There are already CLI commands which are running, when I run the same commands as rpc call in netconf, I am getting empty data. Any idea?
admin@pod-cfgmgr-b96468b7f-d5bcm 10:02:44# show rib-mgr v1 l3am resource-blocks
{
“Source-PPEID”:“ppe-5dc79bdb84-6tfkt”
}
We will need more information to be able to help. The basic parity between CLI commands and NETCONF exists such as:
admin@Scotts-MacBook-Pro-2% show interfaces
interface 4 {
desc eth1;
}
[ok][2024-07-19 07:59:39]
and
(venv) netconf-console -u admin --get-config -x /interfaces
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">
<data>
<interfaces xmlns="http://tail-f.com/ns/test/notif">
<interface>
<if-index>4</if-index>
<desc>eth1</desc>
</interface>
</interfaces>
</data>
</rpc-reply>
What netconf command, with the path, did you use?
Hi @sbarvick,
Below is the netconf command I used:
<?xml version="1.0" encoding="utf-8"?>
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get>
<filter type="subtree">
<ribmgr xmlns="http://affirmednetworks.com/ns/yang/ribmgr/v1">
<l3am>
<resource-blocks/>
</l3am>
</ribmgr>
</filter>
</get>
</rpc>
]]>]]
Do I have to configure anything extra for netconf commands to work?
You definitely have to enable netconf in your confd.conf but you probably would have received a connection error and not empty data if netconf was not listening on your system.
At first glance, you may be missing the ‘v1’ in the path in your filter spec, but the way to debug is often to start very general to make sure all of the networking and services are working. e.g. start with
<?xml version="1.0" encoding="utf-8"?>
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get>
<filter type="subtree">
<ribmgr xmlns="http://affirmednetworks.com/ns/yang/ribmgr/v1">
</ribmgr>
</filter>
</get>
</rpc>
]]>]]
and make sure you get all of the data and then incrementally add more specific path elements to get to what you want.
Another thing to do would be to
show rib-mgr v1 l3am resource-blocks | display xml
to see the XML structure that will get you to the resource-blocks.
also please note, that in CLI you can have commands (not sure if this is your case or not) that are NOT implemented by YANG data model, and thus will not work/map using a NETCONF GET request…
CLIs are implemented using python script, and I noticed a yang file related to this module.
module ribmgr
{
namespace "http://affirmednetworks.com/ns/yang/ribmgr";
prefix RIB;
import tailf-common
{
prefix tailf;
}
import ietf-inet-types
{
prefix inet;
}
organization "Affirmed Networks";
description
"The module for RibMgr.";
revision 2019-05-25 {
description "CNA RIB MGR Service 1.1.5";
}
// Top-level container for RIB Service
container ribmgr
{
tailf:info "RIB Mgr Service configuration";
} // ribmgr
} // module ribmgr
@josephm , @sbarvick
Does this mean that all the CLIs implemented in python, I should have separate .yang files defined for it, to retrieve data from netconf.
I suggest starting with the YANG that stores the data, perhaps the one you have shared. You should be able to access the data through NETCONF as illustrated in this ticket. Then, you have any other CLI commands you might have implemented. They are all just different views of the core data that is represented by the YANG.
Hi @sbarvick, I have tried the netconf command suggested by you to retrive data at high level, but even this command is giving empty data
<?xml version="1.0" encoding="utf-8"?>
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get>
<filter type="subtree">
<ribmgr xmlns="http://affirmednetworks.com/ns/yang/ribmgr/v1">
</ribmgr>
</filter>
</get>
</rpc>
]]>]]<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101"><data></data></rpc-reply>]]>]]>
And what do you get when you just do this?
I am not able to login, is there any other way we can check?
You must install the python ssh implementation paramiko in order to use ssh.
netconf-console is a good debugging tool so I suggest that you get it working as the next step. There are a number of resources in this forum to help you get started. E.g. Error using netconf-console or netconf-console-tcp.
plus to clarify, the netconf-console can be used from different machine of course if you cannot login/install on the target ConfD device… (--host, --port settings…)
Thanks @josephm , that helped and below is the response I got for the command @sbarvick provided.
rsaranya@dev-rsaranya:~$ ./netconf-console --host <ip> --port 22 -u admin --get-config -x /ribmgr
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">
<data/>
</rpc-reply>
It now seems pretty clear that there must be some difference between the model the CLI command retrieves from (BTW, which is ‘rib-mgr’ and is different from ‘ribmgr’ of your container). So, I think we don’t have all the information so you need to look at what part of the tree your CLI command accesses and use netconf-console and different paths to see how to get the same data.
Thanks @sbarvick for pointing out, I will modify rib-mgr to ribmgr and check. But there is another component where in the naming is same, but for that also I am not able to retrieve the data.
Yang model:
module dataplane-agent
{
namespace "http://affirmednetworks.com/ns/yang/dataplane-agent";
prefix DPA;
import tailf-common
{
prefix tailf;
}
import ietf-inet-types
{
prefix inet;
}
organization "Affirmed Networks";
description
"The module for Dataplane-agent.";
revision 2019-05-25 {
description "CNA Dataplane Agent Service 1.1.1";
}
// Top-level container for DPA Service
container dataplane-agent
{
tailf:info "Dataplane Agent Service configuration";
} // dataplane-agent
} // module dataplane-agent
CLI:
show dataplane-agent v1 bfd-sessions
{
"Source-PPEID":"ppe-5dc79bdb84-6tfkt"
}
Using netconf:
./netconf-console --host <ip> --port 22 -u admin --get -x /dataplane-agent
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">
<data/>
</rpc-reply>
It is probably the same root cause as for ribmgr. You should probably look at the audit.log and devel.log to perhaps see what it is trying to access and why it may not be getting something back.
@sbarvick , @josephm
I have found the root cause why I am not able to fetch this “get” data. All the operational commands were implemented using just python CLI and no where related to yang. I am only able to retrieve config related data using netconf-console.
Is there anyway now I can integrate this python CLI with netconf without making any changes to existing yang? If you have this info on this, can you please share as reference.
Thanks.
If you are fully implementing in python, there are plenty of options to call into ConfD to access the YANG-modeled data. The python API is very easy to use and is nicely documented.