3. Classic and Model-Driven Management Interfaces
SR OS supports two basic classes of management interfaces:
- classic management interfaces
- model-driven management interfaces
Classic management interfaces include:
- SNMP
- the classic CLI
Model-driven management interfaces include:
- the MD-CLI
- NETCONF using the Nokia SR OS YANG modules
- the gRPC Network Management Interface (gNMI)
References to the term CLI in the SR OS user documentation are generally referring to the classic CLI. The classic CLI is the CLI that has been supported in SR OS from the initial introduction of SR OS.
The MD-CLI is a model-driven CLI introduced in SR OS Release 16.0.R1. Refer to The MD-CLI User Guide and The MD-CLI Command Reference Guide for details on using configuration commands in the MD-CLI.
3.1. Model-Driven Management Interfaces
Model-driven management interfaces are based on a common infrastructure that uses YANG models as the core definition for configuration, state, and operational actions. All model-driven interfaces take the same common underlying YANG modules and render them for the particular management interface.
The Nokia SR OS YANG modules of the model-driven infrastructure are similar to the classic CLI tree with the following notable differences:
- the classic and model-driven configuration formats are incompatible; the system automatically converts the classic configuration to the model-driven format when the management interface configuration mode is changed to model-driven
- some classic CLI branches have been moved, renamed, or re-organized in the SR OS YANG modules
- many elements use string names as keys in model-driven interfaces instead of the numerical identifiers used in the classic CLI and SNMP. The name can only be assigned or modified for these elements in releases prior to Release 15.1.R1. Elements without names are automatically assigned a name (the identifier converted to a string) during an upgrade to Release 15.1.R1 or later, and cannot be changed without manually deleting and recreating the element. It is recommended that the following elements are assigned names prior to an upgrade to Release 15.1 or later:
- all services (configure service vprn, vpls, epipe, and so on)
- configure mirror mirror-dest
- configure service pw-templates
- configure service customer
- configure filter ip-filter, ipv6-filter, and mac-filter
- configure qos network, sap-ingress, and sap-egress
- configure eth-cfm domain and association
- the classic CLI shutdown command has been replaced with admin-state in model-driven interfaces
- the classic CLI commands with multiple parameters have been separated into individual leafs in model-driven interfaces
- the model-driven interfaces make extensive use of Boolean values (true and false) for configuration settings. A newly created routing instance, group, or EBGP neighbor in a model-driven interface applies the secure default behavior to reject all routes. It is compliant with RFC 8212 using the ebgp-default-reject-policy command. However, Nokia recommends configuring import and export policies that express the intended routing instead of using the insecure default behavior.
In model-driven configuration mode, SR OS operates with 'explicit' default handling. Users can set a leaf to the same value as the default and SR OS remembers that it was explicitly set and displays it as part of the configuration. This is similar to what RFC 6243 refers to as 'explicit' mode.
In the classic configuration mode, the default handling is similar to RFC 6243 'trim' mode. Configuration values are not reported if they are equal to the default value, even if the user explicitly configured the value.
In mixed configuration mode, the system uses 'explicit' default handling but it is not persistent. Explicitly configured default values are lost or forgotten at a High-availability CPM switchover or a reboot. Nokia does not recommend setting any leaf explicitly to its default value in mixed configuration mode (the leaf should be deleted instead).
3.1.1. Prerequisites for Using Model-Driven Management Interfaces
Before configuration editing is permitted in model-driven interfaces, the management interface configuration mode must be set to model-driven or mixed. See Management Interface Configuration Mode for details.
All loose references using IDs to certain elements (elements which use IDs as keys in classic interfaces but string names in model-driven interfaces) must be replaced with references using string names. See Loose References to IDs for details.
Strict routing policy validation is used for model-driven interfaces. The routing policy must exist for the management interface configuration mode to be changed. References to non-existent routing policies must be removed before attempting to switch modes. Strict policy validation is applied to the following routing policy references:
- ARP and ND: in the Base router and VPRN instances
- BGP: in the Base router and VPRN instances
- Global and local variables: in main policies and sub-policies
- IGMP, MLD, and PIM: in the Base router and VPRN instances
- IS-IS: in the Base router and VPRN instances
- LDP
- OSPF and OSPFv3: the Base router and VPRN instances
- Policy-option: from, to, action, and default-action statements
- Policy-option: sub-policies, prefix-list, as-path, as-path-group, damping, and community policies
- RIP and RIPng: in the Base router and VPRN instances
- RSVP
- Single policy-statement or logical policy expressions
- Static routes: in the Base router and VPRN instances
- Subscriber management: except for in mld-policy configuration for a local user database (LUDB) host
- VPLS: for BGP VSI
- VPRN: for GRT, MVPN, and VRF
Use the tools perform system management-interface configuration-mode check command to check if the configuration meets the preceding prerequisite reference requirements to change the management interface configuration mode. Incompatible configuration commands are displayed with an error reason if the prerequisite is not met. The following example shows several incompatible configuration commands.
 | Note: The command does not check if the configuration contains commands that are unsupported in model-driven interfaces. For more information, refer to section “Unsupported Configuration in MD Interfaces” in the SR OS 21.x.Rx Software Release Notes, part number 3HE 17177 000x TQZZA. |
3.2. YANG Data Models
Model-driven management interfaces are based on a common infrastructure that uses YANG models as the core definition for configuration, state, and operational actions. All model-driven interfaces (NETCONF, gRPC/gNMI, and the MD-CLI) take the same common underlying YANG modules and render them for the particular management interface. These YANG models are also used for telemetry.
SR OS supports:
- Nokia YANG data models
- OpenConfig YANG data models
3.2.1. Nokia SR OS YANG Data Models
The Nokia SR OS YANG modules are the base for the model-driven architecture.
SR OS configuration is divided into several top level configuration regions (see Datastores and Regions for details). The data models for each configuration region are separated into different YANG modules.
The primary configuration region (configure) is modeled in the nokia-conf YANG module specified in a single file located at YANG/nokia-combined/nokia-conf.yang in the SR OS image distribution.
An alternative packaging of the primary configuration region is also available as a set of submodules (for example, nokia-conf-system) that all belong to a single module located at YANG/nokia-conf.yang in the SR OS image distribution. The submodules have independent revision dates and can be used to identify which parts of the configuration model have changed.
Some YANG tools may show errors about circular dependencies in the submodules. For instance, Pyang gives an error about circular dependencies but does complete the processing to build complete tree or jstree output. If circular dependencies are preventing any necessary tools from correctly processing the YANG, use the combined packaging instead of the submodules. For details about enabling various sets of YANG modules, see the yang-modules commands.
The lawful intercept (LI) configuration region is modeled in the nokia-li-conf YANG module specified in a single file called nokia-li-conf.yang.
The BOF configuration region is modeled in the nokia-bof-conf YANG module specified in a single file called nokia-bof-conf.yang.
SR OS state information is modeled in the nokia-state YANG module specified in a single file located at YANG/nokia-combined/nokia-state.yang in the SR OS image distribution.
LI state information is modeled in nokia-li-state.yang which augments the primary nokia-state module.
BOF state information is modeled in nokia-bof-state.yang.
There are also a series of nokia-types-* modules that are included by various configuration and state modules.
The SR OS YANG modules have the following attributes.
- The modules can be used with NETCONF, telemetry, or with the Set/Get RPCs of the gRPC-based gNMI service.
- The modules and submodules indicate the SR OS major release stream using a YANG extension (for example, sros-ext:sros-major-release "rel16";). Module and submodule revisions form a contiguous series of revisions inside a major release stream. There may be two files for the same module with the same revision date but with different contents because they are from two different major release streams. Each active major release stream has revisions ongoing in parallel.
All configuration modules, state modules, and types modules are advertised in the SR OS NETCONF server <hello>. Submodules are not advertised in the <hello> message.
The classic CLI tools, clear, and monitor branches do not have equivalent YANG data models.
Some admin and file operations have YANG models whereby each operation is modeled using a YANG “action” statement. These can be viewed in the nokia-oper-*.yang files. For more information, see YANG-based Operations.
3.2.2. OpenConfig YANG Data Models
OpenConfig presents a vendor-independent set of YANG models. OpenConfig YANG model elements are mapped to application-specific SR OS configuration and state.
3.2.2.1. Basic Configuration
OpenConfig YANG models are available in model-driven interfaces, including the MD-CLI, gNMI, and NETCONF when enabled with the configure system management-interface yang-modules openconfig-modules command. Access to the OpenConfig models is different depending on the model-driven interface.
- MD-CLI
- OpenConfig configuration statements are located in the configure openconfig context.
- OpenConfig state information is located in the state openconfig context.
- When a configuration is validated or committed, the system verifies that openconfig-modules is set to true. If openconfig-modules is set to false and there are OpenConfig configuration statements in the candidate, the action fails with an error indicating that the OpenConfig module cannot be disabled when OpenConfig configuration elements exist.
- The operator must set openconfig-modules to true and perform the validate or commit action again. Assuming the configuration is complete and there are no other errors, the transaction succeeds.
- The system checks openconfig-modules to determine whether OpenConfig state elements can be accessed.
- gNMI and NETCONF
- The system checks openconfig-modules to determine whether OpenConfig models can be advertised and whether the system can accept or send OpenConfig configuration or state elements.
- If openconfig-modules is set to false, the system blocks OpenConfig edits, requests, and responses from being sent or accepted at the gNMI or NETCONF level. A <get> operation from the root without a declared namespace or branch succeeds but does not include any OpenConfig data. However, a <get> operation that explicitly requests data from the OpenConfig namespace generates an error.
- AAA rules for OpenConfig are different in the MD-CLI, NETCONF and gNMI
- A configure openconfig AAA profile entry applies to configure openconfig commands in the MD-CLI, and to config and state elements in NETCONF and gNMI.
- A state openconfig AAA profile entry only applies to state openconfig information in the MD-CLI. AAA entries for NETCONF and gNMI state elements are not supported.
3.2.2.2. Shared Model Management Support
3.2.2.2.1. Introduction
Nokia provides a suite of vendor-specific YANG models to configure the network element. OpenConfig is an informal working group which provides vendor-neutral YANG models based on the desired usage of a technology by the community. The Nokia vendor-specific model is a more complete representation of the capabilities of the network element, which includes vendor specific features and functions not described by the OpenConfig YANG models. The two YANG configuration models, Nokia’s vendor-specific and OpenConfig’s vendor-neutral, may be used together to configure the network element. Support for OpenConfig models can be established by examining the OpenConfig model with the vendor-specific deviations and augments.
3.2.2.2.2. Merging Configuration Statements
In order to ensure complete traceability and the origin of the configuration (that is, which data model configured the feature), the Nokia and OpenConfig configuration statements are maintained separately in the configuration tree. This allows for the greatest flexibility when accommodating configuration differences between the Nokia and OpenConfig models. The configuration statements are merged, giving precedence to the Nokia model configuration statements when there is a collision (that is, when the same function is configured in both the OpenConfig and Nokia models).
In order to merge configuration for objects, the keys for an object must be equal and deterministic for both the Nokia and OpenConfig models. This provides an anchor for the object and allows the configuration to be rationalized and merged. For example, augments may have been made to OpenConfig models to allow for a deterministic key where a key function is not supported. One example is the use of the configure openconfig interfaces interface interface subinterfaces subinterface number ipv4 config primary-address option. In this case, the OpenConfig model does not allow which of the specified interfaces should be the primary. The control of the primary interface is very important.
When configuration statements are completed using one configuration model, tab completion for a name or reference identifier is not available in the other model. For example, the name or identifier of a list entry must be equally and explicitly entered in both data models in order to share the configuration elements across the different models.
There are two different approaches taken for shared model management, on a per Nokia application basis: leaf level and list level management.
An application that supports shared model management at the leaf level allows both configuration models access to the leaf and merge operations can occur at the leaf level. If both Nokia and OpenConfig models include configuration for a leaf, the Nokia configuration takes precedence. The OpenConfig configuration statements remain in its configuration database but are not applied as part of the operational configuration
An application that supports granularity at the list level allows individual list entries for an application to be managed by one model only. The configuration model that creates the list entry is the only model that can modify or delete the list entry. An attempt to modify the list entry using the configuration access method that does not manage the list entry returns an error message identifying the managing owner of the list entry.
Unless configured explicitly using the Nokia configuration model, a configuration element that does not have a static default value is managed by OpenConfig.
In some situations, partial or incomplete OpenConfig configurations may be allowed. For example, where the OpenConfig structure is accepted but the triggering mapping has not been configured under OpenConfig, the information is not pushed to the application. These partial configurations remain in the OpenConfig configuration tree as they are syntactically correct, however, without an application mapping event, they remain outside of the operating configuration. When a partial configuration is stored in the OpenConfig configuration tree, it does not show as an active element under the SR OS specific application, that is, via show commands or in the /state tree.
3.2.2.2.3. Application Support
Applications may allow for the configuration to be delivered from either the Nokia YANG model or the OpenConfig YANG models. In many cases, applications allow some level of cooperative configuration such that the configuration statements can be received from both Nokia YANG models and OpenConfig YANG models. In order to determine the level of cooperative configuration allowed by an application, the application-specific Nokia or the nokia-conf-combined.yang YANG models can be checked for the following extension statement.
If the above statement is found, the cooperative shared model management configuration is not allowed for that element and all descendants of the element.
The level of shared model management support can be viewed via the MD CLI help if the OpenConfig YANG models have been enabled.
The models that prevent shared model management at a specific level of the hierarchy include the following statement in the help. For example, the commands in the configure policy-options policy-statement context display the following:
3.2.2.2.4. Validating and Committing
Validation ensures the structure and completeness of the configuration against the OpenConfig model. It does not deliver the configuration to application. It is possible that a validation succeeds when the structure and requirements of the OpenConfig model are met.
The commit function performs the validation as above, with the additional step of delivering the converted OpenConfig statements to the application. A successful validation can be followed by a failure to commit the transaction. For example, the following scenarios result in a failed commit action:
- the Nokia application requirements are not met
- the list entry is managed by Nokia
- a resource limit enforced by the application is exceeded by merging the OpenConfig configuration
Nokia applications that include conditional “when” statements using the Nokia YANG model must have the statements satisfied by the Nokia configuration. The OpenConfig configuration cannot verify or satisfy Nokia conditional “when” statements. This approach prevents “when” statements from changing from one state to another by updating the OpenConfig statements and affecting a non-child leaf in the Nokia configuration. For example, the following message is displayed when the OpenConfig configuration sets the port ethernet mode to hybrid but the conditional “when” statement requires the Nokia configuration to satisfy the condition.
3.2.2.2.5. Error Reporting
Errors can occur in situations such as the following:
- the OpenConfig model attempts to deliver an incomplete configuration as required by the Nokia application
- conflicts exist where an OpenConfig model attempts to access a list entry managed by Nokia
- other delivery errors from the commit operation
Failed transactions display an error message indicating the reason for the failure. A failure maintains the complete set of YANG parameters, as if the commit function had not been issued. This allows the administrator to correct the source of the error.
In the event of a delivery error, the OpenConfig path and the Nokia path are included in the error message. A sample error message is shown below.
3.2.2.2.6. Using the info Command
Several variations of the info command are available in order to collect the required operational data required to view the configuration. The info command can be issued under the Nokia configuration context in the MD-CLI. These include:
info - Show the configuration as explicitly entered for the current context.
info converted - Include converted third party model configuration from the running datastore. When an object is management by OpenConfig, meaning the running configuration has an entry delivered by an OpenConfig configuration statement, the leaf or container be precedes with the statement "## managed: by OpenConfig”.
info converted model openconfig - Include converted third party model configuration from the running datastore with the “managed” indicator removed from the output.
info inheritance - Include configuration inherited from configuration groups.
The converted and inheritance options can be combined into a single command
For more information about the info command, see the 7450 ESS, 7750 SR, 7950 XRS, and VSR MD-CLI User Guide.
3.2.2.2.7. Deviating and Augmenting
Deviation files are created for the OpenConfig model when the model deviates from the application requirements of the network elements, such as implementations that are not supported, added, or replaced, granularity mismatches, and different ranges. These deviations are included in an OpenConfig YANG file which contains text descriptions when different units or ranges are in place. Deviations are not raised for OpenConfig “must” statements, as the “must” statement in OpenConfig models is not supported in SR OS. The deviation file follows the naming format nokia-sr-<OpenConfigModule>-deviations.yang, for example, nokia-sr-openconfig-network-instance-deviations.yang.
It is not always necessary to use a deviation file where a specific function is not supported. For example, in the case of enumerations, when an enumerated OpenConfig value is not supported, the validation or commit function fails with an indication that the entry is not valid.
When a mapping exists for an attribute and the configuration is out of range, an error is generated. For example, the Nokia application configuration for leaf B has a range of 1 to 100, where the OpenConfig leaf B specifies a range of 1 to 300. When the OpenConfig value is set above 100, an unsupported value error message is returned.
As an example of a granularity mismatch, Nokia application leaf C supports centiseconds and OpenConfig leaf C supports milliseconds. If the OpenConfig value in milliseconds can be converted to a valid application value, the OpenConfig value is accepted. For example, OpenConfig leaf C 100 ms is converted to application leaf C 1 centisecond. However, if the OpenConfig value cannot be converted to a valid application value, an error is generated. For example, OpenConfig leaf C 125ms cannot be mapped into centiseconds.
Augments files are also included to add configuration for OpenConfig that is required by the Nokia application in order to function as expected. The augments file follows the naming format nokia-sr-<OpenConfigModule>-augments.yang.
3.3. Datastores and Regions
As described in RFC 8342 a datastore is a conceptual place to store and access information. A datastore maps to an instantiated YANG data tree. See RFC 8342 for more information about datastores.
SR OS supports conventional configuration datastores (for example, running and candidate) as well as some proprietary datastores (for example, li-running).
SR OS also has a proprietary concept called a region (or configuration region). The set of branches and elements in the configure branch of the CLI are all located in the primary configuration region simply called configure. The majority of SR OS configuration is in the configuration region including ports, interfaces, services and filters. Examples of other regions are:
- bof (boot options file)
- debug (debugging)
- li (lawful intercept)
Each region has its own configuration datastores (running, candidate, and so on). The saved configuration for each region is stored in a separate file on compact flash or remotely (for example, bof.cfg, debug.cfg, config.cfg, li.cfg). Regions are independently locked for configuration changes. See the output of show system management-interface datastore-locks for an example of per-region per-datastore information.
3.4. System-Provisioned Configuration (SPC) Objects
There is a set of configuration objects (configuration list elements and their descendants) that are provisioned (added to the <running> datastore) automatically by SR OS; for example, log-id 99. Some SPC objects are created at bootup time, and some are created or removed dynamically based on configuration. The dynamically created SPC objects are typically children objects created as a side effect of the creation of their parent object.
Some of these objects can be deleted (removed) by a user (deletable SPC objects).
- In the classic CLI these are removed by specifying the keyword no, which is then visible in an info command or in a saved config (admin save); for example, no log-id 99.
- The deletable SPC objects are not visible in a <get-config> response in the “urn:nokia.com:sros:ns:yang:sr:conf” namespace (the Nokia SR OS YANG modules) if the child leaves are all at default values.
- Some example deletable SPC objects (shown in classic CLI format) are:
Some SPC objects cannot be deleted (non-deletable SPC objects).
- In the classic CLI, an attempt to delete these objects (for example, no sap-ingress 1) returns an error.
- In the MD-CLI, deleting one of these objects simply resets all descendant elements as unconfigured.
- Some non-deletable SPC objects contain leafs (or other descendants) that can be modified. Some objects cannot be modified.
- Non-deletable SPC objects do not appear in the configuration (the output of “info” in the classic CLI or the MD-CLI) unless some of the child leafs or descendants have been configured.
- The non-deletable SPC objects are not visible in a <get-config> response in the “urn:nokia.com:sros:ns:yang:sr:conf” namespace (the Nokia SR OS YANG modules) if the child leaves are all unconfigured.
- Some example non-deletable SPC objects (shown in classic CLI format) are:
3.5. Management Interface Configuration Mode
The management interface configuration mode controls how classic management interfaces, such as SNMP and the classic CLI, and model-driven (MD) interfaces, such as the MD-CLI, NETCONF, and gRPC/gNMI, are used to modify the configuration of the router. The configure system management-interface configuration-mode command must be used to enable configuration editing by MD interfaces.
Table 21: Management Interface Configuration Mode
Configuration Mode | ||||
Classic | Mixed | Model-driven | ||
Classic Interfaces | Classic CLI: configuration write/edit | ✓ | ✓ |
|
Classic CLI: configuration read | ✓ | ✓ | ✓ | |
Classic CLI: non-configuration commands | ✓ | ✓ | ✓ | |
SNMP: configuration write/edit | ✓ |
|
| |
SNMP: non-configuration writes (such as admin reboot) | ✓ |
|
| |
SNMP: configuration read | ✓ | ✓ | ✓ | |
SNMP: state read | ✓ | ✓ | ✓ | |
SNMP: notifications (traps) | ✓ | ✓ | ✓ | |
Model-driven Interfaces | MD-CLI (Nokia model): configuration write and read | ✓ | ✓ | |
MD-CLI (Nokia model): state read | ✓ | ✓ | ✓ | |
NETCONF (Nokia model): configuration write and read |
| ✓ | ✓ | |
NETCONF (Nokia model): state read | ✓ | ✓ | ✓ | |
Telemetry: configuration nodes |
| ✓ | ✓ | |
Telemetry: state nodes | ✓ | ✓ | ✓ | |
gNMI Set/Get: configuration write and read | ✓ | ✓ | ||
gNMI Get: state read | ✓ | ✓ | ✓ | |
Features | OpenConfig YANG models |
| ✓ | |
Configuration annotations | ✓ | |||
Configuration groups | ✓ | |||
MD-CLI rollback command | ✓ | |||
Classic CLI admin rollback revert command | ✓ | ✓ |
| |
Explicit defaults 1 | ✓ | |||
Configuration changes accepted immediately after a CPM high-availability switchover 2 | ✓ | ✓ | ||
Named route policy entries | ✓ | |||
gRPC MD-CLI service for the NISH client | ✓ | |||
Remote management using the NISH manager | ✓ | |||
- In model-driven mode, users can set a parameter to the same value as the default, and SR OS remembers that it was explicitly set and displays it as part of the configuration. In mixed mode these values are not persistent and they are lost or forgotten at a CPM high-availability switchover or a reboot.
- In mixed mode, changes to the configuration are blocked for a few minutes after a CPM high-availability switchover event while the model-driven database is synchronized with the SR OS application layer. There is no impact to running services.
Note:
3.5.1. Mixed Configuration Mode
Mixed configuration mode is useful for operators to migrate from classic management interfaces to operating in a full model-driven mode. It allows the use of previous classic CLI scripts or other OSS integration (for configuration) although with some pre-requisites (see Prerequisites for Using Model-Driven Management Interfaces) and some limitations (see Table 21).
3.5.2. Loose References to IDs
A loose reference is a reference where the target of the reference does not have to exist. For example, configure service pw-template 23 egress filter ip 37 can be configured (when the management interface configuration mode is classic) even if ip-filter 37 does not yet exist in the configuration.
Before switching the management interface configuration mode to model-driven or mixed, all loose references using IDs must be replaced with references using string names (or removed from the configuration) for the following elements:
- all services (configure service vprn, vpls, epipe, and so on)
- configure mirror mirror-dest
- configure service pw-templates
- configure service customer
- configure filter ip-filter, ipv6-filter, and mac-filter
- configure qos network, sap-ingress, and sap-egress
- configure eth-cfm domain and association
In the following configuration example,
can be changed to
Because ip-filter 37 is a loose reference, it does not require a name for the configuration to be valid. However, it may be desirable to assign a name as follows, to make the binding operational.
| Note: A name can only be assigned to a filter or any element in the above list of elements which use IDs as keys in classic interfaces but string names in model-driven interfaces. It is recommended to assign names to the elements prior to an upgrade to Release 15.1.R1. A name can also be changed in releases prior to Release 15.1.R1. Elements without names are automatically assigned a name (the ID converted to a string) during an upgrade to Release 15.1.R1 or later, and cannot be changed without manually deleting and recreating the element. |
Loose references to IDs for the objects listed above cannot be created while in mixed or model-driven configuration mode. Any classic CLI scripts must also be updated to avoid the use of any of the commands below.
The following lists the set of affected loose references. Some items take a service name as an input. SR OS converts these service names to IDs, and stores the IDs in the configuration. In these cases, the service name becomes an alias at configuration edit time and is not stored as a reference.
IPsec related configuration:
Eth-cfm, oam-pm, and saa:
Filters:
PKI:
QoS:
Subscriber management:
Miscellaneous:
3.5.3. Transitioning Between Modes
Depending on the size of the system configuration, transitioning from classic mode may take several seconds to several minutes while the model-driven database is populated and synchronized to the current configuration. During the transition period, configuration changes are not allowed and service is not affected.
Transitioning to classic mode is immediate with no impact to services on the router.
3.6. Configuring the CLI Engine
The CLI engine refers to the CLI environment that is being used in a user session (for example, console, Telnet, or SSH) to configure and operate the router. The CLI engine is either the classic CLI engine or the MD-CLI engine. The following terms are also used:
- preferred CLI engine — the CLI engine that is started at user login
- authorized CLI engine — a CLI engine that a user can switch to (using the CLI engine switch command (“//”)) or where a user can execute commands
- active CLI engine — the CLI engine that is currently in use for a user session
The default preferred CLI engine and authorized CLI engines for a session are determined by the management interface configuration mode, which eliminates the need to explicitly configure the CLI engine. With the use of these dynamic defaults, it is possible to transition between the different configuration modes. Table 22 summarizes the CLI engines for the management interface configuration modes.
Table 22: Management Interface Configuration Modes and CLI Engines
Management Interface Configuration Mode | Default Preferred CLI Engine | Default Authorized CLI Engines |
classic | classic-cli | classic-cli |
mixed | classic-cli | md-cli, classic-cli |
model-driven | md-cli | md-cli, classic-cli (read-only) |
The preferred CLI engine, and the authorized CLI engines for a session can be changed to use either the classic CLI or the MD-CLI engine.
In the classic CLI, the first engine configured is the preferred CLI engine. The default is no cli-engine.
In the MD-CLI, the cli-engine parameter is a user-ordered list, and the first engine from that list is configured as the preferred CLI engine. Leaving the cli-engine parameter unconfigured (or deleting the cli-engine values) maintains or reverts to the dynamic default. Table 23 summarizes the possible actions available with the MD-CLI cli-engine configuration.
| Note: In order for the changes to the cli-engine parameter to take effect, log out of the CLI session and start a new session. |
Table 23: MD-CLI cli-engine Configurations
cli-engine Configuration | Preferred CLI engine | Authorized CLI engines | Description |
[classic-cli] | classic-cli | classic-cli | User is restricted to the classic CLI engine |
[classic-cli md-cli] | classic-cli | classic-cli, md-cli | User can switch between classic CLI and MD-CLI engines in a session |
[md-cli classic-cli] | md-cli | md-cli, classic-cli | User can switch between MD-CLI and classic CLI engines in a session |
[md-cli] | md-cli | md-cli | User is restricted to the MD-CLI engine |
Refer to the MD-CLI User Guide for information about using the MD-CLI to manage to router.
3.7. YANG-based Operations
In addition to YANG-based configuration and state, the SR OS also supports YANG-based operations (for example, admin reboot, file remove).
The SR OS YANG-based operations infrastructure applies to MD-CLI and NETCONF interfaces and is supported in any management interface configuration mode (classic, mixed, or model-driven). It is not applicable to operations requested in classic CLI, SNMP, or gRPC interfaces.
YANG-based operations are allocated an operation ID. This operation ID can be used as an index into the global operations table (state system management-interface operations operation operation-id) to examine the details of an operation, including the following information:
- status (the execution status of the operation: in-progress, terminated, or terminated-incomplete)
- start-time of the operation
- timeouts associated with the operation
The following output is an example that shows the contents of the global operations table while a file remove-directory command is in progress.
The operation ID can also be used to remove an operation using the admin system management-interface operations delete-operation command. In the case where the global operations table is full, the delete-operation command can optionally be requested with the op-table-bypass option to avoid allocating an operation-id and requiring an empty entry in the table.