Junos Ansible Modules 1.4.3 documentation

junos_pmtud - Perform path MTU discovery on junos devices¶

Author:	Martin Komon

Synopsis
Options
Examples

Synopsis ¶

New in version 2.4.

perform path MTU discovery on junos devices

parameter	required	default	comments
dest_ip	yes		Destination IPv4 address or hostname
interface	no		Interface used to send traffic out
max_range	no	512	Max range of path MTU discovery. Must be 2^n.
max_size	no	1472	Start and max size for path MTU discovery.
mode	no	None	mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
passwd	no	assumes ssh-key active	Login password
port	no	830	port number to use when connecting to the device
routing_instance	no		Name of the routing instance to use to send the ping
source_ip	no		Source IPv4 address used to send the ping
ssh_private_key_file	no	None	This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
timeout	no	0	Extend the NETCONF RPC timeout beyond the default value of 30 seconds. Set this value to accommodate pings that might take longer than the default timeout interval.
user	no	$USER	Login username

Examples ¶

# Simple example
  tasks:
    - name: "Check MTU on backup circuit"
      junos_pmtud:
        host={{ junos_host }}
        port={{ netconf_port }}
        user={{ ansible_ssh_user }}
        passwd={{ ansible_ssh_pass }}
        dest_ip=8.8.8.8

# Using more parameters
  tasks:
    - name: "Check MTU on backup circuit"
      junos_pmtud:
        host={{ junos_host }}
        port={{ netconf_port }}
        user={{ ansible_ssh_user }}
        passwd={{ ansible_ssh_pass }}
        dest_ip=8.8.8.8
        routing_instance=internet
        max_range=128

junos_rollback - Rollback configuration of device¶

Author:	Rick Sherman, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.2.0.

Rollback the configuration of a device running Junos

parameter	required	default	comments
comment	no	None	Provide a comment to the commit of the configuration
confirm	no	None	Provide a confirm in minutes to the commit of the configuration
diffs_file	no	None	Path to the file where any diffs will be written
host	yes		Set to {{ inventory_hostname }}
logfile	no	None	Path on the local server where the progress status is logged for debugging purposes
mode	no	None	mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
passwd	no	assumes ssh-key active	Login password
port	no	830	port number to use when connecting to the device
rollback	yes	None	The rollback id value [0-49]
ssh_private_key_file	no	None	This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
timeout	no	0	Extend the NETCONF RPC timeout beyond the default value of 30 seconds. Set this value to accommodate rollbacks that might take longer than the default timeout interval.
user	no	$USER	Login username

Examples ¶

- junos_rollback:
   host: "{{ inventory_hostname }}"
   logfile=rollback.log
   diffs_file=rollback.diff
   rollback=1
   comment="Rolled back by Ansible"
   confirm=5

# over console server connection using PyEZ >= 2.0
- junos_rollback:
   host: "{{ inventory_hostname }}"
   logfile=rollback.log
   diffs_file=rollback.diff
   rollback=1
   comment="Rolled back by Ansible"
   confirm=5
   mode='telnet'
   port=7015

junos_install_config - Load a configuration file or snippet onto a device running Junos OS.¶

Author:	Jeremy Schulman, Juniper Networks

Synopsis
Options
Examples

Load a complete Junos OS configuration (overwrite) or merge a configuration snippet onto a device running Junos OS and commit it. The default behavior is to perform a load merge operation (overwrite=’no’). This module performs an atomic lock/edit/unlock. If the process fails at any step, then all configuration changes are discarded. You can load the configuration using either NETCONF or the CONSOLE port. Specify the console option to use the CONSOLE port. You provide the configuration data in a file. Supported formats when using NETCONF include ASCII text, Junos XML elements, and Junos OS set commands. Configurations performed through the console must only use ASCII text formatting.

Options ¶

parameter	required	default	choices	comments
check_commit	no	True	true false yes no	Specify whether the configuration will be commit-checked or not. Set to false, outputs similarly to the "show \| compare" functionality, while true returns the "commit check" result.
check_commit_wait	no	None	1 - 4	Set to number of seconds to wait between check and commit.
comment	no	None		Provide a comment to the commit of the configuration
confirm	no	None		Provide a confirm in minutes to the commit of the configuration
console	no	None		Port configuration, per the netconify utility
diffs_file	no	None		Path to the file where any diffs will be written
file	yes			Path to the file containing the Junos OS configuration data. If the file has a `.conf` extension, the content is treated as text format. If the file has a `.xml` extension, the content is treated as XML format. If the file has a `.set` extension, the content is treated as Junos OS set* commands.
host	yes			Set to {{ inventory_hostname }}
ignore_warning	no	None		A boolean, string or list of string. If the value is True, it will ignore all warnings regardless of the warning message. If the value is a string, it will ignore warning(s) if the message of each warning matches the string. If the value is a list of strings, ignore warning(s) if the message of each warning matches at least one of the strings in the list.
logfile	no	None		Path on the local server where the progress status is logged for debugging purposes
mode	no	None		mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
overwrite	no		true false yes no	Specify whether the configuration file completely replaces the existing configuration.
passwd	no	assumes ssh-key active		Login password
port	no	830		port number to use when connecting to the device
replace	no		true false yes no	Specify whether the configuration file uses "replace:" statements. (NETCONF only) NOT compatible with set format
savedir	no	None		Path to the local server directory where device facts and inventory files will be stored. This option is used only with the console option. Refer to the netconify utility for details.
ssh_private_key_file	no	None		This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
timeout	no	0		Extend the NETCONF RPC timeout beyond the default value of 30 seconds. Set this value to accommodate configuration changes (commits) that might take longer than the default timeout interval.
update	no		true false yes no	If set to ``True`` Compare a complete loaded configuration against the candidate configuration. For each hierarchy level or configuration object that is different in the two configurations, the version in the loaded configuration replaces the version in the candidate configuration. When the configuration is later committed, only system processes that are affected by the changed configuration elements parse the new configuration. This action is supported from PyEZ 2.1
user	no	$USER		Login username

Note

Requires junos-eznc >= 2.1.1

Note

Requires junos-netconify >= 1.0.1, when using the console option

Examples ¶

# load merge a change to the Junos OS configuration using NETCONF

- junos_install_config:
    host={{ inventory_hostname }}
    file=banner.conf

# load overwrite a new Junos OS configuration using the CONSOLE port

- junos_install_config:
    host={{ inventory_hostname }}
    console="--telnet={{TERMSERV}},{{TERMSERV_PORT}}"
    file=default_new_switch.conf
    overwrite=yes

# load merge a change to the Junos OS configuration using NETCONF and supplying a commit log message
- junos_install_config:
    host={{ inventory_hostname }}
    file=banner.conf
    comment="configured by ansible"

# load replace a change to the Junos OS configuration using NETCONF
- junos_install_config:
    host={{ inventory_hostname }}
    file=snmp.conf
    replace=yes

# Install/load config using console server connection using PyEZ >= 2.0

- junos_install_config:
    host={{ inventory_hostname }}
    port=7016
    mode='telnet'
    file=default_new_switch.conf

junos_shutdown - Shut down or reboot a device running Junos OS.¶

Author:	Jeremy Schulman, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.0.0.

Shut down (power off) or reboot a device running Junos OS. This includes all Routing Engines in a Virtual Chassis or a dual Routing Engine system. This is equivalent to executing either the Junos OS request system power-off or request system reboot operational command.

Options ¶

parameter	required	default	choices	comments
at	no	None		Specify a time for the reboot (yyyymmddhhmm). Can be used only with reboot=yes.
host	yes			Set to {{ inventory_hostname }}
in_min	no			Specify a delay, in minutes, before the shutdown or reboot. If both "at" and "in_min" are specified, "in_min" will be ignored.
mode	no	None		mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
passwd	no	assumes ssh-key active		Login password
port	no	830		port number to use when connecting to the device
reboot	no		yes no	If set to yes, then the device is rebooted rather than powered off.
shutdown	yes	None		Safety mechanism. You MUST set this to 'shutdown'.
ssh_private_key_file	no	None		This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
user	no	$USER		Login username

Note

Requires junos-eznc >= 1.2.2

Examples ¶

- junos_shutdown:
    host={{ inventory_hostname }}
    shutdown="shutdown"
    reboot=yes

# over console server connection using PyEZ >= 2.0
- junos_shutdown:
    host={{ inventory_hostname }}
    shutdown="shutdown"
    reboot=yes
    mode='telnet'
    port=7016

junos_zeroize - Erase all data, including configuration and log files, on a device running Junos OS.¶

Author:	Jeremy Schulman, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.0.0.

Execute the Junos OS request system zeroize command to remove all configuration information on the Routing Engines and reset all key values on a device running Junos OS. The command removes all data files, including customized configuration and log files, by unlinking the files from their directories. The command also removes all user-created files from the system including all plain-text passwords, secrets, and private keys for SSH, local encryption, local authentication, IPsec, RADIUS, TACACS+, and SNMP. This command reboots the device and sets it to the factory default configuration. After the reboot, you must log in through the console as root in order to access the device.

Options ¶

parameter	required	default	comments
console	no	None	SERIAL or TERMINAL-SERVER port setting, per use with the netconify utility
host	no		Set to {{ inventory_hostname }}
logfile	no	None	Path on the local server where the progress status is logged for debugging purposes
mode	no	None	mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
passwd	no	assumes ssh-key active	Login password
port	no	830	port number to use when connecting to the device
ssh_private_key_file	no	None	This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
user	no	$USER	Login username
zeroize	yes	None	Safety mechanism. You MUST set this to 'zeroize'.

Note

Requires junos-eznc >= 1.2.2

Note

Requires junos-netconify >= 1.0.1, when using the console option

Examples ¶

- junos_zeroize:
    host={{ inventory_hostname }}
    zeroize="zeroize"

# over console server connection using PyEZ >= 2.0
- junos_zeroize:
    host={{ inventory_hostname }}
    zeroize="zeroize"
    port=7011
    mode="telnet"

Note

You MUST either use the host option or the console option to designate how the device is accessed.

junos_jsnapy¶

Author:	Roslan Zaki & Damien Garros, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.4.0.

Execute JSNAPy test from Ansible. Attention, to not break Ansible behavior, this module only report “failed” if the module itself fails, not if a test fails. To check the test results you need to subscribe to the result and assert the returned value. An experimental Callback_Plugin for junos_jsnapy is available to provide additional information about tests that failed. To enable it, you need to add “callback_whitelist = jsnapy” in your ansible configuration file.

Options ¶

parameter	required	default	comments
action	no	None	Possible actions available - jsnapcheck - check - snap_pre - snap_post
config_file	no	None	The YAML configuration file for the JSNAPy tests
dir	no	/etc/jsnapy/testfiles	Path for the JSNAPy yaml testfiles/configuration file
host	yes		Set to {{ inventory_hostname }}
logfile	no	None	Path on the local server where the progress status is logged for debugging purposes
mode	no	None	mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
passwd	no	assumes ssh-key active	Login password
port	no	830	port number to use when connecting to the device
ssh_private_key_file	no	None	This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
test_files	no	None	Test files which need to executed
user	no	$USER	Login username

Note

Requires junos-eznc >= 1.2.2

Examples ¶

   - name: JUNOS Post Checklist
     junos_jsnapy:
       host: "{{ inventory_hostname}}"
       passwd: "{{ tm1_password }}"
       action: "snap_post"
       config_file: "first_test.yml"
       logfile: "migration_post.log"
     register: test1

   - name: Check JSNAPy tests results
     assert:
     that:
       - "test1.passPercentage == 100"

   - name: Debug jsnapy
     debug: msg=test1

---------
   - name: Test based on a test_file directly
     junos_jsnapy:
       host: "{{ junos_host }}"
       port: "{{ netconf_port }}"
       user: "{{ ansible_ssh_user }}"
       passwd: "{{ ansible_ssh_pass }}"
       test_files: tests/test_junos_interface.yaml
       action: snapcheck
     register: test1

   - name: Check JSNAPy tests results
     assert:
     that:
       - "test1.passPercentage == 100"
---------
   - name: "Collect Pre Snapshot"
    junos_jsnapy:
      host: "{{ junos_host }}"
      port: "{{ netconf_port }}"
      user: "{{ ansible_ssh_user }}"
      passwd: "{{ ansible_ssh_pass }}"
      test_files: tests/test_loopback.yml
      action: snap_pre
    register: test_pre

---------
  - name: "Collect Post Snapshot"
    junos_jsnapy:
      host: "{{ junos_host }}"
      port: "{{ netconf_port }}"
      user: "{{ ansible_ssh_user }}"
      passwd: "{{ ansible_ssh_pass }}"
      test_files: tests/test_loopback.yml
      action: snap_post
    register: test_post

---------
  - name: "Check after PRE - POST check"
    junos_jsnapy:
      host: "{{ junos_host }}"
      port: "{{ netconf_port }}"
      user: "{{ ansible_ssh_user }}"
      passwd: "{{ ansible_ssh_pass }}"
      test_files: tests/test_loopback.yml
      action: check
    register: test_check

    - name: Check Results
      assert:
        that:
          - test_check|succeeded
          - test_check.passPercentage == 100

junos_commit - Execute commit on device¶

Author:	Rick Sherman, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.2.0.

Execute a Commit on a device running Junos independently of loading a configuration

Options ¶

parameter	required	default	comments
check	no	None	Do a commit check Can be used to confirm a `commit confirmed` without performing an actual commit
comment	no	None	Provide a comment to the commit of the configuration
confirm	no	None	Provide a confirm in minutes to the commit of the configuration
host	yes		Set to {{ inventory_hostname }}
logfile	no	None	Path on the local server where the progress status is logged for debugging purposes
mode	no	None	mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
passwd	no	assumes ssh-key active	Login password
port	no	830	port number to use when connecting to the device
ssh_private_key_file	no	None	This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
timeout	no	0	Extend the NETCONF RPC timeout beyond the default value of 30 seconds. Set this value to accommodate commits that might take longer than the default timeout interval.
user	no	$USER	Login username

Note

Requires junos-eznc >= 1.2.2

Examples ¶

- junos_commit:
   host: "{{ inventory_hostname }}"
   logfile=changes.log
   comment="Non load commit"

# over console server connection using PyEZ >= 2.0
- name: junos commit
  junos_commit:
    host={{ inventory_hostname }}
    port=7016
    mode='telnet'
    comment="commit with console connection via PyEZ"

junos_get_table - Retrieve data from a Junos device using Tables/Views¶

Author:	Jason Edelman (@jedelman8)

Synopsis
Options
Examples

Synopsis ¶

New in version 1.9.0.

Retrieve data from a Junos device using Tables/Views

Options ¶

parameter	required	default	comments
file	no	None	YAML file that has the table specified in table parameter
host	yes		Set to {{ inventory_hostname }}
logfile	no	None	Path on the local server where the progress status is logged for debugging purposes
mode	no	None	mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
passwd	no	assumes ssh-key active	Login password
path	no	op directory in jnpr.junos.op	Path of location of the YAML file
port	no	830	port number to use when connecting to the device
response_type	no	list_of_dicts	Option to change how data is returned from the module. Either list of dictionaries or the Juniper PyEZ default (list of tuples, which becomes lists by the time it gets to Ansible)
ssh_private_key_file	no	None	This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
table	no	None	Name of PyEZ Table
user	no	$USER	Login username

Note

Requires junos-eznc >= 1.2.2

Examples ¶

# GET NEIGHBOR INFO USING STD LLDP TABLE
- junos_get_table: table=LLDPNeighborTable file=lldp.yml host={{ inventory_hostname }} user={{ un }} passwd={{ pwd }}

# GET NEIGHBOR INFO USING CUSTOM LLDP TABLE IN CUSTOM PATH
- junos_get_table: table=NTCNeighborTable path=tables/ file=ntclldp.yaml host={{ inventory_hostname }} user={{ un }} passwd={{ pwd }}

#
- name: Table/View example via console server connection using PyEZ >= 2.0
  junos_get_table:
    table=RouteTable
    file=routes.yml
    host={{ inventory_hostname }}
    port=7016
    mode='telnet'

junos_cli - Execute CLI on device and save the output locally¶

Author:	Damien Garros, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.2.0.

Execute CLI on device and save the output locally on a file

Options ¶

parameter	required	default	choices	comments
cli	yes			CLI command to execute on the host
dest	no	None		Path to the local server directory where cli output will be saved.
format	no	text	text xml	text - Cli output saved in text formatxml - Cli output saved as XML
host	yes			Set to {{ inventory_hostname }}
logfile	no	None		Path on the local server where the progress status is logged for debugging purposes
mode	no	None		mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
passwd	no	assumes ssh-key active		Login password
port	no	830		port number to use when connecting to the device
ssh_private_key_file	no	None		This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
timeout	no	0		Set the NETCONF RPC timeout. Set this value to accommodate Cli commands that might take longer than the default timeout interval. Setting to 0 will use the PyEZ default (30 seconds).
user	no	$USER		Login username

Note

Requires junos-eznc >= 1.2.2

Examples ¶

- junos_cli:
   host: "{{ inventory_hostname }}"
   cli: "show chassis hardware"
   logfile: cli.log
   dest: "{{ inventory_hostname }}.xml"
   format: xml

# Run cli over console server connection using PyEZ >= 2.0
- junos_cli:
    cli="show chassis hardware"
    host={{ inventory_hostname }}
    port=7001
    mode='telnet'
    dest="{{ inventory_hostname }}.xml"
    format='xml'

junos_install_os - Install a Junos OS image.¶

Author:	Jeremy Schulman, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.0.0.

Install a Junos OS image on one or more Routing Engines. This module supports installations on single Routing Engine devices, MX Series routers with dual Routing Engines, and EX Series switches in a non-mixed Virtual Chassis. This action is equivalent to performing the Junos OS request system software add operational command. If the existing Junos OS version matches the desired version, no action is performed, and the “changed” attribute reports False. If the existing version does not match, then the module performs the following actions (1) Computes the MD5 checksum of the package located on the server. (2) Copies the Junos OS software package to the device running Junos OS. (3) Computes the MD5 checksum on the device running Junos OS and compares the two. (4) Installs the Junos OS software package. (5) Reboots the device (default). Running the module in check mode reports whether the current Junos OS version matches the desired version.

Options ¶

parameter	required	default	choices	comments
force_host	no		true false yes no	If set to true, forces the upgrade of the Host Software package on QFX-series devices.
host	yes			Set to {{ inventory_hostname }}
issu	no		true false yes no	If set to true, allows unified in-service software upgrade (ISSU) feature enables you to upgrade between two different Junos OS releases with no disruption on the control plane and with minimal disruption of traffic.
logfile	no	None		Path on the local server where the progress status is logged for debugging purposes
no_copy	no		true false	Installer need to be copied or not on the device.
nssu	no		true false yes no	If set to true, allows nonstop software upgrade (NSSU) enables you to upgrade the software running on a Juniper Networks EX Series Virtual Chassis or a Juniper Networks EX Series Ethernet Switch with redundant Routing Engines with a single command and minimal disruption to network traffic.
package	yes			Absolute path on the local server to the Junos OS software package
passwd	no	assumes ssh-key active		Login password
port	no	830		port number to use when connecting to the device
reboot	no	True	true false yes no	If set to yes, the device reboots after the installation completes.
reboot_pause	no	10		Amount of time in seconds to wait after the reboot is issued
ssh_private_key_file	no	None		This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
user	no	$USER		Login username
version	yes			Junos OS version string as it would be reported by the show version command

Note

Requires py-junos-eznc >= 1.2.2

Examples ¶

- junos_install_os:
    host={{ inventory_hostname }}
    version=12.1X46-D10.2
    package=/usr/local/junos/images/junos-vsrx-12.1X46-D10.2-domestic.tgz
    logfile=/usr/local/junos/log/software.log

junos_get_config - Retrieve configuration of device¶

Author:	Rick Sherman, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.2.0.

Retrieve the configuration of a device running Junos and save it to a file. Note unicode chars will be converted to ‘??’ as also done in PyEZ

Options ¶

parameter	required	default	choices	comments
dest	yes	None		Path to the local server directory where configuration will be saved.
filter	no	None		Defines heircachy of configuration to retrieve. If omitted entire configuration is retrieved. Format is slash notation ex groups/routeinst/routing-instances/ISP-1
format	no	text	text xml	text - configuration saved as text (curly-brace) formatxml - configuration saved as XML
host	yes			Set to {{ inventory_hostname }}
logfile	no	None		Path on the local server where the progress status is logged for debugging purposes
mode	no	None		mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
options	no	None		Additional options to pass to get_config. Refer to jnpr.junos.rpcmeta.get_config for details.
passwd	no	assumes ssh-key active		Login password
port	no	830		port number to use when connecting to the device
ssh_private_key_file	no	None		This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
user	no	$USER		Login username

Note

Requires junos-eznc >= 1.2.2

Examples ¶

- junos_get_config:
   host: "{{ inventory_hostname }}"
   logfile: get_config.log
   dest: "{{ inventory_hostname }}.xml"
   format: xml
   filter: "interfaces"
   options: {inherit: inherit, groups: groups}

# over console server connection using PyEZ >= 2.0
- junos_get_config:
   host: "{{ inventory_hostname }}"
   logfile: get_config.log
   dest: "{{ inventory_hostname }}.xml"
   port: 7016
   mode: 'telnet'
   format: xml

junos_rpc - run given rpc¶

Author:	Nitin Kumar, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.9.

run given rpc

Options ¶

parameter	required	default	choices	comments
dest	no	None		Path to the local server directory where configuration will be saved.
filter_xml	no			This options can be used with get-config rpc only, to retrieve specific config
format	no	xml	text xml json	text - configuration saved as text (curly-brace) format. xml - configuration saved as XML. json - configuration saved as json, supported only for devices >=14.2 Also with this format, rpc_reply attribute can be used with results
host	yes			Set to {{ inventory_hostname }}
kwargs	no			params need to be passed to rpc kwargs="interface_name=em0" or kwargs="interface_name=em0,media=True" kwargs={interface_name:em0} kwargs={interface_name:em0,media:True} kwargs={interface_name:em0,media:True}
logfile	no	None		Path on the local server where the progress status is logged for debugging purposes. This option is used only with the console option.
mode	no	None		mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
passwd	no	assumes ssh-key active		Login password
port	no	830		port number to use when connecting to the device
rpc	no			rpc to be executed
ssh_private_key_file	no	None		This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
timeout	no	0		Set the NETCONF RPC timeout. Set this value to accommodate Cli commands that might take longer than the default timeout interval. Setting to 0 will use the PyEZ default (30 seconds).
user	no	$USER		Login username

Note

Requires junos-eznc >= 1.2.2

Examples ¶

# retrieve rpc response using NETCONF

- junos_rpc:
  host={{ inventory_hostname }}
  rpc=get-interface-information
  dest=get_interface_information.conf
  register=junos

- junos_rpc:
  host={{ inventory_hostname }}
  rpc=get-interface-information
  kwargs="interface_name=em0"
  format=xml/text/json
  dest=get_interface_information.conf
  register=junos

# Example to fetch device configuration
- name: Get Device Configuration
  junos_rpc:
    host={{ inventory_hostname }}
    rpc=get-config
    dest=get_config.conf

# Fetch configuration over console server connection using PyEZ >= 2.0
- name: Get Device Configuration
  junos_rpc:
    host={{ inventory_hostname }}
    port=7005
    mode='telnet'
    rpc=get-config
    dest=get_config.conf

# Example to fetch device configuration
- name: Get Device Configuration for interface
  junos_rpc:
    host={{ inventory_hostname }}
    rpc=get-config
    filter_xml="<configuration><interfaces/></configuration>"
    dest=get_config.conf
  register: junos

# Example to fetch configuration in json for >=14.2
# and use it with rpc_reply
- name: Get Device Configuration
  hosts: all
  roles:
    - Juniper.junos
  connection: local
  gather_facts: no
  tasks:
    - name: Get interface information
      junos_rpc:
        host: "{{ inventory_hostname }}"
        rpc: get-interface-information
        kwargs:
          interface_name: em0
          media: True
        format: json
        dest: get_interface_information.conf
      register: junos

    - name: Print configuration
      debug: msg="{{ junos.rpc_reply }}"

junos_srx_cluster - Create an srx chassis cluster for cluster capable srx running Junos OS.¶

Author:	Patrik Bok, Ashley Burston, Rick Sherman, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.2.0.

Create an srx chassis cluster and reboot the device. The device must be capable of forming an srx cluster and have the correct cables installed.

Options ¶

parameter	required	default	choices	comments
cluster_enable	yes		true false yes no	yes/true - set device to cluster mode (specify cluster_id and node)no/false - set device to stand alone mode (disable cluster mode)
cluster_id	no	None		set to the cluster id , required for cluster_enable=YES
console	no	None		SERIAL or TERMINAL-SERVER port setting, per use with the netconify utility
host	yes			Set to {{ inventory_hostname }}
logfile	no	None		Path on the local server where the progress status is logged for debugging purposes
mode	no	None		mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
node	no	None		set to the node required (0 or 1)
passwd	no	assumes ssh-key active		Login password
port	no	830		port number to use when connecting to the device
ssh_private_key_file	no	None		This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
user	no	$USER		Login username

Note

Requires junos-eznc >= 1.2.2

Examples ¶

-junos_srx_cluster:
  host={{ inventory_hostname }}
  console="--port={{ serial }}"
  user=rick
  passwd=password123
  cluster_enable=true
  logfile=cluster.log
  cluster_id={{ cluster_id }}
  node={{ node_id }}

-junos_srx_cluster:
  host={{ inventory_hostname }}
  user=rick
  passwd=password123
  cluster_enable=false
  logfile=cluster.log

# over console server connection using PyEZ >= 2.0
-junos_srx_cluster:
  host={{ inventory_hostname }}
  user=rick
  passwd=password123
  mode="telnet"
  port=7032
  cluster_enable=true
  logfile=cluster.log

junos_ping - execute ping on junos devices¶

Author:	Damien Garros, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.3.1.

execute ping on junos devices

Options ¶

parameter	required	default	comments
acceptable_packet_loss	no	0	Number of packets lost that is acceptable to consider the test PASS
count	no	5	Number of packet to send
dest_ip	yes		Destination ip
do_not_fragment	no		Set Don't Fragment bit
host	yes		Set to {{ inventory_hostname }}
interface	no		Interface used to send traffic out
mode	no	None	mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
passwd	no	assumes ssh-key active	Login password
port	no	830	port number to use when connecting to the device
rapid	no	True	Execute ping at 100pps instead of 1pps
routing_instance	no		Name of the routing instance to use to send the ping
size	no	None (default size)	The size of the ICMP payload of the ping.
source_ip	no		Source IP used to send the ping
ssh_private_key_file	no	None	This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
timeout	no	0	Extend the NETCONF RPC timeout beyond the default value of 30 seconds. Set this value to accommodate pings that might take longer than the default timeout interval.
ttl	no		Maximum number of IP routers (IP hops) allowed between source and destination
user	no	$USER	Login username

Note

Requires junos-eznc >= 1.2.2

Examples ¶

# Simple example
  tasks:
    - name: "Execute ping peer"
      junos_ping:
        host={{ junos_host }}
        port={{ netconf_port }}
        user={{ ansible_ssh_user }}
        passwd={{ ansible_ssh_pass }}
        dest_ip=8.8.8.8

# ping over console server connection using PyEZ >= 2.0
  tasks:
    - name: "Execute ping peer"
      junos_ping:
        host={{ inventory_hostname }}
        port=2011
        mode='telnet'
        user={{ ansible_ssh_user }}
        passwd={{ ansible_ssh_pass }}
        dest_ip=8.8.8.8

# Using loop and more parameters
  tasks:
    - name: "Execute ping peer"
      junos_ping:
        host={{ junos_host }}
        port={{ netconf_port }}
        user={{ ansible_ssh_user }}
        passwd={{ ansible_ssh_pass }}
        dest_ip={{ item.peer_ip }}
        source_ip={{ item.local_ip }}
        do_not_fragment=True
        ttl=1
      with_items: "{{underlay.neighbors}}"

junos_get_facts - Retrieve facts for a device running Junos OS.¶

Author:	Jeremy Schulman, Juniper Networks

Synopsis
Options
Examples

Synopsis ¶

New in version 1.0.0.

Retrieve facts for a device running Junos OS, which includes information such as the serial number, product model, and Junos OS version. The module supports using both NETCONF and CONSOLE-based retrieval and returns the information as a JSON dictionary. The information is similar to facts gathered by other IT frameworks.

Options ¶

parameter	required	default	comments
console	no	None	CONSOLE port, per the netconify utility
host	yes		Set to {{ inventory_hostname }}
logfile	no	None	Path on the local server where the progress status is logged for debugging purposes. This option is used only with the console option.
mode	no	None	mode of console connection (telnet/serial). If mode is not provided SSH connection is used.
passwd	no	assumes ssh-key active	Login password
port	no	830	port number to use when connecting to the device
savedir	no	$CWD	Path to the local server directory where device fact files will be stored. Resulting file will be savedir/hostname-facts.json
ssh_private_key_file	no	None	This can be used if you need to provide a private key rather than loading the key into the ssh-key-ring/environment. if your ssh-key requires a password, then you must provide it via passwd
user	no	$USER	Login username

Note

Requires junos-eznc >= 1.2.2

Note

Requires junos-netconify >= 1.0.1, when using the console option

Examples ¶

# retrieve facts using NETCONF, assumes ssh-keys

- junos_get_facts: host={{ inventory_hostname }}
  register: junos

# retrieve facts using CONSOLE, assumes Amnesiac system
# root login, no password

- junos_get_facts:
    host={{ inventory_hostname }}
    user=root
    console="--telnet={{TERMSERV}},{{TERMSERVPORT}}"
    savedir=/usr/local/junos/inventory
  register: junos

# access the facts

- name: version
  debug: msg="{{ junos.facts.version }}"

# retrieve facts using console server connection using PyEZ >= 2.0

- junos_get_facts:
    host={{ inventory_hostname }}
    mode="telnet"
    port=7016
  register: junos

# access the facts

- name: version
  debug: msg="{{ junos.facts }}"

Juniper.junos Ansible Modules¶

junos_pmtud - Perform path MTU discovery on junos devices¶

junos_rollback - Rollback configuration of device¶

junos_install_config - Load a configuration file or snippet onto a device running Junos OS.¶

junos_shutdown - Shut down or reboot a device running Junos OS.¶

junos_zeroize - Erase all data, including configuration and log files, on a device running Junos OS.¶

junos_jsnapy¶

junos_commit - Execute commit on device¶

junos_get_table - Retrieve data from a Junos device using Tables/Views¶

junos_cli - Execute CLI on device and save the output locally¶

junos_install_os - Install a Junos OS image.¶

junos_get_config - Retrieve configuration of device¶

junos_rpc - run given rpc¶

junos_srx_cluster - Create an srx chassis cluster for cluster capable srx running Junos OS.¶

junos_ping - execute ping on junos devices¶

junos_get_facts - Retrieve facts for a device running Junos OS.¶