Support Support Downloads Knowledge Base Apex Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Service Automation User Guide Addendum for the SRX Chassis Cluster

0

0

Article ID: TN289 TECHNOTES Last Updated: 30 Jun 2016Version: 3.0
Description:


Introduction

The Service Automation User Guide describes the typical behaviors of Service Now, Service Insight and the AI-Scripts, when used with most of Juniper’s products. However, there are several nuances, limitations and other variations when using Service Automation with Juniper’s SRX Chassis Cluster platforms. This article explains these variations. 

Topics covered:  


Service Automation SRX Chassis Cluster Platform Differences Summary

The multi-chassis design of the SRX Chassis Cluster platform results in some unique operational differences with respect to Service Now, Service Insight and AI-Scripts. The following table summarizes the differences between standard Service Automation behavior for a typical device and the Service Automation behavior for the SRX Chassis Cluster platform:

Service Automation Area Standard Behavior SRX Chassis Cluster Platform Behavior

Service Automation Data flow
Only the primary Routing Engine (RE) communicates with Service Now. The backup RE, which does not have a management connection with Service Now, sends data to Service Now via the primary RE. SRX Chassis Cluster systems have no backup RE. Both the Primary and Secondary Chassis Cluster nodes have a management connection with Service Now, and send and receive data directly.
Junos Space/Service Now Management Interface Only the primary RE requires a management IP address interface with Junos Space/Service Now. Each SRX Chassis Cluster node is managed separately by Junos Space/Service Now and requires its own management IP address interface.
AI-Scripts installation and activation
Users direct Service Now to initiate and manage AI-Scripts installation and activation on the primary RE of a device; Junos will automatically initiate the installation and activation of AI-Scripts on the backup RE.
Users must direct Service Now to initiate and manage AI-Scripts installation and activation separately on the primary RE of each SRX Chassis Cluster node.
RSI Collection For event Juniper Message Bundles (JMBs), RSI will contain information from the entire device. For event JMBs, RSI will contain information primarily from the SRX Chassis Cluster node generating the JMB. Some partial information (mostly pertaining to the PFE) will be collected from the other SRX Chassis Cluster node.


Overview

Every device in the Juniper SRX platform family can be configured in Chassis Cluster mode. The SRX Chassis Cluster configuration comprises a pair of similar SRX platforms connected by one or two control links.

Each SRX Chassis Cluster node has one active Routing Engine (RE) operating as the primary RE for that node. SRX5000-Series platforms can have a second RE installed but they can only be used for backup functionality when the chassis is in standalone mode. In cluster mode, the second RE only manages the control link and is not a backup device.

Each primary RE on each node is running an independent instance of Junos. The primary REs on each node must all be running the same version of Junos.

One of the two SRX Chassis Cluster node pair operates as the Primary routing node for the chassis cluster. This is the only node that runs an active version of the routing process (rpd) and pushes the routes from the control plane to the data plane in each SRX Chassis Cluster node. The Secondary Chassis Cluster node primary RE monitors the routing process state and will take over the routing process should the Primary Chassis Cluster node primary RE fail.

Important Note:


Although it is always recommended to use the most recently released versions of Service Now, Service Insight and AI-Scripts, it is especially important that Service Now 13.3R1 (or later) and AI-Scripts 4.0R1 (or later) be used to provide Service Automation support to the SRX Chassis Cluster platforms. Earlier releases of both provide very limited support for the SRX Chassis Cluster platforms and dramatically reduce the value of Service Automation.

The remainder of this document provides additional details of the nuances of Service Automation support for the SRX Chassis Cluster platforms.


Service Automation Data Flow

Event data generated by AI-Scripts on SRX Chassis Cluster nodes is passed to Service Now by each node of the SRX Chassis Cluster platform (Refer to sections JMBs, Log File Collection, RSI Collection, and Core File Collection for more details on the type of data generated and specific collection instances). The following diagram illustrates the difference between SRX Chassis Cluster Platform Control Plane data path and the Service Automation data communication path:


Physical (Layer 2) Connections

Junos Space and Service Now communicate with the SRX Chassis Cluster system through separate IP management sessions with each SRX Chassis Cluster node, in order to manage each node and send and receive Service Automation data.

Junos Space and Service Now will maintain a chassis management view of both SRX Chassis Cluster nodes with the SRX Chassis Cluster platform even if the RE of one of the cluster nodes goes down, as long as the RE of the other node still has an active management session. See the next section, “Service Now Representation of the SRX Chassis Cluster”, for information on how Junos Space and Service Now manage the chassis view of both nodes of the SRX Chassis Cluster.


Service Now Representation of the SRX Chassis Cluster

Junos Space and Service Now represent the chassis inventory of an SRX Chassis Cluster platform as two sets of interconnected chassis nodes. In the sample picture below, the SRX Chassis Cluster system is represented twice in the Physical Inventory view, under hostname user. Two SRX Chassis Clusters are shown in the Physical Inventory view because each node has a management session with Junos Space/Service Now.

Below is an example of similar chassis inventory data obtained through Junos CLI commands:

From node user:

{primary:node0}
user@host> show chassis hardware models
node0:
--------------------------------------------------------------------------
Hardware inventory:
Item Version Part number Serial number FRU model number
Midplane REV 10 710-015748 AADB7986 SRX3400-CHAS
...

node1:
--------------------------------------------------------------------------
Hardware inventory:
Item Version Part number Serial number FRU model number
Midplane REV 10 710-015748 AADE4199 SRX3400-CHAS
...

{primary:node0}
user@host> show version
node0:
--------------------------------------------------------------------------
Hostname: user
Model: srx3400
...

node1:
--------------------------------------------------------------------------
Hostname: user
Model: srx3400
...

From node user:

{secondary:node1}
user@user> show chassis hardware models
node0:
--------------------------------------------------------------------------
Hardware inventory:
Item Version Part number Serial number FRU model number
Midplane REV 10 710-015748 AADB7986 SRX3400-CHAS
...

node1:
--------------------------------------------------------------------------
Hardware inventory:
Item Version Part number Serial number FRU model number
Midplane REV 10 710-015748 AADE4199 SRX3400-CHAS
...

{secondary:node1}
user@user> show version
node0:
--------------------------------------------------------------------------
Hostname: user
Model: srx3400
...

node1:
--------------------------------------------------------------------------
Hostname: user
Model: srx3400
...

Script Installation

The user must manage the installation and activation of the AI-Scripts bundle through Service Now on each node of the SRX Chassis Cluster. When configured for Chassis Cluster mode, all SRX models will contain a single, active RE on each node. This includes the SRX5000-Series platform, which can have a backup RE, only when in standalone mode. Service Now will only attempt to install and active the AI-Scripts bundle on the primary RE of each SRX Chassis Cluster node.

NOTE: A user must NOT initiate the installation and activation of the AI-Scripts bundle through Service Now on BOTH nodes of the SRX Chassis Cluster in the same task job. Since each SRX Chassis Cluster node’s configuration is synchronized with the other node, there will be contention if the AI-Scripts installation process is activated on both nodes at the same time.


Script Uninstallation

The user must manage the uninstallation of the AI-Scripts bundle through Service Now on each node of the SRX Chassis Cluster.

NOTE: A user must NOT initiate the uninstallation of the AI-Scripts bundle through Service Now on BOTH nodes of the SRX Chassis Cluster in the same task job. Since each SRX Chassis Cluster node’s configuration is synchronized with the other node, there will be contention if the AI-Scripts uninstallation process is initiated on both nodes at the same time.


Event Profiles

Service Now associates an Event Profile with every AI-Scripts bundle that it deploys on Junos devices. An Event Profile is a customized set of event triggers that users can select for a given AI-Scripts bundle. In order to use the Service Now feature for deploying AI-Scripts on an SRX Chassis Cluster platform, users must deploy separately on each SRX Chassis Cluster node one at a time. Even though a user must deploy event-profiles separately on each SRX Chassis Cluster node, the expected approach is to use the same event-profile on each SRX Chassis Cluster node.


Dynamic Hardware Reconfiguration

The following sections describe the impact of various hardware reconfiguration scenarios on the installation of AI-Scripts. For any hardware reconfiguration scenario, if there is any question regarding the status of AI-Scripts bundle installation on any RE of any SRX Chassis Cluster Platform node, use the “show version” CLI command to verify the AI-scripts bundle is installed on all primary and backup REs on all nodes of an SRX Chassis Cluster Platform. For example:

{primary:node0}
user@user> show version
node0:
--------------------------------------------------------------------------
Hostname: user
Model: srx3400
JUNOS Software Release [12.1I20140716_x_12q1_srx.0-659335]
JUNOS AIS Script Suite [4.0R2.1] <<<<<

node1:
--------------------------------------------------------------------------
Hostname: user
Model: srx3400
JUNOS Software Release [12.1I20140716_x_12q1_srx.0-659335]
JUNOS AIS Script Suite [4.0R2.1] <<<<<
...

RE Removal/Addition

If an SRX Chassis Cluster node primary RE is removed or replaced, Junos Space will automatically re-adjust the SRX Chassis Cluster platform chassis node inventory during the periodic re-sync operation. If a primary RE is replaced, AI-Scripts installation will not occur automatically. AI-Scripts will have to be installed on the new RE if they have not been installed already on that RE.


Redundancy

RE Redundancy

There is no RE redundancy within a node in an SRX Chassis Cluster. While the SRX5000-Series platforms can have secondary REs installed, they can be used for backup functionality only when the chassis is in standalone mode. In cluster mode, the secondary RE only manages the control link and is not a backup device.

Node Redundancy

SRX Chassis Cluster platforms provide Primary to Secondary node redundancy for the Primary node RE. If a Primary node primary RE goes down, the Secondary node will likely generate an alert that will appear in the Service Now Service Central Incident Manager regarding the loss of the primary node.


JMBs

AI-Scripts create JMBs (Juniper Message Bundles) to record information at the instant of an Event, when requested (On-Demand), or periodically for trend data capture. The format of JMBs and associated data, collected as JMB attachments, has changed significantly in AI-Scripts release 4.0+. The following sections describe this new format and behavior.

Event JMBs (and attachments)

In an SRX Chassis Cluster platform, an Event JMB can be created both on the node on which the Event originates as well as on the node that has primary control-plane responsibility for the entire cluster.

Event JMBs generated on each SRX Chassis Cluster node primarily contain information about that node. Some of the troubleshooting data generated by Event JMBs, such as the output of “request support information (RSI)” will contain some information about the other node. See the section, “RSI Collection”, below for more details on the information collected by the RSI command. Event JMBs that occur on each SRX Chassis Cluster node are sent directly to Service Now from each node.

Event JMBs will contain some very basic information about the chassis node and the detected event. In addition, AI-Scripts will generate a set of attachment files that can be used to diagnose and debug problems with the associated event. One of these attachments, the Event Support Information file, contains event-related and platform-specific data. The collection and handling of other event attachments files is described in the later sections, Log File Collection, RSI Collection, and Core File Collection.

Informational JMBs (and attachments)

Informational JMBs are executed once a week on each node of an SRX Chassis Cluster system. This type of JMB will contain some data and information from the entire system. Specifically, the type of data collected is as follows:


On-Demand requests

On-Demand requests (JMBs) can be executed on each node of an SRX Chassis Cluster system. Since both nodes of an SRX Chassis Cluster have data-plane responsibility, it may be necessary to execute an On-Demand request for both the Primary control-plan Chassis Cluster node as well as from the Secondary node in order to capture all of the necessary troubleshooting information. This type of JMB will contain data and information primarily from the specific node of the SRX Chassis Cluster. Specifically, the type of data collected is as follows:

On Box On-Demand

  1. Chassis and software data collected are from the primary RE of the specific node of the SRX Chassis Cluster.
  2. Log files contain information specific to the requested node.
  3. Trend data contains information specific to the requested node.

Off Box On-Demand

  1. Chassis and software data collected are from the primary RE of the specific node of the SRX Chassis Cluster.
  2. Log files are not collected in current version.
  3. Trend data contains information specific to the requested node.

On Box Informational JMB

  1. Chassis and software data collected are from the primary RE of the specific node of the SRX Chassis Cluster.
  2. Log files are not collected at this time.
  3. Trend data contains information specific to the requested node.

Off Box Informational JMB

  1. Chassis and software data collected are from the primary RE of the specific node of the SRX Chassis Cluster.
  2. Log files are not collected at this time.
  3. Trend data contains information specific to the requested node.


Log Collection

When an Event JMB or On-Demand JMB is created on the primary RE of an SRX Chassis Cluster node, AI-Scripts checks the amount of disk space available in the /var directory on BOTH Chassis Cluster nodes, and if sufficient, will generate a compressed tar file of the /var/log/ directory. Otherwise, if not enough space is available on both cluster nodes for a tar file of the /var/log directory, the files in that directory will be listed in the JMB, so that Service Now can retrieve them directly.

Service Now will depict the files in the /var/log directory in the same manner as they were retrieved from the SRX Chassis Cluster node. If a tar file was retrieved, the /var/log files will be shown as a single .tgz file. If there was insufficient disk space available on both cluster nodes for generating a compressed tar file of the /var/log directory, individual log files will be retrieved, and Service Now will list each individual log file as an attachment in the incident record in Service Central Incident Manager. Should users see these individual log files associated with an SRX Chassis Cluster incident alert, they should consider managing the disk space on both SRX Chassis Cluster node REs.


RSI Collection

Service Now can only retrieve core files if they have occurred on the primary RE of the SRX Chassis Cluster node that generated the JMB. Service Now does not currently have a mechanism for retrieving files directly from the primary RE of the other SRX Chassis Cluster node. In order to retrieve core files from the primary RE of the other SRX Chassis Cluster node, users will have to directly connect to that RE and manually retrieve those files.


Core File Collection

As with any other dual-RE or multi-chassis platform, Service Now can only retrieve core files if they have occurred on the primary RE. In the case of TX Platform, Service Now can only retrieve core files if they have occurred on the primary RE of the SCC/SFC node. Service Now does not currently have a mechanism for retrieving files directly from the other REs. In order to retrieve core files from the SCC/SFC backup RE or from any RE on LCCs, users will have to directly connect to those REs and manually retrieve those files.


Additional Information

For additional information the SRX Chassis Cluster platforms, refer to the following links:

Technical Documentation:
http://kb.juniper.net/InfoCenter/index?page=answers&type=search&searchid=1397149629591&question_box=SRX+Cluster&cntnt=Technical_Documentation


Technical Notes
:
http://kb.juniper.net/InfoCenter/index?page=answers&type=search&searchid=1397149629591&question_box=SRX+Cluster&cntnt=Technotes



For additional Service Automation User Guide Addenda, refer to the primary list:

Service Automation User Guide Addenda - primary List:
http://kb.juniper.net/KB29188

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Source:
JTAC
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search