Download - Mgw Config Mana
-
8/11/2019 Mgw Config Mana
1/48
Open Multimedia Gateway, Rel.
Ui5.0 EP2, Operating
Documentation, issue 1
Configuration Management
DN09137376
Issue 1-7
Nokia Siemens Networks is continually striving to reduce the adverse environmental effects of
its products and services. We would like to encourage you as our customers and users to join
us in working towards a cleaner, safer environment. Please recycle product packaging and
follow the recommendations for power use and proper disposal of our products and their compo-
nents.
If you should have questions regarding our Environmental Policy or any of the environmental
services we offer, please contact us at Nokia Siemens Networks for any additional information.
-
8/11/2019 Mgw Config Mana
2/48
2
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a1d243
The information in this document is subject to change without notice and describes only the
product defined in the introduction of this documentation. This documentation is intended for the
use of Nokia Siemens Networks customers only for the purposes of the agreement under whichthe document is submitted, and no part of it may be used, reproduced, modified or transmitted
in any form or means without the prior written permission of Nokia Siemens Networks. The
documentation has been prepared to be used by professional and properly trained personnel,
and the customer assumes full responsibility when using it. Nokia Siemens Networks welcomes
customer comments as part of the process of continuous development and improvement of the
documentation.
The information or statements given in this documentation concerning the suitability, capacity,
or performance of the mentioned hardware or software products are given "as is" and all liability
arising in connection with such hardware or software products shall be defined conclusively and
finally in a separate agreement between Nokia Siemens Networks and the customer. However,
Nokia Siemens Networks has made all reasonable efforts to ensure that the instructions
contained in the document are adequate and free of material errors and omissions. Nokia
Siemens Networks will, if deemed necessary by Nokia Siemens Networks, explain issues which
may not be covered by the document.
Nokia Siemens Networks will correct errors in this documentation as soon as possible. IN NO
EVENT WILL Nokia Siemens Networks BE LIABLE FOR ERRORS IN THIS DOCUMENTA-
TION OR FOR ANY DAMAGES, INCLUDING BUT NOT LIMITED TO SPECIAL, DIRECT, INDI-
RECT, INCIDENTAL OR CONSEQUENTIAL OR ANY LOSSES, SUCH AS BUT NOT LIMITED
TO LOSS OF PROFIT, REVENUE, BUSINESS INTERRUPTION, BUSINESS OPPORTUNITY
OR DATA,THAT MAY ARISE FROM THE USE OF THIS DOCUMENT OR THE INFORMATION
IN IT.
This documentation and the product it describes are considered protected by copyrights and
other intellectual property rights according to the applicable laws.
The wave logo is a trademark of Nokia Siemens Networks Oy. Nokia is a registered trademark
of Nokia Corporation. Siemens is a registered trademark of Siemens AG.
Other product names mentioned in this document may be trademarks of their respectiveowners, and they are mentioned for identification purposes only.
Copyright Nokia Siemens Networks 2013/11/15. All rights reserved
f Important Notice on Product SafetyThis product may present safety risks due to laser, electricity, heat, and other sources
of danger.
Only trained and qualified personnel may install, operate, maintain or otherwise handle
this product and only after having carefully read the safety information applicable to this
product.
The safety information is provided in the Safety Information section in the Legal, Safety
and Environmental Information part of this document or documentation set.
The same text in German:
f Wichtiger Hinweis zur ProduktsicherheitVon diesem Produkt knnen Gefahren durch Laser, Elektrizitt, Hitzeentwicklung oder
andere Gefahrenquellen ausgehen.
Installation, Betrieb, Wartung und sonstige Handhabung des Produktes darf nur durch
geschultes und qualifiziertes Personal unter Beachtung der anwendbaren Sicherheits-
anforderungen erfolgen.
Die Sicherheitsanforderungen finden Sie unter Sicherheitshinweise im Teil Legal,
Safety and Environmental Information dieses Dokuments oder dieses Dokumentations-
satzes.
-
8/11/2019 Mgw Config Mana
3/48
DN09137376 Issue 1-7
3
Configuration Management
Id:0900d80580a1d243
Table of ContentsThis document has 48 pages.
Summary of changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1 Scope of the document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2 Permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.1 Permissions for SCLI commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.2 Permissions for Web UI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3 Configuration management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.1 Configuration locking feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3.2 Configuration transaction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.3 Configuration snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
4 Configuration management with Web UI . . . . . . . . . . . . . . . . . . . . . . . . 15
4.1 Configuration lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
4.2 Transaction management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
4.3 Configuration snapshot operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
5 Configuration management with SCLI . . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.1 Configuration lock using SCLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.1.1 Using exclusive configuration lock to prevent parallel modification . . . . 21
5.1.2 Using the normal, non-exclusive configuration lock for parallel sessions by
the same user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.2 Transaction using SCLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
5.2.1 Executing a successful transaction . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295.2.2 Rollback a transaction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
5.3 Configuration snapshot using SCLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
5.3.1 Listing configuration snapshots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
5.3.2 Defining a new startup configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
5.3.3 Saving a configuration snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
5.3.4 Restoring a saved configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
5.3.5 Deleting a configuration snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
5.4 Making configuration changes using the configuration lock, transaction,
and configuration snapshot concept . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
-
8/11/2019 Mgw Config Mana
4/48
4
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a1d243
List of TablesTable 1 SCLI commands and user permissions . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Table 2 WebUI operations and user permissions . . . . . . . . . . . . . . . . . . . . . . . . 10
Table 3 Transaction States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Table 4 Parameter descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Table 5 Parameter descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Table 6 Parameters for executing a transaction command. . . . . . . . . . . . . . . . . 30
Table 7 Parameters of show snapshot list all command. . . . . . . . . . . . . . . . . . . 34
Table 8 Parameters of show snapshot list all command. . . . . . . . . . . . . . . . . . . 35
Table 9 Parameters of show snapshot list all command. . . . . . . . . . . . . . . . . . . 36
Table 10 Parameters of show snapshot list all command. . . . . . . . . . . . . . . . . . . 36
Table 11 Parameters of set snapshot startup command. . . . . . . . . . . . . . . . . . . . 38
Table 12 Parameters of save snapshot config-name command. . . . . . . . . . . . . . 40
Table 13 Parameters of set snapshot command. . . . . . . . . . . . . . . . . . . . . . . . . . 43Table 14 Parameters of delete snapshot command. . . . . . . . . . . . . . . . . . . . . . . 44
-
8/11/2019 Mgw Config Mana
5/48
DN09137376 Issue 1-7
5
Configuration Management Summary of changes
Id:0900d80580a23e33
Summary of changesChanges between document issues are cumulative. Therefore, the latest document
issue contains all changes made to previous issues.
Changes between Issue 1-7 and Issue 1-6:
Section Scope of the documentis added.
Permissions for NE3S are removed from section Permissions.
Section Configuration managementhas been updated:
A note for configuration lock is added;
A note for transaction commitment is added;
A reference to NE3S O&M interface in Open MGWis added.
Section Configuration management with Web UIhas been updated as following:
A note for configuration lock is added to subchapter Configuration lock;
A note for node startup is added to subchapter Transaction management.
Section Configuration management with SCLIis updated as follows:.
A note for configuration lock is added to subchapter Using the normal, non-
exclusive configuration lock for parallel sessions by the same user;
A note for node startup is added to subchapter Executing a successful transac-
tion;
Section Configuration management via NetAct is removed from the document.
Changes between Issue 1-6 and Issue 1-5:
Section Permissionsis updated.
Section Configuration managementhas been updated as following:
The description for Normal configuration lock and Exclusive configuration
lock are added.
Section Configuration management with Web UIhas been updated as following:
The transaction states icons are added to subchapter Transaction management.
Section Configuration management with SCLIis updated as follows:
Summary and parameter descriptions are updated throughout the chapter.
Section Configuration management via NetActis updated as follows:.
The name of the chapter is changed from Configuration management via NMS
to Configuration management via NetAct.
Fragments AoM and HWM is added to subchapter Introduction;
For subchapter NE3S WS Interface:
Fragments PM, AoM and HWM are updated;A note for encryption is added;
Subchapter Basic configurationis updated;
SubchapterAudit trail logging operations via NE3S-WS interfaceis added;
Subchapter Configuration snapshot in NE3SAgent, Configuration lock in
NE3SAgent, and Transaction timeout in NE3SAgentare updated;
Subchapter Configuring using SCLI commandsis added.
Changes between Issue 1-5 and Issue 1-4:
Section Configuration management with Web UIhas been updated as following:
The Tools tab is replaced with Configuration > Settings.
The transaction status contents are removed from subchapter Transaction man-agement.
http://x%3Dd%3Do%3Dc/s-000030.pdfhttp://x%3Dd%3Do%3Dc/s-000030.pdf -
8/11/2019 Mgw Config Mana
6/48
6
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a23e33
Summary of changes
Section Configuration managementhas been updated as following:
The reference to Adding nodes/blades to the system configuration is removed.
Changes between Issue 1-4 and Issue 1-3:
Section Configuration managementhas been updated as following:
Configuration transaction is updated.
Section Configuration management with SCLIis updated as follows:.
Summary is updated to subchapter Executing a successful transaction;
Summary is updated to subchapter Rollback a transaction;
Changes between Issue 1-4 and Issue 1-3:
Section Permissionsis updated.
Section Configuration management with Web UIhas been updated as following:
The whole chapter is updated.
Section Configuration management via NMSis updated as follows:.
Table NE3S WS supported fragments and features is updated to subchapter
NE3S WS Interface;
Subchapter Basic configurationis updated;
Subchapter Configuration snapshot in NE3SAgent, Configuration lock in
NE3SAgent, and Transaction timeout in NE3SAgentare added.
Changes between Issue 1-3 and Issue 1-2:
Section Permissionsis updated.
Section Configuration management with Web UIhas been updated as following:
Subchapter Using configuration lock in Web UIis updated;
Subchapter Naming configuration snapshotis updated;
Subchapter Deleting the configuration snapshotis updated;
Subchapter Saving existing configuration snapshot as startupis updated;
Section Using exclusive configuration lock to prevent parallel modificationhas been
updated:
Table Parameter descriptions has been updated;
Section Using configuration lock for parallel sessions by same userhas been
updated:
Step Enable configuration lock has been updated.
Section Configuration management via NMSis added.
Changes between Issue 1-2 and Issue 1-1:
Section Required permissionsis added.
Section Configuration managementhas been updated:
Description of Configuration locking feature has been updated;
Description of Configuration snapshot has been updated;
Changes between Issue 1-1 and Issue 1-0:
Section Configuration lock using SCLIhas been updated:
Step Execute an action in configuration directory of Using exclusive configura-
tion lock to prevent parallel modificationhave been updated;
Step Execute an action in session 2 of Using configuration lock for parallel
sessions by one user have been updated;
Section Transaction using SCLIhas been updated:
http://x%3Dd%3Do%3Dc/s-000005.pdfhttp://x%3Dd%3Do%3Dc/s-000005.pdf -
8/11/2019 Mgw Config Mana
7/48
DN09137376 Issue 1-7
7
Configuration Management Summary of changes
Id:0900d80580a23e33
Step sequence of Rollback a successful transactionhas been updated;
Section Configuration snapshot using SCLIhas been updated:
Defining a new startup configurationhave been updated;
Taking a configuration snapshot have been updated;
Listing configuration snapshotshave been updated;
Deleting a configuration snapshothave been updated;
-
8/11/2019 Mgw Config Mana
8/48
8
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a2e2e5
Scope of the document
1 Scope of the documentThis document is applicable to Open Multimedia Gateway (Open MGW) and Open
Border Gateway (Open BGW).
In this document, Open Multimedia Gateway (Open MGW) refers to both Open Multime-
dia Gateway (Open MGW) and Open Border Gateway (Open BGW).
-
8/11/2019 Mgw Config Mana
9/48
DN09137376 Issue 1-7
9
Configuration Management Permissions
Id:0900d80580a23f27
2 Permissions
2.1 Permissions for SCLI commandsYou must have correct permissions for executing SCLI commands. SCLI commands
and their related user permissions are provided in the following table:
2.2 Permissions for Web UI
You must have correct permissions for executing the WebUI procedures.
Tasks Permissions
Creating a new Configuration Directory
object
fsConfigManageAll or
fsConfigManageExclSecurity
Adding attributes to the Configuration
Directory object
fsConfigManageAll or
fsConfigManageExclSecurity
Modifying the attributes of the Configura-
tion Directory object
fsConfigManageAll or
fsConfigManageExclSecurity
Viewing the Configuration Directory
objects
fsConfigView
Deleting the Configuration Directory
object
fsConfigManageAll or
fsConfigManageExclSecurity
Using exclusive configuration lock to
prevent parallel modification
fsGlobalConfigLock
Using configuration lock for parallel
sessions by same user
fsGlobalConfigLock
Defining a new startup configuration fsConfigManageAll orfsConfigSnapshotManage
Taking a configuration snapshot fsConfigSnapshotManage or
fsConfigManageAll
Restoring a saved configuration fsConfigSnapshotManage or
fsConfigManageAll
Listing configuration snapshots fsConfigSnapshotManage orfs
ConfigView
Deleting a configuration snapshot fsConfigSnapshotManage or
fsConfigManageAll
Executing a successful transaction No permissions required
Rollback a transaction No permissions required
Committing a transaction No permissions required
Table 1 SCLI commands and user permissions
-
8/11/2019 Mgw Config Mana
10/48
10
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a23f27
Permissions
g For executing WebUI operations you must acquire thefsWebUIAllowClientSession permission to login to the WebUI before performing
any operation on the web interface.
WebUI procedures and their related user permissions are provided in the following
table:
Tasks Permissions
Configuration lock:
Acquiring configuration lock
Releasing configuration lock
fsGlobalConfigLock
Creating a snapshot fsConfigManageAll or
fsConfigSnapshotManage
Viewing a snapshot fsConfigView orfsConfigManageAll or
fsConfigSnapshotManage
Modifying a snapshot fsConfigManageAll or
fsConfigSnapshotManage
Deleting a snapshot fsConfigManageAll or
fsConfigSnapshotManage
Transaction Management No permissions required.
Table 2 WebUI operations and user permissions
-
8/11/2019 Mgw Config Mana
11/48
DN09137376 Issue 1-7
11
Configuration Management Configuration management
Id:0900d80580a23f29
3 Configuration managementThe configuration management of the Open MGW consists of management interfaces,
data storage and managed objects. Management interfaces are Structured Command
Line Interface (SCLI), Web User interface (Web UI) and NE3S interface towards NetAct.
See User Interfaces in Open MGW document for detailed information about SCLI and
Web UI. For detailed information about NE3S, see NE3S O&M interface in Open MGW
document
Configuration data is stored in a Configuration Directory server and in binary files. These
data formats form an integrated configuration data management solution. The different
data formats are not visible on the management interfaces.
Configuration changes affect the runtime configuration of the Open MGW. Using the
snapshot, the changes can be permanently stored on the disk. A snapshot contains all
LDAP data and specific binary files. The user can store several snapshots onto the disk,
and also restore to a previous snapshot.
Configuration data
In Open MGW, some parts of the configuration data are stored in binary configuration
files, which are centralized in a Cluster Administrator (CLA) unit and the disk, but copies
of them can exist on each functional unit if needed. The configuration data is included in
multiple files. The configuration files are loaded from disk and distributed also to other
units from the CLA.
In Open MGW, some parts of the configuration data are stored in LDAP (Lightweight
Directory Access Protocol) server database files, which are centralized in a master
LDAP server. This master LDAP is located in a Cluster Administrator (CLA) node.
However, configuration data can also be stored in the disk and local slave LDAP server
(copies) of other nodes if needed. The configuration data is included in multiple LDAP
database files. Configuration data in the LDAP server is loaded from the startup config-
uration volume (disk) into volatile memory.
Configuration management features
Configuration management offers many useful features that provide a more resilient
management system than traditional databases or configuration files:
Centralized and replicated data storage.
Both LDAP and binary data formats are available in a redundant pair of centralized
system disks, from which all software and configuration data can be loaded.
Data entry verification for catching errors in new entries before they are propagated
to the applications.
Data validation guarantees that the erroneous values are not accepted. Validation
is based on application plug-ins that are executed by the Configuration Validator, a
centralized service deployed in /Directory RG.
Protection against parallel modification of a parameter.
Possibility to revert back to a previous configuration if the changes cause undesired
results.
Dynamic configuration
It is possible to change the configuration by reloading a snapshot that has been taken
from a previous configuration. For managing snapshots, the following SCLI commands
can be used:
http://uimgw_ui_user_interfaces.pdf/http://uimgw_ui_user_interfaces.pdf/ -
8/11/2019 Mgw Config Mana
12/48
12
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a23f29
Configuration management
set snapshot startup
delete snapshot
show snapshot
3.1 Configuration locking feature
The SCLI or Web UI interface provides a mechanism to avoid parallel modification of the
configuration directory server by multiple users. To protect against parallel changes, you
must acquire a configuration lock before executing the configuration altering commands.
Acquiring the configuration lock is not mandatory, as different users can handle the parts
of the configuration independently. In case there are instances of multiple users using
the same configuration objects and interfering with each other, the configuration lock
protects against such unintended side effects. When configuration changes are done via
NE3S, an configuration lock is invoked by NE3S internally for the operation.
Therefore, to ensure that there is no parallel modification, you must acquire the config-uration lock. By acquiring an exclusive configuration lock through SCLI, neither the
same user ID with different session nor other users with different IDs can make any
change to the configuration data. In this way the configuration lock is enabled only for
one SCLI session. It is not possible to acquire exclusive configuration lock by WebUI.
Normal configuration lock
User interface adapters (e.g. WebUI/SCLI) supports an explicit interface or command to
acquire and release the non-exclusive (normal) configuration lock.
By using normal configuration lock, one user can obtain several configuration lock
sessions in parallel, but other users can not acquire any configuration lock.
gIf you do not release all the configuration locks in different sessions (Web UI & SCLI),otherwise other users will not be able to acquire any configuration lock until your config-
uration locks are released automatically.
If a different user in another session (WebUI/SCLI) holds the non-exclusive (normal)
configuration lock, user interface adapters (WebUI/SCLI) do not allow the execution of
write-like configuration management operations, nor do they allow the acquisition of the
exclusive or non-exclusive configuration lock (using set config mode on, for exam-
ple).
Exclusive configuration lock
If any user in another session (via WebUI/SCLI) holds the exclusive configuration lock,
user interface adapters (WebUI/SCLI) do not allow the execution of a configuration man-agement operation that modifies the configuration, nor does it allow the acquisition of
the configuration lock (using set config mode oncommand, for example). Show or
read-like commands continue to work.
User interface adapters (WebUI/SCLI) allow the execution of configuration management
operations, if the same user in another session (SCLI/WebUI) already holds the non-
exclusive configuration lock, but the user will be denied to make any modifications if the
same user holds the exclusive configuration lock in another session.
-
8/11/2019 Mgw Config Mana
13/48
DN09137376 Issue 1-7
13
Configuration Management Configuration management
Id:0900d80580a23f29
3.2 Configuration transaction
g Transaction usage is not recommended in Open MGW, because only part of configura-tions is supported by the transaction feature.
Configuration transaction feature provides a mechanism to bundle multiple changes to
the configuration directory server in one bulk transaction. This prevents a non-complete
configuration from harming the functionality of the system.
Transactions are used to speed up bulk operations, such as adding a couple of virtual
local area networks (VLANs). The operations in different sub domains can be bundled
into one transaction, for example, first add an interface and then assign an IP address
to it. When the transaction is committed, the NE bundles the necessary changes and
take them into use at once. With transaction feature, the operator can rollback an
ongoing transaction. But a committed transaction cannot be rolled back.
The nature of a transaction partially follows theACIDproperties:
A: Atomicity - changes are performed at once as if they were single operations.
C: Consistent - data is in consistent state when the transaction starts and ends.
I: Isolation - changes happening as a part of a transaction are not visible to others
(unless the data is committed).
D: Durability - changes once done are persistent. But to survive system restart, user
needs to save the snapshot.
g You must remember the following: Acquire a configuration lock before executing transaction operation. Otherwise the
configuration changes of the transaction will be lost if another user obtains a config-
uration lock before you commit the transaction operation. Transaction feature supports at the most only one transaction at a time.
Making configuration changes from multiple transactions in parallel is not supported.
Commands started outside of a transaction, (for example, showcommands), will
see the configuration data as it was before the transaction started.
Once a transaction is successfully executed, you must commit it. Committing a trans-
action instructs the Configuration Directory to commit the data. The configuration
changes can then be seen by other users. This is in contrast to the rollbackoption
which instructs the Configuration Directory to ignore the changes done.
3.3 Configuration snapshotConfiguration Directory content is volatile from system restart perspective. The configu-
ration displayed through management interfaces and NE (network element) software is
called a running configuration.
Running configuration can be saved to disks. These saved configurations are also
referred to as snapshots.
A network element may have multiple saved configurations, and one of the saved con-
figurations is always designated as a startup configuration. User is able to select, which
configuration is the startup configuration.
Open MGW provides a mechanism to create and save snapshots of the active configu-
ration data, and set it as the startup configuration. The changes to the active configura-tion data are transient and are lost once the system is restarted. To make these
-
8/11/2019 Mgw Config Mana
14/48
14
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a23f29
Configuration management
configuration changes persistent, you should save the configuration snapshot. The
snapshot can be taken via SCLI, WebUi or NE3S. Taking a snapshot by NE3S allows
you to choose the time when a snapshot is taken (before or after the activation of a con-
figuration plan).
g If both CLA nodes are not operating with full redundancy on hardware (node, disk) andsoftware level, a configuration snapshot cannot be taken. Taking a snapshot will be
possible again after the standby CLA node is available again.
-
8/11/2019 Mgw Config Mana
15/48
DN09137376 Issue 1-7
15
Configuration Management Configuration management with Web UI
Id:0900d80580a2e3a7
4 Configuration management with Web UI
4.1 Configuration lockPurpose
To avoid parallel modification of the Configuration Directory by multiple users. Also to
prevent modifications within parallel sessions of the same user.
Steps
1
Acquire the lock.
Select Configuration > Settings > Configuration Lock > Acquire to acquire the config-
uration lock.
The Operation Messageis displayed. The message contains a confirmation message
and lock information that lists the user name and the reference count.
g When you acquire a lock, other users in other sessions cannot perform operations thatmodify the configuration, until the lock is released. However, the same user in another
session can make configuration changes.
Exclusive configuration lock is not supported in the current Web UI. For scenarios that
require the use of exclusive configuration lock, refer to section Using exclusive configu-
ration lock to prevent parallel modification.
2 Perform configuration changes.
You can perform any operation; for example, you can Create a new measurement job,
Delete a License, Create a VRF, or Delete an IPv4 aggregate route.
If you realize that the operation you are performing in a session requires more time than
the idle timeout, extend the lock idle timeout. To extent the idle timeout, refer to step
Extending the lock idle timeout.
After you have extended the lock idle timeout, continue making configuration changes.
3
Extending the lock idle timeout.
Select Configuration > Settings > Configuration Lock > Touch to extend the idle
timeout. The idle timeout is 300 s.The Operation Messageis displayed. The message contains a confirmation message
and lock information that lists the user name and the reference count.
g Extend the lock idle timeout if any operation you are performing in a session requiresmore time than the idle timeout.
4
Release the lock.
Select Configuration > Settings > Configuration Lock > Release to release the config-
uration lock.
-
8/11/2019 Mgw Config Mana
16/48
16
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a2e3a7
Configuration management with Web UI
The Operation Messageis displayed. The message contains a confirmation message
and lock information that lists the user name and the reference count if another user has
acquired the configuration lock.
gMake sure you have released all the configuration locks in different sessions (Web UI &SCLI), otherwise other user can not acquire any configuration lock until your configura-
tion locks are released automatically.
-
8/11/2019 Mgw Config Mana
17/48
DN09137376 Issue 1-7
17
Configuration Management
Id:0900d80580a2e9d6
4.2 Transaction management
Purpose
To speed up the bulk operations or to perform several operations in a sequentialmanner.
Summary
The users are kept informed of the WebUI transactions via the status bar that is dis-
played at the bottom of the WebUI page. It displays the name of the NE (Network
Element) to which the user is logged in. Status of any ongoing transaction in any WebUI
session is shown via an icon (supported with a tool tip). Transaction related operations
which are primarily performed via Configuration > Settings > Transaction
menu, can also be performed via the context menu that is attached to the icon.
Different states of the icon further provide the details of the transaction in WebUI ses-
sions. For more information refer to the following table:
Before you start/commit/rollback a transaction it is recommended to use the Refresh
option which allows you to get the latest state of transaction started in any WebUI
session. Note that there can be only one transaction running for a single WebUI session.
Another transaction cannot be initiated until the ongoing transaction is either committed,
rolled back or expires.
g Node startup is prevented when a transaction is ongoing. Therefore, once the transac-tion is settled, node startup proceeds and the new data is visible
Steps
1
Configure time for a transaction.
Select Configuration > Settings > Transaction > Configure Time to set the time out for
a transaction.
The Transaction Operationis displayed. Enter the following:
Time out: Enter the time in seconds. The time value in the range from 1 to 30 s.
Idle time out: Enter the time in seconds. The time value in the range from 1 to 1800 s
2 Start a transaction.
Select Configuration > Settings > Transaction > Start to start a transaction.
Transaction status Icon state
No ongoing Transaction in any webui session
Transaction ongoing in current login session
Invalid Transaction in current login session
Transaction ongoing in different webui session
Table 3 Transaction States
-
8/11/2019 Mgw Config Mana
18/48
18
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a2e9d6
The Operation Messageis displayed. The message contains the result of the operation
performed.
After a transaction is started, you can perform several operations in a sequential manner
(for example, you can Create a new measurement job, Delete a License, Create aVRF, and Delete an IPv4 aggregate route). Transaction has to be committed in order
to view the changes in the configuration directory for it to be displayed for another user
in another session.
3 Commit or rollback a transaction.
When the configuration changes are done, you can either commit or rollback a transac-
tion.
Commit a transaction.
Select Configuration > Settings > Transaction > Commit to commit the transaction.
The Operation Messageis displayed. The message contains a confirmationmessage and the relevant transaction ID.
After you commit the transaction, the manipulations done on the data during a trans-
action are saved in the configuration directory and are displayed to another user in
another session.
Rollback a transaction.
Select Configuration > Settings > Transaction > Rollback to rollback a transaction.
The Operation Messageis displayed. The message contains a confirmation
message and the relevant transaction ID.
After you rollback the transaction, the manipulations done on the data during a trans-
action are not saved in the configuration directory.
-
8/11/2019 Mgw Config Mana
19/48
DN09137376 Issue 1-7
19
Configuration Management
Id:0900d805809914c3
4.3 Configuration snapshot operations
Purpose
To view, create, modify, or delete a configuration snapshot, and set it as the startup con-figuration.
Steps
1
View the Configuration Snapshot page
Select Configuration > Settings > Configuration Snapshot.
The Configuration Snapshotpage is displayed.
The following information about the configuration snapshot is displayed:
Current startup: This field mentions the name of the current startup configuration
snapshot. This field can only be viewed.
The table displays the list of available configuration snapshots that can be used to select
the startup configuration. The buttons below the table is used to create or delete a con-
figuration snapshot.
Startup: To select from the table the current startup.
Name: The name of the configuration snapshot.
Build information: This field informs about the build that is being used.
2
Create a configuration snapshot.
a) Click New.
A new row appears in the table.b) Enter the name of the configuration snapshot. The name must not be more than 30
characters and no special characters are allowed.
c) You can either save the configuration snapshot or cancel the changes:
Click Saveto save the configuration snapshot.
or
Click Cancel to cancel the changes made.
g The current state of the configuration directory is created as a snapshot.
3 Setting the configuration as the startup configuration.
a) Select the check box in the Startupcolumn of the configuration snapshot that needs
to be set as the start-up configuration.
b) You can either save or cancel the changes.
Click Saveto save and set the configuration snapshot as the start-up configuration.
or
Click Cancel to cancel the changes made.
4
Delete a configuration snapshot.
a) Select the configuration snapshot and click Delete.
A confirmation message is displayed.
-
8/11/2019 Mgw Config Mana
20/48
20
DN09137376 Issue 1-7
Configuration Management
Id:0900d805809914c3
b) Click Deleteto delete the configuration snapshot.
g The current startup configuration snapshot cannot be deleted.
-
8/11/2019 Mgw Config Mana
21/48
DN09137376 Issue 1-7
21
Configuration Management Configuration management with SCLI
Id:0900d80580a2e323
5 Configuration management with SCLI
5.1 Configuration lock using SCLI
5.1.1 Using exclusive configuration lock to prevent parallel modification
Summary
This section describes how a user can acquire an exclusive configuration lock. By exe-
cuting the command set config-mode exclusive, neither the same user nor other
users with different IDs can make any changes to the Configuration Directory Server.
Exclusive configuration lock is acquired if all the conditions are met as specified:
a) Neither exclusive nor non-exclusive lock is held by any user in any session.
b) There are no ongoing commands.
Holding the exclusive lock prevents other sessions by the same user or by different
users from acquiring the configuration lock. It also prevents users from starting configu-
ration-changing commands in another session, be it one of yours or one of another user.
If any user in another session holds the exclusive configuration lock, user interface
adapters do not allow the execution of a configuration management operation that
modifies the configuration, nor does it allow the acquisition of the configuration lock.
Show or read-like commands continue to work.
Steps
1
Enable configuration lock.
To enable the configuration lock in the exclusive mode, enter the following command:
set config-mode exclusive wait-timeout [seconds] lock-timeout
[minutes]
For more information on how to acquire the exclusive configuration lock refer to the Con-
figuration locking featureintroduction .
-
8/11/2019 Mgw Config Mana
22/48
22
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a2e323
Configuration management with SCLI
Parameter Description Value range
exclusive The exclusiveparameter in the
command helps you to acquireconfiguration lock for exclusive
use. Exclusive configuration lock
is successfully acquired if the fol-
lowing conditions are met:
a) Neither the exclusive nor the
non-exclusive lock is held by
any user in any session
b) There are no ongoing configu-
ration modifications.
Exclusive lock prevents the
acquiring of the configuration lock
in any session. It also prevents the
execution of configuration-
changing commands in another
session either by the same user or
by another user.
exclusive configuration lock ties or
binds the lock to one and only one
SCLI session.
-
wait-timeout wait-timeoutparameter
defines the time duration for whichthe system waits to acquire a lock
if a configuration changing
command is running in another
session. This parameter is not
applicable if another user has
already acquired the lock. It is
applicable only if no one has
acquired the configuration lock.
The default value is 60
seconds.
lock-timeout The parameterlock-timeout
is the maximum time, in minutes,
after which the configuration lockwill be released. To fully prevent
any idle timeout, specify 0. Note
that no idle timeout (0) might
result in a situation that requires a
restart of the configuration lock
recovery group
(/ConfLockServer) to release
the configuration lock in some
failure scenarios.
The default value is 10
minutes. 0means no
lock-idle time-out.
Table 4 Parameter descriptions
-
8/11/2019 Mgw Config Mana
23/48
DN09137376 Issue 1-7
23
Configuration Management Configuration management with SCLI
Id:0900d80580a2e323
2 Execute an action in configuration directory.
You can execute an action in the configuration directory server by using the relevant
SCLI command.For example:
add networking address /SSH ip-address 10.12.12.12/24 iface
front_eth0
The command is executed successfully. IP address is added to the specified owner and
interface.
To verify if the IP address is successfully added, execute the following command:
show networking address owner /SSH
The following sample output is generated:
address instance default interfaces:
front_eth0
address : 10.12.12.12/24
owner : /SSH
Alternately, you can also view the IP address by executing the showcommand using
ifaceparameter:
show networking address iface front_eth0
The following sample output is generated:
address instance default interfaces:
front_eth0
address : 10.12.12.12/24
owner : /SSH
g In order to make configuration changes persistent, you must make a configurationsnapshot and set it as the new startup configuration. This is the last operation executed
before releasing the configuration lock. It can also be done at any other point.
3
Release configuration lock.
To release the configuration lock, enter the following command:
set config-mode off
gIf you do not release the lock, it will automatically be released after a set time or imme-
diately when the started SCLI session is terminated.
-
8/11/2019 Mgw Config Mana
24/48
24
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a41c7c
5.1.2 Using the normal, non-exclusive configuration lock for parallel
sessions by the same user
Purpose
To use configuration lock so that parallel modification by the same user is possible but
by another user is not possible.
Using the set config-modecommand, users can perform configuration lock opera-
tions. Configuration lock can be used to prevent other management users of the network
element from changing the configuration. Depending on the situation, you may or may
not want to use this feature.
For example, if you coordinate your changes with other users, that is, one user touches
one part of the configuration and another user touches another part, and there is no risk
of an overlap between the two change sets, then it is acceptable to do the changes
without acquiring the configuration lock.
All management interfaces, including the ones facing the network management system,
obey the configuration lock. This means that, by acquiring the configuration lock locally,
you can block changes to the configuration coming in from the network management
system. You can acquire configuration lock in normal (non-exclusive) mode (on) or in
exclusive mode (exclusive), or release it (off) or reset its idle timeout (touch).
Summary
This command acquires the configuration lock if all the conditions are met as specified:
a) No other user holds the configuration lock (either exclusive or normal).
b) There are no ongoing configuration-changing commands.
c) The same user does not hold the exclusive configuration lock.
Acquiring the normal, non-exclusive lock prevents other users from acquiring the con-
figuration lock. It also prevents starting configuration-changing commands being run by
other users. It does not prevent running configuration-changing commands in another
of your sessions. While holding the configuration lock, the same user can acquire the
configuration lock in another session in non-exclusive mode or start configuration-
changing commands in another parallel session even without explicitly acquiring the
non-exclusive configuration lock. If generally using the configuration lock, it is recom-
mended, though, to acquire it in each session to avoid not noticing the timing out of the
configuration lock due to inactivity.
Steps
1
Enable configuration lock.
To enable configuration lock, enter the following command:
set config-mode on wait-timeout [seconds] lock-timeout [minutes]
The following message is displayed:
Lock is acquired successfully.
-
8/11/2019 Mgw Config Mana
25/48
DN09137376 Issue 1-7
25
Configuration Management
Id:0900d80580a41c7c
Parameter Description Value range
on The parameter onin the
command helps you to acquirenormal configuration lock (non-
exclusive). Normal configuration
lock can be acquired if the follow-
ing conditions are met:
a) No other user holds the con-
figuration lock (either exclu-
sive or normal)
b) There are no ongoing configu-
ration-changing commands in
another session.
c) The same user does not hold
the exclusive configuration
lock.
Acquiring the normal, non-exclu-
sive lock prevents other users
from acquiring the configuration
lock. It also prevents other users
from executing configuration-
changing commands.
However, It does not prevent the
same user from running configu-
ration changing commands in
another session.
For using configuration lock, in
general, it is recommended, to
acquire configuration lock in each
session. This is done in order to
avoid unexpected scenarios like
the lock getting released in the
session it was acquired, when the
same user has still not finished the
modification in the current
session.
-
Table 5 Parameter descriptions
-
8/11/2019 Mgw Config Mana
26/48
26
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a41c7c
2
Check that the configuration lock is acquired.
Execute the following command to check that the configuration lock is acquired in this
session:
show config-mode status
The following example output is generated:
Configuration Lock StatusLock is hold by uid: 10009,
ongoingCmds:0 , Total count of references: 1
3
Execute an action by a user with different id.To check if a user with a different user id can make any change to the Configuration
Directory server, enter the following command:
add networking address /CLA-0 iface lo ip-address 127.0.254.2/32
The following output is generated:
The command was not executed. You or another user is currently
holding the configuration lock in another session, blocking all
configuration changes.
For more details, see "show config-mode status"
The command is not executed successfully as the lock is acquired by you.
wait-timeout wait-timeoutparameter
defines the time duration for which
the system waits to acquire a lockif a configuration changing
command is running in another
session. This parameter is not
applicable if another user has
already acquired the lock. It is
applicable only if no one has
acquired the configuration lock.
The default value is 60
seconds.
lock-timeout The parameter lock-timeoutis
the maximum time, in minutes,
after which the configuration lock
will be released. To fully preventany idle timeout, specify 0. Note
that no idle timeout (0) might
result in a situation that requires a
restart of the configuration lock
recovery group
(/ConfLockServer) to release
the configuration lock in some
failure scenarios.
The default value is 10
minutes. 0means no
lock-idle time-out.
Parameter Description Value range
Table 5 Parameter descriptions (Cont.)
-
8/11/2019 Mgw Config Mana
27/48
DN09137376 Issue 1-7
27
Configuration Management
Id:0900d80580a41c7c
4 Start session 2 and acquire the configuration lock a second time.
You can acquire a second configuration lock in another session of yours (while still
holding the lock in the first session), by using the following command:set config-mode on
The following message is displayed:
Lock is acquired successfully.
The command is executed successfully, as a single user can acquire multiple configu-
ration locks for multiple sessions.
5
Execute an action in session 2.
To execute an action in session 2, enter the following command:
add networking address /CLA-0 iface lo ip-address 127.0.254.4/32The command is executed successfully.
6
Release the configuration lock for session 1.
To release the configuration lock for session 1, enter the following command:
set config-mode off
The configuration lock acquired for the session 1 is released. If the lock is not released,
it will automatically be released after a set time or immediately when the started SCLI
session is terminated.
7
Execute an action by a user with different id.
To check if a user with a different user id can make any change to the Configuration
Directory server, enter the following command:
add networking address /CLA-0 iface lo ip-address 127.0.254.5/32
The command is not executed and the following output is generated:
The command was not executed. You or another user is currently
holding the configuration lock in another session, blocking all
configuration changes.
For more details, see "show config-mode status"
The action is not performed successfully because the configuration lock is still held byyou.
8
Check if configuration lock can be acquired by different users.
To check if the configuration lock can be acquired by another user other than you, enter
the following command:
set config-mode on
The lock is not acquired and the following output is returned:
The configuration lock is already acquired by another user in
another session.
For more details, see "show config-mode status."
-
8/11/2019 Mgw Config Mana
28/48
28
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a41c7c
This is because the configuration lock cannot be acquired by another user, until you
release all the instances of the acquired configuration lock.
9 Release the configuration lock for session 2.
To release the configuration lock for session 2, enter the following command:
set config-mode off
The configuration lock acquired for the session 2 is released. If the lock is not released,
it will automatically be released after a set time or immediately when the started SCLI
session is terminated.
g Make sure you have released all the configuration locks in different sessions (Web UI &SCLI), otherwise other user can not acquire any configuration lock until your configura-
tion locks are released automatically.
1
Enable configuration lock for a user with different id.
When all the instances of the configuration lock acquired by you has been released, an
user with different id can acquire the lock, by using the following command:
set config-mode on
If the lock is acquired successfully and the following output is generated:
Lock is acquired successfully.
g If you are executing a command which takes longer than 10 minutes, then change thedefault lock time-out by entering the following command:
set config-mode on lock-timeout Where, is the new lock time-out value. In other words
if no command is executed for a duration which is more than the new lock-timeout value,
the configuration lock will be released. However, it is unlikely for a single command to
take more than 10 minutes.
Acquiring the configuration lock prevents multiple users, with different user ID, from exe-
cuting commands that change the configuration. If you have the configuration lock for
session 1, you can still acquire the configuration lock for session 2, using the same user
ID. Once acquired, the configuration lock is reference counted. The reference count
increases with every set config-mode onand decreases with every set config-
mode offor any session exit. The lock is released when the reference count reaches
zero.The current status of the lock can be obtained by using the following command:
show config-mode status
g If you do not release the lock by running the set config-mode offcommand, thelock is automatically released when you exit from the interactive fsclishsession. In
order to make configuration changes persistent, you must make a configuration
snapshot and set it as the new startup configuration. This might be the last operation
executed before releasing the configuration lock. It can also be done at any other point.
g Making a configuration snapshot without holding the configuration lock might causepartial configuration changes from other operators to be included in the configuration
snapshot. The configuration lock helps preventing such situations.
-
8/11/2019 Mgw Config Mana
29/48
DN09137376 Issue 1-7
29
Configuration Management
Id:0900d80580a2e2f7
5.2 Transaction using SCLI
5.2.1 Executing a successful transaction
Summary
Transaction functionality provides a mechanism to bundle multiple changes to the con-
figuration directory server in one bulk transaction. This prevents a non-complete config-
uration from harming the functionality of the system. A transaction is started and certain
actions are performed to add, delete, or modify a data, then the transaction is committed
so that the actions executed are visible to all the users. If the action is not committed,
the changes are not visible to all users.
The start transactioncommand starts read-write transactions in the Configuration
Directory. No other read-write transactions are allowed until this transaction is commit-
ted, rolled back, or aborted due to an error. Parallel read operations in the Configuration
Directory are still possible. Configuration Directory transactions have an idle timeout,which can be defined by the idle-timeout parameter. By default its value is set to
300000ms in case interactive session and 20000ms in case of non-interactive session.
Transactions can be aborted due to idle timeout, if both of the following conditions are
true:
1. No operations were executed in the context of the transaction for longer than the
time specified as idle timeout.
2. There is a request to start another read-write transaction If there is already an
ongoing read-write transaction, the start operation blocks by default until the trans-
action is concluded. To avoid this blocking, the timeoutparameter can be passed
- specifying the blocking time-out. If the transaction could not be started within the
period of the blocking timeout, an appropriate error is returned.
g Node startup is prevented when a transaction is ongoing. Once the transaction issettled, node startup proceeds and the new data is visible.
In this example, a transaction is started after first acquiring the optional configuration
lock. If acquiring the configuration lock, always acquire it first before starting a transac-
tion, do not acquire the configuration lock after starting a transaction. After doing an
exemplary configuration change the transaction is committed and the configuration lock
is released.
You can only rollback an ongoing transaction. A committed transaction can not be rolled
back.
For more information on Transaction feature, refer to section Configuration Transaction.
Steps
1 Enable configuration lock.
To enable configuration lock, enter the following command:
set config-mode on
You must enable the configuration lock to avoid parallel modifications by multiple users.
-
8/11/2019 Mgw Config Mana
30/48
30
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580a2e2f7
2 Start the transaction.
To start a transaction enter the following command:
start transaction
g No other transactions are allowed until this transaction is committed, rolled back, oraborted due to an error. Parallel read operations in Configuration Directory, for example
show configcan still be executed. When starting a transaction, two optional parame-
ters can be passed by the operator:
The plain timeoutparameter defines how long the start transaction command must
wait, if it cannot start a transaction because of an ongoing transaction. It will only return
after timeout milliseconds, if the transaction does not start successfully. If the transac-
tion starts successfully then it returns immediately.
The idle-timeout parameters define, how soon idle transactions are aborted due to inac-
tivity. A transaction is aborted if both the conditions mentioned here are satisfied:
1. No operations have been executed in the context of the transaction for longer than
the time specified as idle timeout.
2. There is a request to start another read-write transaction.
3
Execute an action in the Configuration Directory.
You can execute single or multiple actions in the configuration directory server by using
the relevant SCLI command. For example:
add networking address /SSH ip-address 11.0.0.0/32 iface front-
eth0
g For add networking address command, an extra token dedicated is providedin the cluster. This token is available for backwards compatibility of the software and
does not have any effect on the command. Hence dedicatedis not described in this
guide.
The command with dedicatedtoken is as follows:
Parameter Description
idle-
timeout
Idle transaction timeout (in milliseconds). Transaction gets aborted
by the server if no operations happen for more than timeout millisec-
onds. Please note that timeout is triggered only if there is a pending
start read-write transaction request while another read-write transac-tion is ongoing. This means that an idle transaction might stay open
for longer than the specified timeout if no other read-write transaction
request is made.
In case of interactive sessions the default idle timeout is 300000ms
and in case of non-interactive sessions the default idle timeout is
20000ms.
timeout Timeout for executing the operation in milliseconds (ms). The default
timeout value is 5000ms.
Table 6 Parameters for executing a transaction command.
-
8/11/2019 Mgw Config Mana
31/48
DN09137376 Issue 1-7
31
Configuration Management
Id:0900d80580a2e2f7
add networking address dedicated
4
Commit the transaction.
To commit the transaction, use the following command:
commit transaction
g You must commit the transaction so that the changes made in the configuration directoryserver are reflected.
Execute the following command to view if the IP address is added to the specified owner
and interface:
show networking address
The following sample output is displayed:
address instance default interfaces:
front_eth0
address : 11.0.0.0/32
owner : /SSH
5
Release the configuration lock.
To release the configuration lock, enter the following command:
set config-mode off
gIf you do not release the lock, it will automatically be released after a set time or imme-diately when the started SCLI session is terminated.
-
8/11/2019 Mgw Config Mana
32/48
32
DN09137376 Issue 1-7
Configuration Management
Id:0900d8058098ce3f
5.2.2 Rollback a transaction
Purpose
To rollback a transaction using SCLI command.
Summary
Rollbackoption instructs the system to ignore the changes done to Configuration
Directory. This is in contrast to the commitoption which ensures that once the transac-
tion is committed, the data is committed to the Configuration Directory and the changes
are visible to the users. To rollback a transaction, you must first start a transaction and
then execute certain actions to add, delete or modify a data, the transaction is then rolled
back. A successfully started but later timed out transaction has to be rolled back before
you can start a new one in the same SCLI session.
The transaction can be rolled back even if no changes were submitted during transac-
tion.
For more information on Transaction feature, refer to section Configuration Transaction.
Steps
1
Enable configuration lock.
To enable configuration lock, enter the following command:
set config-mode on
You must enable the configuration lock to avoid parallel modifications by multiple users.
2 Start the transaction.
To start a transaction, enter the following command:
start transaction
3
Execute an action in the configuration directory.
You can execute single or multiple actions in the Configuration Directory server by using
the relevant SCLI command. For example:
add networking address dedicated /SSH ip-address 10.12.12.12/24
iface eth0
4
Rollback transaction.
To rollback a transaction, enter the following command:
rollback transaction
After the transaction is rolled back, the changes to the Configuration Directory server is
removed.
Once you execute the show networking addresscommand, the following sample
output is displayed:
address instance default interfaces:eth1
type : dedicated
address : 10.102.230.171/24
-
8/11/2019 Mgw Config Mana
33/48
DN09137376 Issue 1-7
33
Configuration Management
Id:0900d8058098ce3f
owner : /SSHeth1
type : dedicated
address : 10.102.230.174/24
owner : /TargetInfo
g Here all the pending changes are discarded and the currently active configuration is notmodified. A new transaction has to be started after the rollback in order to execute the
Configuration Directory transaction changes.
5
Disable configuration lock.
To disable the configuration lock, enter the following command:
set config-mode off
gIf you do not release the lock, it will automatically be released after a set time.
-
8/11/2019 Mgw Config Mana
34/48
34
DN09137376 Issue 1-7
Configuration Management
Id:0900d805809b5985
5.3 Configuration snapshot using SCLI
5.3.1 Listing configuration snapshots
Summary
Saved configuration snapshots can be listed with show snapshotcommands. This
operation shows configuration or startup configuration within a certain delivery, or all
installed deliveries depending on which option is chosen. A certain delivery can have
one or multiple snapshots but only one of them is a startup snapshot. A saved configu-
ration can be considered as a snapshot of the running configuration from the point of
time when the configuration is saved. A software delivery is a set of software compo-
nents that work together to provide the functionality of the network element. Only
software deliveries as a whole can be installed and activated in the target system
You can use any of the options:
1. current-startup - Shows the startup configuration of a certain delivery
2. currentall-startup - Shows the startup configurations of all deliveries
3. list - Shows configurations of a certain delivery
4. listall- Shows all configurations of all deliveries
Steps
1
View the startup configuration of a certain delivery.
To view the startup configuration of a certain delivery, execute the following command:
show snapshot current-startup delivery-name
In case the delivery name is not given, the active delivery name is used.
You can set the log levels by selecting the following parameters:
Parameter Description
current-
startup
This parameter shows the startup configuration in a certain delivery.
In case the delivery name is not given, the active delivery name is
used.
delivery-
name
A software delivery is a set of software components that work
together to provide the functionality of the network element. Only
software deliveries as a whole can be installed and activated in the
target system.
trace Enables the execution line trace in trace log. Trace log is stored at
/tmp/SS_FConfigure/fsconfigure_trace.log . Trace log is
not visible on the console. Any user with access to the bash shell via
the SCLI command shell bash full, has access to this trace log
file of the operation.
Table 7 Parameters of show snapshot list allcommand.
-
8/11/2019 Mgw Config Mana
35/48
DN09137376 Issue 1-7
35
Configuration Management
Id:0900d805809b5985
2
View all the startup configurations within all the installed deliveries.
To view all the startup configuration of all the installed deliveries, execute the following
command:
show snapshot currentall-startup
You can set the log levels by selecting the following parameters:
verbose Verbose level can be:
1.CRITICAL
2. ERROR
3. WARNING
4. INFO
5. DEBUG
The higher the number, the more verbose is the log. quietoption
overrides the verboseoption if both of them are given.
quiet Suppresses normal debugging message on the console except for
critical failure messages. quietoption overrides the verbose
option if both of them are given.
Parameter Description
Table 7 Parameters of show snapshot list allcommand. (Cont.)
Parameter Description
curretnall-startup
This parameter shows all the startup configurations within all theinstalled deliveries.
trace Enables the execution line trace in trace log. Trace log is stored at
/tmp/SS_FConfigure/fsconfigure_trace.log . Trace log is
not visible on the console. Any user with access to the bash shell via
the SCLI command shell bash full, has access to this trace log
file of the operation.
verbose Verbose level can be:
1. CRITICAL
2. ERROR
3. WARNING4. INFO
5. DEBUG
The higher the number, the more verbose is the log. quietoption
overrides the verboseoption if both of them are given.
quiet Suppresses normal debugging message on the console except for
critical failure messages. quietoption overrides the verbose
option if both of them are given.
Table 8 Parameters of show snapshot list allcommand.
-
8/11/2019 Mgw Config Mana
36/48
36
DN09137376 Issue 1-7
Configuration Management
Id:0900d805809b5985
3 List all the snapshots in a certain delivery.
To list all the snapshots of a certain delivery, execute the following command:
show snapshot list delivery-name
In case the delivery name is not given, the active delivery name is used.
You can set the log levels by selecting the following parameters:
4
List all the snapshots within all the installed deliveries.
To list all the snapshots from all the installed deliveries, use the following command:
show snapshot listall ]
You can set the log levels by selecting the following parameters:
Parameter Description
list This parameter lists all the snapshots in a certain delivery. In case
the delivery name is not given, the active delivery name is used.
delivery-
name
A software delivery is a set of software components that work
together to provide the functionality of the network element. Only
software deliveries as a whole can be installed and activated in the
target system.
trace Enables the execution line trace in trace log. Trace log is stored at
/tmp/SS_FConfigure/fsconfigure_trace.log . Trace log is
not visible on the console. Any user with access to the bash shell via
the SCLI command shell bash full, has access to this trace log
file of the operation.
verbose Verbose level can be:
1. CRITICAL
2. ERROR
3. WARNING
4. INFO
5. DEBUG
The higher the number, the more verbose is the log. quietoption
overrides the verboseoption if both of them are given.
quiet Suppresses normal debugging message on the console except for
critical failure messages. quietoption overrides the verbose
option if both of them are given.
Table 9 Parameters of show snapshot list allcommand.
Parameter Description
listall Lists all the snapshots in all the installed deliveries.
Table 10 Parameters of show snapshot list allcommand.
-
8/11/2019 Mgw Config Mana
37/48
DN09137376 Issue 1-7
37
Configuration Management
Id:0900d805809b5985
trace Enables the execution line trace in trace log. Trace log is stored at
/tmp/SS_FConfigure/fsconfigure_trace.log . Trace log is
not visible on the console. Any user with access to the bash shell viathe SCLI command shell bash full, has access to this trace log
file of the operation.
verbose Verbose level can be:
1. CRITICAL
2. ERROR
3. WARNING
4. INFO
5. DEBUG
The higher the number, the more verbose is the log. quietoption
overrides the verboseoption if both of them are given.
quiet Suppresses normal debugging message on the console except for
critical failure messages. quietoption overrides the verbose
option if both of them are given.
Parameter Description
Table 10 Parameters of show snapshot list allcommand. (Cont.)
-
8/11/2019 Mgw Config Mana
38/48
38
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580994d63
5.3.2 Defining a new startup configuration
Summary
A snapshot can be designated as a new startup configuration with the set snapshot
startupcommand.
A startup configuration is a configuration which is loaded when the system starts up.
Defining a startup configuration does not change the running configuration automati-
cally. The command always generates a normal log file describing the various steps
involved in generating a snapshot. The log file is stored at
/var/log/fsconfigure.log . Additionally a trace log file with more detailed logs is
generated if the traceoption is chosen. It is stored at
/tmp/SS_FConfigure/fsconfigure_trace.log .Any user with access to the
bash shell via the SCLI command shell bash full, has access to the normal log file
of the operation as well as the trace log file of the line execution. quietoption sup-
presses the normal debugging messages on the console except for critical failure mes-
sages. quietoption overrides the verboseoption if both of them are given.
Steps
1 Define a new startup configuration.
To define a new startup configuration, use the following command.
set snapshot startup config-name
[verbose|quiet|
-
8/11/2019 Mgw Config Mana
39/48
DN09137376 Issue 1-7
39
Configuration Management
Id:0900d80580994d63
verbose Verbose level can be:
1.CRITICAL
2. ERROR
3. WARNING
4. INFO
5. DEBUG
The higher the number, the more verbose is the log. quietoption
overrides the verboseoption if both of them are given.
quiet Suppresses normal debugging message on the console except for
critical failure messages. quietoption overrides the verbose
option if both of them are given.
Parameter Description
Table 11 Parameters of set snapshot startupcommand. (Cont.)
-
8/11/2019 Mgw Config Mana
40/48
40
DN09137376 Issue 1-7
Configuration Management
Id:0900d805809bf303
5.3.3 Saving a configuration snapshot
Summary
A snapshot of the current configuration can be taken with the save snapshot
command. This operation persistently saves the currently running configuration as a
snapshot. A saved configuration can be considered as a snapshot of the running con-
figuration from the point of time when the configuration is saved. Multiple snapshots can
exist simultaneously.The snapshot should be saved with a given name otherwise the
existing startup configuration will be overwritten by default.
The command always generates a normal log file describing the various steps involved
in generating a snapshot. The log file is stored at /var/log/fsconfigure.log .
Additionally a trace log file with more detailed logs is generated if the trace option is
chosen. It is stored at /tmp/SS_FConfigure/fsconfigure_trace.log .Any user
with access to the bash shell via the SCLI command shell bash fullhas access to
the normal log file of the operation as well as the tracelog file of the line execution.quietoption suppresses the normal debugging messages on the console except for
critical failure messages. quietoption overrides the verboseoption if both of them are
given.At this moment, the snapshot name can only be a combination of alphanumerical
characters and underscore with length not longer than 30 characters.
g If LDAP server is not available or LDAP switchover is in progress, a configurationsnapshot cannot be taken. Taking a snapshot will be possible again after LDAP server
is available
Steps
1
Take a snapshot of the current configuration by specifying the configuration
name.
To take a snapshot of the current configuration by specifying the configuration name,
use the following command:
save snapshot config-name startup []
You can use the following optional parameters:
Parameter Description
config-name Specifies the name of the snapshot file used as the new startup con-
figuration for a given software delivery. You must use the short name(same filename as the save snapshot command, for example
VyYRV3z4_2009060415465 ). This parameter is mandatory and
generates an automatic list of snapshots from which user can select.
Configuration name can only be a combination of alphanumerical
characters and underscore with length not longer than 30 charac-
ters.
startup This operation persistently saves the currently running configuration
as a snapshot and then marks it as a startup snapshot.
Table 12 Parameters of save snapshot config-namecommand.
-
8/11/2019 Mgw Config Mana
41/48
DN09137376 Issue 1-7
41
Configuration Management
Id:0900d805809bf303
Example:
To take a configuration snapshot and save it to the file snapshot01042009 , enter:
save snapshot config-name snapshot01042009 startup
trace Enables the execution line trace in trace log. Trace log is stored at
/tmp/SS_FConfigure/fsconfigure_trace.log . Trace log is
not visible on the console. Any user with access to the bash shell viathe SCLI command shell bash full, has access to this trace log
file of the operation.
verbose Verbose level can be:
1. CRITICAL
2. ERROR
3. WARNING
4. INFO
5. DEBUG
The higher the number, the more verbose is the log. quietoption
overrides the verboseoption if both of them are given.
quiet Suppresses normal debugging message on the console except for
critical failure messages. quietoption overrides the verbose
option if both of them are given.
Parameter Description
Table 12 Parameters of save snapshot config-namecommand. (Cont.)
-
8/11/2019 Mgw Config Mana
42/48
42
DN09137376 Issue 1-7
Configuration Management
Id:0900d805809d1dda
5.3.4 Restoring a saved configuration
Summary
The current configuration can be replaced with a configuration from a saved snapshot.
This means that, the restored configuration will become active for the applications in the
running system.
g The restored configuration is not automatically taken into use during node or clusterrestart, unless it is also set (or is already defined) as the startupconfiguration.
This operation overwrites the runtime active configuration from a saved snapshot
belonging to the active delivery. The operation replaces the previously running configu-
ration and the system is re-configured according to the restored configuration. The
restored configuration does not persist over system reset unless the configuration has
been saved as the startupsnapshot. A saved configuration can be considered as a
snapshot of the running configuration from the point of time when the configuration is
saved. The command always generates a normal log file describing the various steps
involved in restoring a snapshot.
The log file is stored at /var/log/fsconfigure.log . Additionally a trace log file with
more detailed logs is generated if the traceoption is chosen. It is stored at
/tmp/SS_FConfigure/fsconfigure_trace.log .Any user with access to the
bash shell via the SCLI command shell bash full, has access to the normal log file
of the operation as well as the trace log file of the line execution. quietoption sup-
presses normal debugging messages on console except for critical failure messages.
quietoption overrides the verboseoption if both of them are given.
g It is recommended not to use restore snapshotfunctionality whenever there aredeployment related changes in the cluster. Instead, it is recommended to mark the con-figuration as a startup and reboot the cluster. For more information on how to mark a
configuration as start up, see, Defining a new startup configurationsection in Configu-
ration Management guide.
Steps
1
Overwrite the current configuration with a snapshot.
To overwrite the current configuration with a snapshot, use the following command:
restore snapshot config-name []]
You can use the following parameters:
-
8/11/2019 Mgw Config Mana
43/48
DN09137376 Issue 1-7
43
Configuration Management
Id:0900d805809d1dda
Example:
restore snapshot config-name config-
R_FPT_1.27.WR.32.d.1301301403.362394-INITIAL
Parameter Description
config-name Specifies the name of the snapshot file used as the new startup con-
figuration for a given software delivery. You must use the short name(same filename as the save snapshot command, for example
VyYRV3z4_2009060415465 ). This parameter is mandatory and
generates an automatic list of snapshots from which user can select.
Configuration name can only be a combination of alphanumerical
characters and underscore with length not longer than 30 charac-
ters.
trace Enables the execution line trace in trace log. Trace log is stored at
/tmp/SS_FConfigure/fsconfigure_trace.log . Trace log is
not visible on the console. Any user with access to the bash shell via
the SCLI command shell bash full, has access to this trace log
file of the operation.
verbose Verbose level can be:
1. CRITICAL
2. ERROR
3. WARNING
4. INFO
5. DEBUG
The higher the number, the more verbose is the log. quietoption
overrides the verboseoption if both of them are given.
quiet Suppresses normal debugging message on the console except forcritical failure messages. quietoption overrides the verbose
option if both of them are given.
Table 13 Parameters of set snapshotcommand.
-
8/11/2019 Mgw Config Mana
44/48
44
DN09137376 Issue 1-7
Configuration Management
Id:0900d80580994d69
5.3.5 Deleting a configuration snapshot
Summary
Existing configuration snapshots can be deleted with the delete snapshot
command.
This operation deletes the named snapshot. It should be used with caution as the con-
figuration will be lost permanently. A saved configuration can be considered as a
snapshot of the running configuration from the point of time when the configuration is
saved. The command always generates a normal log file describing the various steps
involved in deleting a snapshot.
The log file is stored at /var/log/fsconfigure.log . Additionally a trace log file with
more detailed logs is generated if the traceoption is chosen. It is stored at
/tmp/SS_FConfigure/fsconfigure_trace.log .
Any user with access to the bash shell via the SCLI command shell bash full, has
access to the normal log file of the operation as well as the trace log file of the line exe-
cution. quietoption suppresses normal debugging messages on the console except
for critical failure messages. quietoption overrides verboseoption if both of them are
given.
g startupconfiguration cannot be deleted.
Steps
1
Delete a configuration snapshot.
To delete a configuration snapshot using, execute the following command:
delete snapshot config-name
[]
You can use the following parameters:
Parameter Description
config-name Specifies the name of the snapshot file used as the new startup con-
figuration for a given software delivery. You must use the short name
(same filename as the save snapshot command, for example
VyYRV3z4_2009060415465 ). This parameter is mandatory and
generates an automatic list of snapshots from which user can select.
Configuration name can only be a combination of alphanumerical
characters and underscore with length not longer than 30 charac-
ters.
trace Enables the execution line trace in trace log. Trace log is stored at
/tmp/SS_FConfigure/fsconfigure_trace.log . Trace log is
not visible on the console. Any user with access to the bash shell via
the SCLI command shell bash full, has access to this trace log
file of the operation.
Table 14 Parameters of delete snapshotcommand.
-
8/11/2019 Mgw Config Mana
45/48
DN09137376 Issue 1-7
45
Configuration Management
Id:0900d80580994d69
verbose Verbose level can be:
1.CRITICAL
2. ERROR
3. WARNING
4. INFO
5. DEBUG
The higher the number, the more verbose is the log. quietoption
overrides the verboseoption if both of them are given.
quiet Suppresses normal debugging message on the console except for
critical failure messages. quietoption overrides the verbose
option if both of them are given.
Parameter Description
Table 14 Parameters of delete snapshotcommand. (Cont.)
-
8/11/2019 Mgw Config Mana
46/48
46
DN09137376 Issue 1-7
Configuration Management
Id:0900d805809be047
5.4 Making configuration changes using the configuration
lock, transaction, and configuration snapshot concept
PurposeTo make a configuration change using the three features of configuration management:
configuration lock, transaction, and configuration snapshot.
Summary
To make configuration changes using the configuration locking, transaction, and the
configuration snapshot concept. In this example, you will add IP addresses to the
loopback interface on the CLA-0 node. You will also reverse the changes made to the
Configuration Directory.
Steps
1
Enable configuration lock.
To enable configuration lock, enter the following command:
set config-mode on
You must enable the configuration lock to avoid parallel modifications by multiple users.
2
Initiate a bulk transaction.
To start a transaction, enter the following command:
start transaction
You can execute multiple commands and bundle them as one transaction; for example,you can add two IP addresses to the loopback interface on the CLA-0 node as part of
one single transaction. This is called bulk transaction.
3
Adding IP addresses.
To add two IP addresses to the loopback interface on the CLA-O node, enter the follow-
ing command:
add networking address /CLA-0 iface lo ip-address 127.0.254.1/32
add networking address /CLA-0 iface lo ip-address 127.0.254.2/32
g
For add networking address command, an extra token dedicated is provided
in the cluster. This token is available for backwards compatibility of the software and
does not have any effect on the command. Hence dedicatedis not described in this
guide.
The co