Common system operations for the netconfd-pro server. Copyright (c) 2013 - 2024 YumaWorks, Inc. All rights reserved. Redistrib...
Version: 2024-05-25
module yumaworks-system { yang-version 1; namespace "http://yumaworks.com/ns/yumaworks-system"; prefix ysys; import ietf-netconf { prefix nc; } import ietf-netconf-acm { prefix nacm; } import ietf-netconf-monitoring { prefix ncm; } import ietf-yang-types { prefix yang; } import yuma-app-common { prefix yumaapp; } import yuma-ncx { prefix ncx; } import yuma-types { prefix nt; } import yumaworks-app-common { prefix ywapp; } import yumaworks-restconf { prefix rc; } import yumaworks-types { prefix ywt; } organization "YumaWorks, Inc."; contact "Support <support at yumaworks.com>"; description "Common system operations for the netconfd-pro server. Copyright (c) 2013 - 2024 YumaWorks, Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the BSD 3-Clause License http://opensource.org/licenses/BSD-3-Clause"; revision "2024-05-25" { description "Add protocol-control operation"; } revision "2022-03-08" { description "Add get-server-version operation"; } revision "2022-01-27" { description "Deprecate <conformance> and <module-type> leafs."; } revision "2021-08-24" { description "Add <get-ha-status> operation."; } revision "2021-05-29" { description "Add <refresh-backup-dir> operation."; } revision "2020-10-30" { description "Add log-stream parameter to the set-log-level operation"; } revision "2020-03-06" { description "Change backup file name to use NcxFileName type."; } revision "2019-01-22" { description "Move <replay-config> to yumaworks-internal module."; } revision "2018-04-24" { description "Add module-tag parameter to NACM."; } revision "2018-04-14" { description "Add module-tag parameter to get and get-config. Add get-module-tags RPC operation. Add copy of set-log-level RPC operation from yuma-system."; } revision "2017-12-22" { description "Copy load rpc into this module so yuma-system can be removed."; } revision "2017-10-06" { description "Add save-config parameter to the load and load-bundle operations. Add delete-config parameter to the unload and unload-bundle operations."; } revision "2016-08-24" { description "Add unload-bundle operation."; } revision "2016-04-27" { description "Add deviation parameter to load-bundle input params."; } revision "2015-09-26" { description "Add depth parameter to get, get-config, and copy-config operations."; } revision "2014-10-16" { description "Add with-owners parameter to get, get-config, and copy-config operations."; } revision "2014-05-27" { description "Add overwrite parameter to backup operation."; } revision "2014-01-09" { description "Add load-bundle operation."; } revision "2013-11-13" { description "Add replay-config internal operation. Add module-type leaf to netconf-state schema list"; } revision "2013-09-19" { description "Add comment parameter to commit operation."; } revision "2013-08-30" { description "Add unload operation."; } revision "2013-07-16" { description "Add cancel-subscription operation."; } revision "2013-01-06" { description "Initial version."; } rpc backup { nacm:default-deny-all; description "Backup the current running configuration to a file on the device."; input { ncx:default-parm "filename"; leaf filename { type ywt:NcxFileName; mandatory true; description "File name for the backup. A simple identifier name is expected with no directory specifications or file extensions added. (e.g., 'backup1')."; } leaf overwrite { type boolean; default 'false'; description "If 'true' then allow an existing backup with the same 'filename' value to be overwritten. If 'false' then return an error if the file already exists."; } } } // rpc backup rpc delete-backup { nacm:default-deny-all; description "Delete the specified backup file on the device."; input { ncx:default-parm "filename"; leaf filename { type ywt:NcxFileName; mandatory true; description "File name to delete"; } } } // rpc delete-backup rpc restore { nacm:default-deny-all; description "Restore a saved configuration on the device to the running configuration."; input { ncx:default-parm "filename"; leaf filename { type ywt:NcxFileName; mandatory true; description "File name for the restore. A simple identifier name is expected with no directory specifications or file extensions added. (e.g., 'backup1')."; } } } // rpc restore rpc cancel-subscription { description "Cancel a notification subscription for the session, if this session has an active subscription. If not, just return OK."; } // rpc cancel-subscription rpc unload { nacm:default-deny-all; description "Unload a module from the server. Remove the associated server instrumentation library (SIL). Remove any data nodes in the system from the module. Remove the module from the server capabilities and NETCONF monitoring data. Remove the module namespace from the system. Note: this operation does not remove the --module parameter from the server configuration file if it exists. The following conditions must be true for the unload to be attempted by the server: * The module is allowed to be unloaded. It is data-model and vendor specific whether a module can be removed at run-time. * There are no dependencies on the module being removed. No modules that import this module are also loaded. * The module was loaded into the server, either via the <load> operation or the --module configuration parameter. * No datastores are currently locked. The server will attempt to lock all datastores on behalf of the client for the entire unload operation. * The candidate datastore does not contain any edits that have not been committed. * No confirmed-commit operation is in progress. If all these conditions are met then the server will attempt to unload the specified module. The unload operation can fail for various reasons: * The client does not have write privileges for all data being deleted. This includes any top-level data nodes and any nested augment nodes in other modules. * The deletion of one or more nodes would cause the running datastore to fail any YANG validation tests in RFC 6020, sec. 8.3.3. * Server resource errors occur "; input { ncx:default-parm "module"; leaf module { type nt:NcxName; mandatory true; description "The name of the module to unload."; } leaf delete-config { type boolean; default "false"; description "If 'true' then delete the module or bundle load configuration in the --confdir directory, if the unload or unload-bundle operation is completed without errors. Ignored if the --no-config CLI parameter is used or the --confdir CLI parameter is not specified and no default configuration directory is found. A configuration file is deleted in this directory with the name <module-name>.conf."; } } } // rpc unload rpc load-bundle { nacm:default-deny-all; description "Load a SIL bundle into the server, if it is not already loaded."; input { ncx:default-parm "bundle"; leaf bundle { type nt:NcxName; mandatory true; description "Name of the SIL bundle to load."; } leaf-list deviation { type yt:NcModuleSpec; description "YANG deviation file. This parameter identifies a YANG module that should only be checked for deviation statements for external modules. These will be collected and applied to the real module(s) being processed. Deviations are applied as patches to the target module. Since they are not identified in the target module at all (ala imports), they have to be specified explicitly, so they will be correctly processed. If this string represents a filespec, ending with the '.yang' or '.yin' extension, then only that file location will be checked. If this string represents a module name, then the module search path will be checked for a file with the module name and the '.yang' or '.yin' extension. If this string begins with a '~' character, then a username is expected to follow or a directory separator character. If it begins with a '$' character, then an environment variable name is expected to follow. ~/some/path ==> <my-home-dir>/some/path ~fred/some/path ==> <fred-home-dir>/some/path $workdir/some/path ==> <workdir-env-var>/some/path "; } leaf save-config { type boolean; default "false"; description "If 'true' then save the module or bundle load configuration in the --confdir directory, if the load or load-bundle operation is completed without errors. Ignored if the --no-config CLI parameter is used or the --confdir CLI parameter is not specified and no default configuration directory is found. A configuration file is created or replaced in this directory with the name <module-name>.conf."; } } } // rpc load-bundle rpc unload-bundle { nacm:default-deny-all; description "Unload a SIL bundle from the server, if it is loaded."; input { ncx:default-parm "bundle"; leaf bundle { type nt:NcxName; mandatory true; description "Name of the SIL bundle to unload."; } leaf delete-config { type boolean; default "false"; description "If 'true' then delete the module or bundle load configuration in the --confdir directory, if the unload or unload-bundle operation is completed without errors. Ignored if the --no-config CLI parameter is used or the --confdir CLI parameter is not specified and no default configuration directory is found. A configuration file is deleted in this directory with the name <module-name>.conf."; } } } // rpc unload-bundle rpc load { nacm:default-deny-all; description "Load a module into the server, if it is not already loaded. Returns the module revision date (or today's date if none), of the module that was loaded, or an error if not found or the module found had errors and was not loaded successfully. If the module is already loaded, then the revision date will simply be returned."; input { ncx:default-parm "module"; leaf module { type nt:NcxName; mandatory true; description "Name of the module to load."; } leaf revision { type nt:Date; description "Module revision to load."; } leaf-list deviation { type yt:NcModuleSpec; description "YANG deviation file. This parameter identifies a YANG module that should only be checked for deviation statements for external modules. These will be collected and applied to the real module(s) being processed. Deviations are applied as patches to the target module. Since they are not identified in the target module at all (ala imports), they have to be specified explicitly, so they will be correctly processed. If this string represents a filespec, ending with the '.yang' or '.yin' extension, then only that file location will be checked. If this string represents a module name, then the module search path will be checked for a file with the module name and the '.yang' or '.yin' extension. If this string begins with a '~' character, then a username is expected to follow or a directory separator character. If it begins with a '$' character, then an environment variable name is expected to follow. ~/some/path ==> <my-home-dir>/some/path ~fred/some/path ==> <fred-home-dir>/some/path $workdir/some/path ==> <workdir-env-var>/some/path "; } leaf save-config { type boolean; default "false"; description "If 'true' then save the module or bundle load configuration in the --confdir directory, if the load or load-bundle operation is completed without errors. Ignored if the --no-config CLI parameter is used or the --confdir CLI parameter is not specified and no default configuration directory is found. A configuration file is created or replaced in this directory with the name <module-name>.conf."; } } output { leaf mod-revision { type nt:Date; description "Revision date of the module in use by the server. Will only be present if the module has a version"; } } } // rpc load rpc get-module-tags { description "Get the list of configured module-tags. The --module-tagmap parameter is used to configure a module-tag."; output { list module-tag { key "tag"; leaf tag { type string; description "The module-tag value"; } leaf-list module { type string; description "A module-name mapped to this module-tag"; } } // list module-tag } } // rpc get-module-tags rpc set-log-level { nacm:default-deny-all; description "Sets the server log verbosity level. Copied from deprecated yuma-system.yang/"; input { ncx:default-parm "log-level"; leaf log-level { type nt:NcDebugType; mandatory true; description "The desired verbosity level for system logging messages generated by the server. The current value can be obtained by retrieving the /system/sysLogLevel object."; } leaf log-stream { type enumeration { enum "main" { value 0; description "The main logging stream is used, associated with the --log parameter file, or direct output to STDOUT or STDERR, or the vendor-specific output if the --log-vendor parameter is used. The --log-level parameter value for the next reboot is not affected by this operation."; } enum "audit" { value 1; description "The audit logging stream associated with the --audit-log parameter, or the default audit log, which is only created if --fileloc-fhs=true is used. The --audit-log-level parameter value for the next reboot is not affected by this operation. Audit logging is only done when the audit-log-level is greater or equal to the current log-level."; } enum "syslog" { value 2; description "The syslog logging stream associated with the --log-syslog parameter is used. The --log-syslog-level parameter value for the next reboot is not affected by this operation."; } } default 'main'; description "The desired logging stream to use when changing the log level."; } } } // rpc set-log-level rpc refresh-backup-dir { nacm:default-deny-all; description "Refresh the /netconf-state/backup-files subtree. This operation allows the backup file directory contents to be altered at run-time outside the control of the server. The 'backup-file' list entries within the 'backup-files' container will be refreshed."; } // rpc refresh-backup-dir rpc get-ha-status { nacm:default-deny-all; description "Get the YP-HA status information for this server."; output { container ha-status { leaf ha-built { type boolean; description "Set to true if the WITH_YP_HA=1 parameter used to build the server code. Set to false otherwise. If false then no other parameters are actually active. Only the HA related CLI parameter values will be reported. This must be set to 'true' for a working YP-HA configuration."; } leaf ha-role-state { type HaRoleState; description "Set to the current YP-HA role state enumeration. A 'correct' value depends on the configuration and the timing of the request returning the status. A stable YP-HA system will have one server with the ha-role-state value of 'active' and one or more servers with the value 'standby'."; } leaf ha-role-state-time { type yang:date-and-time; description "The timestamp when the ha-role-state object last changed value."; } leaf ha-enabled { type boolean; description "Set to the value of the --ha-enabled parameter. This must be set to 'true' for a working YP-HA configuration."; } leaf ha-sil-standby { type boolean; description "Set to the value of the --ha-sil-standby parameter. Either value can be used without affect on a working YP-HA configuration."; } leaf-list ha-server { type string; description "Set to the value of a --ha-server parameter. There will be one entry for each instance of the ha-server leaf-list, or no nodes present if there are none. There must be at least two entries for a working YP-HA configuration."; } leaf ha-server-key { type string; description "Set to the value of the --ha-server-key parameter. This node will not be present unless this parameter is set. This parameter must be set. A working YP-HA configuration requires this parameter to be set to the same value for all servers in the same HA pool."; } leaf ha-initial-active { type string; description "Set to the value of the --ha-initial-active parameter. This leaf will not be present unless it is set. This parameter is not required for a working YP-HA configuration. It will impact YP-HA behavior if it is present. In normal operation it should not be used."; } leaf socket-type { type enumeration { enum "aflocal" { value 0; description "An AF_LOCAL socket will be used for incoming sessions."; } enum "tcp" { value 1; description "An AF_INET socket will be used for incoming sessions."; } } description "Specifies the --socket-type parameter. This parameter must be set to 'tcp' in a working YP-HA configuration."; } leaf socket-address { when "../socket-type = 'tcp'"; type inet:ip-address; description "Specifies the --socket-address parameter. This leaf is only relevant if the socket-type is set to 'tcp'. The value must match the address field in the ha-server entry for this server, or be set to the default '0.0.0.0'. The parameter actually means all IP addresses, not just IPv4 addresses. Examples: # if socket-address present it must match the ha-server # for this server ha-server ha1@192.168.0.20:8989 ha-server ha2@192.168.0.40 socket-type tcp socket-address 192.168.0.20 socket-port 8989 # socket-address not present is OK ha-server ha1@192.168.0.20 socket-type tcp socket-port 8088 "; } leaf socket-port { when "../socket-type = 'tcp'"; type inet:port-number; description "Specifies the --socket-port parameter. This leaf is only relevant if the socket-type is set to 'tcp'. The value must match the port field in the ha-server entry for this server. If that is not present then this leaf must be set to 8088 (the default) for a working YP-HA configuration. Examples: # if port in the ha-server then socket-port must match ha-server ha1@192.168.0.20:8989 ha-server ha2@192.168.0.40 socket-address 192.168.0.20 socket-type tcp socket-port 8989 # port must be 8088 if default used in ha-server ha-server ha1@192.168.0.20 socket-type tcp socket-port 8088 "; } leaf server-id { type yt:NcxName; description "The --server-id parameter. The default is 'server1' if this parameter is not set. This parameter must match the ha-server entry name for the server in a working YP-HA configuration. Example: # this ha-server is ha1 ha-server ha1@192.168.0.20:8989 ha-server ha2@192.168.0.40 server-id ha1 "; } leaf config-id { type uint64; description "The config-id ETag of the running datastore that is the current ID for YP-HA purposes. This leaf will only be present if the ha-role-state leaf is 'active' or 'standby'. This leaf should get updated to match the config-id of the <running> datastore if the configuration changes on the active HA server. It should be present on a working YP-HA configuration that has finished its initialization phase."; } leaf config-stamp { type yang:date-and-time; description "The config-id Last-Modified timestamp value for the running datastore for YP-HA purposes. This leaf is only present if the ha-role-state is set to 'active'. It is not maintained on a standby server. This leaf should get updated to match the last-modified attribute of the <running> datastore if the configuration changes on the active HA server. It should be present on a working YP-HA configuration that has finished its initialization phase."; } leaf config-updates { type yang:counter64; description "Number of config updates that this server has successfully processed since the current role (active or standby) was set. Each time the server resets or changes HA roles this counter will be reset."; } leaf config-failures { type yang:counter64; description "Number of config updates that this server has unsuccessfully processed since the current role (active or standby) was set. Each time the server resets or changes HA roles this counter will be reset."; } leaf active-server { type yt:NcxName; description "If this server is using the HA standby role, then the HA active server will be identified by this object."; } leaf last-error-time { type yang:date-and-time; description "The timestamp when the last error happened. For HA-Active servers, this object represents the time of the last config replication error, if any. This object is not cleared if a subsequent config update is successful. For HA-Standby servers, this object represents the time of the last failure to connect to the HA Active server. This only applies to the case where the server is reachable, but it is not the HA Active server, or not ready to accept datastore replication requests. If the HA Active server is unreachable then the YControl layer will attempt reconnections. These reconnections will not affect this timestamp. This object is cleared if the HA Standby role is established successfully. It is only present if errors have occurred on this HA server. Replication errors are not reported."; } leaf last-error-msg { type string; description "The error message for the last HA error code. For HA-Active servers, this object represents the error string of the last config replication error, if any. This object is not cleared if a subsequent config update is successful. For HA-Standby servers, this object represents the error string of the last failure to connect to the HA Active server. This only applies to the case where the server is reachable, but it is not the HA Active server, or not ready to accept datastore replication requests. This object is cleared if the HA Standby role is established successfully. It is only present if errors have occurred on this HA server. Replication errors are not reported."; } } // container ha-status } } // rpc get-ha-status rpc get-server-version { description "Get the server version string and build date. This information is provided in an RPC operation instead of the <operational> datadtore so it is available even if the datastores are not ready to use."; output { leaf version { type string; description "The version string returned by the ncx_get_version API"; } leaf build-date { type string; description "The build-date string returned by the ncx_get_build_date API"; } } } // rpc get-server-version rpc protocol-control { nacm:default-deny-all; description "Enable or disable new sessions for the specified protocol. Affects new sessions not any sessions in progress. Affects only the current state. CLI parameter values will be used after a reboot."; input { leaf action { type enumeration { enum "enable" { value 0; description "Enable sessions for this protocol"; } enum "disable" { value 1; description "Disable sessions for this protocol"; } enum "status" { value 2; description "Get the status of the protocol. Return the status. - ok if protocol is enabled - operation-failed if protocol is not enabled "; } } mandatory true; } leaf protocol { type string; mandatory true; description "Protocol to use for the protocol action. Strings allowed match the bit names in the --disabled-protocols CLI parameter. Values: - netconf - restconf - cli - gnmi - grpc "; } } } // rpc protocol-control } // module yumaworks-system
© 2023 YumaWorks, Inc. All rights reserved.