Representational State Transfer Configuration Protocol (RESTCONF) Fundamentals

Representational State Transfer Configuration Protocol (RESTCONF) is a next generation northbound interface that provides an additional way to configure and monitor the switch. RESTCONF is an HTTP-based protocol that provides a programmatic interface to access data defined in a YANG model using the datastore concepts defined in NETCONF. RESTCONF uses a client-server model. The server acts as an entry point to a datastore, a conceptual place to store and access information. Clients use HTTP or HTTPS to interface with the server to configure and monitor devices.

RESTCONF Client and Server

A typical RESTCONF interaction consists of an HTTP/HTTPS request sent by a RESTCONF client and an HTTP/HTTPS response sent by the server. The HTTP/HTTPS request and response contain a required set of expected HTTP headers and may contain a request or response message body. The message body is encoded in JSON.

An HTTP request consists of the HTTP method (such as GET or POST) identifier, resource identifier, HTTP protocol version, HTTP headers, and HTTP body. The HTTP resource identifier is the string that identifies a service or resource that the server makes available to the client. The RESTCONF request contains the Universal Resource Identifier or URI which starts with /rest/restconf/data/ or /rest/restconf/operations/.

YANG Model

YANG is the data modeling language used for modeling configuration and state data for manipulation by using remote procedure calls (RPCs). The RESTCONF interface is generated with YANG Data Model. The YANG model is based on Open config model, which is a non vendor specific model that captures the key components found in multiple vendor solutions.RESTCONF is described by the Internet Engineering Task Force (IETF) in RFC 8040.

RESTCONF Authentication

RESTCONF uses the CLI user account and supports both local and remote authentication. Local authentication uses the local CLI user account while remote authentication can use either a RADIUS or TACACS+ server.

You can only use a CLI account with the RWA access level.

With RADIUS or TACACS+ enabled, if the remote server is not available, authentication falls back to local authentication and uses the local CLI user on the switch.

When the RESTCONF client posts for authentication, the HTTP server validates the login username and password if you have not enabled CLI remote authentication. If the remote server is not reachable, the HTTP server uses the local user for login validation.

For HTTPs access to the RESTCONF server, you must enable TLS and install a certificate.

RESTCONF APIs

You can access the RESTCONF API documentation on your switch using the following URL:

http(s)://<IP>:<tcp-port>/apps/restconfdoc/

Replace <IP> with the management IP address of your switch and <tcp-port> with the TCP port configured for RESTCONF. For example, http://192.0.2.16:8080/apps/restconfdoc/.

The on-switch URL works only if the RESTCONF feature is enabled on the switch.

You can also access the RESTCONF API documentation online at www.extremenetworks.com/support/documentation-api/.

VOSS Support

VOSS RESTCONF server supports the following actions:

HTTP Action

VOSS Instrumentation

GET

Corresponds to SHOW

POST

Corresponds to SET for creation

PATCH

Corresponds to SET for modification

DELETE

Maps to SET for deletion

VOSS RESTCONF supports the following features:

The RESTCONF feature is disabled by default. The RESTCONF server uses the same management IP address as the other applications and TCP port. The default TCP port that RESTCONF server listens to is port 8080. The TCP port delivers the message to the HTTP server for RESTCONF.