Watches specified directory for FreeZTP custom merged-config files which are created after a switch is successfully provisioned. File name is parsed for hostname and host IP address to initiate a TFTP transfer of the specified IOS image.
TFTP preferred over SCP due to speed (include
ip tftp blocksize 8192
in the switch template) and because FreeZTP has TFTP built-in so no additional services are required.
Use-case: Copy IOS image .bin file to C2960S/X/XR switches post FreeZTP provisioning to avoid the auto-install function using a .tar file (lengthy process).
-
Ensure that FreeZTP imagediscoveryfile-option is set to disable.
ztp set dhcpd INTERFACE-{dhcp_interface} imagediscoveryfile-option disable
-
It is imperative that your
keystore_id
value does not have an underscore (_
) in it. -
Custom merged-config file syntax must begin with {{keystore_id}}_{{ipaddr}}; e.g.
{{keystore_id}}_{{ipaddr}}_{{idarray|join("-")}}_merged.cfg
Full custom log file config example...
ztp set logging merged-config-to-custom-file '/etc/ztp/logs/merged/{{keystore_id}}_{{ipaddr}}_{{idarray|join("-")}}_merged.cfg'
*Suggestion: Disable logging merged configs to the main log file via;
ztp set logging merged-config-to-mainlog disable
-
Include the following configurations in the switch template.
ip tftp blocksize 8192 file prompt quiet
-
Install Python3 dependencies.
Nornir v2.5.0 is required (for now) as v3.x introduces changes to inventory management.
pip install nornir==2.5.0 pip install pyyaml pip install watchdog
-
Clone repo to desired location.
sudo git clone {URL} /var/git/ztp-watcher
-
Make a copy of ztpconfig_sample.yaml as ztpconfig.yaml and edit for environment.
See *ztpconfig_sample.yaml file for explanation of options.
sudo cp /var/git/ztp-watcher/ztpconfig_sample.yaml /var/git/ztp-watcher/ztpconfig.yaml sudo nano /var/git/ztp-watcher/ztpconfig.yaml
-
Edit values accordingly
Be sure to create the logfile and watch_dir directories as needed.
logfile: /etc/ztp/logs/ztpwatcher.log watch_dir: /etc/ztp/logs/merged/ ssh_method: ip tftpaddr: 172.17.251.251 imgfile: c2960x-universalk9-mz.152-4.E8.bin username: cisco password: cisco
-
-
Edit ztp-watcher.service systemd unit file with path.
sudo nano /var/git/ztp-watcher/ztp-watcher.service
-
Edit
ExecStart
andWorkingDirectory
paths accordingly... ExecStart=/bin/bash -c 'cd /var/git/ztp-watcher; python3 ztp-watcher.py' WorkingDirectory=/var/git/ztp-watcher/ ...
-
-
Copy .service file to /etc/systemd/system/, then enable and start it.
sudo cp /var/git/ztp-watcher/ztp-watcher.service /etc/systemd/system/ sudo systemctl enable ztp-watcher.service sudo systemctl start ztp-watcher.service
- https://github.com/PackeTsar/freeztp/
- https://github.com/torfsen/python-systemd-tutorial
- https://pynet.twb-tech.com/blog/nornir/intro.html
- https://pynet.twb-tech.com/blog/nornir/os-upgrade-p1.html
- https://www.michaelcho.me/article/using-pythons-watchdog-to-monitor-changes-to-a-directory
- Add option to reboot switch after upgrade.
- Support multi-platform upgrades.