IETF Logo Mail Archive

Re: [netmod] backward compatibility requirements in draft-verdt-netmod-yang-versioning-reqs-00

Kent Watsen <kwatsen@juniper.net> Tue, 24 July 2018 00:25 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76582130E3C for <netmod@ietfa.amsl.com>; Mon, 23 Jul 2018 17:25:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.71
X-Spam-Level:
X-Spam-Status: No, score=-0.71 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DV9xa-tcv383 for <netmod@ietfa.amsl.com>; Mon, 23 Jul 2018 17:25:44 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE7B412F18C for <netmod@ietf.org>; Mon, 23 Jul 2018 17:25:44 -0700 (PDT)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w6O0O691023207; Mon, 23 Jul 2018 17:25:42 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=pYCHNdOD7cP0YsyVL1WGg/PyMUMESubCsrPdupEQ2tU=; b=1/n/nvx/DMKFhOprkDMuilB+XkTXuplhRDAXMrPVVoxAeE/ZH1na5SNmPZORQ7jzwmWE g0A5pZU76J4FRZ8gBjcThe32aRqasDmOlTmSjUFrMuJI4QNlW6ekB6f0U4k4E4Qj1ifM 9QBcdqS6z3QzZ1fczY9SktT1Rwfyg+TGEfcrtXukPwDQPBX2kHbGLnvf8gBV3colSLbz u7c3l62w4vZyQlP9nGSYuA8KPcYixwzJtco/iwkbyQy+77sohlGxttKHdWU+8WBR+VsY U+LxesQqP3FrlUsysgBP4CEtgONF9jvG6kKFXRu2Nj3pf1lr/lt0/BkcnPkPwNJe//wd 7Q==
Received: from nam02-bl2-obe.outbound.protection.outlook.com (mail-bl2nam02lp0088.outbound.protection.outlook.com [207.46.163.88]) by mx0a-00273201.pphosted.com with ESMTP id 2kda571mhy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 23 Jul 2018 17:25:42 -0700
Received: from BYAPR05MB4230.namprd05.prod.outlook.com (52.135.200.153) by BYAPR05MB3975.namprd05.prod.outlook.com (52.135.196.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.995.9; Tue, 24 Jul 2018 00:25:38 +0000
Received: from BYAPR05MB4230.namprd05.prod.outlook.com ([fe80::84c5:999c:9159:d416]) by BYAPR05MB4230.namprd05.prod.outlook.com ([fe80::84c5:999c:9159:d416%2]) with mapi id 15.20.0995.014; Tue, 24 Jul 2018 00:25:38 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: Andy Bierman <andy@yumaworks.com>, Robert Wilton <rwilton@cisco.com>
CC: NetMod WG <netmod@ietf.org>
Thread-Topic: [netmod] backward compatibility requirements in draft-verdt-netmod-yang-versioning-reqs-00
Thread-Index: AQHUIHJ31DW+ryPtaESmByU8ep0YbaSZ1u6AgAK9VgCAACK3gIAAGTmAgAAMCoCAAAbHAIAARweAgAAbsIA=
Date: Tue, 24 Jul 2018 00:25:38 +0000
Message-ID: <23F07D1B-2816-457A-89DD-BD457F77889E@juniper.net>
References: <CABCOCHQ47ztJTPaZMZK7FWHsRPk1jN6SuuAWtg08rmtVgUPEWw@mail.gmail.com> <87va981svk.fsf@chopps.org> <a4ea8559-1f1f-8e7f-3dc5-29cb45fd4c7b@cisco.com> <CABCOCHT-NukBjvr6O02Meuz7fzD=8g5HvWNwkkEazQiLAsGM7A@mail.gmail.com> <fd9ff226-b0a1-53f4-1b98-b4f6ecf3ce01@cisco.com> <CABCOCHS55qPk0X_wihLhS6QxPABQ8aH1CvXiLUYW9QcSDL4A_A@mail.gmail.com> <44703b8f-ec6b-4853-1ccf-46e1b1f5482c@cisco.com> <CABCOCHQi5rv8cgQJipBxOg_0nDm5TuxJmpD==0bQFQFd8tB4rg@mail.gmail.com>
In-Reply-To: <CABCOCHQi5rv8cgQJipBxOg_0nDm5TuxJmpD==0bQFQFd8tB4rg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.12]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BYAPR05MB3975; 6:r/roWcZ5CulRbrRj9kfxQhWIXWgV8Z8myGytwa2s4qbAKx+KvHobBLOaPmC75TbfapefLPMF4wNWuXWYxuBHqeJwFdWz6O27iuqoYM6svs24mmUImKcnSWWMYJEjyaBpyTkDTV/RBnRtLIc00KjSgUKHER0rZmqzFwqu7jOMuWBfJjWUrVFwe3fAYWSU4qAEgfW43ZdIzW7R1Ff9ja8Rndcs5QeObcqHONrUiLD9Q/Fze09+5GfpUuA21PnWp82madMFzdXPklQReXHE3kjypP/llLJWCpweu0GdQQOCTGxiWNVFA2rswcJZqJaBKNUjiobhD4I+LpFRHvC7nrMgyQFjEOVsgDa+B0ojScmPtxowZkRwNn0OnLIuZ5s1dZ8BZUTDouyK0EoLVo8+u3c/Gjc/cgPnSwQFWmVuw8CFNJnMHZ4TZQIyUVAw8Nv6redWPlrIDRnn24waVbYg4HdoQg==; 5:7Ii3oJrNrDXJ6OqNWsoX60bGeG87pqM5iFkF3s2o5GgrL9XZMf1b3aPfIrQmVF6/0MWx20MCArDusqnGFkTJtr7vPzwlW9JWxqmLmNWm6QHU057nm7lmDXv+sfaDfzMCzC3UEGeKgtBEDQF+OkDRte+jcMqBNcib3ezNKNHWjAo=; 7:JQozoMaPZokPjDXwZCde9dqzdlySM9v34AM/OrYtXGFlL0mPanASczk0rtxf8QpoD/RJ4NV8SpujDdYWMPEYTJFebNXDThtG25I4yzOtitNJEH9rGAQgkcJPDPstDcbqu0GVvCQs5Ga/kHRTJMsB6ORHtcvhnC8zL0j8NHHeXy9UPnO4xDKUf6eQ5zdD9v3a+xucDtCt/YsYvIm00utMRc8UdUbnn+lUgEHkxvGJEgpJOq6CiGojPndc3Ix6w/lB
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 771319db-a44d-4ba8-5bcd-08d5f0fbfb60
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600073)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:BYAPR05MB3975;
x-ms-traffictypediagnostic: BYAPR05MB3975:
x-microsoft-antispam-prvs: <BYAPR05MB3975253B23B211AC480B7D2FA5550@BYAPR05MB3975.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(158342451672863)(278428928389397)(95692535739014)(21748063052155)(10436049006162);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231311)(944501410)(52105095)(3002001)(93006095)(93001095)(10201501046)(6055026)(149027)(150027)(6041310)(20161123564045)(20161123562045)(20161123558120)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011)(7699016); SRVR:BYAPR05MB3975; BCL:0; PCL:0; RULEID:; SRVR:BYAPR05MB3975;
x-forefront-prvs: 0743E8D0A6
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(346002)(136003)(396003)(366004)(39860400002)(51444003)(189003)(199004)(6512007)(99286004)(54896002)(5250100002)(6486002)(68736007)(7736002)(6246003)(236005)(6306002)(2906002)(2900100001)(476003)(26005)(606006)(53936002)(102836004)(82746002)(2616005)(53546011)(25786009)(6436002)(3846002)(6116002)(229853002)(316002)(4326008)(110136005)(5660300001)(11346002)(186003)(76176011)(97736004)(14454004)(106356001)(93886005)(8676002)(105586002)(66066001)(446003)(966005)(86362001)(8936002)(81166006)(256004)(36756003)(33656002)(6506007)(486006)(83716003)(478600001)(58126008)(14444005)(81156014); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR05MB3975; H:BYAPR05MB4230.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 4N0n4QW0ZfWRcx/WKtdGfVsdQxhHCYtevFf1RH80TAQ8ShpQYvnk7zOAZTfbKyN3om9FbNZIPu4LI4uZVNPYzlQ1leTgKNehVp/rj1hIKoCXMNmdVYb6nOzc1bG7jwh0LEHp6cwk9GpAZuFthNGIwbXBo7zMUP3EIdI5l7fCJpwoYDnYoPAHmtGwUl8uAW80YEnMSNandUxnjaVgy8CAwetHRZRAQwJmbh6anF0BkeGh0f8ibUZ/9avRT6tGMUmoDT0MeQcD+tGDYAnT/feVJ3JKbDFilCCVPXRyWln9zyHJjSbNGQ2+ph6ph8s3VxvfbfSt+G7GjuTAyJhnXlQjXjrW61GEkvNZe54XdbRFFOM=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_23F07D1B2816457A89DDBD457F77889Ejunipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 771319db-a44d-4ba8-5bcd-08d5f0fbfb60
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jul 2018 00:25:38.6396 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB3975
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-07-23_07:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1806210000 definitions=main-1807240003
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/Aj1AB_odYXm5-o4VJmv14gnDvZE>
Subject: Re: [netmod] backward compatibility requirements in draft-verdt-netmod-yang-versioning-reqs-00
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jul 2018 00:25:49 -0000

Before RESTCONF, I implemented a versioned REST API that maintained constant object URIs, while allowing the objects themselves to be versioned, by using the Content-Type and Accept headers (yes, we created a media type for every "object" in the system).  The server always natively understood the "latest", while being able to translate to/from the last few versions of the product.  It was effort to update the translators each release but, thankfully, there were only a few of them each time, and the unit-tests from the previous releases could be used to test correctness of the translators.

What's being discussed now sounds similar, with similar associated costs.  Whether or not we use a new module-name per "major" version (essentially what we have today, but further refined by Chris's idea) won't affect this cost much.  The primary advantage to using the same module name across major versions is that is gives to client more clue behind what is going on.  Perhaps similar clue can be achieved via an extension statement:

  module foo-3 {
    …
    replaces-module foo-2;
    …
  }


Kent // contributor


On 7/23/18, 2:46 PM, "netmod on behalf of Andy Bierman" <netmod-bounces@ietf.org<mailto:netmod-bounces@ietf.org> on behalf of andy@yumaworks.com<mailto:andy@yumaworks.com>> wrote:



On Mon, Jul 23, 2018 at 7:32 AM, Robert Wilton <rwilton@cisco.com<mailto:rwilton@cisco.com>> wrote:



On 23/07/2018 15:08, Andy Bierman wrote:


On Mon, Jul 23, 2018 at 6:24 AM, Robert Wilton <rwilton@cisco.com<mailto:rwilton@cisco.com>> wrote:



On 23/07/2018 12:54, Andy Bierman wrote:


On Mon, Jul 23, 2018 at 2:50 AM, Robert Wilton <rwilton@cisco.com<mailto:rwilton@cisco.com>> wrote:
Hi Chris, Andy,


On 21/07/2018 17:00, Christian Hopps wrote:
As I pointed out at the mic @102 this requirement derives directly from the 1.x requirement of not changing the name of the module/namespace. If you allow for changing the namespace/module name for "major" (i.e., incompatible) changes (i.e., like today) then this 3.1 requirement goes away.
Not sure that I agree.

I think that you have made an assumption here that the server will continue to support both old and new major revision (with different name) of the module at the same time.  However, these is nothing in the existing YANG upgrade rules that requires that.

Ultimately, there is a choice whether supporting older module versions is the servers problem or the clients problem, or perhaps a combination of the two.

The aim of requirement 3.1 is to ensure that there is a standard mechanism available so that server implementations that want the flexibility of supporting older client versions have a standard way of doing so.  My intention is that this part of the solution would be optional to implement and hence decided by the market, which is why the text in the requirement is "to allow servers" rather than "to require servers".


API versioning is usually done on the message exchanges.
Trying to do the same for datastore contents is not going to work.
A YANG schema can be considered an API.  Particularly looking at say the OpenConfig YANG schema.  I doubt all implementations will store all their configuration and operational state in a central place.


You can write the word MUST in all caps as many times as you want,
but that will not change anything.

I disagree.  Marking a requirement as a MUST means that requirement has to be met for a solution to be considered viable.

I previously had some text in the draft explaining how RFC 2119 text translates to evaluating the requirements, but was asked to take it out because it is obvious.  Perhaps it should go back in ...

So you can answer the question how YANG validation works when multiple revisions of a
module are implemented?

Ok, so the scheme that I was considering is:
 - The device implements only one version of the schema (i.e. probably all of the latest modules revisions/versions).

However, the protocols are extended to allow clients to select to use an older version set of the modules for that session.  YANG library for that session would report the chosen set of modules as "implemented" by the server for that session.

The server chooses how many different sets of modules are supported, and exactly what module revisions, features are included in each of those module sets.  Normally I would expect exact module sets to align with a previous software release.  The different module-sets can be exposed via YANG library bis.  New RPCs or protocol extensions are required to choose which version is being used for the session.

The server then has code to map from the older module set paths to the latest version that is "implemented" by the device.  The vast majority of the mappings would be trivial mappings of the same value on the same path.

This mapping is exactly the same as would have to be done on a client if it has to support servers running different revisions.

Not all changes can be mapped, some would have to just fail (perhaps could be covered by deviations).


  I do not doubt that you can find a leaf somewhere that can
be changed.  Not at all convinced the validation rules can be rewritten to account
for actual incompatible changes, like changing the type of data node or replacing nodes
with completely different configuration.
The mapping above will not be perfect in all cases, particularly if keys are changes, or support for software is removed, etc.  But they might still help.


  Even less convinced that this complexity is
worth the cost.

Well the complexity ends up going in the client or the server.  I think that this is generally a complex problem to solve.  Operators will likely argue that it is better that the complexity goes in the server to keep the client simple.  Server vendors will likely argue for the reverse.

Note, that I'm still somewhat open to what the right solution should be here.

Sounds very complicated to implement in the server, but at least you avoid multiple variants of a datastore.
Instead the server is providing various transformations between data models.

This will make the standards much more complicated and heavyweight to implement.
If it was so easy and so important, vendors would already support it in their proprietary APIs.
Instead vendors decide when to end-of-life products and features.



Thanks,
Rob

Andy






Thanks,
Rob

Andy


Thanks,
Rob

Andy



I think the plan is to reword some of these to get closer to the intention which I believe is to allow for smoother transition from one module to the next while making incompatible but mostly non-impacting changes.

Thanks,
Chris.

Andy Bierman <andy@yumaworks.com<mailto:andy@yumaworks.com>> writes:
Hi,

I strongly object to requirement 3.1:


    3.1  The solution MUST provide a mechanism to allow servers to
            support existing clients in a backward compatible way.



This is not what servers do today at all.
They provide only one version of an implemented module, as specified in RFC
7950.

It is a vendor and operator decision when to upgrade a server such that
non-backward compatible changes are made. They must decide if/when it is ok
based on the client applications in use.

This requirement says you cannot make backward-incompatible changes
which completely contradicts requirements 1.1 and 1.2.

IMO requirement 3.1 should be removed, or change MUST to MAY


Andy
_______________________________________________
netmod mailing list
netmod@ietf.org<mailto:netmod@ietf.org>
https://www.ietf.org/mailman/listinfo/netmod<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_netmod&d=DwMFaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=NLKzB3RRvGkAdBdSqsbPf9vbI3OBcyg6nz2Pb0SjZEc&s=Uhv31M1fvzhyys-4tCgiHGkxvk-w-dKbAaehPUeQ_hY&e=>

_______________________________________________
netmod mailing list
netmod@ietf.org<mailto:netmod@ietf.org>
https://www.ietf.org/mailman/listinfo/netmod<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_netmod&d=DwMFaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=NLKzB3RRvGkAdBdSqsbPf9vbI3OBcyg6nz2Pb0SjZEc&s=Uhv31M1fvzhyys-4tCgiHGkxvk-w-dKbAaehPUeQ_hY&e=>
.

v2.23.0 | Report a Bug | By Email