Re: [Ibnemo] Defining a Common Model for intent

["Susan Hares" <shares@ndzh.com>]

Tianran/Terence: 

 

If we have 3 different and orthogonal types of roles:  security, infrastructure, and abstract functions – then we would need to be able to associate these three different types of roles together.   This is different that providing recursion within an intent or an object.  It should be used without levels.  For infrastructure, the recursion can be the expansion of the AS object to a set of objects.   This should be allowed to be part of the intent construct (object, result, operation). 

 

Sue 

 

From: Zhoutianran [mailto:zhoutianran@huawei.com] 
Sent: Monday, June 08, 2015 5:11 AM
To: PEDRO ANDRES ARANDA GUTIERREZ; Susan Hares; nfvrg@irtf.org
Cc: ibnemo@ietf.org
Subject: RE: [Ibnemo] RE: Defining a Common Model for intent

 

Hi Pedro,

 

In the VDC use case, we did have the “recursion”. But can we just treat them as different kind of nodes that have specific functions? 

I mean we do not have to put each node instance in the seat where the network level is.

This will make the modeling more flexible to capture the user intent, not be constrained by the network infrastructure.

 

Best,

Terence

 

 

From: PEDRO ANDRES ARANDA GUTIERREZ [mailto:pedroa.aranda@telefonica.com] 
Sent: Monday, June 08, 2015 3:01 PM
To: Susan Hares; 'Natale, Bob'; Xiayinben; Zhoutianran; zhangyali (D); nfvrg@irtf.org
Cc: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
Subject: Re: [Ibnemo] 答复: Defining a Common Model for intent

 

Sue,

 

I think this is a faery good starting point. Just an additional question that is bugging me. Can we also try to explore recursiveness in the model?

I mean: At one level in time we have a ‘Node’ that is a whole business site, say an autonomous system. This ‘Node’ can be expanded as a set of areas (in the OSPF lingo,level in the IS-IS lingo), right? So diving into this level, we could say that each area is ‘Node’ and that areas are interconnected by links. Then each Node at this level is, when zoomed in, a set of interconnected routers. I think we also need to express this kind or recursiveness. In the ODL NEMO project, one of the sue cases is a virtual data-centre model with a similar concept of layering, recursion(?)

 

What is your feeling on this?

 

Best, /PA

De: Sue Hares <shares@ndzh.com>
Fecha: viernes, 5 de junio de 2015 20:58
Para: "'Natale, Bob'" <RNATALE@mitre.org>, 'Xiayinben' <xiayinben@huawei.com>, 'Zhoutianran' <zhoutianran@huawei.com>, "'zhangyali (D)'" <zhangyali369@huawei.com>, PEDRO ANDRES ARANDA GUTIERREZ <pedroa.aranda@telefonica.com>, "nfvrg@irtf.org" <nfvrg@irtf.org>
CC: "draft-xia-ibnemo-icim@tools.ietf.org" <draft-xia-ibnemo-icim@tools.ietf.org>, "ibnemo@ietf.org" <ibnemo@ietf.org>
Asunto: RE: [Ibnemo] 答复: Defining a Common Model for intent

 

Bob:

 

+1 on goal of concept of a funnel of intent to specific network behavior. 

Summary on roles – I believe that roles are constraints on the intent (as email message indicates).  These constraints impact the range of valid values for the components of intent (object, result, constraints).  Why is this valuable?  Just like in SQL, we have validity checks for the components of intent within a context.  The roles help set these validity checks.  For example, if you are a node, link, flow object and your level is the business level.  You will utilize nodes that summarize whole business sites not the router-interface a.    In the model work we have done for Nemo, the Nemo model allows context to stored and utilized to fill-in/validate the intent’s content. 

 

Does this help? 

 

Sue 

 

 

From: Natale, Bob [mailto:RNATALE@mitre.org] 
Sent: Friday, June 05, 2015 1:01 AM
To: Susan Hares; 'Xiayinben'; 'Zhoutianran'; 'zhangyali (D)'; 'PEDRO ANDRES ARANDA GUTIERREZ'; nfvrg@irtf.org
Cc: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
Subject: RE: [Ibnemo] 答复: Defining a Common Model for intent

 

Hi Sue,

 

Concerning your point about layers and logical representation, I agree … John used the stack of layers approach as a visual aid (I believe) … its behavior is actually more like a spectrum than a stack of layers … a major need for success in policy-based management is to narrow the range of the spectrum from intents/goals to actions/behavior and/or reduce the impedance in getting from business intent to network behavior across that range. I realize this is somewhat abstract for an IETF forum … but I do think we are all working to establish some basic common understanding here.

 

Concerning your point about “intent-roles groupings”, I have to confess that (1) I don’t understand the discussion around those concepts on these threads and (2) have not yet found it possible to devote enough time to consider them more thoroughly (and I’m not sure that I will get that opportunity). I’m an old-timer (for real) and that might be a limiting factor for me on this point … the major hurdles in standardizing policy-based management have been in place for years, so we have some very familiar concepts and terminology … that can be an aid to progress or an obstacle … in the latter case, new concepts and terminology are needed … maybe we’re at that point, and my “tenure” is keeping me from realizing it.

 

Avanti,

BobN

 

From: Susan Hares [mailto:shares@ndzh.com] 
Sent: Thursday, June 04, 2015 11:55 AM
To: Natale, Bob; 'Xiayinben'; 'Zhoutianran'; 'zhangyali (D)'; 'PEDRO ANDRES ARANDA GUTIERREZ'; nfvrg@irtf.org
Cc: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
Subject: RE: [Ibnemo] 答复: Defining a Common Model for intent

 

Bob: 

 

What I think you are saying is that our current layers and the logical representation of these layer’s roles may be limiting to our design of a new system based on intent.  I agree the past roles of layers tend to put us back in the same layer boxes.  

 

This is why I asked in earlier mail about the intent-roles grouping being the top of a cyclic tree where the intent focuses the action and the roles/context provide the context down the policy continuum.  In general systems theory the intent-role groupings should from a unique subsystem within the policy and actions.   Does this theoretical suggestion make sense? 

 

Sue 

 

 

From: Natale, Bob [mailto:RNATALE@mitre.org] 
Sent: Wednesday, June 03, 2015 12:31 PM
To: Xiayinben; Zhoutianran; Susan Hares; zhangyali (D); 'PEDRO ANDRES ARANDA GUTIERREZ'; nfvrg@irtf.org
Cc: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
Subject: RE: [Ibnemo] 答复: Defining a Common Model for intent

 

Hi Yinben,

 

I would caution against taking too literal a view of “layers” as visual representations of logical roles or perspectives … the “mutual exclusion” between layers when viewed as logical roles or perspectives is something we want to reduce or eliminate today both because we (possibly) can (due to new technologies) and because doing so can reduce costs, increase operational agility, enable better customer/user experience, etc.

 

It might be the case that at early stages of a new technology, “crisp” boundaries between the layers of a layered model serve essential purposes but as the technology matures opportunities for “smoothing” evolve – whether via integration within the existing model, rearranging components in a new model, or otherwise. I think we’re at a point in time where a set of related technologies is maturing to the point where “smoothing” can (and must) occur in Policy-Based Network Management.

 

I know that’s not great IETF-speak (and I don’t mean that pejoratively), but I hope it makes sense. Moving forward on intent-based policy management will require some new thinking … and such new thinking is evident here and in the SUPA work underway … very encouraging … and I don’t want to retard the progress that IBNEMO and SUPA are making in that respect … but I do encourage everyone to question any blocking assumptions from old models (while leveraging what still works from those models, of course!).

 

Avanti,

BobN

 

From: Ibnemo [mailto:ibnemo-bounces@ietf.org] On Behalf Of Xiayinben
Sent: Wednesday, June 03, 2015 11:54 AM
To: Natale, Bob; Zhoutianran; Susan Hares; zhangyali (D); 'PEDRO ANDRES ARANDA GUTIERREZ'; nfvrg@irtf.org
Cc: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
Subject: [Ibnemo] 答复: Defining a Common Model for intent

 

Hi Bob,

 

In my understanding,  “policy continuum” is based on layer structure. 

A characteristic of layer structure is mutually exclusive between layers. 

But the intent of different roles are not mutually exclusive.

Do you think this is make sense?

 

Yinben 

 

发件人: Nfvrg [mailto:nfvrg-bounces@irtf.org] 代表 Natale, Bob
发送时间: 2015年6月3日 22:45
收件人: Zhoutianran; Susan Hares; zhangyali (D); 'PEDRO ANDRES ARANDA GUTIERREZ'; nfvrg@irtf.org
抄送: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
主题: Re: [Nfvrg] [Ibnemo] Defining a Common Model for intent

 

Hi Terence,

 

As Bert has noted on a related thread today, it is sensible to focus on intent expression at the “top” layer first.

 

However, work on that should be cognizant of two things:

- Who/what are the intended consumers of such expressions?

- What is the “distance” from the top level intent expressions to executable actions that affect network behavior?

 

Those two things are interrelated and captured in the policy continuum concept and construct … you can conceptualize them differently, resulting in different constructs, and that is fine … but you cannot escape them. Any attempt to escape them will result, at best, in a beautiful language that will never be spoken in an operational context.

 

Avanti,

BobN

 

From: Ibnemo [mailto:ibnemo-bounces@ietf.org] On Behalf Of Zhoutianran
Sent: Wednesday, June 03, 2015 5:19 AM
To: Natale, Bob; Susan Hares; zhangyali (D); 'PEDRO ANDRES ARANDA GUTIERREZ'; nfvrg@irtf.org
Cc: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
Subject: Re: [Ibnemo] Defining a Common Model for intent

 

 

Hi Bob,

 

I agree with you that the intent expression is the first important step. And that’s what we are going to do.

I think in this discussion group we will focus on the top layer intent. As I posted in the email on the “role based intent”, there will be only one intent layer and I do not think the “policy continuum” works or necessarily applied here. In contrast I would like a flat intent expression with many ways for both pure intent and the constrained intent. 

 

Regards,

Terence

 

From: Ibnemo [mailto:ibnemo-bounces@ietf.org] On Behalf Of Natale, Bob
Sent: Wednesday, June 03, 2015 1:15 PM
To: Susan Hares; zhangyali (D); 'PEDRO ANDRES ARANDA GUTIERREZ'; nfvrg@irtf.org
Cc: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
Subject: Re: [Ibnemo] RE: Defining a Common Model for intent

 

Hi Sue,

 

Yes, the Formal Model paper is a very good source, but should be augmented with a few others for a more complete understanding.

 

And it is very important to note that the policy continuum is not _my_ model … it is (to the best of my knowledge) John Strassner’s creation and I generally recommend Chap. 9, Examples of Using the Policy Continuum, in his book on Policy-Based Network Management: Solutions for the Next Generation (2004) as an essential source.

 

[Apologies for possibly rambling a bit in what follows … I am not an active contributor and I hate to take up the time of those who are just because I have a few minutes to post, but since Sue asked….]

 

I would note that the specific layer labels used in the policy continuum literature should not be considered absolute … i.e., other formulations (with more or (ideally) fewer layers) are possible, with different labels, denoting (e.g.) some domain-, marketplace-, or business model-specificity.

 

The key issue is the number and nature of the translations necessary from a statement of intent at the “top” layer to a set of actions at the “bottom” layer that serve to realize the intent. In John’s policy continuum the top layer is the “Business” layer and we might see policy expressions like “Optimize traffic flows for fairness to all active users” or “Optimize traffic flows for priority based on user account type” (e.g., the proverbial Platinum, Gold, Silver, Bronze casting). Those are deliberately stark examples … in reality, the Business layer promulgates enormous numbers of policies often overlapping and “frictional” … but take either stark example and consider how many translations it would take to result in a conforming set of actions in large-scale network of diverse devices, services, protocols, (and a very large)  etc. In current technology (and for the foreseeable future, at my age at least!) at some point such statements of intent from the Business layer have to get translated to E-C-A type rules.

 

I recognize an intent-based policy expression by its distance from a set of expression (usually “rules”) that execute actions that realize the outcome stated in the intent-based expression. In that view, it’s not an absolute (i.e., the diverse views of the Policy Continuum hold) and it’s also possible to envision cases where expressions of intent can be “directly” implemented by a resource or set of resources. SDN is a step in the direction of (1) reducing the number of translations necessary for a large class of intent-based policy expressions and (2) virtualizing the implementation actions from the perspective of the “upper” layers of the policy continuum (or continua).

 

So, SDN and the ecosystem of changes around it represent  a big opportunity to make progress on rationalizing policy management across the layers of the policy continuum. A necessary first step is having useful standards for policy-expressions from the “top” layer – and they typically talk in intent-based policy expressions there.

 

Btw, I presume that IBNemo* contributors are also following John’s work in the SUPA area as well … very important that these efforts are totally complementary and synergistic, IMHO.

 

[* - Is it “IBNemo”, “ibnemo”, “IB-nemo” or something else? … I see it written all of those ways, and possibly more....]

 

Avanti,

BobN

 

From: Susan Hares [mailto:shares@ndzh.com] 
Sent: Tuesday, June 02, 2015 6:26 PM
To: Natale, Bob; 'zhangyali (D)'; 'PEDRO ANDRES ARANDA GUTIERREZ'; nfvrg@irtf.org
Cc: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
Subject: RE: [Ibnemo] RE: Defining a Common Model for intent

 

Bob:

 

Thank you for The Policy Continuum – A Formal Model (Steven Davy , Brendan Jennings and John Strassner). Is this the one you stated we should read?  

 

http://www.tssg.org/files/archives/2007_MACE_SDavy_Jennings_final.pdf

 

Davy, Jenning and Strassner.  In this continuum it suggests there are descending levels at: business, system (device and technology independent), administrator (device independent, technology dependent), device (device and technology specific), and instance (specific MIB, PIB, and CLI).  The system level is what Yali and Yinben have talked about when they speak about a connection from London to Beijing.  The administrator is a level of an L3VPN network with many devices.   I have suggested a few more layers that related in a gap analysis for I2NSF.  These layer match what the IETF is doing in the yang modules. 

 

+--------------------------------------------+

|Application Network Wide: Intent            |

+--------------------------------------------+

|Network-wide level: L3SM L3VPN service model|

+--------------------------------------------+

|Device level: Protocol Independent: I2RS    |

| RIB, Topology, Filter-Based RIB            |

+--------------------------------------------+

|Device Level: Protocol Yang modules         |

| (ISIS, OSPF, BGP, EVPN, L2VPN, L3VPN, etc.)|    

+--------------------------------------------+

| Device level: IP and System: NETMOD Models | 

| (config and oper-state), tunnels           |

+--------------------------------------------+  

 

Did I understand your policy continuum?    

 

The policy continuum paper states three axioms: 

“1) A policy may exist at any level of the continuum without the requirement of being associated to policies at other continuum levels. 

2) A policy may reference a set of lower level policies.  

3) A policy may be associated to more than one higher level policy”

 

Can you explain your comment: 

 

“the “need” for multiple intermediate E-C-A translations at multiple layers of the policy continuum has heretofore been a major impediment to progress on policy-based management, IMHO.” 

 

Does this come out of the formal language in the paper? 

 

Sue 

 

From: Natale, Bob [mailto:RNATALE@mitre.org] 
Sent: Tuesday, June 02, 2015 1:25 AM
To: zhangyali (D); PEDRO ANDRES ARANDA GUTIERREZ; Susan Hares; nfvrg@irtf.org
Cc: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
Subject: RE: [Ibnemo] RE: Defining a Common Model for intent

 

With all due respect:

 

1. I would recommend that anyone working on this topic, if he/she has not done so already, understand the “policy continuum” construct … a web search for ‘"policy continuum" Strassner’ will identify a good set of sources to start from for the network management domain.

 

2. Intents are statements of objectives or goals … they tend  to originate at the “higher” levels of the policy continuum … at some point (at “lower” layers of the policy continuum) they are translated to E-C-A type rules (more deterministic than intents)  for execution … much normally happens in between.

 

3. Designing solutions that minimize the number of translations between the statement of intent and the execution rules is essential .. and _possibly_ enabled by contemporary technologies via which “higher” layer intents can be translated to “lower” layer intents before hitting the ultimate E-C-A execution layer. This is a highly speculative statement on my part. But the “need” for multiple intermediate E-C-A translations at multiple layers of the policy continuum has heretofore been a major impediment to progress on policy-based management, IMHO.

 

The “with all due respect” aspect refers to the fact that the work that the active contributors to this thread are doing is very positive even if none of my comments are acted upon.

 

Avanti,

BobN

 

From: Ibnemo [mailto:ibnemo-bounces@ietf.org] On Behalf Of zhangyali (D)
Sent: Monday, June 01, 2015 11:52 PM
To: PEDRO ANDRES ARANDA GUTIERREZ; Susan Hares; nfvrg@irtf.org
Cc: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
Subject: [Ibnemo] 答复: Defining a Common Model for intent

 

Hi Pedro,

 

Thanks for reviewing the draft and giving modification.

 

The question you have mentioned is a very important point for the abstraction of intent model. Maybe we can propose the transport market as a analogy.

1.       A customer wants to transport his goods from A to B. So his intent is getting his goods from A to B without carrying about how to do it. Then his intent is transferred to the transportation system. 

2.       This system analyzes customer’s requirement, and choose a suitable way to complete the requirement. For example, the system choose truck as the means. So the intent of transportation system is transferring the goods with truck.

3.       The driver of this truck analyze the path from A to B, and choose a most appropriate path to complete this order which will save more time. So  the intent of driver may be transferring the goods with the least time. Then the driver will start the engine, step on the gas, etc.

 

>From this analogy, the ultimate effect is the same, namely, transfer the goods from A to B. But the specific intent of different roles has some differences which depends on user’ role, knowledge, responsibility, etc. For example, transportation system is responsible for transporting goods, and he know the various ways. So he can form his intent by rendering the upper customer’s intent.

 

Supposing we divide users into different layers according to the implementation series, users in upper layer expresses his intent as what he want without having the knowledge about how to do it. Then the how procedure will be transferred to what in the lower layer according to knowledge and context. These transfer procedure lead to the completion of requirement. Same with the example in draft. Although the ultimate effect is same, the focus is different which will bring out the differentiation of intent.

 

This is just my immature opinion about intent. Do you think the differentiation of intent to complete the same thing is important and reasonable?

 

Best Regards,

 

Yali

 

发件人: PEDRO ANDRES ARANDA GUTIERREZ [mailto:pedroa.aranda@telefonica.com] 
发送时间: 2015年6月1日 17:15
收件人: Susan Hares; nfvrg@irtf.org
抄送: draft-xia-ibnemo-icim@tools.ietf.org; ibnemo@ietf.org
主题: Re: [Ibnemo] Defining a Common Model for intent

 

Hi,

 

A small clarification proposal for draft  <https://datatracker.ietf.org/doc/draft-xia-ibnemo-icim/> https://datatracker.ietf.org/doc/draft-xia-ibnemo-icim/ .

 

In section 2.4, I would leave the following as a paragraph

For example, in the network area the intent of end-users could be
safe connectivity between two sites which a technology independent
and device independent requirement. For business-based network
designers, the network connectivity can be selected which is device-
independent but technology specific. An example of the business-based
technology is the L3VPN. 
And change:
For network administrators, intent can be
specific operations on a set of devices such as configuring IP
addresses on network servers in a data center.

To

 

For network administrators, intent can be <new>defining a network topology like a router connected to a firewall, connected to a load balancer and this to two L2 networks where WWW servers sit or specifying the</new> operations on a set of devices such as configuring IP addresses on network servers in a data center.
 
Rationale behind this is again, that intent should be anything that is invariant and that expresses what a network operator/administrator may need to do, as opposed to how he would do that, i.e. The router is a HW device from vendor X or a virtual machine running a specific routing daemon over a given data-path implementation.
Best, /PA

---

Dr. Pedro A. Aranda Gutiérrez

 

Technology Exploration -

Network Innovation & Virtualisation

email: pedroa d0t aranda At telefonica d0t com

Telefónica, Investigación y Desarrollo

C/ D. Ramón de la Cruz,84

28006 Madrid, Spain

 

Fragen sind nicht da, um beantwortet zu werden.

Fragen sind da, um gestellt zu werden.

Georg Kreisler

 


  _____  



Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição

 

 

 

---

Dr. Pedro A. Aranda Gutiérrez

 

Technology Exploration -

Network Innovation & Virtualisation

email: pedroa d0t aranda At telefonica d0t com

Telefónica, Investigación y Desarrollo

C/ D. Ramón de la Cruz,84

28006 Madrid, Spain

 

Fragen sind nicht da, um beantwortet zu werden.

Fragen sind da, um gestellt zu werden.

Georg Kreisler

 

  _____  


Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição