net_system": "junos",
"ansible_network_resources": {}
},
"changed": false,
"failed": false
}
}
PLAY RECAP *******************************************************************************************************************************************************************************************************
192.168.56.11 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
vagrant@ansible-node:~/ansible-minilab$- You can turn off, destroy or pause the virtual machines using the following vagrant commands:
destroy stops and deletes all traces of the vagrant machine
suspend suspends the machine
halt stops the vagrant machine
resume resume a suspended vagrant machineMore vagrant commands are available using vagrant --help