YANG System management for embedded devices running Linux

Together with sysrepo, this software provides "general system management" for embedded network devices. The target platform is anything that runs Linux with systemd. The software runs in production on CzechLight SDN DWDM devices.

Features

• system management
  • basic system info via the ietf-system (RFC 7317) YANG model
  • user accounts and authentication using passwords and SSH keys, /czechlight-system:authentication)
  • firmware updates via RAUC, in the /czechlight-system:firmware YANG model
  • access to hardware's LEDs via the /czechlight-system:leds YANG model
  • remote logging via systemd-journal-upload
• health reporting of both hardware and software
  • tracks restarts and failures of all enabled systemd.unit(5)
  • hardware health (temperature, fan RPM, voltages, missing components)
  • available via the ietf-alarms (RFC 8632) and ietf-hardware (RFC 8348) YANG models
  • status LED
• network management
  • configuration with systemd-networkd
    • focus on Ethernet interfaces and basic setup of bridges
    • IPv4 and IPv6 configuration, with DHCP and autoconfiguration
  • real-time status and statistics via netlink(7)
  • support for most common features from ietf-interfaces (RFC 8343), ietf-ip (RFC 8344) and ietf-routing (RFC 8349) with some extensions
  • firewall (ietf-access-control-list (RFC 8519) with deviations)

Installation

For building, one needs:

• C++20 compiler (e.g., GCC 10.x+, clang 10+)
• CMake 3.19+
• Boost (we're testing with 1.78)
• pkg-config
• libnl-route for talking to the Linux kernel
• libsystemd and systemd at runtime
• libyang-cpp - C++ bindings for libyang
• sysrepo-cpp - C++ bindings for sysrepo
• spdlog - a logging library
• sdbus-c++ - C++ library for D-Bus
• fmt - C++ string formatting library
• nlohmann_json - C++ JSON library
• docopt for CLI option parsing
• nft - the netfilter tool
• sysrepo-ietf-alarms - the sysrepo alarm manager
• optionally, Doctest as a C++ unit test framework
• optionally, trompeloeil for mock objects in C++
• optionally, iproute2 - the ip tool for testing
• optionally, jq to run some CLI utilities and for testing them

The build process uses CMake. A quick-and-dirty build with no fancy options can be as simple as mkdir build && cd build && cmake .. && make && make install.