StarOS provides a
northbound NETCONF interface that supports a YANG data model for transferring
configuration and operational data with the Cisco Network Service Orchestrator
(NSO). It also incorporates a ConfD engine to communicate with the NSO
management console.
NETCONF (Network
Configuration Protocol) is a network management protocol developed and
standardized by the IETF (RFC 6241). It provides mechanisms to install,
manipulate, and delete the configuration of network devices. Its operations are
realized on top of a simple remote procedure call (RPC) layer. The NETCONF
protocol uses XML-based data encoding for the configuration data as well as the
protocol messages. The protocol messages are exchanged on top of a secure
transport protocol.
ConfD is an
on-device management framework that provides a set of interfaces to manage a
device. The ConfD framework automatically renders all the management interfaces
from a data-model. ConfD implements the full NETCONF specification and runs
over SSH with content encoded in XML.
ConfD is configured
to allow only authenticated/authorized access through external authentication.
ConfD Manager provides a standalone CLI module for ConfD to invoke when
authenticating/authorizing any new users. ConfD is configured to allow only
authorized access through StarOS authentication. Upon authentication, the user
is given a privilege level (0-15) which is mapped to StarOS
secure admin,
admin,
operator, and
inspector, as
defined in the YANG model. StarOS logs CLI authentication event/status messages
for each ConfD authentication request.
On the southbound
side, ConfD communicates with a StarOS process called via a set of APIs
provided by the ConfD management agent. The ConfD Configuration Database (CDB)
is used by ConfD to store objects. StarOS accesses the database through the
ConfD-supplied APIs. Once the ConfD configuration database is populated, StarOS
continues to allow CLI access to modify the overall configuration. There are no
automatic updates to the CDB as a result. The CDB only receives updates via the
NETCONF interface. In order to keep the CDB and the StarOS configuration
databases in sync, all changes made via CLI access (external to NETCONF) to
YANG model supported configuration objects must be applied to the CDB manually.
YANG is a data
modeling language for the NETCONF network configuration protocol. It can be
used to model both configuration data as well as state data of network
elements. YANG can also be used to define the format of event notifications
emitted by network elements and it allows data modelers to define the signature
of remote procedure calls that can be invoked on network elements via the
NETCONF protocol (RFC 6020). The YANG file is compiled as part of StarOS and
incorporates a subset of the existing StarOS supported CLI commands.
In this release, the
YANG model supports a limited set of ECS configuration commands via NSO. For
additional information, refer to NSO user documentation and
Supported StarOS ECS Configuration Commands.