config parser enhancements

Environment

netutils version: 1.2.0

Proposed Functionality

No specific functionality is proposed but can be discussed as the use cases are considered.

Use Case

Use-cases include:

Providing the user information about where intended changes in configuration have originated from. This would be of great help when maintaining larger configurations and a library of configuration templates.
Incremental/partial patch-based configuration changes, not just "big-bang" changes.
Tracking "negated" configuration items. For example if a cisco-style change is applied which under a specific interface sets "no ip proxy-arp", followed by another change to set "ip proxy-arp", there should only be a single configuration line as a result.

The demo output below is from my own tooling based on the Lark parsing toolkit, which I can share privately but consider to be PoC quality. The ideas may be used to enhance functionality in the netutils config parser.

Example

demo.py

from copy import deepcopy
from conformer.collections import ConfigDict
from conformer.interpreters import PatchInterpreter
from conformer.parsers import IOSPatchParser
from conformer.renderers import IOSConfigRenderer

CONFIG = """
lldp run
!
interface Ethernet0
 no ip redirects
 ip unreachables
 ip proxy-arp
 !
ip access-list extended ACL-MGMT-IN
 permit icmp host 1.2.3.4 any foo
 permit tcp host 1.2.3.4 any ssh
 deny tcp any any fragments
 deny udp any any fragments
"""

CONFIG_PATCH = """
[delete]
cdp run
lldp run
service password-recovery

[delete-regex] banner .*

[replace]
ip access-list extended ACL-MGMT-IN
 permit icmp host 1.2.3.4 any echo
 permit tcp host 1.2.3.4 any ssh
 deny tcp any any fragments
 deny udp any any fragments

control-plane host
 management-interface GigabitEthernet 0/1 allow ssh https

[merge]
interface Ethernet0
 no ip redirects
 no ip unreachables
 [delete]
 ip proxy-arp
"""

def demo():
    target = ConfigDict()
    parser = IOSPatchParser()
    patcher = PatchInterpreter(target)
    renderer = IOSConfigRenderer(target)

    config_tree = parser.parse(CONFIG)
    patch_tree = parser.parse(CONFIG_PATCH)

    # Apply current config to patcher
    patcher.visit(config_tree)
    print("Current")
    print("-------")
    renderer.print(patcher.target)
    print()

    # Load config patch into patcher
    current = deepcopy(patcher.target)
    patcher.visit(patch_tree)

    print("Patched")
    print("-------")
    renderer.print(patcher.target)
    print()

    # Calculate diff between current and patched config
    diff = current.diff(patcher.target)
    print("Diff")
    print("----")
    diff.pretty_print()
    print("")

if __name__ == "__main__":
    demo()

output

Current
-------
lldp run
interface Ethernet0
 no ip redirects
 ip unreachables
 ip proxy-arp
ip access-list extended ACL-MGMT-IN
 permit icmp host 1.2.3.4 any foo
 permit tcp host 1.2.3.4 any ssh
 deny tcp any any fragments
 deny udp any any fragments

Patched
-------
no lldp run
interface Ethernet0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
ip access-list extended ACL-MGMT-IN
 no permit icmp host 1.2.3.4 any foo
 permit tcp host 1.2.3.4 any ssh
 deny tcp any any fragments
 deny udp any any fragments
 permit icmp host 1.2.3.4 any echo
control-plane host
 management-interface GigabitEthernet 0/1 allow ssh https

Diff
----
no lldp run   (from line 4 column 1)
interface Ethernet0   (from line 7 column 2)
 no ip unreachables   (from line 22 column 2)
 no ip proxy-arp   (from line 24 column 2)
ip access-list extended ACL-MGMT-IN   (from line 10 column 2)
 no permit icmp host 1.2.3.4 any foo   (from line 10 column 2)
 permit icmp host 1.2.3.4 any echo   (from line 11 column 2)
control-plane host   (from line 16 column 1)
 management-interface GigabitEthernet 0/1 allow ssh https   (from line 17 column 2)

networktocode / netutils

config parser enhancements #156

Environment

Proposed Functionality

Use Case

Example