Guidelines
Common Guidelines
The Click command for applicable industry standard command is provided for informational purposes only. It is recommended to use only industry standard CLI for managing the system.
Encryption Guidelines
The encryption for the plain text passwords in few configurations (RADIUS, TACACS, SNMP, and so on) is done internally by the system generated secret key (or passphrase). The password that is encrypted outside shall not be configured in the system. The commands allow flexibility to accept either plain text or encrypted text as inputs. The show running-config
and show startup-config
commands print the encrypted password.
Telemetry Configuration Guidelines
server port <port-value>, server certificate file <cert-file> <key-file> and ca-certificate <cert-file>
) require restarting telemetry service to apply the configuration. Follow the steps below to minimize the number of telemetry service restarts:
- Transfer the certificates and key files (server certificate, server key, CA certificate) into host system from external server.
- Transfer the certificates and key files from host system to telemetry container. Use
docker cp <local-file> telemetry:<absolute-file-path>
in admin or root user shell. - Disable the telemetry feature using
config feature state telemetry disabled
. - Configure the certificate, port number, authentication modes in sonic-cli.
- Enable the telemetry feature using
config feature state telemetry enabled
.