Juniper Apstra Server Software User Guide

Step 1: Begin

In this guide, we provide a simple, three-step path, to quickly get you up and running with Juniper Apstra. We’ll show you how to install and configure software release 6.0.0 onto a VMware ESXi hypervisor. From the GUI, we’ll walk through the elements used to create a new user with administrator privileges. Depending on the complexity of your design, other tasks might be required in addition to the ones included in this workflow.

Meet Juniper Apstra

Juniper Apstra automates and validates your data center network’s design, deployment, and operations. After specifying outcomes, Apstra sets up the network, ensures security, alerts you to anomalies, and manages changes. The software supports various vendors and topologies. Apstra offers design templates for repeatable blueprints. It uses advanced IBA to continuously validate the network, eliminating complexity, vulnerabilities, and outages.

Get Ready

The software comes pre-installed on a single virtual machine (VM).
For information about supported hypervisors, see Supported Hypervisors and Versions.
You’ll need a server that meets the following specifications:

Table 1: Server Specifications

For more information about Apstra server VM resource requirements, see Required Server Resources.

Install Apstra Server

These instructions are for installing the software on an ESXi hypervisor. For information about installing the software on other hypervisors, see Install Apstra on KVM, Install Apstra on Hyper-V, or Install Apstra on Virtual Box .

You’ll first download the VM image file and then deploy it on the VM.

1. As a registered support user, download the latest OVA Apstra VM image from Juniper Support Downloads.
2. Log in to vCenter, right-click your target deployment environment, then click Deploy OVF Template.
   
3. Specify the URL or local file location for the downloaded OVA file, then click Next.
   
4. Specify a unique name and target location for the VM, then click Next.
   
5. Select your destination compute resource, then click Next.
   
6. Review template details, then click Next.
7. Select storage for the files, then click Next. We recommend thick provisioning for the server.
   
8. Map the Apstra Management network to reach the virtual networks managed by the Apstra server, then click Next.
   
9. Review your specifications, then click Finish.

Configure Apstra Server

1. Log in to the Apstra server with the default credentials (user: admin, password: admin) either from the web console or via SSH (ssh admin@<apstra-server-ip> where <apstra-server-ip> is the IP address of the Apstra server.) You must change the default password before you can proceed.
   
2. Enter a password that meets the following complexity requirements, then enter it again:
   • Must contain at least 14 characters
   • Must contain an uppercase letter
   • Must contain a lowercase letter
   • Must contain a digit
   • Must contain a special character
   • Must NOT be the same as the username
   • Must NOT contain a repeat of the same character
   • Must NOT contain consecutive sequential characters
   • Must NOT use adjacent keys on the keyboard
3. When you’ve successfully changed the server password a dialog opens prompting you to set the Apstra GUI password.
   
   You won’t be able to access the GUI until you set this password. Select Yes and enter a password that meets the following complexity requirements, then enter it again:
   • Must contain at least 9 characters
   • Must contain an uppercase letter
   • Must contain a lowercase letter
   • Must contain a digit
   • Must contain a special character
   • Must NOT be the same as the username
   • Must NOT contain a repeat of the same character
   • Must NOT contain consecutive sequential characters
   • Must NOT use adjacent keys on the keyboard
4. A dialog appears stating “Success! The UI password is changed.” Select OK.
   The configuration tool menu appears
   
   You changed the local and GUI credentials, so no further management is needed.
   The network is configured to use DHCP by default. To assign static IP addresses instead, select Network, change it to Manual, and provide the following:
   • (Static Management) IP address in CIDR format with netmask (for example, 192.168.0.10/24)
   • Gateway IP address
   • Primary DNS
   • Secondary DNS (optional)
   • Domain
5. Apstra service is stopped by default. To start and stop Apstra service, select AOS service and select Start or Stop, as appropriate. Starting service from this configuration tool invokes /etc/init.d/aos, which is the equivalent of running the command service aos start.
6. You can add a Software Support Reference Number (SSRN) to the GUI. Select Set SSRN, enter the SSRN number you received when you purchased your license, and click Ok.
   NOTE: This step is optional. Setting an SSRN is not required, but may speed up support times. The SSRN number is saved in Apstra ShowTech, and lets JTAC Support know you have a valid Apstra license.
   
7. To exit the configuration tool and return to the CLI, select Cancel from the main menu. (To open this tool again in the future, run the command aos_config.)
   You’re ready to Replace the SSL Certificate on Apstra server with a signed one.
   CAUTION: We recommend that you back up the Apstra server on a regular basis (since HA is not available). For backup details, see the Apstra Server Management section of the Juniper Apstra User Guide.

Step 2: Up and Running

Access the GUI

1. From the latest web browser version of Google Chrome or Mozilla FireFox, enter the URL https://<server_ip> where <server_ip> is the IP address of the server (or a DNS name that resolves to the IP address of the server).
2. If a security warning appears, click Advanced and Proceed to the site. The warning occurs because the SSL certificate that was generated during installation is self-signed. We recommend that you replace the SSL certificate with a signed one.
3. From the log in page, enter the username and password. The username is admin. The password is the secure password that you created when configuring the server. The main GUI screen appears.
   

Design Your Network

The design process is highly intuitive because you base your design on physical building blocks such as ports, devices, and racks. When you create these building blocks and specify what ports are used, Apstra has all the information it needs to come up with a reference design for your fabric. Once your design elements, devices and resources are ready, you can start staging your network in a blueprint.

Design Elements

First, you design your fabric using generic building blocks that don’t have site-specific details or site-specific hardware. The output becomes a template that you use later in the build stage to create blueprints for all your data center locations. You’ll use different design elements to build your network in a blueprint. Keep reading to learn about these elements

Logical Devices

Logical devices abstract physical devices, allowing you to map ports, speed, and roles without vendor-specific information. This helps you plan your network based on device capabilities alone before selecting hardware vendors and models. You can use logical devices in interface maps, rack types, and rack-based templates.

You have access to many predefined logical devices. You’ll find them in the Design (global) catalog. From the left menu, navigate to Design > Logical Devices, then check the table for ones that meet your requirements.

Interface Maps

Interface maps link logical devices to device profiles, which detail hardware model characteristics. Before checking the Design catalog for interface maps, know which models you’ll use. You assign interface maps when you build your network in the blueprint.

You have access to many predefined logical devices. You’ll find them in the Design (global) catalog. From the left menu, navigate to Design > Interface Maps, then check the table for ones that meet your requirements.

Rack Types

Rack types are logical representations of physical racks. They define the type and number of leafs, access switches and/or generic systems (unmanaged systems) in racks. Rack types don’t specify vendors, so you can design your racks before selecting hardware.

You have access to many predefined rack types. You’ll find them in the Design (global) catalog. From the left menu, navigate to Design > Rack Types, then check the table for ones that meet your requirements.

Templates

Templates specify a network’s policy and structure. Policies can include ASN allocation schemes for spines, overlay control protocol, spine-to-leaf link underlay type and other details. The structure includes rack types, spine details and more.

You have access to many predefined templates. You’ll find them in the Design (global) catalog. From the left menu, navigate to Design > Templates, then check the table for ones that meet your requirements.

Install Device System Agents

Device system agents manage devices in the software environment. They manage configuration, device-to-server communication, and telemetry collection. For our example, we’ll use Juniper Junos devices with off-box agents.

1. Before creating the agent, install the following minimum required configuration on the Juniper Junos devices:
   
   
2. From the left navigation menu in the GUI, navigate to Devices > Managed Devices and click Create Offbox Agent(s).
   
   
3. Configure the OffBox System Agent(s) parameters:
   
   
   a. Enter the device management IP addresses.
   b. Select Junos from the platform drop-down list.
   c. Enter a username and password.
   d. Click Create to create the agent and return to the managed devices summary view.
   
4. Select the check boxes for the devices, then click the Acknowledge selected systems button (first one on the left).
   
5. Click Confirm. The fields in the Acknowledged column change to green check marks indicating that those devices are now under Apstra management. You’ll assign them to your blueprint later.

Create Resource Pools

You can create resource pools, then when you’re staging your blueprint and you’re ready to assign resources, you can specify which pool to use. Apstra will pull resources from the selected pool. You can create resource pools for ASNs, IPv4, IPv6 and VNIs. We’ll show you the steps for creating IP pools. The steps for the other resource types are similar.

1. From the left navigation menu, navigate to Resources > IP Pools and click Create IP Pool.
   
2. Enter a name and valid subnet. To add another subnet, click Add a Subnet and enter the subnet.
3. Click Create to create the resource pool and return to the summary view.

Build Your Network

When you’ve got your design elements, devices and resources ready, you can start staging your network in a blueprint. Let’s create one now.

Create a Blueprint

1. From the left navigation menu, click Blueprints, then click Create Blueprint.
   
2. Type a name for the blueprint.
3. Select Datacenter reference design.
4. Select a template type (all, rack-based, pod-based, collapsed).
5. Select a template from the Template drop-down list. A preview shows the template parameters, a topology preview, network structure, logical structure, and policies.
6. Click Create to create the blueprint and return to the blueprint summary view. The summary view shows the overall status and health of your network.
   
   When you meet all the requirements for building the network, the build errors are resolved and you can deploy the network. We’ll start by assigning resources.

Assign Resources

1. From the blueprint summary view, click the blueprint name to go to the blueprint dashboard. After you deploy your blueprint, this dashboard will show details about the status and health of your networks.
2. From the top navigation menu of the blueprint, click Staged. This is where you’ll build your network. The Physical view appears by default, and the Resources tab in the Build panel is selected. Red status indicators mean that you need to assign resources.
3. Click one of the red status indicators, then click the Update assignments button.
   
4. Select a resource pool that you created earlier, then click the Save button. The required number of resources are automatically assigned to the resource group from the selected pool.
   When the red status indicator turns green, the resources are assigned. Changes to the staged blueprint are not pushed to the fabric until you commit your changes. We’ll do that when we’re done building the network.
5. Continue assigning resources until all status indicators are green.

Assign Interface Maps

Now it’s time to specify the characteristics for each of your nodes in the topology. You’ll assign the actual devices in the next section.

1. In the Build panel, click the Device Profiles tab.
   
2. Click a red status indicator, then click the Change interface maps assignments button (looks like an edit button).
3. Select the appropriate interface map for each node from the drop-down list, then click Update Assignments. When the red status indicator turns green, the interface maps have been assigned.
4. Continue assigning interface maps until all the required status indicators are green.

Assign Devices

1. In the Build panel, click the Devicestab.
   
2. Click the status indicator for Assigned System IDs (if the nodes list is not already displayed). Unassigned devices are indicated in yellow.
3. Click the Change System IDs assignments button (below Assigned System IDs) and, for each node, select system IDs (serial numbers) from the drop-down list.
4. Click Update Assignments. When the red status indicator turns green, system IDs have been assigned.

Cable Up Devices

1. Click Links (towards the left of the screen) to go to the cabling map.
   
2. Check the calculated cabling map and cable up the physical devices according to the map. If you have a set of pre-cabled switches, ensure that you have configured interface maps according to the actual cabling so that calculated cabling matches the actual cabling.

Deploy the Network

When you’ve assigned everything that needs to be assigned and the blueprint is error-free, all status indicators are green. Let’s deploy the blueprint to push the configuration to the assigned devices.

1. From the top navigation menu, click Uncommitted to review staged changes. To see details of changes, click one of the names in the table.
   
2. Click Commit to go to the dialog box where you can add a description and commit changes.
3. Add a description. When you need to roll back a blueprint to a previous revision, this description is the only information available regarding what has changed.
4. Click Commit to push the staged changes to the active blueprint and create a revision.
   Congratulations! Your physical network is up and running.

Step 3: Keep Going

Congratulations! You’ve designed, built, and deployed your physical network with Apstra software. Here are some things you can do next:

What’s Next?

https://www.juniper.net/documentation/us/en/software/apstra6.0/apstra-install-upgrade/shared-content/apstra-server-replace-ssl-cert-with-signed.html
https://www.juniper.net/documentation/us/en/software/apstra6.0/apstra-user-guide/topics/concept/user-role-management.html
https://www.juniper.net/documentation/us/en/software/apstra6.0/apstra-user-guide/topics/topic-map/virtual-network-create.html
https://www.juniper.net/documentation/us/en/software/apstra6.0/apstra-user-guide/topics/concept/telemetry-services.html
https://www.juniper.net/documentation/us/en/software/apstra6.0/apstra-user-guide/topics/topic-map/guide-iba-apstra-cli.html

General Information

https://www.juniper.net/documentation/product/us/en/apstra/
https://supportportal.juniper.net/s/article/Juniper-Apstra-Software-Release-Notification-for-Juniper-Apstra-Version-6-0-0?language=en_US

Learn With Videos

Our video library continues to grow! We’ve created many videos that demonstrate how to do everything from install your hardware to configure advanced network features. Here are some great video and training resources that will help you expand your knowledge of Apstra and other Juniper products.

https://www.youtube.com/watch?v=gYp43Nw1NPQ&list=PLGvolzhkU_gThTmukHWAP3UJ7oG0lhLA7
https://www.youtube.com/playlist?list=PLGvolzhkU_gSFwUW8HuTSNB2HweVcSne8
https://www.youtube.com/user/JuniperNetworks/playlists
https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=11478

Juniper Networks, the Juniper Networks logo, Juniper, and Junos are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Copyright © 2025 Juniper Networks, Inc. All rights reserved. Rev. 1.0, July 2021.

Documents / Resources

Juniper Apstra Server Software [pdf] User Guide Apstra Server Software, Server Software, Software

References

• User Manual