Re: [yang-doctors] Ensuring top/base models are designed as augmentable
Ebben Aries <exa@arrcus.com> Mon, 18 November 2019 08:13 UTC
Return-Path: <exa@arrcus.com>
X-Original-To: yang-doctors@ietfa.amsl.com
Delivered-To: yang-doctors@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C1D3120881 for <yang-doctors@ietfa.amsl.com>; Mon, 18 Nov 2019 00:13:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netorgft1331857.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pk3yaCfe1Thn for <yang-doctors@ietfa.amsl.com>; Mon, 18 Nov 2019 00:13:01 -0800 (PST)
Received: from NAM05-CO1-obe.outbound.protection.outlook.com (mail-eopbgr720086.outbound.protection.outlook.com [40.107.72.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E5B01200B2 for <yang-doctors@ietf.org>; Mon, 18 Nov 2019 00:13:01 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UafG18oB2Yl5PL6ZlxLJpxmXf2n8K4ILgnGNo6SANKFMBDVY40xpqAAcArGGcffm4cUcy+i/Crgd81itTchorh7Zr5D4I20+Wv/sOWrcLk3AAW+iox8FyHo20P3yZzjyhbADXpgh4uZChJVpE6lJXZ+Q+3cUMVNb/b+/nxOi8hNKh8DZmUjsYd+DKpNIFX0yOL6B2B1rfMlAsPc4sWQhomO+TpCXZo81kuSx6fMamJ7/fS2qJZz3Zpcd6nLyXIEPIB0GqUh5QqdOGcODWsWkfMp+7u4QSa/q8pO5a2WVNIsp1uAfWalyqa/y3Hw4jq11UyRePqGV8HD7KXFW4SBpeA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BY2+s/OqU9Cbo2QVBIbPNB2LVcBmNP691RB1L7h37hs=; b=iQ5qDuVeUw5chd/Ums4Y6JVA//d4/FJkfhIFR0bkfYnQwNuwU3KQagGx4DZpRZcbiFdX2xDnsRtwOploZUVoNViZ4WRZFPBxVFos+xZYT8iQJk+PlcqlyqHDhRrrtDhCRTLKqINlBegp7K0ebRIQUnPDSmtm5QXaEYB9pwpLv7PCf2kW4EpLm/h7+1DgdNKB7HpBeJMApSMZpXB8kyIcqN+X35G6aadQn8ayOMLkPXUI+acuq/LAS+++oh4R/7F4DJAb9WxsFhl3v6ub+R5gXOLTF+3RGk3plr3SCu41Ls+ZysUD+jnIpjWc7QgBzEhpNur71NZD2NITAk+9pbobAg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arrcus.com; dmarc=pass action=none header.from=arrcus.com; dkim=pass header.d=arrcus.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=NETORGFT1331857.onmicrosoft.com; s=selector2-NETORGFT1331857-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BY2+s/OqU9Cbo2QVBIbPNB2LVcBmNP691RB1L7h37hs=; b=RYJxMZaK0qiyo2X9U5zLME4AT5Bi6qipNT3JefhY0TokNBN78w4rJnTuCc8Gk/9I582ohXrzbILHPqJJYD5moBVrAm7gXbM3DSPOiZnylV4L7gTRP3xt38P4r33oYVAg8hdz12/VSZkEi/X8hXyQfSJq69KofVnS9uNBDhQ8cFo=
Received: from DM6PR18MB2602.namprd18.prod.outlook.com (20.179.71.89) by DM6PR18MB3017.namprd18.prod.outlook.com (20.179.107.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2451.23; Mon, 18 Nov 2019 08:12:49 +0000
Received: from DM6PR18MB2602.namprd18.prod.outlook.com ([fe80::dd61:d000:bf1a:a9c1]) by DM6PR18MB2602.namprd18.prod.outlook.com ([fe80::dd61:d000:bf1a:a9c1%6]) with mapi id 15.20.2451.029; Mon, 18 Nov 2019 08:12:49 +0000
From: Ebben Aries <exa@arrcus.com>
To: Martin Bjorklund <mbj@tail-f.com>
CC: "yang-doctors@ietf.org" <yang-doctors@ietf.org>
Thread-Topic: [yang-doctors] Ensuring top/base models are designed as augmentable
Thread-Index: AQHVnaNki2FbS4UL+Ey8kTDBcVGJhKeQjuUAgAAFtQA=
Date: Mon, 18 Nov 2019 08:12:49 +0000
Message-ID: <20191118081238.wckqp7tczhmfmb45@localhost>
References: <20191118000150.amlnwhgagufkft5t@localhost> <20191118.085212.404540088270846510.mbj@tail-f.com>
In-Reply-To: <20191118.085212.404540088270846510.mbj@tail-f.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: SG2PR04CA0186.apcprd04.prod.outlook.com (2603:1096:4:14::24) To DM6PR18MB2602.namprd18.prod.outlook.com (2603:10b6:5:15d::25)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=exa@arrcus.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2001:67c:370:128:99d3:bf03:d4b0:8313]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 644c403e-dcfa-45cf-9dc2-08d76bff1a08
x-ms-traffictypediagnostic: DM6PR18MB3017:
x-microsoft-antispam-prvs: <DM6PR18MB3017E6008BA6F5FACD2E0B1FCD4D0@DM6PR18MB3017.namprd18.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0225B0D5BC
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(7916004)(346002)(39830400003)(396003)(136003)(366004)(376002)(189003)(199004)(71190400001)(71200400001)(102836004)(256004)(229853002)(386003)(6116002)(6506007)(11346002)(446003)(86362001)(46003)(5660300002)(8936002)(66446008)(186003)(64756008)(66556008)(66476007)(66946007)(7736002)(305945005)(33716001)(81166006)(81156014)(8676002)(99286004)(25786009)(76176011)(508600001)(1076003)(2906002)(14454004)(6486002)(6916009)(14444005)(9686003)(6512007)(476003)(6246003)(52116002)(6436002)(486006)(316002)(4326008); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR18MB3017; H:DM6PR18MB2602.namprd18.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arrcus.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: rjysa2xDmmcWVi/sIGTsqhZFfUXPckekFPFRprB0uFO+WlrCublBzbphYzpnEsQh6YMbnNyDlCnb1lBxCubhoW/oS67siR2KhkVTxlvtqpJQ5tnD9BhC2Zg6umQmxv65ZAUHG8946kYfQY4Pldn2kIciITGao9sx51bKuJQiH4Sr8R12xXyotTEuXhQwS7h115RTyjuA9Zx6yIijJJ4lw4Rqm89xHh+wdcHf0YTAcFHpdm5LwQP/qbILMobXp1gEed7EuxSGh7g/tredCiLDN0+ZgN683zlwHkvOeg3sOMiWZ83Fklep4o/vWr4Ipo4yVQZEk1GQhZM/zR1bUMMHckdji93cNVOjtX7YVgwASaVmSuwfw9CgZL7OIXhrs4Ne+tLAlzG2BMmqjiTn4pIPMD72xyvpSQLzuzSMAdKcWFkQaFvpD6qpVn4zfVt5Q0+9
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-ID: <9A0FA8779A1B554BA2F325E07B10BCDE@namprd18.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: arrcus.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 644c403e-dcfa-45cf-9dc2-08d76bff1a08
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Nov 2019 08:12:49.5378 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 697b3529-5c2b-40cf-a019-193eb78f6820
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: wfqw9+IzPODbXEryrB+/VnZ1Dc5lCo6zmHYmRUtKXq55Vpc9ZJavI+uAfBva8+WI
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR18MB3017
Archived-At: <https://mailarchive.ietf.org/arch/msg/yang-doctors/03yAjnHRg5Pq0lPfMchiNjO2qjU>
Subject: Re: [yang-doctors] Ensuring top/base models are designed as augmentable
X-BeenThere: yang-doctors@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email list of the yang-doctors directorate <yang-doctors.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/yang-doctors>, <mailto:yang-doctors-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/yang-doctors/>
List-Post: <mailto:yang-doctors@ietf.org>
List-Help: <mailto:yang-doctors-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/yang-doctors>, <mailto:yang-doctors-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Nov 2019 08:13:03 -0000
On Nov 18 08:52 AM, Martin Bjorklund wrote: > Ebben Aries <exa@arrcus.com> wrote: > > I was looking for any such possible wording in 8407 but could not find > > anything around this design consideration. > > > > Case in point, there are many modules that may be defined with top-level > > nodes where the intention is that other domains add/augment in either at > > a later date or at a bare minimum via another set of > > definitions/modules in related domains. When this occurs, it seems > > important that the top level modules are designed in such a way to > > account for such augmentation and to pick on one case, is the use of > > 'must' statements in top-level modules. > > > > If we look at ietf-system below, for authentication, there are 2 > > definitions carried in the top-level module (local-users/radius) with a > > must restriction being placed at a node which is a target candidate for > > augmentation. > > > > # ietf-system@2014-08-06.yang > > > > container authentication { > > nacm:default-deny-write; > > if-feature authentication; > > > > description > > "The authentication configuration subtree."; > > > > leaf-list user-authentication-order { > > type identityref { > > base authentication-method; > > } > > must '(. != "sys:radius" or ../../radius/server)' { > > error-message > > "When 'radius' is used, a RADIUS server" > > + " must be configured."; > > description > > "When 'radius' is used as an authentication method, > > a RADIUS server must be configured."; > > } > > ordered-by user; > > > > Now if one were to augment in with say 'tacacs' which would define an > > identity that would base off sys:authentication-method, this would > > either mean > > > > - Any augmented identities cannot follow the same design pattern as > > those in the base module > > Can you provide an example of what you want to do and show what > doesn't work? From what I understand, it seems you can add the nodes > you want, but you can't just augment a must expression: > > must '(. != "x:tacacs" or ../../x:tacacs/server)' The question is more generic wrt. ensuring nodes are augmentable or some verbiage around such otherwise there could very well be cases that a base restriction prevents and/or makes this difficult either for other future SDO modules or other implementation augments. For this specific case - that is precisely it as you have above. The augmented module cannot enforce similar restrictions for design consistency sake
- [yang-doctors] Ensuring top/base models are desig… Ebben Aries
- Re: [yang-doctors] Ensuring top/base models are d… Martin Bjorklund
- Re: [yang-doctors] Ensuring top/base models are d… Ebben Aries
- Re: [yang-doctors] Ensuring top/base models are d… Benoit Claise
- Re: [yang-doctors] Ensuring top/base models are d… Joe Clarke (jclarke)
- Re: [yang-doctors] Ensuring top/base models are d… Ladislav Lhotka
- Re: [yang-doctors] Ensuring top/base models are d… Joe Clarke (jclarke)
- Re: [yang-doctors] Ensuring top/base models are d… Ladislav Lhotka
- Re: [yang-doctors] Ensuring top/base models are d… Rob Wilton (rwilton)