Re: [i2rs] modeling options for draft-ietf-i2rs-yang-network-topo

Hi,

Alexander Clemm <alexander.clemm@huawei.com> wrote:
> Hi, 
> 
> One comment inline re: option 1, <ALEX>
> 
> Thanks
> --- Alex
> 
> -----Original Message-----
> From: i2rs [mailto:i2rs-bounces@ietf.org] On Behalf Of Martin
> Bjorklund
> Sent: Tuesday, February 14, 2017 8:41 AM
> To: kwatsen@juniper.net
> Cc: i2rs@ietf.org
> Subject: Re: [i2rs] modeling options for
> draft-ietf-i2rs-yang-network-topo
> 
> Kent Watsen <kwatsen@juniper.net> wrote:
> > 
> > 
> > [moving yang-doctors to BCC]
> > 
> > 
> > >> OPTION 1: separate /foo and /foo-state trees
> > >> --------------------------------------------
> > >> 
> > >> This option was/is described here:
> > >> https://www.ietf.org/mail-archive/web/i2rs/current/msg04316.html.
> > >> 
> > >> PROS:
> > >>   a) does NOT break legacy clients (how we got here)
> > >>   b) consistent with convention used in many IETF modules
> > >>   c) able to show if/how opstate may differ from configured values
> > >> 
> > >> CONS:
> > >>   a) questionably valid YANG leafref usage
> > >
> > > What does this mean?
> > 
> > I'm referring to how the description statement explains that the 
> > server may look to operational state in order to resolve the leafref, 
> > which is to result in behavior similar to pre-configuration in RFC 
> > 7223.
> 
> Ok, I didn't pay close attention to the proposal in the quoted email.
> 
> I would design this a bit differently.  The config true leaf
> "dependency" should have a leafref to the config false node name, with
> require-instance false.  The description should explain that the
> configuration item will be used by the server if all dependencies
> exist.  When the configuration item is used, it shows up in the config
> false list.
> 
> This way, the leafref usage is valid and straight forward.
> 
> <ALEX> 
> Hi Martin,
>  
> I don't understand one statement you are making "When the
> configuration item is used, it shows up in the config false list" -
> can you please elaborate?

I mean that the server will consider a configured item, and decide if
it can be used or not.  If the configured item has a reference to
something that doesn't (yet) exist (weak reference; require-instance
false), the server leaves the item in the config, and moves on.  At
some later time, suppose the weak reference is fulfilled; at this
point the server decides that the configured item can be used, and it
instantiates the item in the /-state list.  Once it is there, maybe
some other configured item has a reference to this one, and it can
also be instantiated etc.

And it goes the other way as well; suppose a server provided item is
removed by the server; at this point the server would also remove
items in the state list that originated in the configuration - however
they are not removed from the config, just the state.
(Server provided items would only show up in the state in this
solution).

The state subtree works exactly like the operational-state datastore
in draft-ietf-netmod-revised-datastores.

> One of the issues that we are facing is that a configured topology
> might refer to a configured topology or a server-provided topology,
> and we would like to avoid making a case distinction as to which
> category we are referring to.

I believe my proposed solution handles this.

> At the same time, we are making use of leafrefs to express a number of
> integrity constraints which are part of the model: as a node is part
> of a topology, and a topology has an underlay topology, we make sure
> that the underlay node is part of the underlay topology (and not just
> any arbitrary node).

Can you point me to the place in the model where this is specified?

Or did you mean that today you have to mention this in plain text, but
it would be nice if it could be captured formally in the model?

> Likewise for termination points and links (with
> some additional constraints, such as a TP's supporting TP be contained
> in the TP's containing node's supporting node, with supporting links
> of a link being terminated by supporting TPs of the link's TP, etc) It
> would be really nice to capture these without resorting to description
> statements, and without overly complex path expressions (particularly
> as leafrefs refer to a single path, not a choice of alternative paths)
> 
> What you describe above does not seem to address this entirely.  You
> describe having a leafref to a config false node.  We need to have a
> leafref that can effectively be pointed at a config false, or a config
> true node.  How can we achieve that when both nodes are in separate
> subtrees?
> 
> We could consider a solution in which we have two dependencies - one
> leafref to point to config false, another leafref to point to config
> true.  But this solution seems a bit awkward, as it requires different
> handling by applications of each case.  Perhaps use a union of two
> leafrefs with different paths.  This might be a solution, but the
> question regarding how to capture the overlay/underlay layering
> constraints remains.

/martin

> 
> --- Alex
> 
> </ALEX>
> 
> > >>   b) complex server implementation (to handle require-instance 
> > >> false)
> > >
> > >Can you elaborate on this one?
> > 
> > This is primarily a reflection of the CON listed above, in that it 
> > seems that a server would need to have special handling for when 
> > dependencies transition from being present to not-present and vice 
> > versa, much like the code to handle when a physical card is plugged in
> > or removed.
> 
> Yes, but I think this is inherent to the problem at hand.  Even with
> the config true solution defined in the current draft, it is not clear
> how things that were created by the server would be deleted (if there
> were references to them).
> 
> > Note: I should've listed this as a CON for OPTION 2 as well.
> > 
> > 
> > 
> > >>   c) eventually the module would need to migrate to the long-term 
> > >>      solution, which would result in needing to also rewrite all
> > >>      modules that have augmented it (e.g., ietf-te-topology).
> > >>   d) leafref path expressions really only work for configuration data,
> > >>      though a clever server could have a special ability to peak at
> > >>      the opstate values when doing validations.  Of course, with 
> > >>      require-instance is false, the value of leafref based validation
> > >>      checking is negated anyway, even for config true nodes, so this
> > >>      may not matter much.
> > >> 
> > >> 
> > >> 
> > >> OPTION 2: explicit client-option to also return tagged opstate data
> > >> -------------------------------------------------------------------
> > >> 
> > >> This option takes a couple forms.  The first is module-specific and 
> > >> the second is generic.  In both cases, the idea is modeled after 
> > >> the with-defaults solution (RFC6243), wherein the client passes a 
> > >> special flag into <get-config> causing the server to also return 
> > >> opstate data, having a special metadata flag set, intermingled with 
> > >> the configuration data.
> > >> 
> > >> 
> > >> 2A: Module-specific version
> > >> 
> > >>    module foo {
> > >>       import ietf-netconf { prefix nc; }
> > >>       import ietf-yang-metadata { prefix md; }
> > >>       md:annotation server-provided {
> > >>          type boolean;
> > >>       }
> > >>       container nodes {
> > >>          config true;
> > >>          list node {
> > >>             key "name";
> > >>             leaf name { type string; }
> > >>             leaf dependency {
> > >>                type leafref {
> > >>                  path "../node/name"
> > >>                  require-instance false;
> > >>                }
> > >>             }
> > >>          }
> > >>       }
> > >>       augment /nc:get-config/nc:input {
> > >>          leaf with-server-provided {
> > >>             type boolean;
> > >>          }
> > >>       }
> > >>    }
> > >
> > > I don't think this solution is substantially different from the 
> > > solution in draft-ietf-i2rs-yang-network-topo-10.  You have just 
> > > moved a config false leaf to a meta-data annotation.  This solution 
> > > suffers from the same problems as the solution in 
> > > draft-ietf-i2rs-yang-network-topo-10.
> > 
> > There are two primary differences:
> > 
> > 1) It doesn't break legacy clients
> 
> The solution in the draft doesn't break legacy clients either -
> there's a config false leaf among the config true.  No problem.
> 
> >    , because it requires the client to
> >    explicitly pass a 'with-server-provided' flag in the <get-config>
> >    request in order to get back the extended response.  Likewise, it
> >    doesn't break backup/restore workflows, as the server can discard
> >    any 'server-provided' nodes passed in an <edit-config> operation.
> 
> Huh?  This goes against the defined behavior of 6241 + 7950.  This is
> the main problem with the solution in the current draft.
> 
> If a client sends a <get-config> for data in running, the server
> cannot send back data that is not in running.
> 
> >    Lastly, it doesn't break <lock>/<unlock>, as there is no comingling
> >    of opstate data in the 'running' datastore.
> > 
> > 2) It doesn't say anything about how the opstate data is stored on the
> >    server.  The opstate data is not modeled at all.  This approach 
> >    only defines a presentation-layer format for how opstate data can
> >    be returned via an RPC.  The server is free to persist the opstate
> >    data anyway it wants, perhaps in an internal datastore called 
> >    'operational-state' or in an uber-datastore with the opstate data
> >    flagged with a datastore='oper-state' attribute.  Regardless, it's
> >    an implementation detail, and the conceptual datastore model is
> >    preserved.
> 
> You are essentially defining a new operation, but do it by modifying
> the semantics of an existing one.  I don't think this is a good idea;
> it is better to define a new rpc.
> 
> 
> /martin
> 
> _______________________________________________
> i2rs mailing list
> i2rs@ietf.org
> https://www.ietf.org/mailman/listinfo/i2rs
> 