EngDev

Configure security policies with Nornir 

11-04-2021 13:23

Overview

This example will show how to configure security policies on Juniper's SRX firewalls with Nornir

In addition to the Python script, this project also ships with additional tools to help you along your way. You will find a Dockerfile for running the project in an isolated environment, and an Invoke tasks.py file for those of us that hate typing out everything all the time.

 How it works

Configuration parameters are stored as YAML, then ran through a Jinja2 template to produce the device's configuration. The is then pushed to the device using the NETCONF API on board.

Let's take a second to review the documentation in the files/docs/ directory.

Name Description
addressbook.j2 Jinja2 template for address books
app.py Execute our script with nornir
config.yaml Nornir's configuration file
defaults.yaml Nornir's default variables file
groups.yaml Where we store our goodies
inventory.yaml Our inventory file
nornir.log Nornir's logging file
policies.j2 Jinja2 template for security policies

 Dependencies

Refer to the Poetry Lock file located at poetry.lock for detailed descriptions on each package installed.

 Executing the script

This project provides two unique methods of executing the playbook:

Name Description
Docker Executing with Docker
Python Executing with Python

Statistics
0 Favorited
3 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.