Juniper vSRX virtualized firewall is identified with
vr-juniper_vsrx kind in the topology file. It is built using vrnetlab project and essentially is a Qemu VM packaged in a docker container format.
Managing vr-vsrx nodes#
Containers with vSRX inside will take ~7min to fully boot.
You can monitor the progress with
docker logs -f <container-name>.
Juniper vSRX node launched with containerlab can be managed via the following interfaces:
Default user credentials:
eth0- management interface (fxp0) connected to the containerlab management network
eth1+- second and subsequent data interface
When containerlab launches vr-vsrx node, it will assign IPv4/6 address to the
eth0 interface. These addresses are used to reach the management plane of the router.
eth1+ need to be configured with IP addressing manually using CLI/management protocols.
Features and options#
vr-vsrx nodes come up with a basic configuration where only the control plane and line cards are provisioned and the
admin user with the provided password.
It is possible to make vSRX nodes boot up with a user-defined startup-config instead of a built-in one. With a
startup-config property of the node/kind user sets the path to the config file that will be mounted to a container and used as a startup-config:
With this knob, containerlab is instructed to take a file
myconfig.txt from the directory that hosts the topology file and copy it to the lab directory for that specific node under the
/config/startup-config.cfg name. Then the directory that hosts the startup-config dir is mounted to the container. This will result in this config being applied at startup by the node.
Configuration is applied after the node is started. Thus it can contain partial configuration snippets that you desire to add on top of the default config that a node boots up with.