How to upgrade JunOS remotely via NETCONF

In this post I would like to explain how to upgrade JunOS on a router remotely. Imagine that you have dozens of routers and you would like to script it somehow. Below is a script I have written in python. I must say that it really took me some time to comprehend paramiko API but finally I wrote one which does really work. As you might have known, NETCONF is a fantastic protocol by which you can send RPC calls to remote devices. This script opens a netconf channel and sends these command inside this channel.

By using the predefined connection parameters, script opens the netconf channel and sends the command in variable SOFT_ADD which orders the device to fetch the software from JUNOS_URL and then upgrade it.

 

Lets see this script in action; (because it is still a primitive one expect some errors in output but it does the job)

Isn’t it cool? You can include multiple routers to ease upgrade operations or anything you want. If you want to do more, you can check paramiko API along with RPC call documentation to extend your scripts and do more stuff with it.

After I have written this post I have noticed that I forgot to mention to enable netconf protocol in JunOS. Here is the command;

12 thoughts on “How to upgrade JunOS remotely via NETCONF

  1. Carl Moberg

    Hi,

    Check out NCClient, a NETCONF client written in Juniper that, among many other things, hides some of the SSH details of paramiko under a easy-to-use API. Should work very well for the type of tasks you’re looking at.

    Reply
  2. rtoodtoo Post author

    Hi Carl,
    I had taken a look at this client some time ago. To be honest, I am studying python nowadays so I prefer to do the things a bit harder way due to that but I will look into it once again. Thanks for your comment.

    Reply
  3. Charles Port

    Very helpful — I found that terminating the script works better using this stragety:

    #Recieve data returned
    data = ch.recv(2048)
    while data:
    data = ch.recv(1024)
    print data,
    if data.find(”) != -1:
    #We have reached the end of reply
    ch.send(CLOSE)

    Thanks for posting this!

    Reply
    1. rtoodtoo Post author

      According to paramiko manual it is necessary indeed. If you think it isn’t, I would be happy to hear the reason.

      Reply
  4. sioduy

    hi,

    I’m newbie in python
    what script should be added, so it support for multiple router

    thanks

    Reply
    1. rtoodtoo Post author

      You don’t even have to use python to run through multiple routers. You can write a simple bash script which reads a file containing IP addresses and you can pass the argument to this script. It needs a bit modification though.

      Reply

You have a feedback?