This repository has been archived by the owner on Oct 11, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 20
Healthbot NETCONF and YANG
Khelil Sator edited this page Feb 11, 2019
·
16 revisions
This is currently not supported. So, FYI only:
Healthbot uses MGD (management daemon) and a NETCONF server.
Its data model is defined with YANG files.
In the below demo we will invoke the NETCONF service, and we will add new devices to Healthbot using NETCONF.
Notes:
- As covered in the 'Healthbot CLI' wiki page:
- To get the configuration from postgres (to load the healthbot configuration from postgres to MGD) you need to use the operational command 'request iceberg load'
- Committing the configuration into MGD does not store the config in postgres. you need to run the operational command 'request iceberg deploy' to read the configuration from mgd and commit it to postgres (i.e to deploy the change from mgd to heathbot)
- NETCONF is currently not exposed outside Healthbot. I am invoking the NETCONF service from inside Healthbot.
- So this section is currently useless but still interesting.
- This demo has been created using a healthbot beta code.
ssh to healthbot and run these commands to connect to the mgd container:
$ docker ps | grep mgd
$ docker exec -it <container_id> bash
Example with container_id ab8f3f81af52
$ docker exec -it ab8f3f81af52 bash
The YANG files are located in the jfit directory of the MGD container:
root@ab8f3f81af52:/# ls jfit/*.yang
run this command on the MGD container to start cli
root@ab8f3f81af52:/# cli
run the command netconf.
Once the NetConf session is open, the NetConf server advertises its capabilities.
The NetConf server has the candidate capability, confirmed-commit capability, validate capability ...
They are defined in the RFC 6241.
root@ab8f3f81af52> netconf
<!-- No zombies were killed during the creation of this user interface -->
<!-- user root, class (root) -->
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
<capability>urn:ietf:params:netconf:capability:candidate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:confirmed-commit:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file</capability>
<capability>urn:ietf:params:xml:ns:netconf:base:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:candidate:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:confirmed-commit:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:validate:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:url:1.0?protocol=http,ftp,file</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring</capability>
<capability>http://xml.juniper.net/netconf/junos/1.0</capability>
<capability>http://xml.juniper.net/dmi/system/1.0</capability>
</capabilities>
<session-id>1491</session-id>
</hello>
]]>]]>
get the running configuration
<rpc>
<get-config>
<source>
<running/>
</source>
</get-config>
</rpc>
]]>]]>
get the candidate configuration
<rpc>
<get-config>
<source>
<candidate/>
</source>
</get-config>
</rpc>
]]>]]>
get a subset of the running configuration
<rpc>
<get-config>
<source>
<running/>
</source>
<filter type="subtree">
<configuration>
<iceberg>
<device>
</device>
</iceberg>
</configuration>
</filter>
</get-config>
</rpc>
]]>]]>
get a subset of the candidate configuration
<rpc>
<get-config>
<source>
<candidate/>
</source>
<filter type="subtree">
<configuration>
<iceberg>
<device>
</device>
</iceberg>
</configuration>
</filter>
</get-config>
</rpc>
]]>]]>
update the candidate configuration with a new device (vMX6)
<rpc>
<edit-config>
<target>
<candidate/>
</target>
<default-operation>merge</default-operation>
<config>
<configuration>
<iceberg>
<device>
<device-id>vMX6</device-id>
<host>100.123.1.5</host>
<system-id>vMX6</system-id>
<open-config>
<port>32768</port>
</open-config>
<iAgent>
<port>830</port>
</iAgent>
<authentication>
<password>
<username>jcluser</username>
<password>Juniper!1</password>
</password>
</authentication>
</device>
</iceberg>
</configuration>
</config>
</edit-config>
</rpc>
]]>]]>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/18.3I0/junos">
<ok/>
</rpc-reply>
]]>]]>
update the candidate configuration with a new device (vMX7)
<rpc>
<edit-config>
<target>
<candidate/>
</target>
<default-operation>merge</default-operation>
<config>
<configuration>
<iceberg>
<device>
<device-id>vMX7</device-id>
<host>100.123.1.6</host>
<system-id>vMX7</system-id>
<open-config>
<port>32768</port>
</open-config>
<iAgent>
<port>830</port>
</iAgent>
<authentication>
<password>
<username>jcluser</username>
<password>Juniper!1</password>
</password>
</authentication>
</device>
</iceberg>
</configuration>
</config>
</edit-config>
</rpc>
]]>]]>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/18.3I0/junos">
<ok/>
</rpc-reply>
]]>]]>
verify the new candidate configuration
<rpc>
<get-config>
<source>
<candidate/>
</source>
<filter type="subtree">
<configuration>
<iceberg>
<device>
</device>
</iceberg>
</configuration>
</filter>
</get-config>
</rpc>
]]>]]>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/18.3I0/junos">
<data>
<configuration xmlns="http://xml.juniper.net/xnm/1.1/xnm" junos:changed-seconds="1539261898" junos:changed-localtime="2018-10-11 12:44:58 UTC">
<iceberg>
<device>
<device-id>vMX6</device-id>
<host>100.123.1.5</host>
<system-id>vMX6</system-id>
<open-config>
<port>32768</port>
</open-config>
<iAgent>
<port>830</port>
</iAgent>
<authentication>
<password>
<username>jcluser</username>
<password>Juniper!1</password>
</password>
</authentication>
</device>
<device>
<device-id>vMX7</device-id>
<host>100.123.1.6</host>
<system-id>vMX7</system-id>
<open-config>
<port>32768</port>
</open-config>
<iAgent>
<port>830</port>
</iAgent>
<authentication>
<password>
<username>jcluser</username>
<password>Juniper!1</password>
</password>
</authentication>
</device>
</iceberg>
</configuration>
</data>
</rpc-reply>
]]>]]>
commit the configuration
<rpc>
<commit/>
</rpc>
]]>]]>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/18.3I0/junos">
<ok/>
</rpc-reply>
]]>]]>
Verify the new running configuration
<rpc>
<get-config>
<source>
<running/>
</source>
<filter type="subtree">
<configuration>
<iceberg>
<device>
</device>
</iceberg>
</configuration>
</filter>
</get-config>
</rpc>
]]>]]>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/18.3I0/junos">
<data>
<configuration xmlns="http://xml.juniper.net/xnm/1.1/xnm" junos:commit-seconds="1539262040" junos:commit-localtime="2018-10-11 12:47:20 UTC" junos:commit-user="root">
<iceberg>
<device>
<device-id>vMX6</device-id>
<host>100.123.1.5</host>
<system-id>vMX6</system-id>
<open-config>
<port>32768</port>
</open-config>
<iAgent>
<port>830</port>
</iAgent>
<authentication>
<password>
<username>jcluser</username>
<password>Juniper!1</password>
</password>
</authentication>
</device>
<device>
<device-id>vMX7</device-id>
<host>100.123.1.6</host>
<system-id>vMX7</system-id>
<open-config>
<port>32768</port>
</open-config>
<iAgent>
<port>830</port>
</iAgent>
<authentication>
<password>
<username>jcluser</username>
<password>Juniper!1</password>
</password>
</authentication>
</device>
</iceberg>
</configuration>
</data>
</rpc-reply>
]]>]]>
Let's gracefully close the NetConf session:
<rpc><close-session></close-session></rpc>]]>]]>