-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathpillar.example.yml
175 lines (156 loc) · 3.92 KB
/
pillar.example.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
---
# yamllint disable rule:line-length
# Configure the Salt proxy minion
proxy:
proxytype: napalm
driver: junos
username: geeko
passwd: it.is.recommended.to.store.the.passphrase.as.a.pgp.encrypted.secret
host: firewall1.example.com
# Configure the formula
#
# The same pillar structure is used for all available states, however some pillar options are not compatible with all device types.
# I hope to include more thorough examples about all possible options and their respective device compatibilities in the future.
#
juniper_junos:
interfaces:
ae0:
mtu: 9100
description: My aggregated interface
ae:
lacp:
force-up: true
system-id: ff:ff:ff:ff:ff:ff
admin-key: 65535
mc:
mc-ae-id: x
redundancy-group: 1
chassis-id: 12345
mode: active-active
status-control: asdf
init-delay-time: 300
ge-0/0/2:
description: foo
mtu: 9100
speed: 1G
# "native_vlan" cannot be combined with vlan:access, only with vlan:trunk
native_vlan: 2
units:
0:
description: bar
inet:
addresses:
- 192.168.99.1/29
inet6:
addresses:
- fd15:5695:f4b6:43d5::1/128
ge-0/0/3:
mtu: 9100
# "lacp" cannot be combined with any other interface options
lacp: ae0
ge-0/0/4:
mtu: 9000
units:
0:
vlan:
# "access" and "trunk" cannot co-exist
type: trunk
ids:
- 1
- 2
# - "reth*" interfaces will be counted to set the reth-count
# - "reth*" interfaces are not supported on QFX devices
reth0:
description: test
mtu: 9100
redundancy-group: 1
units:
0:
vlan:
type: access
ids:
- 1
ge-0/0/1:
mtu: 9100
# - ensure the specified reth interface exists in the pillar like in the example above
# the formula currently does not validate whether dependent interfaces exist
# - "reth" is not supported on QFX devices
reth: reth0
# if "disable" is falsy or not specified, the interface will be kept enabled
disable: false
multi-chassis:
mc-lag:
consistency-check:
comparison-delay-time: 600
multi-chassis-protection:
interface: ae0
name: 192.168.1.2
switch-options:
service-id: 1
# "redundancy_groups" are not supported on QFX devices
redundancy_groups:
1:
nodes:
1:
priority: 10
vlans:
vlan1:
id: 1
vlan2:
id: 2
vlan200:
id: 200
description: Baz
iccp:
id: 900
l3-interface: irb
ignore:
# these interface names will not be touched by the automation
# this is useful for the management interfaces Salt is connecting to
interfaces:
- em0
syslog:
user:
facilities:
any: emergency
file:
messages:
facilities:
any: notice
authorization: info
interactive-commands: any
zones:
myfirstzone:
interfaces:
ge-0/0/2:
protocols:
- ospf
mysecondzone:
interfaces:
ge-0/0/4:
system-services:
- dns
- ssh
routes:
192.168.100.0/24:
type: static
next-hop: 192.168.99.2
fd15:5695:f4b6:43d6::/64:
type: static
next-hop: fd15:5695:f4b6:43d5::1
ntp_servers:
- 192.168.100.1
protocols:
iccp:
local-ip-addr: 192.168.1.1
peers:
192.168.1.2:
session-establishment-hold-time: 340
redundancy-group-id-list: 1
backup-liveness-detection:
backup-peer-ip: 192.168.1.3
liveness-detection:
version: automatic
minimum-interval: 5000
transmit-interval:
minimum-interval: 1000