Understanding the Junos Execution and State Salt Modules
SUMMARY The Junos execution and state Salt modules enable you to execute ad hoc commands or define and enforce particular states on devices running Junos OS.
Junos Execution and State Modules Overview
Salt is a configuration management and remote execution tool that enables you to declare and enforce the state of a system and perform operational and configuration tasks on managed devices. Salt uses Python modules to perform these tasks. The two main types of modules are: execution modules and state modules.
Salt execution modules are Python modules that run on a Salt minion. They define functions that enable you to perform tasks on the minion. You can execute ad hoc commands on the Salt master that instruct the target minions to execute the given function and return the result. Similarly, Salt state modules define functions that are used in Salt state files to manage the application of a state to a minion.
The Salt installation includes the following execution and state modules, which enable you to interact with devices running Junos OS:
salt.modules.junos—The Junos execution module (for Salt) defines functions that enable you to perform operational and configuration tasks on devices running Junos OS. For example, you can execute an operational command or RPC on the device, modify the configuration, or install a new software image.salt.states.junos—The Junos state module (for Salt) defines functions that you can use in Salt state files to declare and enforce a specific state on devices running Junos OS. For example, you might want to ensure that the configuration includes a specific set of statements or that the device reflects a specific operational state. The Junos state functions invoke the Junos execution function of the same name to perform these tasks.
When Salt manages devices running Junos OS through the Junos proxy (for Salt) and you call a function, the Python module does not run directly on the device. The proxy minion instead uses Junos PyEZ to send remote procedure calls (RPCs) to the NETCONF server on the managed device to perform the requested tasks. When you execute the function on multiple targets, Salt performs the task on the different devices in parallel.
Table 1 lists the functions
defined in the Junos execution and state modules and provides a brief
description of each function. With the exception of the facts, facts_refresh, and ping functions, the same functions are defined in both
modules.
Function Name |
salt.modules.junos |
salt.states.junos |
Description |
|---|---|---|---|
|
Y |
Y |
Execute a CLI command and return the command output in the specified format. |
|
Y |
Y |
Commit the changes loaded into the target configuration database. |
|
Y |
Y |
Perform a |
|
Y |
Y |
Return the difference between the candidate configuration and the specified rollback configuration. |
|
Y |
– |
Display the device facts that were gathered during the connection phase. |
|
Y |
– |
Reload the device facts from the target device and refresh the facts stored in the Salt grains. |
|
Y |
Y |
Copy a file from the Salt master or the proxy minion server to the device running Junos OS. |
|
Y |
Y |
Retrieve operational or configuration data from a device running Junos OS using a Junos PyEZ Table and View. |
|
Y |
Y |
Lock, modify, commit, and unlock the target configuration database. |
|
Y |
Y |
Install a Junos OS software image on a device. |
|
Y |
Y |
Load the configuration data in the specified file into the target configuration database. |
|
Y |
Y |
Request an exclusive lock on the candidate configuration. |
|
Y |
– |
Send an Internet Control Message Protocol (ICMP) ping from a device running Junos OS to the specified target and display the results. |
|
Y |
Y |
Roll back the configuration to a previously committed configuration and commit it. |
|
Y |
Y |
Execute the specified RPC on the target device. |
|
Y |
Y |
Configure the hostname of a managed device running Junos OS and commit the change. |
|
Y |
Y |
Reboot or shut down a device running Junos OS. |
|
Y |
Y |
Release the exclusive lock on the candidate configuration. |
|
Y |
Y |
Restore the device to the factory-default configuration settings. |
How to Use the Junos Execution Functions
Salt execution modules enable you to perform ad hoc tasks on one or more minions. To invoke an execution function from the Salt master command line, use the following syntax:
salt options 'target' module.function arguments
Where:
arguments—Required or optional function arguments.target—Minions on which to execute the function. You can specify a single minion, use'*'to target all minions, or define an expression that targets a group of minions, for example,'router*'to include all minions whose name starts withrouter.module—Name of the Salt execution module containing the function to execute.function—Name of the function to execute.
For example, to test connectivity to all minions, execute the test module’s ping function and use '*' for the target.
saltuser@salt-master:~$ sudo salt '*' test.ping
router1:
True
router2:
True
To invoke Junos execution functions, specify the junos module and the desired function. For example,
the following command invokes the cli function
to execute the show version operational mode command on
router1:
saltuser@salt-master:~$ sudo salt 'router1' junos.cli 'show version'
router1:
----------
message:
Hostname: router1
Model: mx104
Junos: 18.4R1.8
JUNOS Base OS boot [18.4R1.8]
JUNOS Base OS Software Suite [18.4R1.8]
JUNOS Crypto Software Suite [18.4R1.8]
JUNOS Packet Forwarding Engine Support (TRIO) [18.4R1.8]
JUNOS Web Management [18.4R1.8]
JUNOS Online Documentation [18.4R1.8]
JUNOS SDN Software Suite [18.4R1.8]
JUNOS Services Application Level Gateways [18.4R1.8]
JUNOS Services COS [18.4R1.8]
JUNOS Services Jflow Container package [18.4R1.8]
JUNOS Services Stateful Firewall [18.4R1.8]
JUNOS Services NAT [18.4R1.8]
JUNOS Services RPM [18.4R1.8]
JUNOS Services SOFTWIRE [18.4R1.8]
JUNOS Services Captive Portal and Content Delivery Container package [18.4R1.8]
JUNOS Macsec Software Suite [18.4R1.8]
JUNOS Services Crypto [18.4R1.8]
JUNOS Services IPSec [18.4R1.8]
JUNOS DP Crypto Software Software Suite [18.4R1.8]
JUNOS py-base-powerpc [18.4R1.8]
JUNOS py-extensions-powerpc [18.4R1.8]
JUNOS jsd [powerpc-18.4R1.8-jet-1]
JUNOS Kernel Software Suite [18.4R1.8]
JUNOS Routing Software Suite [18.4R1.8]
out:
True
When you execute commands on the Salt master command line, Salt
passes the CLI input through PyYAML to
ensure it is loaded as a proper Python data type. In some cases, arguments
that take an integer or that take a string value that parses to an
integer might not be parsed correctly. For those arguments, you can
provide the value using one of the following methods:
Use a backslash ( \ ) to escape quotation marks around string values.
Use double quotation marks to enclose single quotation marks and vice versa.
Include the
--no-parse=param_nameoption.
For example, the following commands schedule the device to reboot at the given time:
saltuser@salt-master:~$ sudo salt 'router1' junos.shutdown reboot=True at=\'16:10\' saltuser@salt-master:~$ sudo salt 'router1' junos.shutdown reboot=True "at='16:10'" saltuser@salt-master:~$ sudo salt 'router1' junos.shutdown reboot=True at="'16:10'" saltuser@salt-master:~$ sudo salt 'router1' junos.shutdown reboot=True at='16:10' --no-parse=at saltuser@salt-master:~$ sudo salt 'router1' junos.shutdown reboot=True at=\'+2\'
The following commands request information for the Routing Engine in the specified slot:
saltuser@salt-master:~$ sudo salt 'router1' junos.rpc get-route-engine-information slot=\'0\' saltuser@salt-master:~$ sudo salt 'router1' junos.rpc get-route-engine-information slot='0' --no-parse=slot
How to Use the Junos State Functions
You can invoke Junos state module functions from Salt state files. The syntax varies by function. Check the module documentation for the proper syntax before using a function.
Many of the state functions use the following general structure:
State name:
module.function:
- param1: value1
- param2: value2For example, the following state file uses the junos.install_config function to apply the configuration
in the given template to the target devices:
saltuser@salt-master:~$ cat /srv/salt/junos_bgp_config.sls
Apply BGP configuration:
junos.install_config:
- name: salt://configs/junos-config-bgp-template.set
- comment: Configuring BGP using Salt
- diffs_file: /var/log/salt/output/{{ grains['id'] }}_junos_bgp_config_diff
However, in some cases, the first line of the structure can
supply a function argument. For example, the rpc function can supply the RPC either by using the previous syntax
or by providing it as the first line of the data structure. The following
state files, which are equivalent, invoke the rpc function to retrieve information for the ge-1/0/0 interface, but
they provide the RPC argument using different methods:
saltuser@salt-master:~$ cat /srv/salt/junos-rpc.sls
Retrieve interface information:
junos.rpc:
- name: get-interface-information
- interface_name: ge-1/0/0
- terse: True
- dest: /tmp/interface.log
- format: text
saltuser@salt-master:~$ cat /srv/salt/junos-rpc2.sls
get-interface-information:
junos.rpc:
- interface_name: ge-1/0/0
- terse: True
- dest: /tmp/interface.log
- format: text
When you apply the state to the target device, it executes the get-interface-information RPC for the given interface
and returns the result. Salt displays the terse output on the terminal
and also saves the output in text format to the /tmp/interface.log file on the proxy minion server.
saltuser@salt-master:~$ sudo salt 'router1' state.apply junos-rpc2
router1:
-
ID: get-interface-information
Function: junos.rpc
Result: True
Comment:
Started: 20:56:46.669149
Duration: 871.23 ms
Changes:
-
out:
True
rpc_reply:
Interface Admin Link Proto Local Remote
ge-0/0/0 up up
ge-0/0/0.0 up up inet 192.0.2.2/24
multiservice
Summary for router1
-
Succeeded: 1 (changed=1)
Failed: 0
-
Total states run: 1
Total run time: 871.230 ms