on
ConfD – making your network elements programmable
Tail-F, originally a Swedish company bought over by Cisco Systems, created a management agent software framework for network elements and applications – ConfD. If employed as a part of software – ConfD allows to be programmability an inherent part of it. This post will us a very tangible example of its power – while Linux natively doesn’t offer NETCONF to manage interfaces – with use of ConfD and special program that makes use of it – programmability is made possible.
ConfD uses, what most of up-to-speed network engineers should know, YANG – a data modeling language for NETCONF (if we treat NETCONF as a new SNMP then YANG is like SMI – “special version” of ASN.1 was for SNMP) – better description can be found here.
The way to depict what ConfD does is – let’s say if you create your own program that acts as a router and you need a CLI for e.g. show ip route and additionally you would like to have a possibility to check routes over the NETCONF then it’s going to be done automatically for you. ConfD will run as a process next to your routing process and will manage it’s configuration, offer CLI and NETCONF (also RESTCONF/SNMP/WebAPI if Premium version is used). Of course that means that a if you want to implement ConfD shall be a part of implementing your software, whole configuration, CLIs etc.
There are 2 versions of confd available – free (basic) and more capable (paid) premium – comparison can be found here.
More on how ConfD works and its composition (for example there is a database – CDB – that keeps the config) can be found on Tail-F site.
Let’s get to business, demonstration of how it can be used is based on:
- confd basic 6.3
- ydk 0.7.1 (there will be a separate post on ydk, installation, usage and what is it)
The very reason for using confd 6.3 is that newer versions i.e. 6.4 and 6.6 use YDK 1.1 for modelling and example program I wanted to test with YDK on newer confd versions uses YANG 1.1 while YDK has just partial support for it (full support is for YDK 1.0 – RFC 6020).
In order to install confd:
-
Download the 6.3 and 6.4 versions appropriate for you os from link
-
Install it:
./confd_version.installer.bin target_directory
- Source confdrc file (so as to have access to confd cli tools:
source confd_root_dir/confdrc
- Run some example intro example:
cd examples.confd/intro/example
make all
make start/cli
- access confd CLI by running confd_cli command unless you started using make cli that takes you directly to CLI
Run the example:
Example I would like to use is called linuxcfg but id doesn’t work out of the box. When both versions 6.3.and 6.4 are installed the Makefile in ipmibs directory must be overwritten in 6.3 examples folder:
cp ../confd6.4/examples.confd/linuxcfg/ipmibs/Makefile ../confd6.3/examples.confd/linuxcfg/ipmibs/Makefile
When this is done you can compile the example.
confd6.3/examples.confd/linuxcfg
cd confd6.3/examples.confd;make all;make start
ip a from linux level:
opt/tailf/confd6.3/examples.confd/linuxcfg$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:f3:03:8c brd ff:ff:ff:ff:ff:ff
inet6 fe80::bd09:f093:56ca:45e6/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 08:00:27:40:c5:87 brd ff:ff:ff:ff:ff:ff
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:a1:ce:77:87 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 52:54:00:2e:7c:67 brd ff:ff:ff:ff:ff:ff
show ip ipAddressEntry from confd level:
/opt/tailf/confd6.3/examples.confd/linuxcfg$ confd_cli
Welcome to ConfD Basic
The CLI may only be used during product development.
Commercial use of the CLI is prohibited.
You must disable the CLI in confd.conf for production.
For more information, visit http://www.tail-f.com.
connected from 127.0.0.1 using console on Ubuntu
Ubuntu# show ip ipAddressEntry
IP IP IP IP
ADDRESS ADDRESS IP IP IP IP ADDRESS ADDRESS
ADDR IF ADDRESS ADDRESS ADDRESS ADDRESS LAST STORAGE
TYPE IP ADDRESS ADDR INDEX TYPE IP ADDRESS PREFIX ORIGIN STATUS CREATED CHANGED TYPE
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ipv4 7f:00:00:01 1 unicast 1.3.6.1.2.1.4.32.1.5.1.1.4.127.0.0.0.8 manual preferred 0 0 volatile
ipv4 ac:11:00:01 4 unicast 1.3.6.1.2.1.4.32.1.5.4.1.4.172.17.0.0.16 manual preferred 0 0 volatile
ipv4 ac:11:ff:ff 4 broadcast 0.0 manual preferred 0 0 volatile
ipv4 c0:a8:7a:01 5 unicast 1.3.6.1.2.1.4.32.1.5.5.1.4.192.168.122.0.24 manual preferred 0 0 volatile
ipv4 c0:a8:7a:ff 5 broadcast 0.0 manual preferred 0 0 volatile
ipv6 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:01 1 unicast 1.3.6.1.2.1.4.32.1.5.1.2.0.128 manual preferred 0 0 volatile
ipv6 fe:80:00:00:00:00:00:00:bd:09:f0:93:56:ca:45:e6 2 unicast 1.3.6.1.2.1.4.32.1.5.2.2.0.64 linklayer preferred 0 0 permanent
Ok so maybe output is not ideal like… IP addressing in HEX.
You can also use pipes and regex to filter what you only need, you can save output, export to csv, json, curly-braces (like Juniper CLI) etc.
Ubuntu# show interfaces-state interface | include (^[0-9])\|IP\|interface
interfaces-state interface lo
IP LENGTH NETMASK ORIGIN
127.0.0.1 8 - static
IP ADDRESS ORIGIN
0.0.0.0 00:00:00:00:00:00 static
IP LENGTH ORIGIN STATUS
IP ADDRESS ORIGIN ROUTER STATE
interfaces-state interface enp0s3
IP LENGTH ORIGIN STATUS
IP ADDRESS ORIGIN ROUTER STATE
interfaces-state interface enp0s8
interfaces-state interface docker0
IP LENGTH NETMASK ORIGIN
172.17.0.1 16 - static
IP ADDRESS ORIGIN
172.17.255.255 ff:ff:ff:ff:ff:ff static
224.0.0.22 01:00:5e:00:00:16 static
224.0.0.251 01:00:5e:00:00:fb static
interfaces-state interface virbr0
IP LENGTH NETMASK ORIGIN
192.168.122.1 24 - static
IP ADDRESS ORIGIN
192.168.122.255 ff:ff:ff:ff:ff:ff static
224.0.0.22 01:00:5e:00:00:16 static
224.0.0.251 01:00:5e:00:00:fb static
interfaces-state interface virbr0-nic
From now on you are on your own….just kiddn’ in the next post I will show how to setup YDK and query linucfg over NETCONF with YANG models provided with this example. Now we have a running linuxcfg with confd that exposes NETCONF. More to follow…