... | @@ -27,24 +27,20 @@ be generated for all data resources, whereas timestamps (Last-Modified |
... | @@ -27,24 +27,20 @@ be generated for all data resources, whereas timestamps (Last-Modified |
|
headers) are supported for all container-like resources, i.e. not for
|
|
headers) are supported for all container-like resources, i.e. not for
|
|
individual leaf and leaf-list instances.
|
|
individual leaf and leaf-list instances.
|
|
|
|
|
|
## Datastores
|
|
## Datastore
|
|
|
|
|
|
The initial version of JetConf will support two types of datastores:
|
|
JetConf uses [Yangson](https://gitlab.labs.nic.cz/labs/yangson) library, which is responsible for storage,
|
|
|
|
validation and manipulation with YANG data. This library utilizes an
|
|
|
|
in-memory persistent structure called "Zipper" where the YANG data
|
|
|
|
are kept in.
|
|
|
|
|
|
* Plain file, in which data are stored in the JSON format. Such data
|
|
JetConf also provides an option to serialize data into `.json`
|
|
are completely validated by the JetConf server.
|
|
file on each commit, which ensures that all configuration data will
|
|
|
|
be persistent among server startups.
|
|
|
|
|
|
* Proxy datastore where all data management tasks (storage, validation
|
|
Additionally, the datastore can have an access control module
|
|
etc.) are delegated to an external software component. The role of
|
|
associated with it. If so, every read/write operation will be verified
|
|
the JetConf server is just to convert requests of RESTCONF clients
|
|
with this ACM.
|
|
to the API of the external software component, and, in the opposite
|
|
|
|
direction, translate the replies.
|
|
|
|
|
|
|
|
However, JetConf implementation must be prepared to integrate other
|
|
|
|
types of datastores that may be added in the future.
|
|
|
|
|
|
|
|
Every datastore can have an access control module associated with it.
|
|
|
|
If so, every read/write operation will be verified with this ACM.
|
|
|
|
|
|
|
|
## Access Control
|
|
## Access Control
|
|
|
|
|
... | @@ -54,8 +50,8 @@ particular data resources. However, some limitations may apply, because |
... | @@ -54,8 +50,8 @@ particular data resources. However, some limitations may apply, because |
|
NACM does not have official support for RESTCONF yet, i.e. there can
|
|
NACM does not have official support for RESTCONF yet, i.e. there can
|
|
be potential problems with HTTP caching etc.
|
|
be potential problems with HTTP caching etc.
|
|
|
|
|
|
The NACM data are stored in its own separate datastore. The NACM data can
|
|
The NACM data can only be edited by privileged users (see [JetConf
|
|
only be edited by privileged users (see JetConf Server Configuration).
|
|
Server Configuration](jetconf-config)).
|
|
|
|
|
|
In the future, it is also possible to implement another kinds of ACM,
|
|
In the future, it is also possible to implement another kinds of ACM,
|
|
i.e. a simple r/o and r/w user list.
|
|
i.e. a simple r/o and r/w user list.
|
... | @@ -65,13 +61,13 @@ i.e. a simple r/o and r/w user list. |
... | @@ -65,13 +61,13 @@ i.e. a simple r/o and r/w user list. |
|
Dependencies on external Python packages, i.e. those that are not part
|
|
Dependencies on external Python packages, i.e. those that are not part
|
|
of [Python 3 standard library](https://docs.python.org/3/library)
|
|
of [Python 3 standard library](https://docs.python.org/3/library)
|
|
should be kept to a reasonable minimum. The initial version depends on
|
|
should be kept to a reasonable minimum. The initial version depends on
|
|
two such packages:
|
|
following packages:
|
|
|
|
|
|
|
|
* [Yangson](https://gitlab.labs.nic.cz/labs/yangson) – YANG 1.1
|
|
|
|
library (see below).
|
|
* [Hyper-h2](http://python-hyper.org/h2/en/stable/) – Python 3 library
|
|
* [Hyper-h2](http://python-hyper.org/h2/en/stable/) – Python 3 library
|
|
implementing HTTP/2,
|
|
implementing HTTP/2,
|
|
|
|
* colorlog, pyaml, pytz - Available via PyPI
|
|
* [Yangson](https://gitlab.labs.nic.cz/llhotka/yangson) – YANG 1.1
|
|
|
|
library (see below).
|
|
|
|
|
|
|
|
## Yangson Library
|
|
## Yangson Library
|
|
|
|
|
... | @@ -119,28 +115,7 @@ The Yangson package comprises the following Python modules: |
... | @@ -119,28 +115,7 @@ The Yangson package comprises the following Python modules: |
|
|
|
|
|
## JetConf Server Configuration
|
|
## JetConf Server Configuration
|
|
|
|
|
|
The JetConf server needs some start-up configuration. The following is
|
|
The JetConf server needs some start-up configuration. See [JetConf config](jetconf-config) wiki page for details.
|
|
a minumum set of server configuration parameters:
|
|
|
|
|
|
|
|
* _time zone_: server's time zone (default: operating system setting)
|
|
|
|
* _document root_: path to a directory where static non-api data are
|
|
|
|
stored (i.e. "/var/www")
|
|
|
|
* _document default name_: name of default document that will be
|
|
|
|
returned if user requests a subdirectory within document root
|
|
|
|
(i.e. "index.html")
|
|
|
|
* _RESTCONF API root_: URL subpath where the REST API root will be
|
|
|
|
placed (i.e. "/restconf"). All requests beginning with
|
|
|
|
_RESTCONF API root_ will be considered as API requests.
|
|
|
|
* _server name_: name of a server which is returned in the 'server'
|
|
|
|
http header
|
|
|
|
* _server TLS certificate location_: location of server's TLS
|
|
|
|
certificate in PEM format
|
|
|
|
* _server private key location_: location of file containing
|
|
|
|
server's private key
|
|
|
|
* _CA certificate location_: location of certificate of CA, which
|
|
|
|
issues client certificates
|
|
|
|
* _admin users_: list of users that have privileged access to the
|
|
|
|
server and can edit the access control database.
|
|
|
|
|
|
|
|
## Server Loop
|
|
## Server Loop
|
|
|
|
|
... | @@ -197,3 +172,5 @@ a minumum set of server configuration parameters: |
... | @@ -197,3 +172,5 @@ a minumum set of server configuration parameters: |
|
* *nacm*: basic NACM implementation,
|
|
* *nacm*: basic NACM implementation,
|
|
* *config*: a module for reading and parsing the config file,
|
|
* *config*: a module for reading and parsing the config file,
|
|
* *helpers*: static helper classes shared across modules.
|
|
* *helpers*: static helper classes shared across modules.
|
|
|
|
* *op_internal*: implementation of JetConf internal RPCs.
|
|
|
|
* *errors*: definition of exceptions used in JetConf. |