Re: [netmod] A question about YANG identifier design

Jan Lindblad <janl@tail-f.com> Tue, 31 May 2022 08:45 UTC

Return-Path: <janl@tail-f.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A85B2C14F74D; Tue, 31 May 2022 01:45:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.904
X-Spam-Level:
X-Spam-Status: No, score=-1.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xws2V1BJXZw6; Tue, 31 May 2022 01:45:33 -0700 (PDT)
Received: from mail.tail-f.com (mail.tail-f.com [46.21.102.45]) by ietfa.amsl.com (Postfix) with ESMTP id 83950C14F74E; Tue, 31 May 2022 01:45:33 -0700 (PDT)
Received: from smtpclient.apple (213-67-237-150-no99.tbcn.telia.com [213.67.237.150]) by mail.tail-f.com (Postfix) with ESMTPSA id DB2531AE08F1; Tue, 31 May 2022 10:45:30 +0200 (CEST)
From: Jan Lindblad <janl@tail-f.com>
Message-Id: <82F90977-2FF9-442C-9D31-5D87C6A424D3@tail-f.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_87379D40-B80E-4364-AF0C-91064421DCA3"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\))
Date: Tue, 31 May 2022 10:45:30 +0200
In-Reply-To: <f8c16363a212480084767be3dc6a1c59@huawei.com>
Cc: Jürgen Schönwälder <j.schoenwaelder@jacobs-university.de>, "netmod@ietf.org" <netmod@ietf.org>, "netconf@ietf.org" <netconf@ietf.org>, Fatai Zhang <zhangfatai@huawei.com>, Zhenghaomian <zhenghaomian@huawei.com>, liuzhoulong <liuzhoulong@huawei.com>, "Chenchunhui (C)" <chenchunhui@huawei.com>
To: yuchaode <yuchaode@huawei.com>
References: <de9b838f10a448c9991d0a381d426716@huawei.com> <20220524101546.cfzkzi55dsutfyic@anna> <f97fd7815d8147a680798dd5159f0594@huawei.com> <20220525072213.udkoy7lejf2qk2iq@anna> <c85dc299766941f7b3749c1572c6ccb3@huawei.com> <20220525081828.kwpbiw43ck4wizw2@anna> <9af6251a5fbe4c338bace6cccece1cde@huawei.com> <20220525083544.ymzco56byey5zt4w@anna> <86c348fb32b14dda97644c8893057588@huawei.com> <C9B52EA3-7A59-4936-B7C8-8999031A730C@tail-f.com> <f8c16363a212480084767be3dc6a1c59@huawei.com>
X-Mailer: Apple Mail (2.3696.80.82.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/GzRRt-VpGz_VDAis7fEImtr00qA>
Subject: Re: [netmod] A question about YANG identifier design
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 May 2022 08:45:37 -0000

Chaode,

> Thank you, Jan!
>  
> Yes, for whose people who are familiar with REST paradigm, a lot of RESTCONF designs look twisted and not as flexible and straightforward as REST interface. If, as you say, these are some compromises introduced to address some other issues, it is understandable.

Right. From the perspective of a network management purist like myself, there are a lot of plain REST designs that look twisted and not as useful for automation as a straightforward RESTCONF interface :-)

> Returning to our previous discussion, if RESTCONF suggests to use a readable string format, like name, as identifier, it is better to provide a format constraint when designing YANG modules. I found a lot of YANG modules is lack of this job.

Well, I don't see much point at restricting names given to objects by users. They should be free to name them however they like, so that the naming principles they use have meaning in the context where they operate.

> Since name is used as an identifier, it must be globally unique.

No, that is a misconception. In the YANG and RESTCONF world, the names are scoped to the parent object. You add the schema path to construct the globally unique resource identifier.

> This is a difficult job, considering in different scenarios, this name could be specified by RESTCONF client and server at the same time. If the data stored in different systems is inconsistent, it is difficult to ensure that this name identifier is global unique. So usually a lot of system would prefer to use UUID for identifier.

I'm not sure I follow your use case here, but I agree that keeping things fully consistent between client and server is key. Constructing globally unique ids requires some thought. UUIDs are not the only possible answer, or even the best one if humans need to deal with them.

> I think, for this name identifier, systems could use UUID when doing implementation. Because UUID is also a string format. The problem is it is a little bit weird when doing integration. For example, if the name is using UUID format, the readable label must to be set to another attribute, such as alias .etc. It is not perceptible for programing interface between application, but a lot of explanation is needed when the developers begin to interact this interface.

Clients that wish to use UUIDs for naming objects should be free to do so. In some cases that may not be possible, as for example many systems will have restrictions on what names you give to interfaces, etc.

But I think we're missing the point here. YANG is supposed to reduce the gap between what a traditional human operator sees and works with, and make sure the automation interface is using the same object names etc. We have tried separating human interfaces from programmatic interfaces in many management interfaces in the past (SNMP, etc), and the fact that objects were called different things in the different interfaces invariably caused a lot of unnecessary trouble for automation projects.

> I think when design YANG module, it is better to define an id attribute which should use UUID format and define name attribute to specify readable label. The UUID information could be hided, just like you said, when using in GUI.

I disagree. Experience shows this is a problematic approach, and counter to YANG's goals. In some cases it is a good idea to do what you say, and YANG module authors can model things like that if they wish. But to make that a general rule everywhere is not a good idea in my opinon. Not at all.


Robert Varga wrote:

>> The key point there is that URIs imply an extensible structure, which neither strings nor UUIDs convey.
>> 
>> The tie in is into URI namespace -- and how exactly an implementation or deployment does that is up for grabs.
>> 
>> For example you can use URNs, and specifically "urn:uuid:XXXX", et voila, you are using UUIDs, but everybody who sees that identifier knows it is a UUID, not just something that happens to look like an UUID in the sample that you've observed during integration.
>> 
>> Or you can design your own URNs, and say that we have three separate namespaces in urn:com:example:id:{network,node,link} and each of them is used to assign identifiers for networks, nodes, links -- and enforce that at system boundaries.
>> 
>> Suddenly your identifiers are type-safe and errors like https://www.atlassian.com/engineering/april-2022-outage-update are either completely preventable by system input validation or obvious to humans communicating them:
>> 
>> A: Can you deactivate application "urn:com:example:id:site:XYZ", please?
>> B: Right, but that's not an application ID!
> 
> An excellent example! 
> This make me realize that my previous understanding is a little bit shallow. Especially it make me clear how can this URI identifier be human readable and programing safe.
> What a pity is that not all the YANG models define in IETF are using this URI identifier. This leaves them fragmented, independent, unable to play to the strengths of one system. Sometime some ID conversion interfaces would be needed if we want to use these models at the same time. This is ludicrous in the integration progress.
> Anyhow, many thanks to Robert!

Actually, Robert's example of self-typed references is not far from what we have in YANG. Compare these two globally unique object identifiers:
+ "urn:com:example:id:site:XYZ"
+ "/example:sites/site[id='XYZ']"

The latter, of course, gives a hierarchical view of the world that is compatible with how humans think and operate today, and allow operators to use short and comprehensible names like XYZ.


Best Regards,
/jan