JUNOS, Scripting and SSH-AGENT

In two previous blog entries I talked about leveraging ssh-agent with scripting. Below is an example script I use to run different commands on Junos based routers.

This particular script is menu driven from the terminal prompt. Beyond the menu the script is non-interactive. It is plausible to write a script that will request user input based on some condition learned by the script; so for this reason scripts can be interactive unlike the below script.

The way I see it, your imagination and vision is the only limit to what you can achieve in computing.

So, please reference the two following blog entries to setup the ssh-agent for accessing a Junos based platform.
JUNOS, SSH-KEY Authentication (the how)
Leveraging ssh-agent and Junos based routers (the why)

To run scripts against a Junos based router, the ssh-agent is not required; however using an ssh-agent is convenient and a time saver.

I have several lab routers that I work with and not all of them are always on and running. The following script does a ping across a range of IP addresses to check if they send an ICMP echo-reply. If they do, the script will log into the router and issue a command.

Here is the script.

#!/usr/bin/env bash
################################################
# File  Name: junos_request_system_halt.sh
# Created On: 11/17/2012 Jeff Neuffer Jr
# Updated On: $Id: junos_request_system_halt.sh 102 2012-11-21 15:28:21Z jneuffer $
# 
# Note: Purpose is to sweep a range of IP addresses and issue a command
#
#
################################################
#
SCRIPT_VERSION='0.2.1';

# Lab hosts range from .200 - .254
HOSTS=( 
	172.16.155.200 
	172.16.155.201 
	172.16.155.202 
	172.16.155.203 
	172.16.155.204 
	172.16.155.205 
	172.16.155.206 
	172.16.155.207 
	172.16.155.208
	172.16.155.209
	172.16.155.210 
	172.16.155.211 
	172.16.155.212 
	172.16.155.213 
	172.16.155.214 
	172.16.155.215 
	172.16.155.216 
	172.16.155.217 
	172.16.155.218 
	172.16.155.219 
	172.16.155.220 
	172.16.155.254 
	);
#HOSTS=( 172.16.155.200 172.16.155.201 172.16.155.202 );
#HOSTS=( 172.16.155.200 );

run_command()
{
	echo;echo;
	for a in ${HOSTS[@]}; do
		# the following ping is used to determine which VM is "alive"
        ping -c 1 -t 1 -n $a > /dev/null 2>&1;        
        if [[ $? -gt 0 ]]; then 
        	echo "$a <-- No Reply" 
        else
        	echo "$a <-- Alive"
        	if [[ "$the_command" == "jhalt" ]]; then
        		ssh $a "request system halt"
        		sleep 8
        	elif [[ "$the_command" == "jreboot" ]]; then
        		ssh $a "request system reboot"
        		sleep 58
        	else
        		echo;echo "nothing matches ($the_command)";echo
        	fi
        	sleep 2
        fi
	done
	echo;echo;
}

continue=yes
while [ "$continue" = yes ]
do
        echo; echo;
        echo "Send Junos Command ($SCRIPT_VERSION)";
        echo "--------------------------------------------";
        echo;     
        echo "  1) Halt   (request system halt)";
        echo "  2) Reboot (request system reboot)";    
                
        echo "  9) Quit";        
        read -p "Select an option [1-7,9]: " ANSWER

        if [[ "$ANSWER" == 1 ]]
        then
                the_command="jhalt";
                run_command;                
                continue=yes;
        elif [[ "$ANSWER" == 2 ]]
        then
                the_command="jreboot";
                run_command;                
                continue=yes;
        
        elif [[ "$ANSWER" == [9Qq] ]]
        then                
                echo "Quiting"; echo;echo;
                continue=no;                
        else
                clear;
                continue=yes;
        fi        
done

This is the output from the script. Notice that for each login to a router a password is not requested.

junos scripting and ssh-agent 1

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s