File-based access method

Edit online

Using the file-based access method allows you to obtain device information from a file placed on a server.

The file-based access method obtains device information from a file server. Typically, a customer downloads the device information to the file server, and then Netcool Configuration Manager imports the device information from the ftp/scp server. The file is downloaded to the worker server that is processing the UOW. The worker server connects directly to the file server that contains the device info. Once the information has been retrieved, it is treated just like any other device.

  1. In the Netcool Configuration Manager Resource Browser, click File > New and select a resource type of Resource Access.
    Note: VTMOS filters can be applied as with any other Resource Access resource.
  2. Right-click the Resource Access, and click Edit to display an editing panel for the new Resource Access resource.
  3. Click Add on the Access Types tag to add a new access type called file.
  4. Select the new file access type, and select the following check boxes on the Transport tab:
    • Enabled
    • Streaming: Put
    • Streaming: Get
  5. On the SSH Options tab, select the ssh2 option from the SSH Type selection menu.
  6. Select a SSH1 Cipher of des3, and a SSH2 cipher of aes128.
  7. On the Command Line tab, select file from the Script menu.
    Note: If the file option is not available in the Script menu, type file in the Script text field.
  8. On the Configuration tab, select the check boxes for Native Compare and Allow Line by Line for Native Commend Set.
  9. Enter a Config data Type of CLI.
  10. Select the Scripts tab, and then click Add to create a new script with the name file.
  11. Enter the required script in the text window, for example:
    #turn on flags to get info from file server
getConfigFileServer=true
getModelFileServer=true
getDiagFileServer=true
getVersionFileServer=true
getBinaryFileServer=true
putConfigFileServer=true

### Defaults for sending commands. Errors must be separated by , not spaces
default.prompt=$
log-in.prompt=$
default.error=Error,Invalid,Incomplete command
default.errorResponse=Error sending command

### Connection Global
# if connect.* is not present use connect.all.properties
connect.errorResponse=Unable to connect to device
connect.09.wait=$

# check for Running config and stored config values multipleConfigs or SingleConfig
config.check.end=singleConfig

# Signals start of config
config.start=!
# Signals end of config
config.end=\nend\r

# Identifies error retreiving config.  Must be separated by ,
config.fail=Error,Invalid,Incomplete command

# Info
# these commands are used to gain some information on the hardware installed 
# in the device
diag.01.setReturnBuff=test#
diag.end=$

# Model
## using the command below, or similar, select the text that will allow 
determination of a model
model.01.setReturnBuff=EBS-NSP-6.1
model.end=$
model.FIND-BEGIN=
model.FIND-END=

# Version
## using the command below, or similar, select the text that will allow determination 
## of an OS version
config.version.setReturnBuff=<your version value goes here>
config.version.end=$
config.version.FIND-BEGIN=
config.version.FIND-END=

# Running config
###
## The setFtpFileName parameter can be used to specify the file containing the 
## configuration content by its exact name if needed.
## To use this parameter, uncomment the following line and supply the file name.
## If you use this parameter, comment out the line for getFtpFileName.
###
#config.running.01.setFtpFileName=<filename>
###
## Use the getFtpFileName parameter to identify the file based on the 
## name/address of the device.
## The addressName parameter will use the name of the resource. If you modify 
## the directory structure on the source file server, then there is one edit to 
## the device script required. The "f" parameter in the "cut" operation needs to 
## be incremented to match the number of directory levels. If you add a level
## on the source file server, then "-f4" is changed to "-f5" and so on. 
## The other change required is an addition of a corresponding directory to the 
## /home/icosftp directory to match the source directory. This is required due to 
## the way the file-based access method uses the ftp resource.
###
## The end parameter, either first or last, specifies the first or last instance 
## of the file based upon the order of the file listing used earlier in the command:
## ls -t lists files with the newest (most recently modified file) listed first.
## ls -tr lists files with oldest (least recently modified file) listed first.
###
config.running.01.getFtpFileName=ls -t $ftpPath$/*$addressName$* | cut -d"/" -f4,first
config.running.02.getSCP=$ftp_username$:$ftp_password$@$ftp_hostname$:$ftpPath$/$ftp_filename$
config.running.end=$
config.running.FIND-BEGIN=# extended LDIF
config.running.FIND-END=numEntries:

# Stored config
config.stored.send=show startup-config\r
config.stored.end=\nend\r
config.stored.FIND-BEGIN=version
config.stored.FIND-END=\nend\r

### Sends a change back to the file server
ftp.01.send=putSCP://$ftp_username$:$ftp_password$@$ftp_hostname$/
$ftp_filename$ running-config\r
ftp.09.wait=$
  12. Now import the device.

NCM file-based driver setup using a single server

Overview

You can import devices using the file-based driver access method from a separate server, or you can import files (devices) from the same worker server. Using a two server approach is typical in a production environment where network policies prevent direct interaction between the Netcool Configuration Manager worker servers and the network EMS or nodes. Typically, this file server resides in a DMZ where the production devices can reach one NIC on the server while Netcool Configuration Manager can reach a separate NIC. In other situations files can be located on the same worker server and Netcool Configuration Manager transfers the file from one directory to another.

Single server implementation

You need to create a realm from the Netcool Configuration Manager UI, and within that realm you must create an authentication resource, a file transfer resource, and any network resources that will be created and imported. On the worker server that will be performing the imports, a separate directory must be created to store the files that will be imported (source files). These source files will then be transferred on the server to the destination directory specified in the File Transfer Resource.

Detailed setup process

Perform the following steps on the worker server.
Note: This example uses the following default values:
User
icosftp
User’s home directory
/home/icosftp
Realm
ITNCM/single-server
  1. Create a file directory on the worker server named /home/icosftp/single. This directory specifies the source directory for the files. Place any device configuration files in this directory ensuring that they have read permissions set as appropriate for the icosftp user.
  2. Create a File Transfer Resource with the following parameters (this FTP resource specifies the destination directory for the files):
    Name
    ftpInfo
    Host
    localhost
    Username
    icosftp
    Password
    icosftp user’s password
    Path
    /home/icosftp
    Passive Mode
    checked
  3. Create an Authentication Resource for the default FTP user, if it does not already exist. The following example settings use the default icosftp user:
    Username
    icosftp
    Password
    icosftp user’s password
    Enable Password
    leave blank
    Retry Count
    0 (zero)
    Retry Delay
    0 (zero)
    Ignore
    False
  4. Create a Network resource specifying a Name, Vendor, Type, Model, and OS.
  5. Either edit the Resource Access on the Network Resource (right-click on the Network Resource and select Resource Access) or create a Resource Access (click on File > New > Resource Access).
    Note:
    If you create a new Resource Access
    You add the file script to the resource access.
    Follow the steps described in the File-based access method topic starting with Step 3.
    If you edit the Resource Access on the network resource
    Modify the file script.
    Follow the steps described in the File-based access method topic starting with Step 10.
  6. Edit the file script in the Resource Access Document (RAD) to specify the source directory for the files, as shown in the following sample. 
    config.running.01.getFtpFileName=ls -t $ftpPath$/single/*$addressName$* | cut -d"/" -f5,first
config.running.02.getSCP=$ftp_username$:$ftp_password$@$ftp_hostname$:$ftpPath$/single/$ftp_filename$
config.running.end=$
    Note: Note the introduction of the directory name single into the path, and the change to the directory depth to 5 (was 4), highlighted.
  7. Import the network device.

Writing changes to a named configuration file

You can use the NSM rest API (but not the GUI) to write or delete full device configurations or full device service configurations to named files and directories for devices to which you have file-based access. A service is a subset of the full configuration of a device. You can write and delete either device configurations or device service configurations to any one device, not both.

Note: To use this feature, you need the appropriate device driver, released after Netcool Configuration Manager V6.4.2 fix pack 8. To find out if a particular updated device driver is available, contact IBM Support.

Creating directory paths and configuration files on local and remote systems

To create a directory path and configuration file, post a service by using the NSM REST API. In the service template, supply a directory path and file name in the CUSTOM_UOW_LABEL_1 uowParameter in the service template. For example, MAC999999/SN77777_1.xml.

The directory and file that you specified are created on the local file system under the $ftpPath$/$addressName$ directory.

The configuration file contains the full configuration for a device or a device service. The directory and filename are created on the remote system under the $ftp_altpath$ directory. The file contains the full configuration for a device or device service.

Valid characters for directory and file names are alphanumeric characters and the following characters: 

-
_
.
/ (for path separator only)

No two devices can share the same user-supplied path.

If you use a device script to create an initial configuration file for service configuration updates, ensure that the Service Templates or Command sets used at posting of the service contain a full service configuration. Do not use $addressName$.cfg as the user-supplied file name, unless the user-supplied device script can handle it.

If you use a device script to create an initial configuration file for device configuration updates, ensure that the Service Templates or Command sets used at posting of the service contain a full device configuration. Each post of a service for a device must use the same directory path and configuration file name.

Importing full configurations

You must write a script that creates an initial configuration file $ftpPath$/$addressNam $addressName$.cfg with a dummy value.

For device configuration updates, run this script at the first import after creation, and not for subsequent service posts or configuration imports.

For service configuration updates, run this script at the first import after creation. On subsequent imports the script also aggregates each of the 'service' configuration files into the device configuration file $addressName$.cfg in the $ftpPath$/$addressName$ directory. This file is used for the device import operation.

Deleting configuration files associated with a service or device

The following considerations apply to both local and remote systems.

Deleting a service using the REST Delete and the service ID of the posted service deletes the configuration files that were associated with the original posting of the service.

Deleting configuration files associated with a device deletes the full configuration, because the full configuration was supplied with the original service post operation.

Deleting device configuration files when a device is deleted

The following considerations apply to both local and remote systems.

To delete the configuration files for a device at the same time as the device is deleted, complete the following steps:

  1. Post a service that removes a device, and supply the value delete_device_file_based_configs in the Service template CUSTOM_UOW_LABEL_1 uowParameter
  2. Supply the delete_device_file_based_configs value.

The device is removed, and the $ftpPath$/$addressName$ directory and all its contained files and subdirectories are deleted from the local file system.

If any of the files or subdirectories under $ftpPath$/$addressName$ also exist under $ftp_altpath$ on the remote system, they are also deleted from that location.

Restriction: Before continuing, you must configure Worker servers so that a single worker handles all the UOWs asociated with a particular filed-based access device. The ftp resource associated with the device must point to the worker server host.
Restriction: Device renaming is not supported.

To write changes to a named configuration file, complete the following steps.

  1. Set up file-based access as described above.
  2. Create an Authentication Resource for the default FTP user, if it does not already exist. The following example settings use the default icosftp user:
    Username
    icosftp
    Password
    icosftp user’s password
    Enable Password
    leave blank
    Retry Count
    0 (zero)
    Retry Delay
    0 (zero)
    Ignore
    False
  3. Create an FTP Resource to specify the destination directory for the files.
    1. Add a new entry and set the following parameters:
      • Name: ftpInfo
      • Host: localhost
      • Username: icosftp
      • Password: password of icosftp user
      • Path: /home/icosftp
      • Passive Mode: unchecked
    2. Add another entry and set the following parameters:
      • Name: altftpInfo
      • Host: address of remote host
      • Username: icosftp
      • Password: password of icosftp user
      • Path: /home/icosftp
      • Passive Mode: unchecked
  4. Create a custom UOW label to use for the custom file name.
    1. Select Tools > System Properties from the Systems Manager.
    2. Set the Custom UOW label 1 property to Config_Dir_Name.
    3. Set the Custom UOW label 1 state to have the value Optional.

  5. Complete either this step, Step 5, for device configuration updates, or Step 6 for service configuration updates.

    1. Write a script that generates a new configuration file. The script is run from the Resource Access device script, as shown in Step 5.b. The script must achieve the following results:

      • If you want the device to be given an initial configuration after it is first created, the script must create a new configuration file using the directory and filename that are passed to the script, if the file does not exist already, and then populate the file.
      • Do not create or populate the configuration file if it exists already for the device.
      • Do not return any data. Returned data is added to the configuration.
      • Change the permissions on the initial configuration file for the device using the chmod 777 command. The script is usually run as the icosuser, whereas FTP is usually run as the icosftp user.

    2. Edit the Resource Access that you created previously for file-based device access, select the file access type, and make the following changes:

      1. Uncheck Streaming: Put in the Transport tab.
      2. Check Update on change in the Configuration tab.
      3. Edit the device script and make the following changes:
        1. In the # Device script properties section, change putConfigFileServer to putConfigFileServer=configured_for_remote_scp.

        2. Add a new Device script removeConfigDir section:

          # New section in device script, removes all config files and directories for a device, both locally and remotely.
removeConfigDir.01.getDeviceFileDirContent=ls $ftpPath$/$addressName$/ | cut -d"/" -f5,all
removeConfigDir.02.removeRemoteContent=$ftp_altusername$:$ftp_altpassword$@$ftp_althostname$:$ftp_altpath$/$device_file_dir_content$
removeConfigDir.03.exec=rm -rf $ftpPath$/$addressName$\r

        3. Add a new Device script removeConfigFile section:

          # New 'removeConfigFile' section.
# Removes a config file for a device, both locally and remotely, this will be triggered as a result of a 'delete service' being performed.
# 'Update on Change' should be set in the Resource access, so that changes here will be reflected in the configuration.
removeConfigFile.01.removeRemoteContent=$ftp_altusername$:$ftp_altpassword$@$ftp_althostname$:$ftp_altpath$/$config_dir$/$ftp_filename$
removeConfigFile.02.exec=rm -rf $ftpPath$/$addressName$/$config_dir$/$ftp_filename$\r
removeConfigFile.03.exec=rm -rf $ftpPath$/$addressName$/$addressName$.cfg\r

        4. In the Device script config.running section, replace config.running.01 and config.running.02 in the file-based example with the following lines:

          config.running.01.exec=mkdir -p $ftpPath$/$addressName$\r
config.running.02.exec=$ftpPath$/telus_script_for_initial_config.sh -d $ftpPath$/$addressName$ -f $addressName$.cfg\r
config.running.03.setFileName=$addressName$.cfg
config.running.04.setSubDirForFtpPath=$addressName$
config.running.05.readSCPFile=$ftpPath$/$subDirForFtpPath$/$ftpFileName$
          Note: The line beginning config.running.02.exec is optional. It is provided as an example of how to set up an initial default configuration that takes effect at first import after creating a device. Replace the script name script_for_initial_config.sh with the script that you created in this step. The location of the script, and the argument names -d and -f in the preceding code can be changed.
      4. If you have a cp -i alias set up on the host, undefine the alias by using unalias cp -i, otherwise cp -f does not work in the following step.

      5. In the Device script ftp section, replace the entire ftp section in the example with the following lines:

        ftp.01.exec=mkdir -p $ftpPath$/$addressName$/$config_dir$/\r
ftp.02.exec=mv -f $ftpPath$/$ftp_filename$ $ftpPath$/$addressName$/$config_dir$/\r
ftp.03.exec=cp -f $ftpPath$/$addressName$/$config_dir$/$ftp_filename$ $ftpPath$/$addressName$/$addressName$.cfg\r
ftp.04.setSubDirForFtpPath=$addressName$/$config_dir$
ftp.05.scpFile=$ftp_altusername$:$ftp_altpassword$@$ftp_althostname$:$ftp_altpath$/$config_dir$/r
  6. Complete either this step, Step 6, for service configuration updates, or Step 5 for device configuration updates.

    1. Write a script that generates a new configuration file. The script is run from the Resource Access device script. The script must achieve the following results:

      • If you want the device to be given an initial configuration after it is first created, the script must create a new configuration file using the directory and filename that are passed to the script, if the file does not exist already, and then populate the file.
      • Aggregate any service configuration files present in the directory $ftpPath$/$addressName$ up to a single device configuration file for import: $addressName$.cfg.
      • Handle any specific ordering or formatting requirements for aggregating the individual service configuration files up to a device configuration file.
      • Do not return any data. Returned data is added to the configuration.
      • Change the permissions on the initial configuration file for the device using the chmod 777 command. The script is usually run as the icosuser, whereas FTP is usually run as the icosftp user.

    2. Edit the Resource Access that you created previously for file-based device access, select the file access type, and make the following changes:

      1. Uncheck Streaming: Put in the Transport tab.
      2. Check Update on change in the Configuration tab.
      3. Edit the device script and make the following changes:
        1. In the # Device script properties section, change putConfigFileServer to putConfigFileServer=configured_for_remote_scp.

        2. Add a new Device script removeConfigDir section:

          # New section in device script, removes all config files and directories for a device, both locally and remotely.
removeConfigDir.01.getDeviceFileDirContent=ls $ftpPath$/$addressName$/ | cut -d"/" -f5,all
removeConfigDir.02.removeRemoteContent=$ftp_altusername$:$ftp_altpassword$@$ftp_althostname$:$ftp_altpath$/$device_file_dir_content$
removeConfigDir.03.exec=rm -rf $ftpPath$/$addressName$\r

        3. Add a new Device script removeConfigFile section:

          # New 'removeConfigFile' section.
# Removes a config file for a device, both locally and remotely, this will be triggered as a result of a 'delete service' being performed.
# 'Update on Change' should be set in the Resource access, so that changes here will be reflected in the configuration.
removeConfigFile.01.removeRemoteContent=$ftp_altusername$:$ftp_altpassword$@$ftp_althostname$:$ftp_altpath$/$config_dir$/$ftp_filename$
removeConfigFile.02.exec=rm -rf $ftpPath$/$addressName$/$config_dir$/$ftp_filename$\r
removeConfigFile.03.exec=rm -rf $ftpPath$/$addressName$/$addressName$.cfg\r

        4. In the Device script config.running section, replace config.running.01 and config.running.02 in the file-based example with the following lines:

          config.running.01.exec=mkdir -p $ftpPath$/$addressName$\r
config.running.02.exec=$ftpPath$/telus_script_for_initial_config.sh -d $ftpPath$/$addressName$ -f $addressName$.cfg\r
config.running.03.setFileName=$addressName$.cfg
config.running.04.setSubDirForFtpPath=$addressName$
config.running.05.readSCPFile=$ftpPath$/$subDirForFtpPath$/$ftpFileName$
          Note: The line beginning config.running.02.exec is optional. It is provided as an example of how to set up an initial default configuration that takes effect at first import after creating a device. Replace the script name script_for_initial_config.sh with the script that you created in this step. The location of the script, and the argument names -d and -f in the preceding code can be changed.
      4. If you have a cp -i alias set up on the host, undefine the alias by using unalias cp -i, otherwise cp -f does not work in the following step.

      5. In the Device script ftp section, replace the entire ftp section in the example with the following lines:

        ftp.01.exec=mkdir -p $ftpPath$/$addressName$/$config_dir$/\r
ftp.02.exec=mv -f $ftpPath$/$ftp_filename$ $ftpPath$/$addressName$/$config_dir$/\r
ftp.03.exec=cp -f $ftpPath$/$addressName$/$config_dir$/$ftp_filename$ $ftpPath$/$addressName$/$addressName$.cfg\r
ftp.04.setSubDirForFtpPath=$addressName$/$config_dir$
ftp.05.scpFile=$ftp_altusername$:$ftp_altpassword$@$ftp_althostname$:$ftp_altpath$/$config_dir$/r
  7. Edit a service template to include the new parameter uowParameter with name CUSTOM_UOW_LABEL_1. Adding the parameter allows the configuration file name to be passed in REST calls. The following example service template shows a command set that adds snmp contact and snmp location elements in a configuration, with the new parameter added:
    <serviceTemplate name="SNMP_test" description="NSM Service Template to add and delete SNMP info">
	<clientParameters>
		<clientParameter>
			<name>LOCATION</name>
		</clientParameter>
		<clientParameter>
			<name>CONTACT</name>
		</clientParameter>
	</clientParameters>
    <uowParameters>
        <uowParameter>
            <name>CUSTOM_UOW_LABEL_1</name>
            <description>The configuration file name</description>
        </uowParameter>
    </uowParameters>
	<implementations>
		<implementation>
			<rules>
				<rule type="DeviceType">
					<ruleProperty name="Vendor" value="mediatrix"/>
					<ruleProperty name="Type" value=".*"/>
					<ruleProperty name="Model" value=".*"/>
					<ruleProperty name="OS" value=".*"/>
				</rule>
			</rules>
			<serviceOperations>
				<serviceOperation type="CREATE">
					<operations>
						<operation name="ITNCM/mediatrix/SNMP-add" type="COMMANDSET">
							<parameters>
								<parameter name="LOCATION"/>
								<parameter name="CONTACT"/>
							</parameters>
						</operation>
					</operations>
				</serviceOperation>
				<serviceOperation type="DELETE">
					<operations>
						<operation name="ITNCM/mediatrix/SNMP-delete" type="COMMANDSET">
							<parameters>
								<parameter name="LOCATION"/>
								<parameter name="CONTACT"/>
							</parameters>
						</operation>
					</operations>
				</serviceOperation>
			</serviceOperations>
		</implementation>
	</implementations>
</serviceTemplate>

    The following example service template removes a device, and has the new parameter added:

    <?xml version="1.0" encoding="UTF-8"?>
<serviceTemplate name="remove_device" description="To remove devices">
    <uowParameters>
        <uowParameter>
            <name>CUSTOM_UOW_LABEL_1</name>
            <description>The configuration file name</description>
        </uowParameter>
    </uowParameters>
	<implementations>
		<implementation>
			<rules>
				<rule type="DeviceType">
					<ruleProperty name="Vendor" value="Mediatrix"/>
					<ruleProperty name="Type" value=".*"/>
					<ruleProperty name="Model" value=".*"/>
					<ruleProperty name="OS" value=".*"/>
				</rule>
			</rules>
			<serviceOperations>
				<serviceOperation type="CREATE">
					<operations>
						<operation name="REMOVE" type="REMOVE">
						</operation>
					</operations>
				</serviceOperation>
				<serviceOperation type="DELETE">
					<operations>
						<operation name="REMOVE" type="REMOVE">
						</operation>
					</operations>
				</serviceOperation>
			</serviceOperations>
		</implementation>
	</implementations>
</serviceTemplate>
  8. When you submit a configuration update by using the GUI, enter the custom name for the configuration file in the Config_Dir_Name field on the Describe Work screen.

  9. The following example NSM service post body defines the configuration file name as MAC999999/SN77777_1.xml.

    XML example:

    <serviceTemplate id="101">
	<deviceID>402</deviceID>
  <uowParameters>
    <uowParameter>
      <name>CUSTOM_UOW_LABEL_1</name>
      <value>mediatrix_device.cfg</value>
    </uowParameter>
  </uowParameters>
	<clientParameters>
		<clientParameter>
			<name>LOCATION</name>
			<value>The Shire</value>
		</clientParameter>
		<clientParameter>
			<name>CONTACT</name>
			<value>Bilbo Baggins</value>
		</clientParameter>
	</clientParameters>
</serviceTemplate>

    JSON example:

    {
       "serviceTemplateId" : "101",
       "deviceID": "402",
       "clientParameters": [
      {
         "name": "LOCATION",
         "value": "The Shire"
      },
      {
         "name": "CONTACT",
         "value": "Bilbo Baggins"
      }
   ],
   "uowParameters": [
     {
         "name": "CUSTOM_UOW_LABEL_1",
         "value": "MAC999999/SN77777_1.xml"
      }
   ]   
}

  10. The following example NSM service post body for removing a device has the delete_device_file_based_configs value that triggers the deletion of configuration files associated with the device.

    XML example:

     <serviceTemplate id="105">
	<deviceID>3207</deviceID>
  <uowParameters>
    <uowParameter>
      <name>CUSTOM_UOW_LABEL_1</name>
      <value>delete_device_file_based_configs</value>
    </uowParameter>
  </uowParameters>
</serviceTemplate>

    JSON example

    {
       "id" : "105",
       "deviceID": "3207",
   "uowParameters": [
     {
         "name": "CUSTOM_UOW_LABEL_1",
         "value": "delete_device_file_based_configs"
      }
   ]   
}