Prerequisites and Preparations
ConfD Installation
ConfD (a product from Tail-f) is used as an intermediary between the Paragon Active Assurance system and NETCONF. ConfD connects Paragon Active Assurance configuration and operational data to the NETCONF & YANG API.
ConfD should have been installed along with the Control Center software, as described in the Paragon Active Assurance Installation Guide.
Verifying That ConfD Is Running
To verify that the ConfD is up and running, run the command
ssh -s <username>@localhost -p 830 netconf
<username>
is as defined by the
netconf user create
In the output, verify that the Control Center module is included. The output should contain a line like the following:
<capability>http://ncc.netrounds.com?module=netrounds-ncc&revision=2017-06-15</capability>
Synchronizing the Configuration Database with Control Center
Finally, we need to update the configuration database through NETCONF. We will do so here by means of a Python library called ncclient (NETCONF Client). However, the task could also be accomplished in a different programming language as long as it uses the NETCONF/YANG protocol.
The role of ncclient is to act as a client towards the ConfD server that hosts the NETCONF/YANG API.
It is worth pointing out that ncclient is not related in any way to Control Center (previously "Netrounds Control Center"), although the name happens to begin with "ncc".
Here is how to install ncclient:
- Download the software from https://github.com/ncclient/ncclient.
- Run this command:
pip install ncclient
We can now perform the synchronization as follows. Note carefully that this needs to be done on a separate computer, and not on the Control Center server itself:
# # NOTE: # This script acts as a client towards ConfD running on the NCC server. # It will use the NETCONF/YANG API for communication. # # The script is not meant to run on the NCC server! # Run it on a separate client computer. # from ncclient import manager from ncclient.xml_ import to_ele # NETCONF server host = '<host IP>' # Replace with server IP of Control Center port = 830 user = '<username>' # Replace with username defined in "netconf user create" command password = '<password>' # Replace with password defined in "netconf user create" command # Product account netrounds_account = '<account>' # Replace with account name with manager.connect(host=host, port=port, username=user, password=password, hostkey_verify=False) as m: # Update config database xml = """<sync-from-ncc xmlns="http://ncc.netrounds.com"/>""" # Convert to ElementTree Element elem = to_ele(xml) print m.dispatch(elem)
This procedure is also required whenever Test Agents have been installed and registered independently of NETCONF. See the note in the section Overview of Test Agent Orchestration for more information.
Setting Up Multiple NETCONF-controlled Paragon Active Assurance Accounts
The steps below are required only if you wish to set up further Paragon Active Assurance accounts to be controlled by NETCONF, in addition to the account configured in this way in the Installation Guide, section "Installing ConfD".
For each such account, proceed as follows:
- In Control Center, log in to the account and navigate to Account > Permissions.
- Add the user "confd@netrounds.com", and grant this ConfD user admin permission in the GUI by clicking the Invite button.
- Synchronize the configuration database with Control Center as described in the section Synchronizing the Configuration Database with Control Center.
You should now be able to control multiple Paragon Active Assurance accounts with the same ConfD user.
Once you start controlling a Paragon Active Assurance account via ConfD, you must NOT make changes to this account through the web GUI with respect to any Paragon Active Assurance features that are "config" (see the chapter Supported Features in Paragon Active Assurance). If you do, loss of sync will result.