cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
683
Views
3
Helpful
8
Replies
Highlighted
Cisco Employee

CLI to netconf conversion of device config

We use NSO to collect device inventory and configuration (using show commands). Policies are then executed on the device CLI config and violations are generated along with device CLI commands to remediate the violations. Currently we execute these CLI commands on device using CSPC (collector). Now if we have to do the same using NSO to remediate the devices, these CLI needs to be translated to Netconf XML. So wondering if there exists any tool/library to achieve this translation? Or doesn't NSO expose any APIs to achieve something on these lines, as NSO/NEDs internally would have this intelligence built in for translation purpose.

Thanks

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: CLI to netconf conversion of device config

I assume the NSO XML representation would conform to the YANG model bundled in the NED for a particular device platform though.

Yes, exactly.

While ntool seems to help with CLI to XML conversion, but this need to be deployed in NSO instance, which in our case might not be a very convenient option.

We are on the NSO Developer Hub forum, so answers here tend to involve NSO.

So still wondering how can I achieve this conversion outside NSO box?

You need to involve the device (or the device source code) in some way. There is no way this can be "computed" correctly without it. The details of the mapping also vary by device version, so the trick is to get a device to do it.  Some people spin up virtual devices instances for the purpose of translation.

8 REPLIES 8
Cisco Employee

Re: CLI to netconf conversion of device config

This is easy to do, and something that's often needed.

There are a few different variation on this theme, but here's a basic recipe:

1. Configure the feature you're interested in on the device. You can use any method you like, e.g. CLI or some other existing system.

2. In NSO: do a sync-from with the device

3. Remove the feature you're interested in on the device. You can use any method you like again.

4. In NSO: do a sync-from once again.

5. In NSO: go to config mode and run the command  rollback configuration

6. In NSO: show configuration | display xml | save my-feature.xml

If you prefer to view or cut and paste rather than getting a file, skip the | save part above. NSO will print the result on the screen. And if you want to verify that the capture is correct without the xml, just show config will display the diff.

The saved my-feature.xml contains a good XML starting point for NSO templates. You will need to edit in a line or two in the header, and likely replace a few configuration values with variables or references to your service model.

Cisco Employee

Re: CLI to netconf conversion of device config

Thanks Jan for quick reply. I understand above approach to generate the XML file. But I would like to automate and achieve the same programmatically, i.e. given some CLI commands that I want to execute on the device, translate these to equivalent XML. I don't see any easy way to do this currently. Does NSO expose any interfaces to achieve this, or any alternative open source library which can help here?

Cisco Employee

Re: CLI to netconf conversion of device config

I'm not sure I understand your use case exactly. Perhaps you could elaborate?


What I described above is useful when you know how to configure a feature on a device CLI and want to build an NSO template for that. Apparently, that's not what you're looking for.


So when you're talking about XML, is that the NETCONF/YANG kind XML you have in mind? If it is, I can explain how to get that from the device or from NSO.

Cisco Employee

Re: CLI to netconf conversion of device config

I was looking for a tool that generates XML from CLI commands. The approach you suggested would require us to manually execute CLI on NSO console and then generate XML. ntool suggested by Roque seems to the answer for my requirement, though I am yet to evaluate it. Also, when you refer to NETCONF/YANG kind of XML, do you mean the XML generated using the steps you suggested won't be this kind of XML, would it be the different format?

Cisco Employee

Re: CLI to netconf conversion of device config

The only thing in the world that knows the (extremely intricate & irregular) connection between the CLI commands and the NETCONF/YANG (XML) interface on XR, XE and NX devices is the XR, XE and NX source code. Therefore, all tools and tricks you'll read about are essentially configuring a (phys/virt) device using one method (e.g. CLI) and reading the result using the other (e.g. NETCONF).

With NSO, it's quite possible to manage an XR, XE or NX device using a CLI NED. In this case, NSO can still generate an XML representation of the device configuration. This XML will not be compatible with the NETCONF/YANG interface available natively on the device.

Cisco Employee

Re: CLI to netconf conversion of device config

Yes absolutely agree that CLI to device NETCONF XML is not an easy thing to achieve. I assume the NSO XML representation would conform to the YANG model bundled in the NED for a particular device platform though. While ntool seems to help with CLI to XML conversion, but this need to be deployed in NSO instance, which in our case might not be a very convenient option. So still wondering how can I achieve this conversion outside NSO box?

Cisco Employee

Re: CLI to netconf conversion of device config

I assume the NSO XML representation would conform to the YANG model bundled in the NED for a particular device platform though.

Yes, exactly.

While ntool seems to help with CLI to XML conversion, but this need to be deployed in NSO instance, which in our case might not be a very convenient option.

We are on the NSO Developer Hub forum, so answers here tend to involve NSO.

So still wondering how can I achieve this conversion outside NSO box?

You need to involve the device (or the device source code) in some way. There is no way this can be "computed" correctly without it. The details of the mapping also vary by device version, so the trick is to get a device to do it.  Some people spin up virtual devices instances for the purpose of translation.

Cisco Employee

Re: CLI to netconf conversion of device config

Hi,

Have you tried ntool?

ref: https://github.com/NSO-developer/ntool

It would help you validate a IOS CLI (and some others) config file against the NED and create the respective XML to load it in NSO.

Roque