Netconf client CLI tool and interactive console
A console application for interacting with NETCONF servers built on top of ncclient.
This application runs both in Python 2 and Python 3 environments. The
only package required for running this application is ncclient
; if
this is installed, all other necessary packages are installed as
dependencies. This means that if you can (successfully) run something
like pip install ncclient
on the target platform, all requirements
should be met.
If you cannot, there still is a chance you can run it if the target platform
supports at least packages six
and lxml
, which are commonly present;
and if it contains paramiko
or at least cryptography
, you will be able
to use SSH (without them you can only use plain and nonstandard TCP
transport). The missing piece, ncclient
, can be cloned and compiled to a "Python Wheel" -
you can do this on any computer and copy the resulting .whl
file to the
target platform, it should work there. Pretty much the same holds for
paramiko
. You may also want to create a wheel for the application itself by
running python setup.py bdist_wheel
.
If you can and want to install the application and all necessary
libraries, just run python setup.py install
. Otherwise prepare all
necessary .whl files and the script netconf-console
to the target
platform. If they are in the same directory, nothing else is needed,
otherwise you may need to add the wheel files to PYTHONPATH
before
running the script.
Once installed or copied, you can just run the script with appropriate options - see below.
The application can be run in two different modes: command-line mode and
interactive (console) mode. The command-line mode allows you to request
several RPC operations in one shell command. The command line would
contain the operation command options (--get
, --lock
, etc.) in
the desired order, all common options (such as --host
, --port
etc.) as well as command options (--db
, --style
); the command
options are all used for the commands that accept them, so for example
no two commands can address different datastores.
An example of such command line:
# netconf-console --host=example.com --db candidate --lock --edit-config=fragment1.xml \ --rpc=commit-confirmed.xml --unlock --sleep 5 --rpc=confirm.xml
The interactive mode is started by --interactive
(or -i
). During
an interactive session the user issues commands, one per line, with
required arguments or options. The options are isolated now, so it is
possible to have two commands in one session accessing different
datastores. The interactive console provides limited support for
tab-completion of commands, options, and their arguments.
The previous example can look like this:
# netconf-console --host=example.com -i netconf> lock netconf> edit-config fragment1.xml --db candidate netconf> rpc commit-confirmed.xml netconf> unlock netconf> get-config netconf> rpc confirm.xml netconf>
Note: some commands (rpc
, edit-config
and others) may accept
data from standard input in the command-line mode; this does not work in
the interactive mode.
Some capabilities of the interactive mode can be used in command-line
mode too using --expr
pseudo-command: the argument is a command
(including options) as if it was added in the interactive mode, such as
# netconf-console --expr 'get-config --db candidate' 'get-config'
A command may accept an argument and a number of options. In command-line mode, all option values are shared (see above); conversely, in interactive mode the option needs to be provided for every command where its desired value differs from the default. If a command does not accept given option, it is a syntax error to provide it in interactive mode (in command-line mode such situations are ignored).
hello
hello
message and display the reply. Does
not accept any arguments or options.get
get
RPC. Accepts options outputStyle
, with-defaults
,
xpath
. As an alternative to xpath
, get
accepts path as an
argument.get-config
get-config
RPC. Accepts the same set of options as get
plus db
.set
edit-config
with single leaf assignment. Requires the assignment
in the form <path>=<value>
as an argument, accepts db
, test
,
and operation
. The path may contain (or actually needs to contain, in
case it descends into a list instance) simple predicates in the form
node[key1=value1][key2=value2]...
.delete
edit-config
with a single node to be deleted. The node is
determined by the path provided as an argument, see set
for the path
format. Accepts db
, test
, and del-operation
options.create
edit-config
with a single node to be created. The node is
determined by the path provided as an argument, see set
for the path
format.kill-session
kill-session
RPC. Requires session identifier as an
argument, accepts no options.discard-changes
discard-changes
RPC. Accepts no arguments or options.lock
lock
RPC towards the datastore indicated by db
option.unlock
unlock
RPC, counterpart of lock
.commit
commit
request. Accepts optional confirmed
as an
argument and option timeout
.validate
validate
RPC. Accepts one argument, which can be either the
literal candidate
(to validate the contents of the candidate
datastore) or a filename pointing to a file with full configuration
to be validated; defaults to -
, standard input.copy-running-to-startup
copy-config
RPC with running
datastore as the source
and startup
datastore as target. Accepts no arguments or
options.copy-config
copy-config
RPC. Accepts a filename for the source
configuration as a argument (defaults to -
), and the db
option for the target datastore.edit-config
edit-config
RPC. Accepts the same set of arguments and
options as copy-config
.get-schema
get-schema
RPC. Requires schema identifier as an argument.create-subscription
create-subscription
RPC. Requires notification stream
identifier as an argument. The notifications received from the
server are displayed on standard output while the session is active
- i.e. makes sense either in an interactive mode or in command-line
mode with the command sleep
.rpc
-
as default) as
an argument; the file contents is sent to the server enveloped in
the rpc
element.sleep
As a backward-compatibility option, it is possible to provide a filename (or
-
for standard input) containing all messages that are supposed to be sent
to the server, separated by the NETCONF transport v1.0 message separator. This
option cannot be used with any other command. Note that RPC message-id is not
preserved.
There are two sets of options: global options and command options. Global options affect overall behavior of the tool and can be provided in the shell command line (i.e. not to individual commands in the interactive mode). Command options affect individual commands and in interactive mode they need to be provided per command.
help
host
port
user
admin
).password
admin
). If the option is provided without a value, the password
is read from the terminal.privKeyFile
raw
tcp
dry
As written above, local (or command) options are meaningful only for certain command.
outputStyle
plain
(do no pretty-printing) and noaaa
(remove the aaa
subtree from the reply from get
or get-config
requests).db
running
.timeout
with-defaults
explicit
,
trim
, report-all
, report-all-tagged
.xpath
ns
xpath
option uses
namespace prefixes.test
test-only
,
test-then-set
and set
.operation
nc:operation
. Useful with the set
operation, can be merge
(the default), replace
, create
.del-operation
nc:operation
when used with the delete
operation, can be remove
(the default) or delete
.