IETF Logo Mail Archive

Re: [netmod] system configuration sync mechanism

Andy Bierman <andy@yumaworks.com> Mon, 02 August 2021 22:50 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0E2B3A1FF7 for <netmod@ietfa.amsl.com>; Mon, 2 Aug 2021 15:50:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.887
X-Spam-Level:
X-Spam-Status: No, score=-1.887 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yumaworks-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CmBuQuhzpwgy for <netmod@ietfa.amsl.com>; Mon, 2 Aug 2021 15:50:38 -0700 (PDT)
Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D572C3A2014 for <netmod@ietf.org>; Mon, 2 Aug 2021 15:50:07 -0700 (PDT)
Received: by mail-lf1-x129.google.com with SMTP id t9so23557769lfc.6 for <netmod@ietf.org>; Mon, 02 Aug 2021 15:50:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/mjkwX9vd3/OXpD9u6y411kmvi8901N7R94Y7C8li0k=; b=Nei3vqjpRxC/agqUBFjduZ1R2lH6swkMiuVHnal8ke0JmNV91grWhn/eCRh/k6DM6C 91vn/CBQFvV75AHFlwZ55Xhucitd5OpNY3oGdTqmpjFDcrLL2+UAp6SjRlTlmCiXwNRB wFzvio1koRmYgyerVXm/LX536EYc3lVpAHJ5hR9hSMommsU4PVQk8zLMrH0kVBrGyP39 avdNAgP/qaN8Oo/4SWvvYzRySVP3cZp2zcgzh4ZTtgcFj34KDT2Oa6zS7Vd2KQW9CxQ1 Q3aVwKNyqQLS8C8mF1mAKb2lOxOMOSRrW7lfAZdb3X+vLNPV0d7OMLJqgIFLYdJjVwNe CRpw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/mjkwX9vd3/OXpD9u6y411kmvi8901N7R94Y7C8li0k=; b=XVin3DJWuRnKpsIb6f7yTslDHAFYe+LmEOJAZF55XE4gLS7IYmB6f8Ss8oasLNxxdW kd+Me4YqHVEoB+0tccXYSJRV05rLtAkVmM3wWt2SQM9/eaNMX6uhPnYVB1QarqWgY3pR ICGGDf15pPdT04gzOrj9Ujx/ohhXdL+RiKIY3HGIJImJhfwUMszVNWgEKhMSPoQqZqkl qsuN6RLtMj9woQBAsurPNbNRO+sKOIbfSom+5zaAoUwoGorQM3BxL+Q8x7+YqvVKEnnb SjNZm2zBU4Nym3UtoM7cHP+sm8XGnfZnrNeFve5N74GScbp2UgXUopVxokRTl5TlhCr7 et8A==
X-Gm-Message-State: AOAM531ttrGaEEFuRUrijsinIFgKtgwTb7bs6whOEt5AYHOjppXpvBAm X9nEw5ZT12r27PaSzxx90CUupD35PBlp3o+IPXyM3w9gf7I=
X-Google-Smtp-Source: ABdhPJxsNIkVUeTg6yA6nimX2YJ9nwSNRU7/12YwPP/MWLM4XJFjhCl8vknb8AmWzTfXTZGL0okfoM78GDP6Z5XQiVs=
X-Received: by 2002:ac2:51d9:: with SMTP id u25mr2387469lfm.377.1627944604966; Mon, 02 Aug 2021 15:50:04 -0700 (PDT)
MIME-Version: 1.0
References: <5b76dae2175545959f0006b036efd647@huawei.com> <2d1262bc90fc49d08eb641365b959ea4@huawei.com> <0100017aab854793-eb989e55-8496-451b-84de-7f17cb0720d5-000000@email.amazonses.com> <add2ee3bb9094e1da6a3160824d5fdff@huawei.com> <0100017aee17493f-6b9b747c-f0f1-4a70-b929-aaa0350a555f-000000@email.amazonses.com> <aa3dfdb471f0430aa50c4e35b9672fb1@huawei.com> <AM8PR07MB823008D0A83507EFCBD2DDA3F0ED9@AM8PR07MB8230.eurprd07.prod.outlook.com> <CABCOCHT6yGFj84ryK9wghFnO52uQoLydKm-OU9M5+gqqs4jAzA@mail.gmail.com> <0100017b08feb7ef-71cbbcaa-256f-4947-ab27-9fdd40f2993a-000000@email.amazonses.com>
In-Reply-To: <0100017b08feb7ef-71cbbcaa-256f-4947-ab27-9fdd40f2993a-000000@email.amazonses.com>
From: Andy Bierman <andy@yumaworks.com>
Date: Mon, 02 Aug 2021 15:49:54 -0700
Message-ID: <CABCOCHT59+sf92vzj=qE0KPxic-h6Nix2+Mp5veforS02Xchgg@mail.gmail.com>
To: Kent Watsen <kent+ietf@watsen.net>
Cc: Balázs Lengyel <balazs.lengyel=40ericsson.com@dmarc.ietf.org>, "maqiufang (A)" <maqiufang1@huawei.com>, "netmod@ietf.org" <netmod@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e4bb4105c89b635e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/_2iDsNl9OvtKMAtpl3-98XLa0_Q>
Subject: Re: [netmod] system configuration sync mechanism
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Aug 2021 22:50:43 -0000

On Mon, Aug 2, 2021 at 3:31 PM Kent Watsen <kent+ietf@watsen.net> wrote:

>
> Hi Balazs, Andy, Quifang,
>
> I agree a new datastore will just add complexity without any value.
> Your solution approach is better, but I think it would require a new YANG
> version
> to allow config node XPath to reference non-config nodes.
>
>
> In no case is there a need for a config Xpath to ref non-config.
>
>
> Another solution is to model the referenced node as config=true, but setup
> automatic NACM rules so no user editing is allowed. This works well for
> setting up an initial config that gets saved and not changed unless a
> reset is done.
>
>
> I don’t like the NACM dependency.
>
>
> What if <intended> is what is NV-stored?  When that occurs, the config
> changes from system to user config.
> Routers have been saving the combined config for decades. IMO the standards
> intentionally avoid discussing the conversion of a datastore to/from
> NV-storage.
>
>
> I’m unsure about this point, but a don’t see any dependency on an NV-store
> needing to use a particular encoding or format.
>
> As I see it this is the same problem that we discussed in
>> https://github.com/netmod-wg/yang-next/issues/41.
>>
>> I know this is a radical change, but I think using a new YANG extension
>> to create a read-only config=true datatype is a much cleaner solution. One
>> which some companies have already implemented.
>>
> +1
>
> Actually, separate running and system would be a radical change, not this.
> Cleaner and less disruptive.
>
>
> I disagree with the need to resolve issue #41 here, and I disagree a
> <system> datastore would be a radical change, or even complicated.
>
> That said, something like RFC 6243 (with-defaults) but called
> “with-system” could work.  That is, the “system" config is like <running>
> config that is hidden until asked to be revealed. It would be interesting
> to discuss if “with-defaults" returns all of the system config, or just
> the parts that are used, assuming we define “used” appropriately.
>   Presumably system-defined ordered-list entries cannot be ordered by user,
> or used as before/after pivots.
>
> We could even do both: have a read-only <system> datastore *and* a
> "with-system" interaction API.  Each complimenting the other.
>


I prefer neither.
I think NMDA <get-data> with an origin-filter and/or with-origin parameter
already solves this problem.


Andy


> FWIW, a "with-system <running>” still may not pass validation if, e.g.,
> templates need to be expanded.  Of course, any controller/orchestrator can
> expand the templates themselves to resolve that concern.  Such a system
> could also fetch <system> without skipping a beat.
>
> Thought exercise: a controller is managing 1000 endpoints all running the
> same software version.  Is it better for the controller to get "with-system
> <running>” 1000 times, or get <system> once and have knowledge for how
> its merged in?
>
> K.
>
>
>
>
>

v2.23.0 | Report a Bug | By Email