Bottle-based YANG Extractor and Validator
A web application that allows you to fetch, extract and validate YANG modules by RFC number, by IETF draft name, or by uploading YANG files. It is built on top of the bottle python micro-web framework using a combination of xym to fetch and extract YANG modules from IETF specifications, and pyang, confdc and yanglint YANG compilers to validate the extracted modules.
The following requirements will be installed by the pip installation script:
- The bottle micro-framework
- The bottle application defaults to requiring the cherrypy web framework
- The pyang tool
- The xym tool
The following tools will need to be manually preinstalled:
- The yanglint tool needs to be preinstalled
- The confdc compiler needs to be preinstalled, use the
--confd-install-pathoption to point to the ConfD install directory (i.e.
- YANG modules commonly required for validation (e.g. the IETF modules for interface and ip configuration as well as the types) are expected to be in
- The default port is 8080 to avoid requiring root privileges. Use the
--port=80option with root privileges to listen to the default HTTP port.
Preparing the YANG modules
sync.sh script uses rsync to download all IETF RFCs and drafts to a temporary directory, and then extracts all found YANG modules using
xym. Please read and understand the script before you run it.
Building and Deploying Docker Image
Dockerfile contains a two-stage build with the first stage downloading and preparing the YANG modules, and the second stage installs the runtime requirements and the prepared modules in single image ready for deployment.
The NSO configuration is setup to listen to port 8080 to avoid requiring root to run it, so remember to use portmapping when you start the container:
docker run -p 0.0.0.0:80:8080
Running the Validator in AWS
The current yangvalidator.org instance is running on docker on an AWS EC2
t2.micro instance. The docker image is pushed to a repository in Amazon ECS and then pulled from the EC2 instance.
Remember to set up the appropriate Security Group definition for the EC2 instance if you expect to reach the web server from the outside.