junos_exporter icon indicating copy to clipboard operation
junos_exporter copied to clipboard

Published 20 hours ago verified publisher icon czerwonk

Netconf rpc - add as feature

Open lethalwp opened this issue 2 years ago • 4 comments

This adds the netconf-rpc as a feature, and adds the xml query to every module. It shouldn't change a thing for the ssh-cli.

After a lot of analyzing, on EX2200 my biggest performance issue came from the inner SSH Sessions being opened per request. The speed improvement with netconf comes mainly from the fact that i could keep the netconf session up.

The obvious solution is to change the ssh by netconf, and execute the commands directly in xml-rpc which seems to be native to juniper, and produces (almost) exactly the same output without the cli overhead.

Almost because there are lots of unnecessary "\n" in the interfaces xml replies.

To activate netconf on your device: (you also can run ssh+netconf on the same port 22) set system services netconf ssh port 830

To find your show command in xml: show command | display xml rpc

lethalwp avatar May 25 '22 08:05 lethalwp

after investigating some performance issues related to this exporter i'm surprised to see this being an open PR for such a long time.

@czerwonk would there be interest in merging a working version of this compatible with the current version of the exporter?

this is about a 10x execution time difference (3.5s vs 0.35s) for simple tasks like only routing engine aginst a srx340 with an ssh session already established.

especially with "cheap" metrics being collected, it wouldn't surprise me if this amounted for a significant portion of the load we're seeing from the exporter.

Nothing4You avatar Jun 10 '23 20:06 Nothing4You

this PR relies on github.com/Juniper/go-netconf, which is basically unmaintained and the original author doesn't recommend using it anymore.

instead, https://github.com/nemith/netconf is recommended as alternative, however, it currently advertises itself as "pre-alpha quality"

Nothing4You avatar Jun 12 '23 12:06 Nothing4You

instead, https://github.com/nemith/netconf is recommended as alternative, however, it currently advertises itself as "pre-alpha quality"

It's better quality than the original one and we are using it in prod. The only thing is that there may be breaking API changes and some bugs (true for any import).

Let me know what you need and I can help.

nemith avatar Mar 05 '24 16:03 nemith

But netconf is also poorly implemented and poorly supported on Junos too ;)

nemith avatar Mar 05 '24 16:03 nemith