The Junos infrastructure provides a way for users to extend the system’s functionalities. This section explores the different mechanisms supplied, with an emphasis on providing examples of how these mechanisms are commonly used.
Perhaps the simplest way to get acquainted with Junos automation is to start by looking at commit scripts.
As previously explained, several operations take place when a commit operation is executed. MGD loads the candidate configuration as shown in Figure 13-3, after which it performs a commit check, and finally, if the commit is successful, it notifies the affected daemons of the new configuration.
Figure 13-3. Commit model
In fact, this description is incomplete. An intermediate step is performed after the candidate configuration is loaded but before the commit check is performed, as shown in Figure 13-4. In this intermediate step, a set of user-defined XSLT transformations are applied to the configuration that can be used for things such as the following:
Verify the configuration (e.g., you can create an XSLT template that makes sure that interfaces with an IP address configured are assigned to a security zone, or you could create a template that makes sure the default security policy is not “permit all”) and emit a warning, an error, or even a syslog message on certain conditions.
Modify the configuration. A common and ...