RESTCONF ProtocolYumaWorksandy@yumaworks.comTail-f Systemsmbj@tail-f.comJuniper Networkskwatsen@juniper.netCiscorex@cisco.com
This document describes a RESTful protocol that provides
a programmatic interface over HTTP for accessing data
defined in YANG, using the datastores defined in NETCONF.
There is a need for standard mechanisms to allow WEB applications
to access the configuration data, operational data,
data-model specific protocol operations, and notification events
within a networking device, in a modular and extensible manner.
This document describes a RESTful protocol called RESTCONF,
running over HTTP , for accessing data defined
in YANG , using datastores defined in NETCONF .
The NETCONF protocol defines configuration datastores and
a set of Create, Retrieve, Update, Delete (CRUD) operations
that can be used to access these datastores. The YANG language
defines the syntax and semantics of datastore content,
operational data, custom protocol operations, and
notification events. RESTful operations are used to
access the hierarchical data within a datastore.
A RESTful API can be created that provides CRUD operations on a
NETCONF datastore containing YANG-defined data. This can be done in a
simplified manner, compatible with HTTP and RESTful design principles.
Since NETCONF protocol operations are not relevant, the user should
not need any prior knowledge of NETCONF in order to use the RESTful
API.
Configuration data and state data are exposed as resources that
can be retrieved with the GET method.
Resources representing configuration data
can be modified with the DELETE, PATCH, POST, and PUT methods.
Data-model specific protocol operations defined with
the YANG "rpc" statement can be invoked with the POST method.
Data-model specific notification events defined with
the YANG "notification" statement can be accessed (delivery method TBD).
The framework and meta-model used for a RESTful API does not need to
mirror those used by the NETCONF protocol. It just needs to
be compatible with NETCONF. A simplified framework and protocol
is needed that utilizes the three NETCONF datastores (candidate,
running, startup), but hides the complexity of multiple datastores
from the client.
A simplified transaction model is needed that allows basic
CRUD operations on a hierarchy of conceptual resources.
This represents a limited subset of the transaction capabilities
of the NETCONF protocol.
Applications that require more complex transaction capabilities
might consider NETCONF instead of RESTCONF. The following
transaction features are not directly provided in RESTCONF:
datastore locking (full or partial)
candidate datastore
startup datastore
validate operation
confirmed-commit procedure
It is possible that a server could expose NETCONF operations
as data-model specific operation resources, but that
is out of scope within this document.
The RESTful API is not intended to replace NETCONF, but rather provide
an additional simplified interface that follows RESTful principles and
is compatible with a resource-oriented device abstraction. It is
expected that applications that need the full feature set of NETCONF
such as notifications will continue to use NETCONF.
The following figure shows the system components:
RESTCONF combines the simplicity of a RESTful API over HTTP
with the predictability and automation potential
of a schema-driven API.
A RESTful client using HATEOAS principles would not use
any data modelling language to define the application-specific content
of the API. The client would discover each new child
resource as it traverses the URIs return as Location IDs
to discover the server capabilities.
This approach has 3 significant weaknesses wrt/ control
of complex networking devices:
inefficient performance: configuration APIs will be quite
complex and may require thousands of protocol messages to
discover all the schema information. Typically the
data type information has to be passed in the protocol messages,
which is also wasteful overhead.
no data model richness: without a data model, the schema-level
semantics and validation constraints are not available to the
application.
no tool automation: API automation tools need some sort of
content schema to function. Such tools can automate
various programming and documentation tasks related
to specific data models.
Data model modules such as YANG modules serve as an "API contract"
that will be honored by the server. An application designer
can code to the data model, knowing in advance important details
about the exact protocol operations and datastore content
a conforming server implementation will support.
RESTCONF provides the YANG module capability information
supported by the server, in case the client wants to use it.
The URIs for custom protocol operations and datastore content
are predictable, based on the YANG module definitions.
Note that the YANG modules and predictable URIs are optional
to use by the client. They can be completely ignored without
any loss of protocol functionality.
Operational experience with CLI and SNMP indicates that
operators learn the 'location' of specific service
or device related data and do not expect such information
to be arbitrary and discovered each time the
client opens a management session to a server.
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14, .
The following terms are defined in :
candidate configuration datastore
client
configuration data
datastore
configuration datastore
protocol operation
running configuration datastore
server
startup configuration datastore
state data
user
The following terms are defined in :
entity tag
fragment
header line
message body
method
path
query
request URI
response body
The following terms are defined in :
container
data node
key leaf
leaf
leaf-list
list
presence container (or P-container)
RPC operation (now called protocol operation)
non-presence container (or NP-container)
ordered-by system
ordered-by user
The following terms are used within this document:
API resource: a resource with the media type
"application/vnd.yang.api+xml" or "application/vnd.yang.api+json".
API resources can only be edited by the server.
data resource: a resource with the media type
"application/vnd.yang.data+xml" or "application/vnd.yang.data+json".
Data resources can be edited by clients or the server.
Only YANG containers and lists can be data resources.
Top-level YANG terminals are treated as fields within
the datastore resource.
datastore resource: a resource with the media type
"application/vnd.yang.datastore+xml" or
"application/vnd.yang.datastore+json".
Datastore resources can only be edited by the server.
edit operation: a RESTCONF operation on a data resource
using the POST, PUT, PATCH, or DELETE method.
event resource: a resource with the media type
"application/vnd.yang.event+xml" or
"application/vnd.yang.event+json".
It represents a conceptual system or data-model specific event
that is delivered within a notification message.
field: a YANG terminal node within a resource.
operation: the conceptual RESTCONF operation for a message,
derived from the HTTP method, request URI, headers, and message body.
operation resource: a resource with the media type
"application/vnd.yang.operation+xml" or
"application/vnd.yang.operation+json".
patch: a generic PATCH operation on the target datastore.
The media type of the message body content will identity
the patch type in use.
plain patch: a PATCH operation where the media type
is "application/vnd.yang.data+xml" or "application/vnd.yang.data+json".
query parameter: a parameter (and its value if any),
encoded within the query portion of the request URI.
resource: a conceptual object representing a manageable
component within a device. Refers to the resource itself of
the resource and all its fields.
retrieval request: an operation using the GET or HEAD methods.
target resource: the resource that is associated with
a particular message, identified by the "path" component
of the request URI.
unified datastore: A conceptual representation of the device
running configuration. The server will hide all NETCONF datastore
details for edit operations, such as the ":candidate" and ":startup"
capabilities.
YANG Patch: a PATCH operation where the media type
is "application/vnd.yang.patch+xml" or
"application/vnd.yang.patch+json".
YANG terminal node: a YANG node representing a leaf,
leaf-list, or anyxml definition.
This document defines the RESTCONF protocol, a RESTful API for accessing
conceptual datastores containing data defined with YANG language.
RESTCONF provides an application framework and meta-model,
using HTTP methods.
The RESTCONF resources are accessed via a set of
URIs defined in this document.
The set of YANG modules supported by the server
will determine the additional data model specific operations
and top-level data node resources available on the server.
The URI hierarchy for the RESTCONF resources
consists of an entry point container,
3 top-level resources, and 1 field.
Refer to for details on each URI.
The examples within this document use the normative
YANG module defined in and the non-normative
example YANG module defined in .
This section shows some typical RESTCONF message exchanges.
By default, when a resource is retrieved,
any nested resources are also
returned, using the default encoding, which is XML.
The client may start by retrieving the top-level
API resource, using the entry point URI "/restconf".
The server might respond as follows:
To request that the response content to be encoded in XML,
the "Accept" header can be used, as in this example request:
An alternate approach is provided using the "format" query
parameter, as in this example request:
The server will return the same response either way,
which might be as follows :
Refer to for details on the GET method.
To create a new "jukebox" resource, the client might send:
If the resource is created, the server might respond:
To create a new "artist" resource within the "library"
resource, the client might send the following request.
If the resource is created, the server might respond as follows.
Note that the "Location" header line is wrapped
for display purposes only:
To create a new "album" resource for this artist within the "jukebox"
resource, the client might send the following request.
Note that the request URI header line is wrapped
for display purposes only:
If the resource is created, the server might respond
as follows. Note that the "Location" header line is wrapped
for display purposes only:
Refer to for details on the POST method.
Note: replacing a resource is a fairly drastic operation.
The PATCH method is often more appropriate.
The album sub-resource is replaced here for example
purposes only.
To replace the "album" resource contents,
the client might send as follows.
Note that the request URI header line is wrapped
for display purposes only:
If the resource is updated, the server might respond:
Refer to for details on the PUT method.
To replace just the "year" field in the "album" resource
(instead of replacing the entire resource),
the client might send a plain patch as follows.
Note that the request URI header line is wrapped
for display purposes only:
If the field is updated, the server might respond:
The XML encoding for the same request might be:
Refer to for details on the PATCH method.
To delete a resource such as the "album" resource,
the client might send:
If the resource is deleted, the server might respond:
Refer to for details on the DELETE method.
The DELETE method cannot be used to delete an
optional field within a resource. This can only be done
using the PATCH method with the YANG Patch media type.
Refer to for details on the YANG Patch method.
To invoke a data-model specific operation via an
operation resource, the POST method is used.
A client might send a "backup‑datastore" request as follows:
The server might respond:
Refer to for details on using the POST method
with operation resources.
The RESTCONF protocol defines a framework
that can be used to implement a common API for
configuration management. This section describes
the components of the RESTCONF framework.
The RESTCONF protocol uses HTTP entities for messages.
A single HTTP message corresponds to a single protocol method.
Most messages can perform a single task on a single resource,
such as retrieving a resource or editing a resource.
The exception is the PATCH method using the YANG Patch format.
This allows multiple datastore edits within a single message.
The RESTCONF protocol operates on a hierarchy of resources,
starting with the top-level API resource itself. Each resource
represents a manageable component within the device.
A resource can be considered a collection of conceptual data
and the set of allowed methods on that data. It can contain
child nodes that are nested resources or fields.
The child resource types and methods allowed on them
are data-model specific.
A resource has its own media type identifier, represented
by the "Content‑Type" header in the HTTP response message.
A resource can contain zero or more nested resources.
A resource can be created and deleted independently of its
parent resource, as long as the parent resource exists.
All RESTCONF resources are defined in this document except
datastore contents, protocol operations, and notification events.
The syntax and semantics for these resource types are
defined with YANG statements.
The RESTCONF protocol defines some application specific media types
to identify each of the available resource types. The following
table summarizes the purpose of each resource.
ResourceMedia TypeAPIapplication/vnd.yang.apiDatastoreapplication/vnd.yang.datastoreDataapplication/vnd.yang.dataEventapplication/vnd.yang.eventOperationapplication/vnd.yang.operationPatchapplication/vnd.yang.patch
These resources are described in .
A client SHOULD start by retrieving the top-level
API resource, using the entry point URI "/restconf".
The RESTCONF protocol does not include a
resource discovery mechanism. Instead, the definitions
within the YANG modules advertised by the server
are used to construct a predictable operation or data
resource identifier.
The "depth" query parameter can be used to control how many
descendant levels should be included when retrieving
sub-resources. This parameter can be used with the GET method
to discover sub-resources within a particular resource.
Refer to for more details on the "depth" parameter.
A conceptual "unified datastore" is used to simplify resource
management for the client. The RESTCONF datastore is a
combination of the running configuration and any
non-configuration data supported by the device.
By default only configuration data is returned
by a GET method on the datastore contents.
The underlying NETCONF datastores can be used
to implement the unified datastore, but the server design
is not limited to the exact datastore procedures defined
in NETCONF.
The "candidate" and "startup" datastores are not visible
in the RESTCONF protocol. Transaction management and
configuration persistence are handled by the server
and not controlled by the client.
The RESTCONF protocol operates on a conceptual datastore defined with
the YANG data modeling language. The server lists each YANG
module it supports in the "/restconf/modules/module"
resource in the top-level API resource type, using a structure based on
the YANG module capability URI format defined in RFC 6020.
The conceptual datastore contents, data-model-specific
operations and notification events are identified by this set of
YANG module resources. All RESTCONF content identified
as either a data resource, operation resource, or event resource
is defined with the YANG language.
The classification of data as configuration or
non-configuration is derived from the YANG "config" statement.
Data retrieval with the GET method can be filtered
in several ways, including the "config" parameter
to retrieve configuration or non-configuration data.
Data ordering behavior is derived from the YANG "ordered‑by"
statement. The YANG Patch operation is provided to allow
list or leaf-list fields to be inserted or moved
in the same manner as NETCONF.
The server is not required to maintain system ordered data
in any particular persistent order. The server SHOULD
maintain the same data ordering for system ordered data
until the next reboot or termination of the server.
The server MUST maintain the same data ordering for user ordered data
until the next reboot or termination of the server.
The RESTCONF datastore editing model is simple and direct,
similar to the behavior of the ":writable‑running"
capability in NETCONF.
Each RESTCONF edit of a datastore resource is
activated upon successful completion of the transaction.
It is an implementation-specific matter how the server
accomplishes a RESTCONF edit request. For example,
a server which only accepts edits through a candidate
datastore may internally edit this datastore and perform
the "commit" operation automatically.
Applications which need more control over the editing model
might consider using NETCONF instead of RESTCONF.
Sometimes a server does not implement every operation
for every resource. Sometimes data model requirements
cause a node to implement a subset of the edit operations.
For example, a server may not allow modification of a
particular configuration data node after the
parent resource has been created.
The OPTIONS method can be used to identify which
HTTP methods are supported by the server for a particular
resource. For example, if the server will allow a data resource
node to be created then the POST method will be
returned in the response.
Two "edit collision detection" mechanisms are provided
in RESTCONF, for datastore and data resources.
timestamp: the last change time is maintained and
the "Last‑Modified" and "Date" headers are returned in the
response for a retrieval request.
The "If‑Unmodified‑Since" header can be used
in edit operation requests to cause the server
to reject the request if the resource has been modified
since the specified timestamp.
entity tag: a unique opaque string is maintained and
the "ETag" header is returned in the
response for a retrieval request.
The "If‑Match" header can be used
in edit operation requests to cause the server
to reject the request if the resource entity tag
does not match the specified value.
Note that the server is only required to maintain these properties
for a datastore resource, not for individual data resources.
Example:
In this example, the server just supports the
mandatory datastore last-changed timestamp.
The client has previously retrieved the "Last‑Modified"
header and has some value cached to provide in
the following request to replace a list entry
with key value "11":
In this example the datastore resource has changed
since the time specified in the "If‑Unmodified‑Since"
header. The server might respond:
Datastore locking is not provided by RESTCONF.
An application that needs to make several changes
to the running configuration datastore
contents in sequence, without disturbance from other clients
might consider using the NETCONF protocol instead of RESTCONF.
Each RESTCONF edit of a datastore resource is
saved to non-volatile storage in an
implementation-specific matter by the server.
There is no guarantee that configuration changes
are saved immediately, or that the saved configuration
is always a mirror of the running configuration.
Applications which need more control over the persistence model
might consider using NETCONF instead of RESTCONF.
NETCONF has a rather complex defaults handling model for
leafs. RESTCONF attempts to avoid this complexity by
restricting the operations that can be applied to
a resource.
If the target of a GET method (plus "select" value) is a data node
that represents a leaf that has a default value,
and the leaf has not been given a value yet, the server MUST
return the default value that is in use by the server.
The GET method returns only descendant nodes that exist, which will
be determined by the server. There is no mechanism for
the client to ask the server for the default values
of nested resources that would be used for any nodes not present,
but some default value is in use by the server. (There is no
retrieval mode like "with‑defaults=report‑all" in NETCONF.)
Applications which need more control over the defaults model
might consider using NETCONF instead of RESTCONF.
The RESTCONF protocol provides an extensible transaction framework
that allows a simplified transaction model that uses plain
REST operations to edit one resource (and sub-resources)
at a time. It also provides YANG Patch, which is a standard
variant of the PATCH method. This allows a richer set of
edit operations that can be applied to multiple resources
at once.
RESTCONF does not provide a more complex transaction
model that allows for multiple edits to be stored in
a temporary scratchpad and committed all at once.
Applications which need more control over the transaction model
might consider using NETCONF instead of RESTCONF.
The RESTCONF protocol is designed to be extensible for
datastore content and data-model specific protocol operations.
New protocol operations can be added without changing
the entry point if they are optional and do not alter
any existing operations.
Separate namespaces for each YANG module are used.
Content encoded in XML will indicate the module
using the "namespace" URI value in the YANG module.
Content encoded in JSON will indicate the module
using the module name specified in the YANG module,
but this is not required unless multiple sibling nodes
have the same YANG identifier name.
JSON encoding rules for module names are specified
in .
The version of a resource instance is identified with an entity tag,
as defined by HTTP.
The version identifiers in this section apply to the
version of the schema definition of a resource.
There are two types of schema versioning information used
in the RESTCONF protocol:
the RESTCONF protocol version
data and operation resource definition versions
The protocol version is identified by the string used for the
well-known URI entry point "/restconf".
This would be changed (e.g., "/restconf2")
if non-backward compatible changes are ever needed.
Minor version changes that do not break
backward-compatibility will not cause the entry point to change.
The API "restconf/version" resource can be used by the client to
identify the exact version of the RESTCONF protocol implemented
by the server.
This value will include the complete RESTCONF protocol version.
The "/restconf/version" resource MUST be updated every time
the protocol specification is republished.
The resource definition version for a data or operation
resource is a date string,
which is the revision date of the YANG module that defines the
resource.
The resource version for all other resource types is a numeric
string, defined by the "/restconf/version" field.
There are three types of filtering for retrieval of data resources
in the RESTCONF protocol.
conditional all-or-nothing: use some conditional test
mechanism in the request headers and retrieve either a
complete "200 OK" response if the condition is met,
or a "304 Not Modified" Status-Line if the condition is not met.
data classification: request configuration or non-configuration
data.
filter: request a subset of all possible descendant nodes
within the target resource. The "select" query parameter can be used
for this purpose.
Refer to for details on data retrieval filtering.
The RESTCONF protocol provides no granular access control for any
content except for operation and data resources. The NETCONF
Access Control Model (NACM) is defined in .
There is a specific mapping between RESTCONF operations
and NETCONF edit operations, defined in .
The resource path also needs to be converted internally
by the server to the corresponding YANG instance-identifier.
Using this information, the server can apply the NACM
access control rules to RESTCONF messages.
The server MUST NOT allow any operation to any resources that
the client is not authorized to access.
The RESTCONF protocol uses HTTP methods to identify
the CRUD operation requested for a particular resource.
The following table
shows how the RESTCONF operations relate to NETCONF
protocol operations:
RESTCONFNETCONFOPTIONSnoneHEADnoneGET<get-config>, <get>POST<edit-config> (operation="create")PUT<edit-config> (operation="replace")PATCH<edit-config> (operation="merge")DELETE<edit-config> (operation="delete")
The NETCONF "remove" operation attribute is not supported
by the HTTP DELETE method. The resource must exist or
the DELETE method will fail.
This section defines the RESTCONF protocol usage for
each HTTP method.
The OPTIONS method is sent by the client to
discover which methods are supported by the server
for a specific resource.
It is supported for all media types.
Note that implementation
of this method is part of HTTP, and this section does
not introduce any additional requirements.
The request MUST contain a request URI
that contains at least the entry point component.
The server will return a "Status‑Line" header containing
"204 No Content".
and include the "Allow" header in the response.
This header will be filled in, based on the target resource
media type.
Other headers MAY also be included in the response.
Example 1:
A client might request the methods supported for a data
resource called "library":
The server might respond (for a config=true list):
Example 2:
A client might request the methods supported for a
non-configuration "counters" resource within a "system" resource:
The server might respond:
Example 3:
A client might request the methods supported for an
operation resource called "play":
The server might respond:
The HEAD method is sent by the client to
retrieve just the headers that would be returned
for the comparable GET method, without the response body.
It is supported for all resource types, except operation resources.
The request MUST contain a request URI
that contains at least the entry point component.
The same query parameters supported by the GET method
are supported by the HEAD method. For example,
the "select" query parameter can be used to
specify a nested resource within the target resource.
The access control behavior is enforced
as if the method was GET instead of HEAD.
The server MUST respond the same as if the method
was GET instead of HEAD, except that no
response body is included.
Example:
The client might request the response headers for
JSON representation of the "library" resource:
The server might respond:
The GET method is sent by the client to
retrieve data and meta-data for a resource.
It is supported for all resource types, except operation resources.
The request MUST contain a request URI
that contains at least the entry point component.
The following query parameters are supported
by the GET method:
NameSectionDescriptionconfigRequest either configuration or non-configuration datadepthControl the depth of a retrieval requestformatRequest either JSON or XML content in the responseselectSpecify a nested resource within the target resource
The server MUST NOT return any data resources for which the user
does not have read privileges.
If the user is not authorized to read any portion of
the target resource, an error response containing
a "403 Forbidden" Status-Line is returned to
the client.
If the user is authorized to read some but not all of
the target resource, the unauthorized content is omitted
from the response message body, and the authorized content
is returned to the client.
Example:
The client might request the response headers for a
JSON representation of the "library" resource:
The server might respond:
The POST method is sent by the client for various
reasons. The server uses the target resource media type
to determine how to process the request.
The request MUST contain a request URI
that contains a target resource which
identifies one of the following resource types:
TypeDescriptionDatastoreCreate a top-level configuration data resourceDataCreate a configuration data sub-resourceOperationInvoke protocol operation
If the target resource type is a Datastore or Data resource,
then the POST is treated as a request to create a resource or
sub-resource.
The following query parameters are supported
by the POST method for Datastore and Data resource types.
They can only be used for YANG list data nodes
which are ordered by the user.
NameSectionDescriptioninsertSpecify where to insert a resourcepointSpecify the insert point for a resource
If the POST method succeeds,
a "204 No Content" Status-Line is returned and there is
no response message body.
If the user is not authorized to create the target resource,
an error response containing
a "403 Forbidden" Status-Line is returned to
the client. All other error responses are handled according to
the procedures defined in .
If the target resource type is an Operation resource,
then the POST method is treated as a request to invoke that operation.
The message body (if any) is processed as the operation input
parameters. Refer to for details
on Operation resources.
If the POST method succeeds, a "200 OK" Status-Line
is returned if there is a response message body, and
a "204 No Content" Status-Line is returned if there is
no response message body.
If the user is not authorized to invoke the target operation,
an error response containing
a "403 Forbidden" Status-Line is returned to
the client. All other error responses are handled according to
the procedures defined in .
The PUT method is sent by the client to replace
the target resource.
The request MUST contain a request URI
that contains a target resource that
identifies the data resource to replace.
If the PUT method succeeds, a "200 OK" Status-Line
is returned, and there is no response message body.
If the user is not authorized to replace the target resource
an error response containing
a "403 Forbidden" Status-Line is returned to
the client. All other error responses are handled according to
the procedures defined in .
The PATCH method uses the HTTP PATCH method defined
in to provide an extensible framework for
resource patching mechanisms. Each patch type needs a unique
media type. Any number of patch types can be supported
by the server. There are two mandatory patch types that
MUST be implemented by the server:
plain patch type: If the specified media type
is "application/vnd.yang.data", then the PATCH method is a simple
merge operation on the target resource. The message body contains
the XML or JSON encoded resource content that will be merged
with the target resource.
YANG Patch type: If the specified media type
is "application/vnd.yang.patch", then the PATCH method is a
YANG Patch formatted list of edits (see ).
The message body
contains the XML or JSON encoded instance of the 'patch' container
specified in the 'ietf‑restconf' YANG module (see ).
The PATCH method MUST be used to create or delete an optional
field within an existing resource or sub-resource.
If the PATCH method succeeds, a "200 OK" Status-Line
is returned, and there is no response message body.
If the user is not authorized to alter the target resource
an error response containing
a "403 Forbidden" Status-Line is returned to
the client. All other error responses are handled according to
the procedures defined in .
The DELETE method is used to delete the target resource.
If the DELETE method succeeds, a "200 OK" Status-Line
is returned, and there is no response message body.
If the user is not authorized to delete the target resource then
an error response containing
a "403 Forbidden" Status-Line is returned to
the client. All other error responses are handled according to
the procedures defined in .
Each RESTCONF operation allows zero or more query
parameters to be present in the request URI.
Refer to
for details on the query parameters used
in the definition of each operation.
Query parameters can be given in any order.
Each parameter can appear zero or one time.
A default value may apply if the parameter is missing.
This section defines all the RESTCONF query parameters.
The "config" parameter is used to specify whether
configuration or non-configuration data is requested.
This parameter is only supported for the GET and HEAD methods.
It is also only supported if the target resource is a data resource.
Example:
This example request by the client
would retrieve only the non-configuration data nodes
that exist within the "library" resource.
The server might respond:
The "depth" parameter is used to specify the number
of nest levels returned in a response for a GET method.
A nest-level consists of the target resource and any
child nodes which are contained within the target resource node.
The start level is determined by the target resource
for the operation.
Example:
This example operation would retrieve 2 levels of configuration
data nodes that exist within the top-level "jukebox" resource.
The server might respond:
By default, the server will include all sub-trees within
a retrieved resource, which is the same resource type.
Only only level of sub-resources with a different
media type than the target resource will be returned.
For example, if the client retrieves the "application/vnd.yang.api"
resource type,
then the node for the datastore resource is returned
as an empty node, because all its child nodes are data resources.
The entire contents of the datastore are not returned in this case.
The operation resources also are returned as empty nodes
(e.g. "play" operation).
Request URL:
Response:
The "format" parameter is used to specify the format
of any content returned in the response. Note that
this parameter MAY be used instead of the "Accept" header
to identify the format desired in the response.
The "format" parameter is only supported for the GET and
HEAD methods. It is supported for all RESTCONF media types.
If the "format" parameter is present, then it overrides
the Accept header, if present. If neither the Accept
header or the "format" parameter are present, then the
default is XML.
Examples:
This example request would retrieve only the configuration data nodes
that exist within the top-level "routing" resource, and retrieve
them in JSON encoding.
This example request would retrieve only the configuration data nodes
that exist within the top-level "routing" resource, and retrieve
them in JSON encoding.
The "insert" parameter is used to specify how a
resource should be inserted within a user-ordered list.
This parameter is only supported for the POST method.
It is also only supported if the target resource is
a data resource, and that data represents
a YANG list that is ordered by the user, not the system.
If the values "before" or "after" are used, then a "point"
parameter for the insertion parameter MUST also be present.
Example:
The "point" parameter is used to specify the insertion point
for a data resource that is being created or moved within
a user ordered list. It is ignored unless the "insert"
query parameter is also present, and has the value "before" or "after".
This parameter contains the instance identifier of the
resource to be used as the
insertion point for a POST method. It is
encoded according to the rules defined in .
There is no default for this parameter.
Example:
In this example, the client is inserting a new "song" resource
within an "album" resource after another song.
The request URI is split for display purposes only.
The "select" query parameter is used to specify an
expression which can represent a subset of all data nodes
within the target resource. It contains a relative
path expression, using the target resource as the context node.
It is supported for all resource types except operation resources.
The contents are encoded according to the "api‑select"
rule defined in . This parameter is only allowed
for GET and HEAD methods.
[FIXME: the syntax of the select string is still TBD;
XPath, schema-identifier, regular expressions, something else;
Perhaps add parameter "xselect" for XPath and this param
is limited to a path-expr.]
In this example the client is retrieving the API version
field from the server in JSON format:
The server might respond as follows.
The RESTCONF protocol allows data-model specific protocol operations
to be invoked using the POST method. The media type
"application/vnd.yang.operation+xml" or "application/vnd.yang.operation+json"
MUST be used in the "Content‑Type" line in the message header.
Data model specific operations are supported.
The syntax and semantics of these operations
exactly correspond to the YANG "rpc" statement definition
for the operation.
Refer to for details on operation resources.
This section describes the messages that are used in the RESTCONF
protocol.
Resources are represented with URIs following the structure
for generic URIs in .
A RESTCONF operation is derived from the HTTP method
and the request URI, using the following conceptual fields:
method: the HTTP method identifying the RESTCONF operation
requested by the client, to act upon the target resource
specified in the request URI. RESTCONF operation details are
described in .
entry: the well-known RESTCONF entry point ("/restconf").
resource: the path expression identifying the resource
that is being accessed by the operation.
If this field is not present, then the target resource
is the API itself, represented by the media type "application/vnd.yang.api".
query: the set of parameters associated with the RESTCONF
message. These have the familiar form of "name=value" pairs.
There is a specific set of parameters defined,
although the server MAY choose to support additional
parameters not defined in this document.
fragment: This field is not used by the RESTCONF protocol.
The client SHOULD NOT assume the final structure of
a URI path for a resource. Instead, existing resources can
be discovered with the GET method. When new resources
are created by the client, a "Location" header
is returned, which identifies the path of the newly created resource.
The client MUST use this exact path identifier to access
the resource once it has been created.
The "target" of an operation is a resource.
The "path" field in the request URI represents
the target resource for the operation.
There are several HTTP header lines utilized in RESTCONF messages.
Messages are not limited to the HTTP headers listed in this section.
HTTP defines which header lines are required for particular
circumstances. Refer to each operation definition section
in for examples on how particular headers are used.
There are some request headers that are used within RESTCONF,
usually applied to data resources.
The following tables summarize the headers most relevant
in RESTCONF message requests:
NameDescriptionAcceptResponse Content-Types that are acceptableContent-TypeThe media type of the request bodyHostThe host address of the serverIf-MatchOnly perform the action if the entity matches ETagIf-Modified-SinceOnly perform the action if modified since timeIf-Unmodified-SinceOnly perform the action if un-modified since time
The following tables summarize the headers most relevant
in RESTCONF message responses:
NameDescriptionAllowValid actions when 405 error returnedContent-TypeThe media type of the response bodyDateThe date and time the message was sentETagAn identifier for a specific version of a resourceLast-ModifiedThe last modified date and time of a resourceLocationThe resource identifier for a newly created resource
RESTCONF messages are encoded in HTTP according to RFC 2616.
The "utf‑8" character set is used for all messages.
RESTCONF message content is sent in the HTTP message body.
Content is encoded in either JSON or XML format.
XML encoding rules for data nodes are defined in .
The same encoding rules are used for all XML content.
JSON encoding rules are defined in .
Plain JSON cannot be used because special encoding rules
are needed to handle multiple
module namespaces and provide consistent data type processing.
Request input content encoding format is identified with the Content-Type
header. This field MUST be present if a message body is sent
by the client.
Response output content encoding format is identified with the Accept
header, the "format" query parameter, or if
neither is specified, the request input encoding format is used.
If there was no request input, then the default output encoding is XML.
File extensions encoded in the request are not used to identify
format encoding.
The RESTCONF protocol needs to retrieve the same meta-data that is
used in the NETCONF protocol. Information about default leafs,
last-modified timestamps, etc. are commonly used to annotate
representations of the datastore contents. This meta-data
is not defined in the YANG schema because it applies to the
datastore, and is common across all data nodes.
This information is encoded as attributes in XML, but JSON
does not have a standard way of attaching non-schema defined
meta-data to a resource or field.
The YANG to JSON mapping does not support
attributes because YANG does not support meta-data in data node
definitions. This section specifies how RESTCONF meta-data is
encoded in JSON.
Only simple meta-data is supported:
A meta-data instance can appear 0 or 1 times for a particular
data node
A meta-data instance associated with a resource is
encoded as if it were a YANG leaf of type "string",
according to the encoding rules in ,
except the identifier is prepended with a "@" (%40) character.
A meta-data instance associated with a field within a resource is
encoded as if it were a container for the meta-data values
and the field value in its native encoding. It is encoded
according to the rules in ,
except the meta-data identifiers are prepended with a "@" (%40) character.
The field name/value pair is repeated inside this container,
which contains the actual value of the field.
Examples:
The client is retrieving the "top" data resource, and the server
is including datastore meta-data. Note that a query parameter to request
or suppress specific meta-data is not provided in RESTCONF.
The server might respond as follows:
Each message represents some sort of resource access.
An HTTP "Status‑Line" header line is returned for each request.
If a 4xx or 5xx range status code is returned in the Status-Line,
then the error information will be returned in the response,
according to the format defined in .
Since the datastore contents change at unpredictable times,
responses from a RESTCONF server generally SHOULD NOT be cached.
The server SHOULD include a "Cache‑Control" header in every response
that specifies whether the response should be cached.
A "Pragma" header specifying "no‑cache" MAY also be sent
in case the "Cache‑Control" header is not supported.
Instead of using HTTP caching, the client SHOULD track the "ETag"
and/or "Last‑Modified" headers returned by the server for the
datastore resource (or data resource if the server supports it).
A retrieval request for a resource can include headers
such as "If‑None‑Match" or "If‑Modified‑Since" which
will cause the server to return a "304 Not Modified" Status-Line
if the resource has not changed.
The client MAY use the HEAD method to retrieve just
the message headers, which SHOULD include the "ETag"
and "Last‑Modified" headers, if this meta-data is maintained
for the target resource.
The resources used in the RESTCONF protocol are identified
by the "path" component in the request URI. Each operation
is performed on a target resource.
The API resource contains the state and access points for
the RESTCONF features.
It is the top-level resource and has the media type
"application/vnd.yang.api+xml" or "application/vnd.yang.api+json".
It is accessible through the well-known relative
URI "/restconf".
The "restconf" container definition in the "ietf‑restconf" module
defined in is used to specify the structure and syntax
of the conceptual fields and sub-resources within the API resource.
The "restconf" entry point container, and all fields and
sub-resources with the same resource type, are defined
in the namespace of the "ietf‑restconf" module.
There is one mandatory field "version" that
identifies the specific version of the RESTCONF protocol
implemented by the server:
The same server-wide response MUST be returned
each time this field is retrieved.
It is assigned by the server when the server is started.
The server MUST return the value "1.0" for this
version of the RESTCONF protocol.
This field is encoded with the rules for an "enumeration" data type,
using the "version" leaf definition in .
This resource has the following child resources:
Child ResourceDescriptiondatastoreLink to "datastore" resourcemodulesYANG module capability URIsoperationsData-model specific operations
This mandatory resource represents the running configuration
datastore and any non-configuration data available.
It may be retrieved and edited directly.
It cannot be created or deleted by the client.
This resource type is defined in .
This mandatory resource contains the identifiers
for the YANG data model modules supported by the server.
The server MUST maintain a last-modified timestamp for this
resource, and return the "Last‑Modified" header when this
resource is retrieved with the GET or HEAD methods.
The server SHOULD maintain an entity-tag for this
resource, and return the "ETag" header when this
resource is retrieved with the GET or HEAD methods.
This mandatory resource contains one URI string
for each YANG data model module supported by the server.
There MUST be an instance of this resource for every
YANG module that is accessible via an operation resource
or a data resource.
The contents of the "module" resource are defined in
the "module" YANG list statement in .
The server MAY maintain a last-modified timestamp for
each instance of this resource, and return the
"Last‑Modified" header when this resource is retrieved
with the GET or HEAD methods. If not supported
then the timestamp for the parent "modules" resource
MAY be used instead.
The server MAY maintain an entity-tag for each instance
of this resource, and return the "ETag" header when this
resource is retrieved with the GET or HEAD methods.
If not supported then the timestamp for the
parent "modules" resource MAY be used instead.
There are additional encoding requirements for this resource.
The URI MUST follow the YANG module capability URI formatting
defined in section 5.6.4 of .
In this example the client is retrieving the modules
resource from the server in JSON format:
The server might respond as follows.
This optional resource provides access to the
data-model specific protocol operations supported by the server.
The server MAY omit this resource if no data-model specific
operations are advertised.
Any data-model specific operations defined in the YANG
modules advertised by the server MAY be available
as child nodes of this resource.
A datastore resource represents the conceptual root
of a tree of data resources.
The server MUST maintain a last-modified timestamp for this
resource, and return the "Last‑Modified" header when this
resource is retrieved with the GET or HEAD methods.
Only changes to configuration data resources within
the datastore affect this timestamp.
The server SHOULD maintain a resource entity tag for this
resource, and return the "ETag" header when this
resource is retrieved with the GET or HEAD methods.
The resource entity tag SHOULD be changed to a new
previously unused value if changes to any configuration
data resources within the datastore are made.
A datastore resource can be retrieved with the GET method,
to retrieve either configuration data resources or non-configuration
data resources within the datastore. The "config" query
parameter is used to choose between them.
Refer to for more details.
The depth of the subtrees returned in retrieval operations
can be controlled with the "depth" query parameter.
The number of nest levels, starting at the target resource,
can be specified, or an unlimited number can be returned.
Refer to for more details.
[FIXME: not clear if top-level YANG data nodes MUST be
containers or lists.
A datastore resource can only be written directly with
the PATCH method. Only the configuration data resources
within the datastore resource can be edited directly with
all methods.]
A data resource represents a YANG data node that is a descendant
node of a datastore resource. Only YANG container and list data node
types are considered to represent data resources. Other YANG data nodes
are considered to be fields within their parent resource.
For configuration data resources,
the server MAY maintain a last-modified timestamp for the
resource, and return the "Last‑Modified" header when it
is retrieved with the GET or HEAD methods.
For configuration data resources,
the server MAY maintain a resource entity tag for the
resource, and return the "ETag" header when it
is retrieved as the target resource with the GET or HEAD methods.
The resource entity tag SHOULD be changed to a new
previously unused value if changes to the resource
or any configuration resource within the resource is altered.
A data resource can be retrieved with the GET method,
to retrieve either configuration data resources or non-configuration
data resources within the target resource. The "config" query
parameter is used to choose between them.
Refer to for more details.
The depth of the subtrees returned in retrieval operations
can be controlled with the "depth" query parameter.
The number of nest levels, starting at the target resource,
can be specified, or an unlimited number can be returned.
Refer to for more details.
A configuration data resource can be altered by the client
with some of all of the edit operations, depending on the
target resource and the specific operation. Refer to
for more details on edit operations.
In YANG, data nodes are named with an absolute
XPath expression, from the document root to the target resource.
In RESTCONF, URL friendly path expressions are used instead.
The YANG "instance‑identifier" (i-i) data type is represented
in RESTCONF with the path expression format defined
in this section.
NameCommentspointInsertion point is always a full i-ipathRequest URI path is a full or partial i-i
The "path" component of the request URI contains the
absolute path expression that identifies the
target resource. The "select" query parameter is
used to optionally identify the requested data nodes
within the target resource to be retrieved in a GET method.
A predictable location for a data resource
is important, since applications will code to the YANG
data model module, which uses static naming and defines an
absolute path location for all data nodes.
A RESTCONF data resource identifier is not an XPath expression.
It is encoded from left to right, starting with the top-level
data node, according to the "api‑path" rule in .
The node name of each ancestor of the target resource node
is encoded in order, ending with the node name for the
target resource.
If the "select" is present, it is encoded,
starting with a child node of the target resource,
according to the "api‑select" rule defined in .
If a data node in the path expression is a YANG list node,
then the key values for the list (if any) are encoded
according to the "key‑value" rule. If the list node
is the target resource, then the key values MAY be omitted,
according to the operation. For example, the POST
method to create a new data resource for a list node
does not allow the key values to be present in the request URI.
The key leaf values for a data resource representing a YANG list
MUST be encoded as follows:
The value of each leaf identified in the "key" statement
is encoded in order.
All the components in the "key" statement MUST be encoded.
Partial instance identifiers are not supported.
Each value is encoded using the "key‑value" rule in ,
according to the encoding rules for the data type of the key leaf.
An empty string can be a valid key value
(e.g., "/top/list/key1//key3").
The "/" character MUST be URL-encoded (i.e., "%2F").
All whitespace MUST be URL-encoded.
A "null" value is not allowed since the "empty" data type is
not allowed for key leafs.
The XML encoding is defined in .
The JSON encoding is defined in .
The entire "key‑value" MUST be properly URL-encoded,
according to the rules defined in .
resource URI values returned in Location headers
for data resources SHOULD identify the module name, even
if there are no conflicting local names when the resource
is created. This insures the correct resource will be identified
even if the server loads a new module that the old client
does not know about.
Examples:
The following ABNF syntax is used to construct RESTCONF
path identifiers:
There are three types of filtering for retrieval of data resources.
This section defines each mode.
The HTTP headers (such as "If‑Modified‑Since" and "If‑Match")
can by used in for a request message for a GET method
to check a condition within the server state, such as the
last time the datastore resource was modified, or the resource
entity tag of the target resource.
If the condition is met according to the header
definition, a "200 OK" Status-Line and the data requested is
returned in the response message.
If the condition is not met, a "304 Not Modified"
Status-Line is returned in response message instead.
The "config" query parameter
can be used with the GET method to specify whether
configuration or non-configuration data is requested.
Refer to for more details on the "config"
query parameter.
The "select" query parameter is used to specify a filter
that should be applied to the target resource to
request a subset of all possible descendant nodes
within the target resource.
The format of the "select" parameter string is defined
in . The set of nodes selected by the
filter expression is applied to each context node
identified by the target resource.
An operation resource represents an protocol operation
defined with the YANG "rpc" statement.
All operation resources share the same module namespace
as any top-level data resources, so the name of an operation
resource cannot conflict with the name of a top-level
data resource defined within the same module.
If 2 different YANG modules define the same "rpc" identifier,
then the module name MUST be used in the request URI.
For example, if "module‑A" and "module‑B" both defined
a "reset" operation, then invoking the operation from "module‑A"
would be requested as follows:
Any usage of an operation resource from the same module,
with the same name, refers to the same "rpc" statement
definition. This behavior can be used to design protocol operations
that perform the same general function on different
resource types.
If the "rpc" statement has an "input" section, then a message body
MAY be sent by the client in the request, otherwise the request
message MUST NOT include a message body.
If the "rpc" statement has an "output" section, then a message body
MAY be sent by the server in the response. Otherwise the
server MUST NOT include a message body in the response message,
and MUST send a "204 No Content" Status-Line instead.
If the "rpc" statement has an "input" section, then
the "input" node is provided in the message body,
corresponding to the YANG data definition statements
within the "input" section.
Example:
The following YANG definition is used for the examples in this
section.
The client might send the following POST request message:
The server might respond:
If the "rpc" statement has an "output" section, then
the "output" node is provided in the message body,
corresponding to the YANG data definition statements
within the "output" section.
Example:
The following YANG definition is used for the examples in this
section.
The client might send the following POST request message:
The server might respond:
HTTP Status-Lines are used to report success or failure
for RESTCONF operations.
The <rpc‑error> element returned in NETCONF error responses
contains some useful information. This error information
is adapted for use in RESTCONF, and error information
is returned for "4xx" class of status codes.
The following table summarizes the return status codes
used specifically by RESTCONF operations:
Status-LineDescription100 ContinuePOST accepted, 201 should follow200 OKSuccess with response body201 CreatedPOST to create a resource success202 AcceptedPOST to create a resource accepted204 No ContentSuccess without response body304 Not ModifiedConditional operation not done400 Bad RequestInvalid request message403 ForbiddenAccess to resource denied404 Not FoundResource target or resource node not found405 Method Not AllowedMethod not allowed for target resource409 ConflictResource or lock in use413 Request Entity Too Largetoo-big error414 Request-URI Too Largetoo-big error415 Unsupported Media Typenon RESTCONF media type500 Internal Server Erroroperation-failed501 Not Implementedunknown-operation503 Service UnavailableRecoverable server error
Since an operation resource is defined with a YANG "rpc"
statement, a mapping between the NETCONF <error‑tag> value
and the HTTP status code is needed. The specific error
condition and response code to use are data-model specific
and might be contained in the YANG "description" statement
for the "rpc" statement.
<error‑tag>status codein-use409invalid-value400too-big413missing-attribute400bad-attribute400unknown-attribute400bad-element400unknown-element400unknown-namespace400access-denied403lock-denied409resource-denied409rollback-failed500data-exists409data-missing409operation-not-supported501operation-failed500partial-operation500malformed-message400
When an error occurs for a request message on a data resource
or an operation resource, and a "4xx" class of status codes
(except for status code "403"),
then the server SHOULD send a response body containing
the information described by the "errors" container definition
within the YANG module .
Example:
The following example shows an error returned for
an "lock‑denied" error on a datastore resource.
The server might respond:
The YANG Patch operation is provided so complex
editing operations can be performed within RESTCONF.
The "plain patch" operation only provides a simple merge
edit operation on the target datastore.
A "YANG Patch" is an ordered list of edits that are applied
to the target datastore by the server. The specific fields
are defined with the 'yang‑patch' container definition in
the YANG module .
Each patch is identified by a client provided string,
called the "patch‑id".
The client can control the type of error handling that
should be applied to the list of supplied edits.
The RESTCONF PATCH method requires that the media type
of the patch content be specified, so it should be possible
to use any patch mechanism, including JSON Patch .
The RESTCONF protocol is designed to utilize the YANG
data modelling language to specify content schemas.
The JSON Patch mechanism is incompatible with RESTCONF
for the following reasons:
A patch mechanism that works with either XML or JSON encoding
is needed.
YANG configuration nodes can be named with complex keys,
using one or more key leafs. JSON arrays are packed and
all the YANG keys would be collapsed down to a single integer
index.
YANG configuration nodes are named with stable, persistent
identifiers, using key leafs. JSON arrays are packed,
and if entry I is added or deleted, then all entries I+1 .. Imax
are renumbered.
The edit operation set needs to align with the NETCONF protocol,
and JSON Patch does not provide an aligned set of edit operations.
The datastore validation procedures need to be specific and aligned
with YANG validation procedures.
The error reporting needs to align with the NETCONF protocol,
and JSON Patch does not provide an aligned error reporting mechanism.
The target data node for each edit operation is determined
by the value of the target resource in the request and the
"target" leaf within each "edit" entry.
If the target resource specified in the request URI identifies
a datastore resource, then the path string in the "target" leaf
is an absolute path expression. The first node specified
in the "target" leaf is a top-level data node defined within
a YANG module.
If the target resource specified in the request URI identifies
a data resource, then the path string in the "target" leaf
is a relative path expression. The first node specified
in the "target" leaf is a child node of the data node associated
with the target resource.
Each YANG patch edit specifies one edit operation on
the target data node. The set of operations is aligned
with the NETCONF edit operations, but also includes
some new operations.
OperationDescriptioncreatecreate a new data resource if it does not already exist or errordeletedelete a data resource if it already exists or errorinsertinsert a new user-ordered data resourcemergemerge the edit value with the target data resource; create if it does not already existmovere-order the target data resourcereplacereplace the target data resource with the edit valueremoveremove a data resource if it already exists or no error
There are three error handling modes available that the server MUST
support.
These modes specify how the server will behave when errors occur in
the processing of each edit operation. Note that the server MUST ensure
that a well-formed message is received and that the supplied message
body conforms to the YANG schema definition for the "patch" container,
defined in the YANG module .
If a well-formed, schema-valid YANG Patch message is received, then
then the server will process the supplied edits in ascending order.
The following error modes apply to the processing of this edit list:
all-or-none: All the specified edits MUST be applied or the
target datastore contents SHOULD be returned to its original state
before the PATCH method started. The server MAY fail to restore
the contents of the target datastore completely and with certainty.
It is possible for a rollback to fail or and "undo" operation
to fail.
stop-on-error: Each edit will be attempted in order and if an
error occurs, the the server will stop processing the edit list
and return an error report identifying the edit list entry that
caused the error.
continue-on-error: Each edit will be attempted in order and if an
error occurs, the the server will record an error
identifying the edit list entry that caused the error, and continue
to the next edit entry.
The server will save the running datastore to non-volatile storage
if it has changed, after the edits have been attempted.
A special response is returned for YANG Patch operations,
in order to report status information for each individual edit.
It is possible to report general errors as well.
The YANG conceptual container definition "yang‑patch‑status"
defined in is used to define the syntax.
The following example shows several songs being added to
an existing album.
Each edit contains one song.
The first song already exists, so an error will be
reported for that edit.
The error-action is continue-on-error, so the rest of
the songs will be added without error.
The following example shows a song being moved within
an existing playlist. Song "1" in playlist "Foo‑One" is
being moved after song "3" in the playlist.
The operation succeeds, so a non-error reply example can be shown.
The "ietf‑restconf" module defines conceptual definitions
within groupings, which are not meant to be implemented
as datastore contents by a server.
The "ietf‑yang‑types" and "ietf‑inet_types" modules from
are used by this module for some type definitions.
RFC Ed.: update the date below with the date of RFC publication and
remove this note.
<CODE BEGINS> file "ietf-restconf@2013-09-09.yang"<CODE ENDS>
This document registers one URI in the IETF XML registry
. Following the format in RFC 3688, the following
registration is requested to be made.
This document registers one YANG module in the YANG Module Names
registry .
TBD
Removed incorrect /.well-known URI prefix.
remove incorrect IANA request for well-known URI.
Clarified that API resource type nodes are defined in
the ietf-restconf namespace.
changed CamelCase names in example-jukebox.yang to lowercase,
and updated examples.
updated and corrected YANG types in ietf-restconf module.
Protocol renamed from YANG-API to RESTCONF
Fields are clarified. Containers and lists are
sub-resources. All other YANG data node types are fields
within a parent resource.
The 'optional‑key' YANG extension has been removed.
The default value is returned by the server if the target resource
represents a missing data node but the server is using a default value
for the leaf.
The default for the 'depth' parameter has been changed from '1'
to 'unbounded'. The depth is only limited if an integer value
for this parameter is specified by the client.
The default for the 'format' parameter has been changed from
'json' to 'xml'.
expanded introduction
removed transactions
removed capabilities
removed usage of Range and IfRange headers
simplified editing model
removed global protocol operations from ietf-restconf.yang
changed RPC operation terminology to protocol operation
updated JSON draft reference
updated IANA section
added YANG Patch
added YANG definitions to ietf-restconf.yang
added Kent Watsen and Rex Fernando as co-authors
updated YANG modules so they pass pyang --ietf checking
changed examples so resource URIs use the module name variant
to identify data resources
changed depth behavior so the entire server contents are not
returned for "GET /restconf"; Server will stop at new
resource type; e.g. yang.api --> yang.datastore returns
the datastore as an empty node;
yang.api --> yang.operation returns
the operation name as an empty node;
Which WG should do this work? NETCONF? NETMOD?
It is not clear since RESTCONF builds on concepts and
standards from documents owned by both working groups.
A: The NETCONF WG would do this work.
Should sessions be used or not?
Should "reusable sessions" be used? Better for auditing?
How does locking of the /restconf/datastore resource
work for multiple edits if a session is 1 operation?
When does the server release the lock and decide it has
been abandoned or client was disconnected?
A: RESTCONF is a session-less protocol. It could be implemented
to utilize persistent HTTP connections, but this is not required
or designed into the protocol.
Should the "/restconf/modules" resource within the API resource
be a separate resource, with its own timestamp? Currently the
API timestamp is coupled to any changes to the list of loaded
modules. Should the API resource be static and cacheable?
A: all child containers are considered sub-resources. The server
MAY support timestamps and entity IDs for data nodes.
What to do about no REMOVE operation, just DELETE?
The effect is local to the request; in a NETCONF
edit-config it is worse, since the netconf request might
create/delete/modify many nodes
A: The YANG Patch operation allows remove or delete semantics.
Should every YANG data node be a data resource and every YANG RPC
statement an operation resource? Is a YANG extension needed to
allow data modeler control of resource boundaries?
A: Nested containers and lists are considered sub-resources.
Terminal nodes (leaf, leaf-list, anyxml) are considered properties
of the parent resource.
Resource creation order and other dependencies between resources
are not well identified in YANG.
YANG has leafrefs and instance-identifiers, which can be used
to identify some order dependencies.
Are any new mechanisms needed in RESTCONF needed to identify
resource creation order and other dependency requirements?
A: YANG Patch allows the client to control creation
order when multiple resources need to be edited at once.
The edit operations allow the server to order
all the descendant resources provided by the client,
for a single datastore edit target node.
Encoding of leafrefs? Is there some additional meta-data needed?
Do leafref nodes need to be identified in responses (RFC 5988) or
is the YANG module definition sufficient to provide this meta-data?
A: no special message encoding of leaf-refs is needed.
The server must understand the YANG schema no matter what
protocol or encoding is used.
What should the default algorithm be for defining data resources?
Should the default for an augment from another namespace be to
start a new resource? Top-level data node defaults as a resource OK?
A: Augmented nodes do not follow different rules than other nested
YANG structures. Containers and lists start new sub-resources.
There is no "message‑id" field in a RESTCONF message.
Is a message identifier needed? If so, should either the "Message‑ID"
or "Content‑ID" header from RFC 2392 be used for this purpose?
What syntax should be used for the "select" query parameter?
The current choices are "xpath" and "path‑expr". Perhaps an additional
parameter to identify the select string format is needed
to allow extensibility?
Are all header lines used by RESTCONF supported by common application
frameworks, such as FastCGI and WSGI? If not, then should
query parameters be used instead, since the QUERY_STRING is
widely available to WEB applications?
Should the <errors> element returned in error responses
be a separate media type?
How should additional datastores be supported, which may be added to the
NETCONF/NETMOD framework in the future?
How does a client know which PATCH media types are supported
by the server in addition to application/vnd.yang.data and
application/vnd.yang.patch?
Is the /restconf/version field considered meta-data?
Should it be returned as XRD (Extensible Resource Descriptor)?
In addition or instead of the version field? Should this be
the ietf-restconf YANG module revision date, instead of the string 1.0?
Notification message delivery is TBD
Alignment between NETCONF and RESTCONF notification is expected
to be very close to RFC 5277 design. Additional Sub/pub features still TBD.
Some sections may need to be rewritten to support notifications
and event resources
Since data resources can only be YANG containers or lists,
what should be done about top-level YANG data nodes that are
not containers or lists? Are they allowed in RESTCONF?
Can a choice be a resource? YANG choices are invisible
to RESTCONF at this time.
Does RESTCONF need to Use a .well-known link relation to
to re-map API entry point?
The client first discovers the server's root for the RESTCONF API.
In this example, it is "/api/restconf":
Once discovering the RESTCONF API root, the client MUST
prepend it to any access to a RESTCONF resource:
Key words for use in RFCs to Indicate Requirement LevelsHarvard UniversityIn many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents.Hypertext Transfer Protocol -- HTTP/1.1Department of Information and Computer ScienceUniversity of California, IrvineIrvineCA92697-3425+1(949)824-1715fielding@ics.uci.eduWorld Wide Web ConsortiumMIT Laboratory for Computer Science, NE43-356545 Technology SquareCambridgeMA02139+1(617)258-8682jg@w3.orgCompaq Computer CorporationWestern Research Laboratory250 University AvenuePalo AltoCA94305mogul@wrl.dec.comWorld Wide Web ConsortiumMIT Laboratory for Computer Science, NE43-356545 Technology SquareCambridgeMA02139+1(617)258-8682frystyk@w3.orgXerox CorporationMIT Laboratory for Computer Science, NE43-3563333 Coyote Hill RoadPalo AltoCA94034masinter@parc.xerox.comMicrosoft Corporation1 Microsoft WayRedmondWA98052paulle@microsoft.comWorld Wide Web ConsortiumMIT Laboratory for Computer Science, NE43-356545 Technology SquareCambridgeMA02139+1(617)258-8682timbl@w3.org
The Hypertext Transfer Protocol (HTTP) is an application-level
protocol for distributed, collaborative, hypermedia information
systems. It is a generic, stateless, protocol which can be used for
many tasks beyond its use for hypertext, such as name servers and
distributed object management systems, through extension of its
request methods, error codes and headers . A feature of HTTP is
the typing and negotiation of data representation, allowing systems
to be built independently of the data being transferred.
HTTP has been in use by the World-Wide Web global information
initiative since 1990. This specification defines the protocol
referred to as "HTTP/1.1", and is an update to RFC 2068 .
The IETF XML RegistryThis document describes an IANA maintained registry for IETF standards which use Extensible Markup Language (XML) related items such as Namespaces, Document Type Declarations (DTDs), Schemas, and Resource Description Framework (RDF) Schemas.Uniform Resource Identifier (URI): Generic SyntaxWorld Wide Web ConsortiumMassachusetts Institute of Technology77 Massachusetts AvenueCambridgeMA02139USA+1-617-253-5702+1-617-258-5999timbl@w3.orghttp://www.w3.org/People/Berners-Lee/Day Software5251 California Ave., Suite 110IrvineCA92617USA+1-949-679-2960+1-949-679-2972fielding@gbiv.comhttp://roy.gbiv.com/Adobe Systems Incorporated345 Park AveSan JoseCA95110USA+1-408-536-3024LMM@acm.orghttp://larry.masinter.net/
Applications
uniform resource identifierURIURLURNWWWresource
A Uniform Resource Identifier (URI) is a compact sequence of characters
that identifies an abstract or physical resource. This specification
defines the generic URI syntax and a process for resolving URI references
that might be in relative form, along with guidelines and security
considerations for the use of URIs on the Internet.
The URI syntax defines a grammar that is a superset of all valid URIs,
allowing an implementation to parse the common components of a URI
reference without knowing the scheme-specific requirements of every
possible identifier. This specification does not define a generative
grammar for URIs; that task is performed by the individual
specifications of each URI scheme.
PATCH Method for HTTPSeveral applications extending the Hypertext Transfer Protocol (HTTP) require a feature to do partial resource modification. The existing HTTP PUT method only allows a complete replacement of a document. This proposal adds a new HTTP method, PATCH, to modify an existing HTTP resource. [STANDARDS-TRACK]Network Configuration Protocol (NETCONF)YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)YANG is a data modeling language used to model configuration and state data manipulated by the Network Configuration Protocol (NETCONF), NETCONF remote procedure calls, and NETCONF notifications. [STANDARDS TRACK]Network Configuration Protocol (NETCONF) Access Control ModelThe standardization of network configuration interfaces for use with the Network Configuration Protocol (NETCONF) requires a structured and secure operating environment that promotes human usability and multi-vendor interoperability. There is a need for standard mechanisms to restrict NETCONF protocol access for particular users to a pre-configured subset of all available NETCONF protocol operations and content. This document defines such an access control model. [STANDARDS-TRACK]Modeling JSON Text with YANGCZ.NICCommon YANG Data TypesThis document introduces a collection of common data types to be used with the YANG data modeling language. This document obsoletes RFC 6021.JavaScript Object Notation (JSON) PatchJSON Patch defines a JSON document structure for expressing a sequence of operations to apply to a JavaScript Object Notation (JSON) document; it is suitable for use with the HTTP PATCH method. The "application/json-patch+json" media type is used to identify such patch documents.