-
Notifications
You must be signed in to change notification settings - Fork 25
Home
The answer is with a project called JTAF - the Juniper Terraform Automation Framework!
JTAF is not a provider, but it's a set of tools used to create a provider for your specific platform, software version and configuration requirements. If you're interested, continue reading! Providers are plugins for Terraform and Hashicorp now has a registry with which you can download officially verified providers.
Refer to the provider docs for more details.
JTAF creates Terraform providers and automatically writes Go
code which is then compiled into a static binary, aka, the provider.
The Terraform providers generated by JTAF in turn, create configuration groups
on Junos and apply them with the apply-group
configuration stanza. These groups are then treated as Terraform resources.
Start simple and build knowledge. JTAF works at the intersection between network programmability, more importantly YANG and NETCONF and Terraform with HCL. Whilst JTAF makes it easier for you to build providers, it isn't foolproof and you will need to understand a bit of everything before you'll make the most of JTAF.
Videos Introduction: https://youtu.be/eH24eCZc7pE
Installation: https://youtu.be/aTF7_Uscd9Q
Generate: https://youtu.be/UgsFU7UplRE
Execution: https://youtu.be/Lfkc38wzhNg
Interface Configuration: https://youtu.be/iCnnkDodUgQ
BGP Configuration: https://youtu.be/nQVNCNCJZRc
Here is a laundry list of pre-requisite knowledge:
- You can read YANG and understand the basic semantics.
- You know what a simple XPath expression is.
- You know your way around Junos operationally.
Can the provider modules be generated for the end-element(leaf level in yang file) at same hierarchy?
Yes, The modules can be generated at any hierarchy. It is recommended to keep the hierarchy smaller in size. One can refer the Samples directory for a similar example. Refer link .
Can the provider modules be generated for the end-element(leaf level in yang file) at parent hierarchy?
Yes, The modules can be generated at any hierarchy. It is recommended to keep the hierarchy smaller in size. If the parent has large number of elements having multiple sub-hierarchies and you only need few elements in them then generate multiple module with different hierarchies. One can refer the Samples directory for a similar example. Refer link.
Yes, multiple xpath or modules can be generated together as a single provider and can be set on the device using a single test file. One can refer the Samples directory for a similar example. Refer link.
- Install Golang
- Install Python, virtual environments and Pyang (3.x of Python)
- You will need a IDE. Most of us use [Visual Code]( Visual Studio Code - Code Editing. Redefinedhttps://code.visualstudio.com) from Microsoft
The providers do not contain every configuration item by design. When JTAF writes Go code, it does so in the most simple fashion possible and thus flattens the internal data structures to a key/value data map. So what's in a provider? The short answer is whatever you put in it. XPath expressions control the content of the provider and those expressions are passed into JTAF, referenced in the configuration file.
JTAF is based on a Goldilocks approach of 'right-sizing' and focusses on the smallest units of concern. These units are:
- Platform specificity
- Correct software version
- A blob of configuration required as part of deterministic IaC (Infrastructure-as-Code)
- Single resource approach
Platform and software right-sizing is based purely on using the correct YANG models. For the configuration aspect, it's assumed that as you're working with IaC, you know ahead of time what configuration is required on your physical or virtual network element.
With regards to the single resource approach, it's important that in your .tf
files that each resource name, contains the smallest blob of configuration possible. This is a complex topic and it will be explained in greater detail in these docs, but for now, ensure the rule is followed.
Yes. As of JTAF 0.1.1 (Nov 25th 2021).
Yes, The modules can be generated at any hierarchy and multiple keys is supported. There may be a scenario when some keys are optional and that is still supported. You can refer to the Samples directory for a similar example.
Choice is also supported. You can refer to the samples directory for a similar example.