We are happy to announce the release of ConfD 7.4 with several exciting new features. This blog post highlights the most important enhancements, changes, and deprecations. These, however, are just the highlights. As with any new ConfD release, you should read the CHANGES file to learn more about what is highlighted here as well as to learn about everything else which is new in this release.
New features include:
- The initial release of YANG PUSH as defined in RFC8641 “Subscription to YANG Notifications for Datastore Updates”. Only use over NETCONF is supported (i.e. RESTCONF is not supported). This release does not include all features of YANG Push. Additional YANG Push features will be added in ConfD 7.5 and 7.6. For full details of what YANG Push features are included in ConfD 7.4, see section 18.13 “YANG Push” in the ConfD User Guide.
- The origin metadata annotation feature defined in RFC 8342 Network Management Datastore Architecture (NMDA) has been implemented. The NETCONF and RESTCONF protocol implementations have been extended to support the origin feature as defined in RFC 8526 and RFC 8527 respectively.
- The CLI via the built-in SSH server and the JSON-RPC API now support multi-factor authentication.
- ConfD now requires glibc/eglibc version 2.16 or higher on most Linux-based targets. The exceptions are ConfD for Linux/ARM64 and Linux/PowerPC64, where glibc/eglibc version 2.19 or higher is required. Using ConfD with older versions of glibc/eglibc than described above might work in some cases, however, that may change without notice in any future ConfD release and such usage is not supported.
- ConfD builds for Linux-based targets are now dynamically linked with libcrypto from OpenSSL-1.1.1, and thus require that this version is installed in the system. If it is desired to use another version of OpenSSL, please, refer to the section “Using a different version of OpenSSL and optionally activating FIPS” in the “Advanced Topics” chapter of the ConfD User Guide.
- ConfD now always uses the SMP (Symmetric Multiprocessing) Erlang VM. The non-SMP emulator does not exist anymore. This implies that ConfD not can be run on platforms without thread support. The default is to only use one thread. However, it is possible to use as many threads as the system has logical processors. See the confd –smp option. Support for TLS 1.3 has been added.
- The internal runtime representation of some data structures widely used throughout the system, including transactions, has been modified to consume less memory. The actual improvement depends on the number of data models loaded. Apart from a memory reduction, especially noticeable with many concurrent transactions, this also leads to a general performance improvement in certain parts of the system.
- Added support for retrieving id of the rollback file created during a transaction commit. The id returned can later be used to do a selective rollback. C, Python, Java, and Erlang MAAPI interfaces are supported as well as CLI, RESTCONF, NETCONF, and JSON-RPC NBIs.
- A new example of how to build a WebUI using the JSON-RPC API.
- The /confdConfig/aaa/rest container in confd.conf has been renamed to /confdConfig/aaa/restconf.
- RESTCONF documentation has been rewritten and improved.
- The legacy REST API has been removed in ConfD 7.4. It has been recommended for a long time that the standards-based RESTCONF API should be used instead of the older, Tail-f proprietary REST API. See the ConfD User Guide from ConfD 7.3 for documentation on migrating from the legacy REST API to RESTCONF. Due to this removal, older confd.conf files will need to be updated in order to remove the legacy REST API section (/confdConfig/rest section).
- It is no longer possible to use Python 2.7 with ConfD. As a bare minimum Python 3.4 must be used, but we strongly advise to use at least Python 3.5 as Python 3.4 support will be removed from ConfD 7.5.
Deprecation announcements include:
- Python 3.4 has been deprecated and will be removed in ConfD 7.5. You should upgrade your Python environment and make sure everything works with Python 3.5 or higher.
- For the CLI, /confdConfig/cli/commitRetryTimeout has been deprecated and will be removed in ConfD-7.6. Use /confdConfig/commitRetryTimeout instead to control this behavior consistently for all northbound interfaces.
As previously noted, these are just a few of the new updates and enhancements in ConfD 7.4. We are excited about all the new features and innovations that are being offered in the latest version of ConfD. Be sure to take the time to read the CHANGES file from the ConfD distribution for full details about what is new in ConfD 7.4.
You can access ConfD Premium 7.4 here: https://support.tail-f.com/delivery/login