Unverified Commit c0a5fbd9 authored by Pavel Spirek's avatar Pavel Spirek

Merged to master

parents c53e5227 b11dd47b
module ietf-yang-library {
namespace "urn:ietf:params:xml:ns:yang:ietf-yang-library";
prefix "yanglib";
import ietf-yang-types { prefix yang; }
import ietf-inet-types { prefix inet; }
organization
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG Web: <http://tools.ietf.org/wg/netconf/>
WG List: <mailto:netconf@ietf.org>
WG Chair: Mehmet Ersue
<mailto:mehmet.ersue@nsn.com>
WG Chair: Mahesh Jethanandani
<mailto:mjethanandani@gmail.com>
Editor: Andy Bierman
<mailto:andy@yumaworks.com>
Editor: Martin Bjorklund
<mailto:mbj@tail-f.com>
Editor: Kent Watsen
<mailto:kwatsen@juniper.net>";
description
"This module contains monitoring information about the YANG
modules and submodules that are used within a YANG-based
server.
Copyright (c) 2015 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see
the RFC itself for full legal notices.";
// RFC Ed.: replace XXXX with actual RFC number and remove this
// note.
// RFC Ed.: remove this note
// Note: extracted from draft-ietf-netconf-yang-library-00.txt
// RFC Ed.: update the date below with the date of RFC publication
// and remove this note.
revision 2015-01-30 {
description
"Initial revision.";
reference
"RFC XXXX: YANG Module Library.";
}
typedef revision-identifier {
type string {
pattern '\d{4}-\d{2}-\d{2}';
}
description
"Represents a specific date in YYYY-MM-DD format.
TBD: make pattern more precise to exclude leading zeros.";
}
grouping module {
description
"The module data structure is represented as a grouping
so it can be reused in configuration or another monitoring
data structure.";
grouping common-leafs {
description
"Common parameters for YANG modules and submodules.";
leaf name {
type yang:yang-identifier;
description "The YANG module or submodule name.";
}
leaf revision {
type union {
type revision-identifier;
type string { length 0; }
}
description
"The YANG module or submodule revision date.
An empty string is used if no revision statement
is present in the YANG module or submodule.";
}
leaf schema {
type inet:uri;
description
"Contains a URL that represents the YANG schema
resource for this module or submodule.
This leaf will only be present if there is a URL
available for retrieval of the schema for this entry.";
}
}
list module {
key "name revision";
description
"Each entry represents one module currently
supported by the server.";
uses common-leafs;
leaf namespace {
type inet:uri;
mandatory true;
description
"The XML namespace identifier for this module.";
}
leaf-list feature {
type yang:yang-identifier;
description
"List of YANG feature names from this module that are
supported by the server.";
}
leaf-list deviation {
type yang:yang-identifier;
description
"List of YANG deviation module names used by this
server to modify the conformance of the module
associated with this entry.";
}
leaf conformance {
type boolean;
mandatory true;
description
"If 'true', then the server is claiming conformance to
the YANG module identified in this entry.
If 'false', then the server is not claiming any
conformance for the YANG module identified by this
entry. The module may be needed for reusable definitions
such as extensions, features, identifies, typedefs,
or groupings.";
}
container submodules {
description
"Contains information about all the submodules used
by the parent module entry";
list submodule {
key "name revision";
description
"Each entry represents one submodule within the
parent module.";
uses common-leafs;
}
}
} // list module
} // grouping module
container modules {
config false;
description
"Contains YANG module monitoring information.";
leaf module-set-id {
type string;
description
"Contains a server-specific identifier representing
the current set of modules and submodules. The
server MUST change the value of this leaf if the
information represented by the 'module' list instances
has changed.";
}
uses module;
}
}
module ietf-yang-library {
namespace "urn:ietf:params:xml:ns:yang:ietf-yang-library";
prefix "yanglib";
import ietf-yang-types {
prefix yang;
}
import ietf-inet-types {
prefix inet;
}
organization
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG Web: <http://tools.ietf.org/wg/netconf/>
"WG Web: <https://datatracker.ietf.org/wg/netconf/>
WG List: <mailto:netconf@ietf.org>
WG Chair: Mehmet Ersue
<mailto:mehmet.ersue@nsn.com>
WG Chair: Mahesh Jethanandani
<mailto:mjethanandani@gmail.com>
Editor: Andy Bierman
<mailto:andy@yumaworks.com>
Editor: Martin Bjorklund
<mailto:mbj@tail-f.com>
Editor: Kent Watsen
<mailto:kwatsen@juniper.net>";
description
"This module contains monitoring information about the YANG
modules and submodules that are used within a YANG-based
server.
Copyright (c) 2016 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see
This version of this YANG module is part of RFC 7895; see
the RFC itself for full legal notices.";
// RFC Ed.: replace XXXX with actual RFC number and remove this
// note.
// RFC Ed.: remove this note
// Note: extracted from draft-ietf-netconf-yang-library-04.txt
// RFC Ed.: update the date below with the date of RFC publication
// and remove this note.
revision 2016-02-01 {
revision 2016-06-21 {
description
"Initial revision.";
reference
"RFC XXXX: YANG Module Library.";
"RFC 7895: YANG Module Library.";
}
/*
* Typedefs
*/
typedef revision-identifier {
type string {
pattern '\d{4}-\d{2}-\d{2}';
......@@ -75,21 +52,17 @@ module ietf-yang-library {
description
"Represents a specific date in YYYY-MM-DD format.";
}
/*
* Groupings
*/
grouping module-list {
description
"The module data structure is represented as a grouping
so it can be reused in configuration or another monitoring
data structure.";
grouping common-leafs {
description
"Common parameters for YANG modules and submodules.";
leaf name {
type yang:yang-identifier;
description
......@@ -106,31 +79,25 @@ module ietf-yang-library {
is present in the YANG module or submodule.";
}
}
grouping schema-leaf {
description
"Common schema leaf parameter for modules and submodules.";
leaf schema {
type inet:uri;
description
"Contains a URL that represents the YANG schema
resource for this module or submodule.
This leaf will only be present if there is a URL
available for retrieval of the schema for this entry.";
}
}
list module {
key "name revision";
description
"Each entry represents one module currently
supported by the server.";
"Each entry represents one revision of one module
currently supported by the server.";
uses common-leafs;
uses schema-leaf;
leaf namespace {
type inet:uri;
mandatory true;
......@@ -141,7 +108,7 @@ module ietf-yang-library {
type yang:yang-identifier;
description
"List of YANG feature names from this module that are
supported by the server, regardless whether they are
supported by the server, regardless of whether they are
defined in the module or any included submodule.";
}
list deviation {
......@@ -153,7 +120,6 @@ module ietf-yang-library {
the same module can be used for deviations for
multiple modules, so the same entry MAY appear
within multiple 'module' entries.
The deviation module MUST be present in the 'module'
list, with the same name and revision values.
The 'conformance-type' value will be 'implement' for
......@@ -168,25 +134,22 @@ module ietf-yang-library {
protocol-accessible objects defined in the YANG module
identified in this entry. This includes deviation
statements defined in the module.
For YANG version 1.1 modules, there is at most one
module entry with conformance type 'implement' for a
particular module name, since YANG 1.1 requires that
at most one revision of a module is implemented.
particular module name, since YANG 1.1 requires that,
at most, one revision of a module is implemented.
For YANG version 1 modules, there SHOULD NOT be more
than one module entry for a particular module name.";
}
enum import {
description
"Indicates that the server imports reusable definitions
from the specified revision of the module, but does
not implement any protocol accessible objects from
from the specified revision of the module but does
not implement any protocol-accessible objects from
this revision.
Multiple module entries for the same module name MAY
exist. This can occur if multiple modules import the
same module, but specify different revision-dates in
exist. This can occur if multiple modules import the
same module but specify different revision dates in
the import statements.";
}
}
......@@ -195,32 +158,23 @@ module ietf-yang-library {
"Indicates the type of conformance the server is claiming
for the YANG module identified by this entry.";
}
container submodules {
list submodule {
key "name revision";
description
"Contains information about all the submodules used
by the parent module entry";
list submodule {
key "name revision";
description
"Each entry represents one submodule within the
parent module.";
uses common-leafs;
uses schema-leaf;
}
"Each entry represents one submodule within the
parent module.";
uses common-leafs;
uses schema-leaf;
}
}
}
/*
* Operational state data nodes
*/
container modules-state {
config false;
description
"Contains YANG module monitoring information.";
leaf module-set-id {
type string;
mandatory true;
......@@ -231,14 +185,11 @@ module ietf-yang-library {
information represented by the 'module' list instances
has changed.";
}
uses module-list;
}
/*
* Notifications
*/
notification yang-library-change {
description
"Generated when the set of modules and submodules supported
......@@ -254,5 +205,4 @@ module ietf-yang-library {
the time the notification is generated.";
}
}
}
This diff is collapsed.
......@@ -51,7 +51,7 @@
},
{
"name": "ietf-yang-library",
"revision": "2016-02-01",
"revision": "2016-06-21",
"namespace": "urn:ietf:params:xml:ns:yang:ietf-yang-library",
"conformance-type": "implement"
},
......
import os
import colorlog
import getopt
import logging
import sys
import signal
from colorlog import error, info
from importlib import import_module
from . import op_handlers
from yangson.enumerations import ContentType, ValidationScope
from . import usr_op_handlers, usr_state_data_handlers
from .rest_server import RestServer
from .config import load_config, print_config
from .nacm import NacmConfig
from .config import CONFIG, load_config, print_config
from .data import JsonDatastore
from .handler_list import OP_HANDLERS
from .helpers import DataHelpers
from .handler_list import OP_HANDLERS, STATE_DATA_HANDLES, CONF_DATA_HANDLES
from .knot_api import knot_global_init, knot_connect, knot_disconnect
from .usr_conf_data_handlers import (
KnotConfServerListener,
KnotConfLogListener,
KnotConfZoneListener,
KnotConfControlListener,
KnotConfAclListener,
KnotZoneDataListener
)
def main():
# Load configuration
load_config("jetconf/config.yaml")
print_config()
# NACM init
nacm_data = JsonDatastore("./data", "./data/yang-library-data.json", "NACM data")
nacm_data.load("jetconf/example-data-nacm.json")
log_level = {
"error": logging.ERROR,
"warning": logging.WARNING,
"info": logging.INFO,
"debug": logging.INFO
}.get(CONFIG["GLOBAL"]["LOG_LEVEL"], logging.INFO)
logging.root.handlers.clear()
# Daemonize
if CONFIG["GLOBAL"]["LOGFILE"] not in ("-", "stdout"):
# Setup basic logging
logging.basicConfig(
format="%(asctime)s %(levelname)-8s %(message)s",
level=log_level,
filename=CONFIG["GLOBAL"]["LOGFILE"]
)
# Go to background
pid = os.fork()
if pid != 0:
sys.exit(0)
os.setsid()
os.umask(0)
pid = os.fork()
if pid != 0:
sys.exit(0)
# Close standard file descriptors
os.close(sys.stdin.fileno())
os.close(sys.stdout.fileno())
os.close(sys.stderr.fileno())
fd_null = os.open("/dev/null", os.O_RDWR)
os.dup(fd_null)
os.dup(fd_null)
else:
# Setup color logging
log_formatter = colorlog.ColoredFormatter(
"%(asctime)s %(log_color)s%(levelname)-8s%(reset)s %(message)s",
datefmt=None,
reset=True,
log_colors={
'DEBUG': 'cyan',
'INFO': 'green',
'WARNING': 'yellow',
'ERROR': 'red',
'CRITICAL': 'red',
},
secondary_log_colors={},
style='%'
)
log_handler = colorlog.StreamHandler()
log_handler.setFormatter(log_formatter)
log_handler.stream = sys.stdout
logger = colorlog.getLogger()
logger.addHandler(log_handler)
logger.setLevel(log_level)
# Print configuration
print_config()
nacmc = NacmConfig(nacm_data)
# Create pidfile
fl = os.open(CONFIG["GLOBAL"]["PIDFILE"], os.O_WRONLY + os.O_CREAT, 0o666)
try:
os.lockf(fl, os.F_TLOCK, 0)
os.write(fl, str(os.getpid()).encode())
os.fsync(fl)
except BlockingIOError:
error("Jetconf daemon already running (pidfile exists). Exiting.")
sys.exit(1)
# Set signal handlers
def sig_exit_handler(signum, frame):
os.close(fl)
os.unlink(CONFIG["GLOBAL"]["PIDFILE"])
info("Exiting.")
sys.exit(0)
signal.signal(signal.SIGTERM, sig_exit_handler)
signal.signal(signal.SIGINT, sig_exit_handler)
# Load data model
datamodel = DataHelpers.load_data_model("data/", "data/yang-library-data.json")
# Datastore init
ex_datastore = JsonDatastore("./data", "./data/yang-library-data.json", "DNS data")
ex_datastore.load("jetconf/example-data.json")
ex_datastore.register_nacm(nacmc)
datastore = JsonDatastore(datamodel, "jetconf/example-data.json", "DNS data", with_nacm=False)
datastore.load()
datastore.load_yl_data("data/yang-library-data.json")
datastore.get_data_root().validate(ValidationScope.all, ContentType.config)
# Register schema listeners
CONF_DATA_HANDLES.register_handler(KnotConfServerListener(datastore, "/dns-server:dns-server/server-options"))
CONF_DATA_HANDLES.register_handler(KnotConfLogListener(datastore, "/dns-server:dns-server/knot-dns:log"))
CONF_DATA_HANDLES.register_handler(KnotConfZoneListener(datastore, "/dns-server:dns-server/zones"))
CONF_DATA_HANDLES.register_handler(KnotConfControlListener(datastore, "/dns-server:dns-server/knot-dns:control-socket"))
CONF_DATA_HANDLES.register_handler(KnotConfAclListener(datastore, "/dns-server:dns-server/access-control-list"))
CONF_DATA_HANDLES.register_handler(KnotZoneDataListener(datastore, "/dns-zones:zone-data"))
# Register op handlers
OP_HANDLERS.register_handler("play", op_handlers.play_op_handler)
OP_HANDLERS.register_handler("generate-key", usr_op_handlers.sign_op_handler)
# Create and register state data handlers
usr_state_data_handlers.create_zone_state_handlers(STATE_DATA_HANDLES, datamodel)
# Initialize Knot control interface
knot_global_init()
datastore.commit_begin_callback = knot_connect
datastore.commit_end_callback = knot_disconnect
# Create HTTP server
rest_srv = RestServer()
rest_srv.register_api_handlers(ex_datastore)
rest_srv.register_api_handlers(datastore)
rest_srv.register_static_handlers()
# Run HTTP server
......@@ -42,13 +151,6 @@ def main():
if __name__ == "__main__":
opts, args = (None, None)
colorlog.basicConfig(
format="%(asctime)s %(log_color)s%(levelname)-8s%(reset)s %(message)s",
level=logging.INFO,
stream=sys.stdout
)
test_module = None
try:
......@@ -67,8 +169,6 @@ if __name__ == "__main__":
tm.test()
except ImportError as e:
print(e.msg)
# except AttributeError:
# print("Module \"{}\" has no test() function".format(test_module))
else:
main()
import os
import yaml
from colorlog import warning as warn, info
from yaml.parser import ParserError
from colorlog import error, warning as warn, info
CONFIG_GLOBAL = {
"TIMEZONE": "GMT"
"TIMEZONE": "GMT",
"LOGFILE": "-",
"PIDFILE": "/tmp/jetconf.pid",
"PERSISTENT_CHANGES": True,
"LOG_LEVEL": "info",
"LOG_DBG_MODULES": ["*"]
}
CONFIG_HTTP = {
"DOC_ROOT": "doc-root",
"DOC_DEFAULT_NAME": "index.html",
"API_ROOT": "/restconf",
"API_ROOT_STAGING": "/restconf_staging",
"SERVER_NAME": "hyper-h2",
"UPLOAD_SIZE_LIMIT": 1,
"LISTEN_LOCALHOST_ONLY": False,
"PORT": 8443,
"SERVER_SSL_CERT": "server.crt",
"SERVER_SSL_PRIVKEY": "server.key",
"CA_CERT": "ca.pem"
"CA_CERT": "ca.pem",
"DBG_DISABLE_CERTS": False
}
CONFIG_NACM = {
"ALLOWED_USERS": "lojza@mail.cz"
}
CONFIG_KNOT = {
"SOCKET": "/tmp/knot.sock"
}
CONFIG = {
"GLOBAL": CONFIG_GLOBAL,
"HTTP_SERVER": CONFIG_HTTP,
"NACM": CONFIG_NACM
"NACM": CONFIG_NACM,
"KNOT": CONFIG_KNOT
}
NACM_ADMINS = CONFIG["NACM"]["ALLOWED_USERS"]
API_ROOT_data = os.path.join(CONFIG_HTTP["API_ROOT"], "data")
API_ROOT_STAGING_data = os.path.join(CONFIG_HTTP["API_ROOT_STAGING"], "data")
API_ROOT_ops = os.path.join(CONFIG_HTTP["API_ROOT"], "operations")
def load_config(filename: str):
global NACM_ADMINS
global API_ROOT_data
global API_ROOT_STAGING_data
global API_ROOT_ops
try:
......@@ -49,10 +67,14 @@ def load_config(filename: str):
except FileNotFoundError:
warn("Configuration file does not exist")
except ParserError as e:
error("Configuration syntax error: " + str(e))
exit()
# Shortcuts
NACM_ADMINS = CONFIG["NACM"]["ALLOWED_USERS"]
API_ROOT_data = os.path.join(CONFIG_HTTP["API_ROOT"], "data")
API_ROOT_STAGING_data = os.path.join(CONFIG_HTTP["API_ROOT_STAGING"], "data")
API_ROOT_ops = os.path.join(CONFIG_HTTP["API_ROOT"], "operations")
......
GLOBAL:
TIMEZONE: "Europe/Prague"
LOGFILE: "-"
PIDFILE: "/tmp/jetconf.pid"
PERSISTENT_CHANGES: false
LOG_LEVEL: "debug"
LOG_DBG_MODULES: ["usr_conf_data_handlers", "knot_api", "nacm", "data"]
HTTP_SERVER:
DOC_ROOT: "jetconf/doc-root"
......@@ -10,6 +15,10 @@ HTTP_SERVER:
SERVER_SSL_CERT: "jetconf/server.crt"
SERVER_SSL_PRIVKEY: "jetconf/server.key"
CA_CERT: "jetconf/ca.pem"
DBG_DISABLE_CERTS: false
NACM:
ALLOWED_USERS: ["lojza@mail.cz"]
\ No newline at end of file
ALLOWED_USERS: ["lojza@mail.cz"]
KNOT:
SOCKET: "/home/pspirek/knot-conf/knot.sock"
This diff is collapsed.
-----BEGIN CERTIFICATE-----
MIICZjCCAU4CAQ0wDQYJKoZIhvcNAQEFBQAwSzELMAkGA1UEBhMCQ1oxEzARBgNV
MIICZjCCAU4CAREwDQYJKoZIhvcNAQEFBQAwSzELMAkGA1UEBhMCQ1oxEzARBgNV
BAoMCkV4YW1wbGUgQ0ExEDAOBgNVBAsMB2V4Y2EuY3oxFTATBgNVBAMMDG1haWxA
ZXhjYS5jejAeFw0xNjAzMDgxNTIzMTNaFw0xNjA0MDcxNTIzMTNaMCsxCzAJBgNV
ZXhjYS5jejAeFw0xNjA1MDkwODQxNThaFw0xNzA1MDkwODQxNThaMCsxCzAJBgNV
BAYTAkNaMRwwGgYJKoZIhvcNAQkBFg1sb2p6YUBtYWlsLmN6MIGfMA0GCSqGSIb3
DQEBAQUAA4GNADCBiQKBgQDZsaIBTzwjoHMGGiiKuxoGwUJCBsAIMX5BUEBCIoX7
A3Yuit3TKWSVuTZrikPEEOXGCfJw3odQAKlK7QU7u732iP0+VIRMxhMh8BGS7p76
QgDOGe+gBYRvuJBPgYdHqWu7kCuL/FrKUeu/Ui4Z/7QP6AbWwT2aSswlJwZWRYhs
vwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBq7cnlwqSNza5kL4O2rLevwnF3BVfi
B4UlDJePne+c8ymGLtMHa1xevHpLVdCJOkF18zaBwxaVzQGlILu8yqtBZjbXnOV5
fNsajzo6FyifKnd6OB/ckt2wCi4+QYdttJc7YNn9Dx4PHoRLwCzshIjOY5p5xIzI
9pCVUgc1bNO5QwgmJpoeumjN4ml2v+JDiYu0cNXTJP9tyX22YAxXkYRDkfnGQQb/
wo0Jt4KpPtRg8NSHYswumWlWDJuHKqauck6RjKDSGV+ifv6COoUbT83eiC+46PTy
iJBhiz0zScDzMyOjDhv/cyxnfO/3+Z7BOrmWz9faGRlLnc4OdJ+7TupX
vwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBxREnObDzbunZiChhUl0O4m5zRyDpU
51r4PmMNM11MbPB0/a8jNwyXQUrtG4ZRxPDEWxwPCg0mSG+kEq8lkYTOCg8jr0np
YXbFZj4IYiZEyXs25xrqmlMnt2GjP1MBCBPLI7YzItQF4SHd+8U8rKA4bAVrlmwv
ccqWffc+R7LzyAY9N0jTPmRp2u9DwoL9FrgOcfCnyZmbezeGFORXGIHbfIDNvBbU
I9KiQDSWz+b/Zp1n2h4OPR6cjU2M7GhZnPEO6w669EtSDah0VL2U9wjmq4HZUPzY