Upgrading Juniper Lab Infrastructure using Ansible

This article demonstrates how to upgrade large-scale Juniper lab infrastructure using Ansible HEAT templates. The same process can also be considered for production deployments.

Prerequisites for the upgrade:

  • Linux Server. I’m using Ubuntu 14.04
  • Juniper PyEZ Library
  • Ansible
  • IP Connectivity to the devices you are planning to upgrade
  • NetConf over SSH Enabled on Juniper devices you are upgrading

Preparing the Infrastructure

Install PyEZ on your Linux Server

  • Fetch the list of available updates
sudo apt-get update
  • Upgrade current packages
sudo apt-get upgrade
  • Install ‘pip’
sudo apt-get install python-pip
  • Install PyEZ library dependencies
sudo apt-get install python-dev libxml2-dev libxslt-dev libssl-dev libffi-dev
  • Install PyEZ
sudo pip install junos-eznc

Install Ansible with Juniper Library

  • Install Ansible
apt-get install ansible
  • Install Juniper Ansible Library
ansible-galaxy install Juniper.junos

Enable Netconf over SSH

Enable Netconf over SSH on all the devices you are planning to upgrade:

set system services netconf ssh 

Create Ansible Log Directory

On your Linux Server, create Ansible directory and change the ownership to the user launching Ansible Playbook

sudo mkdir /var/log/ansible/

sudo chown juniper /var/log/ansible/

Configure Ansible Playbook and Hosts file

Create YML file

vi junos_install_os.yml

Populate YML File


- name: Install Junos OS

  hosts: JunOS-vSRX


  - Juniper.junos

  connection: local

  gather_facts: no


    wait_time: 3600

    pkg_dir: /home/juniper/sw_images

    OS_version: 12.1X47-D45.4

    OS_package: junos-vsrx-12.1X47-D45.4-domestic.tgz

    log_dir: /var/log/ansible



  - name: USERNAME

    prompt: User name

    private: no


    prompt: Device password

    private: yes



  - name: Checking NETCONF connectivity

    wait_for: host={{ inventory_hostname }} port=830 timeout=5


  - name: Install Junos OS package


      host={{ inventory_hostname }}

      user={{ USERNAME }}

      passwd={{ DEVICE_PASSWORD }}


      version={{ OS_version }}

      package={{ pkg_dir }}/{{ OS_package }}

      logfile={{ log_dir }}/software.log

    register: sw


    - wait_reboot



  - name: wait_reboot

    wait_for: host={{ inventory_hostname }} port=830 timeout={{ wait_time }}

    when: not sw.check_mode    

Populate Ansible Hosts

In order to execute the playbook, you need to populate Ansible’s hosts file information with the list of nodes you are planning to upgrade. In my lab, I do this by the platform, e.g. vSRX, MX80, EX4300, etc.

vi /etc/ansible/hosts


Prepare JunOS image

Create the directory where you plan to store JunOS images


Copy JunOS image to the server

scp junos-vsrx-12.1X47-D45.4-domestic.tgz   juniper@server:/home/juniper/sw_images

Perform the upgrade

Launch Ansible Playbook

ansible-playbook  ./junos_install_os.yml

Monitor Software Installation

juniper@host:~/ansible$ ansible-playbook  ./junos_install_os.yml

User name: root

Device password:


PLAY [Install Junos OS] *******************************************************


TASK: [Checking NETCONF connectivity] *****************************************

ok: []


TASK: [Install Junos OS package] **********************************************

changed: []


NOTIFIED: [wait_reboot] *******************************************************

ok: []


PLAY RECAP ********************************************************************              : ok=3    changed=1    unreachable=0    failed=0

If errors occur, review ‘/var/log/ansible/software.log’ file.

Additional Information

Leave a Reply

Your email address will not be published. Required fields are marked *