root / docs / source / manager.rst @ 09e50473
History | View | Annotate | Download (10.3 kB)
1 |
:mod:`~ncclient.manager` -- High-level API |
---|---|
2 |
========================================== |
3 |
|
4 |
.. module:: ncclient.manager |
5 |
:synopsis: High-level API |
6 |
|
7 |
Factory functions |
8 |
----------------- |
9 |
|
10 |
A `Manager` instance is created using a factory function. |
11 |
|
12 |
.. function:: connect_ssh(host[, port=830, timeout=None, unknown_host_cb=default_unknown_host_cb, username=None, password, key_filename=None, allow_agent=True, look_for_keys=True]) |
13 |
|
14 |
Initializes a NETCONF session over SSH, and creates a connected `Manager` |
15 |
instance. *host* must be specified, all the other arguments are optional and |
16 |
depend on the kind of host key verification and user authentication you want |
17 |
to complete. |
18 |
|
19 |
For the purpose of host key verification, on POSIX systems a user's |
20 |
:file:`~/.ssh/known_hosts` file is automatically considered. The |
21 |
*unknown_host_cb* argument specifies a callback that will be invoked when |
22 |
the server's host key cannot be verified. See |
23 |
:func:`~ncclient.transport.ssh.default_known_host_cb` for function signature. |
24 |
|
25 |
First, ``publickey`` authentication is attempted. If a specific |
26 |
*key_filename* is specified, it will be loaded and authentication attempted |
27 |
using it. If *allow_agent* is :const:`True` and an SSH agent is running, the keys |
28 |
provided by the agent will be tried. If *look_for_keys* is :const:`True`, keys in |
29 |
the :file:`~/.ssh/id_rsa` and :file:`~.ssh/id_dsa` will be tried. In case an |
30 |
encrypted key file is encountered, the *password* argument will be used as a |
31 |
decryption passphrase. |
32 |
|
33 |
If ``publickey`` authentication fails and the *password* argument has been |
34 |
supplied, ``password`` / ``keyboard-interactive`` SSH authentication will be |
35 |
attempted. |
36 |
|
37 |
:param host: hostname or address on which to connect |
38 |
:type host: `string` |
39 |
|
40 |
:param port: port on which to connect |
41 |
:type port: `int` |
42 |
|
43 |
:param timeout: timeout for socket connect |
44 |
:type timeout: `int` |
45 |
|
46 |
:param unknown_host_cb: optional; callback that is invoked when host key |
47 |
verification fails |
48 |
:type unknown_host_cb: `function` |
49 |
|
50 |
:param username: username to authenticate with, if not specified the |
51 |
username of the logged-in user is used |
52 |
:type username: `string` |
53 |
|
54 |
:param password: password for ``password`` authentication or passphrase for |
55 |
decrypting private key files |
56 |
:type password: `string` |
57 |
|
58 |
:param key_filename: location of a private key file on the file system |
59 |
:type key_filename: `string` |
60 |
|
61 |
:param allow_agent: whether to try connecting to SSH agent for keys |
62 |
:type allow_agent: `bool` |
63 |
|
64 |
:param look_for_keys: whether to look in usual locations for keys |
65 |
:type look_for_keys: `bool` |
66 |
|
67 |
:raises: :exc:`~ncclient.transport.SSHUnknownHostError` |
68 |
:raises: :exc:`~ncclient.transport.AuthenticationError` |
69 |
|
70 |
:rtype: `Manager` |
71 |
|
72 |
.. function:: connect() |
73 |
|
74 |
Same as :func:`connect_ssh`, since SSH is the default (and currently, the |
75 |
only) transport. |
76 |
|
77 |
Manager |
78 |
------- |
79 |
|
80 |
Exposes an API for RPC operations as method calls. The return type of these |
81 |
methods depends on whether we are is in :attr:`asynchronous or synchronous |
82 |
mode <ncclient.manager.Manager.async_mode>`. |
83 |
|
84 |
In synchronous mode replies are awaited and the corresponding |
85 |
`~ncclient.operations.RPCReply` object is returned. Depending on the |
86 |
:attr:`exception raising mode <ncclient.manager.Manager.raise_mode>`, an |
87 |
*rpc-error* in the reply may be raised as :exc:`RPCError` exceptions. |
88 |
|
89 |
However in asynchronous mode, operations return immediately with an |
90 |
`~ncclient.operations.RPC` object. Error handling and checking for whether a |
91 |
reply has been received must be dealt with manually. See the |
92 |
`~ncclient.operations.RPC` documentation for details. |
93 |
|
94 |
Note that in case of the *get* and *get-config* operations, the reply is an |
95 |
instance of `~ncclient.operations.GetReply` which exposes the additional |
96 |
attributes :attr:`~ncclient.operations.GetReply.data` |
97 |
(as `~xml.etree.ElementTree.Element`) and |
98 |
:attr:`~ncclient.operations.GetReply.data_xml` (as `string`), which are of primary |
99 |
interest in case of these operations. |
100 |
|
101 |
Presence of capabilities is verified to the extent possible, and you can expect |
102 |
a :exc:`~ncclient.operations.MissingCapabilityError` if something is amiss. In |
103 |
case of transport-layer errors, e.g. unexpected session close, |
104 |
:exc:`~ncclient.transport.TransportError` will be raised. |
105 |
|
106 |
.. class:: Manager |
107 |
|
108 |
For details on the expected behavior of the operations and their parameters |
109 |
refer to :rfc:`4741`. |
110 |
|
111 |
Manager instances are also context managers so you can use it like this:: |
112 |
|
113 |
with manager.connect("host") as m: |
114 |
# do your stuff |
115 |
|
116 |
... or like this:: |
117 |
|
118 |
m = manager.connect("host") |
119 |
try: |
120 |
# do your stuff |
121 |
finally: |
122 |
m.close() |
123 |
|
124 |
.. method:: get_config(source[, filter=None]) |
125 |
|
126 |
Retrieve all or part of a specified configuration. |
127 |
|
128 |
:param source: name of the configuration datastore being queried |
129 |
:type source: `string` |
130 |
|
131 |
:param filter: see :ref:`filter_params` |
132 |
|
133 |
.. method:: edit_config(target, config[, default_operation=None, test_option=None, error_option=None]) |
134 |
|
135 |
Loads all or part of a specified configuration to the specified target configuration. |
136 |
|
137 |
The ``"rollback-on-error"`` *error_option* depends on the ``:rollback-on-error`` capability. |
138 |
|
139 |
:param target: name of the configuration datastore being edited |
140 |
:type target: `string` |
141 |
|
142 |
:param default_operation: one of { ``"merge"``, ``"replace"``, or ``"none"`` } |
143 |
:type default_operation: `string` |
144 |
|
145 |
:param test_option: one of { ``"test_then_set"``, ``"set"`` } |
146 |
:type test_option: `string` |
147 |
|
148 |
:param error_option: one of { ``"stop-on-error"``, ``"continue-on-error"``, ``"rollback-on-error"`` } |
149 |
:type error_option: `string` |
150 |
|
151 |
:param config: *<config>* element as an XML string or `~xml.etree.ElementTree.Element` object |
152 |
|
153 |
.. method:: copy_config(source, target) |
154 |
|
155 |
Create or replace an entire configuration datastore with the contents of |
156 |
another complete configuration datastore. |
157 |
|
158 |
:param source: see :ref:`srctarget_params` |
159 |
|
160 |
:param target: see :ref:`srctarget_params` |
161 |
|
162 |
.. method:: delete_config(target) |
163 |
|
164 |
Delete a configuration datastore. |
165 |
|
166 |
:param target: see :ref:`srctarget_params` |
167 |
|
168 |
.. method:: lock(target) |
169 |
|
170 |
Allows the client to lock the configuration system of a device. |
171 |
|
172 |
:param target: name of the configuration datastore to lock |
173 |
:type target: `string` |
174 |
|
175 |
.. method:: unlock(target) |
176 |
|
177 |
Release a configuration lock, previously obtained with the |
178 |
:meth:`~ncclient.manager.Manager.lock` operation. |
179 |
|
180 |
:param target: name of the configuration datastore to unlock |
181 |
:type target: `string` |
182 |
|
183 |
.. method:: locked(target) |
184 |
|
185 |
Returns a context manager for a lock on a datastore, e.g.:: |
186 |
|
187 |
with m.locked("running"): |
188 |
# do your stuff |
189 |
|
190 |
... instead of:: |
191 |
|
192 |
m.lock("running") |
193 |
try: |
194 |
# do your stuff |
195 |
finally: |
196 |
m.unlock("running") |
197 |
|
198 |
:param target: datastore name. See :ref:`srctarget_params` |
199 |
|
200 |
:rtype: `~ncclient.operations.LockContext` |
201 |
|
202 |
.. method:: get([filter=None]) |
203 |
|
204 |
Retrieve running configuration and device state information. |
205 |
|
206 |
:param filter: see :ref:`filter_params` |
207 |
|
208 |
.. method:: close_session() |
209 |
|
210 |
Request graceful termination of the NETCONF session, and also close the |
211 |
transport. |
212 |
|
213 |
.. method:: kill_session(session_id) |
214 |
|
215 |
Force the termination of a NETCONF session (not the current one!). |
216 |
|
217 |
:param session_id: session identifier of the NETCONF session to be |
218 |
terminated |
219 |
:type session_id: `string` |
220 |
|
221 |
.. attribute:: async_mode |
222 |
|
223 |
Specify whether operations are executed asynchronously (:const:`True`) |
224 |
or synchronously (:const:`False`) (the default). |
225 |
|
226 |
.. attribute:: raise_mode |
227 |
|
228 |
The raise *mode* affects what errors are raised as |
229 |
:exc:`~ncclient.operations.RPCError` exceptions. |
230 |
|
231 |
* ``"all"`` -- any kind of *rpc-error* (error or warning) |
232 |
* ``"errors"`` -- where the *error-type* attribute says it is an error |
233 |
* ``"none"`` -- neither |
234 |
|
235 |
.. attribute:: client_capabilities |
236 |
|
237 |
`~ncclient.capabilities.Capabilities` object representing the client's |
238 |
capabilities. |
239 |
|
240 |
.. attribute:: server_capabilities |
241 |
|
242 |
`~ncclient.capabilities.Capabilities` object representing the server's |
243 |
capabilities. |
244 |
|
245 |
.. attribute:: session_id |
246 |
|
247 |
The *session-id* assigned by the NETCONF server. |
248 |
|
249 |
.. attribute:: connected |
250 |
|
251 |
A boolean value indicating whether currently connected to the NETCONF |
252 |
server. |
253 |
|
254 |
|
255 |
Special kinds of parameters |
256 |
^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
257 |
|
258 |
To keep the API clean, some parameters can take on different types. |
259 |
|
260 |
.. _srctarget_params: |
261 |
|
262 |
Source and target parameters |
263 |
"""""""""""""""""""""""""""" |
264 |
|
265 |
Where an method takes a *source* or *target* argument, usually a datastore name |
266 |
or URL is expected. The latter depends on the ``:url`` capability and on whether |
267 |
the specific URL scheme is supported. Either must be specified as a `string`. |
268 |
For example, ``"running"``, ``"ftp://user:pass@host/config"``. |
269 |
|
270 |
If the source may be a *<config>* element, e.g. as allowed for the *validate* |
271 |
RPC, it can be specified either as an XML string or an |
272 |
`~xml.etree.ElementTree.Element` object rooted in the *<config>* element. |
273 |
|
274 |
.. _filter_params: |
275 |
|
276 |
Filter parameters |
277 |
""""""""""""""""" |
278 |
|
279 |
Where a method takes a *filter* argument, it can take on the following types: |
280 |
|
281 |
* A ``tuple`` of *(type, criteria)*. |
282 |
|
283 |
Here *type* has to be one of ``"xpath"`` or ``"subtree"``. |
284 |
|
285 |
* For ``"xpath"`` the *criteria* should be a `string` containing the XPath |
286 |
expression. |
287 |
* For ``"subtree"`` the *criteria* should be an XML string or an |
288 |
`~xml.etree.ElementTree.Element` object containing the criteria. |
289 |
|
290 |
* A *<filter>* element as an XML string or an `~xml.etree.ElementTree.Element` |
291 |
object. |