new configuration protocol
We need a new configuration protocol, that will allow us:
- make changes to confdb
- make changes to kaspdb
- get current configuration (confdb, kaspdb)
- get server data (statistics, ...)
- issue commands (replace current DNS-based protocol used in knotc)
The current proposal is to base this work on top of https://gitlab.labs.nic.cz/labs/dns-server-yang by @llhotka and add RESTCONF API to Knot DNS that should:
- use JSON as data protocol (XML Must Die!) and we already link with jansson library
- use HTTP/2 as transport protocol (it includes PIPELINING, binary data, and some other nice features; also it's deterministic since it's a binary protocol)
- use TLS 1.2+ and client certs for authentication
- use fine-grained ACLs for accessing nodes (monitoring client vs. zone add/remove client vs. full access client, ...)
As an added bonus, we could reuse this for zone data management in the future.