aboutsummaryrefslogtreecommitdiffstats
path: root/sdnr/wt/common-yang
diff options
context:
space:
mode:
Diffstat (limited to 'sdnr/wt/common-yang')
-rwxr-xr-xsdnr/wt/common-yang/iana-crypt-hash/pom.xml47
-rw-r--r--sdnr/wt/common-yang/iana-crypt-hash/src/main/yang/iana-crypt-hash@2014-08-06.yang120
-rwxr-xr-xsdnr/wt/common-yang/ietf-alarms/pom.xml47
-rw-r--r--sdnr/wt/common-yang/ietf-alarms/src/main/yang/ietf-alarms@2019-09-11.yang1526
-rwxr-xr-xsdnr/wt/common-yang/onap/pom.xml48
-rw-r--r--sdnr/wt/common-yang/onap/src/main/yang/onap-system.yang59
-rwxr-xr-xsdnr/wt/common-yang/pom.xml49
-rwxr-xr-xsdnr/wt/common-yang/rfc7317-ietf-system/pom.xml59
-rw-r--r--sdnr/wt/common-yang/rfc7317-ietf-system/src/main/yang/ietf-system@2014-08-06.yang800
-rwxr-xr-xsdnr/wt/common-yang/rfc8341/pom.xml47
-rw-r--r--sdnr/wt/common-yang/rfc8341/src/main/yang/ietf-netconf-acm.yang464
11 files changed, 3266 insertions, 0 deletions
diff --git a/sdnr/wt/common-yang/iana-crypt-hash/pom.xml b/sdnr/wt/common-yang/iana-crypt-hash/pom.xml
new file mode 100755
index 000000000..06a2e53f5
--- /dev/null
+++ b/sdnr/wt/common-yang/iana-crypt-hash/pom.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ ============LICENSE_START=======================================================
+ ~ ONAP : ccsdk features
+ ~ ================================================================================
+ ~ Copyright (C) 2020 highstreet technologies GmbH Intellectual Property.
+ ~ All rights reserved.
+ ~ ================================================================================
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ ~ ============LICENSE_END=======================================================
+ ~
+ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.onap.ccsdk.parent</groupId>
+ <artifactId>binding-parent</artifactId>
+ <version>2.1.0-SNAPSHOT</version>
+ <relativePath/>
+ </parent>
+
+ <groupId>org.onap.ccsdk.features.sdnr.wt</groupId>
+ <artifactId>iana-crypt-hash</artifactId>
+ <version>1.1.0-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>ccsdk-features :: ${project.artifactId}</name>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc6991-ietf-yang-types</artifactId>
+ </dependency>
+ </dependencies>
+</project>
diff --git a/sdnr/wt/common-yang/iana-crypt-hash/src/main/yang/iana-crypt-hash@2014-08-06.yang b/sdnr/wt/common-yang/iana-crypt-hash/src/main/yang/iana-crypt-hash@2014-08-06.yang
new file mode 100644
index 000000000..44c4674f8
--- /dev/null
+++ b/sdnr/wt/common-yang/iana-crypt-hash/src/main/yang/iana-crypt-hash@2014-08-06.yang
@@ -0,0 +1,120 @@
+module iana-crypt-hash {
+ namespace "urn:ietf:params:xml:ns:yang:iana-crypt-hash";
+ prefix ianach;
+
+ organization "IANA";
+ contact
+ " Internet Assigned Numbers Authority
+
+ Postal: ICANN
+ 12025 Waterfront Drive, Suite 300
+ Los Angeles, CA 90094-2536
+ United States
+
+ Tel: +1 310 301 5800
+ E-Mail: iana@iana.org>";
+ description
+ "This YANG module defines a type for storing passwords
+ using a hash function and features to indicate which hash
+ functions are supported by an implementation.
+
+ The latest revision of this YANG module can be obtained from
+ the IANA web site.
+
+ Requests for new values should be made to IANA via
+ email (iana@iana.org).
+
+ Copyright (c) 2014 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ The initial version of this YANG module is part of RFC 7317;
+ see the RFC itself for full legal notices.";
+
+ revision 2014-08-06 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 7317: A YANG Data Model for System Management";
+ }
+
+ typedef crypt-hash {
+ type string {
+ pattern
+ '$0$.*'
+ + '|$1$[a-zA-Z0-9./]{1,8}$[a-zA-Z0-9./]{22}'
+ + '|$5$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{43}'
+ + '|$6$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{86}';
+ }
+ description
+ "The crypt-hash type is used to store passwords using
+ a hash function. The algorithms for applying the hash
+ function and encoding the result are implemented in
+ various UNIX systems as the function crypt(3).
+
+ A value of this type matches one of the forms:
+
+ $0$<clear text password>
+ $<id>$<salt>$<password hash>
+ $<id>$<parameter>$<salt>$<password hash>
+
+ The '$0$' prefix signals that the value is clear text. When
+ such a value is received by the server, a hash value is
+ calculated, and the string '$<id>$<salt>$' or
+ $<id>$<parameter>$<salt>$ is prepended to the result. This
+ value is stored in the configuration data store.
+ If a value starting with '$<id>$', where <id> is not '0', is
+ received, the server knows that the value already represents a
+ hashed value and stores it 'as is' in the data store.
+
+ When a server needs to verify a password given by a user, it
+ finds the stored password hash string for that user, extracts
+ the salt, and calculates the hash with the salt and given
+ password as input. If the calculated hash value is the same
+ as the stored value, the password given by the client is
+ accepted.
+
+ This type defines the following hash functions:
+
+ id | hash function | feature
+ ---+---------------+-------------------
+ 1 | MD5 | crypt-hash-md5
+ 5 | SHA-256 | crypt-hash-sha-256
+ 6 | SHA-512 | crypt-hash-sha-512
+
+ The server indicates support for the different hash functions
+ by advertising the corresponding feature.";
+ reference
+ "IEEE Std 1003.1-2008 - crypt() function
+ RFC 1321: The MD5 Message-Digest Algorithm
+ FIPS.180-4.2012: Secure Hash Standard (SHS)";
+ }
+
+ feature crypt-hash-md5 {
+ description
+ "Indicates that the device supports the MD5
+ hash function in 'crypt-hash' values.";
+ reference "RFC 1321: The MD5 Message-Digest Algorithm";
+ }
+
+ feature crypt-hash-sha-256 {
+ description
+ "Indicates that the device supports the SHA-256
+ hash function in 'crypt-hash' values.";
+ reference "FIPS.180-4.2012: Secure Hash Standard (SHS)";
+ }
+
+ feature crypt-hash-sha-512 {
+ description
+ "Indicates that the device supports the SHA-512
+ hash function in 'crypt-hash' values.";
+ reference "FIPS.180-4.2012: Secure Hash Standard (SHS)";
+ }
+
+}
diff --git a/sdnr/wt/common-yang/ietf-alarms/pom.xml b/sdnr/wt/common-yang/ietf-alarms/pom.xml
new file mode 100755
index 000000000..0e0591846
--- /dev/null
+++ b/sdnr/wt/common-yang/ietf-alarms/pom.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ ============LICENSE_START=======================================================
+ ~ ONAP : ccsdk features
+ ~ ================================================================================
+ ~ Copyright (C) 2020 highstreet technologies GmbH Intellectual Property.
+ ~ All rights reserved.
+ ~ ================================================================================
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ ~ ============LICENSE_END=======================================================
+ ~
+ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.onap.ccsdk.parent</groupId>
+ <artifactId>binding-parent</artifactId>
+ <version>2.1.0-SNAPSHOT</version>
+ <relativePath/>
+ </parent>
+
+ <groupId>org.onap.ccsdk.features.sdnr.wt</groupId>
+ <artifactId>ietf-alarms</artifactId>
+ <version>1.1.0-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>ccsdk-features :: ${project.artifactId}</name>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc6991-ietf-yang-types</artifactId>
+ </dependency>
+ </dependencies>
+</project>
diff --git a/sdnr/wt/common-yang/ietf-alarms/src/main/yang/ietf-alarms@2019-09-11.yang b/sdnr/wt/common-yang/ietf-alarms/src/main/yang/ietf-alarms@2019-09-11.yang
new file mode 100644
index 000000000..a1c195faf
--- /dev/null
+++ b/sdnr/wt/common-yang/ietf-alarms/src/main/yang/ietf-alarms@2019-09-11.yang
@@ -0,0 +1,1526 @@
+module ietf-alarms {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-alarms";
+ prefix al;
+
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991: Common YANG Data Types.";
+ }
+
+ organization
+ "IETF CCAMP Working Group";
+ contact
+ "WG Web: <https://trac.ietf.org/trac/ccamp>
+ WG List: <mailto:ccamp@ietf.org>
+
+ Editor: Stefan Vallin
+ <mailto:stefan@wallan.se>
+
+ Editor: Martin Bjorklund
+ <mailto:mbj@tail-f.com>";
+ description
+ "This module defines an interface for managing alarms. Main
+ inputs to the module design are the 3GPP Alarm Integration
+ Reference Point (IRP), ITU-T X.733, and ANSI/ISA-18.2 alarm
+ standards.
+ Main features of this module include:
+
+ * Alarm list:
+ A list of all alarms. Cleared alarms stay in
+ the list until explicitly purged.
+
+ * Operator actions on alarms:
+ Acknowledging and closing alarms.
+
+ * Administrative actions on alarms:
+ Purging alarms from the list according to specific
+ criteria.
+
+ * Alarm inventory:
+ A management application can read all
+ alarm types implemented by the system.
+
+ * Alarm shelving:
+ Shelving (blocking) alarms according
+ to specific criteria.
+
+ * Alarm profiles:
+ A management system can attach further
+ information to alarm types, for example,
+ overriding system-default severity
+ levels.
+
+ This module uses a stateful view on alarms. An alarm is a state
+ for a specific resource (note that an alarm is not a
+ notification). An alarm type is a possible alarm state for a
+ resource. For example, the tuple:
+
+ ('link-alarm', 'GigabitEthernet0/25')
+
+ is an alarm of type 'link-alarm' on the resource
+ 'GigabitEthernet0/25'.
+
+ Alarm types are identified using YANG identities and an optional
+ string-based qualifier. The string-based qualifier allows for
+ dynamic extension of the statically defined alarm types. Alarm
+ types identify a possible alarm state and not the individual
+ notifications. For example, the traditional 'link-down' and
+ 'link-up' notifications are two notifications referring to the
+ same alarm type 'link-alarm'.
+
+ With this design, there is no ambiguity about how alarm and
+ alarm clear correlation should be performed; notifications that
+ report the same resource and alarm type are considered updates
+ of the same alarm, e.g., clearing an active alarm or changing
+ the severity of an alarm. The instrumentation can update the
+ severity and alarm text on an existing alarm. The above alarm
+ example can therefore look like the following:
+
+ (('link-alarm', 'GigabitEthernet0/25'),
+ warning,
+ 'interface down while interface admin state is up')
+
+ There is a clear separation between updates on the alarm from
+ the underlying resource, like clear, and updates from an
+ operator, like acknowledging or closing an alarm:
+
+ (('link-alarm', 'GigabitEthernet0/25'),
+ warning,
+ 'interface down while interface admin state is up',
+ cleared,
+ closed)
+
+ Administrative actions like removing closed alarms older than a
+ given time is supported.
+
+ This YANG module does not define how the underlying
+ instrumentation detects and clears the specific alarms. That
+ belongs to the Standards Development Organization (SDO) or
+ enterprise that owns that specific technology.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+ NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+ 'MAY', and 'OPTIONAL' in this document are to be interpreted as
+ described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+ they appear in all capitals, as shown here.
+
+ Copyright (c) 2019 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject to
+ the license terms contained in, the Simplified BSD License set
+ forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8632; see
+ the RFC itself for full legal notices.";
+
+ revision 2019-09-11 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 8632: A YANG Data Model for Alarm Management";
+ }
+
+ /*
+ * Features
+ */
+
+ feature operator-actions {
+ description
+ "This feature indicates that the system supports operator
+ states on alarms.";
+ }
+
+ feature alarm-shelving {
+ description
+ "This feature indicates that the system supports shelving
+ (blocking) alarms.
+
+ Alarm shelving may have an impact on server processing
+ resources in order to match alarms against shelf
+ criteria.";
+ }
+
+ feature alarm-history {
+ description
+ "This feature indicates that the server maintains a history
+ of state changes for each alarm. For example, if an alarm
+ toggles between cleared and active 10 times, these state
+ changes are present in a separate list in the alarm.
+
+ Keeping the alarm history may have an impact on server
+ memory resources.";
+ }
+
+ feature alarm-summary {
+ description
+ "This feature indicates that the server summarizes the number
+ of alarms per severity and operator state.";
+ }
+
+ feature alarm-profile {
+ description
+ "The system enables clients to configure further information
+ to each alarm type.";
+ }
+
+ feature severity-assignment {
+ description
+ "The system supports configurable alarm severity levels.";
+ reference
+ "ITU-T Recommendation M.3100:
+ Generic network information model
+ ITU-T Recommendation M.3160:
+ Generic, protocol-neutral management information model";
+ }
+
+ feature root-cause-analysis {
+ description
+ "The system supports identifying candidate root-cause
+ resources for an alarm, for example, a disk partition
+ root cause for a logger failure alarm.";
+ }
+
+ feature service-impact-analysis {
+ description
+ "The system supports identifying candidate-impacted
+ resources for an alarm, for example, an interface state change
+ resulting in a link alarm, which can refer to a link as being
+ impacted.";
+ }
+
+ feature alarm-correlation {
+ description
+ "The system supports correlating/grouping alarms
+ that belong together.";
+ }
+
+ /*
+ * Identities
+ */
+
+ identity alarm-type-id {
+ description
+ "Base identity for alarm types. A unique identification of
+ the alarm, not including the resource. Different resources
+ can share alarm types. If the resource reports the same
+ alarm type, it is considered to be the same alarm. The alarm
+ type is a simplification of the different X.733 and 3GPP Alarm
+ IRP correlation mechanisms, and it allows for
+ hierarchical extensions.
+
+ A string-based qualifier can be used in addition to the
+ identity in order to have different alarm types based on
+ information not known at design time, such as values in
+ textual SNMP Notification varbinds.
+
+ Standards and vendors can define sub-identities to clearly
+ identify specific alarm types.
+
+ This identity is abstract and MUST NOT be used for alarms.";
+ }
+
+ /*
+ * Common types
+ */
+
+ typedef resource {
+ type union {
+ type instance-identifier {
+ require-instance false;
+ }
+ type yang:object-identifier;
+ type string;
+ type yang:uuid;
+ }
+ description
+ "This is an identification of the alarming resource, such as an
+ interface. It should be as fine-grained as possible to both
+ guide the operator and guarantee uniqueness of the alarms.
+
+ If the alarming resource is modeled in YANG, this type will
+ be an instance-identifier.
+
+ If the resource is an SNMP object, the type will be an
+ 'object-identifier'.
+
+ If the resource is anything else, for example, a distinguished
+ name or a Common Information Model (CIM) path, this type will
+ be a string.
+
+ If the alarming object is identified by a Universally Unique
+ Identifier (UUID), use the uuid type. Be cautious when using
+ this type, since a UUID is hard to use for an operator.
+
+ If the server supports several models, the precedence should
+ be in the order as given in the union definition.";
+ }
+
+ typedef resource-match {
+ type union {
+ type yang:xpath1.0;
+ type yang:object-identifier;
+ type string;
+ }
+ description
+ "This type is used to match resources of type 'resource'.
+ Since the type 'resource' is a union of different types, the
+ 'resource-match' type is also a union of corresponding types.
+
+ If the type is given as an XPath 1.0 expression, a resource
+ of type 'instance-identifier' matches if the instance is part
+ of the node set that is the result of evaluating the XPath 1.0
+ expression. For example, the XPath 1.0 expression:
+
+ /ietf-interfaces:interfaces/ietf-interfaces:interface
+ [ietf-interfaces:type='ianaift:ethernetCsmacd']
+
+ would match the resource instance-identifier:
+
+ /if:interfaces/if:interface[if:name='eth1'],
+
+ assuming that the interface 'eth1' is of type
+ 'ianaift:ethernetCsmacd'.
+
+ If the type is given as an object identifier, a resource of
+ type 'object-identifier' matches if the match object
+ identifier is a prefix of the resource's object identifier.
+ For example, the value:
+
+ 1.3.6.1.2.1.2.2
+
+ would match the resource object identifier:
+
+ 1.3.6.1.2.1.2.2.1.1.5
+
+ If the type is given as an UUID or a string, it is interpreted
+ as an XML Schema regular expression, which matches a resource
+ of type 'yang:uuid' or 'string' if the given regular
+ expression matches the resource string.
+
+ If the type is given as an XPath expression, it is evaluated
+ in the following XPath context:
+
+ o The set of namespace declarations is the set of prefix
+ and namespace pairs for all YANG modules implemented by
+ the server, where the prefix is the YANG module name and
+ the namespace is as defined by the 'namespace' statement
+ in the YANG module.
+
+ If a leaf of this type is encoded in XML, all namespace
+ declarations in scope on the leaf element are added to
+ the set of namespace declarations. If a prefix found in
+ the XML is already present in the set of namespace
+ declarations, the namespace in the XML is used.
+
+ o The set of variable bindings is empty.
+
+ o The function library is the core function library, and
+ the functions are defined in Section 10 of RFC 7950.
+
+ o The context node is the root node in the data tree.";
+ reference
+ "XML Schema Part 2: Datatypes Second Edition,
+ World Wide Web Consortium Recommendation
+ REC-xmlschema-2-20041028";
+ }
+
+ typedef alarm-text {
+ type string;
+ description
+ "The string used to inform operators about the alarm. This
+ MUST contain enough information for an operator to be able to
+ understand the problem and how to resolve it. If this string
+ contains structure, this format should be clearly documented
+ for programs to be able to parse that information.";
+ }
+
+ typedef severity {
+ type enumeration {
+ enum indeterminate {
+ value 2;
+ description
+ "Indicates that the severity level could not be
+ determined. This level SHOULD be avoided.";
+ }
+ enum warning {
+ value 3;
+ description
+ "The 'warning' severity level indicates the detection of a
+ potential or impending service-affecting fault, before any
+ significant effects have been felt. Action should be
+ taken to further diagnose (if necessary) and correct the
+ problem in order to prevent it from becoming a more
+ serious service-affecting fault.";
+ }
+ enum minor {
+ value 4;
+ description
+ "The 'minor' severity level indicates the existence of a
+ non-service-affecting fault condition and that corrective
+ action should be taken in order to prevent a more serious
+ (for example, service-affecting) fault. Such a severity
+ can be reported, for example, when the detected alarm
+ condition is not currently degrading the capacity of the
+ resource.";
+ }
+ enum major {
+ value 5;
+ description
+ "The 'major' severity level indicates that a service-
+ affecting condition has developed and an urgent corrective
+ action is required. Such a severity can be reported, for
+ example, when there is a severe degradation in the
+ capability of the resource and its full capability must be
+ restored.";
+ }
+ enum critical {
+ value 6;
+ description
+ "The 'critical' severity level indicates that a service-
+ affecting condition has occurred and an immediate
+ corrective action is required. Such a severity can be
+ reported, for example, when a resource becomes totally out
+ of service and its capability must be restored.";
+ }
+ }
+ description
+ "The severity level of the alarm. Note well that the value
+ 'clear' is not included. Whether or not an alarm is cleared
+ is a separate boolean flag.";
+ reference
+ "ITU-T Recommendation X.733: Information Technology
+ - Open Systems Interconnection
+ - System Management: Alarm Reporting Function";
+ }
+
+ typedef severity-with-clear {
+ type union {
+ type enumeration {
+ enum cleared {
+ value 1;
+ description
+ "The alarm is cleared by the instrumentation.";
+ }
+ }
+ type severity;
+ }
+ description
+ "The severity level of the alarm including clear. This is used
+ only in notifications reporting state changes for an alarm.";
+ }
+
+ typedef writable-operator-state {
+ type enumeration {
+ enum none {
+ value 1;
+ description
+ "The alarm is not being taken care of.";
+ }
+ enum ack {
+ value 2;
+ description
+ "The alarm is being taken care of. Corrective action not
+ taken yet or has failed";
+ }
+ enum closed {
+ value 3;
+ description
+ "Corrective action taken successfully.";
+ }
+ }
+ description
+ "Operator states on an alarm. The 'closed' state indicates
+ that an operator considers the alarm being resolved. This is
+ separate from the alarm's 'is-cleared' leaf.";
+ }
+
+ typedef operator-state {
+ type union {
+ type writable-operator-state;
+ type enumeration {
+ enum shelved {
+ value 4;
+ description
+ "The alarm is shelved. Alarms in /alarms/shelved-alarms/
+ MUST be assigned this operator state by the server as
+ the last entry in the 'operator-state-change' list. The
+ text for that entry SHOULD include the shelf name.";
+ }
+ enum un-shelved {
+ value 5;
+ description
+ "The alarm is moved back to 'alarm-list' from a shelf.
+ Alarms that are moved from /alarms/shelved-alarms/ to
+ /alarms/alarm-list MUST be assigned this state by the
+ server as the last entry in the 'operator-state-change'
+ list. The text for that entry SHOULD include the shelf
+ name.";
+ }
+ }
+ }
+ description
+ "Operator states on an alarm. The 'closed' state indicates
+ that an operator considers the alarm being resolved. This is
+ separate from the alarm's 'is-cleared' leaf.";
+ }
+
+ /* Alarm type */
+
+ typedef alarm-type-id {
+ type identityref {
+ base alarm-type-id;
+ }
+ description
+ "Identifies an alarm type. The description of the alarm type
+ id MUST indicate whether or not the alarm type is abstract.
+ An abstract alarm type is used as a base for other alarm type
+ ids and will not be used as a value for an alarm or be present
+ in the alarm inventory.";
+ }
+
+ typedef alarm-type-qualifier {
+ type string;
+ description
+ "If an alarm type cannot be fully specified at design time by
+ 'alarm-type-id', this string qualifier is used in addition to
+ fully define a unique alarm type.
+
+ The definition of alarm qualifiers is considered to be part of
+ the instrumentation and is out of scope for this module. An
+ empty string is used when this is part of a key.";
+ }
+
+ /*
+ * Groupings
+ */
+
+ grouping common-alarm-parameters {
+ description
+ "Common parameters for an alarm.
+
+ This grouping is used both in the alarm list and in the
+ notification representing an alarm-state change.";
+ leaf resource {
+ type resource;
+ mandatory true;
+ description
+ "The alarming resource. See also 'alt-resource'. This could
+ be, for example, a reference to the alarming interface";
+ }
+ leaf alarm-type-id {
+ type alarm-type-id;
+ mandatory true;
+ description
+ "This leaf and the leaf 'alarm-type-qualifier' together
+ provide a unique identification of the alarm type.";
+ }
+ leaf alarm-type-qualifier {
+ type alarm-type-qualifier;
+ description
+ "This leaf is used when the 'alarm-type-id' leaf cannot
+ uniquely identify the alarm type. Normally, this is not the
+ case, and this leaf is the empty string.";
+ }
+ leaf-list alt-resource {
+ type resource;
+ description
+ "Used if the alarming resource is available over other
+ interfaces. This field can contain SNMP OIDs, CIM paths, or
+ 3GPP distinguished names, for example.";
+ }
+ list related-alarm {
+ if-feature "alarm-correlation";
+ key "resource alarm-type-id alarm-type-qualifier";
+ description
+ "References to related alarms. Note that the related alarm
+ might have been purged from the alarm list.";
+ leaf resource {
+ type leafref {
+ path "/alarms/alarm-list/alarm/resource";
+ require-instance false;
+ }
+ description
+ "The alarming resource for the related alarm.";
+ }
+ leaf alarm-type-id {
+ type leafref {
+ path "/alarms/alarm-list/alarm"
+ + "[resource=current()/../resource]"
+ + "/alarm-type-id";
+ require-instance false;
+ }
+ description
+ "The alarm type identifier for the related alarm.";
+ }
+ leaf alarm-type-qualifier {
+ type leafref {
+ path "/alarms/alarm-list/alarm"
+ + "[resource=current()/../resource]"
+ + "[alarm-type-id=current()/../alarm-type-id]"
+ + "/alarm-type-qualifier";
+ require-instance false;
+ }
+ description
+ "The alarm qualifier for the related alarm.";
+ }
+ }
+ leaf-list impacted-resource {
+ if-feature "service-impact-analysis";
+ type resource;
+ description
+ "Resources that might be affected by this alarm. If the
+ system creates an alarm on a resource and also has a mapping
+ to other resources that might be impacted, these resources
+ can be listed in this leaf-list. In this way, the system
+ can create one alarm instead of several. For example, if an
+ interface has an alarm, the 'impacted-resource' can
+ reference the aggregated port channels.";
+ }
+ leaf-list root-cause-resource {
+ if-feature "root-cause-analysis";
+ type resource;
+ description
+ "Resources that are candidates for causing the alarm. If the
+ system has a mechanism to understand the candidate root
+ causes of an alarm, this leaf-list can be used to list the
+ root-cause candidate resources. In this way, the system can
+ create one alarm instead of several. An example might be a
+ logging system (alarm resource) that fails; the alarm can
+ reference the file system in the 'root-cause-resource'
+ leaf-list. Note that the intended use is not to also send
+ an alarm with the 'root-cause-resource' as an alarming
+ resource. The 'root-cause-resource' leaf-list is a hint and
+ should not also generate an alarm for the same problem.";
+ }
+ }
+
+ grouping alarm-state-change-parameters {
+ description
+ "Parameters for an alarm-state change.
+
+ This grouping is used both in the alarm list's status-change
+ list and in the notification representing an alarm-state
+ change.";
+ leaf time {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "The time the status of the alarm changed. The value
+ represents the time the real alarm-state change appeared in
+ the resource and not when it was added to the alarm
+ list. The /alarm-list/alarm/last-changed MUST be set to the
+ same value.";
+ }
+ leaf perceived-severity {
+ type severity-with-clear;
+ mandatory true;
+ description
+ "The severity of the alarm as defined by X.733. Note that
+ this may not be the original severity since the alarm may
+ have changed severity.";
+ reference
+ "ITU-T Recommendation X.733: Information Technology
+ - Open Systems Interconnection
+ - System Management: Alarm Reporting Function";
+ }
+ leaf alarm-text {
+ type alarm-text;
+ mandatory true;
+ description
+ "A user-friendly text describing the alarm-state change.";
+ reference
+ "ITU-T Recommendation X.733: Information Technology
+ - Open Systems Interconnection
+ - System Management: Alarm Reporting Function";
+ }
+ }
+
+ grouping operator-parameters {
+ description
+ "This grouping defines parameters that can be changed by an
+ operator.";
+ leaf time {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "Timestamp for operator action on the alarm.";
+ }
+ leaf operator {
+ type string;
+ mandatory true;
+ description
+ "The name of the operator that has acted on this alarm.";
+ }
+ leaf state {
+ type operator-state;
+ mandatory true;
+ description
+ "The operator's view of the alarm state.";
+ }
+ leaf text {
+ type string;
+ description
+ "Additional optional textual information provided by the
+ operator.";
+ }
+ }
+
+ grouping resource-alarm-parameters {
+ description
+ "Alarm parameters that originate from the resource view.";
+ leaf is-cleared {
+ type boolean;
+ mandatory true;
+ description
+ "Indicates the current clearance state of the alarm. An
+ alarm might toggle from active alarm to cleared alarm and
+ back to active again.";
+ }
+ leaf last-raised {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "An alarm may change severity level and toggle between
+ active and cleared during its lifetime. This leaf indicates
+ the last time it was raised ('is-cleared' = 'false').";
+ }
+ leaf last-changed {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "A timestamp when the 'status-change' or
+ 'operator-state-change' list was last changed.";
+ }
+ leaf perceived-severity {
+ type severity;
+ mandatory true;
+ description
+ "The last severity of the alarm.
+
+ If an alarm was raised with severity 'warning' but later
+ changed to 'major', this leaf will show 'major'.";
+ }
+ leaf alarm-text {
+ type alarm-text;
+ mandatory true;
+ description
+ "The last reported alarm text. This text should contain
+ information for an operator to be able to understand the
+ problem and how to resolve it.";
+ }
+ list status-change {
+ if-feature "alarm-history";
+ key "time";
+ min-elements 1;
+ description
+ "A list of status-change events for this alarm.
+
+ The entry with latest timestamp in this list MUST
+ correspond to the leafs 'is-cleared', 'perceived-severity',
+ and 'alarm-text' for the alarm.
+
+ This list is ordered according to the timestamps of alarm
+ state changes. The first item corresponds to the latest
+ state change.
+
+ The following state changes create an entry in this
+ list:
+ - changed severity (warning, minor, major, critical)
+ - clearance status; this also updates the 'is-cleared'
+ leaf
+ - alarm-text update";
+ uses alarm-state-change-parameters;
+ }
+ }
+
+ grouping filter-input {
+ description
+ "Grouping to specify a filter construct on alarm information.";
+ leaf alarm-clearance-status {
+ type enumeration {
+ enum any {
+ description
+ "Ignore alarm-clearance status.";
+ }
+ enum cleared {
+ description
+ "Filter cleared alarms.";
+ }
+ enum not-cleared {
+ description
+ "Filter not-cleared alarms.";
+ }
+ }
+ mandatory true;
+ description
+ "The clearance status of the alarm.";
+ }
+ container older-than {
+ presence "Age specification";
+ description
+ "Matches the 'last-status-change' leaf in the alarm.";
+ choice age-spec {
+ description
+ "Filter using date and time age.";
+ case seconds {
+ leaf seconds {
+ type uint16;
+ description
+ "Age expressed in seconds.";
+ }
+ }
+ case minutes {
+ leaf minutes {
+ type uint16;
+ description
+ "Age expressed in minutes.";
+ }
+ }
+ case hours {
+ leaf hours {
+ type uint16;
+ description
+ "Age expressed in hours.";
+ }
+ }
+ case days {
+ leaf days {
+ type uint16;
+ description
+ "Age expressed in days.";
+ }
+ }
+ case weeks {
+ leaf weeks {
+ type uint16;
+ description
+ "Age expressed in weeks.";
+ }
+ }
+ }
+ }
+ container severity {
+ presence "Severity filter";
+ choice sev-spec {
+ description
+ "Filter based on severity level.";
+ leaf below {
+ type severity;
+ description
+ "Severity less than this leaf.";
+ }
+ leaf is {
+ type severity;
+ description
+ "Severity level equal to this leaf.";
+ }
+ leaf above {
+ type severity;
+ description
+ "Severity level higher than this leaf.";
+ }
+ }
+ description
+ "Filter based on severity.";
+ }
+ container operator-state-filter {
+ if-feature "operator-actions";
+ presence "Operator state filter";
+ leaf state {
+ type operator-state;
+ description
+ "Filter on operator state.";
+ }
+ leaf user {
+ type string;
+ description
+ "Filter based on which operator.";
+ }
+ description
+ "Filter based on operator state.";
+ }
+ }
+
+ /*
+ * The /alarms data tree
+ */
+
+ container alarms {
+ description
+ "The top container for this module.";
+ container control {
+ description
+ "Configuration to control the alarm behavior.";
+ leaf max-alarm-status-changes {
+ type union {
+ type uint16;
+ type enumeration {
+ enum infinite {
+ description
+ "The status-change entries are accumulated
+ infinitely.";
+ }
+ }
+ }
+ default "32";
+ description
+ "The 'status-change' entries are kept in a circular list
+ per alarm. When this number is exceeded, the oldest
+ status change entry is automatically removed. If the
+ value is 'infinite', the status-change entries are
+ accumulated infinitely.";
+ }
+ leaf notify-status-changes {
+ type enumeration {
+ enum all-state-changes {
+ description
+ "Send notifications for all status changes.";
+ }
+ enum raise-and-clear {
+ description
+ "Send notifications only for raise, clear, and
+ re-raise. Notifications for severity-level changes or
+ alarm-text changes are not sent.";
+ }
+ enum severity-level {
+ description
+ "Only send notifications for alarm-state changes
+ crossing the level specified in
+ 'notify-severity-level'. Always send clear
+ notifications.";
+ }
+ }
+ must '. != "severity-level" or ../notify-severity-level' {
+ description
+ "When notify-status-changes is 'severity-level', a value
+ must be given for 'notify-severity-level'.";
+ }
+ default "all-state-changes";
+ description
+ "This leaf controls the notifications sent for alarm status
+ updates. There are three options:
+
+ 1. Notifications are sent for all updates, severity-level
+ changes, and alarm-text changes.
+
+ 2. Notifications are only sent for alarm raise and clear.
+
+ 3. Notifications are sent for status changes equal to or
+ above the specified severity level. Clear
+ notifications shall always be sent. Notifications
+ shall also be sent for state changes that make an
+ alarm less severe than the specified level.
+
+ For example, in option 3, assume that the severity level
+ is set to major and that the alarm has the following state
+ changes:
+
+ [(Time, severity, clear)]:
+ [(T1, major, -), (T2, minor, -), (T3, warning, -),
+ (T4, minor, -), (T5, major, -), (T6, critical, -),
+ (T7, major. -), (T8, major, clear)]
+
+ In that case, notifications will be sent at times
+ T1, T2, T5, T6, T7, and T8.";
+ }
+ leaf notify-severity-level {
+ when '../notify-status-changes = "severity-level"';
+ type severity;
+ description
+ "Only send notifications for alarm-state changes crossing
+ the specified level. Always send clear notifications.";
+ }
+ container alarm-shelving {
+ if-feature "alarm-shelving";
+ description
+ "The 'alarm-shelving/shelf' list is used to shelve
+ (block/filter) alarms. The conditions in the shelf
+ criteria are logically ANDed. The first matching shelf is
+ used, and an alarm is shelved only for this first match.
+ Matching alarms MUST appear in the
+ /alarms/shelved-alarms/shelved-alarm list, and
+ non-matching /alarms MUST appear in the
+ /alarms/alarm-list/alarm list. The server does not send
+ any notifications for shelved alarms.
+
+ The server MUST maintain states (e.g., severity
+ changes) for the shelved alarms.
+
+ Alarms that match the criteria shall have an
+ operator state 'shelved'. When the shelf
+ configuration removes an alarm from the shelf, the server
+ shall add the operator state 'un-shelved'.";
+ list shelf {
+ key "name";
+ ordered-by user;
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for the alarm shelf.";
+ }
+ description
+ "Each entry defines the criteria for shelving alarms.
+ Criteria are ANDed. If no criteria are specified,
+ all alarms will be shelved.";
+ leaf-list resource {
+ type resource-match;
+ description
+ "Shelve alarms for matching resources.";
+ }
+ list alarm-type {
+ key "alarm-type-id alarm-type-qualifier-match";
+ description
+ "Any alarm matching the combined criteria of
+ 'alarm-type-id' and 'alarm-type-qualifier-match'
+ MUST be matched.";
+ leaf alarm-type-id {
+ type alarm-type-id;
+ description
+ "Shelve all alarms that have an 'alarm-type-id' that
+ is equal to or derived from the given
+ 'alarm-type-id'.";
+ }
+ leaf alarm-type-qualifier-match {
+ type string;
+ description
+ "An XML Schema regular expression that is used to
+ match an alarm type qualifier. Shelve all alarms
+ that match this regular expression for the alarm
+ type qualifier.";
+ reference
+ "XML Schema Part 2: Datatypes Second Edition,
+ World Wide Web Consortium Recommendation
+ REC-xmlschema-2-20041028";
+ }
+ }
+ leaf description {
+ type string;
+ description
+ "An optional textual description of the shelf. This
+ description should include the reason for shelving
+ these alarms.";
+ }
+ }
+ }
+ }
+ container alarm-inventory {
+ config false;
+ description
+ "The 'alarm-inventory/alarm-type' list contains all possible
+ alarm types for the system.
+
+ If the system knows for which resources a specific alarm
+ type can appear, it is also identified in the inventory.
+ The list also tells if each alarm type has a corresponding
+ clear state. The inventory shall only contain concrete
+ alarm types.
+
+ The alarm inventory MUST be updated by the system when new
+ alarms can appear. This can be the case when installing new
+ software modules or inserting new card types. A
+ notification 'alarm-inventory-changed' is sent when the
+ inventory is changed.";
+ list alarm-type {
+ key "alarm-type-id alarm-type-qualifier";
+ description
+ "An entry in this list defines a possible alarm.";
+ leaf alarm-type-id {
+ type alarm-type-id;
+ description
+ "The statically defined alarm type identifier for this
+ possible alarm.";
+ }
+ leaf alarm-type-qualifier {
+ type alarm-type-qualifier;
+ description
+ "The optionally dynamically defined alarm type identifier
+ for this possible alarm.";
+ }
+ leaf-list resource {
+ type resource-match;
+ description
+ "Optionally, specifies for which resources the alarm type
+ is valid.";
+ }
+ leaf will-clear {
+ type boolean;
+ mandatory true;
+ description
+ "This leaf tells the operator if the alarm will be
+ cleared when the correct corrective action has been
+ taken. Implementations SHOULD strive for detecting the
+ cleared state for all alarm types.
+
+ If this leaf is 'true', the operator can monitor the
+ alarm until it becomes cleared after the corrective
+ action has been taken.
+
+ If this leaf is 'false', the operator needs to validate
+ that the alarm is no longer active using other
+ mechanisms. Alarms can lack a corresponding clear due
+ to missing instrumentation or no logical
+ corresponding clear state.";
+ }
+ leaf-list severity-level {
+ type severity;
+ description
+ "This leaf-list indicates the possible severity levels of
+ this alarm type. Note well that 'clear' is not part of
+ the severity type. In general, the severity level
+ should be defined by the instrumentation based on the
+ dynamic state, rather than being defined statically by
+ the alarm type, in order to provide a relevant severity
+ level based on dynamic state and context. However, most
+ alarm types have a defined set of possible severity
+ levels, and this should be provided here.";
+ }
+ leaf description {
+ type string;
+ mandatory true;
+ description
+ "A description of the possible alarm. It SHOULD include
+ information on possible underlying root causes and
+ corrective actions.";
+ }
+ }
+ }
+ container summary {
+ if-feature "alarm-summary";
+ config false;
+ description
+ "This container gives a summary of the number of alarms.";
+ list alarm-summary {
+ key "severity";
+ description
+ "A global summary of all alarms in the system. The summary
+ does not include shelved alarms.";
+ leaf severity {
+ type severity;
+ description
+ "Alarm summary for this severity level.";
+ }
+ leaf total {
+ type yang:gauge32;
+ description
+ "Total number of alarms of this severity level.";
+ }
+ leaf not-cleared {
+ type yang:gauge32;
+ description
+ "Total number of alarms of this severity level
+ that are not cleared.";
+ }
+ leaf cleared {
+ type yang:gauge32;
+ description
+ "For this severity level, the number of alarms that are
+ cleared.";
+ }
+ leaf cleared-not-closed {
+ if-feature "operator-actions";
+ type yang:gauge32;
+ description
+ "For this severity level, the number of alarms that are
+ cleared but not closed.";
+ }
+ leaf cleared-closed {
+ if-feature "operator-actions";
+ type yang:gauge32;
+ description
+ "For this severity level, the number of alarms that are
+ cleared and closed.";
+ }
+ leaf not-cleared-closed {
+ if-feature "operator-actions";
+ type yang:gauge32;
+ description
+ "For this severity level, the number of alarms that are
+ not cleared but closed.";
+ }
+ leaf not-cleared-not-closed {
+ if-feature "operator-actions";
+ type yang:gauge32;
+ description
+ "For this severity level, the number of alarms that are
+ not cleared and not closed.";
+ }
+ }
+ leaf shelves-active {
+ if-feature "alarm-shelving";
+ type empty;
+ description
+ "This is a hint to the operator that there are active
+ alarm shelves. This leaf MUST exist if the
+ /alarms/shelved-alarms/number-of-shelved-alarms is > 0.";
+ }
+ }
+ container alarm-list {
+ config false;
+ description
+ "The alarms in the system.";
+ leaf number-of-alarms {
+ type yang:gauge32;
+ description
+ "This object shows the total number of
+ alarms in the system, i.e., the total number
+ of entries in the alarm list.";
+ }
+ leaf last-changed {
+ type yang:date-and-time;
+ description
+ "A timestamp when the alarm list was last
+ changed. The value can be used by a manager to
+ initiate an alarm resynchronization procedure.";
+ }
+ list alarm {
+ key "resource alarm-type-id alarm-type-qualifier";
+ description
+ "The list of alarms. Each entry in the list holds one
+ alarm for a given alarm type and resource. An alarm can
+ be updated from the underlying resource or by the user.
+ The following leafs are maintained by the resource:
+ 'is-cleared', 'last-change', 'perceived-severity', and
+ 'alarm-text'. An operator can change 'operator-state' and
+ 'operator-text'.
+
+ Entries appear in the alarm list the first time an alarm
+ becomes active for a given alarm type and resource.
+ Entries do not get deleted when the alarm is cleared.
+ Clear status is represented as a boolean flag.
+
+ Alarm entries are removed, i.e., purged, from the list by
+ an explicit purge action. For example, purge all alarms
+ that are cleared and in closed operator state that are
+ older than 24 hours. Purged alarms are removed from the
+ alarm list. If the alarm resource state changes after a
+ purge, the alarm will reappear in the alarm list.
+
+ Systems may also remove alarms based on locally configured
+ policies; this is out of scope for this module.";
+ uses common-alarm-parameters;
+ leaf time-created {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "The timestamp when this alarm entry was created. This
+ represents the first time the alarm appeared; it can
+ also represent that the alarm reappeared after a purge.
+ Further state changes of the same alarm do not change
+ this leaf; these changes will update the 'last-changed'
+ leaf.";
+ }
+ uses resource-alarm-parameters;
+ list operator-state-change {
+ if-feature "operator-actions";
+ key "time";
+ description
+ "This list is used by operators to indicate the state of
+ human intervention on an alarm. For example, if an
+ operator has seen an alarm, the operator can add a new
+ item to this list indicating that the alarm is
+ acknowledged.";
+ uses operator-parameters;
+ }
+ action set-operator-state {
+ if-feature "operator-actions";
+ description
+ "This is a means for the operator to indicate the level
+ of human intervention on an alarm.";
+ input {
+ leaf state {
+ type writable-operator-state;
+ mandatory true;
+ description
+ "Set this operator state.";
+ }
+ leaf text {
+ type string;
+ description
+ "Additional optional textual information.";
+ }
+ }
+ }
+ notification operator-action {
+ if-feature "operator-actions";
+ description
+ "This notification is used to report that an operator
+ acted upon an alarm.";
+ uses operator-parameters;
+ }
+ }
+ action purge-alarms {
+ description
+ "This operation requests that the server delete entries
+ from the alarm list according to the supplied criteria.
+
+ Typically, this operation is used to delete alarms that
+ are in closed operator state and older than a specified
+ time.
+
+ The number of purged alarms is returned as an output
+ parameter.";
+ input {
+ uses filter-input;
+ }
+ output {
+ leaf purged-alarms {
+ type uint32;
+ description
+ "Number of purged alarms.";
+ }
+ }
+ }
+ action compress-alarms {
+ if-feature "alarm-history";
+ description
+ "This operation requests that the server compress
+ entries in the alarm list by removing all but the
+ latest 'status-change' entry for all matching alarms.
+ Conditions in the input are logically ANDed. If no
+ input condition is given, all alarms are compressed.";
+ input {
+ leaf resource {
+ type resource-match;
+ description
+ "Compress the alarms matching this resource.";
+ }
+ leaf alarm-type-id {
+ type leafref {
+ path "/alarms/alarm-list/alarm/alarm-type-id";
+ require-instance false;
+ }
+ description
+ "Compress alarms with this 'alarm-type-id'.";
+ }
+ leaf alarm-type-qualifier {
+ type leafref {
+ path "/alarms/alarm-list/alarm/alarm-type-qualifier";
+ require-instance false;
+ }
+ description
+ "Compress the alarms with this
+ 'alarm-type-qualifier'.";
+ }
+ }
+ output {
+ leaf compressed-alarms {
+ type uint32;
+ description
+ "Number of compressed alarm entries.";
+ }
+ }
+ }
+ }
+ container shelved-alarms {
+ if-feature "alarm-shelving";
+ config false;
+ description
+ "The shelved alarms. Alarms appear here if they match the
+ criteria in /alarms/control/alarm-shelving. This list does
+ not generate any notifications. The list represents alarms
+ that are considered not relevant by the operator. Alarms in
+ this list have an 'operator-state' of 'shelved'. This
+ cannot be changed.";
+ leaf number-of-shelved-alarms {
+ type yang:gauge32;
+ description
+ "This object shows the total number of current
+ alarms, i.e., the total number of entries
+ in the alarm list.";
+ }
+ leaf shelved-alarms-last-changed {
+ type yang:date-and-time;
+ description
+ "A timestamp when the shelved-alarm list was last changed.
+ The value can be used by a manager to initiate an alarm
+ resynchronization procedure.";
+ }
+ list shelved-alarm {
+ key "resource alarm-type-id alarm-type-qualifier";
+ description
+ "The list of shelved alarms. Shelved alarms can only be
+ updated from the underlying resource; no operator actions
+ are supported.";
+ uses common-alarm-parameters;
+ leaf shelf-name {
+ type leafref {
+ path "/alarms/control/alarm-shelving/shelf/name";
+ require-instance false;
+ }
+ description
+ "The name of the shelf.";
+ }
+ uses resource-alarm-parameters;
+ list operator-state-change {
+ if-feature "operator-actions";
+ key "time";
+ description
+ "This list is used by operators to indicate the state of
+ human intervention on an alarm. For shelved alarms, the
+ system has set the list item in the list to 'shelved'.";
+ uses operator-parameters;
+ }
+ }
+ action purge-shelved-alarms {
+ description
+ "This operation requests that the server delete entries from
+ the shelved-alarm list according to the supplied criteria.
+ In the shelved-alarm list, it makes sense to delete alarms
+ that are not relevant anymore.
+
+ The number of purged alarms is returned as an output
+ parameter.";
+ input {
+ uses filter-input;
+ }
+ output {
+ leaf purged-alarms {
+ type uint32;
+ description
+ "Number of purged alarms.";
+ }
+ }
+ }
+ action compress-shelved-alarms {
+ if-feature "alarm-history";
+ description
+ "This operation requests that the server compress entries
+ in the shelved-alarm list by removing all but the latest
+ 'status-change' entry for all matching shelved alarms.
+ Conditions in the input are logically ANDed. If no input
+ condition is given, all alarms are compressed.";
+ input {
+ leaf resource {
+ type leafref {
+ path "/alarms/shelved-alarms/shelved-alarm/resource";
+ require-instance false;
+ }
+ description
+ "Compress the alarms with this resource.";
+ }
+ leaf alarm-type-id {
+ type leafref {
+ path "/alarms/shelved-alarms/shelved-alarm"
+ + "/alarm-type-id";
+ require-instance false;
+ }
+ description
+ "Compress alarms with this 'alarm-type-id'.";
+ }
+ leaf alarm-type-qualifier {
+ type leafref {
+ path "/alarms/shelved-alarms/shelved-alarm"
+ + "/alarm-type-qualifier";
+ require-instance false;
+ }
+ description
+ "Compress the alarms with this
+ 'alarm-type-qualifier'.";
+ }
+ }
+ output {
+ leaf compressed-alarms {
+ type uint32;
+ description
+ "Number of compressed alarm entries.";
+ }
+ }
+ }
+ }
+ list alarm-profile {
+ if-feature "alarm-profile";
+ key "alarm-type-id alarm-type-qualifier-match resource";
+ ordered-by user;
+ description
+ "This list is used to assign further information or
+ configuration for each alarm type. This module supports a
+ mechanism where the client can override the system-default
+ alarm severity levels. The 'alarm-profile' is also a useful
+ augmentation point for specific additions to alarm types.";
+ leaf alarm-type-id {
+ type alarm-type-id;
+ description
+ "The alarm type identifier to match.";
+ }
+ leaf alarm-type-qualifier-match {
+ type string;
+ description
+ "An XML Schema regular expression that is used to match the
+ alarm type qualifier.";
+ reference
+ "XML Schema Part 2: Datatypes Second Edition,
+ World Wide Web Consortium Recommendation
+ REC-xmlschema-2-20041028";
+ }
+ leaf resource {
+ type resource-match;
+ description
+ "Specifies which resources to match.";
+ }
+ leaf description {
+ type string;
+ mandatory true;
+ description
+ "A description of the alarm profile.";
+ }
+ container alarm-severity-assignment-profile {
+ if-feature "severity-assignment";
+ description
+ "The client can override the system-default severity
+ level.";
+ reference
+ "ITU-T Recommendation M.3100:
+ Generic network information model
+ ITU-T Recommendation M.3160:
+ Generic, protocol-neutral management information model";
+ leaf-list severity-level {
+ type severity;
+ ordered-by user;
+ description
+ "Specifies the configured severity level(s) for the
+ matching alarm. If the alarm has several severity
+ levels, the leaf-list shall be given in rising severity
+ order. The original M3100/M3160 ASAP function only
+ allows for a one-to-one mapping between alarm type and
+ severity, but since YANG module supports stateful
+ alarms, the mapping must allow for several severity
+ levels.
+
+ Assume a high-utilization alarm type with two thresholds
+ with the system-default severity levels of threshold1 =
+ warning and threshold2 = minor. Setting this leaf-list
+ to (minor, major) will assign the severity levels as
+ threshold1 = minor and threshold2 = major";
+ }
+ }
+ }
+ }
+
+ /*
+ * Notifications
+ */
+
+ notification alarm-notification {
+ description
+ "This notification is used to report a state change for an
+ alarm. The same notification is used for reporting a newly
+ raised alarm, a cleared alarm, or changing the text and/or
+ severity of an existing alarm.";
+ uses common-alarm-parameters;
+ uses alarm-state-change-parameters;
+ }
+
+ notification alarm-inventory-changed {
+ description
+ "This notification is used to report that the list of possible
+ alarms has changed. This can happen when, for example, a new
+ software module is installed or a new physical card is
+ inserted.";
+ }
+}
diff --git a/sdnr/wt/common-yang/onap/pom.xml b/sdnr/wt/common-yang/onap/pom.xml
new file mode 100755
index 000000000..4c2c9d89d
--- /dev/null
+++ b/sdnr/wt/common-yang/onap/pom.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ ============LICENSE_START=======================================================
+ ~ ONAP : ccsdk features
+ ~ ================================================================================
+ ~ Copyright (C) 2020 highstreet technologies GmbH Intellectual Property.
+ ~ All rights reserved.
+ ~ ================================================================================
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ ~ ============LICENSE_END=======================================================
+ ~
+ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.onap.ccsdk.parent</groupId>
+ <artifactId>binding-parent</artifactId>
+ <version>2.1.0-SNAPSHOT</version>
+ <relativePath/>
+ </parent>
+
+ <groupId>org.onap.ccsdk.features.sdnr.wt</groupId>
+ <artifactId>onap-system</artifactId>
+ <version>1.1.0-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>ccsdk-features :: ${project.artifactId}</name>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.onap.ccsdk.features.sdnr.wt</groupId>
+ <artifactId>rfc7317-ietf-system</artifactId>
+ <version>1.1.0-SNAPSHOT</version>
+ </dependency>
+ </dependencies>
+</project>
diff --git a/sdnr/wt/common-yang/onap/src/main/yang/onap-system.yang b/sdnr/wt/common-yang/onap/src/main/yang/onap-system.yang
new file mode 100644
index 000000000..3e194298e
--- /dev/null
+++ b/sdnr/wt/common-yang/onap/src/main/yang/onap-system.yang
@@ -0,0 +1,59 @@
+module onap-system {
+ yang-version 1.1;
+ namespace "urn:onap:system";
+ prefix os;
+
+ import ietf-inet-types {
+ prefix inet;
+ }
+ import ietf-system {
+ prefix sys;
+ }
+
+ organization
+ "ONAP - Open Network Automation Platform";
+ contact
+ "Web: <https://www.onap.org>
+ Editors:
+ Alex Stancu <mailto:alexandru.stancu@highstreet-technologies.com>
+ Adrian Lita <mailto:adrian.lita@highstreet-technologies.com>
+ Martin Skorupski <mailto:martin.skorupski@highstreet-technologies.com>";
+ description
+ "This module augments ietf-system with ONAP details.
+
+ Copyright 2020 the O-RAN Alliance.
+
+ Licensed under the Apache License, Version 2.0 (the 'License');
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an 'AS IS' BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.";
+
+ revision 2020-10-26 {
+ description
+ "Initial revision for the ietf-system augmentation for ONAP.";
+ reference
+ "https://jira.onap.org/browse/SDNC-1396";
+ }
+
+ augment "/sys:system" {
+ leaf name {
+ type string;
+ description
+ "The name of the system.";
+ }
+ leaf web-ui {
+ type inet:uri;
+ description
+ "The URI of the system Web UI.";
+ }
+ description
+ "Enhancing the system information.";
+ }
+}
diff --git a/sdnr/wt/common-yang/pom.xml b/sdnr/wt/common-yang/pom.xml
new file mode 100755
index 000000000..5c86f498d
--- /dev/null
+++ b/sdnr/wt/common-yang/pom.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ ============LICENSE_START=======================================================
+ ~ ONAP : ccsdk features
+ ~ ================================================================================
+ ~ Copyright (C) 2020 highstreet technologies GmbH Intellectual Property.
+ ~ All rights reserved.
+ ~ ================================================================================
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ ~ ============LICENSE_END=======================================================
+ ~
+ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.onap.ccsdk.parent</groupId>
+ <artifactId>odlparent-lite</artifactId>
+ <version>2.1.0-SNAPSHOT</version>
+ <relativePath/>
+ </parent>
+
+ <groupId>org.onap.ccsdk.features.sdnr.wt</groupId>
+ <artifactId>common-yang</artifactId>
+ <version>1.1.0-SNAPSHOT</version>
+ <packaging>pom</packaging>
+
+ <name>ccsdk-features :: ${project.artifactId}</name>
+
+ <modules>
+ <module>onap</module>
+ <module>iana-crypt-hash</module>
+ <module>rfc8341</module>
+ <module>rfc7317-ietf-system</module>
+ <module>ietf-alarms</module>
+ </modules>
+
+</project>
diff --git a/sdnr/wt/common-yang/rfc7317-ietf-system/pom.xml b/sdnr/wt/common-yang/rfc7317-ietf-system/pom.xml
new file mode 100755
index 000000000..6d9dc6a3d
--- /dev/null
+++ b/sdnr/wt/common-yang/rfc7317-ietf-system/pom.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ ============LICENSE_START=======================================================
+ ~ ONAP : ccsdk features
+ ~ ================================================================================
+ ~ Copyright (C) 2018 highstreet technologies GmbH Intellectual Property.
+ ~ All rights reserved.
+ ~ ================================================================================
+ ~ Update Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
+ ~ ================================================================================
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ ~ ============LICENSE_END=======================================================
+ ~
+ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.onap.ccsdk.parent</groupId>
+ <artifactId>binding-parent</artifactId>
+ <version>2.1.0-SNAPSHOT</version>
+ <relativePath/>
+ </parent>
+
+ <groupId>org.onap.ccsdk.features.sdnr.wt</groupId>
+ <artifactId>rfc7317-ietf-system</artifactId>
+ <version>1.1.0-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>ccsdk-features :: ${project.artifactId}</name>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.onap.ccsdk.features.sdnr.wt</groupId>
+ <artifactId>rfc8341</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.onap.ccsdk.features.sdnr.wt</groupId>
+ <artifactId>iana-crypt-hash</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc6991-ietf-inet-types</artifactId>
+ </dependency>
+ </dependencies>
+</project>
diff --git a/sdnr/wt/common-yang/rfc7317-ietf-system/src/main/yang/ietf-system@2014-08-06.yang b/sdnr/wt/common-yang/rfc7317-ietf-system/src/main/yang/ietf-system@2014-08-06.yang
new file mode 100644
index 000000000..1618242bc
--- /dev/null
+++ b/sdnr/wt/common-yang/rfc7317-ietf-system/src/main/yang/ietf-system@2014-08-06.yang
@@ -0,0 +1,800 @@
+module ietf-system {
+ namespace "urn:ietf:params:xml:ns:yang:ietf-system";
+ prefix "sys";
+
+ import ietf-yang-types {
+ prefix yang;
+ }
+
+ import ietf-inet-types {
+ prefix inet;
+ }
+
+ import ietf-netconf-acm {
+ prefix nacm;
+ }
+
+ import iana-crypt-hash {
+ prefix ianach;
+ }
+
+ organization
+ "IETF NETMOD (NETCONF Data Modeling Language) Working Group";
+
+ contact
+ "WG Web: <http://tools.ietf.org/wg/netmod/>
+ WG List: <mailto:netmod@ietf.org>
+
+ WG Chair: Thomas Nadeau
+ <mailto:tnadeau@lucidvision.com>
+
+ WG Chair: Juergen Schoenwaelder
+ <mailto:j.schoenwaelder@jacobs-university.de>
+
+ Editor: Andy Bierman
+ <mailto:andy@yumaworks.com>
+
+ Editor: Martin Bjorklund
+ <mailto:mbj@tail-f.com>";
+
+ description
+ "This module contains a collection of YANG definitions for the
+ configuration and identification of some common system
+ properties within a device containing a NETCONF server. This
+ includes data node definitions for system identification,
+ time-of-day management, user management, DNS resolver
+ configuration, and some protocol operations for system
+ management.
+
+ Copyright (c) 2014 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 7317; see
+ the RFC itself for full legal notices.";
+
+ revision 2014-08-06 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 7317: A YANG Data Model for System Management";
+ }
+
+ /*
+ * Typedefs
+ */
+
+ typedef timezone-name {
+ type string;
+ description
+ "A time zone name as used by the Time Zone Database,
+ sometimes referred to as the 'Olson Database'.
+
+ The exact set of valid values is an implementation-specific
+ matter. Client discovery of the exact set of time zone names
+ for a particular server is out of scope.";
+ reference
+ "RFC 6557: Procedures for Maintaining the Time Zone Database";
+ }
+
+ /*
+ * Features
+ */
+
+ feature radius {
+ description
+ "Indicates that the device can be configured as a RADIUS
+ client.";
+ reference
+ "RFC 2865: Remote Authentication Dial In User Service (RADIUS)";
+ }
+
+ feature authentication {
+ description
+ "Indicates that the device supports configuration of
+ user authentication.";
+ }
+
+ feature local-users {
+ if-feature authentication;
+ description
+ "Indicates that the device supports configuration of
+ local user authentication.";
+ }
+
+ feature radius-authentication {
+ if-feature radius;
+ if-feature authentication;
+ description
+ "Indicates that the device supports configuration of user
+ authentication over RADIUS.";
+ reference
+ "RFC 2865: Remote Authentication Dial In User Service (RADIUS)
+ RFC 5607: Remote Authentication Dial-In User Service (RADIUS)
+ Authorization for Network Access Server (NAS)
+ Management";
+ }
+
+ feature ntp {
+ description
+ "Indicates that the device can be configured to use one or
+ more NTP servers to set the system date and time.";
+ }
+
+ feature ntp-udp-port {
+ if-feature ntp;
+ description
+ "Indicates that the device supports the configuration of
+ the UDP port for NTP servers.
+
+ This is a 'feature', since many implementations do not support
+ any port other than the default port.";
+ }
+
+ feature timezone-name {
+ description
+ "Indicates that the local time zone on the device
+ can be configured to use the TZ database
+ to set the time zone and manage daylight saving time.";
+ reference
+ "RFC 6557: Procedures for Maintaining the Time Zone Database";
+ }
+
+ feature dns-udp-tcp-port {
+ description
+ "Indicates that the device supports the configuration of
+ the UDP and TCP port for DNS servers.
+
+ This is a 'feature', since many implementations do not support
+ any port other than the default port.";
+ }
+
+ /*
+ * Identities
+ */
+
+ identity authentication-method {
+ description
+ "Base identity for user authentication methods.";
+ }
+
+ identity radius {
+ base authentication-method;
+ description
+ "Indicates user authentication using RADIUS.";
+ reference
+ "RFC 2865: Remote Authentication Dial In User Service (RADIUS)
+ RFC 5607: Remote Authentication Dial-In User Service (RADIUS)
+ Authorization for Network Access Server (NAS)
+ Management";
+ }
+
+ identity local-users {
+ base authentication-method;
+ description
+ "Indicates password-based authentication of locally
+ configured users.";
+ }
+
+ identity radius-authentication-type {
+ description
+ "Base identity for RADIUS authentication types.";
+ }
+
+ identity radius-pap {
+ base radius-authentication-type;
+ description
+ "The device requests Password Authentication Protocol (PAP)
+ authentication from the RADIUS server.";
+ reference
+ "RFC 2865: Remote Authentication Dial In User Service (RADIUS)";
+ }
+
+ identity radius-chap {
+ base radius-authentication-type;
+ description
+ "The device requests Challenge Handshake Authentication
+ Protocol (CHAP) authentication from the RADIUS server.";
+ reference
+ "RFC 2865: Remote Authentication Dial In User Service (RADIUS)";
+ }
+
+ /*
+ * Configuration data nodes
+ */
+
+ container system {
+ description
+ "System group configuration.";
+
+ leaf contact {
+ type string;
+ description
+ "The administrator contact information for the system.
+
+ A server implementation MAY map this leaf to the sysContact
+ MIB object. Such an implementation needs to use some
+ mechanism to handle the differences in size and characters
+ allowed between this leaf and sysContact. The definition of
+ such a mechanism is outside the scope of this document.";
+ reference
+ "RFC 3418: Management Information Base (MIB) for the
+ Simple Network Management Protocol (SNMP)
+ SNMPv2-MIB.sysContact";
+ }
+ leaf hostname {
+ type inet:domain-name;
+ description
+ "The name of the host. This name can be a single domain
+ label or the fully qualified domain name of the host.";
+ }
+ leaf location {
+ type string;
+ description
+ "The system location.
+
+ A server implementation MAY map this leaf to the sysLocation
+ MIB object. Such an implementation needs to use some
+ mechanism to handle the differences in size and characters
+ allowed between this leaf and sysLocation. The definition
+ of such a mechanism is outside the scope of this document.";
+ reference
+ "RFC 3418: Management Information Base (MIB) for the
+ Simple Network Management Protocol (SNMP)
+ SNMPv2-MIB.sysLocation";
+ }
+
+ container clock {
+ description
+ "Configuration of the system date and time properties.";
+
+ choice timezone {
+ description
+ "The system time zone information.";
+
+ case timezone-name {
+ if-feature timezone-name;
+ leaf timezone-name {
+ type timezone-name;
+ description
+ "The TZ database name to use for the system, such
+ as 'Europe/Stockholm'.";
+ }
+ }
+ case timezone-utc-offset {
+ leaf timezone-utc-offset {
+ type int16 {
+ range "-1500 .. 1500";
+ }
+ units "minutes";
+ description
+ "The number of minutes to add to UTC time to
+ identify the time zone for this system. For example,
+ 'UTC - 8:00 hours' would be represented as '-480'.
+ Note that automatic daylight saving time adjustment
+ is not provided if this object is used.";
+ }
+ }
+ }
+ }
+
+ container ntp {
+ if-feature ntp;
+ presence
+ "Enables the NTP client unless the 'enabled' leaf
+ (which defaults to 'true') is set to 'false'";
+ description
+ "Configuration of the NTP client.";
+
+ leaf enabled {
+ type boolean;
+ default true;
+ description
+ "Indicates that the system should attempt to
+ synchronize the system clock with an NTP server
+ from the 'ntp/server' list.";
+ }
+ list server {
+ key name;
+ description
+ "List of NTP servers to use for system clock
+ synchronization. If '/system/ntp/enabled'
+ is 'true', then the system will attempt to
+ contact and utilize the specified NTP servers.";
+
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for the NTP server.";
+ }
+ choice transport {
+ mandatory true;
+ description
+ "The transport-protocol-specific parameters for this
+ server.";
+
+ case udp {
+ container udp {
+ description
+ "Contains UDP-specific configuration parameters
+ for NTP.";
+ leaf address {
+ type inet:host;
+ mandatory true;
+ description
+ "The address of the NTP server.";
+ }
+ leaf port {
+ if-feature ntp-udp-port;
+ type inet:port-number;
+ default 123;
+ description
+ "The port number of the NTP server.";
+ }
+ }
+ }
+ }
+ leaf association-type {
+ type enumeration {
+ enum server {
+ description
+ "Use client association mode. This device
+ will not provide synchronization to the
+ configured NTP server.";
+ }
+ enum peer {
+ description
+ "Use symmetric active association mode.
+ This device may provide synchronization
+ to the configured NTP server.";
+ }
+ enum pool {
+ description
+ "Use client association mode with one or
+ more of the NTP servers found by DNS
+ resolution of the domain name given by
+ the 'address' leaf. This device will not
+ provide synchronization to the servers.";
+ }
+ }
+ default server;
+ description
+ "The desired association type for this NTP server.";
+ }
+ leaf iburst {
+ type boolean;
+ default false;
+ description
+ "Indicates whether this server should enable burst
+ synchronization or not.";
+ }
+ leaf prefer {
+ type boolean;
+ default false;
+ description
+ "Indicates whether this server should be preferred
+ or not.";
+ }
+ }
+ }
+
+ container dns-resolver {
+ description
+ "Configuration of the DNS resolver.";
+
+ leaf-list search {
+ type inet:domain-name;
+ ordered-by user;
+ description
+ "An ordered list of domains to search when resolving
+ a host name.";
+ }
+ list server {
+ key name;
+ ordered-by user;
+ description
+ "List of the DNS servers that the resolver should query.
+
+ When the resolver is invoked by a calling application, it
+ sends the query to the first name server in this list. If
+ no response has been received within 'timeout' seconds,
+ the resolver continues with the next server in the list.
+ If no response is received from any server, the resolver
+ continues with the first server again. When the resolver
+ has traversed the list 'attempts' times without receiving
+ any response, it gives up and returns an error to the
+ calling application.
+
+ Implementations MAY limit the number of entries in this
+ list.";
+
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for the DNS server.";
+ }
+ choice transport {
+ mandatory true;
+ description
+ "The transport-protocol-specific parameters for this
+ server.";
+
+ case udp-and-tcp {
+ container udp-and-tcp {
+ description
+ "Contains UDP- and TCP-specific configuration
+ parameters for DNS.";
+ reference
+ "RFC 1035: Domain Names - Implementation and
+ Specification
+ RFC 5966: DNS Transport over TCP - Implementation
+ Requirements";
+
+ leaf address {
+ type inet:ip-address;
+ mandatory true;
+ description
+ "The address of the DNS server.";
+ }
+ leaf port {
+ if-feature dns-udp-tcp-port;
+ type inet:port-number;
+ default 53;
+ description
+ "The UDP and TCP port number of the DNS server.";
+ }
+ }
+ }
+ }
+ }
+ container options {
+ description
+ "Resolver options. The set of available options has been
+ limited to those that are generally available across
+ different resolver implementations and generally useful.";
+ leaf timeout {
+ type uint8 {
+ range "1..max";
+ }
+ units "seconds";
+ default "5";
+ description
+ "The amount of time the resolver will wait for a
+ response from each remote name server before
+ retrying the query via a different name server.";
+ }
+ leaf attempts {
+ type uint8 {
+ range "1..max";
+ }
+ default "2";
+ description
+ "The number of times the resolver will send a query to
+ all of its name servers before giving up and returning
+ an error to the calling application.";
+ }
+ }
+ }
+
+ container radius {
+ if-feature radius;
+
+ description
+ "Configuration of the RADIUS client.";
+
+ list server {
+ key name;
+ ordered-by user;
+ description
+ "List of RADIUS servers used by the device.
+
+ When the RADIUS client is invoked by a calling
+ application, it sends the query to the first server in
+ this list. If no response has been received within
+ 'timeout' seconds, the client continues with the next
+ server in the list. If no response is received from any
+ server, the client continues with the first server again.
+ When the client has traversed the list 'attempts' times
+ without receiving any response, it gives up and returns an
+ error to the calling application.";
+
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for the RADIUS server.";
+ }
+ choice transport {
+ mandatory true;
+ description
+ "The transport-protocol-specific parameters for this
+ server.";
+
+ case udp {
+ container udp {
+ description
+ "Contains UDP-specific configuration parameters
+ for RADIUS.";
+ leaf address {
+ type inet:host;
+ mandatory true;
+ description
+ "The address of the RADIUS server.";
+ }
+
+ leaf authentication-port {
+ type inet:port-number;
+ default "1812";
+ description
+ "The port number of the RADIUS server.";
+ }
+ leaf shared-secret {
+ type string;
+ mandatory true;
+ nacm:default-deny-all;
+ description
+ "The shared secret, which is known to both the
+ RADIUS client and server.";
+ reference
+ "RFC 2865: Remote Authentication Dial In User
+ Service (RADIUS)";
+ }
+ }
+ }
+ }
+ leaf authentication-type {
+ type identityref {
+ base radius-authentication-type;
+ }
+ default radius-pap;
+ description
+ "The authentication type requested from the RADIUS
+ server.";
+ }
+ }
+ container options {
+ description
+ "RADIUS client options.";
+
+ leaf timeout {
+ type uint8 {
+ range "1..max";
+ }
+ units "seconds";
+ default "5";
+ description
+ "The number of seconds the device will wait for a
+ response from each RADIUS server before trying with a
+ different server.";
+ }
+
+ leaf attempts {
+ type uint8 {
+ range "1..max";
+ }
+ default "2";
+ description
+ "The number of times the device will send a query to
+ all of its RADIUS servers before giving up.";
+ }
+ }
+ }
+
+ container authentication {
+ nacm:default-deny-write;
+ if-feature authentication;
+
+ description
+ "The authentication configuration subtree.";
+
+ leaf-list user-authentication-order {
+ type identityref {
+ base authentication-method;
+ }
+ must '(. != "sys:radius" or ../../radius/server)' {
+ error-message
+ "When 'radius' is used, a RADIUS server"
+ + " must be configured.";
+ description
+ "When 'radius' is used as an authentication method,
+ a RADIUS server must be configured.";
+ }
+ ordered-by user;
+
+ description
+ "When the device authenticates a user with a password,
+ it tries the authentication methods in this leaf-list in
+ order. If authentication with one method fails, the next
+ method is used. If no method succeeds, the user is
+ denied access.
+
+ An empty user-authentication-order leaf-list still allows
+ authentication of users using mechanisms that do not
+ involve a password.
+
+ If the 'radius-authentication' feature is advertised by
+ the NETCONF server, the 'radius' identity can be added to
+ this list.
+
+ If the 'local-users' feature is advertised by the
+ NETCONF server, the 'local-users' identity can be
+ added to this list.";
+ }
+
+ list user {
+ if-feature local-users;
+ key name;
+ description
+ "The list of local users configured on this device.";
+
+ leaf name {
+ type string;
+ description
+ "The user name string identifying this entry.";
+ }
+ leaf password {
+ type ianach:crypt-hash;
+ description
+ "The password for this entry.";
+ }
+ list authorized-key {
+ key name;
+ description
+ "A list of public SSH keys for this user. These keys
+ are allowed for SSH authentication, as described in
+ RFC 4253.";
+ reference
+ "RFC 4253: The Secure Shell (SSH) Transport Layer
+ Protocol";
+
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for the SSH key.";
+ }
+
+ leaf algorithm {
+ type string;
+ mandatory true;
+ description
+ "The public key algorithm name for this SSH key.
+
+ Valid values are the values in the IANA 'Secure Shell
+ (SSH) Protocol Parameters' registry, Public Key
+ Algorithm Names.";
+ reference
+ "IANA 'Secure Shell (SSH) Protocol Parameters'
+ registry, Public Key Algorithm Names";
+ }
+ leaf key-data {
+ type binary;
+ mandatory true;
+ description
+ "The binary public key data for this SSH key, as
+ specified by RFC 4253, Section 6.6, i.e.:
+
+ string certificate or public key format
+ identifier
+ byte[n] key/certificate data.";
+ reference
+ "RFC 4253: The Secure Shell (SSH) Transport Layer
+ Protocol";
+ }
+ }
+ }
+ }
+ }
+
+ /*
+ * Operational state data nodes
+ */
+
+ container system-state {
+ config false;
+ description
+ "System group operational state.";
+
+ container platform {
+ description
+ "Contains vendor-specific information for
+ identifying the system platform and operating system.";
+ reference
+ "IEEE Std 1003.1-2008 - sys/utsname.h";
+
+ leaf os-name {
+ type string;
+ description
+ "The name of the operating system in use -
+ for example, 'Linux'.";
+ reference
+ "IEEE Std 1003.1-2008 - utsname.sysname";
+ }
+ leaf os-release {
+ type string;
+ description
+ "The current release level of the operating
+ system in use. This string MAY indicate
+ the OS source code revision.";
+ reference
+ "IEEE Std 1003.1-2008 - utsname.release";
+ }
+ leaf os-version {
+ type string;
+ description
+ "The current version level of the operating
+ system in use. This string MAY indicate
+ the specific OS build date and target variant
+ information.";
+ reference
+ "IEEE Std 1003.1-2008 - utsname.version";
+ }
+ leaf machine {
+ type string;
+ description
+ "A vendor-specific identifier string representing
+ the hardware in use.";
+ reference
+ "IEEE Std 1003.1-2008 - utsname.machine";
+ }
+ }
+
+ container clock {
+ description
+ "Monitoring of the system date and time properties.";
+
+ leaf current-datetime {
+ type yang:date-and-time;
+ description
+ "The current system date and time.";
+ }
+
+ leaf boot-datetime {
+ type yang:date-and-time;
+ description
+ "The system date and time when the system last restarted.";
+ }
+ }
+ }
+
+ rpc set-current-datetime {
+ nacm:default-deny-all;
+ description
+ "Set the /system-state/clock/current-datetime leaf
+ to the specified value.
+
+ If the system is using NTP (i.e., /system/ntp/enabled
+ is set to 'true'), then this operation will fail with
+ error-tag 'operation-failed' and error-app-tag value of
+ 'ntp-active'.";
+ input {
+ leaf current-datetime {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "The current system date and time.";
+ }
+ }
+ }
+
+ rpc system-restart {
+ nacm:default-deny-all;
+ description
+ "Request that the entire system be restarted immediately.
+ A server SHOULD send an rpc reply to the client before
+ restarting the system.";
+ }
+
+ rpc system-shutdown {
+ nacm:default-deny-all;
+ description
+ "Request that the entire system be shut down immediately.
+ A server SHOULD send an rpc reply to the client before
+ shutting down the system.";
+ }
+
+}
diff --git a/sdnr/wt/common-yang/rfc8341/pom.xml b/sdnr/wt/common-yang/rfc8341/pom.xml
new file mode 100755
index 000000000..696f57f3f
--- /dev/null
+++ b/sdnr/wt/common-yang/rfc8341/pom.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ ============LICENSE_START=======================================================
+ ~ ONAP : ccsdk features
+ ~ ================================================================================
+ ~ Copyright (C) 2020 highstreet technologies GmbH Intellectual Property.
+ ~ All rights reserved.
+ ~ ================================================================================
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ ~ ============LICENSE_END=======================================================
+ ~
+ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.onap.ccsdk.parent</groupId>
+ <artifactId>binding-parent</artifactId>
+ <version>2.1.0-SNAPSHOT</version>
+ <relativePath/>
+ </parent>
+
+ <groupId>org.onap.ccsdk.features.sdnr.wt</groupId>
+ <artifactId>rfc8341</artifactId>
+ <version>1.1.0-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>ccsdk-features :: ${project.artifactId}</name>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.mdsal.binding.model.ietf</groupId>
+ <artifactId>rfc6991-ietf-yang-types</artifactId>
+ </dependency>
+ </dependencies>
+</project>
diff --git a/sdnr/wt/common-yang/rfc8341/src/main/yang/ietf-netconf-acm.yang b/sdnr/wt/common-yang/rfc8341/src/main/yang/ietf-netconf-acm.yang
new file mode 100644
index 000000000..bf4855faf
--- /dev/null
+++ b/sdnr/wt/common-yang/rfc8341/src/main/yang/ietf-netconf-acm.yang
@@ -0,0 +1,464 @@
+module ietf-netconf-acm {
+
+ namespace "urn:ietf:params:xml:ns:yang:ietf-netconf-acm";
+
+ prefix nacm;
+
+ import ietf-yang-types {
+ prefix yang;
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+
+ contact
+ "WG Web: <https://datatracker.ietf.org/wg/netconf/>
+ WG List: <mailto:netconf@ietf.org>
+
+ Author: Andy Bierman
+ <mailto:andy@yumaworks.com>
+
+ Author: Martin Bjorklund
+ <mailto:mbj@tail-f.com>";
+
+ description
+ "Network Configuration Access Control Model.
+
+ Copyright (c) 2012 - 2018 IETF Trust and the persons
+ identified as authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD
+ License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8341; see
+ the RFC itself for full legal notices.";
+
+ revision "2018-02-14" {
+ description
+ "Added support for YANG 1.1 actions and notifications tied to
+ data nodes. Clarified how NACM extensions can be used by
+ other data models.";
+ reference
+ "RFC 8341: Network Configuration Access Control Model";
+ }
+
+ revision "2012-02-22" {
+ description
+ "Initial version.";
+ reference
+ "RFC 6536: Network Configuration Protocol (NETCONF)
+ Access Control Model";
+ }
+
+ /*
+ * Extension statements
+ */
+
+ extension default-deny-write {
+ description
+ "Used to indicate that the data model node
+ represents a sensitive security system parameter.
+
+ If present, the NETCONF server will only allow the designated
+ 'recovery session' to have write access to the node. An
+ explicit access control rule is required for all other users.
+
+ If the NACM module is used, then it must be enabled (i.e.,
+ /nacm/enable-nacm object equals 'true'), or this extension
+ is ignored.
+
+ The 'default-deny-write' extension MAY appear within a data
+ definition statement. It is ignored otherwise.";
+ }
+
+ extension default-deny-all {
+ description
+ "Used to indicate that the data model node
+ controls a very sensitive security system parameter.
+
+ If present, the NETCONF server will only allow the designated
+ 'recovery session' to have read, write, or execute access to
+ the node. An explicit access control rule is required for all
+ other users.
+
+ If the NACM module is used, then it must be enabled (i.e.,
+ /nacm/enable-nacm object equals 'true'), or this extension
+ is ignored.
+
+ The 'default-deny-all' extension MAY appear within a data
+ definition statement, 'rpc' statement, or 'notification'
+ statement. It is ignored otherwise.";
+ }
+
+ /*
+ * Derived types
+ */
+
+ typedef user-name-type {
+ type string {
+ length "1..max";
+ }
+ description
+ "General-purpose username string.";
+ }
+
+ typedef matchall-string-type {
+ type string {
+ pattern '\*';
+ }
+ description
+ "The string containing a single asterisk '*' is used
+ to conceptually represent all possible values
+ for the particular leaf using this data type.";
+ }
+
+ typedef access-operations-type {
+ type bits {
+ bit create {
+ description
+ "Any protocol operation that creates a
+ new data node.";
+ }
+ bit read {
+ description
+ "Any protocol operation or notification that
+ returns the value of a data node.";
+ }
+ bit update {
+ description
+ "Any protocol operation that alters an existing
+ data node.";
+ }
+ bit delete {
+ description
+ "Any protocol operation that removes a data node.";
+ }
+ bit exec {
+ description
+ "Execution access to the specified protocol operation.";
+ }
+ }
+ description
+ "Access operation.";
+ }
+
+ typedef group-name-type {
+ type string {
+ length "1..max";
+ pattern '[^\*].*';
+ }
+ description
+ "Name of administrative group to which
+ users can be assigned.";
+ }
+
+ typedef action-type {
+ type enumeration {
+ enum permit {
+ description
+ "Requested action is permitted.";
+ }
+ enum deny {
+ description
+ "Requested action is denied.";
+ }
+ }
+ description
+ "Action taken by the server when a particular
+ rule matches.";
+ }
+
+ typedef node-instance-identifier {
+ type yang:xpath1.0;
+ description
+ "Path expression used to represent a special
+ data node, action, or notification instance-identifier
+ string.
+
+ A node-instance-identifier value is an
+ unrestricted YANG instance-identifier expression.
+ All the same rules as an instance-identifier apply,
+ except that predicates for keys are optional. If a key
+ predicate is missing, then the node-instance-identifier
+ represents all possible server instances for that key.
+
+ This XML Path Language (XPath) expression is evaluated in the
+ following context:
+
+ o The set of namespace declarations are those in scope on
+ the leaf element where this type is used.
+
+ o The set of variable bindings contains one variable,
+ 'USER', which contains the name of the user of the
+ current session.
+
+ o The function library is the core function library, but
+ note that due to the syntax restrictions of an
+ instance-identifier, no functions are allowed.
+
+ o The context node is the root node in the data tree.
+
+ The accessible tree includes actions and notifications tied
+ to data nodes.";
+ }
+
+ /*
+ * Data definition statements
+ */
+
+ container nacm {
+ nacm:default-deny-all;
+
+ description
+ "Parameters for NETCONF access control model.";
+
+ leaf enable-nacm {
+ type boolean;
+ default "true";
+ description
+ "Enables or disables all NETCONF access control
+ enforcement. If 'true', then enforcement
+ is enabled. If 'false', then enforcement
+ is disabled.";
+ }
+
+ leaf read-default {
+ type action-type;
+ default "permit";
+ description
+ "Controls whether read access is granted if
+ no appropriate rule is found for a
+ particular read request.";
+ }
+
+ leaf write-default {
+ type action-type;
+ default "deny";
+ description
+ "Controls whether create, update, or delete access
+ is granted if no appropriate rule is found for a
+ particular write request.";
+ }
+
+ leaf exec-default {
+ type action-type;
+ default "permit";
+ description
+ "Controls whether exec access is granted if no appropriate
+ rule is found for a particular protocol operation request.";
+ }
+
+ leaf enable-external-groups {
+ type boolean;
+ default "true";
+ description
+ "Controls whether the server uses the groups reported by the
+ NETCONF transport layer when it assigns the user to a set of
+ NACM groups. If this leaf has the value 'false', any group
+ names reported by the transport layer are ignored by the
+ server.";
+ }
+
+ leaf denied-operations {
+ type yang:zero-based-counter32;
+ config false;
+ mandatory true;
+ description
+ "Number of times since the server last restarted that a
+ protocol operation request was denied.";
+ }
+
+ leaf denied-data-writes {
+ type yang:zero-based-counter32;
+ config false;
+ mandatory true;
+ description
+ "Number of times since the server last restarted that a
+ protocol operation request to alter
+ a configuration datastore was denied.";
+ }
+
+ leaf denied-notifications {
+ type yang:zero-based-counter32;
+ config false;
+ mandatory true;
+ description
+ "Number of times since the server last restarted that
+ a notification was dropped for a subscription because
+ access to the event type was denied.";
+ }
+
+ container groups {
+ description
+ "NETCONF access control groups.";
+
+ list group {
+ key name;
+
+ description
+ "One NACM group entry. This list will only contain
+ configured entries, not any entries learned from
+ any transport protocols.";
+
+ leaf name {
+ type group-name-type;
+ description
+ "Group name associated with this entry.";
+ }
+
+ leaf-list user-name {
+ type user-name-type;
+ description
+ "Each entry identifies the username of
+ a member of the group associated with
+ this entry.";
+ }
+ }
+ }
+
+ list rule-list {
+ key name;
+ ordered-by user;
+ description
+ "An ordered collection of access control rules.";
+
+ leaf name {
+ type string {
+ length "1..max";
+ }
+ description
+ "Arbitrary name assigned to the rule-list.";
+ }
+ leaf-list group {
+ type union {
+ type matchall-string-type;
+ type group-name-type;
+ }
+ description
+ "List of administrative groups that will be
+ assigned the associated access rights
+ defined by the 'rule' list.
+
+ The string '*' indicates that all groups apply to the
+ entry.";
+ }
+
+ list rule {
+ key name;
+ ordered-by user;
+ description
+ "One access control rule.
+
+ Rules are processed in user-defined order until a match is
+ found. A rule matches if 'module-name', 'rule-type', and
+ 'access-operations' match the request. If a rule
+ matches, the 'action' leaf determines whether or not
+ access is granted.";
+
+ leaf name {
+ type string {
+ length "1..max";
+ }
+ description
+ "Arbitrary name assigned to the rule.";
+ }
+
+ leaf module-name {
+ type union {
+ type matchall-string-type;
+ type string;
+ }
+ default "*";
+ description
+ "Name of the module associated with this rule.
+
+ This leaf matches if it has the value '*' or if the
+ object being accessed is defined in the module with the
+ specified module name.";
+ }
+ choice rule-type {
+ description
+ "This choice matches if all leafs present in the rule
+ match the request. If no leafs are present, the
+ choice matches all requests.";
+ case protocol-operation {
+ leaf rpc-name {
+ type union {
+ type matchall-string-type;
+ type string;
+ }
+ description
+ "This leaf matches if it has the value '*' or if
+ its value equals the requested protocol operation
+ name.";
+ }
+ }
+ case notification {
+ leaf notification-name {
+ type union {
+ type matchall-string-type;
+ type string;
+ }
+ description
+ "This leaf matches if it has the value '*' or if its
+ value equals the requested notification name.";
+ }
+ }
+
+ case data-node {
+ leaf path {
+ type node-instance-identifier;
+ mandatory true;
+ description
+ "Data node instance-identifier associated with the
+ data node, action, or notification controlled by
+ this rule.
+
+ Configuration data or state data
+ instance-identifiers start with a top-level
+ data node. A complete instance-identifier is
+ required for this type of path value.
+
+ The special value '/' refers to all possible
+ datastore contents.";
+ }
+ }
+ }
+
+ leaf access-operations {
+ type union {
+ type matchall-string-type;
+ type access-operations-type;
+ }
+ default "*";
+ description
+ "Access operations associated with this rule.
+
+ This leaf matches if it has the value '*' or if the
+ bit corresponding to the requested operation is set.";
+ }
+
+ leaf action {
+ type action-type;
+ mandatory true;
+ description
+ "The access control action associated with the
+ rule. If a rule has been determined to match a
+ particular request, then this object is used
+ to determine whether to permit or deny the
+ request.";
+ }
+
+ leaf comment {
+ type string;
+ description
+ "A textual description of the access rule.";
+ }
+ }
+ }
+ }
+}