Re: [netmod] backward compatibility requirements in draft-verdt-netmod-yang-versioning-reqs-00

Andy Bierman <andy@yumaworks.com> Mon, 23 July 2018 18:46 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C882D130E0D for <netmod@ietfa.amsl.com>; Mon, 23 Jul 2018 11:46:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yumaworks-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TCo7uzsOcVLE for <netmod@ietfa.amsl.com>; Mon, 23 Jul 2018 11:46:35 -0700 (PDT)
Received: from mail-lf1-x143.google.com (mail-lf1-x143.google.com [IPv6:2a00:1450:4864:20::143]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 66A1C130DD9 for <netmod@ietf.org>; Mon, 23 Jul 2018 11:46:34 -0700 (PDT)
Received: by mail-lf1-x143.google.com with SMTP id g6-v6so1196393lfb.11 for <netmod@ietf.org>; Mon, 23 Jul 2018 11:46:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=7B+QmjLHzxtfZcBRF0P4pGPOaRlfspP9wkKW7shxahA=; b=f8T92TLBkW004mZXud8tU9sdVi+hHlFrA3Jvc3LL4YVnLXGCO+G2W/+3r4PulCgO7F nHRyT4/9v9Jllg5NdK1bKe4Mfu4k09W/Z4Dmem86mB3W28GkiiaB2bgwsu/UdJ0li7bw zP7xtxZDCyJsBoKmlTkoionBYfoI1fuDtdfdzjiPCyJ/3AntgB22wIPuosBmMjeRJjgs R23H+um2UXSkFU30yrKRgLQiG+IZlLXwCxIcRd0E5mpkvp2lbZWiKx7X8bwpT+iDJF2H eb/T8igAAENnDTdw6ndg+lkRaMlCNMnv6UFXvRw4dRk/9GzgJ+K1kUKlqFMbVxFY8GbH 6+wg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=7B+QmjLHzxtfZcBRF0P4pGPOaRlfspP9wkKW7shxahA=; b=NiEP1GS2/ZdAvyJpwovhIUqxcy7A0MmCnXsJK7yP2zJGgWyGunerXfEVqJuiaVnsW+ n/rCjD5IorrWf5auCx4JfPOQS29X9495YV9zBRBVIs3faAVlrLOFymq+lrC38KazWz3I UBB3KRBBOJCPlU3K1tyNkZfcVyaNAkzQMwlZJWfkMzrchbaLQbz/fUlb2JVJE1wRvZtr 6AUCi6VprnvuLyEUyrgG+eYIJuT38ZUDHUM/Vp8devk+ltZ6sjtBSIUrgvHrGCG8N2CE OTegOYBvPF3sPQr5ikcJkiqnJR/NxHTIAx/l58PzR1DS2dtre6iNWG4qw9uEwdIqFFZ0 iv9A==
X-Gm-Message-State: AOUpUlEWifKTdneTVlqchqj7CeOMRG94Cr6D4XRwoJ1sXtciKIBtUswD qaxuQmytKFxxSQAzzk9OeXjFM6887W2uBZ17Q5cd5g==
X-Google-Smtp-Source: AAOMgpdXLzW9BRLNvc4i0W/j/LI3cyoQCb6U7k5jm6jPrLMBs1PAeWdvf5+8C1JXVmtD7b8xlWAvgIMgf/pDAGuPJ/s=
X-Received: by 2002:a19:1460:: with SMTP id k93-v6mr7835573lfi.15.1532371592618; Mon, 23 Jul 2018 11:46:32 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a19:aa46:0:0:0:0:0 with HTTP; Mon, 23 Jul 2018 11:46:31 -0700 (PDT)
In-Reply-To: <44703b8f-ec6b-4853-1ccf-46e1b1f5482c@cisco.com>
References: <CABCOCHQ47ztJTPaZMZK7FWHsRPk1jN6SuuAWtg08rmtVgUPEWw@mail.gmail.com> <87va981svk.fsf@chopps.org> <a4ea8559-1f1f-8e7f-3dc5-29cb45fd4c7b@cisco.com> <CABCOCHT-NukBjvr6O02Meuz7fzD=8g5HvWNwkkEazQiLAsGM7A@mail.gmail.com> <fd9ff226-b0a1-53f4-1b98-b4f6ecf3ce01@cisco.com> <CABCOCHS55qPk0X_wihLhS6QxPABQ8aH1CvXiLUYW9QcSDL4A_A@mail.gmail.com> <44703b8f-ec6b-4853-1ccf-46e1b1f5482c@cisco.com>
From: Andy Bierman <andy@yumaworks.com>
Date: Mon, 23 Jul 2018 11:46:31 -0700
Message-ID: <CABCOCHQi5rv8cgQJipBxOg_0nDm5TuxJmpD==0bQFQFd8tB4rg@mail.gmail.com>
To: Robert Wilton <rwilton@cisco.com>
Cc: Christian Hopps <chopps@chopps.org>, NetMod WG <netmod@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000713a7e0571af10e3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/XEBOjpsp3QQSaUT9fgc4aUw4zyY>
Subject: Re: [netmod] backward compatibility requirements in draft-verdt-netmod-yang-versioning-reqs-00
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jul 2018 18:46:38 -0000

On Mon, Jul 23, 2018 at 7:32 AM, Robert Wilton <rwilton@cisco.com>; wrote:

>
>
> On 23/07/2018 15:08, Andy Bierman wrote:
>
>
>
> On Mon, Jul 23, 2018 at 6:24 AM, Robert Wilton <rwilton@cisco.com>; wrote:
>
>>
>>
>> On 23/07/2018 12:54, Andy Bierman wrote:
>>
>>
>>
>> On Mon, Jul 23, 2018 at 2:50 AM, Robert Wilton <rwilton@cisco.com>; wrote:
>>
>>> Hi Chris, Andy,
>>>
>>>
>>> On 21/07/2018 17:00, Christian Hopps wrote:
>>>
>>>> As I pointed out at the mic @102 this requirement derives directly from
>>>> the 1.x requirement of not changing the name of the module/namespace. If
>>>> you allow for changing the namespace/module name for "major" (i.e.,
>>>> incompatible) changes (i.e., like today) then this 3.1 requirement goes
>>>> away.
>>>>
>>> Not sure that I agree.
>>>
>>> I think that you have made an assumption here that the server will
>>> continue to support both old and new major revision (with different name)
>>> of the module at the same time.  However, these is nothing in the existing
>>> YANG upgrade rules that requires that.
>>>
>>> Ultimately, there is a choice whether supporting older module versions
>>> is the servers problem or the clients problem, or perhaps a combination of
>>> the two.
>>>
>>> The aim of requirement 3.1 is to ensure that there is a standard
>>> mechanism available so that server implementations that want the
>>> flexibility of supporting older client versions have a standard way of
>>> doing so.  My intention is that this part of the solution would be optional
>>> to implement and hence decided by the market, which is why the text in the
>>> requirement is "to allow servers" rather than "to require servers".
>>>
>>>
>>
>> API versioning is usually done on the message exchanges.
>> Trying to do the same for datastore contents is not going to work.
>>
>> A YANG schema can be considered an API.  Particularly looking at say the
>> OpenConfig YANG schema.  I doubt all implementations will store all their
>> configuration and operational state in a central place.
>>
>> You can write the word MUST in all caps as many times as you want,
>> but that will not change anything.
>>
>>
>> I disagree.  Marking a requirement as a MUST means that requirement has
>> to be met for a solution to be considered viable.
>>
>> I previously had some text in the draft explaining how RFC 2119 text
>> translates to evaluating the requirements, but was asked to take it out
>> because it is obvious.  Perhaps it should go back in ...
>>
>>
> So you can answer the question how YANG validation works when multiple
> revisions of a
> module are implemented?
>
>
> Ok, so the scheme that I was considering is:
>  - The device implements only one version of the schema (i.e. probably all
> of the latest modules revisions/versions).
>
> However, the protocols are extended to allow clients to select to use an
> older version set of the modules for that session.  YANG library for that
> session would report the chosen set of modules as "implemented" by the
> server for that session.
>
> The server chooses how many different sets of modules are supported, and
> exactly what module revisions, features are included in each of those
> module sets.  Normally I would expect exact module sets to align with a
> previous software release.  The different module-sets can be exposed via
> YANG library bis.  New RPCs or protocol extensions are required to choose
> which version is being used for the session.
>
> The server then has code to map from the older module set paths to the
> latest version that is "implemented" by the device.  The vast majority of
> the mappings would be trivial mappings of the same value on the same path.
>
> This mapping is exactly the same as would have to be done on a client if
> it has to support servers running different revisions.
>
> Not all changes can be mapped, some would have to just fail (perhaps could
> be covered by deviations).
>
>   I do not doubt that you can find a leaf somewhere that can
> be changed.  Not at all convinced the validation rules can be rewritten to
> account
> for actual incompatible changes, like changing the type of data node or
> replacing nodes
> with completely different configuration.
>
> The mapping above will not be perfect in all cases, particularly if keys
> are changes, or support for software is removed, etc.  But they might still
> help.
>
>   Even less convinced that this complexity is
> worth the cost.
>
>
> Well the complexity ends up going in the client or the server.  I think
> that this is generally a complex problem to solve.  Operators will likely
> argue that it is better that the complexity goes in the server to keep the
> client simple.  Server vendors will likely argue for the reverse.
>
> Note, that I'm still somewhat open to what the right solution should be
> here.
>

Sounds very complicated to implement in the server, but at least you avoid
multiple variants of a datastore.
Instead the server is providing various transformations between data models.

This will make the standards much more complicated and heavyweight to
implement.
If it was so easy and so important, vendors would already support it in
their proprietary APIs.
Instead vendors decide when to end-of-life products and features.



> Thanks,
> Rob
>

Andy


>
>
>
>
> Thanks,
>> Rob
>>
>>
> Andy
>
>
>>
>>
>>> Thanks,
>>> Rob
>>>
>>
>> Andy
>>
>>
>>>
>>>
>>>
>>>> I think the plan is to reword some of these to get closer to the
>>>> intention which I believe is to allow for smoother transition from one
>>>> module to the next while making incompatible but mostly non-impacting
>>>> changes.
>>>>
>>>> Thanks,
>>>> Chris.
>>>>
>>>> Andy Bierman <andy@yumaworks.com>; writes:
>>>>
>>>> Hi,
>>>>>
>>>>> I strongly object to requirement 3.1:
>>>>>
>>>>>
>>>>>     3.1  The solution MUST provide a mechanism to allow servers to
>>>>>             support existing clients in a backward compatible way.
>>>>>
>>>>>
>>>>>
>>>>> This is not what servers do today at all.
>>>>> They provide only one version of an implemented module, as specified
>>>>> in RFC
>>>>> 7950.
>>>>>
>>>>> It is a vendor and operator decision when to upgrade a server such that
>>>>> non-backward compatible changes are made. They must decide if/when it
>>>>> is ok
>>>>> based on the client applications in use.
>>>>>
>>>>> This requirement says you cannot make backward-incompatible changes
>>>>> which completely contradicts requirements 1.1 and 1.2.
>>>>>
>>>>> IMO requirement 3.1 should be removed, or change MUST to MAY
>>>>>
>>>>>
>>>>> Andy
>>>>> _______________________________________________
>>>>> netmod mailing list
>>>>> netmod@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/netmod
>>>>>
>>>>
>>>> _______________________________________________
>>>> netmod mailing list
>>>> netmod@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/netmod
>>>> .
>>>>
>>>>
>>>
>>
>>
>
>