search

CESNET / netopeer2

NETCONF toolset
BSD 3-Clause "New" or "Revised" License
300 stars 188 forks source link

Query on listing existing subscriptions #1616

Open srikanths1 opened 1 month ago

srikanths1 commented 1 month ago

Hi,

We have a scenario for our application

Netopeer2-server using sysrepo and hosting configuration on one VM, we have several different application which are interested on data from netconf server, and does establishpush onchange subscriptions on the server, we have a management application on a different VM which will need to know the list of subscriptions existing in the server, so the question is is there any api in netconf2 which will help us list all the configured establishpush on change subscription with subscription id?

Thanks, Srikanth

michalvasko commented 1 month ago

Retrieve /ietf-subscribed-notifications:subscriptions data, all the information should be there.

srikanths1 commented 1 month ago

Thank you michal, is there a way in which we can subscribe(establish push on change) to above xpath, so we can be notified on any new subscriptions for changes?

michalvasko commented 1 month ago

You are really pushing it but it should be possible. Since netopeer2 uses pull oper subscription to publish these metrics, you will have to create a poll-diff subscription in sysrepo-plugind, which will report the changes to your subscriber. Configure those in /sysrepo-plugind:sysrepo-plugind/oper-datastore/poll-diff-subscription (and you must run sysrepo-plugind). Let me know if you encounter any problems, I am curious myself.

srikanths1 commented 1 month ago

Hi Michal, thank you, we will try it, we are trying something on VM on windows, due to which we are unable to use systemd and plugind,

We are trying to explore if we can achieve validation with custom logic ,

VM1 running netconf-server and an agent application which is netconf client ( netopeer2) VM2 running applications interested in data hosted in VM1, they do a get to access data and use them, whenever Vm3 ( lets say control application ) pushes a change to netconf server, applications are doing establish push subscription on interested config, when there is a change on config in netconf server. Application will get a change notification and check if they can accept this change , So Application can call a rpc on netconf server to indicate if it can be accepted or not, the agent application on VM1 will subscribe for this rpc to know if change can be accepted and pass the Sysrepo validation callback.

is there any way to track the multiple rpc calls for a single Change ( hold the operation until it can be accepted )

michalvasko commented 1 month ago

No, such a distributed architecture is not supported by sysrepo, which handles actual data writes. It can only work locally. And there are no such complex mechanisms defined for NETCONF. Well, you are free to go through the available features and may find something for your use-case, confirmed-commit may perhaps be of interest.

srikanths1 commented 1 month ago

hi Michal,

is it possible to understand which api can be used to subscribed at sysrepo when nc_rpc_validate is done on candidate data store? in the sequence of operations, we will do edit-config on candiadate data store , so that push notifications are already sent to interested applications, but we would like to hold validate request until we get a positive response

michalvasko commented 1 month ago

Well, you can call sr_rpc_subscribe_tree() and subscribe to the <validate> RPC, there can be several subscribers but each must have a different priority. Note that candidate is not validated automatically. But like I said, I do not think the architecture you are trying to implement is a good idea.

jktjkt commented 1 month ago

This looks very much like an X/Y problem. At first, the question was "how to get the list of subscribers", then it shifted on how to do custom validation, and there's a little bit of distributed architecture in the mix. What is the ultimate end goal here?

Note that sysrepo, the DB which is used by netopeer2, of course has a native way of performing custom validation whenever edits are processed. Is that maybe what you're looking for?

srikanths1 commented 1 month ago

Hi Jan, Our Requirements are are like above

  1. Netconf server with sysrepo running on VM1
  2. we also have a agent running on VM1 along with server
  3. we have applications running netconf client subscribing for interested config via establish-push subscription ( all on different VMS ) subscription is via establish push api
  4. the main configuration provider resides on a DIfferent VM3 , and sends below sequence for change in config a) Lock candidate datastore b) edit-config c) validate d) commit e) unlock candidate datastore
  5. the agent running on VM1 along with netconf server, can interact with applications , to check if application can accept the delta or not, so we are trying see if we can use a callback function that maps with validate command ( nc_rpc_validate ) so that edit config can be accepted or rejected for other applications

Thanks, Srikanth

srikanths1 commented 1 month ago

I am thinking if there is a possibility to to register callback for "/ietf-netconf:validate" ? or is it a subscription for this event but not send any reply to sysrepo/netconf?

Thanks, Srikanth

michalvasko commented 1 month ago

Yes, that is what I meant, subscribe to /ietf-netconf:validate, sorry for not being exact. But only one (the last, netopeer2-server) subscriber can send the reply, which should not be a problem, because even the previous one (you) can cancel the RPC and cause it to fail.

srikanths1 commented 1 month ago

Thank you Michal, will try it and post it in the update. Thank you so much for help

jktjkt commented 1 month ago

I haven't realized that the NETCONF-level <validate/> and the <edit-config><test-option>test-only</test-option></edit-config> actually do not hit sysrepo.

IMHO, a perfect solution would require extending sysrepo with support for another event, so that user callbacks which are registered for module changes are triggered also for validation (with a special flag). Supporting this in applications would be then trivial (especially for those apps which already use a two-phase commit and therefore do not perform any changes except the validation in their handlers of SR_EV_CHANGE).

srikanths1 commented 1 month ago

Hi Michal, Jan ,

i am able to work for our requirement via subscribing to /ietf-netconf:validate, I think Sysrepo already has a subscription with priority 0, so i had to subscribe sample application with priority 1

/* subscribe for the RPC */
rc = sr_rpc_subscribe(session, path, rpc_cb, NULL, **1**, 0, &subscription);

I tested success/failure/time out scenarios , but when i delay callback in us i think sample application works fine, what is the max duration for callback timeout to complete? I could hold the validation callback for a max of 1.9s , beyond this, validation times out and error is returned. can this ietf-netconf validate timeout be configured? if so how?

I am adding snaps of 3 testcases i executed with log snippets ,

Subscription without failing anything [root@lpt-fhyz314 build]# ./examples/rpc_subscribe_example /ietf-netconf:validate Application will subscribe to "/ietf-netconf:validate" RPC.

========== LISTENING FOR RPC ==========

validation callback now

CLI

edit-data --datastore candidate --config=/root/exmc.xml OK validate --source candidate OK

WITH FAILURE

CLI

edit-data --datastore candidate --config=/root/exmc.xml OK validate --source candidate ERROR type: application tag: operation-failed severity: error message: Validation failed

    type:     application
    tag:      operation-failed
    severity: error
    message:  User callback failed.

SERVERLOG [INF]: SR: EV ORIGIN: "/ietf-netconf:validate" "rpc" ID 3 priority 1 for 1 subscribers published. [WRN]: SR: EV ORIGIN: "/ietf-netconf:validate" "rpc" ID 3 priority 1 failed (Validation failed). [ERR]: SR: User callback failed. [ERR]: NP: Failed to send an RPC (User callback failed). [INF]: NP: Session 3: thread 1 event new RPC. [INF]: NP: Session 3: thread 1 event reply error.

[root@lpt-fhyz314 build]# ./examples/rpc_subscribe_example /ietf-netconf:validate Application will subscribe to "/ietf-netconf:validate" RPC.

========== LISTENING FOR RPC ==========

validation callback now RETURN SR_ERR_VALIDATION_FAILED

WITH TIMEOUT [root@lpt-fhyz314 build]# ./examples/rpc_subscribe_example /ietf-netconf:validate Application will subscribe to "/ietf-netconf:validate" RPC.

========== LISTENING FOR RPC ==========

validation callback now <sleeping 120s>

CLI

validate --source candidate --rpc-timeout 30 ERROR type: application tag: operation-failed severity: error message: EV ORIGIN: SHM event "rpc" ID 4 processing timed out.

    type:     application
    tag:      operation-failed
    severity: error
    message:  User callback failed.

SERVERLOG [INF]: SR: EV ORIGIN: "/ietf-netconf:validate" "rpc" ID 4 priority 1 for 1 subscribers published. [ERR]: SR: EV ORIGIN: SHM event "rpc" ID 4 processing timed out. [WRN]: SR: EV ORIGIN: "/ietf-netconf:validate" "rpc" ID 4 priority 1 failed (Timeout expired). [ERR]: SR: User callback failed. [ERR]: NP: Failed to send an RPC (User callback failed). [INF]: NP: Session 4: thread 0 event new RPC. [INF]: NP: Session 4: thread 0 event reply error.

michalvasko commented 1 month ago

I could hold the validation callback for a max of 1.9s , beyond this, validation times out and error is returned. can this ietf-netconf validate timeout be configured? if so how?

You should be able to increase this using a netopeer2-server parameter -t 10, for example (look at netopeer2-server -h for details).