ztp_server

A small ztp_server written in python with flask that allows to onboard IOS-XE devices. It uses jinja templates and ansible host files in the backend.
Tested with CSR1000V (17.3X and 16.12.X)

Requirements

Flask==2.0.3

Jinja2==3.0.3

PyYAML==6.0

Installation

git clone https://github.com/kapsch-network-solution/ztp_server.git
cd ztp_server

Create virtual enviroment (optional)

python3 -m venv ztp_server
source ztp_server/bin/activate

install dependencies

pip install -r requirements.txt

Run Flask webservice

export FLASK_APP=main
export FLASK_ENV=development
flask run --host=0.0.0.0

DHCP for ZTP

ZTP client needs to get the path to the python file via DHCP option 67

option 67 http://serverip:port/ztp3.py

Port in default is 5000

Backend files

templates/host_vars/.yml

ansible_host: 100.64.0.101
  
#ztp_sn is mandatory
ztp_sn: 9GLRGDOQH9H
  
#ztp_template is mandatory and file 
#templates/template_<templatename>.tmpl must exits
ztp_template: csr1000v
  
#all other ztp_ entries can be difined as you wish
ztp_interface:  gi1
ztp_ip: 100.64.0.101
ztp_mask: 255.255.255.0
ztp_gw: 100.64.0.1
loopback_ip: 1.1.1.1

templates/template_.tmpl

all attributes from device yml can be used for rendering (device_data.)

!config template for 1000v with serial {{ device_data.ztp_sn}}

int {{ device_data.ztp_interface}}
no shut
ip add {{ device_data.ztp_ip}} {{ device_data.ztp_mask}}

ip route 0.0.0.0 0.0.0.0 {{ device_data.ztp_gw}}

hostname router

ip domain-name lab.local

crypto key generate rsa mod 2048

aaa new-model
aaa authentication login default local
aaa authentication enable default none

username admin secret cisco

line vty 0 15
privilege level 15
```