Re: [netmod] Comment on draft-clacla-netmod-yang-model-update-02

Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Wed, 15 November 2017 05:32 UTC

Return-Path: <j.schoenwaelder@jacobs-university.de>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 231CE1286B1 for <netmod@ietfa.amsl.com>; Tue, 14 Nov 2017 21:32:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 28X1HpO3t8Kj for <netmod@ietfa.amsl.com>; Tue, 14 Nov 2017 21:32:17 -0800 (PST)
Received: from atlas5.jacobs-university.de (atlas5.jacobs-university.de [212.201.44.20]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C5451243F6 for <netmod@ietf.org>; Tue, 14 Nov 2017 21:32:17 -0800 (PST)
Received: from localhost (demetrius5.irc-it.jacobs-university.de [10.70.0.222]) by atlas5.jacobs-university.de (Postfix) with ESMTP id F04BD6A0; Wed, 15 Nov 2017 06:32:15 +0100 (CET)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from atlas5.jacobs-university.de ([10.70.0.217]) by localhost (demetrius5.jacobs-university.de [10.70.0.222]) (amavisd-new, port 10032) with ESMTP id EKGqL-oxDp9k; Wed, 15 Nov 2017 06:32:15 +0100 (CET)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hermes.jacobs-university.de", Issuer "Jacobs University CA - G01" (verified OK)) by atlas5.jacobs-university.de (Postfix) with ESMTPS; Wed, 15 Nov 2017 06:32:15 +0100 (CET)
Received: from localhost (demetrius1.jacobs-university.de [212.201.44.46]) by hermes.jacobs-university.de (Postfix) with ESMTP id BE05B2011F; Wed, 15 Nov 2017 06:32:15 +0100 (CET)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius1.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id prR9mQHU2U9J; Wed, 15 Nov 2017 06:32:14 +0100 (CET)
Received: from elstar.local (elstar.jacobs.jacobs-university.de [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id A45E72011E; Wed, 15 Nov 2017 06:32:14 +0100 (CET)
Received: by elstar.local (Postfix, from userid 501) id 545C24158547; Wed, 15 Nov 2017 06:30:46 +0100 (CET)
Date: Wed, 15 Nov 2017 06:30:46 +0100
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Balazs Lengyel <balazs.lengyel@ericsson.com>, "netmod@ietf.org" <netmod@ietf.org>
Message-ID: <20171115053046.nr33ypoibdn4jufv@elstar.local>
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Mail-Followup-To: Balazs Lengyel <balazs.lengyel@ericsson.com>, "netmod@ietf.org" <netmod@ietf.org>
References: <19a4129f-84b4-2d6b-8405-37b85952f53a@ericsson.com> <20171114212210.7b2g3t3nqzrhcgrs@elstar.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20171114212210.7b2g3t3nqzrhcgrs@elstar.local>
User-Agent: NeoMutt/20170714 (1.8.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/Xx55JcVjdkVMYw1pUBkzYskdMUo>
Subject: Re: [netmod] Comment on draft-clacla-netmod-yang-model-update-02
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Nov 2017 05:32:20 -0000

Another thing to consider is that foo and foo2 allows an
implementation to support both during transition, with foo {semver
1.x.y} and foo {semver 2.x.y} this may be harder.

/js

On Tue, Nov 14, 2017 at 10:22:10PM +0100, Juergen Schoenwaelder wrote:
> On Wed, Nov 15, 2017 at 12:51:22AM +0800, Balazs Lengyel wrote:
> >    Whenever a client OSS implements some higher level logic for a network
> >    function, something that can not be implemented in a purely model driven
> >    way, it is always dependent on a specific version of the Yang Module
> >    (YAM). If the client finds that the module has been updated on the network
> >    node, it has to decide if it tries to handle it as it did the previous
> >    version of the model or if it just stops to avoid problems. To make this
> >    decision the client needs to know if the module was updated in a backward
> >    compatible way or not. This is not addressed with the current versioning.
> 
> The current rules aim at guaranteeing that definitions (with status
> current) remain backwards compatible. Do you have an example what the
> current rules fail to achieve this? Definitions with status deprecated
> or obsolete may not be present. But if they are present, they have the
> same semantics. This is the promise made to a client. (Note also that
> objects may be absent for reasons document in deviations or simply not
> accessible due to access control.)
> 
> >    While having PYANG based checks for backward compatibility is a very good
> >    idea, a  comparison based check will never be a complete check. It is
> >    quite possible to change just the behavior of an rpc/action/etc.  without
> >    changing the YANG definition.  This will only show up as a change of the
> >    description statement that can not be analyzed by PYANG.
> 
> The problem is to decide whether a change can break client
> expectations or not. Even 'bug fixes' can cause a client written to
> expect the old 'buggy' behaviour to fail. Also tricky are situations
> where behaviour was not clearly enough described and this is 'fixed'
> in a module update.
> 
> Semantic versioning assumes that one always can clearly distinguish
> between incompatible updates and compatible updates. This may not be
> so clearly cut in practice, see above. (But then, we have the same
> judgement call at the end with today's update rules.)
> 
> >    When upgrading a network node we might introduce non-backward compatible
> >    (NBC) changes. Today we need to introduce a new module for this. That
> >    means during the upgrade process the node must convert stored
> >    configuration instance data from ietf-routing to ietf-routing-2 format.
> >    Instead of solving this data transformation/transfer problem just for a
> >    few NBC data nodes, we will have to do it for the full model. This is
> >    complicated. In many cases the transformation of a few NBC leafs can be
> >    handled by good defaults or with a small script. Transferring the full
> >    data set is more complicated. If we allow NBC updates in some cases this
> >    problem is avoided.
> 
> In XML land, this is mostly a change of the namespace (not of the
> prefix) if one keeps the same structure, no? In JSON land, the change
> of the module name more directly becomes visible in instance data; but
> this is all encoding details.
> 
> >    If we update the module from ietf-routing to ietf-routing-2 ? Do we keep
> >    the prefix?
> 
> I guess you mean the namespace, not the prefix. You can use any prefix
> you like.
> 
> >    In one sense it should be kept as it is the same module
> >    "logically"; we also might have stored data including the prefix
> >    (identityrefs, instance-identifiers). On the other hand having multiple
> >    modules with the same prefix is a problem. The only good solution is to
> >    allow incompatible updates in some cases.
> 
> If we move towards allowing incompabile updates, then we need to have
> a mechanism to tell which versions of modules can work together and
> which combinations are affected by an incompatible update. We probably
> need to require strict import by revision or at least 'import by
> compatible revision' (whatever this means at the end).
> 
> >    CH 1)
> > 
> >    You write
> >    "The YANG data modeling language [RFC7950] specifies strict rules for
> >    updating..."
> >    and again
> >    "When the same YANG module name is kept, the new YANG module  revision
> >    must always be updated in a backward-compatible way."
> > 
> >    I strongly disagree. While we have strict rules about even small
> >    modifications to existing schema, but you are allowed to
> >    deprecate/obsolete big parts of the model, thereby possibly deleting
> >    complete subtrees from the schema. That is anything but strict backward
> >    compatibility.
> >    I find this aspect of YANG inconsistent to the level that it would need an
> >    errata.
> 
> Marking something deprecated / obsolete means you can not be sure this
> is implemented. But then, even definitions with status current may not
> be implemented (see deviations) or they may not be accessible to a
> client due to access control. However, if implemented and accessible,
> the guarantee today is that the semantics stay the same and don't
> change unexpectedly.
> 
> >    So practically the current rules allow backward incompatible changes that
> >    can only be detected by a line by line comparison of the yang modules. In
> >    a system with semantic versioning, you could determine backward
> >    compatibility just by reading the version numbers.
> 
> I do not see why you need a line by line comparison. With semantic
> versioning, you _hope_ the semantic version number is a good enough
> indicator. It might also be that your client is only using a subset
> that did not really change even though the semantic version number
> changed. Or the semantic version number indicates only minor changes
> that sill break your client.
> 
> >    CH 2.3)
> >    As we need to create a new Yang Module (YAM) even for the smallest
> >    incompatible modification, this increases the number of modules.
> 
> So it seems to boil down to the question whether foo and foo2 is
> significantly more expensive than foo { semver 1.x.y } and foo {
> semver 2.x.y }. The main argument seems to be that the later keeps
> references that involve module names or namespaces unchanged (but
> they may or may not mean different things).
> 
> >    IMHO YANG package definition should be a separate issue, left out of this
> >    document. Andy has already provided some very good ideas about this topic.
> 
> I think it is necessary to think about how the semantic version
> numbers are used. See my remark above about imports. If we allow
> incompatible changes, than this has side effects and I think we are
> not done by just adding a semantic version number without going
> working throught the implications.
> 
> /js
> 
> -- 
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>