root / docs / source / manager.rst @ 09e50473
History | View | Annotate | Download (10.3 kB)
| 1 |
:mod:`~ncclient.manager` -- High-level API |
|---|---|
| 2 |
========================================== |
| 3 |
|
| 4 |
.. module:: ncclient.manager |
| 5 |
:synopsis: High-level API |
| 6 |
|
| 7 |
Factory functions |
| 8 |
----------------- |
| 9 |
|
| 10 |
A `Manager` instance is created using a factory function. |
| 11 |
|
| 12 |
.. function:: connect_ssh(host[, port=830, timeout=None, unknown_host_cb=default_unknown_host_cb, username=None, password, key_filename=None, allow_agent=True, look_for_keys=True]) |
| 13 |
|
| 14 |
Initializes a NETCONF session over SSH, and creates a connected `Manager` |
| 15 |
instance. *host* must be specified, all the other arguments are optional and |
| 16 |
depend on the kind of host key verification and user authentication you want |
| 17 |
to complete. |
| 18 |
|
| 19 |
For the purpose of host key verification, on POSIX systems a user's |
| 20 |
:file:`~/.ssh/known_hosts` file is automatically considered. The |
| 21 |
*unknown_host_cb* argument specifies a callback that will be invoked when |
| 22 |
the server's host key cannot be verified. See |
| 23 |
:func:`~ncclient.transport.ssh.default_known_host_cb` for function signature. |
| 24 |
|
| 25 |
First, ``publickey`` authentication is attempted. If a specific |
| 26 |
*key_filename* is specified, it will be loaded and authentication attempted |
| 27 |
using it. If *allow_agent* is :const:`True` and an SSH agent is running, the keys |
| 28 |
provided by the agent will be tried. If *look_for_keys* is :const:`True`, keys in |
| 29 |
the :file:`~/.ssh/id_rsa` and :file:`~.ssh/id_dsa` will be tried. In case an |
| 30 |
encrypted key file is encountered, the *password* argument will be used as a |
| 31 |
decryption passphrase. |
| 32 |
|
| 33 |
If ``publickey`` authentication fails and the *password* argument has been |
| 34 |
supplied, ``password`` / ``keyboard-interactive`` SSH authentication will be |
| 35 |
attempted. |
| 36 |
|
| 37 |
:param host: hostname or address on which to connect |
| 38 |
:type host: `string` |
| 39 |
|
| 40 |
:param port: port on which to connect |
| 41 |
:type port: `int` |
| 42 |
|
| 43 |
:param timeout: timeout for socket connect |
| 44 |
:type timeout: `int` |
| 45 |
|
| 46 |
:param unknown_host_cb: optional; callback that is invoked when host key |
| 47 |
verification fails |
| 48 |
:type unknown_host_cb: `function` |
| 49 |
|
| 50 |
:param username: username to authenticate with, if not specified the |
| 51 |
username of the logged-in user is used |
| 52 |
:type username: `string` |
| 53 |
|
| 54 |
:param password: password for ``password`` authentication or passphrase for |
| 55 |
decrypting private key files |
| 56 |
:type password: `string` |
| 57 |
|
| 58 |
:param key_filename: location of a private key file on the file system |
| 59 |
:type key_filename: `string` |
| 60 |
|
| 61 |
:param allow_agent: whether to try connecting to SSH agent for keys |
| 62 |
:type allow_agent: `bool` |
| 63 |
|
| 64 |
:param look_for_keys: whether to look in usual locations for keys |
| 65 |
:type look_for_keys: `bool` |
| 66 |
|
| 67 |
:raises: :exc:`~ncclient.transport.SSHUnknownHostError` |
| 68 |
:raises: :exc:`~ncclient.transport.AuthenticationError` |
| 69 |
|
| 70 |
:rtype: `Manager` |
| 71 |
|
| 72 |
.. function:: connect() |
| 73 |
|
| 74 |
Same as :func:`connect_ssh`, since SSH is the default (and currently, the |
| 75 |
only) transport. |
| 76 |
|
| 77 |
Manager |
| 78 |
------- |
| 79 |
|
| 80 |
Exposes an API for RPC operations as method calls. The return type of these |
| 81 |
methods depends on whether we are is in :attr:`asynchronous or synchronous |
| 82 |
mode <ncclient.manager.Manager.async_mode>`. |
| 83 |
|
| 84 |
In synchronous mode replies are awaited and the corresponding |
| 85 |
`~ncclient.operations.RPCReply` object is returned. Depending on the |
| 86 |
:attr:`exception raising mode <ncclient.manager.Manager.raise_mode>`, an |
| 87 |
*rpc-error* in the reply may be raised as :exc:`RPCError` exceptions. |
| 88 |
|
| 89 |
However in asynchronous mode, operations return immediately with an |
| 90 |
`~ncclient.operations.RPC` object. Error handling and checking for whether a |
| 91 |
reply has been received must be dealt with manually. See the |
| 92 |
`~ncclient.operations.RPC` documentation for details. |
| 93 |
|
| 94 |
Note that in case of the *get* and *get-config* operations, the reply is an |
| 95 |
instance of `~ncclient.operations.GetReply` which exposes the additional |
| 96 |
attributes :attr:`~ncclient.operations.GetReply.data` |
| 97 |
(as `~xml.etree.ElementTree.Element`) and |
| 98 |
:attr:`~ncclient.operations.GetReply.data_xml` (as `string`), which are of primary |
| 99 |
interest in case of these operations. |
| 100 |
|
| 101 |
Presence of capabilities is verified to the extent possible, and you can expect |
| 102 |
a :exc:`~ncclient.operations.MissingCapabilityError` if something is amiss. In |
| 103 |
case of transport-layer errors, e.g. unexpected session close, |
| 104 |
:exc:`~ncclient.transport.TransportError` will be raised. |
| 105 |
|
| 106 |
.. class:: Manager |
| 107 |
|
| 108 |
For details on the expected behavior of the operations and their parameters |
| 109 |
refer to :rfc:`4741`. |
| 110 |
|
| 111 |
Manager instances are also context managers so you can use it like this:: |
| 112 |
|
| 113 |
with manager.connect("host") as m:
|
| 114 |
# do your stuff |
| 115 |
|
| 116 |
... or like this:: |
| 117 |
|
| 118 |
m = manager.connect("host")
|
| 119 |
try: |
| 120 |
# do your stuff |
| 121 |
finally: |
| 122 |
m.close() |
| 123 |
|
| 124 |
.. method:: get_config(source[, filter=None]) |
| 125 |
|
| 126 |
Retrieve all or part of a specified configuration. |
| 127 |
|
| 128 |
:param source: name of the configuration datastore being queried |
| 129 |
:type source: `string` |
| 130 |
|
| 131 |
:param filter: see :ref:`filter_params` |
| 132 |
|
| 133 |
.. method:: edit_config(target, config[, default_operation=None, test_option=None, error_option=None]) |
| 134 |
|
| 135 |
Loads all or part of a specified configuration to the specified target configuration. |
| 136 |
|
| 137 |
The ``"rollback-on-error"`` *error_option* depends on the ``:rollback-on-error`` capability. |
| 138 |
|
| 139 |
:param target: name of the configuration datastore being edited |
| 140 |
:type target: `string` |
| 141 |
|
| 142 |
:param default_operation: one of { ``"merge"``, ``"replace"``, or ``"none"`` }
|
| 143 |
:type default_operation: `string` |
| 144 |
|
| 145 |
:param test_option: one of { ``"test_then_set"``, ``"set"`` }
|
| 146 |
:type test_option: `string` |
| 147 |
|
| 148 |
:param error_option: one of { ``"stop-on-error"``, ``"continue-on-error"``, ``"rollback-on-error"`` }
|
| 149 |
:type error_option: `string` |
| 150 |
|
| 151 |
:param config: *<config>* element as an XML string or `~xml.etree.ElementTree.Element` object |
| 152 |
|
| 153 |
.. method:: copy_config(source, target) |
| 154 |
|
| 155 |
Create or replace an entire configuration datastore with the contents of |
| 156 |
another complete configuration datastore. |
| 157 |
|
| 158 |
:param source: see :ref:`srctarget_params` |
| 159 |
|
| 160 |
:param target: see :ref:`srctarget_params` |
| 161 |
|
| 162 |
.. method:: delete_config(target) |
| 163 |
|
| 164 |
Delete a configuration datastore. |
| 165 |
|
| 166 |
:param target: see :ref:`srctarget_params` |
| 167 |
|
| 168 |
.. method:: lock(target) |
| 169 |
|
| 170 |
Allows the client to lock the configuration system of a device. |
| 171 |
|
| 172 |
:param target: name of the configuration datastore to lock |
| 173 |
:type target: `string` |
| 174 |
|
| 175 |
.. method:: unlock(target) |
| 176 |
|
| 177 |
Release a configuration lock, previously obtained with the |
| 178 |
:meth:`~ncclient.manager.Manager.lock` operation. |
| 179 |
|
| 180 |
:param target: name of the configuration datastore to unlock |
| 181 |
:type target: `string` |
| 182 |
|
| 183 |
.. method:: locked(target) |
| 184 |
|
| 185 |
Returns a context manager for a lock on a datastore, e.g.:: |
| 186 |
|
| 187 |
with m.locked("running"):
|
| 188 |
# do your stuff |
| 189 |
|
| 190 |
... instead of:: |
| 191 |
|
| 192 |
m.lock("running")
|
| 193 |
try: |
| 194 |
# do your stuff |
| 195 |
finally: |
| 196 |
m.unlock("running")
|
| 197 |
|
| 198 |
:param target: datastore name. See :ref:`srctarget_params` |
| 199 |
|
| 200 |
:rtype: `~ncclient.operations.LockContext` |
| 201 |
|
| 202 |
.. method:: get([filter=None]) |
| 203 |
|
| 204 |
Retrieve running configuration and device state information. |
| 205 |
|
| 206 |
:param filter: see :ref:`filter_params` |
| 207 |
|
| 208 |
.. method:: close_session() |
| 209 |
|
| 210 |
Request graceful termination of the NETCONF session, and also close the |
| 211 |
transport. |
| 212 |
|
| 213 |
.. method:: kill_session(session_id) |
| 214 |
|
| 215 |
Force the termination of a NETCONF session (not the current one!). |
| 216 |
|
| 217 |
:param session_id: session identifier of the NETCONF session to be |
| 218 |
terminated |
| 219 |
:type session_id: `string` |
| 220 |
|
| 221 |
.. attribute:: async_mode |
| 222 |
|
| 223 |
Specify whether operations are executed asynchronously (:const:`True`) |
| 224 |
or synchronously (:const:`False`) (the default). |
| 225 |
|
| 226 |
.. attribute:: raise_mode |
| 227 |
|
| 228 |
The raise *mode* affects what errors are raised as |
| 229 |
:exc:`~ncclient.operations.RPCError` exceptions. |
| 230 |
|
| 231 |
* ``"all"`` -- any kind of *rpc-error* (error or warning) |
| 232 |
* ``"errors"`` -- where the *error-type* attribute says it is an error |
| 233 |
* ``"none"`` -- neither |
| 234 |
|
| 235 |
.. attribute:: client_capabilities |
| 236 |
|
| 237 |
`~ncclient.capabilities.Capabilities` object representing the client's |
| 238 |
capabilities. |
| 239 |
|
| 240 |
.. attribute:: server_capabilities |
| 241 |
|
| 242 |
`~ncclient.capabilities.Capabilities` object representing the server's |
| 243 |
capabilities. |
| 244 |
|
| 245 |
.. attribute:: session_id |
| 246 |
|
| 247 |
The *session-id* assigned by the NETCONF server. |
| 248 |
|
| 249 |
.. attribute:: connected |
| 250 |
|
| 251 |
A boolean value indicating whether currently connected to the NETCONF |
| 252 |
server. |
| 253 |
|
| 254 |
|
| 255 |
Special kinds of parameters |
| 256 |
^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
| 257 |
|
| 258 |
To keep the API clean, some parameters can take on different types. |
| 259 |
|
| 260 |
.. _srctarget_params: |
| 261 |
|
| 262 |
Source and target parameters |
| 263 |
"""""""""""""""""""""""""""" |
| 264 |
|
| 265 |
Where an method takes a *source* or *target* argument, usually a datastore name |
| 266 |
or URL is expected. The latter depends on the ``:url`` capability and on whether |
| 267 |
the specific URL scheme is supported. Either must be specified as a `string`. |
| 268 |
For example, ``"running"``, ``"ftp://user:pass@host/config"``. |
| 269 |
|
| 270 |
If the source may be a *<config>* element, e.g. as allowed for the *validate* |
| 271 |
RPC, it can be specified either as an XML string or an |
| 272 |
`~xml.etree.ElementTree.Element` object rooted in the *<config>* element. |
| 273 |
|
| 274 |
.. _filter_params: |
| 275 |
|
| 276 |
Filter parameters |
| 277 |
""""""""""""""""" |
| 278 |
|
| 279 |
Where a method takes a *filter* argument, it can take on the following types: |
| 280 |
|
| 281 |
* A ``tuple`` of *(type, criteria)*. |
| 282 |
|
| 283 |
Here *type* has to be one of ``"xpath"`` or ``"subtree"``. |
| 284 |
|
| 285 |
* For ``"xpath"`` the *criteria* should be a `string` containing the XPath |
| 286 |
expression. |
| 287 |
* For ``"subtree"`` the *criteria* should be an XML string or an |
| 288 |
`~xml.etree.ElementTree.Element` object containing the criteria. |
| 289 |
|
| 290 |
* A *<filter>* element as an XML string or an `~xml.etree.ElementTree.Element` |
| 291 |
object. |