JUNOS, Scripting and SSH-AGENT

In two previous blog entries I talked about leveraging ssh-agent with scripting. Below is an example script I use to run different commands on Junos based routers.

This particular script is menu driven from the terminal prompt. Beyond the menu the script is non-interactive. It is plausible to write a script that will request user input based on some condition learned by the script; so for this reason scripts can be interactive unlike the below script.

The way I see it, your imagination and vision is the only limit to what you can achieve in computing.

So, please reference the two following blog entries to setup the ssh-agent for accessing a Junos based platform.
JUNOS, SSH-KEY Authentication (the how)
Leveraging ssh-agent and Junos based routers (the why)

To run scripts against a Junos based router, the ssh-agent is not required; however using an ssh-agent is convenient and a time saver.

I have several lab routers that I work with and not all of them are always on and running. The following script does a ping across a range of IP addresses to check if they send an ICMP echo-reply. If they do, the script will log into the router and issue a command.

Here is the script.
[sourcecode language=”bash”]
#!/usr/bin/env bash
################################################
# File Name: junos_request_system_halt.sh
# Created On: 11/17/2012 Jeff Neuffer Jr
# Updated On: $Id: junos_request_system_halt.sh 102 2012-11-21 15:28:21Z jneuffer $
#
# Note: Purpose is to sweep a range of IP addresses and issue a command
#
#
################################################
#
SCRIPT_VERSION=’0.2.1′;

# Lab hosts range from .200 – .254
HOSTS=(
172.16.155.200
172.16.155.201
172.16.155.202
172.16.155.203
172.16.155.204
172.16.155.205
172.16.155.206
172.16.155.207
172.16.155.208
172.16.155.209
172.16.155.210
172.16.155.211
172.16.155.212
172.16.155.213
172.16.155.214
172.16.155.215
172.16.155.216
172.16.155.217
172.16.155.218
172.16.155.219
172.16.155.220
172.16.155.254
);
#HOSTS=( 172.16.155.200 172.16.155.201 172.16.155.202 );
#HOSTS=( 172.16.155.200 );

run_command()
{
echo;echo;
for a in ${HOSTS[@]}; do
# the following ping is used to determine which VM is "alive"
ping -c 1 -t 1 -n $a > /dev/null 2>&1;
if [[ $? -gt 0 ]]; then
echo "$a <– No Reply"
else
echo "$a <– Alive"
if [[ "$the_command" == "jhalt" ]]; then
ssh $a "request system halt"
sleep 8
elif [[ "$the_command" == "jreboot" ]]; then
ssh $a "request system reboot"
sleep 58
else
echo;echo "nothing matches ($the_command)";echo
fi
sleep 2
fi
done
echo;echo;
}

continue=yes
while [ "$continue" = yes ]
do
echo; echo;
echo "Send Junos Command ($SCRIPT_VERSION)";
echo "——————————————–";
echo;
echo " 1) Halt (request system halt)";
echo " 2) Reboot (request system reboot)";

echo " 9) Quit";
read -p "Select an option [1-7,9]: " ANSWER

if [[ "$ANSWER" == 1 ]]
then
the_command="jhalt";
run_command;
continue=yes;
elif [[ "$ANSWER" == 2 ]]
then
the_command="jreboot";
run_command;
continue=yes;

elif [[ "$ANSWER" == [9Qq] ]]
then
echo "Quiting"; echo;echo;
continue=no;
else
clear;
continue=yes;
fi
done
[/sourcecode]

This is the output from the script. Notice that for each login to a router a password is not requested.

junos scripting and ssh-agent 1

Leave a Reply