Re: [netmod] YANG 1.1 issue: enabled leaf design pattern
Andy Bierman <andy@yumaworks.com> Sun, 04 May 2014 17:17 UTC
Return-Path: <andy@yumaworks.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C03371A00D5 for <netmod@ietfa.amsl.com>; Sun, 4 May 2014 10:17:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x7HCG6g5Ricb for <netmod@ietfa.amsl.com>; Sun, 4 May 2014 10:17:00 -0700 (PDT)
Received: from mail-qg0-f49.google.com (mail-qg0-f49.google.com [209.85.192.49]) by ietfa.amsl.com (Postfix) with ESMTP id D9B621A0179 for <netmod@ietf.org>; Sun, 4 May 2014 10:16:59 -0700 (PDT)
Received: by mail-qg0-f49.google.com with SMTP id a108so222379qge.22 for <netmod@ietf.org>; Sun, 04 May 2014 10:16:56 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=AU5P9tN+OARDRIHE2/ySf8EHcqy62p9F4LI5U9UKhfA=; b=iUXuJ5Wp/o0DDwoxG9LEB6LAvoXHJSO1daz9b/5Exv6a6BRQ+frANg+5JDTlwu/38d +QbkT2FgUO4FXGNVNcCpTzy9pAWVIvSs2aCbNrQoeYRrK4G0zSu5jb0CKS4jCJxxz0av GkBO70V6jVn54WF5cqcgfdB6y5GJ6cKzVhuwf4LbpgUlqZ1GKLv407w2PeWMz+nADQ+u ZynMNkL4gpRbQU8SdOIVKilQMDpJ9lSUSChHgHMQZBTP0BnGKVv14uRjOobq8V11uslc GrXYamXcUoe6nBcdePTL/lZA93zpoNW1+FaErOSL2JZG+Ra5SApg4sjbfwCLxTYEFFKu 94tA==
X-Gm-Message-State: ALoCoQnRv5/GyU4XjGtDup57R3yKDUDh0JbFIeyfpJaj3A7B5VmIHRz7zJ0bql++sPYaa1qMcvr5
MIME-Version: 1.0
X-Received: by 10.140.27.212 with SMTP id 78mr35872847qgx.18.1399223816640; Sun, 04 May 2014 10:16:56 -0700 (PDT)
Received: by 10.140.104.14 with HTTP; Sun, 4 May 2014 10:16:56 -0700 (PDT)
In-Reply-To: <1D1A1E83-05E3-4449-B8F7-BEFFC716C45B@nic.cz>
References: <CABCOCHR_Kf2a9mD_rZ-mkw5NGob9Rp_pdSaQ0k40ER2aN56LLA@mail.gmail.com> <F17C1196-D388-4370-B9F1-0B6870A06C9A@nic.cz> <CABCOCHQS8q3FXN7SwWgU9nrxLWA7gdA=Hj+vEnctFi1hv8f5LA@mail.gmail.com> <9429DA92-078C-4F7D-9795-AF7D43B79142@nic.cz> <CABCOCHQR_QvmV7QJbVoG+=F_xroU=XcAn3xDwOjfZ-jcR89WFg@mail.gmail.com> <1D1A1E83-05E3-4449-B8F7-BEFFC716C45B@nic.cz>
Date: Sun, 04 May 2014 10:16:56 -0700
Message-ID: <CABCOCHRve4=mcxoADFzwDiWo-3S35pvFSqjKE65ArPbMcn0LnQ@mail.gmail.com>
From: Andy Bierman <andy@yumaworks.com>
To: Ladislav Lhotka <lhotka@nic.cz>
Content-Type: multipart/alternative; boundary="001a11c14d668d6fa204f8962e8c"
Archived-At: http://mailarchive.ietf.org/arch/msg/netmod/S_fQs0A3WG1yAKVybieWLFJgRpQ
Cc: "netmod@ietf.org" <netmod@ietf.org>
Subject: Re: [netmod] YANG 1.1 issue: enabled leaf design pattern
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 May 2014 17:17:03 -0000
On Sun, May 4, 2014 at 2:45 AM, Ladislav Lhotka <lhotka@nic.cz> wrote: > > On 04 May 2014, at 10:33, Andy Bierman <andy@yumaworks.com> wrote: > > > > > > > > > On Sun, May 4, 2014 at 12:40 AM, Ladislav Lhotka <lhotka@nic.cz> wrote: > > > > On 03 May 2014, at 21:31, Andy Bierman <andy@yumaworks.com> wrote: > > > > > > > > > > > > > > On Sat, May 3, 2014 at 11:50 AM, Ladislav Lhotka <lhotka@nic.cz> > wrote: > > > > > > On 03 May 2014, at 18:42, Andy Bierman <andy@yumaworks.com> wrote: > > > > > > > Hi, > > > > > > > > Problem: > > > > > > > > The use of a leaf in the data model (such as the > /interfaces/interface/enabled > > > > leaf in the ietf-interfaces module) does not account for YANG > validation rules > > > > for many statements that can reference the disabled subtree from > outside > > > > of that subtree: > > > > > > > > - must > > > > - when > > > > - unique > > > > - min-elements > > > > - max-elements > > > > - leafref (valid instances) > > > > - choices (disabled case is still the active case, so no other > can be used) > > > > > > In my view, an "enabled false" leaf *operationally* disables a > particular instance or function. For all other purposes related to > datastore validation, the value of the enabled leaf doesn't matter. In > other words, "enabled false" is not the same as commenting out the > corresponding instance in the configuration. > > > > > > > > > OK -- they may be different, but the enabled leaf is ad-hoc, > > > and YANG designers must know about this leaf. Adding or removing > > > this leaf could break other YANG statements. > > > > > > E,g, > > > > > > > > > leaf active-foo-interface { > > > type if:interface-ref; > > > mandatory true; > > > } > > > > > > > > > By YANG validation rules, the leafref test for interface name > > > will include all disabled interfaces. > > > > Yes. > > > > > > > > Doesn't every object that uses the interface-ref typedef need > > > to have a must-stmt making sure the enabled leaf is set, > > > if they want to activate a service on only enabled interfaces? > > > > > > (Is this the must-stmt to use?) > > > > > > leaf active-foo-interface { > > > type if:interface-ref; > > > must "/if:interfaces/if:interface[if:name=current()]/enabled"; > > > mandatory true; > > > } > > > > > > Don't all must/when/leafref validation statements that want only > > > active interfaces need to be written this way? > > > > I don't think so. An operator may want to pre-configure an interface in > the disabled state, set up all references to it etc., so that everything > will be up and running after setting the single "enabled" leaf to true. > > > > I said "this is what has to be written to identity active interfaces" > > and you respond "maybe they want to select disabled interfaces". > > It's up to the server to interpret the entire configuration, so if a > service is enabled in configuration but it depends on an interface that is > currently disabled, the server might keep that service operationally > disabled as well. > > Section 6 in the routing draft deals with exactly these interactions. > > If this situation has to be avoided for some reason, then yes, a "must" > statement can be used to enforce, e.g., that a leafref only refers to an > enabled interface. I don't see it as a problem though. > > I think it is OK that the "enabled" leafs are ad hoc because their > semantics may be specific, too. > > This is the part I really don't like. These mechanisms should not be ad-hoc and different for every module. There should be a standard way to operationally enable/disable config and a standard way to comment/uncomment config. IMO, we are making a big mistake by not standardizing a solution like the xpath1.0 typedef in ietf-yang-types.yang. If there was a reusable type for this leaf, then tools could use that to identify the design pattern and handle the enable/disable edits within the validation engine and the system instrumentation. Sometimes following the CLI too closely leads to bad API decisions Andy > That said, I am not against introducing the "inactive" attribute but, as I > understand it, its meaning will be different. > > > The complex must/when statements will be required to select > > active interfaces. In my example, the active-foo-interface MUST > > be active. The foo service does not work when it is configured to > > use a disabled interface. I suspect very few services function correctly > > using disabled interfaces. > > My point is that even if a service looks like being enabled in > configuration, it may not be the case because some dependencies are not met > - and this can be anticipated, as in the routing data model. > > Lada > > > > > > > Lada > > > > > > Andy > > > > > > > > > > I agree this notion of "operationally disabled" is not the > > > same as commenting out. I don't think N/Y properly supports > > > either one. > > > > > > > > > > > > Lada > > > > > > Andy > > > > > > > > > > > > > > The behavior for all of these statements needs to be clarified > > > > when disabled nodes are involved. > > > > > > > > The 'enabled' leaf is like SMIv2 RowStatus TC, except that > > > > it is ad-hoc and used randomly. SMIv2 does not have any > > > > validation statements that can be affected by a 'notInService' row, > > > > so RowStatus is not broken in SNMP. > > > > > > > > Solution: > > > > > > > > YANG 1.1 must define a "metadata plane" that applies to > > > > configuration datastores. Global attributes that are specific > > > > to configuration datastores (e.g. with-defaults) will be included > > > > in the standard metadata library. It is expected that protocols > > > > using YANG will define operations for reading and writing > > > > global attributes. > > > > > > > > YANG 1.1 must define an "enabled" global attribute that must > > > > be supported in all YANG 1.1 tools. The YANG validation rules > > > > must be adjusted to properly account for disabled subtrees. > > > > > > > > Side issue: should 'enabled' leafs be removed when converting > > > > a YANG 1.0 module to YANG 1.1? > > > > > > > > > > > > Andy > > > > > > > > _______________________________________________ > > > > netmod mailing list > > > > netmod@ietf.org > > > > https://www.ietf.org/mailman/listinfo/netmod > > > > > > -- > > > Ladislav Lhotka, CZ.NIC Labs > > > PGP Key ID: E74E8C0C > > > > > > > > > > > > > > > > > > > -- > > Ladislav Lhotka, CZ.NIC Labs > > PGP Key ID: E74E8C0C > > > > > > > > > > > > -- > Ladislav Lhotka, CZ.NIC Labs > PGP Key ID: E74E8C0C > > > > >
- [netmod] YANG 1.1 issue: enabled leaf design patt… Andy Bierman
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Ladislav Lhotka
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Andy Bierman
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Ladislav Lhotka
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Andy Bierman
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Ladislav Lhotka
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Andy Bierman
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Andy Bierman
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Ladislav Lhotka
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Martin Bjorklund
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Martin Bjorklund
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Ladislav Lhotka
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Andy Bierman
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Ladislav Lhotka
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Andy Bierman
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Ladislav Lhotka
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Andy Bierman
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Andy Bierman
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Martin Bjorklund
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Ladislav Lhotka
- Re: [netmod] YANG 1.1 issue: enabled leaf design … Andy Bierman