ypgnmi-app Installation
The following sections describe the steps to install and test ypgnmi-app application.
gNMI Prerequisites
Install the Go programming language.
Version 'go1.9' or higher is required. To verify the installation and to verify the version of the installed GO run the following:
mydir> go version
go version go1.10 linux/amd64
gNMI Source Code Installation
If you have installed the YumaPro from source code then you need to build and install using EVERYTHING=1 or use the WITH_RESTCONF=1 and WITH_YCONTROL=1 flags must be used. In addition, the WITH_GNMI=1 make variable must be used.
Example: Build the netconfd-pro server with gNMI support:
make DEBUG=1 DEBUG2=1 EVERYTHING=1 WITH_GNMI=1 USE_WERROR=1
sudo make DEBUG=1 DEBUG2=1 EVERYTHING=1 WITH_GNMI=1 USE_WERROR=1 install
Additional custom and optional parameters can be added with the GO_PATH=$CUSTOM_GOPATH and GO_BIN=$CUSTOM_GOBIN flags if needed.
Setting up a Custom GO Workspace
To install ypgnmi-app in a custom location
set the custom $GOPATH and $GOBIN Variables.
Otherwise, the default $HOME/go GO workspace will be used
and ypgnmi-app application dependencies will be installed there.
Follow these steps
to setup a custom workspace and Variables.
The Build Variables GO_PATH=$CUSTOM_GOPATH and GO_BIN=$CUSTOM_GOBIN are needed if a custom workspace is used.
GO_BIN=<dirspec>
This specifes the $GOBIN variable dirspec to use when building ypgnmi-app application. Default is $HOME/go/bin. Ignored if PACKAGE_BUILD=1 is also used.
GO_PATH=<dirspec>
Specifies the $GOPATH variable dirspec to use when building ypgnmi-app application. Default is $HOME/go. Ignored if PACKAGE_BUILD=1 is also used.
In this case the ypgnmi-app will be installed into your custom
$GOBIN location. By default the application is installed in the
/usr/bin/.
yumapro-gnmi Binary Package Installation
If you do not have source code and need to install the YumaPro with a
binary package then the application will be installed in the default
/usr/bin location. If you'd like to use a different directory move
the binary to your desired location.
You will have to create your workspace directory
Setup $GOBIN and $GOPATH variables and install all dependencies
Create your workspace directory,
$HOME/go.Set the $GOPATH environment variable
mydir> mkdir -p ~/go
The $GOPATH can be any directory on your system. $HOME/go is
the default $GOPATH on Unix-like systems since Go 1.8.
Note
The $GOPATH must not be the same path as your Go installation.
Edit ~/.bash_profile (or ~/.bashrc if that is present instead)
to add the following lines:
export GOPATH=$HOME/go
export GOBIN=$GOPATH/bin
Save and exit your editor. Then, source this file
mydir> source ~/.bash_profile
Using the 'go get' to install the following. Note that in this case $GOBIN and $GOPATH should be already setup:
mydir> go get github.com/aws/aws-sdk-go/aws
mydir> go get github.com/clbanning/mxj
mydir> go get github.com/davecgh/go-spew/spew
mydir> go get github.com/golang/glog
mydir> go get github.com/golang/protobuf/proto
mydir> go get github.com/golang/protobuf/protoc-gen-go/descriptor
mydir> go get -u github.com/kylelemons/godebug/{pretty,diff}
mydir> go get github.com/openconfig/gnmi/proto/gnmi
mydir> go get github.com/openconfig/ygot/experimental/ygotutils
mydir> go get github.com/openconfig/goyang/pkg/yang
mydir> go get -u github.com/openconfig/ygot/{ygot,ytypes}
mydir> go get golang.org/x/net/context
mydir> go get google.golang.org/genproto/googleapis/rpc/code
mydir> go get -u google.golang.org/grpc
mydir> go get -u google.golang.org/grpc/{codes,credentials,metadata,reflection,status}
If you get an error similar to:
go/src/github.com/openconfig/ygot/util/schema.go:65: s.Tag.Lookup
undefined (type reflect.StructTag has no field or method Lookup)
Upgrade to the latest go version.
Generate the CA Certificates
Generate the client and server certificates. If you have already installed the certificates required for TLS as described in the section Configure TLS of the YumaPro SDK Installation Guide make sure copies of the client and server keys and certs are in ~/certs and also the ca.crt is available.
-rw-rw-r-- 1 john john 956 Aug 9 10:41 ca.crt
-rw-rw-r-- 1 john john 969 Aug 2 11:00 client.crt
-rw-rw-r-- 1 john john 1704 Aug 2 11:00 client.key
-rw-rw-r-- 1 john john 964 Aug 2 11:01 server.crt
-rw-rw-r-- 1 john john 1704 Aug 2 11:01 server.key
Then you can skip to the next section.
If you have not installed TLS certificates follow these steps:
mydir> mkdir ~/certs
mydir> cp /usr/share/yumapro/util/generate-keys.sh ~/certs
or
mydir> cp netconfd/util/generate-keys.sh ~/certs
mydir> cd ~/certs
certs> ./generate-keys.sh
The 'generate-keys.sh' script contains one line where it configures the server's Common Name and other parameters:
SUBJ="/C=/ST=/L=/O=/CN=your_target_name"
Change it to your target name. By default the value is restconf. You
may keep it for testing, but during the gNMI client requests make sure
to specify this target name.
Running ypgnmi-app
Run the server with the setting --with-gnmi=true flag as follows:
mydir> netconfd-pro log-level=debug4 --with-gnmi=true
Start the ypgnmi-app application. Note that you have to provide your certificates to start the application:
mydir> ypgnmi-app -cert ~/certs/server.crt -ca ~/certs/ca.crt -key ~/certs/server.key
After this step the gNMI server starts to listen for any gNMI client requests and will process the requests to the netconfd-pro server and will transfer all the replies back.
Running gNMI Client Applications
The gRPC Network Management/Operations Interface Tools (gNXI Tools) provides basic applications to connect to the server and can be used to test the system. Install the gNXI Tools using the 'go get' and 'go install' tools.
mydir> go get github.com/google/gnxi/gnmi_get
mydir> go install github.com/google/gnxi/gnmi_get
mydir> go get github.com/google/gnxi/gnmi_capabilities
mydir> go install github.com/google/gnxi/gnmi_capabilities
mydir> go get github.com/google/gnxi/gnmi_set
mydir> go install github.com/google/gnxi/gnmi_set
To invoke a 'CAPABILITY' client request:
mydir> gnmi_capabilities \
--target_addr 127.0.0.1:10161 \
--target_name restconf \
--ca ~/certs/ca.crt \
--key ~/certs/client.key \
--cert ~/certs/client.crt
To invoke a 'GET' client request:
XPath parameters values are just sample paths of the nodes. Use real paths that represent real nodes in YANG modules that are loaded into the netconfd-pro server.
Set the '--xpath' parameter to a real node to retrieve.
mydir> gnmi_get \
--target_addr 127.0.0.1:10161 \
--target_name restconf \
--ca ~/certs/ca.crt \
--key ~/certs/client.key \
--cert ~/certs/client.crt \
--xpath "/country[name=usa]" \
--xpath "person"
To invoke a 'SET' client request:
XPath parameters values are just sample paths of the nodes. Use your real paths that represent your real nodes in YANG modules that you loaded into the netconfd-pro server. Set the –delete, --update, --replace parameters paths to real nodes that you want to edit.
mydir> gnmi_set \
--target_addr localhost:10161 \
--target_name restconf \
--ca ~/certs/ca.crt \
--key ~/certs/client.key \
--cert ~/certs/client.crt \
--delete /system/openflow/agent/config/max-backoff \
--delete /system/openflow/agent/config/max-backoff2 \
--replace /system/clock:@clock-config.json \
--update /system/clock/config/timezone-name:@clock-config2.json
The clock-config.json input file to replace container “clock” might look as follows.
{
"clock": {
"timezone-name": "Europe/Stockholm"
}
}
The clock-config2.json input file to update a lead “timezone-name” might look as follows:
{
"timezone-name": "ETZ"
}
In addition you may use the following gNMI client for sending SET and Subscribe Requests.
Refer to OpenConfig gNMI for more details.
To run gNMI requests using the following client, for example, SET and Subscribe request:
mydir> > gnmi_cli \
--address localhost:10161 \
--server_name restconf \
--ca_crt ~/certs/ca.crt \
--client_crt ~/certs/client.crt \
--client_key ~/certs/client.key \
--set --delete="/person"
mydir> > gnmi_cli \
--address localhost:10161 \
--server_name restconf \
--ca_crt ~/certs/ca.crt \
--client_crt ~/certs/client.crt \
--client_key ~/certs/client.key \
--query_type once \
--query "/uint32.1"
The gnmi_cli client only sends Subscribe or Set requests. The ypgnmi-app application fully supports SET requests. However, only Subscribe requests with ONCE mode are currently supported.
Closing ypgnmi-app
The ypgnmi-app can be shut down by typing Ctrl-C in the window that started the application.
If the netconfd-pro server is not running when ypgnmi-app is started the application will terminate with an error message stating that the netconfd-pro server is not running.
If the netconfd-pro server is shut down then ypgnmi-app will also shutdown.