Skip to main content

RESTCONF Extension to Support Trace Context Headers
draft-ietf-netconf-restconf-trace-ctx-headers-03

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft whose latest revision state is "Active".
Authors Roque Gagliano , Kristian Larsson , Jan Lindblad
Last updated 2024-11-08 (Latest revision 2024-09-25)
Replaces draft-netconf-restconf-trace-ctx-headers
RFC stream Internet Engineering Task Force (IETF)
Formats
Reviews
Additional resources Mailing list discussion
Stream WG state In WG Last Call
Document shepherd (None)
IESG IESG state I-D Exists
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)
draft-ietf-netconf-restconf-trace-ctx-headers-03
NETCONF                                                      R. Gagliano
Internet-Draft                                             Cisco Systems
Intended status: Standards Track                              K. Larsson
Expires: 11 May 2025                                 Deutsche Telekom AG
                                                             J. Lindblad
                                                           Cisco Systems
                                                         7 November 2024

          RESTCONF Extension to Support Trace Context Headers
            draft-ietf-netconf-restconf-trace-ctx-headers-03

Abstract

   This document defines an extension to the RESTCONF protocol in order
   to support Trace Context propagation as defined by the W3C.

About This Document

   This note is to be removed before publishing as an RFC.

   The latest revision of this draft can be found at https://github.com/
   netconf-wg/restconf-trace-ctx-headers/blob/gh-pages/draft-ietf-
   netconf-restconf-trace-ctx-headers.txt.  Status information for this
   document may be found at https://datatracker.ietf.org/doc/draft-ietf-
   netconf-restconf-trace-ctx-headers/.

   Discussion of this document takes place on the NETCONF Working Group
   mailing list (mailto:netconf@ietf.org), which is archived at
   https://mailarchive.ietf.org/arch/browse/netconf/.  Subscribe at
   https://www.ietf.org/mailman/listinfo/netconf/.

   Source for this draft and an issue tracker can be found at
   https://github.com/https://github.com/netconf-wg/restconf-trace-ctx-
   headers.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

Gagliano, et al.           Expires 11 May 2025                  [Page 1]
Internet-Draft                  rc_trace                   November 2024

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 11 May 2025.

Copyright Notice

   Copyright (c) 2024 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Revised BSD License text as
   described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  RESTCONF Extensions . . . . . . . . . . . . . . . . . . . . .   3
     2.1.  Error Handling  . . . . . . . . . . . . . . . . . . . . .   4
     2.2.  Trace Context Header Versioning . . . . . . . . . . . . .   4
   3.  Security Considerations . . . . . . . . . . . . . . . . . . .   4
   4.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   5
   5.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .   5
   6.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   5
     6.1.  Normative References  . . . . . . . . . . . . . . . . . .   5
     6.2.  Informative References  . . . . . . . . . . . . . . . . .   6
   Appendix A.  Example RESTCONF Calls . . . . . . . . . . . . . . .   6
     A.1.  Successful creation of New Data Resources (from
           Appendix B.2.1 of RFC8040)  . . . . . . . . . . . . . . .   6
     A.2.  Unsuccessful creation of New Data Resources (from
           Appendix B.2.1 of RFC8040)  . . . . . . . . . . . . . . .   7
   Appendix B.  Changes (to be deleted by RFC Editor)  . . . . . . .   9
     B.1.  From version 01 to 02 . . . . . . . . . . . . . . . . . .   9
     B.2.  From version 00 to -01  . . . . . . . . . . . . . . . . .   9
     B.3.  From version 00 to
           draft-ietf-netconf-restconf-trace-ctx-headers-00  . . . .  10
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  10

Gagliano, et al.           Expires 11 May 2025                  [Page 2]
Internet-Draft                  rc_trace                   November 2024

1.  Introduction

   Network automation and management systems commonly consist of
   multiple sub-systems and, together with the network devices they
   manage, they effectively form a distributed system.  Distributed
   tracing is a methodology implemented by tracing tools to track,
   analyze and debug operations such as configuration transactions,
   across multiple distributed systems.

   The W3C has defined two HTTP headers (traceparent and tracestate) in
   [W3C-Trace-Context] for context propagation that are useful for
   distributed systems like the ones defined in section 4 of [RFC8309].

   According to the W3C specification, each operation is uniquely
   identified by a "trace-id" field, and carries multiple metadata
   fields about the operation.  Propagating this Trace Context between
   systems provides a coherent view of the entire operation as carried
   out by all involved systems.

   In [I-D.draft-ietf-netconf-trace-ctx-extension], the NETCONF protocol
   extension is defined and we will re-use several of the YANG and XML
   objects defined in that document for RESTCONF.  Please refer to that
   document for additional context and example applications.

1.1.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
   NOT","SHOULD","SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY",
   and "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

   Additionally, the document utilizes the following abbreviations:

   OTLP:  OpenTelemetry protocol as defined by [OpenTelemetry]

   M.E.L.T:  Metrics, Events, Logs and Traces

   gNMI:  gRPC Network Management Interface, as defined by [gNMI]

2.  RESTCONF Extensions

   A RESTCONF server that implements the Trace Context propagation
   mechanism defined in this document MUST support the Trace Context
   traceparent header as defined in [W3C-Trace-Context].

   A RESTCONF server SHOULD support the Trace Context tracestate header
   as defined in [W3C-Trace-Context].

Gagliano, et al.           Expires 11 May 2025                  [Page 3]
Internet-Draft                  rc_trace                   November 2024

2.1.  Error Handling

   A RESTCONF server SHOULD follow the "Processing Model for Working
   with Trace Context" as specified in [W3C-Trace-Context].  Based on
   this processing model, it is NOT RECOMMENDED to reject an RPC because
   of the Trace Context header values.

   If a server decides to reject an RPC because of the Trace Context
   header values, the server MUST return a RESTCONF rpc-error with the
   following values:

     error-tag:      operation-failed
     error-type:     protocol
     error-severity: error

   Additionally, the error-info tag SHOULD contain a relevant details
   about the error.

   Finally, the sx:structure defined in
   [I-D.draft-ietf-netconf-trace-ctx-extension] SHOULD be present in any
   error message from the server.

2.2.  Trace Context Header Versioning

   The RESTCONF protocol extension described in this document refers to
   the [W3C-Trace-Context] Trace Context capability.  The W3C
   traceparent and tracestate headers include the notion of versions.
   It would be desirable for a RESTCONF client to be able to discover
   the one or multiple versions of these headers supported by a server.

   [I-D.draft-ietf-netconf-trace-ctx-extension] defines a pair YANG
   modules that SHOULD be included in the YANG library per [RFC8525] of
   the RESTCONF server supporting the RESTCONF Trace Context extension
   that will refer to the headers' supported versions.  Future updates
   of this document could include additional YANG modules for new
   headers' versions.

3.  Security Considerations

   The related document [I-D.draft-ietf-netconf-trace-ctx-extension]
   defines two YANG modules that are used when implementing the Trace
   Context concept, regardless of YANG-based protocol.  These modules
   are completely empty, and therefore have very limited security
   considerations.  Their purpose is only to indicate which Trace
   Context header versions the server supports using YANG Library
   [RFC8525].

Gagliano, et al.           Expires 11 May 2025                  [Page 4]
Internet-Draft                  rc_trace                   November 2024

   The traceparent and tracestate headers make it easier to track and
   correlate the flow of requests and their downstream effect on other
   systems.  This is indeed the whole point with these headers.  This
   knowledge may be used by unauthorized entities to infer a map of a
   managed network.

   All advice mentioned in the [W3C-Trace-Context] under the Privacy
   Considerations and Security Considerations also apply to this
   document.

   The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement
   secure transport is TLS [RFC8446].

4.  IANA Considerations

   This document has no IANA actions.

5.  Acknowledgments

   The authors would like to acknowledge the valuable implementation
   feedback from Christian Rennerskog and Per Andersson.  Many thanks to
   Raul Rivas Felix, Alexander Stoklasa, Luca Relandini and Erwin
   Vrolijk for their help with the demos regarding integrations.  The
   help and support from Med Boucadair, Jean Quilbeuf and BenoƮt Claise
   has also been invaluable to this work.

6.  References

6.1.  Normative References

   [gNMI]     "gNMI - gRPC Network Management Interface", 4 November
              2024, <https://github.com/openconfig/gnmi>.

   [I-D.draft-ietf-netconf-trace-ctx-extension]
              Gagliano, R., Larsson, K., and J. Lindblad, "NETCONF
              Extension to support Trace Context propagation", Work in
              Progress, Internet-Draft, draft-ietf-netconf-trace-ctx-
              extension-02, 7 November 2024,
              <https://datatracker.ietf.org/doc/html/draft-ietf-netconf-
              trace-ctx-extension-02>.

   [OpenTelemetry]
              "OpenTelemetry Cloud Native Computing Foundation project",
              4 November 2024, <https://opentelemetry.io>.

Gagliano, et al.           Expires 11 May 2025                  [Page 5]
Internet-Draft                  rc_trace                   November 2024

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/rfc/rfc2119>.

   [RFC8040]  Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
              Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
              <https://www.rfc-editor.org/rfc/rfc8040>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/rfc/rfc8174>.

   [RFC8446]  Rescorla, E., "The Transport Layer Security (TLS) Protocol
              Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
              <https://www.rfc-editor.org/rfc/rfc8446>.

   [RFC8525]  Bierman, A., Bjorklund, M., Schoenwaelder, J., Watsen, K.,
              and R. Wilton, "YANG Library", RFC 8525,
              DOI 10.17487/RFC8525, March 2019,
              <https://www.rfc-editor.org/rfc/rfc8525>.

   [W3C-Trace-Context]
              "W3C Recommendation on Trace Context", 23 November 2021,
              <https://www.w3.org/TR/2021/REC-trace-context-
              1-20211123/>.

6.2.  Informative References

   [RFC8309]  Wu, Q., Liu, W., and A. Farrel, "Service Models
              Explained", RFC 8309, DOI 10.17487/RFC8309, January 2018,
              <https://www.rfc-editor.org/rfc/rfc8309>.

Appendix A.  Example RESTCONF Calls

   All examples from Appendix B of [RFC8040] could be recreated in this
   section by adding the new header described in this document.  We
   selected one example from that document as reference.

A.1.  Successful creation of New Data Resources (from Appendix B.2.1 of
      [RFC8040])

   To create a new "artist" resource within the "library" resource, a
   client might send the following request:

Gagliano, et al.           Expires 11 May 2025                  [Page 6]
Internet-Draft                  rc_trace                   November 2024

    POST /restconf/data/example-jukebox:jukebox/library HTTP/1.1
    Host: example.com
    Content-Type: application/yang-data+json
    traceparent: 00-405062f633be64ee006089dfca95a153-e021f9e263aad8e2-01
    tracestate: vendorname1=opaqueValue1,vendorname2=opaqueValue2

    {
      "example-jukebox:artist" : [
        {
          "name" : "Foo Fighters"
        }
      ]
    }

   If the resource is created, the server might respond as follows:

    HTTP/1.1 201 Created
    Date: Thu, 26 Jan 2017 20:56:30 GMT
    Server: example-server
    Location: https://example.com/restconf/data/\
        example-jukebox:jukebox/library/artist=Foo%20Fighters
    Last-Modified: Thu, 26 Jan 2017 20:56:30 GMT
    ETag: "b3830f23a4c"
    traceparent: 00-405062f633be64ee006089dfca95a153-e021f9e263aad8e2-01
    tracestate: vendorname1=opaqueValue1,vendorname2=opaqueValue2

A.2.  Unsuccessful creation of New Data Resources (from Appendix B.2.1
      of [RFC8040])

   [W3C-Trace-Context] specifies that a vendor may validate the
   tracestate header and that invalid headers may be discarded.
   Section 2.1 on Error handling (Section 2.1), states that servers may
   return an error.  Let's assume that an implementation follows that
   behavior.

   Example of a badly formated tracestate header using [RFC8040] example
   (Appendix B.2.1), in which a server receives the following:

Gagliano, et al.           Expires 11 May 2025                  [Page 7]
Internet-Draft                  rc_trace                   November 2024

    POST /restconf/data/example-jukebox:jukebox/library HTTP/1.1
    Host: example.com
    Content-Type: application/yang-data+json
    traceparent: 00-405062f633be64ee006089dfca95a153-e021f9e263aad8e2-01
    tracestate: SomeBadFormatHere

    {
      "example-jukebox:artist" : [
        {
          "name" : "Foo Fighters"
        }
      ]
    }

   To which the server responds with an error message:

    HTTP/1.1 400 Bad Request
    Date: Thu, 20 Jun 2024 20:56:30 GMT
    Server: example-server
    Content-Type: application/yang-data+json

    { "ietf-restconf:errors" : {
        "error" : [
         "trace-context-error-info": {
           {
             "error-type" : "protocol",
             "error-tag" : "operation-failed",
             "error-severity" : "error",
             "error-message" :
             "Context traceparent header incorrectly formatted",
             "error-info": {
               "ietf-trace-context:meta-name" : "tracestate",
               "ietf-trace-context:meta-value" :
               "SomeBadFormatHere",
               "ietf-trace-context:error-type" :
               "ietf-trace-context:bad-format"
             }
           }
         }
        ]
      }
    }

Gagliano, et al.           Expires 11 May 2025                  [Page 8]
Internet-Draft                  rc_trace                   November 2024

Appendix B.  Changes (to be deleted by RFC Editor)

B.1.  From version 01 to 02

   *  Added WGLC comments

   *  Changed namespaces and module name

   *  Fix error in error response

   *  Comments from Med Boucadair

   *  Removed markdown formatting of tracestate and traceparent, as
      toolchain could not handle this properly

   *  Removed references to RFC8341 (NACM) as the passage in the
      security considerations no longer need it

   *  Rearranged text in introduction to include referenes in a more
      natural order

   *  Removed several references to "we" and replaced with more neutral
      language

   *  Clarified that everything described as MUST requirements in this
      document only apply to RESTCONF implementations that implement
      this document.  Other RESTCONF implementations do not need to care
      about this document, it's an optional extension

   *  Clarified that the YANG modules used by this document is defined
      by the sibling document for NETCONF

   *  Lots of updated wording based on review feedback

B.2.  From version 00 to -01

   *  Added Security considerations

   *  Added Acknowledgements

   *  Added several Normative references

   *  Added links to latest document on github

   *  Added RESTCONF example for success and error

   *  Modified Error Handling to reflect better W3C alignment based on
      implementation feedback

Gagliano, et al.           Expires 11 May 2025                  [Page 9]
Internet-Draft                  rc_trace                   November 2024

   *  Firmed up error handling and YANG-library to MUST-requirements

B.3.  From version 00 to draft-ietf-netconf-restconf-trace-ctx-
      headers-00

   *  Adopted by NETCONF WG

   *  Moved repository to NETCONF WG

   *  Changed build system to use martinthomson's excellent framework

   *  Ran make fix-lint to remove white space at EOL etc.

   *  Added this change note.  No other content changes

Authors' Addresses

   Roque Gagliano
   Cisco Systems
   Avenue des Uttins 5
   CH-1180 Rolle
   Switzerland
   Email: rogaglia@cisco.com

   Kristian Larsson
   Deutsche Telekom AG
   Email: kll@dev.terastrm.net

   Jan Lindblad
   Cisco Systems
   Email: jlindbla@cisco.com

Gagliano, et al.           Expires 11 May 2025                 [Page 10]