[j-nsp] Getting configuration diffs via NETCONF

Curtis Call ccall at juniper.net
Mon Nov 16 17:57:43 EST 2009 

> Ross Vandegrift writes:
> >Damn, that'd have been a really great feature.  I need to record
> deltas
> >of automated changes for approval by a human in a change control
> >application.
> 

Would "file compare ..." output, rather than "show | compare" output, be good enough?  Because you can do that through an op script.  Couldn't these RPC calls be translated into an equivalent NETCONF script?

Here is some example output, the op script name is test.slax:

[edit]
jnpr at j4350# show | compare
[edit system]
-  host-name j4350;
+  host-name changed;

[edit]
jnpr at j4350# run op test
1c1
< ## Last commit: 2009-11-16 22:40:35 UTC by jnpr
---
> ## Last changed: 2009-11-16 22:40:50 UTC
4c4
<     host-name j4350;
---
>     host-name changed;

[edit]
jnpr at j4350# run op test | display xml
<rpc-reply xmlns:junos="http://xml.juniper.net/junos/10.2I0/junos">
    <output>
        1c1
        &lt; ## Last commit: 2009-11-16 22:40:35 UTC by jnpr
        ---
        &gt; ## Last changed: 2009-11-16 22:40:50 UTC
        4c4
        &lt;     host-name j4350;
        ---
        &gt;     host-name changed;
    </output>
    <cli>
        <banner>[edit]</banner>
    </cli>
</rpc-reply>


Here is the op script code used to get the above output.  Fairly crude, but it was just a proof-of-concept:


version 1.0;

ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";

import "../import/junos.xsl";

match / {
    <op-script-results> {
 
        var $candidate-rpc = <get-configuration database="candidate" format="text">;
        var $candidate = jcs:invoke( $candidate-rpc );
        var $committed-rpc = <get-configuration database="committed" format="text">;
        var $committed = jcs:invoke( $committed-rpc );
        
        var $write-candidate = {
            <file-put> {
                <filename> "/var/tmp/candidate";
                <encoding> "ascii";
                <delete-if-exist>;
                <file-contents> $candidate;
            }
        }
        var $results-1 = jcs:invoke( $write-candidate );
        var $write-committed = {
            <file-put> {
                <filename> "/var/tmp/committed";
                <encoding> "ascii";
                <delete-if-exist>;
                <file-contents> $committed;
            }
        }
        var $results-2 = jcs:invoke( $write-committed );
        
        var $compare-rpc = {
            <file-compare> {
                <from-file> "/var/tmp/committed";
                <to-file> "/var/tmp/candidate";
            }
        }
        var $compare-results = jcs:invoke( $compare-rpc );
        
        /* Copy to result tree */
        copy-of $compare-results;
        
        /* Cleanup */
        var $delete-candidate = {
            <file-delete> {
                <path> "/var/tmp/candidate";
            }
        }
        var $results-3 = jcs:invoke( $delete-candidate );
        var $delete-committed = {
            <file-delete> {
                <path> "/var/tmp/committed";
            }
        }
        var $results-4 = jcs:invoke( $delete-committed );
    }
}

More information about the juniper-nsp mailing list