Aeons ZTPs

Aeon-ZTPS Documentation
Release 1.5.4
Apstra Customer Enablment Team
Mar 26, 2018

Contents
1 Getting Started Guide 3

1.1 General Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2 Aeon-ZTPS Setup Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.3 Aeon-ZTP Directories and Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.4 NOS Boot and Model-Specific Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.5 Vendor Image Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.6 Group-Policy ZTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2 Installation Guide 9
2.1 Install Setup Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.2 Install via Vagrant . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2.3 Install via Ansible Playbook . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.4 Configure DHCP Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.5 Enable DHCP Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3 Operations Guide 13
3.1 Device Tracking Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.2 Device Progress States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.3 The WebGUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.4 REST/JSON API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.5 Log Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
3.6 Maintenance Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
4 Cumulus Setup Guide 19

4.1 Device-ZTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
4.2 Remote-Bootstrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
5 Arista EOS Setup Guide 21

5.1 Device-ZTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
6 Cisco NX-OS Setup Guide 23

6.1 Device-ZTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
7 Indices and tables 25
i
ii
Aeon-ZTPS Documentation, Release 1.5.4
Aeon-ZTPS is a universal Zero-Touch-Provisioning server for data center infrastructure systems. Aeon-ZTPS was
developed specifically to address the need for network engineers to bootstrap their data center switches without having
to deal with the differences in the underlying NOS mechanisms.
Aeon-ZTPS runs as an Ubuntu 16.04LTS server using the Flask framework and a simple SQLite database. Aeon-ZTPS
provides both a REST/JSON API and a GUI. Aeon-ZTPS can optionally provide the DHCP service (included, but not
enabled by default).
Contents:
Contents 1
2 Contents
CHAPTER 1
Getting Started Guide
This document provides all of the instructions to help you get started setting up your Aeon-ZTP server to operate in
your environment. A setup checklist is provided in this document to assist in this process.
• General Overview
• Aeon-ZTPS Setup Checklist
• Aeon-ZTP Directories and Files
• NOS Boot and Model-Specific Configurations
• Vendor Image Files
• Group-Policy ZTP
General Overview
The purpose of the Aeon-ZTP framework is to provide a “universal” approach to bootstrapping your network devices
and deploying them into your known good state. While each vendor/NOS has a unique and specific mechanism for
doing a ZTP process, they are different enough to make it very difficult for a network team to handle a multi-vendor
network. Aeon-ZTP takes the following approach - In the context of the initial on-box NOS bootup process do the
minimal setup to enable remote management, and defer all of the complex bootstrapping to be done by the Aeon-ZTP
server once a remote-connection back to the device is established.
This approach leads to a three-stage design:
Device-ZTP: Begins execution on the device when the device boot-ups for the first time and starts the
device specific ZTP process. A ZTP bootscript is downloaded and executed on the device. This script
will configure the device for remote management by Aeon-ZTP, and signals Aeon-ZTP to start remote-
bootstrapping. As part of the device-ZTP process, the device may or may not automatically reboot.
Remote-Bootstrap: Aeon-ZTP runs a per-device background process to remotely bootstrap the device.
This process allows you to identify the specific NOS version that the device must run - and install it if it
is not running it. Additionally this process allows you to push basic / static configuration based on the
device model. At the conclusion of this stage, the device is considered to be in an initial “known good
state” per your intent of NOS version and basic configuration.
Finally-Provision: Aeon-ZTP optionally runs a finally script that allows you to perform any further
configuration and or installation process. The Aeon-ZTP framework is designed such that you can have
different finally scripts for different group-policy and NOS environments.
3
An illustration of these stages:
Aeon-ZTPS Setup Checklist
This section provides you a task checklist that you need to complete before using the Aeon-ZTP system. Each of these
tasks are further explain later in the document, as referred to by the section reference link
Copy your vendor NOS image file(s) into the vendor_images subdirectory. See section Vendor
Image Files for details.
Setup the Aeon-ZTP control files to indicate which version of NOS you want loaded. See section Group-
Policy ZTP for details.
Setup the NOS+model specific basic configuration files you want Aeon-ZTP to automatically install.
See NOS Boot and Model-Specific Configurations for details.
Copy your finally provisioner scripts into the profiles subdirectory. Any files used by this script
should either be copied into the downloads directory or the vendor_images directory
4 Chapter 1. Getting Started Guide

Aeon-ZTP Directories and Files
The Aeon-ZTP files that you will need to understand are found under /opt/aeonztps/. You will need to setup
contents in the following subdirectories.
vendor_images Contain the vendor/NOS binary files, and any other files provided by the NOS ven-
dor, e.g. rpms, debs, etc. You will need to place these files onto the Aeon-ZTPs
downloads Contains files that you want to download as part of your “finally” script processing. You
would put anything you want to download that is not from your vendor/NOS here
etc\profiles Contains the group-policy definitions. Currently only default is implemented. Future
versions of Aeon-ZTPS will support multiple group-policy definitions.
etc\configs Contains the group-policy NOS configuration files.
The following directories exist within the Aeon-ZTPS framework, but you should not need to make modifications:
webapp Contains the actual Aeon-ZTP web application.
bin Contains programs that are used by the Aeon-ZTP framework
run Contains runtime files created / managed by the Aeon-ZTP framework. For example the database
that stores state information
tftpboot Contains files that need to be provided to the devices via TFTP
Finally, if you have setup the Aeon-ZTPS to also provide DHCP service, the ISC-DHCP-Server is used. The configu-
raiton file is located in /etc/dhcp/dhcpd.conf
NOS Boot and Model-Specific Configurations
Stages: Device-ZTP, Remote-Bootstrap

The directory /opt/aeonztps/etc/configs/<NOS> contains the specific vendor NOS files used by the Aeon-
ZTP framework. The following is a tree listing of files:
admin@aeon-ztps:/opt/aeonztps/etc/configs$ tree
.
-- eos
| -- all.conf
| -- eos-boot.conf
-- nxos
-- all.conf
-- N3K-C3164PQ.conf
-- N3K-C3164Q-40GE.conf
-- N9K-C9332PQ.conf
-- N9K-C9372PX.conf
-- N9K-C9396PX.conf
-- N9K-NXOSV.conf
-- nxos-boot.conf
These files are installed on the device in two stages:

Device-ZTP: <NOS>-boot.conf file. This file is loaded during the initial stage of the NOS ZTP
process, i.e. when the device is executing it’s ZTP mechanism. The primary purpose is to enable remote
management of the device for Aeon-ZTP remote-bootstrap processing. For specific NOS details, refer to
the specific NOS getting started guide, for example, Arista EOS Setup Guide.
1.3. Aeon-ZTP Directories and Files 5

Remote-Bootstrap: All other files are loaded when the Aeon-ZTP makes a remote connection back to
the device. The Aeon-ZTP framework will push two configuration files, the first all.conf, and the second
is <hw-model>.conf.
You can modify any of these files, as well as create additional model specific files. Again, refer to the specific NOS
getting started guide for any specific requirements / limitation details.
Vendor Image Files
Stages: Remote-Bootstrap
The /opt/aeonztps/vendor_images/<NOS> directory must contain the files you get from your NOS vendor
(e.g.Cisco, Arista, etc.). For example, if you want to use the Arista EOS image “EOS-4.15.1F.swi” and you also plan
to use the EOS SDK, then your directory would look like:
vendor_images/
-- eos
-- EOS-4.15.1F.swi
-- EosSdk-1.6.0-4.15.0F.i686.rpm
The mechanism to instruct Aeon-ZTP to load a specific version file is explained in the next section.
Group-Policy ZTP
Stages: Remote-Bootstrap, Finally-Provision

The directory /opt/aeonztps/etc/profiles contains a subdirectory for each policy group. The purpose of
the group-policy is to instruct the Aeon-ZTP framework what to do on a per-NOS, per-model basis.
There are two basic instructions you can provide the framework:
1. Identify which NOS version needs to be installed on the device, and
2. Optionally provide a “finally” script that the framework will execute once the device is initially configured
and has the correct OS running.
Each group-policy contains a subdirectory for each NOS supported. The following is an example tree listing:
admin@aeon-ztps:/opt/aeonztps/etc$ tree
.
-- profiles
-- cumulus
| -- finally -> ../../../../bin/finally/aztp-finally-aos-cumulus.sh
| -- os-selector.cfg
-- eos
| -- finally -> ../../../../bin/finally/aztp-finally-aos-eos.sh
| -- os-selector.cfg
-- nxos
-- finally -> ../../../../bin/finally/aztp-finally-aos-nxos.sh
-- os-selector.cfg
The file os-selector.cfg allows you to identify which version of NOS should be installed, and which finally
script should be run. The following is an example for /opt/aeonztps/etc/profiles/eos:

#
# 'default' means match hardware models not explicitly configured
#
default:
exact_match: 4.15.1F
image: EOS-4.15.1F.swi
finally: finally
This os-selector.cfg file instructs the Aeon-ZTP to check the current OS version and match exactly to
“4.15.1F”. If the device does not have this version, then Aeon-ZTPS should install the image “EOS-4.15.1F.swi”.
This file would be located in the /opt/aeonztps/vendor_images/eos directory.
The finally script named “finally” would be run. Finally scripts can be created and placed into the relevant vendor
directory.
Regular expressions can also be used to match the NOS version. The following example would not perform a NOS
upgrade if either version 3.1.1 or 3.1.2 was installed on the device:
default:
regex_match: 3\.1\.[12]
image: CumulusLinux-3.1.2-amd64.bin
Using Device Facts in OS-Selector

The OS selector also supports matching based on any combination of hardware facts discovered during the ZTP
process. Multiple named groups can be created with a list of facts that all must match and an image file that must
be installed. The names of the groups is arbitrary and is not currently used for anything more than an organizational
structure.
The following facts are supported to be used as a match criteria:
• os_name
• vendor
• hw_part_number
• hostname
• fqdn
• virtual (bool)
• service_tag
• os_version
• hw_version
• mac_address
• serial_number
• hw_model
• ip_addr
Here is an example os-selector.cfg file:
default:
exact_match: 3.1.2
finally: finally
1.6. Group-Policy ZTP 7

# Group name is arbitrary and can be things like

# 'rack-a', 'vendor-b', etc.
Accton_Switches:
# All keyword values here must match with the

# device for it to be accepted into this group.
matches:
hw_model:
- Accton_AS6712
mac_address:
- 0123456789012
- 0123456789013
- 0123456789014
# Perform code upgrade if version does not

# match this regex.
# If a fact match is made, and the NOS regex

# does not match, this OS is installed.
# Run finally script that is required for Accton_Switches group

finally: accton_finally
# This group will get Cumulus 2.5.7 installed

Cumulus_2_Switches:
matches:
vendor:
- CumulusVendor
serial_number:
- 1111111111
- 2222222222

CHAPTER 2
Installation Guide
This document outlines the steps required to build the Aeon-ZTPS from the files located in the github repository. The
total time required to build the Aeon-ZTPS could take some time (20m -> 1hr), depending on your existing installed
tools, and your connection speed to the Internet. You can easily install Aeon-ZTPS into VirtualBox using the provided
Vagrant file in the install directory. If you are not using VirtualBox, you can use the Ansible playbook file to perform
the installation process on any other Ubuntu 16.04 LTS system.
• Install Setup Checklist

• Install via Vagrant
– Login Info
• Install via Ansible Playbook
• Configure DHCP Service
• Enable DHCP Service
Install Setup Checklist
Configure IP-addresses for the interfaces Edit the file install/vars/interfaces.yml

and assign values specific to your environment. The default install is eth0 is the Vagrant/NAT inter-
face, and eth1 is connected to the network infrastructure.
optional Enable DHCP Service

Edit the file install/vars/dhcp-server.yml and change the DHCPS_enable vari-
able to yes
9
Fig. 2.1: Edit the file install/vars/dhcp-server.yml and set the values specific to your operational needs.
The DHCP server only supports one NIC interface. By default eth0 is the VirtualBox/NAT interface, and eth1 is the
interface intended to be connected to your network equipment.
Fig. 2.2: If you want to make any changes to the DHCP server configuration file (template), edit the file
install/roles/dhcp-server/templates/dhcpd.conf
Install via Vagrant
The current installation process is designed to install the Aeon-ZTPS into a Vagrant environment using Vagrant and
an Ansible playbook.
The process uses a combination of the following tools, and associated versions. This process has been verified using
a MacOS running Yosemite and ElCaptain. If you are using a different set of versions, you may run into issues. Note
that many of these versions are not the “latest”, even at the time of this writing.
Vagrant 1.8.4 or later — use “vagrant –version” to check You will need the Vagrant “vbguest” pluging
installed. To install, use: “vagrant plugin install vagrant-vbguest”
VirtualBox 5.0.24, or later 5.0.x — use “VBoxManage –version” to check. Note: For those running
Mac OSX El Capital and needing a VirtualBox update, you may need to disable Apple’s System
Integrity Protection, as described here
Ansible version 2.0 or later — use “ansible –version” to check. Installation instructions are located here.
Edit the install/Vagrantfile file to also assign the eth1 value as part of the Vagrant provision process.
To perform the build and installation into Vagrant, do the following on your host machine:
cd install
vagrant up
Once the VM build is complete, and the VM has been automatically rebooted, you can login to the VM by typing:
10 Chapter 2. Installation Guide

vagrant ssh
Login Info
An account with username “admin” and password “admin” is created by default.
Install via Ansible Playbook
If you are not using VirtualBox, you can still use the same Ansible playbook to perform the installation process. You
will need to create an Ansible hosts file that contains the IP-address of your target system, or the hostname if the
IP-address is a known host via DNS.
For example, if your target host has the IP-address 192.168.59.254, then your host file would look simply like
the following:
Listing 2.1: hosts

192.168.59.254
Let’s assume that the target host has an account call admin, and this user has sudo rights. You would then do the
following to install Aeon-ZTPS on that server:
cd install
echo "192.168.59.265" > hosts
ansible-playbook via-ansible.yml -i hosts -u admin -kK
Configure DHCP Service
AEON-ZTPS includes isc-dhcp-server, and also supports external DHCP servers. An example DHCP configuration is
shown below.
Listing 2.2: /etc/dhcp/dhcpd.conf

# This is an example DHCP file. Please note that all "192.168.59.XXX" networks
# must be configured to match your environment.
# If using an exter
ddns-update-style none;
option domain-name-servers {{ DNS server }}, {{ DNS Server }};
default-lease-time 7200;
max-lease-time 7200;
authoritative;
log-facility local7;
# The specific settings for Cumulus ONIE process

option cumulus-provision-url code 239 = text;
# this default-url *MUST* be in the global area for ONIE to

# work properly. Not sure why this is, but it is.
option default-url = "http://{{ AEON-ZTPS IP }}/images/cumulus/onie-installer";
2.3. Install via Ansible Playbook 11

option cumulus-provision-url "http://{{ AEON-ZTPS IP }}/downloads/ztp-cumulus.sh";
class "eos-switch" {
match if (substring(option vendor-class-identifier, 0, 6) = "Arista");
option bootfile-name "ztp-eos.sh";
}
class "nxos-switch" {
match if (substring(option vendor-class-identifier, 0, 5) = "Cisco");
option bootfile-name "ztp-nxos.py";
}
# Add subnet scopes here

subnet 192.168.59.0 netmask 255.255.255.0 {
range 192.168.59.20 192.168.59.100;
option tftp-server-name "{{ AEON-ZTPS IP }}";
option routers 192.168.59.1;
}
Enable DHCP Service
If you installed Aeon-ZTPS with the DHCP server disabled you can later enable the service. From the Aeon-ZTPS
bash prompt you can run the following commands:
sudo systemctl enable isc-dhcp-server

sudo service isc-dhcp-server start
12 Chapter 2. Installation Guide

CHAPTER 3
Operations Guide
The purpose of this document is to provide information on using the Aeon-ZTPS system once you have installed the
server and setup the system files necessary for each of the network OS you plan to use. Information on those topics
are provided in other document pages. Refer to the Main Table of Conents for a complete listing.
• Device Tracking Database

• Device Progress States
• The WebGUI
• REST/JSON API
• Log Files
• Maintenance Operations
Once you’ve properly setup the Aeon-ZTPS for your environment, the primary user-experience is providing visibility
into the devices going through the ZTP process. This document covers the information you’ll need to know when
using the Aeon-ZTPS and any known gotchas.
Device Tracking Database
Aeon-ZTPS maintains a database of every device that is processed through the system. The record key is
the IP-address assigned by the DHCP server.
Attention: If the Aeon-ZTPS sees a device attempt to register with an existing IP-address, even if it is the same
device, the Aeon-ZTPS will not bootstrap that device. If you have a scenario where you want to re-bootstrap a
device, or re-use IP-addresses, then you MUST clear that IP-address from use. Refer to Maintenance Operations
for how to take this action.
The following database fields are defined:

• ip_addr - The device IP-address as assigned by the DHCP-server
• os_name - The NOS name, as known by the Aeon-ZTPS system.
• os_version - The NOS version string as provided by the device
• serial_number - The device serial-number value as provided by the device
13
• hw_model - The device hardware-model value as provided by the device

• state - The Aeon-ZTPS progress-state, as described in the section below
• message - Additional information relating to the state value
• created_at - Timestamp when the device was registered into Aeon-ZTPS
• updated_at - Timestamp when this record was last updated
You can view this information either via the WebGUI or the REST/JSON API, as described in the later
sections in this document.
Device Progress States
As Aeon-ZTPS is processing a device, the system will update the device record with the current state and
status message. The following is the list of defined device states and their meaning. Understanding these
states will help you undestand the progress and troubleshoot any issues.
• START This state is set during the initial Device-ZTP stage when the ztp script registers the device
with Aeon-ZTPS.
• DONE This state indicates that the device has successfully completed the ZTP process. This state
is set after the finally script is executed, if you have provided one.
• CONFIG: This state indicates that Aeon-ZTPS is pushing the static configuration files as part of
the Remote-Bootstrap stage.
• AWAIT-ONLINE: This state indicates that Aeon-ZTPS is waiting for the device to come back
online and is reachable via the remote management mechanism; e.g. for Arista via eAPI.
• AWAIT-SYSTEM-READY: Some network OS may become remotely reachable (AWAIT-
ONLINE completed), but the NOS system management software is not yet ready. For this
type of NOS, e.g. NX-OS, this state indicates that Aeon-ZTPS is waiting for the NOS system
management to become available.
• OS-INSTALL: This state indicates that Aeon-ZTPS is in the process of installing a new version of
the NOS. The specific new version information is provided in the status field.
• OS-REBOOTING: This state indicates that Aeon-ZTPS has initiated a device reboot, and the de-
vice is in the process of rebooting.
• FAILED: This state indicates that the Aeon-ZTPS failed to properly process the device. You will
need to examine the message field for details. You may also need to examine the logfiles for
further details.
The WebGUI
You can access the WebGUI here: http://<yourztps>:8080. At present there is no login/authentication built
into the WebGUI. The following is a screen-shot of the “ZTP Status” dashboard page:
14 Chapter 3. Operations Guide

REST/JSON API
The REST/JSON API URL is: http://<yourztps>:8080/api. At present there is no login/authentication

built into the API. The following is a screen-shot of displaying the JSON information about devices processed by
Aeon-ZTPS:
3.4. REST/JSON API 15

There are a number of APIs available, which are fully described in a separate reference document. Many of the APIs
are used by the Aeon-ZTPS bootstrap scripts; ie. not something you, the User, would have interest in. The following
APIs would be of User interest, and they form the basis of providing information:
• GET /api/about - get information about the Aeon-ZTPS system, e.g. version
• GET /api/devices - retrieve device(s) status information
• DELETE /api/devices - remove one or all device entries from the database
Log Files
All of the AEON-ZTPS logs detailing the actual bootstrap process are sent to syslog in the following format: .. code:
Sep 21 19:07:13 aeon-ztps eos-bootstrap INFO 172.20.116.13: config completed OK.

Sep 21 19:07:13 aeon-ztps eos-bootstrap INFO 172.20.116.13: Virtual device. No OS
˓→upgrade necessary.
The Aeon-ZTPS system maintains a number of logs in the directory: /var/log/aeon-ztp, as follows:

• worker1.log This logfile used by the background scheduling system, celeryd. This file may be of interest
as it shows you when NOS specific bootstrap scripts are launch for each device.
• nginx.access.log This logifle is maintained by the Nginx system. It may be of interest as it shows all of
the HTTP commands executed on Aeon-ZTPS.
• nginx.error.log This logifle is maintained by the Nginx system. It may be of interest as it shows any
errors experienced by the Nginx system.
Maintenance Operations
• Flush the Entire Aeon-ZTPS device database You can clear the Aeon-ZTPS devices database by using the
following command at the Linux prompt:
user@host$ curl -X DELETE http://<aeonztps>:8080/api/devices?all=1

{
"message": "all records deleted",
"ok": true
}
• Delete Specific IP-Address from Aeon-ZTPS device database You can remove a specific device from the
database using the following command at the Linux prompt:
user@host$ curl -X DELETE http://<aeonztps>:8080/api/devices?ip_addr=192.168.

˓→59.54
{
"count": 1,
"message": "1 records deleted",
"ok": true
}
• Flush the DHCP Leases If your Aeon-ZTPS is also providing DHCP service, you can use the following com-
mand at the Linux prompt to clear the dhcpd.leases file and restart the DHCP service.
admin@aeon-ztps:~$ sudo dhcpd-reset

+ service isc-dhcp-server stop
+ rm -f /var/lib/dhcp/dhcpd.leases
+ service isc-dhcp-server start
3.6. Maintenance Operations 17


CHAPTER 4
Cumulus Setup Guide
This document describes information and usage of the Aeon-ZTPS system with the Cumulus Linux network operating
system. At the time of this writing, Cumulus support has been tested with Cumulus version 2.x release, started with
2.5.6. Cumulus 3.x support has not been tested. This document is organized by the Aeon-ZTPS process stages, as
described in the Getting Started Guide.
• Device-ZTP
– ZTP-Script
– ZTP-Boot-Configuration
• Remote-Bootstrap
– Static / Model Configuration
– NOS Version Selection
Device-ZTP
ZTP-Script
The DHCP server returns the cumulus-provision-url DHCP indicating how the switch can obtain the ZTP script. By
default, this file is located in downloads/ztp-cumulus.sh. If you’ve changed the DHCP server configuration,
you will need to update the location of this script accordingly.
The ZTP script, ztp-cumulus.sh is executed in the context of the Cumulus AutoProvisioning process.
• The following files are installed:
– Cumulus License file
– Cumulus VRF package file
Warning: You must put your Cumulus license file on the Aeon-ZTPS in downloads/cumulus/license.
If you want to change the location or filename, you will need to modify the ztp-cumulus.sh script file.
19
Warning: You are responsible for providing a copy of the Cumulus VRF debian package. You need to put this
file on the Aeon-ZTPS in vendor_images/cumulus/cl-mgmtvrf.deb. If you do not want to install the
VRF package, or want to change the location/filename, you will need to modify the ztp-cumulus.sh script
file.
• The admin account will be created with the password admin

At the end of the Cumulus AutoProvisioning process, the device will NOT reboot.
ZTP-Boot-Configuration
At present, there is no Cumulus boot configuration files; applied as part of the the ZTP script execution.
Remote-Bootstrap
Static / Model Configuration
At present, there is no static configuration applied to the Cumulus device as part of the remote-bootstrap processing.
NOS Version Selection
The Aeon-ZTPS ships with a default NOS version selection configuration, located in
etc/profiles/default/cumulus/os-selector.cfg
#
#
default:
The above configuration checks the running device to ensure that it is either 2.5.6 or 2.5.7. If the device is not
running either of those version, then this file instructs Aeon-ZTPS to install the 2.5.7 image from the location:
vendor_images/cumulus/CumulusLinux-2.5.7-amd64.bin
If you want to change this configuration, you will need to modify this os-selector.cfg file and copy over the
necessary Cumulus software images.
20 Chapter 4. Cumulus Setup Guide

CHAPTER 5
Arista EOS Setup Guide
This document describes information and usage of the Aeon-ZTPS system with the Arista EOS network operating
system. This document is organized by the Aeon-ZTPS process stages, as described in the Getting Started Guide.
• Device-ZTP
– ZTP-Script
Device-ZTP
ZTP-Script
The DHCP server returns the bootfile-name DHCP option the name of the ZTP script. By default, this file is
located in tftpboot/ztp-eos.sh. If you’ve changed the DHCP server configuration, you will need to update the
location of this script accordingly. The ZTP script is a Bash script.
The ZTP script is executed in the context of the Arista ZeroTouchProvisioning process:
• Install the contents of the eos-boot.conf file from Aeon-ZTPS
• Statically assign the IP-address / gateway information obtained from DHCP
• Assign the Ma1 interface into a VRF called management
• Signals the Aeon-ZTPS for remote-bootstrap
Once the Arista device completes the EOS ZeroTouchProvisioning process, the device will NOT reboot.
The EOS boot configuration file is located at etc/configs/eos/eos-boot.conf. The primary purpose of this
configuration is to enable remote management via the eAPI over HTTP. Aeon-ZTPS will access the device using the
hardcoded user=admin, password=admin.
21
Remote-Bootstrap
The Arista EOS static configuration files are located in the etc/configs/eos directory. The file all.conf,
if exists, will be first applied to all device models. Then if a model specific file exists it will be applied.
The model value is taken from the output of “show version”, the JSON field modelName. The resulting model-
specific filename would be <modelName>.conf. For example, the following device would yield the Aeon-ZTPS to
look for a file called: etc/configs/eos/DCS-7050QX-32-F.conf using the modelName value indicated
on line 3.
1 switch>show version | json

2 {
3 "modelName": "DCS-7050QX-32-F",
4 "internalVersion": "4.15.1F-2483969.4151F",
5 "systemMacAddress": "44:4c:a8:0c:b9:e1",
6 "serialNumber": "JPE15244110",
7 "memTotal": 3978212,
8 "bootupTimestamp": 1473477510.75,
9 "memFree": 691888,
10 "version": "4.15.1F",
11 "architecture": "i386",
12 "internalBuildId": "15807785-bb32-41c0-ac34-a7b504427d22",
13 "hardwareRevision": "02.11"
14 }
The Aeon-ZTPS ships with a default NOS version selection configuration, located in
etc/profiles/default/eos/os-selector.cfg
#
#
default:
exact_match: 4.15.1F
image: EOS-4.15.1F.swi
The above configuration checks the running device to ensure that is running 4.15.1F. If the device is not
running that exact version, then this file instructs Aeon-ZTPS to install the that image from the location:
vendor_images/eos/EOS-4.15.1F.swi
necessary Arista software images.
22 Chapter 5. Arista EOS Setup Guide

CHAPTER 6
Cisco NX-OS Setup Guide
This document describes information and usage of Aeon-ZTPS with the Cisco NX-OS network operating system for
the 9K and 3K product model families. This document is organized by the Aeon-ZTPS process stages, as described in
the Getting Started Guide.
• Device-ZTP
– ZTP-Script
Device-ZTP
ZTP-Script
The DHCP server returns the bootfile-name DHCP option the name of the ZTP script. By default, this file is
located in tftpboot/ztp-nxos.py. If you’ve changed the DHCP server configuration, you will need to update
the location of this script accordingly. This script is written in Python.
The ZTP script is executed in the context of the Cisco POAP process:
• Install the contents of the nxos-boot.conf file from Aeon-ZTPS
• Sets up the scheduled-config to be executed on next reboot
• Signals the Aeon-ZTPS for remote-bootstrap
Once the Cisco device completes the POAP process, the device WILL reboot.
Warning: If you change the ztp-nxos.py file for any reason, you MUST run the script poap-md5sum ztp-nxos.py
to regenerate the MD5 checksum value that is located at the top of the ztp-nxos.py file. This poap-md5sum script
is also located in the tftpboot directory
23
The NX-OS boot configuration file is located at etc/configs/nxos/nxos-boot.conf. The primary purpose
of this configuration is to enable remote management via the NXAPI over HTTP. Aeon-ZTPSwill access the device
using the hardcoded user=admin, password=admin.
Remote-Bootstrap
The Cisco NX-OS static configuration files are located in the etc/configs/nxos directory. The file all.conf,
if exists, will be first applied to all device models. Then if a model specific file exists it will be applied.
The model value is taken from the output of show hardware from the Switch hardware ID block of output (as shown
on line 9 below). The resulting model-specific filename would be <model>.conf. For example, the following device
would yield Aeon-ZTPS to look for a file called: etc/configs/nxos/N9K-C9396PX.conf
1 switch> show hardware

2 ...
3 --------------------------------
4 Switch hardware ID information
5 --------------------------------
6
7 Switch is booted up
8 Switch type is : Nexus9000 C9396PX Chassis
9 Model number is N9K-C9396PX
10 H/W version is 2.2
11 Part Number is 73-15605-04
12 Part Revision is D0
13 Manufacture Date is Year 2014 Week 42
14 Serial number is ABCD12345
15 CLEI code is CMMPE00DRB
Aeon-ZTPS ships with a default NOS version selection configuration, located in

etc/profiles/default/nxos/os-selector.cfg
#
#
default:
exact_match: 7.0(3)I2(2d)
image: nxos.7.0.3.I2.2d.bin
The above configuration checks the running device to ensure that is running 7.0(3)I2(2d). If the device is not
running that specific version, then this file instructs Aeon-ZTPS to install the that image from the location:
vendor_images/nxos/nxos.7.0.3.I2.2d.bin
necessary Cisco NX-OS software images.
24 Chapter 6. Cisco NX-OS Setup Guide

CHAPTER 7
Indices and tables
• genindex
• modindex
• search
25

Aeons ZTPs

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Aeons ZTPs

Uploaded by

Copyright:

Available Formats

Aeon-ZTPS Documentation

Apstra Customer Enablment Team

Mar 26, 2018

1 Getting Started Guide 3

4 Cumulus Setup Guide 19

5 Arista EOS Setup Guide 21

6 Cisco NX-OS Setup Guide 23

7 Indices and tables 25

Getting Started Guide

An illustration of these stages:

Aeon-ZTPS Setup Checklist

4 Chapter 1. Getting Started Guide

Aeon-ZTP Directories and Files

NOS Boot and Model-Specific Configurations

Stages: Device-ZTP, Remote-Bootstrap

These files are installed on the device in two stages:

1.3. Aeon-ZTP Directories and Files 5

Vendor Image Files

Stages: Remote-Bootstrap, Finally-Provision

6 Chapter 1. Getting Started Guide

Using Device Facts in OS-Selector

1.6. Group-Policy ZTP 7

# Group name is arbitrary and can be things like

# All keyword values here must match with the

# Perform code upgrade if version does not

# If a fact match is made, and the NOS regex

# Run finally script that is required for Accton_Switches group

# This group will get Cumulus 2.5.7 installed

8 Chapter 1. Getting Started Guide

• Install Setup Checklist

Install Setup Checklist

Configure IP-addresses for the interfaces Edit the file install/vars/interfaces.yml

optional Enable DHCP Service

Install via Vagrant

10 Chapter 2. Installation Guide

An account with username “admin” and password “admin” is created by default.

Install via Ansible Playbook

Listing 2.1: hosts

Configure DHCP Service

Listing 2.2: /etc/dhcp/dhcpd.conf

# The specific settings for Cumulus ONIE process

# this default-url *MUST* be in the global area for ONIE to

option default-url = "http://{{ AEON-ZTPS IP }}/images/cumulus/onie-installer";

2.3. Install via Ansible Playbook 11

option cumulus-provision-url "http://{{ AEON-ZTPS IP }}/downloads/ztp-cumulus.sh";

# Add subnet scopes here

Enable DHCP Service

sudo systemctl enable isc-dhcp-server

12 Chapter 2. Installation Guide

• Device Tracking Database

Device Tracking Database

The following database fields are defined:

• hw_model - The device hardware-model value as provided by the device

Device Progress States

14 Chapter 3. Operations Guide

The REST/JSON API URL is: http://<yourztps>:8080/api. At present there is no login/authentication

3.4. REST/JSON API 15

Sep 21 19:07:13 aeon-ztps eos-bootstrap INFO 172.20.116.13: config completed OK.

16 Chapter 3. Operations Guide

user@host$ curl -X DELETE http://<aeonztps>:8080/api/devices?all=1

user@host$ curl -X DELETE http://<aeonztps>:8080/api/devices?ip_addr=192.168.

admin@aeon-ztps:~$ sudo dhcpd-reset

3.6. Maintenance Operations 17

18 Chapter 3. Operations Guide

# this default-url MUST be in the global area for ONIE to