juniper / vqfx10k-vagrant Goto Github PK

Vagrant projects for vQFX10k

License: Apache License 2.0

Shell 0.34% HTML 99.66%

vqfx10k-vagrant's Introduction

This repository is a library of examples/demo using Vagrant and vqfx10K. Each example has its own directory and will contain at least a Vagrantfile

Launch vqfx10k

Once you have followed the installation procedure, you can start a topology with few lines

To try an example, you just have to go inside a specific directory and run "vagrant up":

git clone https://github.com/Juniper/vqfx10k-vagrant.git
cd vqfx10k-vagrant/light-2qfx
vagrant up

Some topologies are using Ansible, If you don't have ansible you can start them using vagrant up --no-provision

Once both VMs are up and running, you can connect to them with:

vagrant ssh vqfx1
vagrant ssh vqfx2

Available examples:

Installation Guide

Installation Guide is available here

How to contribute

Contributions to this repository are welcome and encouraged, especially to:

Enhance the documentation of existing examples
Enhance existing examples
Create new examples

To contribute

Fork this repository
Send a merge request

Guidelines to create a new example

TODO

How to provide feedback or report an issue

The best solution to provide feedback is to open a new issue on the git tracker associated with this repo.
Before opening a new issue, please check the troubleshooting guide - work in progress

vQFX10K

vqfx10k is a tool provided for lab and training; this is not a intended to be used in production. Capacities are similar to a real QFX10K but performance are very limited in this version, few 100s PPS.

Mode, Architecture and Limitations

vqfx10k for Vagrant can work in 2 modes: Full and Light

Full Mode

In Full mode, it require 2 VMs for each instance:

1 Routing Engine VM, running Junos (vqfx10k-re-virtualbox-##.box)
1 Packet Forwarding Engine, running Linux (vqfx10k-pfe-virtualbox-##.box)

In Full mode, the dataplane is fully functional and is very close to the real QFX10K

These 2 VMs need to be interconnected with a dedicated private network on their interface number 1, (interface 0 is always reserved for Vagrant for management). All data plane interfaces need to be connected to the Routing Engine (RE) VM. Up to 12 data plane interfaces are supported. Port names will be xe-0/0/0 to xe-0/0/11.

Full Mode Limitations

Only few features are not supported due to some architecture differences between vQFX10K and a real QFX10K

Unsupported features:

Analytics
Guest VM/ Guest container

Light Mode

In Light mode, only 1 Routing Engine VM, running Junos is required for each instance.
Up to 5 interfaces are supported to connect to external devices. Interface names will be em3 to em7

Light Mode Limitations

In Light mode, most data plane features are not supported and all packets are processed in kernel

Family ethernet-switching is not supported in light mode

VM Characteristics

vqfx10k-re

Requires:

1GB of memory
Interfaces type must be type: 82540EM

A maximum of 12 interfaces are supported:

first interface is used by vagrant (em0)
second interface is used to connect to the PFE VM (em1)
third interface is a management port not used (em2)
All remaining interfaces can be used to connected to other devices

This VM has 2 account by default:

Virtualbox only support 8 interfaces by default

vqfx10k-pfe

Requires:

1.5/2GB of memory
1 dedicated core

A maximum of 2 interfaces are supported:

first interface is used by vagrant (eth0)
second interface is used to connect to the RE VM (eth1)

This VM has 2 account by default:

Vagrant

What is Vagrant Vagrant is an open-source (MIT) tool for building and managing virtualized development environments developed by Mitchell Hashimoto and John Bender. Vagrant is able to create VMs, connect them together and is specify configure them automatically.
Here is a good introduction to Vagrant for Network Engineer

Providers

For now, only VirtualBox is supported as a provider.

VMware will be added later.

vqfx10k-vagrant's People

Contributors

Stargazers

Watchers

Forkers

dattamiruke iddocohen rikardh nembery deltasierra ampg99 dberko marcusgc akosiaris gahlberg victorock daanvdsanden atifs kimcharli vhk427 nuttaponakub termlen0 sjas adoehn treday630 mlstyszynski mierdin lmalhoit ustadcloud arainwater th3architect grigorenkoae jannishan oldcreek12 lotsonlu jlollis ctopher78 j-tb asherbersh ustrum vincentbernat delscarlett ahmedjama edwinpjacques mrlesmithjr seclab-int-dev-group achrstl testbed123 kderynski juniper-tungsten csirkin tudt949 rperr001 r-2st nickzxcv trmccart hightoxicity jtounsi badbirdca ledeuns eggsy184

vqfx10k-vagrant's Issues

Null counters in "show interfaces queue" output

Good day!
I tried to get CoS working on vQFXes, but didn't find an ability to check whether the traffic is being placed to egress queues, as command "show interfaces queue" always shows me 0 in counters, even for "best-effort" queue.
Is there something specific for QFX / vQFX? Or is something wrong in my configuration? Or is it unsupported feature? On vSRX I got good results with the same configuration (with the only difference in the style of mapping forwarding class and queue). There are my setup, config and tests below.

After ping from 10.0.0.3 to 10.0.0.1 without ToS:

{master:0}
root> show firewall filter triple-check-in-xe-0/0/1.0-i    

Filter: triple-check-in-xe-0/0/1.0-i                           
Counters:
Name                                                Bytes              Packets
best-effort-xe-0/0/1.0-i                              714                    7
cs5_video-xe-0/0/1.0-i                                  0                    0
ef_voice-xe-0/0/1.0-i                                   0                    0

{master:0}
root> show interfaces queue xe-0/0/0  
Physical interface: xe-0/0/0, Enabled, Physical link is Up
  Interface index: 649, SNMP ifIndex: 521
  Description: ## Test VLAN termination ##
Forwarding classes: 16 supported, 5 in use
Egress queues: 8 supported, 5 in use
Queue: 0, Forwarding classes: best-effort
  Queued:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
  Transmitted:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
    Tail-dropped packets : Not Available  
    RL-dropped packets   :                     0                     0 pps
    RL-dropped bytes     :                     0                     0 bps
    Total-dropped packets:                     0                     0 pps
    Total-dropped bytes  :                     0                     0 bps
Queue: 3, Forwarding classes: fcoe
  Queued:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
  Transmitted:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
    Tail-dropped packets : Not Available  
    RL-dropped packets   :                     0                     0 pps
    RL-dropped bytes     :                     0                     0 bps
    Total-dropped packets:                     0                     0 pps
    Total-dropped bytes  :                     0                     0 bps
Queue: 4, Forwarding classes: voice
  Queued:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
  Transmitted:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
    Tail-dropped packets : Not Available  
    RL-dropped packets   :                     0                     0 pps
    RL-dropped bytes     :                     0                     0 bps
    Total-dropped packets:                     0                     0 pps
    Total-dropped bytes  :                     0                     0 bps
Queue: 5, Forwarding classes: video
  Queued:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
  Transmitted:                          
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
    Tail-dropped packets : Not Available  
    RL-dropped packets   :                     0                     0 pps
    RL-dropped bytes     :                     0                     0 bps
    Total-dropped packets:                     0                     0 pps
    Total-dropped bytes  :                     0                     0 bps
Queue: 7, Forwarding classes: network-control
  Queued:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
  Transmitted:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
    Tail-dropped packets : Not Available  
    RL-dropped packets   :                     0                     0 pps
    RL-dropped bytes     :                     0                     0 bps
    Total-dropped packets:                     0                     0 pps
    Total-dropped bytes  :                     0                     0 bps

{master:0}
root>

After ping from 10.0.0.3 to 10.0.0.1 with DSCP = CS5:

{master:0}
root> show firewall filter triple-check-in-xe-0/0/1.0-i    

Filter: triple-check-in-xe-0/0/1.0-i                           
Counters:
Name                                                Bytes              Packets
best-effort-xe-0/0/1.0-i                              714                    7
cs5_video-xe-0/0/1.0-i                                204                    2
ef_voice-xe-0/0/1.0-i                                   0                    0

{master:0}
root> show interfaces queue xe-0/0/0                       
Physical interface: xe-0/0/0, Enabled, Physical link is Up
  Interface index: 649, SNMP ifIndex: 521
  Description: ## Test VLAN termination ##
Forwarding classes: 16 supported, 5 in use
Egress queues: 8 supported, 5 in use
Queue: 0, Forwarding classes: best-effort
  Queued:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
  Transmitted:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
    Tail-dropped packets : Not Available  
    RL-dropped packets   :                     0                     0 pps
    RL-dropped bytes     :                     0                     0 bps
    Total-dropped packets:                     0                     0 pps
    Total-dropped bytes  :                     0                     0 bps
Queue: 3, Forwarding classes: fcoe
  Queued:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
  Transmitted:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
    Tail-dropped packets : Not Available  
    RL-dropped packets   :                     0                     0 pps
    RL-dropped bytes     :                     0                     0 bps
    Total-dropped packets:                     0                     0 pps
    Total-dropped bytes  :                     0                     0 bps
Queue: 4, Forwarding classes: voice
  Queued:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
  Transmitted:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
    Tail-dropped packets : Not Available  
    RL-dropped packets   :                     0                     0 pps
    RL-dropped bytes     :                     0                     0 bps
    Total-dropped packets:                     0                     0 pps
    Total-dropped bytes  :                     0                     0 bps
Queue: 5, Forwarding classes: video
  Queued:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
  Transmitted:                          
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
    Tail-dropped packets : Not Available  
    RL-dropped packets   :                     0                     0 pps
    RL-dropped bytes     :                     0                     0 bps
    Total-dropped packets:                     0                     0 pps
    Total-dropped bytes  :                     0                     0 bps
Queue: 7, Forwarding classes: network-control
  Queued:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
  Transmitted:
    Packets              :                     0                     0 pps
    Bytes                :                     0                     0 bps
    Tail-dropped packets : Not Available  
    RL-dropped packets   :                     0                     0 pps
    RL-dropped bytes     :                     0                     0 bps
    Total-dropped packets:                     0                     0 pps
    Total-dropped bytes  :                     0                     0 bps

{master:0}
root>

Config:

{master:0}
root> show configuration                                   
## Last commit: 2018-05-11 17:03:50 UTC by root
version 17.4R1.16;
system {
    root-authentication {
        encrypted-password "$6$.L.rxsKG$tahiB1XDJtIL8lEEBuasrnNoYkYe2QXXbPAPPKFAjeuHJtJcbryLLRgwsS9oXMfxpVuWYXkrtXeqR8fLlVWPP0"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
    extensions {
        providers {
            juniper {
                license-type juniper deployment-scope commercial;
            }                           
            chef {
                license-type juniper deployment-scope commercial;
            }
        }
    }
}
interfaces {
    xe-0/0/0 {
        description "## Test VLAN termination ##";
        unit 0 {
            family ethernet-switching {
                interface-mode access;
                vlan {
                    members TEST;
                }
                filter {
                    input triple-check-in;
                }
            }
        }
    }
    xe-0/0/1 {
        description "## Test VLAN termination ##";
        unit 0 {
            family ethernet-switching {
                interface-mode access;
                vlan {
                    members TEST;
                }
                filter {
                    input triple-check-in;
                }
            }
        }
    }
    em1 {
        unit 0 {
            family inet {
                address 169.254.0.2/24;
            }
        }
    }
}
forwarding-options {
    storm-control-profiles default {
        all;                            
    }
}
protocols {
    igmp-snooping {
        vlan default;
    }
}
class-of-service {
    classifiers {
        dscp triple-in {
            forwarding-class voice {
                loss-priority high code-points ef;
            }
            forwarding-class video {
                loss-priority high code-points cs5;
            }
            forwarding-class best-effort {
                loss-priority low code-points [ 000000 000001 000010 000011 000100 000101 000110 000111 001000 001001 001010 001011 001100 001101 001110 001111 010000 010001 010010 010011 010100 010101 010110 010111 011000 011001 011010 011011 011100 011101 011110 011111 100000 100001 100010 100011 100100 100101 100110 100111 101001 101010 101011 101100 101101 101111 110000 110001 110010 110011 110100 110101 110110 110111 111000 111001 111010 111011 111100 111101 111110 111111 ];
            }
        }
        dscp network-control-in {
            forwarding-class network-control {
                loss-priority high code-points cs7;
            }
        }
    }
    forwarding-classes {
        class voice queue-num 4;
        class video queue-num 5;
    }
    interfaces {
        ge-0/0/0 {
            scheduler-map quad;
            unit 0 {
                classifiers {           
                    dscp triple-in;
                }
            }
        }
        ge-0/0/1 {
            scheduler-map quad;
            unit 0 {
                classifiers {
                    dscp triple-in;
                }
            }
        }
    }
    scheduler-maps {
        quad {
            forwarding-class voice scheduler 10p-5p;
            forwarding-class best-effort scheduler 60p-5p;
            forwarding-class network-control scheduler 10p-5p;
            forwarding-class video scheduler 20p-5p;
        }
    }
    schedulers {
        10p-5p {                        
            transmit-rate percent 10;
            buffer-size percent 5;
        }
        60p-5p {
            transmit-rate percent 60;
            buffer-size percent 5;
        }
        20p-5p {
            transmit-rate percent 20;
            buffer-size percent 5;
        }
    }
}
firewall {
    family ethernet-switching {
        filter triple-check-in {
            interface-specific;
            term voice {
                from {
                    dscp ef;
                }
                then {
                    accept;             
                    count ef_voice;
                }
            }
            term video {
                from {
                    dscp cs5;
                }
                then {
                    accept;
                    count cs5_video;
                }
            }
            term best-effort {
                from {
                    dscp-except [ ef cs5 ];
                }
                then {
                    accept;
                    count best-effort;
                }
            }
        }
    }                                   
}
vlans {
    TEST {
        description "## VLAN for CoS test ##";
        vlan-id 700;
    }
    default {
        vlan-id 1;
    }
}

Boot time is terribly slow, apparently an issue with terminal/console speed.

Boot time is terribly slow in the latest version of Virtual Box on OS X.
May be an issue with the serial port in BSD since it seems to take forever to display text to the console.
Every "vagrant up" times out. Takes maybe 30m to boot on an Intel i7.
Tested with Junos 17.4, 18.1 and 18.4.

VQFX10K - OpenConfig

I want to try is the OpenConfig[1] support in Junos. The user guide [1] tell me that:
""" Starting in Junos OS Release 18.3R1, the Junos OS image includes the OpenConfig package """
To enable it I need to run the unhide command: """ set system schema openconfig unhide """
I ran the command, and can see in configuration that openconfig schema is set to "unhide".

root@vqfx-re> show configuration system schema
openconfig {
unhide;
}

After doing that I still do not see any openconfig capabilities when connecting to the switch.

[netconf@infrared-hypervisor juniper]$ ssh -i ~/netconf -s [email protected] -p 830 netconf

<nc:hello xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">
nc:capabilities
nc:capabilityurn:ietf:params:netconf:base:1.0</nc:capability>
nc:capabilityurn:ietf:params:netconf:capability:candidate:1.0</nc:capability>
nc:capabilityurn:ietf:params:netconf:capability:confirmed-commit:1.0</nc:capability>
nc:capabilityurn:ietf:params:netconf:capability:validate:1.0</nc:capability>
nc:capabilityurn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file</nc:capability>
nc:capabilityurn:ietf:params:xml:ns:netconf:base:1.0?module=ietf-netconf&revision=2011-06-01</nc:capability>
nc:capabilityurn:ietf:params:xml:ns:netconf:capability:candidate:1.0</nc:capability>
nc:capabilityurn:ietf:params:xml:ns:netconf:capability:confirmed-commit:1.0</nc:capability>
nc:capabilityurn:ietf:params:xml:ns:netconf:capability:validate:1.0</nc:capability>
nc:capabilityurn:ietf:params:xml:ns:netconf:capability:url:1.0?scheme=http,ftp,file</nc:capability>
nc:capabilityurn:ietf:params:xml:ns:yang:ietf-inet-types?module=ietf-inet-types&revision=2013-07-15</nc:capability>
nc:capabilityurn:ietf:params:xml:ns:yang:ietf-netconf-monitoring</nc:capability>
nc:capabilityhttp://xml.juniper.net/netconf/junos/1.0</nc:capability>
nc:capabilityhttp://xml.juniper.net/dmi/system/1.0</nc:capability>
</nc:capabilities>
nc:session-id2825</nc:session-id>
</nc:hello>
]]>]]>

Is this simply a limitation in the vQFX10K, or is it something I missed?
I do see it has a "limited" suffix on version info, so might be that OpenConfig is not installed/available?

root@vqfx-re> show version
fpc0:

Hostname: vqfx-re
Model: vqfx-10000
Junos: 19.4R1.10 limited
JUNOS Base OS boot [19.4R1.10]
JUNOS Online Documentation [19.4R1.10]
JUNOS Crypto Software Suite [19.4R1.10]
JUNOS Base OS Software Suite [19.4R1.10]
JUNOS Packet Forwarding Engine Support (qfx-10-f) [19.4R1.10]
JUNOS Kernel Software Suite [19.4R1.10]
JUNOS Routing Software Suite [19.4R1.10]
JUNOS Enterprise Software Suite [19.4R1.10]
JUNOS SDN Software Suite [19.4R1.10]
JUNOS jsd [i386-19.4R1.10-jet-1]
JUNOS Web Management [19.4R1.10]
JUNOS py-base-i386 [19.4R1.10]
JUNOS py-base2-i386 [19.4R1.10]
JUNOS py-extensions-i386 [19.4R1.10]
JUNOS py-extensions2-i386 [19.4R1.10]

installation fails

Followed the installation instructions, there is no accompanying Vagrant file

root@ptest:~/vqfx10k-vagrant# vagrant up
A Vagrant environment or target machine is required to run this
command. Run `vagrant init` to create a new Vagrant environment. Or,
get an ID of a target machine from `vagrant global-status` to run
this command on. A final option is to change to a directory with a
Vagrantfile and to try again.

I can of course init a standard file, but it also fails. Where is the Vagrant file that gets this to run?

root@ptest:~/vqfx10k-vagrant# vagrant init
A `Vagrantfile` has been placed in this directory. You are now
ready to `vagrant up` your first virtual environment! Please read
the comments in the Vagrantfile as well as documentation on
`vagrantup.com` for more information on using Vagrant.
root@ptest:~/vqfx10k-vagrant# vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Box 'base' could not be found. Attempting to find and install...
    default: Box Provider: virtualbox
    default: Box Version: >= 0
==> default: Box file was not detected as metadata. Adding it directly...
==> default: Adding box 'base' (v0) for provider: virtualbox
    default: Downloading: base
An error occurred while downloading the remote file. The error
message, if any, is reproduced below. Please fix this error and try
again.

Couldn't open file /home/spollock/vqfx10k-vagrant/base

forwarding instances unsupported

{master:0}[edit routing-instances PBR_TO_ISP1]
vagrant@vqfx-re# set instance-type ?
Possible completions:
  evpn                 EVPN routing instance
  evpn-vpws            EVPN VPWS routing instance
  virtual-router       Virtual routing instance
  virtual-switch       Virtual switch routing instance
  vrf                  Virtual routing forwarding instance

There should be two more entries in there:

testuser@qfx10k# set instance-type ?
Possible completions:
  evpn                 EVPN routing instance
  evpn-vpws            EVPN VPWS routing instance
  forwarding           Forwarding instance
  no-forwarding        Nonforwarding instance
  virtual-router       Virtual routing instance
  vrf                  Virtual routing forwarding instance

Typically a "forwarding" type instance is used for filter-based-forwarding where there's no specific interface attached to the interface, but used as an alternate forwarding table for packets selected by a firewall filter.

https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/instance-type-edit-routing-instances-vp.html

light vqfx / traffic is not working on em4

vQFX em0 binded to network

Hi all, by default Vagrant binds em0 of vQFX on localhost, changing the port for each switch.
What is the tip to bind em0 on any network (private or public) in order to access the vQFX with a specific IP address for each switch?
Thanks
Regards

PFE VM never boots past "Volume not properly unmounted" error message

Overview

Symptom 1

Both vqfx1-pfe and vqfx2-pfe VMs in full-2qfx-4srv-evpnvxlan topology get stuck with following error message:

FAT-fs (sda1): Volume was not properly unmounted. Some data may be corrup. Please run fsck.

VM boot process doesn't go any further.

Symptom 2

vqfx1 and vqfx2 VMs do not have a single xe-a/b/c interface:

vagrant@vqfx1> show interfaces terse
Interface               Admin Link Proto    Local                 Remote
gr-0/0/0                up    up
bme0                    up    up
bme0.0                  up    up   inet     128.0.0.1/2
                                            128.0.0.4/2
                                            128.0.0.16/2
                                            128.0.0.63/2
cbp0                    up    up
dsc                     up    up
em0                     up    up
em0.0                   up    up   inet     10.0.2.15/24
em1                     up    up
em1.0                   up    up   inet     169.254.0.2/24
em2                     up    up
em2.32768               up    up   inet     192.168.1.2/24
em3                     up    up
em4                     up    up
em4.32768               up    up   inet     192.0.2.2/24
em5                     up    up
em6                     up    up
em7                     up    up
esi                     up    up
gre                     up    up
ipip                    up    up
irb                     up    up
irb.10000               up    down inet     10.10.1.251/24
                                            10.10.1.254/24
irb.20000               up    down inet     10.10.2.251/24
                                            10.10.2.254/24
jsrv                    up    up
jsrv.1                  up    up   inet     128.0.0.127/2
lo0                     up    up
lo0.0                   up    up   inet     9.9.9.1             --> 0/0
                                   inet6    fe80::205:860f:fc71:ea00
lo0.16385               up    up   inet
lsi                     up    up
mtun                    up    up
pimd                    up    up
pime                    up    up
pip0                    up    up
tap                     up    up
vme                     up    down
vtep                    up    up
vtep.32768              up    up

Steps

Bring up full-2qfx-4srv-evpnvxlan topology:

$ cd full-2qfx-4srv-evpnvxlan
$ vagrant up

Expected result

All VMs in topology are running

Actual result

VMs are running, but VM provisioning for PFE instances fails with timeout:

$ vagrant up vqfx1-pfe
Bringing machine 'vqfx1-pfe' up with 'virtualbox' provider...
==> vqfx1-pfe: Importing base box 'juniper/vqfx10k-pfe'...
==> vqfx1-pfe: Matching MAC address for NAT networking...
==> vqfx1-pfe: Checking if box 'juniper/vqfx10k-pfe' is up to date...
==> vqfx1-pfe: Setting the name of the VM: full-2qfx-4srv-evpnvxlan_vqfx1-pfe_1536100593522_60660
==> vqfx1-pfe: Fixed port collision for 22 => 2222. Now on port 2201.
==> vqfx1-pfe: Clearing any previously set network interfaces...
==> vqfx1-pfe: Preparing network interfaces based on configuration...
    vqfx1-pfe: Adapter 1: nat
    vqfx1-pfe: Adapter 2: intnet
==> vqfx1-pfe: Forwarding ports...
    vqfx1-pfe: 22 (guest) => 2201 (host) (adapter 1)
==> vqfx1-pfe: Running 'pre-boot' VM customizations...
==> vqfx1-pfe: Booting VM...
==> vqfx1-pfe: Waiting for machine to boot. This may take a few minutes...
    vqfx1-pfe: SSH address: 127.0.0.1:2201
    vqfx1-pfe: SSH username: vagrant
    vqfx1-pfe: SSH auth method: private key
Timed out while waiting for the machine to boot. This means that
Vagrant was unable to communicate with the guest machine within
the configured ("config.vm.boot_timeout" value) time period.

If you look above, you should be able to see the error(s) that
Vagrant had when attempting to connect to the machine. These errors
are usually good hints as to what may be wrong.

If you're using a custom box, make sure that networking is properly
working and you're able to connect to the machine. It is a common
problem that networking isn't setup properly in these boxes.
Verify that authentication configurations are also setup properly,
as well.

If the box appears to be booting properly, you may want to increase
the timeout ("config.vm.boot_timeout") value.

Environment

Vagrant

$ vagrant --version
Vagrant 2.0.1

Virtualbox

$ VBoxManage --version
5.2.16r123759

port-mirroring

is port-mirroring or analyzer port supported by any means on vQFX?

trunking

Hi everybody !

I made a simple lab based on the full2-qfx. Two VM (vqfx-re) are linked between each other using a bridge aggregation in trunk mode. It seems the problem is related to the trunk (vlan tagging). After a few research I found that the VirtualBox Intel Pro/1000 interface (82540EM) could strip the VLAN tag. So I tried using other kind of interface available (PCnet,..,virtio-net). The problem is that the lab doesn't work at all (link RE - PFE down) if I change the interface type.
So my question is did anyone manage to make trunking work ?

Dimitri

Unable to install

Hi,

I am trying to use the following command :

vagrant box add vagrant_1.8.1_x86_64.deb /home

yet keep getting the following error :

The "metadata.json" file for the box 'vagrant_1.8.1_x86_64.deb' was not found.
Boxes require this file in order for Vagrant to determine the
provider it was made for. If you made the box, please add a
"metadata.json" file to it. If someone else made the box, please
notify the box creator that the box is corrupt. Documentation for
box file format can be found at the URL below:

http://docs.vagrantup.com/v2/boxes/format.html

light-ipfabric-2S-3L example no ansible.conf; therefore, no merging "role/x/defaults" with "host_vars".

ansible.conf is missing with:

[defaults]
hash_behaviour=merge
inventory = .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory

because of that, e.g.: "underlay.network_size" in the underlay_bgp role fails (with 'dict object' has no attribute not found)

Windows deployment failing, can't create /dev/null

Reported by @aburston:

PLAY RECAP *********************************************************************

==> vqfx1: Box 'juniper/vqfx10k-re' could not be found. Attempting to find and install...
    vqfx1: Box Provider: virtualbox
    vqfx1: Box Version: >= 0
==> vqfx1: Loading metadata for box 'juniper/vqfx10k-re'
    vqfx1: URL: https://vagrantcloud.com/juniper/vqfx10k-re
==> vqfx1: Adding box 'juniper/vqfx10k-re' (v0.3.0) for provider: virtualbox
    vqfx1: Downloading: https://vagrantcloud.com/juniper/boxes/vqfx10k-re/versions/0.3.0/providers/virtualbox.box
    vqfx1: Download redirected to host: vagrantcloud-files-production.s3.amazonaws.com
==> vqfx1: Successfully added box 'juniper/vqfx10k-re' (v0.3.0) for 'virtualbox'!
==> vqfx1: Importing base box 'juniper/vqfx10k-re'...
==> vqfx1: Matching MAC address for NAT networking...
==> vqfx1: Checking if box 'juniper/vqfx10k-re' version '0.3.0' is up to date...
==> vqfx1: Setting the name of the VM: full-2qfx-4srv-evpnvxlan_vqfx1_1561717114148_51769
==> vqfx1: Fixed port collision for 22 => 2222. Now on port 2200.
==> vqfx1: Clearing any previously set network interfaces...
==> vqfx1: Preparing network interfaces based on configuration...
    vqfx1: Adapter 1: nat
    vqfx1: Adapter 2: intnet
    vqfx1: Adapter 3: intnet
    vqfx1: Adapter 4: intnet
    vqfx1: Adapter 5: intnet
    vqfx1: Adapter 6: intnet
    vqfx1: Adapter 7: intnet
    vqfx1: Adapter 8: intnet
==> vqfx1: Forwarding ports...
    vqfx1: 22 (guest) => 2200 (host) (adapter 1)
==> vqfx1: Running 'pre-boot' VM customizations...
==> vqfx1: Booting VM...
There was an error while executing `VBoxManage`, a CLI used by Vagrant
for controlling VirtualBox. The command and stderr is shown below.

Command: ["startvm", "b28655db-5373-4d9a-bdc9-c22737e15281", "--type", "headless"]

Stderr: VBoxManage.exe: error: RawFile#0 failed to create the raw output file /dev/null (VERR_PATH_NOT_FOUND)
VBoxManage.exe: error: Details: code E_FAIL (0x80004005), component ConsoleWrap, interface IConsole

root@aburston-P50:/mnt/c/Users/aburston/vqfx10k-vagrant/full-2qfx-4srv-evpnvxlan#

It seems that when following the installation guide for Windows, this failure is taking place.

The logic in the Vagrantfile(s) is intended to direct the output to NUL on Windows, but the Windows detection does not seem to work right when the Windows Subsystem for Linux is in use. Should determine if we really need that.

VQFX10K graceful shutdown

Current image does not support graceful shutdown from vagrant, I must log to all router and proceed to:

request virtual-chassis reactivate

After my host reboot

Referring to vagrant doc about halt

Vagrant must try to submit a shutdown command as a fallback which is currently an unknown command at the junos cli perspective.

Is there a mechanism (like alias) which could let us define the "shutdown" command, it would traduce into a "request system power-off"

Thx

Problem on provisionning

==> srv12: Running provisioner: ansible...
srv12: Running ansible-playbook...
ERROR! no action detected in task. This often indicates a misspelled module name, or incorrect module path.

The error appears to have been in '/home/ralbert/vqfx10k-vagrant/full-2qfx-4srv-evpnvxlan/pb.conf.all.commit.yaml': line 11, column 7, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

  template: src=vqfx.conf.j2 dest=/tmp/{{ inventory_hostname }}.conf
- name: Deploy config to device ... please wait
  ^ here

Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.

404 Error

I may be missing something obvious here, but following instructions in the README seems to result in a 404 error?

[vqfx10k-vagrant] git remote get-url origin                                                                                                                                           22:31:30  ☁  master ☀
https://github.com/Juniper/vqfx10k-vagrant.git
[vqfx10k-vagrant] ls                                                                                                                                                                  22:31:53  ☁  master ☀
INSTALL.md  LICENSE  README.md	TROUBLESHOOTING.md  full-1qfx  full-1qfx-1srv  full-2qfx  full-2qfx-4srv-evpnvxlan  full-4qfx  light-1qfx  light-2qfx  light-2qfx-2srv	light-ipfabric-2S-3L
[vqfx10k-vagrant] cd light-1qfx                                                                                                                                                       22:31:57  ☁  master ☀
[light-1qfx] vagrant up                                                                                                                                                               22:32:05  ☁  master ☀
Bringing machine 'vqfx' up with 'virtualbox' provider...
==> vqfx: Box 'juniper/vqfx10k-re' could not be found. Attempting to find and install...
    vqfx: Box Provider: virtualbox
    vqfx: Box Version: >= 0
The box 'juniper/vqfx10k-re' could not be found or
could not be accessed in the remote catalog. If this is a private
box on HashiCorp's Atlas, please verify you're logged in via
`vagrant login`. Also, please double-check the name. The expanded
URL and error message are shown below:

URL: ["https://atlas.hashicorp.com/juniper/vqfx10k-re"]
Error: The requested URL returned error: 404 Not Found

Updated install instructions

Since the images are on Vagrant cloud / Atlas, the install instructions should be updated

seems not compatible with new Ansible version(2.4.3.0)

josephl-mbp:light-ipfabric-2S-3L josephl$ vagrant up
Bringing machine 'spine1' up with 'virtualbox' provider...
Bringing machine 'spine2' up with 'virtualbox' provider...
Bringing machine 'leaf1' up with 'virtualbox' provider...
Bringing machine 'srv1' up with 'virtualbox' provider...
Bringing machine 'leaf2' up with 'virtualbox' provider...
Bringing machine 'srv2' up with 'virtualbox' provider...
Bringing machine 'leaf3' up with 'virtualbox' provider...
Bringing machine 'srv3' up with 'virtualbox' provider...
==> spine1: Checking if box 'juniper/vqfx10k-re' is up to date...
==> spine1: Machine already provisioned. Run vagrant provision or use the --provision
==> spine1: flag to force provisioning. Provisioners marked to run always will still run.
==> spine2: Checking if box 'juniper/vqfx10k-re' is up to date...
==> spine2: Machine already provisioned. Run vagrant provision or use the --provision
==> spine2: flag to force provisioning. Provisioners marked to run always will still run.
==> leaf1: Checking if box 'juniper/vqfx10k-re' is up to date...
==> leaf1: Machine already provisioned. Run vagrant provision or use the --provision
==> leaf1: flag to force provisioning. Provisioners marked to run always will still run.
==> srv1: Checking if box 'robwc/minitrusty64' is up to date...
==> srv1: Clearing any previously set forwarded ports...
==> srv1: Fixed port collision for 22 => 2222. Now on port 2202.
==> srv1: Clearing any previously set network interfaces...
==> srv1: Preparing network interfaces based on configuration...
srv1: Adapter 1: nat
srv1: Adapter 2: intnet
==> srv1: Forwarding ports...
srv1: 22 (guest) => 2202 (host) (adapter 1)
==> srv1: Running 'pre-boot' VM customizations...
==> srv1: Booting VM...
==> srv1: Waiting for machine to boot. This may take a few minutes...
srv1: SSH address: 127.0.0.1:2202
srv1: SSH username: vagrant
srv1: SSH auth method: private key
==> srv1: Machine booted and ready!
==> srv1: Checking for guest additions in VM...
srv1: The guest additions on this VM do not match the installed version of
srv1: VirtualBox! In most cases this is fine, but in rare cases it can
srv1: prevent things such as shared folders from working properly. If you see
srv1: shared folder errors, please make sure the guest additions within the
srv1: virtual machine match the version of VirtualBox you have installed on
srv1: your host and reload your VM.
srv1:
srv1: Guest Additions Version: 4.3.10
srv1: VirtualBox Version: 5.2
==> srv1: Setting hostname...
==> srv1: Configuring and enabling network interfaces...
==> srv1: Running provisioner: ansible...
Vagrant has automatically selected the compatibility mode '2.0'. <<<<<<<<<<<<<<<<<<<<<<
according to the Ansible version installed (2.4.3.0). <<<<<<<<<<<<<<<<<<<<<<

Alternatively, the compatibility mode can be specified in your Vagrantfile:
https://www.vagrantup.com/docs/provisioning/ansible_common.html#compatibility_mode

srv1: Running ansible-playbook...

[WARNING]: Unable to set correct type for configuration entry:
DEFAULT_LOCAL_TMP

[DEPRECATION WARNING]: 'include' for playbook includes. You should use
'import_playbook' instead. This feature will be removed in version 2.8.
Deprecation warnings can be disabled by setting deprecation_warnings=False in
ansible.cfg.
ERROR! the role 'Juniper.junos' was not found in /Users/josephl/vqfx-demo/vqfx10k-vagrant/light-ipfabric-2S-3L/roles:/Users/josephl/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:/Users/josephl/vqfx-demo/vqfx10k-vagrant/light-ipfabric-2S-3L/roles:/Users/josephl/vqfx-demo/vqfx10k-vagrant/light-ipfabric-2S-3L

The error appears to have been in '/Users/josephl/vqfx-demo/vqfx10k-vagrant/light-ipfabric-2S-3L/roles/vagrant-base/meta/main.yaml': line 10, column 6, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

dependencies:

{ role: Juniper.junos }
^ here

Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.

vQFX 19.4R1 Installation in ESXi 6.x ans MacBook Pro

Hy All,

Please help me to install Juniper vQFX 19.4R1 in ESXi 6.x in VMware Fusion in MacBook Pro!

I have install vQFX 18.1R1.9 and I can not open it. Full details about my installation including installation problems are here:
http://tech.silvique.ro/2020/03/17/2020-03-17-deploying-vqfx-8-1r1-9-on-vmware-esxi-6-7-update-3/

Please help me!

vQFX on esxi / em0 watchdog timeout --resetting

RE can't talk to PFE and throwing errors, watchdog timeout

vQFX Deployment model:

vnic0----VM1---vnic1-----management
| |
vnic0----VM2---vnic1

(vnic0 short to vnic0 and vnic1 to vnic1)

I can ssh to VMs but RE can't see PFE
root@vQFX1> show chassis fpc 0
Temp CPU Utilization (%) CPU Utilization (%) Memory Utilization (%)
Slot State (C) Total Interrupt 1min 5min 15min DRAM (MB) Heap Buffer
0 Empty

{master:0}
root@vQFX1>

Both VM has 4 cores and 10GB RAM, OS as linux 64

Followed the instructions as per the link
http://junosandme.over-blog.com/2016/12/running-vqfx-10k-on-esxi.html

Also tried the em0 as management and em1 as internal communication but no luck

Any idea what did I miss?

Thanks
Syed Obaidullah

ping/traceroute overlay does not work in full-2qfx-4srv-evpnvxlan environment

After running vagrant up and provisioning succeeds vxlan is working (hosts can ping each other) and basic tools work as can be witnessed here

vagrant@vqfx1> show ethernet-switching vxlan-tunnel-end-point remote    
Logical System Name       Id  SVTEP-IP         IFL   L3-Idx
<default>                 0   9.9.9.1          lo0.0    0  
 RVTEP-IP         IFL-Idx   NH-Id
 9.9.9.2          568       1733     
    VNID          MC-Group-IP      
    20000         0.0.0.0         
    10000         0.0.0.0         

{master:0}
vagrant@vqfx1> show ethernet-switching vxlan-tunnel-end-point source    
Logical System Name       Id  SVTEP-IP         IFL   L3-Idx
<default>                 0   9.9.9.1          lo0.0    0  
    L2-RTT                   Bridge Domain              VNID     MC-Group-IP
    default-switch           servers100+100             10000    0.0.0.0        
    default-switch           servers200+200             20000    0.0.0.0        

{master:0}
vagrant@vqfx1>

How ever ping overlay[1] does not work

vagrant@vqfx1> ping overlay tunnel-src 9.9.9.1 tunnel-dst 9.9.9.2 vni 10000    

ping-overlay protocol vxlan 

        vni 10000
        tunnel src ip 9.9.9.1 
        tunnel dst ip 9.9.9.2
        mac address 00:00:00:00:00:00 
        count 5 
        ttl 255

        WARNING: following hash-parameters are missing - 
                hash computation may not succeed

                end-host smac
                end-host dmac
                end-host src ip
                end-host dst ip
                end-host input-ifd-idx
                end-host protocol
                end-host l4-src-port
                end-host l4-dst-port

Request for seq 1, to 9.9.9.2, at Jun 27 2017 13:53:41.450 UTC

Request for seq 2, to 9.9.9.2, at Jun 27 2017 13:53:43.451 UTC

Request for seq 3, to 9.9.9.2, at Jun 27 2017 13:53:45.452 UTC

Request for seq 4, to 9.9.9.2, at Jun 27 2017 13:53:47.452 UTC

Request for seq 5, to 9.9.9.2, at Jun 27 2017 13:53:49.453 UTC

{master:0}
vagrant@vqfx1>

Same happens to traceroute overlay

[1] https://www.juniper.net/documentation/en_US/junos/topics/reference/command-summary/ping-overlay.html

QFX10K vagrant chassis description is incorrect

show chassis output description indicates "QFX3500" hardware instead of QFX10K

vagrant@vqfx-re> show chassis hardware
Hardware inventory:
Item Version Part number Serial number Description
Chassis 70757136154 QFX3500
{master:0}
vagrant@vqfx-re>

[ERROR]: failed to download the file: Failed to validate the SSL certificate for github.com:443.

####################################

sudo ansible-galaxy install Juniper.junos

####################################

josephl-mbp:~ josephl$ sudo ansible-galaxy install Juniper.junos
Password:

downloading role 'junos', owned by Juniper
downloading role from https://github.com/Juniper/ansible-junos-stdlib/archive/2.0.2.tar.gz
[ERROR]: failed to download the file: Failed to validate the SSL certificate
for github.com:443. Make sure your managed systems have a valid CA certificate
installed. You can use validate_certs=False if you do not need to confirm the
servers identity but this is unsafe and not recommended. Paths checked for this
platform: /etc/ssl/certs, /etc/ansible, /usr/local/etc/openssl. The exception
msg was: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version
(_ssl.c:590).

[WARNING]: - Juniper.junos was NOT installed successfully.

ERROR! - you can use --ignore-errors to skip failed roles and finish processing the list.
josephl-mbp:~ josephl$ python3 -c "import ssl; print(ssl.OPENSSL_VERSION)"
OpenSSL 1.0.2n 7 Dec 2017

[josephl-mbp:~ josephl$ python --version
Python 2.7.10

Update boxes to 64 bit

From what I could see all the boxes are 32bit versions and those wont boot on VirtualBox 6 since 32bit hosts has been discontinued in 6.0.

I hope that the boxes will be updated to 64bit, I was under the impression that most Juniper devices are in fact running 64 bit now a days anyway... or at least that the documentation wrt installation will mention that you need to run older 5.2 version of VB.
Thanks!

Ansible playbook: ModuleNotFoundError: No module named 'jnpr'

Hello,

I am getting error message "ModuleNotFoundError: No module named 'jnpr'". I am able to run first task to check the NETCONF connectivity to the lab device.

This how my environment is setup: Windows11-wsl2:Ubuntu20.04, python3.8-full Virtual environment, within this venv installed ansible, Junos-pync, Jxmlease, xmltodict.

(myansible) student@DESKTOP-VF2VLG4:~$ ansible-playbook -i configuration/hosts Interface_desc_update.yml

PLAY [Load and commit Junos configurations] ****************************************************************************************************************

TASK [Verify NETCONF connectivity] *************************************************************************************************************************
ok: [xxx.xxx.xxx.xxx]

TASK [Load and commit the configurations] ******************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ModuleNotFoundError: No module named 'jnpr'
fatal: [xxx.xxx.xxx.xxx]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File "/home/student/.ansible/tmp/ansible-tmp-1712339458.1710489-1769-257087027421743/AnsiballZ_config.py", line 107, in \n _ansiballz_main()\n File "/home/student/.ansible/tmp/ansible-tmp-1712339458.1710489-1769-257087027421743/AnsiballZ_config.py", line 99, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File "/home/student/.ansible/tmp/ansible-tmp-1712339458.1710489-1769-257087027421743/AnsiballZ_config.py", line 47, in invoke_module\n runpy.run_module(mod_name='ansible_collections.juniper.device.plugins.modules.config', init_globals=dict(_module_fqn='ansible_collections.juniper.device.plugins.modules.config', _modlib_path=modlib_path),\n File "/usr/lib/python3.8/runpy.py", line 207, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File "/usr/lib/python3.8/runpy.py", line 97, in _run_module_code\n run_code(code, mod_globals, init_globals,\n File "/usr/lib/python3.8/runpy.py", line 87, in run_code\n exec(code, run_globals)\n File "/tmp/ansible_juniper.device.config_payload_vpwou34/ansible_juniper.device.config_payload.zip/ansible_collections/juniper/device/plugins/modules/config.py", line 828, in \n File "", line 259, in load_module\n File "/tmp/ansible_juniper.device.config_payload_vpwou34/ansible_juniper.device.config_payload.zip/ansible_collections/juniper/device/plugins/module_utils/juniper_junos_common.py", line 42, in \nModuleNotFoundError: No module named 'jnpr'\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

PLAY RECAP *************************************************************************************************************************************************
xxx.xxx.xxx.xxx : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0

(myansible) student@DESKTOP-VF2VLG4:~$ python3
Python 3.8.10 (default, Nov 22 2023, 10:22:35)
[GCC 9.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.

import jnpr.junos
jnpr.junos.version
'2.7.0'

Thank you in advance for looking into this.

Amrish Patel

Jumbo frames

It seems that vqfx (latest version) currently has issues w/ Jumbo Frames. Although the configuration is accepted, receiving traffic is dropped. I'm using full-2qfx topology with folowing xe-0/0/0 config:

vagrant@vqfx1> show configuration interfaces xe-0/0/0  
mtu 4484;
unit 0 {
    family inet {
        mtu 4470;
        address 192.168.1.1/24;
    }
}

Pinging from vqfx1 to vqfx2 gives no response:

vagrant@vqfx1> ping 192.168.1.2 size 2000                
PING 192.168.1.2 (192.168.1.2): 2000 data bytes
^C
--- 192.168.1.2 ping statistics ---
57 packets transmitted, 0 packets received, 100% packet loss

{master:0}

monitor traffic interface on sending host shows outgoing packets but on receiving (vqfx2) side there no traffic...

Avoiding Windows

What is the reason for avoiding Windows hosts, such as in https://github.com/Juniper/vqfx10k-vagrant/blob/master/full-2qfx-4srv-evpnvxlan/Vagrantfile#L115 ?

The error appears to be in pb.conf.all.commit.yaml

Getting this issue with vagrant up on light-2qfx.

Ansible version

ansible --version
ansible 2.10.4
  config file = /Users/arazmj/images/vqfx10k-vagrant/light-2qfx/ansible.cfg
  configured module search path = ['/Users/arazmj/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /Users/arazmj/Library/Python/3.9/lib/python/site-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 3.9.0 (default, Dec  6 2020, 18:02:34) [Clang 12.0.0 (clang-1200.0.32.27)]

Darwin 19.6.0 Darwin Kernel Version 19.6.0: Thu Oct 29 22:56:45 PDT 2020; root:xnu-6153.141.2.2~1/RELEASE_X86_64 x86_64

Vagrant output

[DEPRECATION WARNING]: DEFAULT_HASH_BEHAVIOUR option, this feature is fragile 
and not portable, leading to continual confusion and misuse, use the 
``combine`` filter explicitly instead. This feature will be removed from 
ansible-base in version 2.13. Deprecation warnings can be disabled by setting 
deprecation_warnings=False in ansible.cfg.
ERROR! the role 'Juniper.junos' was not found in /Users/arazmj/images/vqfx10k-vagrant/light-2qfx/roles:/Users/arazmj/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:/Users/arazmj/images/vqfx10k-vagrant/light-2qfx

The error appears to be in '/Users/arazmj/images/vqfx10k-vagrant/light-2qfx/pb.conf.all.commit.yaml': line 7, column 7, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

  roles:
    - Juniper.junos
      ^ here
Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.

Using VirtualBox as provider

VBoxManage -v
6.1.16r140961

box file do not have version number included

When doing vagrant box list, all vagrant box are showing a version of 0,

dgarros-mbp:~ dgarros$ vagrant box list 
juniper/vqfx10k-pfe (virtualbox, 0)
juniper/vqfx10k-re  (virtualbox, 0)

Will be useful to add a version number to track which box is currently installed

Box for Vmware

Any chance Juniper could create official Vagrant box of vQFX for Vmware (Workstation)? I mean if it could be done for vSRX box, why not vQFX?

Unable to install Salt native minion on vQFX: malformed package

Salt has recently open-sourced their Junos native minion (https://saltstack.gitlab.io/open/docs/salt-install-guide/topics/install/native/juniper.html) but it does not install on vQFX10k running 20.2R1.10:

root@vqfx-re> request system software add /var/tmp/salt-junos-x86-64-20201026-235317.tgz                      
malformed package: /var/tmp/salt-junos-x86-64-20201026-235317.tgz

{master:0}

root@vqfx-re> show log messages | match mgd 
Jun  2 18:26:35  vqfx-re mgd[3217]: /usr/libexec/ui/package -X update /var/tmp/salt-junos-x86-64-20201026-235317.tgz
Jun  2 18:26:40  vqfx-re mgd[3217]: UI_CHILD_EXITED: Child exited: PID 4404, status 9, command '/usr/libexec/ui/package'

For comparison, it runs just fine on an MX204 running 18.3R1.9:

root@mx204# run request system software add /var/tmp/salt-junos-x86-64-20201026-235317.tgz 
Verified salt-junos-x86-64-20201026-235317 signed by saltstack-packaging-commercial-1 method RSA2048+SHA1
Backing up salt-junos to /config/SaltBackup/salt-junos.tgz
Removing old /var/db/scripts/commit/salt.slax
Copying /packages/mnt/salt-junos/var/db/scripts/commit/salt.slax to /var/db/scripts/commit/salt.slax
Removing old /var/db/scripts/op/salt_dualrengine.slax
Copying /packages/mnt/salt-junos/var/db/scripts/op/salt_dualrengine.slax to /var/db/scripts/op/salt_dualrengine.slax
Removing old /var/db/scripts/event/salt_event.py
Copying /packages/mnt/salt-junos/var/db/scripts/event/salt_event.py to /var/db/scripts/event/salt_event.py
Removing old /var/db/scripts/event/salt_log.slax
Copying /packages/mnt/salt-junos/var/db/scripts/event/salt_log.slax to /var/db/scripts/event/salt_log.slax
root@mx204> edit
Entering configuration mode

[edit]
root@mx204# set system scripts op file salt_dualrengine.slax

[edit]
root@mx204# commit
commit complete

[edit]
root@mx204# exit
Exiting configuration mode

root@mx204>
root@mx204> edit
Entering configuration mode

[edit]
root@mx204# set system login user saltstack uid 2001

[edit]
root@mx204# set system login user saltstack class super-user

[edit]
root@mx204# set system login user saltstack authentication encrypted-password "salt@123"

[edit]
root@mx204# set system scripts commit file salt.slax

[edit]
root@mx204# set system scripts language python

[edit]
root@mx204# set event-options generate-event E1 time-interval 60

[edit]
root@mx204# set event-options policy SALT_POLICY events E1

[edit]
root@mx204# set event-options policy SALT_POLICY then event-script salt_event.py

[edit]
root@mx204# set event-options event-script file salt_event.py python-script-user saltstack

[edit]
root@mx204# deactivate event-options policy SALT_POLICY

[edit]
root@mx204# set event-options policy SALT_LOG_POLICY events SALT_LOG_ROTATE

[edit]
root@mx204# set event-options policy SALT_LOG_POLICY then event-script salt_log.slax

[edit]
root@mx204# set event-options event-script file salt_log.slax

[edit]
root@mx204# set event-options generate-event SALT_LOG_ROTATE time-interval 180

[edit]
root@mx204# commit
commit complete

Ansible ImportError: No module named jnpr.junos

Hi,

I am having an issue with the Ansible portion, where it complains about hte jnpr.junos module. However, when doing a test straight from Python, the module can be accessed properly:

$ python
Python 2.7.10 (default, Jul 13 2015, 12:05:58)
[GCC 4.2.1 Compatible Apple LLVM 6.1.0 (clang-602.0.53)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import jnpr.junos
>>> jnpr.junos._version_
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
AttributeError: 'module' object has no attribute '_version_'
>>> jnpr.junos.__version__
'2.0.1'

The Juniper.junos module for Ansible is also currently installed:

 sudo ansible-galaxy list
- Juniper.junos, 1.4.0

This is on a Mac OS X installation, with the following versions installed:

Ansible 2.1.1.0
Vagrant 1.8.5
VirtualBox 5.0.26r108824
vqfx10k-pfe-virtualbox-20160609.box
vqfx10k-re-virtualbox-15.1X53-D60.box

Might just very well be configuration related, but the VMs come up properly, yet I just cannot use the Ansible modules as they are called from the Vagrant File/current roles. Any help would be appreciated.

Thanks!