Re: [Netconf] issues with processing onboarding information (zerotouch)

Kent Watsen <kwatsen@juniper.net> Tue, 07 August 2018 19:05 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60ABB130EDD for <netconf@ietfa.amsl.com>; Tue, 7 Aug 2018 12:05:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.711
X-Spam-Level:
X-Spam-Status: No, score=-2.711 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0cSlw1dxiUFs for <netconf@ietfa.amsl.com>; Tue, 7 Aug 2018 12:05:53 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58B9A130E0F for <netconf@ietf.org>; Tue, 7 Aug 2018 12:05:53 -0700 (PDT)
Received: from pps.filterd (m0108162.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w77J3LdM021293 for <netconf@ietf.org>; Tue, 7 Aug 2018 12:05:52 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=dolz04XY+6lBJ46MgMqdZHaZX9FmaQWtmSteUu+1wss=; b=aoFN21Nk627R50VK428tSKakpzYCFV2RbQHzxpamNSbPuBa2Qm//Q/38NqXGXBXvEUri bfYJSrMa7PA0AfiXBKZIAKOJjfGFZGH5ZC3G67ADsq6M1YtBfx9Go1lFm2xjYf/Awx44 Ikykn9zKfgbkBP4jozDI1Zn0Rn/Ae6eVnx6xhDNzAsNN7sTqUeI2mgs+dSOn6qEdqBrd 2Z6u8D2d+w7BqFjzyebwUK6AFRLGX1zfg1FRvwK3ciWBKhS18XtZ8oGS7LQGnelX2FbK oBQTL2mH620lKIikCWiOCp213mwW9fRKhnGqTeuCvHvzHwlgEz5Z7uaw13uF09M+zHTk Vw==
Received: from nam05-co1-obe.outbound.protection.outlook.com (mail-co1nam05lp0087.outbound.protection.outlook.com [216.32.181.87]) by mx0b-00273201.pphosted.com with ESMTP id 2kqf62rc32-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <netconf@ietf.org>; Tue, 07 Aug 2018 12:05:52 -0700
Received: from DM6PR05MB4665.namprd05.prod.outlook.com (20.176.109.202) by DM6PR05MB4811.namprd05.prod.outlook.com (20.176.111.220) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1038.10; Tue, 7 Aug 2018 19:05:50 +0000
Received: from DM6PR05MB4665.namprd05.prod.outlook.com ([fe80::e0bc:6a82:571d:258]) by DM6PR05MB4665.namprd05.prod.outlook.com ([fe80::e0bc:6a82:571d:258%2]) with mapi id 15.20.1038.019; Tue, 7 Aug 2018 19:05:50 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [Netconf] issues with processing onboarding information (zerotouch)
Thread-Index: AQHULoGngKlnrNh47kuPE7BK72Z9MQ==
Date: Tue, 7 Aug 2018 19:05:49 +0000
Message-ID: <40EF0531-4112-4121-996F-32A030CC9670@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.12]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM6PR05MB4811; 6:p0Nq2jfmznEyf5d+EYtWJNqODKyRRDG3jXdcBJeewYPp11lQXhF8/UqdAF7e2peNVCxbgZ2dtGq/2dfjNkMYTQ8JnrJQ6Qch8+w71WfLa/siH51iZL7IpwnxnG0KRNbw3cYxLJflYoFj9Dj4Yw/dQZvxBsADp8czBZAxciNZWTma2nIrC1OuzfkuM4De7qxaSItlWVJhvKzv80f+EAnwrj9wdus4OOcqG26UsCkIMsE+oIjSYfmD6hAFwbw24HtBfc/cfLFFSf520bufq2xWAzVuh9Z7bdI99LDjIKH6HzwjnqICNVvj1cz8MYxLsmfaxswGRHvdaV3O26t0Kay9+KS46nLVv1rh4IIz1SwatpVqnVi1uqjzpF5e0/z5jU4WG7joysmHhSYhAmH4nv2QhJEs+/q9mfCEYq5tIFWdakci0xnLh3RKAd137LZC+tomtC+IYypUJlrHe4bLfcAmxw==; 5:H5xSTw0oAI9yhBo+eCJ9VvMWICxQByPQifcJKGLJQ07WEiFaDkSQPcydSogv8vIiCceF68y18TmuWHmBuoYBR4WCIGwCzeawEPr6gXd5p3muoV4JVZHyB3DDbyQpu+S8/KPEWZ5p7NWgb3RVTFLvdHOI7JGpMwTNjIVw8wOsA/E=; 7:CQJ5QGmqY6EKbf+Qc0o9BmGVbQAW+CorXBTf/Y6HJYivyMMzJ+pOGFrdUzJX3omgD9rvt8QHUNVL/FoIHAWoD0DRNDpiJqj0mduBBOq0ao2Hlj/kQ4Klcpdqc5LTTLYpctgtw67xh1mP++qVyvGj3J0El0acrewuw7i4IABQdh+SAWpU5gUPE4nBC7OuQZOAuEMM/tSVhtlMtuPSR573A+oAeeK5N6eCEcdLJANv4+SxkAPN2jQmpZY6k2cDROcs
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: ff4fcd9f-6607-4ec2-cfd0-08d5fc98ca2f
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:DM6PR05MB4811;
x-ms-traffictypediagnostic: DM6PR05MB4811:
x-microsoft-antispam-prvs: <DM6PR05MB48113B6AC5284D8DCD14DBEBA5270@DM6PR05MB4811.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(211171220733660);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231311)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(6072148)(201708071742011)(7699016); SRVR:DM6PR05MB4811; BCL:0; PCL:0; RULEID:; SRVR:DM6PR05MB4811;
x-forefront-prvs: 0757EEBDCA
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(376002)(136003)(346002)(396003)(366004)(189003)(199004)(486006)(86362001)(316002)(14454004)(6506007)(102836004)(6436002)(6512007)(6486002)(68736007)(14444005)(2906002)(82746002)(2900100001)(5660300001)(6116002)(66066001)(25786009)(3846002)(305945005)(478600001)(26005)(186003)(8936002)(2616005)(476003)(413944005)(6916009)(99286004)(5640700003)(229853002)(105586002)(8676002)(7736002)(81166006)(53936002)(256004)(5250100002)(58126008)(97736004)(2351001)(1730700003)(33656002)(83716003)(81156014)(2501003)(106356001)(6246003)(36756003); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR05MB4811; H:DM6PR05MB4665.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 5rv4GyGhMAwfJvw7ZMvp6azEkY2gX5+ue2npJPF3xkGBygCFwQZEIolxvLQTHAEM2SoXxSWVTb1dpYBo0hCwdu1+D8YuMFUHMKnqEboipelZWAv19+sl5AOqNdO6KiFYQdcn0qTD+te4YnSFB1NjnhnLhLcOYMW0UgbwcfseelIiHtuweFcHwPULPKiES7v/r+3AkiL9QSvAanIfei0qLm6s9RAbVMMlloqbDzhdb6pq7AGBCEsDTBdcoYETvARSTWKQvyUa07Fo6bNkvwb05bJAFek/nn06LRtAjDeSQ08WbWh5I48G7NFNiJQdCTGrRC5H0W8R9Ti2aaUFEW3i3YqwUJzVvP5CQ0LEJfRvJ0c=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <5F5012AECA319040ACB89CCE85A64F1A@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: ff4fcd9f-6607-4ec2-cfd0-08d5fc98ca2f
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Aug 2018 19:05:49.9051 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR05MB4811
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-08-07_07:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1808070192
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/SNz_fF9wmJiddzcXmpn4UPcRWhw>
Subject: Re: [Netconf] issues with processing onboarding information (zerotouch)
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Aug 2018 19:05:56 -0000

Dear WG,

Following up on this thread, I'm beginning to make the changes,
but there are a couple items where input would be helpful:

1) regarding this:

   > b) Clarify that the scripts MUST also be idempotent, in case
   >    the bootstrapping process falls into a loop.  Alternatively,
   >    we could introduce a requirement on the scripts to supply
   >    some sort of clean-up command; then the only state retained
   >    would ever be the currently running boot-image, which is 
   >    fine.  Thoughts?

What's being discussed here is the case where the script succeeds, 
but a subsequent step (e.g., commit) fails.  In this case, do we
say:

 a) scripts MUST be idempotent.  This sounds good, but I wonder
    how possible this is.

 b) scripts MUST supply a clean-up command that removes all state
    created by a successful execution of the script.  This seems
    easier to code.

Note: if no objections, I'll go with (b).



2) regarding this:


   > Should we add more zerotouch "progress-type" enums, and maybe
   > make more of them mandatory?
   >
   > Details: module ietf-zerotouch-bootstrap-server contains the 
   > RPC report-progress, which has input leaf "progress-type",
   > which is an enumeration.  Currently, the enums follow
   > this pattern:
   >
   > - bootstrap-initiated
   > - bootstrap-complete
   > - <step>-warning
   > - <step>-error
   > - informational
   >
   > where <step> has values: parsing, boot-image, pre-script,
   > config, and post-script.
   > 
   > a) Should we add additional well-typed values for visibility
   >    reasons (i.e. more debug information sent to the bootstrap
   >    server)?  Specifically, these two:
   >
   >     - <step>-initiated
   >     - <step>-success
   > 
   > b) assuming (a), should we make more of the reporting of
   >  progress mandatory?  Currently only "bootstrap-complete"
   >  is mandatory, with everything else being a SHOULD.

That kind of says it all, any thoughts on (a) and (b)?

Note: if no objections, I'll go with (a) only and, for (b), just
make "bootstrap-initiated" mandatory.



Thanks,
Kent // author