NETCONF R. Gagliano Internet-Draft Cisco Systems Intended status: Standards Track K. Larsson Expires: 9 January 2025 Deutsche Telekom AG J. Lindblad Cisco Systems 8 July 2024 RESTCONF Extension to support Trace Context Headers draft-ietf-netconf-restconf-trace-ctx-headers-01 Abstract This document extends the RESTCONF protocol in order to support trace context propagation as defined by the W3C. About This Document This note is to be removed before publishing as an RFC. The latest revision of this draft can be found at https://github.com/ netconf-wg/restconf-trace-ctx-headers/blob/gh-pages/draft-ietf- netconf-restconf-trace-ctx-headers.txt. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-ietf- netconf-restconf-trace-ctx-headers/. Discussion of this document takes place on the NETCONF Working Group mailing list (mailto:netconf@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/netconf/. Subscribe at https://www.ietf.org/mailman/listinfo/netconf/. Source for this draft and an issue tracker can be found at https://github.com/netconf-wg/restconf-trace-ctx-headers. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Gagliano, et al. Expires 9 January 2025 [Page 1] Internet-Draft rc_trace July 2024 Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 9 January 2025. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 2. RESTCONF Extensions . . . . . . . . . . . . . . . . . . . . . 3 2.1. Error Handling . . . . . . . . . . . . . . . . . . . . . 4 2.2. Trace Context header versionning . . . . . . . . . . . . 4 3. Security Considerations . . . . . . . . . . . . . . . . . . . 4 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 5 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 6.1. Normative References . . . . . . . . . . . . . . . . . . 5 6.2. Informative References . . . . . . . . . . . . . . . . . 6 Appendix A. Example RESTCONF calls . . . . . . . . . . . . . . . 6 A.1. Successful creation New Data Resources (from section B.2.1 in RFC8040) . . . . . . . . . . . . . . . . . . . . . . . 7 A.2. Unsuccessful creation New Data Resources (from section B.2.1 in RFC8040) . . . . . . . . . . . . . . . . . . . . 7 Appendix B. Changes (to be deleted by RFC Editor) . . . . . . . 8 B.1. From version 00 to -01 . . . . . . . . . . . . . . . . . 8 B.2. From version 00 to draft-ietf-netconf-restconf-trace-ctx-headers-00 . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 Gagliano, et al. Expires 9 January 2025 [Page 2] Internet-Draft rc_trace July 2024 1. Introduction Network automation and management systems commonly consist of multiple sub-systems and together with the network devices they manage, they effectively form a distributed system. Distributed tracing is a methodology implemented by tracing tools to follow, analyze and debug operations, such as configuration transactions, across multiple distributed systems. An operation is uniquely identified by a trace-id and through a trace context, carries some metadata about the operation. Propagating this "trace context" between systems enables forming a coherent view of the entire operation as carried out by all involved systems. The W3C has defined two HTTP headers (_traceparent_ and _tracestate_) for context propagation that are useful for distributed systems like the ones defined in [RFC8309]. The goal of this document is to adopt this W3C specification for the RESTCONF protocol. This document does not define new HTTP extensions but makes those defined in [W3C-Trace-Context] optional headers for the RESTCONF protocol. In [I-D.draft-ietf-netconf-trace-ctx-extension-01], the NETCONF protocol extension is defined and we will re-use several of the YANG and XML objects defined in that document for RESTCONF. Please refer to that document for additional context and example applications. 1.1. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT","SHOULD","SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 2. RESTCONF Extensions A RESTCONF server MUST support the trace context _traceparent_ header as defined in [W3C-Trace-Context]. A RESTCONF server SHOULD support the trace context _tracestate_ header as defined in [W3C-Trace-Context]. Gagliano, et al. Expires 9 January 2025 [Page 3] Internet-Draft rc_trace July 2024 2.1. Error Handling The RESTCONF server SHOULD follow the "Processing Model for Working with Trace Context" as specified in [W3C-Trace-Context]. Based on this processing model, it is NOT RECOMMENDED to reject an RPC because of the trace context header values. If the server still decides to reject the RPC because of the trace context header values, the server MUST return a RESTCONF rpc-error with the following values: error-tag: operation-failed error-type: protocol error-severity: error Additionally, the error-info tag MUST contain relevant details about the error in the form of an sx:structure otlp-trace-context-error- info defined in ietf-netconf-otlp-context.yang from [I-D.draft-ietf-netconf-trace-ctx-extension-01]. 2.2. Trace Context header versionning This extension refers to the [W3C-Trace-Context] trace context capability. The W3C _traceparent_ and _tracestate_ headers include the notion of versions. It would be desirable for a RESTCONF client to be able to discover the one or multiple versions of these headers supported by a server. We would like to achieve this goal avoiding the definition of new RESTCONF capabilities for each headers' version. [I-D.draft-ietf-netconf-trace-ctx-extension-01] defines a pair of YANG modules that MUST be included in the YANG library per [RFC8525] of the RESTCONF server supporting the RESTCONF Trace Context extension that will refer to the headers' supported versions. Future updates of this document could include additional YANG modules for new headers' versions. 3. Security Considerations There are two YANG modules specified in this document. These modules are completely empty, and therefore have very limited security considerations. Their purpose is only to indicate which trace context header versions the server supports using YANG Library [RFC8525]. Gagliano, et al. Expires 9 January 2025 [Page 4] Internet-Draft rc_trace July 2024 Even though both YANG modules are empty, there are still some security considerations worth mentioning, however. This is because the functionality described in this document is in the form of additional HTTP headers (which cannot be described using YANG) relating to the network management protocol RESTCONF [RFC8040]. The _traceparent_ and _tracestate_ headers make it easier to track the flow of requests and their downstream effect on other systems. This is indeed the whole point with these headers. This knowledge could also be of use to bad actors that are working to build a map of the managed network. All advice mentioned in the [W3C-Trace-Context] under the Privacy Considerations and Security Considerations also apply to this document. The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport is TLS [RFC8446]. The Network Configuration Access Control Model (NACM) [RFC8341] provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. 4. IANA Considerations This document has no IANA actions. 5. Acknowledgments The authors would like to acknowledge the valuable implementation feedback from Christian Rennerskog and Per Andersson. Many thanks to Raul Rivas Felix, Alexander Stoklasa, Luca Relandini and Erwin Vrolijk for their help with the demos regarding integrations. The help and support from Jean Quilbeuf and BenoƮt Claise has also been invaluable to this work. 6. References 6.1. Normative References [I-D.draft-ietf-netconf-trace-ctx-extension-01] Gagliano, R., Larsson, K., and J. Lindblad, "NETCONF Extension to support Trace Context propagation", Work in Progress, Internet-Draft, draft-ietf-netconf-trace-ctx- extension-01, 8 July 2024, . Gagliano, et al. Expires 9 January 2025 [Page 5] Internet-Draft rc_trace July 2024 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration Access Control Model", STD 91, RFC 8341, DOI 10.17487/RFC8341, March 2018, . [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, . [RFC8525] Bierman, A., Bjorklund, M., Schoenwaelder, J., Watsen, K., and R. Wilton, "YANG Library", RFC 8525, DOI 10.17487/RFC8525, March 2019, . [W3C-Trace-Context] "W3C Recommendation on Trace Context", 23 November 2021, . 6.2. Informative References [RFC8309] Wu, Q., Liu, W., and A. Farrel, "Service Models Explained", RFC 8309, DOI 10.17487/RFC8309, January 2018, . Appendix A. Example RESTCONF calls All examples from [RFC8040] Appendix B could be recreated in this seciton by adding the new header described in this document. We selected one example from that document as reference. Gagliano, et al. Expires 9 January 2025 [Page 6] Internet-Draft rc_trace July 2024 A.1. Successful creation New Data Resources (from section B.2.1 in [RFC8040]) To create a new "artist" resource within the "library" resource, the client might send the following request: POST /restconf/data/example-jukebox:jukebox/library HTTP/1.1 Host: example.com Content-Type: application/yang-data+json traceparent: 00-405062f633be64ee006089dfca95a153-e021f9e263aad8e2-01 tracestate: vendorname1=opaqueValue1,vendorname2=opaqueValue2 { "example-jukebox:artist" : [ { "name" : "Foo Fighters" } ] } If the resource is created, the server might respond as follows: HTTP/1.1 201 Created Date: Thu, 26 Jan 2017 20:56:30 GMT Server: example-server Location: https://example.com/restconf/data/\ example-jukebox:jukebox/library/artist=Foo%20Fighters Last-Modified: Thu, 26 Jan 2017 20:56:30 GMT ETag: "b3830f23a4c" traceparent: 00-405062f633be64ee006089dfca95a153-e021f9e263aad8e2-01 tracestate: vendorname1=opaqueValue1,vendorname2=opaqueValue2 A.2. Unsuccessful creation New Data Resources (from section B.2.1 in [RFC8040]) [W3C-Trace-Context] specifies that vendor MAY validate the _tracestate_ header and that invalid headers MAY be discarded. In the section about Error handling (Section 2.1), it is stated that servers MAY return an error. Let's assume that is our implementation. Example of a badly formated _tracestate_ header using [RFC8040] example B.2.1, which by following : Gagliano, et al. Expires 9 January 2025 [Page 7] Internet-Draft rc_trace July 2024 POST /restconf/data/example-jukebox:jukebox/library HTTP/1.1 Host: example.com Content-Type: application/yang-data+json traceparent: 00-405062f633be64ee006089dfca95a153-e021f9e263aad8e2-01 tracestate: SomeBadFormatHere { "example-jukebox:artist" : [ { "name" : "Foo Fighters" } ] } And the expected error message: HTTP/1.1 400 Bad Request Date: Tue, 20 Jun 2023 20:56:30 GMT Server: example-server Content-Type: application/yang-data+json { "ietf-restconf:errors" : { "error" : [ { "error-type" : "protocol", "error-tag" : "operation-failed", "error-severity" : "error", "error-message" : "OTLP traceparent attribute incorrectly formatted", "error-info": { "ietf-netconf-otlp-context:meta-name" : "tracestate", "ietf-netconf-otlp-context:meta-value" : "SomeBadFormatHere", "ietf-netconf-otlp-context:error-type" : "ietf-netconf-otlp-context:bad-format" } } ] } } Appendix B. Changes (to be deleted by RFC Editor) B.1. From version 00 to -01 * Added Security considerations * Added Acknowledgements Gagliano, et al. Expires 9 January 2025 [Page 8] Internet-Draft rc_trace July 2024 * Added several Normative references * Added links to latest document on github * Added RESTCONF example for success and error * Modified Error Handling to reflect better W3C alignment based on implementation feedback * Firmed up error handling and YANG-library to MUST-requirements B.2. From version 00 to draft-ietf-netconf-restconf-trace-ctx- headers-00 * Adopted by NETCONF WG * Moved repository to NETCONF WG * Changed build system to use martinthomson's excellent framework * Ran make fix-lint to remove white space at EOL etc. * Added this change note. No other content changes Authors' Addresses Roque Gagliano Cisco Systems Avenue des Uttins 5 CH-1180 Rolle Switzerland Email: rogaglia@cisco.com Kristian Larsson Deutsche Telekom AG Email: kll@dev.terastrm.net Jan Lindblad Cisco Systems Email: jlindbla@cisco.com Gagliano, et al. Expires 9 January 2025 [Page 9]