Sample project using Ansible and Jinja2 template to automatically generate configurations for Juniper devices deploy in EVPN/VXLAN fabric mode
** Still work in progress // Configurations are not 100% valid yet **
White Paper on EVPN/VXLAN available on Juniper.net http://www.juniper.net/assets/us/en/local/pdf/whitepapers/2000606-en.pdf
- Define your inventory file : hosts
- Adapt common variable in group_vars/all/common.yaml to match your environment
- Adapt devices variables to match your environment:
- host_vars/host_name/main.yaml for management ip and loopback ip
- host_vars/host_name/underlay.yaml Interface IP and underlay BGP information
- host_vars/host_name/overlay.yaml Overlay BGP and VNI/Bridge domains information
Generate and push configuration
Configuration can be deploy in two way:
- In regular mode, configuration generated by Ansible will overwrite all existing configuration in this mode all configuration has to be generated by Ansible
- In groups mode, configuration generated is placed inside a config groups and it will not overwrite existing configuration.
Regular mode, no groups, configuration will be overwritten
ansible-playbook -i hosts all.commit.p.yaml
Groups mode, configuration will NOT be overwritten
ansible-playbook -i hosts all.commit.groups.p.yaml
Available Playbooks
make_clean.p.yaml # Create temp directory for all devices
assemble_and_commit.p.yaml # Assemble and commit configuration for all devices, overwrite
assemble_groups_and_commit.p.yaml # Assemble and commit configuration for all devices with group, no overwrite
all.commit.p.yaml # Generate, assemble, push and commit configuration to all devices (no groups)
all.commit.groups.p.yaml # Generate, assemble, push and commit configuration to all devices (groups)
all.p.yaml # Generate configuration parts to all devices
leaves.qfx.l2.p.yaml # Generate configuration parts for leaf-qfx-l2 group
spines.mx.p.yaml # Generate configuration parts for spines-mx group
spines.qfx.p.yaml # Generate configuration parts for leaf-spine-qfx group
If you want to extend the configuration, there are mainly 2 solutions:
-
From Ansible Create your own role including template and variable file and add your role to existing playbooks. Inside your own template you can access all variables file that have been previously define.
-
On the device itself If you use the playbook "all.commit.groups.p.yaml", all configuration generated by Ansible will be contained into a config groups and the existing configuration will not be overwritten when Ansible apply the configuration. It let you the option to extend/overwrite the configuration manually.
All configuration is coming from jinja2 templates located inside each roles directory >> roles//templates/xxx.j2 it's really easy to customize these templates to adapt to your need.
The roles common that is generating all non EVPN/VXLAN configuration is meant to be customized
- The underlay is build using EBGP with one ASN per switch
- The overlay is build using iBGP without RR and ingress replication
To provide flexibility in configuration different "configuration template" have have been created and each is associated with a different roles
Generate the base configuration, non specific to the EVPN/VXLAN part :
- Management Interface
- Loopback Interface
- Root password
- timezone
- Syslog
- User
- SNMP
Template can be found in roles/common/templates/main.conf.j2
Using variable files from
- [group_vars/all/common.yaml]((https://github.com/JNPRAutomate/ansible-junos-evpn-vxlan/blob/master/group_vars/all/common.yaml)
- host_vars/hostname/main.yaml
Generate the base configuration to build the underlay:
- interfaces IP between spine and leaf
- Underlay BGP configuration using EBGP
- BFD for BGP on all interfaces
- BGP policy options
- ECMP across Spines
Template can be found in roles/underlay-ebgp/templates/main.conf.j2
Using variable files from :
- [group_vars/all/underlay.yaml]((https://github.com/JNPRAutomate/ansible-junos-evpn-vxlan/blob/master/group_vars/all/underlay.yaml)
- host_vars/hostname/main.yaml
- host_vars/hostname/underlay.yaml
Generate configuration for access ports of the EVPN/VXLAN fabric
- Aggregate interface, with or without ESI
- Trunk interface
Template can be found in roles/overlay-evpn-access/templates/main.conf.j2
Using variable files from :
- host_vars/hostname/access.yaml
Generate configuration for EVPN/VXLAN for QFX in L2 mode (no rvi)
- Overlay iBGP configuration
- VNI/VLAN creation with associated policy options
Template can be found in roles/overlay-evpn-qfx-l2/templates/main.conf.j2
Using variable files from :
- host_vars/hostname/main.yaml
- host_vars/hostname/overlay.yaml
Generate configuration for EVPN/VXLAN for MX in L3 mode (rvi)
- Overlay iBGP configuration
- VNI/VLAN creation with associated policy options
- RVI per VLAN/VNI
Template can be found in roles/overlay-evpn-mx-l3/templates/main.conf.j2
Using variable files from :
- host_vars/hostname/main.yaml
- host_vars/hostname/overlay.yaml
Not implemented yet
- Ansible
- juniper.junos module for Ansible (min 1.2.2)
- junos-eznc