Configuration management

From VyOS Wiki
Jump to: navigation, search

VYOS Configuration Overview

Note: - This section is a work in progress.

Configuration Terminology

A VyOS system has three major types of configurations:

Active or running configuration
The active or running configuration is the system configuration that is loaded and currently being used by VyOS.
Working configuration
The working configuration is the configuration which is currently being modified in configuration mode. Changes made to the working configuration do not go into effect until the changes are committed with the commit command. At which time the working configuration will become the active or running configuration.
Saved configuration
A saved configuration is a configuration saved to a file using the save command. There can be multiple configuration files. The default or "boot" configuration is saved and loaded from the file config.boot.

Configuration Information Location

Saved configuration files are stored in the directory /config. The boot configuration is named config.boot. The config directory has a number of sub-directories:

  • archive
  • auth
  • scripts
  • support
  • url-filtering
  • user-data
The archive directory stores archived versions of the configuration
The auth directory stores security related information referenced in the configuration tree. OpenVPN and IPSec certificates and RSA/IPSec keys. This structure can be added/extended and it is the recommended best practice to add any custom security related data in this directory. For example, X.509 certificates or certificate authorities should be added to appropriate sub-directories under the auth directory. This ensures that security information is preserved during the upgrade process.
The scripts directory store scripts referenced from within the configuration nodes. Used for VRRP transition scripts and WAN load-balancing. It is a recommended best practice to add scripts to this directory to ensure that they are preserved during a system upgrade.
The support directory stores system information created by the show tech-support save command.
The url-filtering directory stores the files and URL-filtering database on which the web proxy and URL filtering depend.
The user-data directory stores user scripts and data. It is a recommended best practice to store user scripts and data in this directory to ensure that it is preserved during system upgrades.

Configuration Hierarchy

Entering and Exiting Configuration Mode

Navigating in Configuration Mode

Viewing Configuration

Viewing Configuration from Operational Mode

Working with and Modifying VyOS Configurations Information

Adding or Modifying Configuration

Deleting Configuration

To delete a configuration element, within 'configure' mode use the command 'delete'.

For example, to remove a firewall rule:

 delete firewall name YOURFW rule 123

Committing Configuration Changes

Discarding Configuration Changes

Cloning a Configuration Node

Renaming a Configuration Node

Adding Comments to a Configuration Node

Deleting Comments from a Configuration Node

To remove a comment using the comment command, specify the configuration node and an empty string, as in the following example.

vyos@vyos# comment interfaces ethernet eth0 ""

vyos@vyos# show interfaces ethernet eth0

ethernet eth0 {
    address dhcp
    duplex auto
    hw-id 00:0e:c4:d1:29:6f
    smp-affinity auto
    speed auto