Skip to content

A Flask (Python) driven WebUI built for Jinja/Yaml templating and additional services.

License

Notifications You must be signed in to change notification settings

natemellendorf/configpy

Repository files navigation

ConfigPy

Build Status

Author:

Nate Mellendorf
https://www.linkedin.com/in/nathan-mellendorf/

Overview:

ConfigPy was built to address the need for infrastructure as code for Junos devices. It leverages Docker, Flask, SocketIO, Redis, PyEZ, Paramiko, and GitLab to:

  • Create an OpenSSH server to listen for outbound SSH sessions from Junos devices.
  • Once established, use PyEZ to gather facts about the connected Junos device.
  • Store these device facts in a short lived centralized database.
  • Perform additional tasks with PyEZ, such as auditing the Junos firmware and updating it.
  • Sync the device config with a config file stored in a remote repository.
  • If clustering is desired, leverage an op script and event manager to cluster the device.
  • Leverage Jinja2 and YAML templating to create new configs, and push them to connected devices.

Demos:

Template Rendering:

ConfigPy Demo_1

Device Config Sync

ConfigPy Demo_2

Notes from the author

ConfigPy was my first personal Python project, which I think is glaring when reviewing the code. It introduced me to every dependancy that it leverages. Python (Flask, PyEZ, Requests), Redis, JavaScript, JQuery, CSS (Bootstrap), etc. In it's current state, I would not recommend this project be placed outside of a lab environment.

Deployment:

Automatic

Please leverage this compose file to launch ConfigPy

#docker swarm init
docker stack deploy -c Docker-Compose.yml configpy

Manual

docker run --name redis \
  -d --restart always \
  -p 6379:6379 \
  --network production \
  redis

docker run --name configpy-node \
  -d --restart always \
  -p 9000:9000 \
  --network production \ 
  natemellendorf/configpy-node \  
  -user ztp \
  -password **secret** \ 
  -configpy_url http://10.0.0.204:80 \
  -redis_url redis \
  -repo_uri http://gitlab:8080/networking/configs \ 
  -repo_auth_token **secret** \
  -software_location http://10.0.0.204/static/firmware/ \ 
  -srx_firmware **shouldContainVersionInName-18.2R1.9.tgz \
  -srx_firmware_checksum **MD5checksum**
  
docker run --detach --hostname gitlab.example.com \
--publish 443:443 \
--publish 80:80 \
--publish 22:22 \
--name gitlab \
--restart always \
--volume /srv/gitlab/config:/etc/gitlab \
--volume /srv/gitlab/logs:/var/log/gitlab \
--volume /srv/gitlab/data:/var/opt/gitlab \
gitlab/gitlab-ce:latest

docker run --name configpy \
  -d --restart always \
  -e REDIS_URI=redis \
  -p 80:80 \
  --volume c:/dockerstorage/configpy/firmware:/home/devops/configpy/static/firmware \
  --network production \
  natemellendorf/configpy

How to configure your Juniper device to connect

Remember to permit this traffic inbound on your mgmt interface.

set system services outbound-ssh client ztp device-id test-srx
set system services outbound-ssh client ztp services netconf
set system services outbound-ssh client ztp <DockerHost> port 9000
set system services outbound-ssh client ztp <DockerHost> timeout 120

About

A Flask (Python) driven WebUI built for Jinja/Yaml templating and additional services.

Resources

License

Stars

Watchers

Forks

Packages

No packages published