Customize JCNR Configuration
SUMMARY Read this topic to understand how to customize JCNR configuration using a Configlet custom resource.
Configlet Custom Resource
Starting with Juniper Cloud-Native Router (JCNR) Release 24.2, we support customizing JCNR configuration using a configlet custom resource. The configlet can be generated either by rendering a predefined template of supported Junos configuration or using raw configuration. The generated configuration is validated and deployed on the JCNR controller (cRPD) as one or more Junos configuration groups.
We do not recommend configuring JCNR controller (cRPD) directly through the CLI. You must perform all configuration using the configlet custom resource. The configuration performed directly through the cRPD CLI does not persist through node reboots or pod crashes.
Configuration Examples
You create a configlet custom resource of the kind Configlet in the
jcnr namespace. You provide raw configuration as Junos
set commands.
Use crpdSelector to control where the configlet applies. The
generated configuration is deployed to cRPD pods on nodes matching the specified
label only. If crpdSelector is not defined, the configuration is
applied to all cRPD pods in the cluster.
An example configlet yaml is provided below:
apiVersion: configplane.juniper.net/v1
kind: Configlet
metadata:
name: configlet-sample # <-- Configlet resource name
namespace: jcnr
spec:
config: |-
set interfaces lo0 unit 0 family inet address 10.10.10.1/32
crpdSelector:
matchLabels:
node: worker # <-- Node label to select the cRPD podsYou can also use a templatized configlet yaml that contains keys or variables. The
values for variables are provided by a configletDataValue custom resource,
referenced by configletDataValueRef . An example templatized
configlet yaml is provided below:
apiVersion: configplane.juniper.net/v1
kind: Configlet
metadata:
name: configlet-sample-with-template # <-- Configlet resource name
namespace: jcnr
spec:
config: |-
set interfaces lo0 unit 0 family inet address {{ .Ip }}
crpdSelector:
matchLabels:
node: worker # <-- Node label to select the cRPD pods
configletDataValueRef:
name: "configletdatavalue-sample" # <-- Configlet Data Value resource nameTo render configuration using the template, you must provide key:value pairs in the ConfigletDataValue custom resource:
apiVersion: configplane.juniper.net/v1
kind: ConfigletDataValue
metadata:
name: configletdatavalue-sample
namespace: jcnr
spec:
data: {
"Ip": "127.0.0.1" # <-- Key:Value pair
}The generated configuration is validated and applied to all or selected cRPD pods as a Junos Configuration Group.
Applying the Configlet Resource
Applying raw configuration
Create raw configuration configlet yaml. The example below configures a loopback interface in cRPD.
cat configlet-sample.yaml
apiVersion: configplane.juniper.net/v1 kind: Configlet metadata: name: configlet-sample namespace: jcnr spec: config: |- set interfaces lo0 unit 0 family inet address 10.10.10.1/32 crpdSelector: matchLabels: node: workerApply the configuration using the
kubectl applycommand.kubectl apply -f configlet-sample.yaml
configlet.configplane.juniper.net/configlet-sample created
Check on the configlet.
When a configlet resource is deployed, it creates additional node configlet custom resources, one for each node matched by the
crpdSelector.kubectl get nodeconfiglets -n jcnr
NAME AGE configlet-sample-node1 10m
If the configuration defined in the configlet yaml is invalid or fails to deploy, you can view the error message using
kubectl describefor the node configlet custom resource.For example:
kubectl describe nodeconfiglet configlet-sample-node1 -n jcnr
The following output has been trimmed for brevity:
Name: configlet-sample-node1 Namespace: jcnr Labels: core.juniper.net/nodeName=node1 Annotations: <none> API Version: configplane.juniper.net/v1 Kind: NodeConfiglet Metadata: Creation Timestamp: 2024-06-13T16:51:23Z ... Spec: Clis: set interfaces lo0 unit 0 address 10.10.10.1/32 Group Name: configlet-sample Node Name: node1 Status: Message: load-configuration failed: syntax error Status: False Events: <none>Optionally, verify the configuration on the Access cRPD CLI shell in CLI mode. Note that the configuration is applied as a configuration group named after the configlet resource.
show configuration groups configlet-sample
interfaces { lo0 { unit 0 { family inet { address 10.10.10.1/32; } } } }Note:The configuration generated using configlets is applied to cRPD as configuration groups. We therefore recommend that you not use configuration groups when specifying your configlet.
Applying templatized configuration
Create the templatized configlet yaml and the configlet data value yaml for key:value pairs.
cat configlet-sample-template.yaml
apiVersion: configplane.juniper.net/v1 kind: Configlet metadata: name: configlet-sample-template namespace: jcnr spec: config: |- set interfaces lo0 unit 0 family inet address {{ .Ip }} crpdSelector: matchLabels: node: master configletDataValueRef: name: "configletdatavalue-sample"cat configletdatavalue-sample.yaml
apiVersion: configplane.juniper.net/v1 kind: ConfigletDataValue metadata: name: configletdatavalue-sample namespace: jcnr spec: data: { "Ip": "127.0.0.1" }Apply the configuration using the
kubectl applycommand, starting with the config data value yaml.kubectl apply -f configletdatavalue-sample.yaml
configletdatavalue.configplane.juniper.net/configletdatavalue-sample created
kubectl apply -f configlet-sample-template.yaml
configlet.configplane.juniper.net/configlet-sample-template created
Check on the configlet.
When a configlet resource is deployed, it creates additional node configlet custom resources, one for each node matched by the
crpdSelector.kubectl get nodeconfiglets -n jcnr
NAME AGE configlet-sample-template-node1 10m
If the configuration defined in the configlet yaml is invalid or fails to deploy, you can view the error message using
kubectl describefor the node configlet custom resource.For example:
kubectl describe nodeconfiglet configlet-sample-template-node1 -n jcnr
The following output has been trimmed for brevity:
Name: configlet-sample-template-node1 Namespace: jcnr Labels: core.juniper.net/nodeName=node1 Annotations: <none> API Version: configplane.juniper.net/v1 Kind: NodeConfiglet Metadata: Creation Timestamp: 2024-06-13T16:51:23Z ... Spec: Clis: set interfaces lo0 unit 0 address 10.10.10.1/32 Group Name: configlet-sample-template Node Name: node1 Status: Message: load-configuration failed: syntax error Status: False Events: <none>Optionally, verify the configuration on the Access cRPD CLI shell in CLI mode. Note that the configuration is applied as a configuration group named after the configlet resource.
show configuration groups configlet-sample-template
interfaces { lo0 { unit 0 { family inet { address 127.0.0.1/32; } } } }
Modifying the Configlet
You can modify a configlet resource by changing the yaml file and reapplying it using
the kubectl apply command.
kubectl apply -f configlet-sample.yaml
configlet.configplane.juniper.net/configlet-sample configured
Any changes to existing configlet resource are reconciled by replacing the configuration group on cRPD.
You can delete the configuration group by deleting the configlet resource using the
kubectl delete command.
kubectl delete configlet configlet-sample -n jcnr
configlet.configplane.juniper.net "configlet-sample" deleted
Troubleshooting
If you run into problems, check the contrail-k8s-deployer logs. For
example:
kubectl logs contrail-k8s-deployer-8ff895cc5-cbfwm -n contrail-deploy