IETF Logo Mail Archive

Re: [netconf] RESTCONF support in private candidates draft

Andy Bierman <andy@yumaworks.com> Thu, 08 February 2024 22:02 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEDAFC14F70A for <netconf@ietfa.amsl.com>; Thu, 8 Feb 2024 14:02:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yumaworks.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mf9wwAfme8iz for <netconf@ietfa.amsl.com>; Thu, 8 Feb 2024 14:02:02 -0800 (PST)
Received: from mail-pf1-x429.google.com (mail-pf1-x429.google.com [IPv6:2607:f8b0:4864:20::429]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C6312C14F5F9 for <netconf@ietf.org>; Thu, 8 Feb 2024 14:02:02 -0800 (PST)
Received: by mail-pf1-x429.google.com with SMTP id d2e1a72fcca58-6e065e5f721so234056b3a.3 for <netconf@ietf.org>; Thu, 08 Feb 2024 14:02:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks.com; s=google; t=1707429722; x=1708034522; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=zdxVzPjV+y6Y7vRVGG5L0afugEwV7X9yjem4BTsGPs0=; b=OjhzYFjWNk8m41w0cK3+LljNAqFIFuhkR50aqN0u3OeMST5cxUbLvRopdJJy3xU06d oYQr8eY2xGob8ZXJjGuG6F6cKJu5rnFhhEUELfcEpY9ARgzC5vhqNZaubHLzwQB+aI0Y 9WZRxg+cbOKc7GBkBHAEf+pOvAJzer7YG0kVhlpMnYnySscaJfZ7sZCU2W6hBwnpz9Vw u41AMmGGj5NJQcDqywcM5CHjPNAVpg1JawQuZoJSVGoZi06K5A2HC9nXgH+PnDd1G11+ 0+G/NBl2sXX9WlYibhhTb+ntJnTrDUSrtut/a5AdQ2Ga3gSqVUNLOomWmOeDOA+NYaQr V4aA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707429722; x=1708034522; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=zdxVzPjV+y6Y7vRVGG5L0afugEwV7X9yjem4BTsGPs0=; b=Le+0i4HXbq6m+dUD+/KhQnPl3lVGK72iMi/A71+anKRU4NZ2lnUgP/CcThZcee8YiA 9HqawSJhWmFUK+d2lIIX6QD3528pHvxjpPvwz7L/bcNY4H+lj9SiNPeC2LRYps+puXkF +8Ei3+Oi25sngEWgI5o0bV7eUOkP+NpoF4qU4Vanvvfu3upfjUlIFmkHw3MrbEcHhYaf UX477t13Ws7ur1KrBE6EUS6HPJl5SxxsoLBKGRdqCEqHkK9rAitUTYOCVolZIxaf4AcL LnLiH2Ln+mnUt3iiyg6k8+G0G+taqSIpFAtjq2ryBFepUhKYrcflAvDsg4JHAxNvD8An DVfg==
X-Forwarded-Encrypted: i=1; AJvYcCUtUnAPgrdexgVecDjBOCfUif/i5cxHU/3kZMHbTb8dF96fGuJP9+Y8qq4fh8k7SQA2BZLKUzPNs0kwhf9P6ycb
X-Gm-Message-State: AOJu0YygQTmWGRPEwUsGMZtuB9FX0GftqH2rkObZEtqZb+iLJ9jiNAeu mqSQGuFBk6f3segF/XqY+cWIC06Zs42f3J695qWI9LmcaIFy7CyKDIpgS6ErI5/IomycAAdmZq8 5O6gVVPuzPPS3oc1UHiXJ2vbMrjlY0Afrr5Q6pQ==
X-Google-Smtp-Source: AGHT+IEwOIdoZZlUY0B9Asb2Zb4vHJz5aZ59Uk3b9l9strZJTu13Lx6tzSu65S3v5W/94QVdkmnqtvazObJBDbpei88=
X-Received: by 2002:a05:6a20:da9c:b0:19e:b192:1db2 with SMTP id iy28-20020a056a20da9c00b0019eb1921db2mr996164pzb.30.1707429722153; Thu, 08 Feb 2024 14:02:02 -0800 (PST)
MIME-Version: 1.0
References: <58EBA620-2449-4A0C-8A53-41DB5113D9D5@cisco.com> <CABCOCHTCftFmvK8p1zQBR74Hs5QauakX_LeG8CASxdzxqt+Q0g@mail.gmail.com> <0100018d8aa0bb70-aa305423-1846-4f81-915f-8815f7b9d169-000000@email.amazonses.com>
In-Reply-To: <0100018d8aa0bb70-aa305423-1846-4f81-915f-8815f7b9d169-000000@email.amazonses.com>
From: Andy Bierman <andy@yumaworks.com>
Date: Thu, 08 Feb 2024 14:01:50 -0800
Message-ID: <CABCOCHQy2fVsXu6S9_jxAQj8ZPhDv1nnZjSpOFv98FNnd8TAOQ@mail.gmail.com>
To: Kent Watsen <kent+ietf@watsen.net>
Cc: "Robert Wills (rowills)" <rowills=40cisco.com@dmarc.ietf.org>, "netconf@ietf.org" <netconf@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000011752e0610e5f6e0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/ecMXjxVuJitdwrzLq760p6E7k-c>
Subject: Re: [netconf] RESTCONF support in private candidates draft
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Feb 2024 22:02:06 -0000

On Thu, Feb 8, 2024 at 1:30 PM Kent Watsen <kent+ietf@watsen.net> wrote:

> Robert, Andy, et. al.,
>
>
> On Feb 6, 2024, at 12:35 PM, Andy Bierman <andy@yumaworks.com> wrote:
>
>
>
> On Mon, Feb 5, 2024 at 4:32 AM Robert Wills (rowills) <rowills=
> 40cisco.com@dmarc.ietf.org> wrote:
>
>> Hi Netconf Working Group,
>>
>>
>>
>> After James and I presented an update on draft-ietf-netconf-privcand-01
>> at IETF 118, Kent asked about RESTCONF support in the draft, and
>> specifically about the lifecycle of a private candidate when using
>> RESTCONF. This email is to follow up on that question, and to ask the
>> Working Group whether RESTCONF support should be kept in this draft.
>>
>> Currently, the draft states that
>>
>> "When a private candidate is used by RESTCONF, it exists only for the
>> duration of the RESTCONF request." (draft-ietf-netconf-privcand-01 Section
>> 2.3).
>>
>> Later, the draft expands on this by stating that changes made to a
>> private candidate will be committed as part of the same request:
>>
>> "When the server advertises the :private-candidate capability and the
>> client does not explicitly reference a datastore in their request, all
>> edits are made to a new private candidate, and the private candidate is
>> committed. This is analagous to the behavior of RESTCONF when the
>> :candidate capability is specified by the server.
>>
>> "When the private-candidate datastore is explicitly referenced, edits are
>> made to a new private candidate and the private candidate is committed."
>>
>> (draft-ietf-netconf-privcand-01 Section 4.4.3)
>>
> It would be better for this draft to define nothing than to define it this
> way.
> But all is not lost.  This is an opportunity to fix it.
>
> This wording is intended to preserve the high-level goal of private
>> candidates, namely allowing multiple clients to make independent
>> configuration changes, and to behave similarly to RESTCONF's current
>> behavior for the (shared) candidate. (RESTCONF RFC 8040 Section 1.4: "The
>> candidate MUST be automatically committed to running immediately after each
>> successful edit").
>>
> RFC 8040 should’ve just said to use the operations supported by the
> various NETCONF’s capabilities under the {+restconf}/operations resource.
>
>
I disagree.
RESTCONF does not have sessions.
NETCONF :candidate is session-specific.
No changes to the existing URI s (e.g. /restconf/data) should be made.



> As far as I'm aware, RESTCONF doesn't currently have a mechanism for
>> editing a datastore and then committing the changes in a separate request.
>> The authors wanted to avoid having to specify such a mechanism, partly
>> because neither of us are RESTCONF experts, and partly because it could
>> also apply to other datastores (such as the “shared” candidate).
>>
> As a RESTCONF expert, I will help.
>
> RFC 8040 only says what happens when certain datastores are supported.
> It says nothing about what happens when a datastore called
> “private-candidate” is implemented.  Thus this draft gets to define that
> behavior, and it doesn’t have to match RFC 8040’s “support” for :candidate.
>
>
As long as new mechanisms and URIs are used, this should be OK.

IMO RESTCONF does not really need its own way of doing everything, because
the /restconf/operations interface
is very easy to use.

Andy

This draft can state:
>
> - when "“private-candidate” is implemented:
> - edits accumulate in the client-specific candidate datastore
> - the client-specific candidate datastore can be committed
>   using  {+restconf}/operations/ietf-netconf:commit
> - the client-specific candidate datastore can be discarded
>   using {+restconf}/operations/ietf-netconf:discard-changes
>
> - if :validate is also implemented:
> - the client-specific candidate datastore can be validated
>   using {+restconf}/operations/ietf-netconf:validate
>
> - if :confirmed-commit is also implemented:
> - the {+restconf}/operations/ietf-netconf:commit operation
>   can take the “confirmed” attribute
> - the commit can be canceled using
>   {+restconf}/operations/ietf-netconf:cancel-commit
>
> Note:  I am not trying at all to introduce to RESTCONF an equivalency to
> NETCONF’s <target> attribute.  I’m perfectly okay with the following
> auto-selection:
>
> if :running implemented:
> - RC-edits go to <running> and are auto-committed
> - this is from RFC 8040 and is fine (matches :writable-running behavior)
>
> else if :candidate is implemented:
> - RC-edits go to <candidate> and are auto-committed
> - this is from RFC 8040 and is not good (explained above)
> - but let’s hope that :candidate becomes a thing of the
>   past in an NBC-update to RESTCONF
>
> else if :private-candidate is implemented:
> - see behavior described above.
> - but, to work, this draft needs to say that neither
>   :running nor :candidate can be implemented…
> - this would be goodness
>
> If more work is needed on the RESTCONF support for the private candidate
>> datastore, I think it would be better to remove RESTCONF from this draft
>> and address it in a separate draft later, with an author who's a RESTCONF
>> expert.
>>
> A common strategy is to have one “place” where protocol-independent
> behavior is defined, and then a “place” for each protocol, where
> protocol-specific syntax is defined.   The only question is if the *places*
> are sections in a draft, or separate drafts (e.g., in the list-pagination
> work).
>
> IMO, if you want to isolate RESTCONF, then NETCONF should be also be
> isolated (i.e.: there would be 3 drafts).  Good reasons for doing this are
> 1) because each is a heavy topic, perhaps too big for all be in one draft)
> and 2) because independent documents make for better references.
>
> Thoughts and comments are very welcome.
>>
> Thank you for sending out this message.
>
>
> From Andy:
>
> A candidate datastore that can only accept one edit and then automatically
> commit is not useful.
>
>
> I agree that it would not be useful.
> It was also not useful when RFC 8040 defined it.
>
>
> Also from Andy:
>
> I agree RESTCONF should be removed from this draft.
>
>
> This is too important to not support in RESTCONF (and CORECONF, I assume).
>
>
> Kent // contributor
>
>
>
>

v2.23.0 | Report a Bug | By Email