Sweetcomb RESTCONF study Hongcheng Zhong Tao Yu Intel

Sweetcomb: RESTCONF study Hongcheng Zhong & Tao Yu @ Intel Sweetcomb Community internal

Agenda • Architecture • RESTCONF vs NETCONF • RESTCONF in detail • Clixon example study • Netopeer 2 study • Our design • What to do next? *Other names and brands may be claimed as the property of others.

Architecture 1. Supports three interfaces. 2. Three data stores for HA. Source: https: //wiki. fd. io/view/File: Sweetcomb-overview. png *Other names and brands may be claimed as the property of others. 3. Framework with Plugins.

Compare to NETCONF RESTCONF NETCONF Don’t need special Client Need NETCONF Client Transport upon HTTPS Transport upon SSH Data format: XML&JSON Data format: only XML RESTCONF Protocol Stack NETCONF Protocol Stack Source: https: //www. netacad. com/sites/default/files/images/careers/Webinars/Dev. Net/devnet_session_7_networkprogrammability_yang_netconf_restconf. pdf *Other names and brands may be claimed as the property of others.

RESTCONF’s operations are subset to NETCONF’s Source: https: //www. netacad. com/sites/default/files/images/careers/Webinars/Dev. Net/devnet_session_7_networkprogrammability_yang_netconf_restconf. pdf

Source: https: //www. netacad. com/sites/default/files/images/careers/Webinars/Dev. Net/devnet_session_7_networkprogrammability_yang_netconf_restconf. pdf

Source: https: //www. netacad. com/sites/default/files/images/careers/Webinars/Dev. Net/devnet_session_7_networkprogrammability_yang_netconf_restconf. pdf

Source: https: //www. netacad. com/sites/default/files/images/careers/Webinars/Dev. Net/devnet_session_7_networkprogrammability_yang_netconf_restconf. pdf

Study by clixon example All implemented by clixon itself Restconf backend YANG XML Datastore … Source: https: //github. com/clicon/clixon *Other names and brands may be claimed as the property of others.

Study by clixon example frontend https Web server nginx Curl –G http: //localhost/restconf/data Location /restconf { fastcgi_pass unix: /www-data/fastcgi_restconf. sock; include fastcgi_params; } fastcgi_restconf. sock Clixon_restconf Parse http message, construct a <rpc> msg, send to backend, wait for return <CLICON_SOCK> Clixon_backend Select system call watch socks + event to receive from restconf(or other clients) Decode <rpc> msg to xml data structure Invoke related callback function(NETCONF) Xmldb_* API xmldb Xmldb operations by rpc_callback Source: https: //github. com/clicon/clixon *Other names and brands may be claimed as the property of others.

http server: stunnel vs nginx Stunnel (used in netopeer 1): Old Use one threaded model Nginx: One of the most efficient web server Use workers Stud is unmaintained Source: https: //vincent. bernat. ch/en/blog/2011 -ssl-benchmark *Other names and brands may be claimed as the property of others.

Study by netopeer 2 Netopeer 2 -cli Parse cli command, construct <rpc> msg, Send it to server and wait for reply ssh Netopeer 2 -server Workers polling Decode <rpc> msg to lyd_node, 1)rpc->lyxml_elem, 2)lyxml_elem->lyd_node Check lys_node in lyd_node, Invoke related callback function(NETCONF), Sysrepo API (sr_*) sysrepo Source: https: //github. com/CESNET/Netopeer 2 *Other names and brands may be claimed as the property of others.

YANG data structure ly_ctx – lys_node – lyd_node *priv in lys_node is exactly callback function In lyd_node, including a *schema *Other names and brands may be claimed as the property of others.

Our design: a restconf implement upon sysrepo frontend Curl –G http: //localhost/restconf/data https nginx. conf setting: location /restconf { web server nginx fastcgi_pass unix: /www-data/fastcgi_restconf. sock; include fastcgi_params; } fastcgi_restconf. sock Restconf server our_restconf & Parse http request to construct <rpc> msg, Decode <rpc> msg and get lyd_node our_backend invoke callback function (modified form NETCONF) to operating sysrepo Return http reply sysrepo API (sr_*) sysrepo *Other names and brands may be claimed as the property of others. almost act like netopeer 2 server after <rpc> msg is constructed.

Our design: more details: initiate and parse frontend done! https web server nginx fastcgi_restconf. sock Restconf server our_restconf & our_backend • server_init() • connect sysrepo [easy] • schemas [difficult but can modify it later] • server monitoring [not to do yet] • capability? Features? [not figure it out yet] • set callbacks • parse to lyd_node, 2 ways: • directly parse http request to lyd_node • construct <rpc> first, parse <rpc> to lyxml_elem, then to lyd_node • In first simplified implement, the most important thing is parsing http request to lyd_node. And the initiate part works for this purpose. sysrepo API (sr_*) sysrepo *Other names and brands may be claimed as the property of others.

NETCONF related things RESTCONF is independent to NETCONF We want to use our RESTCONF implement to operate sysrepo Learn from netopeer 2 in use of libyang, libsysrepo A question: ietf-restconf. yang doesn’t have specific rpc / action each lyd_node needs a lys_node (schema, defined by. yang) What to do with RESTCONF implement? We will temporary use NETCONF’s schema. *Other names and brands may be claimed as the property of others.

Some concern, difference between NETCONF & RESTCONF HTTPS SSL/TLS and Authentication (NGINX + X. 509) Stream, notification (not to be done in basic implement) Session to call sysrepo (what Yohan said is quite clear) besides ietf-restconf. yang, how to do with other yangs? For basic: ietf-restconf. yang + ietf-yang-library. yang(RFC 7895/8525) Later on: ietf-monitoring. yang (mandatory) *Other names and brands may be claimed as the property of others.

What to do next, basic implement: Get through server_init and initiate our restconf server rightly Parse https request and construct right <rpc> Implement basic function like GET /restconf/data/ietf-yang-library: modules-state/ To do later: Support more features Eliminate the dependence on NETCONF (Our RESTCONF will just have dependence on libyang and libsysrepo) *Other names and brands may be claimed as the property of others.

Thank you ! Q&A 21