openconfig · alshabib · Nov 9, 2025 · earies · Nov 10, 2025 · dplore
@@ -0,0 +1,6 @@
+- name: openconfig-containerz
+  docs:
+    - yang/acl/openconfig-containerz.yang
+  build:
+    - yang/acl/openconfig-containerz.yang
+  run-ci: true
@@ -0,0 +1,139 @@
+module openconfig-containerz {
+  yang-version 1;
+  namespace "https://github.com/openconfig/yang/gnoi/containerz";
+  prefix oc-gnoi-containerz;
+
+  import openconfig-extensions { prefix oc-ext; }
+  import openconfig-system {
+    prefix oc-sys;
+  }
+  import openconfig-system-grpc {
+    prefix oc-sys-grpc;
+  }
+  import openconfig-types {
+    prefix oc-types;
+  }
+  import openconfig-yang-types {
+    prefix oc-yang;
+  }
+  organization
+    "OpenConfig Working Group";
+
+  contact
+    "OpenConfig working group
+    [email protected]";
+
+  description
+    "This module provides a data model for the metadata of gNOI.containerz
+    running on this system as well as the containers running on the system.";
+
+  oc-ext:openconfig-version "0.1.0";
+
+  revision 2025-11-09 {
+    description
+      "Initial revision.";
+    reference "0.1.0";
+  }
+
+
+
+  // gRPC server related definitions.
+  // Success/failure counters.
+  grouping grpc-server-containerz-counters  {
+    description
+      "A collection of counters that were collected while evaluating
+      access to the gRPC server.";
+
+    container counters {
+      config false;
+      description
+      "A collection of counters that were collected by the gRPC during
+      the authentication process.";
+
+      leaf connection-rejects {
+        type oc-yang:counter64;
+        description
+        "The total number of times that gRPC clients have failed
+        in establishing a connection to the server.";
+      }
+      leaf last-connection-reject {
+        type oc-types:timeticks64;
+        description
+        "A timestamp of the last time a gRPC client failed
+        in establishing a connection to the server.";
+      }
+      leaf connection-accepts {
+        type oc-yang:counter64;
+        description
+        "The total number of times that gRPC clients have succeeded
+        in establishing a connection to the server.";
+      }
+      leaf last-connection-accept {
+        type oc-types:timeticks64;
+        description
+        "A timestamp of the last time a gRPC client succeeded
+        in establishing a connection to the server.";
+      }
+      leaf running-containers {
+        type oc-yang:counter64;
+        description
+        "The number of containers currently running on the system.";
+      }
+    }
+  }
+
+  grouping grpc-server-containerz-state {
+    description
+      "gRPC server containerz freshness-related data.";
+
+    container containers {
+      list container {
+        key "name";
+
+        leaf name {
       list grpc-server { 
         key "name"; 
         description 
           "The list of gRPC servers that are running on the device. Each 
           instance within this list corresponds to an individual gRPC listener 
           that listens on a single TCP port on the specified addresses. 
           Where there are multiple services that run on a single port, these 
           are enabled through the service leaf-list which uses the GRPC_SERVICE 
           identity to list the supported service types."; 
         leaf name { 
           type leafref { 
             path "../config/name"; 
           } 
           description 
             "Reference to the name of the service that is to be enabled."; 
         } 
         container config { 
           description 
             "Configuration parameters relating to the gRPC service."; 
           uses grpc-server-config; 
           } 
         container state { 
           config false; 
           description 
             "Operational state relating to the gRPC service."; 
           uses grpc-server-config; 
         } 
         uses connections-top; 
       } 
     } 
   } 
   grouping grpc-server-config { 
     description 
       "Configuration parameters corresponding to an individual gRPC 
       server."; 
     leaf name { 
       type string; 
       default "DEFAULT"; 
       description 
         "The name of the gRPC server instance that is running on 
         the local system. 
         If the operator does not designate a name for the protocol 
         instance (e.g. config), the implementation should use the 
         name of 'DEFAULT' (e.g. state).  In addition, for 
         implementations that support a single gRPC server instance, 
         the default value is recommended for consistency."; 
     } 
       list grpc-server { 
         key "name"; 
  
         description 
           "The list of gRPC servers that are running on the device. Each 
           instance within this list corresponds to an individual gRPC listener 
           that listens on a single TCP port on the specified addresses. 
           Where there are multiple services that run on a single port, these 
           are enabled through the service leaf-list which uses the GRPC_SERVICE 
           identity to list the supported service types."; 
  
         leaf name { 
           type leafref { 
             path "../config/name"; 
           } 
           description 
             "Reference to the name of the service that is to be enabled."; 
         } 
  
         container config { 
           description 
             "Configuration parameters relating to the gRPC service."; 
  
           uses grpc-server-config; 
           } 
  
         container state { 
           config false; 
           description 
             "Operational state relating to the gRPC service."; 
           uses grpc-server-config; 
         } 
         uses connections-top; 
       } 
     } 
   } 
  
   grouping grpc-server-config { 
     description 
       "Configuration parameters corresponding to an individual gRPC 
       server."; 
  
     leaf name { 
       type string; 
       default "DEFAULT"; 
       description 
         "The name of the gRPC server instance that is running on 
         the local system. 
  
         If the operator does not designate a name for the protocol 
         instance (e.g. config), the implementation should use the 
         name of 'DEFAULT' (e.g. state).  In addition, for 
         implementations that support a single gRPC server instance, 
         the default value is recommended for consistency."; 
     } 
+          type string;
+        }
+
+        leaf created-on {
+          type oc-types:timeticks64;
+          description
+           "The timestamp when the container was created.
+            The value is the timestamp in nanoseconds relative to
+            the Unix Epoch (Jan 1, 1970 00:00:00 UTC).";
+        }
+
+        leaf restarts {
+           type oc-yang:counter64;
+           description
+             "The number of times the container was restarted.";
+        }
+
+        leaf version {
+          type string;
+          description
+            "The version of the of the container. This corresponds to the
+             tag of of the image associated to this container.";
+        }
+      }
+    }
+  }
+
+  // Augments section.
+
+  augment "/oc-sys:system/oc-sys-grpc:grpc-servers/oc-sys-grpc:grpc-server/" +
+          "oc-sys-grpc:state" {
+    when "../config[contains(services, 'oc-containerz:CONTAINERZ')]/enable = 'true'";
+    description
+      "A gRPC server containerz freshness information.";
+
+    uses grpc-server-containerz-state;
+  }
+
+  augment "/oc-sys:system/oc-sys-grpc:grpc-servers/oc-sys-grpc:grpc-server/" +
+          "oc-sys-grpc:state" {
+    when "../config[contains(services, 'oc-containerz:CONTAINERZ')]/enable = 'true'";
+    uses grpc-server-containerz-counters;
+    description
+      "gNOI Containerz server access counters.";
+  }
+}