Router Policy 설정 패키지

1. 템플릿 생성

ncs-make-package --service-skeleton python-and-template --component-class policy.Policy policy 

2. yang

module policy {
  yang-version 1.1;
  namespace "http://example.com/policy";
  prefix policy;

  import tailf-ncs {
    prefix ncs;
  }

  description
    "A simple service to manage route-policies on IOS-XR devices.";

  list policy {
    key "name device";
    uses ncs:service-data;
    ncs:servicepoint "policy-servicepoint";

    leaf name {
      type string;
      description "The name of the route-policy.";
    }

    leaf device {
      type leafref {
        path "/ncs:devices/ncs:device/ncs:name";
      }
      description "The device where this policy will be created.";
    }

    leaf definition {
      type string;
      description "The body of the route-policy (e.g., 'pass' or 'if ... endif').";
    }
  }
}

3. policy-template.xml (XML 템플릿 작성)

templates/policy-template.xml 파일
<config-template xmlns="http://tail-f.com/ns/config/1.0">
  <devices xmlns="http://tail-f.com/ns/ncs">
    <device>
      <name>{/device}</name>
      <config>
        <route-policy xmlns="http://tail-f.com/ned/cisco-ios-xr">
          <name>{/name}</name>
          <value>{/definition}</value>
        </route-policy>
      </config>
    </device>
  </devices>
</config-template>

4. policy.py (Python 서비스 로직)

# -*- mode: python; python-indent: 4 -*-
import ncs
from ncs.application import Service

class ServiceCallbacks(Service):
    @Service.create
    def cb_create(self, tctx, root, service, proplist):
        self.log.info(f"Service create for route-policy: {service.name} on device {service.device}")
        
        template = ncs.template.Template(service)
        template.apply('policy-template')

class Policy(ncs.application.Application):
    def setup(self):
        self.log.info('Policy RUNNING')
        self.register_service('policy-servicepoint', ServiceCallbacks)

    def teardown(self):
        self.log.info('Policy FINISHED')


5. 사용 예시

위 파일들로 패키지를 만들고 packages reload를 한 뒤, NSO CLI에서 다음과 같이 서비스를 생성할 수 있습니다.

PERMIT-ALL-IN 정책 생성:

Cisco CLI

policy PERMIT-ALL-IN R1
  device R1
  definition "pass"
exit
ONLY-LOCAL-ROUTES-OUT 정책 생성:
if...endif 구문은 따옴표(")로 묶어 한 줄의 문자열로 입력합니다. 줄바꿈이 필요하면 \n을 사용합니다.

Cisco CLI

policy ONLY-LOCAL-ROUTES-OUT R1
  device R1
  definition "if destination in (10.0.0.0/8) then\n pass\nelse\n drop\nendif"
exit
commit을 실행하면 이 서비스가 R1 장비에 두 개의 route-policy를 생성할 것입니다.