Junos OS

 View Only
last person joined: yesterday 

Ask questions and share experiences about Junos OS.

ZTP on EX4550-32f 15.1R7-S13 fails to execute shell script

  • 1.  ZTP on EX4550-32f 15.1R7-S13 fails to execute shell script

    Posted 03-28-2023 16:36
    Edited by Michael Pappas 03-30-2023 13:47
    I am working on automation of Zero Touch Provisioning for Juniper devices. We have in our lab EX4550-32F switch with software version 15.1R7-S13, which is used for my tests and development. My task is adopt previously developed ZTP automation script to Juniper device.
    As it is described in the Junos® OS Software Installation and Upgrade Guide the ZTP process supports Shell scripts (/bin/sh) on all the devices. That is the feature that automation process relies on. But in my multiple tests and later by analyzing Junos utility script (image_load), which is invoked by the ZTP process, I found that it expects only boot image file and/or device configuration, which are supplied by DHCP server. Meaning the script option is not considered and therefore the automation process is not possible.
    Additional log information from the device (no sign of script execution or failure):

    root@:RE:0% find / -name test-juniper-script

    /var/tmp/test-juniper-script

    /packages/mnt/jweb-ex-15.1R7.9/jail/var/tmp/uploads/test-juniper-script

    root@:RE:0% /var/tmp/test-juniper-script

    /var/tmp/test-juniper-script: Authentication error.

    root@:RE:0% sh /var/tmp/test-juniper-script

    ###############

    Runnning test-junos-script Shell script on Junos device

    ###############

    root@:RE:0% ls -l /var/tmp/test-juniper-script

    -rw-r--r--  1 root  field  404 Jun 22 18:34 /var/tmp/test-juniper-script

    root@:RE:0% cd /var/log

    root@:RE:0% grep -n "test-juniper-script" *

    dhcp_logfile:361:Jun 22 18:34:28 AIU: Config Filename is test-juniper-script

    dhcp_logfile:380:Jun 22 18:34:28 AIU: Config Filename is test-juniper-script

    dhcp_logfile:431:Jun 22 18:34:36 AIU: spawn : /bin/sh /usr/sbin/image_load -G 172.22.143.63 -I vme -O install_reboot -D /var/tmp  -C test-juniper-script -F jinstall-ex-4500-15.1R7.9-domestic-signed.tgz -T http

    image_load_log:2:[Wed Jun 22 18:34:36 UTC 2022] /usr/sbin/image_load -G 172.22.143.63 -I vme -O install_reboot -D /var/tmp -C test-juniper-script -F jinstall-ex-4500-15.1R7.9-domestic-signed.tgz -T http

    image_load_log:4:[Wed Jun 22 18:34:46 UTC 2022] fetch http://172.22.143.63/test-juniper-script

    image_load_log:5:[Wed Jun 22 18:34:46 UTC 2022] test-juniper-script                                    369 kB  369 kBps

    messages:384:Jun 22 18:34:36   image_load[1854]: /usr/sbin/image_load -G 172.22.143.63 -I vme -O install_reboot -D /var/tmp -C test-juniper-script -F jinstall-ex-4500-15.1R7.9-domestic-signed.tgz -T http

    messages:393:Jun 22 18:34:46  LX0213481837 image_load[1854]: fetch http://172.22.143.63/test-juniper-script

    messages:394:Jun 22 18:34:46  LX0213481837 image_load[1854]: test-juniper-script                                    369 kB  369 kBps

    messages:420:Jun 22 18:36:46  LX0213481837 /kernel: veriexec: no signatures for device. file='/var/tmp/test-juniper-script' fsid=67 fileid=4 gen=328216438 uid=0 pid=2701

    root@:RE:0% cat image_load_log

    [Wed Jun 22 18:34:36 UTC 2022] Creating /var/run/image_load.pid with 1854

    [Wed Jun 22 18:34:36 UTC 2022] /usr/sbin/image_load -G 172.22.143.63 -I vme -O install_reboot -D /var/tmp -C test-juniper-script -F jinstall-ex-4500-15.1R7.9-domestic-signed.tgz -T http

    [Wed Jun 22 18:34:44 UTC 2022] Directory to store image is valid /var/tmp

    [Wed Jun 22 18:34:46 UTC 2022] fetch http://172.22.143.63/test-juniper-script

    [Wed Jun 22 18:34:46 UTC 2022] test-juniper-script                                    369 kB  369 kBps

    [Wed Jun 22 18:34:46 UTC 2022] File fetch done.

    [Wed Jun 22 18:34:46 UTC 2022] fetch http://172.22.143.63/jinstall-ex-4500-15.1R7.9-domestic-signed.tgz

    [Wed Jun 22 18:35:18 UTC 2022] jinstall-ex-4500-15.1R7.9-domestic-signed.tgz         4193 kB 4193 kBps

    [Wed Jun 22 18:35:18 UTC 2022] File fetch done.

    [Wed Jun 22 18:35:32 UTC 2022] /var/tmp/jinstall-ex-4500-15.1R7.9-domestic-signed.tgz is version 15.1R7.9.

    [Wed Jun 22 18:35:32 UTC 2022] This version is already installed.

    [Wed Jun 22 18:35:32 UTC 2022] Aborting install.

    [Wed Jun 22 18:35:32 UTC 2022] Removing /var/tmp/jinstall-ex-4500-15.1R7.9-domestic-signed.tgz

    [Wed Jun 22 18:35:32 UTC 2022] jinstall-ex-4500-15.1R7.9-domestic-signed.tgz not installed, committing config

    [Wed Jun 22 18:35:32 UTC 2022] /usr/sbin/cli op url /usr/sbin/commit-config.slax config_file /config/auto_image_upgrade.conf action override

    [Wed Jun 22 18:35:47 UTC 2022] Removing /var/run/image_load.pid

    root@:RE:0% 

     
    My questions: 
    1. Am I missing something and software version 15.1R7-S13 is sufficient to run ZTP scripts? If yes, what options must be supplied from DHCP?
    2. What Junos software version should be installed to support shell scripts in ES switch?
    3. What Junos software version should be installed to support Python scripts in ES switch? 

    Thank you



    ------------------------------
    Yan Gorelik
    ------------------------------