experiments/clixon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Removed old yangs, updated ietf-list-pagination.yang

Browse source
This commit is contained in:
Olof hagsand 2025-03-16 17:20:53 +01:00
parent 74c8244c66
commit f17da6ff83
5 changed files with 4 additions and 2295 deletions
Download patch file Download diff file Expand all files Collapse all files

1441
yang/clixon/clixon-config@2024-08-01.yang
View file

File diff suppressed because it is too large Load diff

523
yang/clixon/clixon-lib@2024-04-01.yang
View file

@ -1,523 +0,0 @@
module clixon-lib {
yang-version 1.1;
namespace "http://clicon.org/lib";
prefix cl;
import ietf-yang-types {
prefix yang;
}
import ietf-netconf-monitoring {
prefix ncm;
}
import ietf-yang-metadata {
prefix "md";
}
organization
"Clicon / Clixon";
contact
"Olof Hagsand <olof@hagsand.se>";
description
"***** BEGIN LICENSE BLOCK *****
Copyright (C) 2009-2019 Olof Hagsand
Copyright (C) 2020-2022 Olof Hagsand and Rubicon Communications, LLC(Netgate)
This file is part of CLIXON
Licensed under the Apache License, Version 2.0 (the \"License\");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an \"AS IS\" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Alternatively, the contents of this file may be used under the terms of
the GNU General Public License Version 3 or later (the \"GPL\"),
in which case the provisions of the GPL are applicable instead
of those above. If you wish to allow use of your version of this file only
under the terms of the GPL, and not to allow others to
use your version of this file under the terms of Apache License version 2,
indicate your decision by deleting the provisions above and replace them with
the notice and other provisions required by the GPL. If you do not delete
the provisions above, a recipient may use your version of this file under
the terms of any one of the Apache License version 2 or the GPL.
***** END LICENSE BLOCK *****
Clixon Netconf extensions for communication between clients and backend.
This scheme adds:
- Added values of RFC6022 transport identityref
- RPCs for debug, stats and process-control
- Informal description of attributes
Clixon also extends NETCONF for internal use with some internal attributes. These
are not visible for external usage bit belongs to the namespace of this YANG.
The internal attributes are:
- content (also RESTCONF)
- depth (also RESTCONF)
- username
- autocommit
- copystartup
- transport (see RFC6022)
- source-host (see RFC6022)
- objectcreate
- objectexisted
- link # For split multiple XML files
";
revision 2024-04-01 {
description
"Added: debug bits type
Added: xmldb-split extension
Added: Default format
Released in Clixon 7.1";
}
revision 2024-01-01 {
description
"Removed container creators from 6.5
Released in 7.0";
}
revision 2023-11-01 {
description
"Added ignore-compare extension
Added creator meta configuration
Removed obsolete extension autocli-op
Released in 6.5.0";
}
revision 2023-05-01 {
description
"Restructured and extended stats rpc to schema mountpoints
Moved datastore-format typedef from clixon-config
";
}
revision 2023-03-01 {
description
"Added creator meta-object";
}
revision 2022-12-01 {
description
"Added values of RFC6022 transport identityref
Added description of internal netconf attributes";
}
revision 2021-12-05 {
description
"Obsoleted: extension autocli-op";
}
revision 2021-11-11 {
description
"Changed: RPC stats extended with YANG stats";
}
revision 2021-03-08 {
description
"Changed: RPC process-control output to choice dependent on operation";
}
revision 2020-12-30 {
description
"Changed: RPC process-control output parameter status to pid";
}
revision 2020-12-08 {
description
"Added: autocli-op extension.
rpc process-control for process/daemon management
Released in clixon 4.9";
}
revision 2020-04-23 {
description
"Added: stats RPC for clixon XML and memory statistics.
Added: restart-plugin RPC for restarting individual plugins without restarting backend.";
}
revision 2019-08-13 {
description
"No changes (reverted change)";
}
revision 2019-06-05 {
description
"ping rpc added for liveness";
}
revision 2019-01-02 {
description
"Released in Clixon 3.9";
}
typedef service-operation {
type enumeration {
enum start {
description
"Start if not already running";
}
enum stop {
description
"Stop if running";
}
enum restart {
description
"Stop if running, then start";
}
enum status {
description
"Check status";
}
}
description
"Common operations that can be performed on a service";
}
typedef datastore_format{
description
"Datastore format (only xml and json implemented in actual data.";
type enumeration{
enum xml{
description
"Save and load xmldb as XML
More specifically, such a file looks like: <config>...</config> provided
DATASTORE_TOP_SYMBOL is 'config'";
}
enum json{
description "Save and load xmldb as JSON";
}
enum text{
description "'Curly' C-like text format";
}
enum cli{
description "CLI format";
}
enum default{
description "Default format";
}
}
}
typedef clixon_debug_t {
description
"Debug flags.
Flags are seperated into subject areas and detail
Can also be given directly as -D <flag> to clixon commands
Note there are also constants in the code that need to be in sync with these values";
type bits {
/* Subjects: */
bit default {
description "Default logs";
position 0;
}
bit msg {
description "In/out messages";
position 1;
}
bit init {
description "Initialization";
position 2;
}
bit xml {
description "XML processing";
position 3;
}
bit xpath {
description "XPath processing";
position 4;
}
bit yang {
description "YANG processing";
position 5;
}
bit backend {
description "Backend-specific";
position 6;
}
bit cli {
description "CLI frontend";
position 7;
}
bit netconf {
description "NETCONF frontend";
position 8;
}
bit restconf {
description "RESTCONF frontend";
position 9;
}
bit snmp {
description "SNMP frontend";
position 10;
}
bit nacm {
description "NACM processing";
position 11;
}
bit proc {
description "Process handling";
position 12;
}
bit datastore {
description "Datastore xmldb management";
position 13;
}
bit event {
description "Event processing";
position 14;
}
bit rpc {
description "RPC handling";
position 15;
}
bit stream {
description "Notification streams";
position 16;
}
bit parse {
description "Parser: XML,YANG, etc";
position 17;
}
bit app {
description "External applications";
position 20;
}
bit app2 {
description "External application";
position 21;
}
bit app3 {
description "External application 2";
position 22;
}
/* Detail level: */
bit detail {
description "Details: traces, parse trees, etc";
position 24;
}
bit detail2 {
description "Extra details";
position 25;
}
bit detail3 {
description "Probably more detail than you want";
position 26;
}
}
}
identity snmp {
description
"SNMP";
base ncm:transport;
}
identity netconf {
description
"Just NETCONF without specific underlying transport,
Clixon uses stdio for its netconf client and therefore does not know whether it is
invoked in a script, by a NETCONF/SSH subsystem, etc";
base ncm:transport;
}
identity restconf {
description
"RESTCONF either as HTTP/1 or /2, TLS or not, reverse proxy (eg fcgi/nginx) or native";
base ncm:transport;
}
identity cli {
description
"A CLI session";
base ncm:transport;
}
extension ignore-compare {
description
"The object should be ignored when comparing device configs for equality.
The object should never be added, modified, or deleted on target.
Essentially a read-only object
One example is auto-created objects by the controller, such as uid.";
}
extension xmldb-split {
description
"When split configuration stores are used, ie CLICON_XMLDB_MULTI is set,
This extension marks where in the configuration tree, one file terminates
and a new sub-file is written.
A designer adds the 'xmldb-split' extension to a YANG node which should be split.
For example, a split could be made at mountpoints.
See also the 'link 'attribute.
";
}
md:annotation creator {
type string;
description
"This annotation contains the name of a creator of an object.
One application is the clixon controller where multiple services can
create the same object. When such a service is deleted (or changed) one needs to keep
track of which service created what.
Limitations: only objects that are actually added or deleted.
A sub-object will not be noted";
}
rpc debug {
description
"Set debug flags of backend.
Note only numerical values";
input {
leaf level {
type uint32;
}
}
}
rpc ping {
description "Check aliveness of backend daemon.";
}
rpc stats { /* Could be moved to state */
description "Clixon yang and datastore statistics.";
input {
leaf modules {
description "If enabled include per-module statistics";
type boolean;
mandatory false;
}
}
output {
container global{
description
"Clixon global statistics.
These are global counters incremented by new() and decreased by free() calls.
This number is higher than the sum of all datastore/module residing objects, since
objects may be used for other purposes than datastore/modules";
leaf xmlnr{
description
"Number of existing XML objects: number of residing xml/json objects
in the internal 'cxobj' representation.";
type uint64;
}
leaf yangnr{
description
"Number of resident YANG objects. ";
type uint64;
}
}
container datastores{
list datastore{
description "Per datastore statistics for cxobj";
key "name";
leaf name{
description "Name of datastore (eg running).";
type string;
}
leaf nr{
description "Number of XML objects. That is number of residing xml/json objects
in the internal 'cxobj' representation.";
type uint64;
}
leaf size{
description "Size in bytes of internal datastore cache of datastore tree.";
type uint64;
}
}
}
container module-sets{
list module-set{
description "Statistics per domain, eg top-level and mount-points";
key "name";
leaf name{
description "Name of YANG domain.";
type string;
}
leaf nr{
description
"Total number of YANG objects in set";
type uint64;
}
leaf size{
description
"Total size in bytes of internal YANG object representation for module set";
type uint64;
}
list module{
description "Statistics per module (if modules set in input)";
key "name";
leaf name{
description "Name of YANG module.";
type string;
}
leaf nr{
description
"Number of YANG objects. That is number of residing YANG objects";
type uint64;
}
leaf size{
description
"Size in bytes of internal YANG object representation.";
type uint64;
}
}
}
}
}
}
rpc restart-plugin {
description "Restart specific backend plugins.";
input {
leaf-list plugin {
description "Name of plugin to restart";
type string;
}
}
}
rpc process-control {
description
"Control a specific process or daemon: start/stop, etc.
This is for direct managing of a process by the backend.
Alternatively one can manage a daemon via systemd, containerd, kubernetes, etc.";
input {
leaf name {
description "Name of process";
type string;
mandatory true;
}
leaf operation {
type service-operation;
mandatory true;
description
"One of the strings 'start', 'stop', 'restart', or 'status'.";
}
}
output {
choice result {
case status {
description
"Output from status rpc";
leaf active {
description
"True if process is running, false if not.
More specifically, there is a process-id and it exists (in Linux: kill(pid,0).
Note that this is actual state and status is administrative state,
which means that changing the administrative state, eg stopped->running
may not immediately switch active to true.";
type boolean;
}
leaf description {
type string;
description "Description of process. This is a static string";
}
leaf command {
type string;
description "Start command with arguments";
}
leaf status {
description
"Administrative status (except on external kill where it enters stopped
directly from running):
stopped: pid=0, No process running
running: pid set, Process started and believed to be running
exiting: pid set, Process is killed by parent but not waited for";
type string;
}
leaf starttime {
description "Time of starting process UTC";
type yang:date-and-time;
}
leaf pid {
description "Process-id of main running process (if active)";
type uint32;
}
}
case other {
description
"Output from start/stop/restart rpc";
leaf ok {
type empty;
}
}
}
}
}
}

327
yang/clixon/clixon-restconf@2022-08-01.yang
View file

@ -1,327 +0,0 @@
module clixon-restconf {
yang-version 1.1;
namespace "http://clicon.org/restconf";
prefix "clrc";
import ietf-inet-types {
prefix inet;
}
organization
"Clixon";
contact
"Olof Hagsand <olof@hagsand.se>";
description
"This YANG module provides a data-model for the Clixon RESTCONF daemon.
There is also clixon-config also including some restconf options.
The separation is not always logical but there are some reasons for the split:
1. Some data (ie 'socket') is structurally complex and cannot be expressed as a
simple option
2. clixon-restconf is defined as a macro/grouping and can be included in
other YANGs. In particular, it can be used inside a datastore, which
is not possible for clixon-config.
3. Related to (2), options that should not be settable in a datastore should be
in clixon-config
Some of this spec if in-lined from ietf-restconf-server@2022-05-24.yang
";
revision 2022-08-01 {
description
"Added socket/call-home container
Released in Clixon 5.9";
}
revision 2022-03-21 {
description
"Added feature:
http-data - Limited static http server
Released in Clixon 5.7";
}
revision 2021-05-20 {
description
"Added log-destination for restconf
Released in Clixon 5.2";
}
revision 2021-03-15 {
description
"make authentication-type none a feature
Added flag to enable core dumps
Released in Clixon 5.1";
}
revision 2020-12-30 {
description
"Added: debug field
Added 'none' as default value for auth-type
Changed http-auth-type enum from 'password' to 'user'";
}
revision 2020-10-30 {
description
"Initial release";
}
feature fcgi {
description
"This feature indicates that the restconf server supports the fast-cgi reverse
proxy solution.
That is, a reverse proxy is the HTTP front-end and the restconf daemon listens
to a fcgi socket.
The alternative is the internal native HTTP solution.";
}
feature allow-auth-none {
description
"This feature allows the use of authentication-type none.";
}
feature http-data {
description
"This feature allows for a very limited static http-data function as
addition to RESTCONF.
It is limited to:
1. path: Local static files within WWW_DATA_ROOT
2. operation GET, HEAD, OPTIONS
3. query parameters not supported
4. indata should be NULL (no write operations)
5. Limited media: text/html, JavaScript, image, and css
6. Authentication as restconf
7. HTTP/1+2, TLS as restconf";
}
typedef http-auth-type {
type enumeration {
enum none {
if-feature "allow-auth-none";
description
"Incoming message are set to authenticated by default. No ca-auth callback is called,
Authenticated user is set to special user 'none'.
Typically assumes NACM is not enabled.";
}
enum client-certificate {
description
"TLS client certificate validation is made on each incoming message. If it passes
the authenticated user is extracted from the SSL_CN parameter
The ca-auth callback can be used to revise this behavior.";
}
enum user {
description
"User-defined authentication as defined by the ca-auth callback.
One example is some form of password authentication, such as basic auth.";
}
}
description
"Enumeration of HTTP authorization types.";
}
typedef log-destination {
type enumeration {
enum syslog {
description
"Log to syslog with:
ident: clixon_restconf and PID
facility: LOG_USER";
}
enum file {
description
"Log to generated file at /var/log/clixon_restconf.log";
}
}
}
grouping clixon-restconf{
description
"HTTP RESTCONF configuration.";
leaf enable {
type boolean;
default "false";
description
"Enables RESTCONF functionality.
Note that starting/stopping of a restconf daemon is different from it being
enabled or not.
For example, if the restconf daemon is under systemd management, the restconf
daemon will only start if enable=true.";
}
leaf enable-http-data {
type boolean;
default "false";
if-feature "http-data";
description
"Enables Limited static http-data functionality.
enable must be true for this option to be meaningful.";
}
leaf auth-type {
type http-auth-type;
description
"The authentication type.
Note client-certificate applies only if ssl-enable is true and socket has ssl";
default user;
}
leaf debug {
description
"Set debug level of restconf daemon.
0 is no debug, 1 is debugging, more is detailed debug.
Debug logs will be directed to log-destination with LOG_DEBUG level (for syslog)";
type uint32;
default 0;
}
leaf log-destination {
description
"Log destination.
If debug is not set, only notice, error and warning will be logged";
type log-destination;
default syslog;
}
leaf enable-core-dump {
description
"enable core dumps.
this is a no-op on systems that don't support it.";
type boolean;
default false;
}
leaf pretty {
type boolean;
default true;
description
"Restconf return value pretty print.
Restconf clients may add HTTP header:
Accept: application/yang-data+json, or
Accept: application/yang-data+xml
to get return value in XML or JSON.
RFC 8040 examples print XML and JSON in pretty-printed form.
Setting this value to false makes restconf return not pretty-printed
which may be desirable for performance or tests
This replaces the CLICON_RESTCONF_PRETTY option in clixon-config.yang";
}
/* From this point only specific options
* First fcgi-specific options
*/
leaf fcgi-socket {
if-feature fcgi; /* Set by default by fcgi clixon_restconf daemon */
type string;
default "/www-data/fastcgi_restconf.sock";
description
"Path to FastCGI unix socket. Should be specified in webserver
Eg in nginx: fastcgi_pass unix:/www-data/clicon_restconf.sock
Only if with-restconf=fcgi, NOT native
This replaces CLICON_RESTCONF_PATH option in clixon-config.yang";
}
/* Second, local native options */
leaf server-cert-path {
type string;
description
"Path to server certificate file.
Note only applies if socket has ssl enabled";
}
leaf server-key-path {
type string;
description
"Path to server key file
Note only applies if socket has ssl enabled";
}
leaf server-ca-cert-path {
type string;
description
"Path to server CA cert file
Note only applies if socket has ssl enabled";
}
list socket {
description
"List of server sockets that the restconf daemon listens to.
Not fcgi";
key "namespace address port";
leaf namespace {
type string;
description
"Network namespace.
On platforms where namespaces are not suppported, 'default'
Default value can be changed by RESTCONF_NETNS_DEFAULT";
}
leaf address {
type inet:ip-address;
description "IP address to bind to";
}
leaf port {
type inet:port-number;
description "TCP port to bind to";
}
leaf description{
type string;
}
leaf ssl {
type boolean;
default true;
description "Enable for HTTPS otherwise HTTP protocol";
}
/* Some of this in-lined from ietf-restconf-server@2022-05-24.yang */
container call-home {
presence
"Identifies that the server has been configured to initiate
call home connections.
If set, address/port refers to destination.";
description
"See RFC 8071 NETCONF Call Home and RESTCONF Call Home";
container connection-type {
description
"Indicates the RESTCONF server's preference for how the
RESTCONF connection is maintained.";
choice connection-type {
mandatory true;
description
"Selects between available connection types.";
case persistent-connection {
container persistent {
presence
"Indicates that a persistent connection is to be
maintained.";
}
}
case periodic-connection {
container periodic {
presence
"Indicates periodic connects";
leaf period {
type uint32; /* XXX: note uit16 in std */
units "seconds"; /* XXX: note minutes in draft */
default "3600"; /* XXX: same: 60min in draft */
description
"Duration of time between periodic connections.";
}
leaf idle-timeout {
type uint16;
units "seconds";
default "120"; // two minutes
description
"Specifies the maximum number of seconds that
the underlying TCP session may remain idle.
A TCP session will be dropped if it is idle
for an interval longer than this number of
seconds. If set to zero, then the server
will never drop a session because it is idle.";
}
}
}
}
}
container reconnect-strategy {
leaf max-attempts {
type uint8 {
range "1..max";
}
default "3";
description
"Specifies the number times the RESTCONF server tries
to connect to a specific endpoint before moving on to
the next endpoint in the list (round robin).";
}
}
}
}
}
container restconf {
description
"This presence is strictly not necessary since the enable flag
in clixon-restconf is the flag bearing the actual semantics.
However, removing the presence leads to default config in all
clixon installations, even those which do not use backend-started restconf.
One could see this as mostly cosmetically annoying.
Alternative would be to make the inclusion of this yang conditional.";
presence "Enables RESTCONF";
uses clixon-restconf;
}
}

2
yang/mandatory/ietf-list-pagination-nc@2024-07-08.yang → yang/mandatory/ietf-list-pagination-nc@2024-10-21.yang
View file

@ -54,7 +54,7 @@ module ietf-list-pagination-nc {
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
revision 2024-07-08 {
revision 2024-10-21 {
description
"Initial revision.";
reference

6
yang/mandatory/ietf-list-pagination@2024-07-08.yang → yang/mandatory/ietf-list-pagination@2024-10-21.yang
View file

@ -9,7 +9,6 @@ module ietf-list-pagination {
reference
"RFC 8342: Network Management Datastore Architecture (NMDA)";
}
import ietf-yang-types {
prefix yang;
reference
@ -21,6 +20,7 @@ module ietf-list-pagination {
reference
"RFC 7952: Defining and Using Metadata with YANG";
}
import ietf-system-capabilities {
prefix sysc;
reference
@ -63,14 +63,13 @@ module ietf-list-pagination {
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
revision 2024-07-08 {
revision 2024-10-21 {
description
"Initial revision.";
reference
"RFC XXXX: List Pagination for YANG-driven Protocols";
}
// Annotations
md:annotation remaining {
@ -343,6 +342,7 @@ module ietf-list-pagination {
}
// Protocol-accessible nodes
augment
"/sysc:system-capabilities/sysc:datastore-capabilities"
+ "/sysc:per-node-capabilities" {