maz
/
bgprtrmgr-templates
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

refactor

master
Marek Isalski 3 years ago
parent
3043706ea1
commit
327bdcfd8c
8 changed files with 356 additions and 329 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +68
    -0
      includes/junos-v21-core-router/chassis.j2
  2. +51
    -0
      includes/junos-v21-core-router/forwarding-options.j2
  3. +33
    -0
      includes/junos-v21-core-router/groups.j2
  4. +95
    -0
      includes/junos-v21-core-router/interfaces.j2
  5. +16
    -0
      includes/junos-v21-core-router/macros.j2
  6. +8
    -0
      includes/junos-v21-core-router/routing-options.j2
  7. +79
    -0
      includes/junos-v21-core-router/system.j2
  8. +6
    -329
      junos-v21-core-router.j2

+ 68
- 0
includes/junos-v21-core-router/chassis.j2
View File

@ -0,0 +1,68 @@
{%- set lag_interfaces = [] %}
{%- for interface, subinterfaces in device|get_interfaces|subinterfaces(".") %}
{%- if interface.type.value == 'lag' %}{%- do lag_interfaces.append(interface) %}{%- endif %}
{%- endfor %}
chassis {
maximum-ecmp 16;
redundancy {
routing-engine 0 master;
routing-engine 1 backup;
failover {
on-loss-of-keepalives;
on-re-to-fpc-stale;
on-disk-failure;
on-loss-of-vm-host-connection;
}
graceful-switchover;
}
aggregated-devices {
ethernet {
device-count {{ lag_interfaces|length }};
}
}
fpc 0 {
pic 0 {
number-of-ports 0;
}
pic 1 {
port 0 {
speed 100g;
}
port 1 {
speed 100g;
}
port 2 {
speed 100g;
}
port 3 {
speed 100g;
}
port 4 {
speed 100g;
}
port 5 {
speed 100g;
}
port 6 {
speed 100g;
}
port 7 {
speed 100g;
}
port 8 {
speed 100g;
}
port 9 {
speed 100g;
}
port 10 {
speed 100g;
}
port 11 {
speed 40g; /* XXX temporary for testing lab */
}
}
}
network-services enhanced-ip;
}

+ 51
- 0
includes/junos-v21-core-router/forwarding-options.j2
View File

@ -0,0 +1,51 @@
forwarding-options {
sampling {
input {
rate 10000;
run-length 0;
max-packets-per-second 50000;
}
}
load-balance {
per-flow {
hash-seed;
}
}
hash-key {
family inet {
layer-3;
layer-4;
symmetric-hash;
}
family inet6 {
layer-3;
layer-4;
}
family mpls {
label-1;
label-2;
label-3;
payload {
ether-pseudowire;
ip {
port-data;
}
}
}
family multiservice {
source-mac;
destination-mac;
payload {
ip {
layer-3;
layer-4;
}
}
}
}
enhanced-hash-key {
family mpls {
ether-pseudowire zero-control-word;
}
}
}

+ 33
- 0
includes/junos-v21-core-router/groups.j2
View File

@ -0,0 +1,33 @@
groups {
{%- set re_groups = [] %}
{%- for interface, subinterfaces in device|get_interfaces|subinterfaces(".") %}
{%- if '@' in interface.name %}
{%- set re = interface.name.split("@")[1] %}
{%- do re_groups.append( re ) %}
{%- set interface_name = interface.name.split("@")[0] %}
{%- set interface_context = interface.tags|get_netbox_tags_contexts|contexts_merge_last %}
{{ re }} {
system {
host-name {{ re }}.{{ device.name }};
services {
ssh;
}
}
interfaces {
{{ interface_name}} {
unit 0 {
family inet {
{%- for address in interface|get_addresses %}{% if address|ipv4 %}
address {{ address.address }};
{%- endif %}{%- endfor %}
}
}
}
}
}
{%- endif %}
{%- endfor %}
}
apply-groups [ {% for re in re_groups %}{{ re }}{% if not loop.last %} {% endif %}{% endfor %} ];

+ 95
- 0
includes/junos-v21-core-router/interfaces.j2
View File

@ -0,0 +1,95 @@
interfaces {
{%- for interface, subinterfaces in device|get_interfaces|subinterfaces(".") %}
{%- set interface_context = interface.tags|get_netbox_tags_contexts|contexts_merge_last %}
{%- set interface_tags = [] %}
{%- for tag in interface.tags %}
{%- do interface_tags.append(tag.slug) %}
{%- endfor %}
{%- if '@' in interface.name %}
/* groups interface: {{ interface.name }} */
{%- elif interface.mgmt_only %}
/* management interface: {{ interface.name }} */
{%- elif 'no-automation' in interface_tags %}
/* do not configure: {{ interface.name }} */
{% elif interface.lag %}
{{ interface.name }} {
{{ macros.interface_description(interface, interface_context) }}
gigether-options {
802.3ad {{ interface.lag.name }};
}
{%- elif interface.name.startswith( 'lo' ) %}
{{ interface.name }} {
{{ macros.interface_description(interface, interface_context) }}
{%- for unit, subinterface in subinterfaces %}
unit {{ unit }} {
{%- if subinterface.untagged_vlan %}
vlan-id {{ subinterface.untagged_vlan.vid }};
{%- elif unit|int %}
vlan-id {{ unit }};
{%- endif %}
{%- set subinterface_context = subinterface.tags|get_netbox_tags_contexts|contexts_merge_last %}
{# interface_vrf(subinterface, subinterface_context) #}
{# interface_common(subinterface, subinterface_context) #}
{{ macros.interface_addresses(subinterface, subinterface_context) }}
}
{%- endfor %}
{%- elif interface.type.value == 'lag' %}
{{ interface.name }} {
vlan-tagging;
aggregated-ether-options {
minimum-links 1;
link-speed 100g;
}
{{ macros.interface_description(interface, interface_context) }}
{# interface_common(interface, interface_context) #}
{%- elif interface.type.value != 'virtual' %}
{{ interface.name }} {
{{ macros.interface_description(interface) }}
{%- if not interface.mode or ( interface.mode.value == 'access' ) %}
unit 0 {
{# interface_vrf(interface, interface_context) #}
{# interface_common(interface, interface_context) #}
{{ macros.interface_addresses(interface, interface_context) }}
}
{%- elif interface.mode.value == 'tagged' %}
vlan-tagging;
{%- endif %}
{%- endif %}
{%- if ( not interface.mgmt_only ) and ( 'no-automation' not in interface_tags ) and ( '@' not in interface.name ) %}
{%- for tagged_vlan in interface.tagged_vlans %}{%- endfor %}
{%- if interface.mode.value == 'tagged' %}
{%- for unit, subinterface in subinterfaces %}
unit {{ unit }} {
{%- if subinterface.untagged_vlan %}
vlan-id {{ subinterface.untagged_vlan.vid }};
{%- elif unit|int %}
vlan-id {{ unit }};
{%- endif %}
{%- set subinterface_context = subinterface.tags|get_netbox_tags_contexts|contexts_merge_last %}
{# interface_vrf(subinterface, subinterface_context) #}
{# interface_common(subinterface, subinterface_context) #}
{{ macros.interface_addresses(subinterface, subinterface_context) }}
}
{%- endfor %}
{%- endif %}
}
{%- endif %}
{%- endfor %}
fxp0 {
unit 0;
}
}

+ 16
- 0
includes/junos-v21-core-router/macros.j2
View File

@ -0,0 +1,16 @@
{%- macro interface_description(interface, interface_context) %}
description "{% if interface.label %}{{ interface.label|replace('"','\\"') or "-" }}: {% endif %}{{ interface.description|replace('"','\\"') or "-" }}{% if interface.connected_endpoint %} ({{ interface.connected_endpoint.name|replace('"','\\"')|replace('.voneus.net','') }}{% if interface.connected_endpoint.device.name %} @ {{ interface.connected_endpoint.device.name|replace('.voneus.net','')|replace('"','\\"') }}{% endif %}){% endif %}{% if interface.cable %} via [{{ interface.cable.label.split("/")[-1] }}]{% endif %}{% if interface.link_peer %} to [{{ interface.link_peer.label or interface.link_peer.name }}{% if interface.link_peer.device %} @ {{ interface.link_peer.device.name.split("/")[-1]|replace('"','\\"')|replace('.voneus.net','') }}]{% endif %}{% endif %}"
{%- endmacro %}
{%- macro interface_addresses(interface, interface_context) %}
family inet {
{%- for address in interface|get_addresses %}{% if address|ipv4 %}
address {{ address.address }}
{%- endif %}{%- endfor %}
}
family inet6 {
{%- for address in interface|get_addresses %}{% if address|ipv6 %}
address {{ address.address }}
{%- endif %}{%- endfor %}
}
{%- endmacro %}

+ 8
- 0
includes/junos-v21-core-router/routing-options.j2
View File

@ -0,0 +1,8 @@
routing-options {
static {
{%- for (route, route_data) in device.config_context.get('routes',{}).items() %}
route {{ route }} next-hop {{ route_data.get('next-hop', None) }};
{%- endfor %}
}
nonstop-routing;
}

+ 79
- 0
includes/junos-v21-core-router/system.j2
View File

@ -0,0 +1,79 @@
system {
root-authentication {
encrypted-password "$6$uC87jp7U$04FIKNRT3VcUzqDiaxKVRVqnQM2c48Q2NpIARsSuKVVK7gezNX92B7261QV.kRHg.yswiDhUY.SF4e/qgRNdL0"; ## SECRET-DATA
}
commit synchronize;
login {
user faelix {
full-name "FAELIX NOC";
uid 2000;
class super-user;
authentication {
encrypted-password "$6$4sVD2r4y$PjAIeLZ/tJcDhsQekJI9wU2l4xYf8k6mHuzvLivK2tcFXdcHMjP23Up/oUzMRWiVtEW99foiEWuXG40tL5cHy0";
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM05RD1X1njHcJvPTGbaCkO7rssp6T8uTCH3b6Sk4MA9 maz@lifting-shadows";
}
}
user voneus {
full-name "Voneus NOC";
uid 2001;
class super-user;
authentication {
encrypted-password "$6$4sVD2r4y$PjAIeLZ/tJcDhsQekJI9wU2l4xYf8k6mHuzvLivK2tcFXdcHMjP23Up/oUzMRWiVtEW99foiEWuXG40tL5cHy0";
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM05RD1X1njHcJvPTGbaCkO7rssp6T8uTCH3b6Sk4MA9 maz@lifting-shadows";
}
}
user nomios {
full-name "Nomios NOC";
uid 2002;
class super-user;
authentication {
encrypted-password "$6$4sVD2r4y$PjAIeLZ/tJcDhsQekJI9wU2l4xYf8k6mHuzvLivK2tcFXdcHMjP23Up/oUzMRWiVtEW99foiEWuXG40tL5cHy0";
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM05RD1X1njHcJvPTGbaCkO7rssp6T8uTCH3b6Sk4MA9 maz@lifting-shadows";
}
}
}
services {
ssh;
}
authentication-order [ password radius ];
syslog {
file interactive-commands {
interactive-commands any;
}
file messages {
any notice;
authorization info;
}
}
processes {
dhcp-service {
traceoptions {
file dhcp_logfile size 10m;
level all;
flag packet;
}
}
}
domain-name core.voneus.net;
domain-search [ core.voneus.net oob.core.voneus.net netops.voneus.net ];
time-zone Universal;
location country-code UK;
name-server {
9.9.9.9;
1.1.1.1;
8.8.8.8;
}
radius-server {
{% for radius_server, radius_data in device.config_context.get('radius-servers',{}).items() %}
{{ radius_server }} secret "{{ radius_data.get('secret') }}";{% endfor %}
}
accounting {
events login;
destination {
radius;
}
}
ntp {
server 185.134.196.169 prefer;
}
}

+ 6
- 329
junos-v21-core-router.j2
View File

@ -2,333 +2,10 @@
{% import "macros.j2" as macros %}
version 21.3R1.9;
groups {
{%- set re_groups = [] %}
{%- set lag_interfaces = [] %}
{%- for interface, subinterfaces in device|get_interfaces|subinterfaces(".") %}
{%- if interface.type.value == 'lag' %}{%- do lag_interfaces.append(interface) %}{%- endif %}
{%- if '@' in interface.name %}
{%- set re = interface.name.split("@")[1] %}
{%- do re_groups.append( re ) %}
{%- set interface_name = interface.name.split("@")[0] %}
{%- set interface_context = interface.tags|get_netbox_tags_contexts|contexts_merge_last %}
{{ re }} {
system {
host-name {{ re }}.{{ device.name }};
services {
ssh;
}
}
interfaces {
{{ interface_name}} {
unit 0 {
family inet {
{%- for address in interface|get_addresses %}{% if address|ipv4 %}
address {{ address.address }};
{%- endif %}{%- endfor %}
}
}
}
}
}
{%- endif %}
{%- endfor %}
}
apply-groups [ {% for re in re_groups %}{{ re }}{% if not loop.last %} {% endif %}{% endfor %} ];
system {
root-authentication {
encrypted-password "$6$uC87jp7U$04FIKNRT3VcUzqDiaxKVRVqnQM2c48Q2NpIARsSuKVVK7gezNX92B7261QV.kRHg.yswiDhUY.SF4e/qgRNdL0"; ## SECRET-DATA
}
commit synchronize;
login {
user faelix {
full-name "FAELIX NOC";
uid 2000;
class super-user;
authentication {
encrypted-password "$6$4sVD2r4y$PjAIeLZ/tJcDhsQekJI9wU2l4xYf8k6mHuzvLivK2tcFXdcHMjP23Up/oUzMRWiVtEW99foiEWuXG40tL5cHy0";
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM05RD1X1njHcJvPTGbaCkO7rssp6T8uTCH3b6Sk4MA9 maz@lifting-shadows";
}
}
user voneus {
full-name "Voneus NOC";
uid 2001;
class super-user;
authentication {
encrypted-password "$6$4sVD2r4y$PjAIeLZ/tJcDhsQekJI9wU2l4xYf8k6mHuzvLivK2tcFXdcHMjP23Up/oUzMRWiVtEW99foiEWuXG40tL5cHy0";
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM05RD1X1njHcJvPTGbaCkO7rssp6T8uTCH3b6Sk4MA9 maz@lifting-shadows";
}
}
user nomios {
full-name "Nomios NOC";
uid 2002;
class super-user;
authentication {
encrypted-password "$6$4sVD2r4y$PjAIeLZ/tJcDhsQekJI9wU2l4xYf8k6mHuzvLivK2tcFXdcHMjP23Up/oUzMRWiVtEW99foiEWuXG40tL5cHy0";
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM05RD1X1njHcJvPTGbaCkO7rssp6T8uTCH3b6Sk4MA9 maz@lifting-shadows";
}
}
}
services {
ssh;
}
authentication-order [ password radius ];
syslog {
file interactive-commands {
interactive-commands any;
}
file messages {
any notice;
authorization info;
}
}
processes {
dhcp-service {
traceoptions {
file dhcp_logfile size 10m;
level all;
flag packet;
}
}
}
domain-name core.voneus.net;
domain-search [ core.voneus.net oob.core.voneus.net netops.voneus.net ];
time-zone Universal;
location country-code UK;
name-server {
9.9.9.9;
1.1.1.1;
8.8.8.8;
}
radius-server {
{% for radius_server, radius_data in device.config_context.get('radius-servers',{}).items() %}
{{ radius_server }} secret "{{ radius_data.get('secret') }}";{% endfor %}
}
accounting {
events login;
destination {
radius;
}
}
ntp {
server 185.134.196.169 prefer;
}
}
chassis {
maximum-ecmp 16;
redundancy {
routing-engine 0 master;
routing-engine 1 backup;
failover {
on-loss-of-keepalives;
on-re-to-fpc-stale;
on-disk-failure;
on-loss-of-vm-host-connection;
}
graceful-switchover;
}
aggregated-devices {
ethernet {
device-count {{ lag_interfaces|length }};
}
}
fpc 0 {
pic 0 {
number-of-ports 0;
}
pic 1 {
port 0 {
speed 100g;
}
port 1 {
speed 100g;
}
port 2 {
speed 100g;
}
port 3 {
speed 100g;
}
port 4 {
speed 100g;
}
port 5 {
speed 100g;
}
port 6 {
speed 100g;
}
port 7 {
speed 100g;
}
port 8 {
speed 100g;
}
port 9 {
speed 100g;
}
port 10 {
speed 100g;
}
port 11 {
speed 40g; /* XXX temporary for testing lab */
}
}
}
network-services enhanced-ip;
}
interfaces {
{%- for interface, subinterfaces in device|get_interfaces|subinterfaces(".") %}
{%- set interface_context = interface.tags|get_netbox_tags_contexts|contexts_merge_last %}
{%- set interface_tags = [] %}
{%- for tag in interface.tags %}
{%- do interface_tags.append(tag.slug) %}
{%- endfor %}
{%- if '@' in interface.name %}
/* groups interface: {{ interface.name }} */
{%- elif interface.mgmt_only %}
/* management interface: {{ interface.name }} */
{%- elif 'no-automation' in interface_tags %}
/* do not configure: {{ interface.name }} */
{% elif interface.lag %}
{{ interface.name }} {
{{ macros.interface_description(interface, interface_context) }}
gigether-options {
802.3ad {{ interface.lag.name }};
}
{%- elif interface.name.startswith( 'lo' ) %}
{{ interface.name }} {
{{ macros.interface_description(interface, interface_context) }}
{%- for unit, subinterface in subinterfaces %}
unit {{ unit }} {
{%- if subinterface.untagged_vlan %}
vlan-id {{ subinterface.untagged_vlan.vid }};
{%- elif unit|int %}
vlan-id {{ unit }};
{%- endif %}
{%- set subinterface_context = subinterface.tags|get_netbox_tags_contexts|contexts_merge_last %}
{# interface_vrf(subinterface, subinterface_context) #}
{# interface_common(subinterface, subinterface_context) #}
{{ macros.interface_addresses(subinterface, subinterface_context) }}
}
{%- endfor %}
{%- elif interface.type.value == 'lag' %}
{{ interface.name }} {
vlan-tagging;
aggregated-ether-options {
minimum-links 1;
link-speed 100g;
}
{{ macros.interface_description(interface, interface_context) }}
{# interface_common(interface, interface_context) #}
{%- elif interface.type.value != 'virtual' %}
{{ interface.name }} {
{{ macros.interface_description(interface) }}
{%- if not interface.mode or ( interface.mode.value == 'access' ) %}
unit 0 {
{# interface_vrf(interface, interface_context) #}
{# interface_common(interface, interface_context) #}
{{ macros.interface_addresses(interface, interface_context) }}
}
{%- elif interface.mode.value == 'tagged' %}
vlan-tagging;
{%- endif %}
{%- endif %}
{%- if ( not interface.mgmt_only ) and ( 'no-automation' not in interface_tags ) and ( '@' not in interface.name ) %}
{%- for tagged_vlan in interface.tagged_vlans %}{%- endfor %}
{%- if interface.mode.value == 'tagged' %}
{%- for unit, subinterface in subinterfaces %}
unit {{ unit }} {
{%- if subinterface.untagged_vlan %}
vlan-id {{ subinterface.untagged_vlan.vid }};
{%- elif unit|int %}
vlan-id {{ unit }};
{%- endif %}
{%- set subinterface_context = subinterface.tags|get_netbox_tags_contexts|contexts_merge_last %}
{# interface_vrf(subinterface, subinterface_context) #}
{# interface_common(subinterface, subinterface_context) #}
{{ macros.interface_addresses(subinterface, subinterface_context) }}
}
{%- endfor %}
{%- endif %}
}
{%- endif %}
{%- endfor %}
fxp0 {
unit 0;
}
}
forwarding-options {
sampling {
input {
rate 10000;
run-length 0;
max-packets-per-second 50000;
}
}
load-balance {
per-flow {
hash-seed;
}
}
hash-key {
family inet {
layer-3;
layer-4;
symmetric-hash;
}
family inet6 {
layer-3;
layer-4;
}
family mpls {
label-1;
label-2;
label-3;
payload {
ether-pseudowire;
ip {
port-data;
}
}
}
family multiservice {
source-mac;
destination-mac;
payload {
ip {
layer-3;
layer-4;
}
}
}
}
enhanced-hash-key {
family mpls {
ether-pseudowire zero-control-word;
}
}
}
routing-options {
static {
{%- for (route, route_data) in device.config_context.get('routes',{}).items() %}
route {{ route }} next-hop {{ route_data.get('next-hop', None) }};
{%- endfor %}
}
nonstop-routing;
}
{% include "includes/junos-v21-core-router/groups.j2" with context %}
{% include "includes/junos-v21-core-router/system.j2" with context %}
{% include "includes/junos-v21-core-router/chassis.j2" with context %}
{% include "includes/junos-v21-core-router/interfaces.j2" with context %}
{% include "includes/junos-v21-core-router/forwarding-options.j2" with context %}
{% include "includes/junos-v21-core-router/routing-options.j2" with context %}

Write Preview
Loading…
Cancel
Save