draft-ietf-netmod-yang-instance-file-format-00.txt   draft-ietf-netmod-yang-instance-file-format-01.txt 
Netmod B. Lengyel Netmod B. Lengyel
Internet-Draft Ericsson Internet-Draft Ericsson
Intended status: Standards Track B. Claise Intended status: Standards Track B. Claise
Expires: May 8, 2019 Cisco Systems, Inc. Expires: June 9, 2019 Cisco Systems, Inc.
November 4, 2018 December 6, 2018
YANG Instance Data File Format YANG Instance Data File Format
draft-ietf-netmod-yang-instance-file-format-00 draft-ietf-netmod-yang-instance-file-format-01
Abstract Abstract
There is a need to document data defined in YANG models without the There is a need to document data defined in YANG models when a live
need to fetch it from a live YANG server. Data is often needed YANG server is not available. Data is often needed already in design
already in design time or needed by groups that do not have a live time or needed by groups that do not have a live running YANG server
running YANG server available. This document specifies a standard available. This document specifies a standard file format for YANG
file format for YANG Based Instance data, that is data that could be instance data, which follows the syntax and semantic from existing
stored in a datastore and whose syntax and semantics is defined by YANG models, re-using existing formats from <get> operation/request
YANG models. Most important use cases foreseen include documenting and decorates them with metadata.
server capabilities, factory-default settings, or vendor provided
default configurations.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 8, 2019. This Internet-Draft will expire on June 9, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . 3 2.1. High Level Principles . . . . . . . . . . . . . . . . . . 4
2.1.1. Use Case 1: Early Documentation of Server Capabilites 3 3. Instance Data File Format . . . . . . . . . . . . . . . . . . 4
2.1.2. Use Case 2: Preloading Data . . . . . . . . . . . . . 4 3.1. Specifying the Target YANG Modules: target-ptr . . . . . 6
2.1.3. Use Case 3: Dcoumenting Factory Default Settings . . 4 3.1.1. IN-LINE Method . . . . . . . . . . . . . . . . . . . 7
3. Instance Data File Format . . . . . . . . . . . . . . . . . . 5 3.1.2. URI Method . . . . . . . . . . . . . . . . . . . . . 7
4. Data Life cycle . . . . . . . . . . . . . . . . . . . . . . . 8 3.2. Examples . . . . . . . . . . . . . . . . . . . . . . . . 8
5. Delivery of Instance Data . . . . . . . . . . . . . . . . . . 9 4. Data Life cycle . . . . . . . . . . . . . . . . . . . . . . . 11
6. YANG Model . . . . . . . . . . . . . . . . . . . . . . . . . 9 5. Delivery of Instance Data . . . . . . . . . . . . . . . . . . 12
7. Security Considerations . . . . . . . . . . . . . . . . . . . 11 6. YANG Model . . . . . . . . . . . . . . . . . . . . . . . . . 12
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 7. Security Considerations . . . . . . . . . . . . . . . . . . . 15
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
9.1. Normative References . . . . . . . . . . . . . . . . . . 11 8.1. URI Registration . . . . . . . . . . . . . . . . . . . . 15
9.2. Informative References . . . . . . . . . . . . . . . . . 11 8.2. YANG Module Name Registration . . . . . . . . . . . . . . 15
Appendix A. Open Issues . . . . . . . . . . . . . . . . . . . . 12 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 16
Appendix B. Changes between revisions . . . . . . . . . . . . . 13 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 10.1. Normative References . . . . . . . . . . . . . . . . . . 16
10.2. Informative References . . . . . . . . . . . . . . . . . 16
Appendix A. Open Issues . . . . . . . . . . . . . . . . . . . . 17
Appendix B. Changes between revisions . . . . . . . . . . . . . 17
Appendix C. Detailed Use Cases - Non-Normative . . . . . . . . . 19
C.1. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . 19
C.1.1. Use Case 1: Early Documentation of Server
Capabilities . . . . . . . . . . . . . . . . . . . . 19
C.1.2. Use Case 2: Preloading Data . . . . . . . . . . . . . 20
C.1.3. Use Case 3: Documenting Factory Default Settings . . 20
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21
1. Terminology 1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 RFC 2119 [RFC2119] RFC 8174 [RFC8174] when, and only when, they 14 RFC 2119 [RFC2119] RFC 8174 [RFC8174] when, and only when, they
appear in all capitals, as shown here. appear in all capitals, as shown here.
Design time: A time during which a YANG model and the implementation Design time: A time during which a YANG model and the implementation
skipping to change at page 3, line 5 skipping to change at page 3, line 14
Instance Data Set: A named set of data items that can be used as Instance Data Set: A named set of data items that can be used as
instance data in a YANG data tree. instance data in a YANG data tree.
Instance Data File: A file containing an instance data set formatted Instance Data File: A file containing an instance data set formatted
according to the rules described in this document. according to the rules described in this document.
Target YANG Module: A YANG module for which the instance data set Target YANG Module: A YANG module for which the instance data set
contains instance data, like ietf-yang-library in the examples. contains instance data, like ietf-yang-library in the examples.
YANG Instance Data, or just instance data for short, is data that
could be stored in a datastore and whose syntax and semantics is
defined by YANG models.
2. Introduction 2. Introduction
There is a need to provide instance data defined in YANG models There is a need to document data defined in YANG models when a live
without the need to fetch it from a live YANG server. Data is often YANG server is not available. Data is often needed already in design
needed already in design time before the YANG server is implemented time or needed by groups that do not have a live running YANG server
or needed by groups that do not have a live running YANG server
available. To facilitate this off-line delivery of data this available. To facilitate this off-line delivery of data this
document specifies a standard file format for YANG Based Instance document specifies a standard format for YANG instance data sets and
data, that is data that could be stored in a datastore and whose YANG instance data files.
syntax and semantics is defined by YANG models.
2.1. Use Cases The following is a list of already implemented and potential use
cases.
We present a number of use cases were Yang based instance data is UC1 Documentation of server capabilities
needed.
2.1.1. Use Case 1: Early Documentation of Server Capabilites UC2 Preloading default configuration data
A YANG server has a number of server-capabilities that are defined in UC3 Documenting Factory Default Settings
YANG modules and can be retrieved from the server using protocols
like NETCONF or RESTCONF. YANG server capabilities include
o data defined in ietf-yang-library: YANG modules, submodules, UC4 Instance data used as backup
features, deviations, schema-mounts, datastores supported
([I-D.ietf-netconf-rfc7895bis])
o alarms supported ([I-D.ietf-ccamp-alarm-module]) UC5 Storing the configuration of a device, e.g. for archive or audit
purposes
o data nodes, subtrees that support or do not support on-change UC6 Storing diagnostics data
notifications ([I-D.ietf-netconf-yang-push])
o netconf-capabilities in ietf-netconf-monitoring UC7 Allowing YANG instance data to potentially be carried within
other IPC message formats
While it is good practice to allow a client to query these UC8 Default instance data used as part of a templating solution
capabilites from the live YANG server, that is often not enough.
Often when a network node is released an associated NMS (network UC9 Providing data examples in RFCs or internet drafts
management system) is also released with it. The NMS depends on the
capabilities of the YANG server. During NMS implementation
information about server capabilities is needed. If the information
is not available early in some off-line document, but only as
instance data from the live network node, the NMS implementation will
be delayed, because it has to wait for the network node to be ready.
Also assuming that all NMS implementors will have a correctly
configured network node available to retrieve data from, is a very
expensive proposition. (An NMS may handle dozens of node types.)
Network operators often build their own home-grown NMS systems that
needs to be integrated with a vendor's network node. The operator
needs to know the network node's server capabilities in order to do
this. Moreover the network operator's decision to buy a vendor's
product may even be influenced by the network node's OAM feature set
documented as the Yang server's capabilites.
Beside NMS implementors, system integrators and many others also need In Appendix C we describe the first three use cases in detail.
the same information early. Examples could be model driven testing,
generating documentation, etc.
Most server-capabilities are relatively stable and change only during There are already many and varied use cases where YANG instance data
upgrade or due to licensing or addition or removal of HW. They are could be used. We do not want to limit future uses of instance data
usually defined by a vendor in design time, before the product is sets, so specifying how and when to use Yang instance data is out of
released. It feasible and advantageous to define/document them early scope for this document. It is anticipated that other documents
e.g. in a Yang Based Instance Data File. outside the instance data set itself will define specific use cases.
Use cases are listed here only to indicate the need for this work.
It is anticipated that a separate IETF document will define in detail 2.1. High Level Principles
how and which set of server capabilites should be documented.
2.1.2. Use Case 2: Preloading Data The following is a list of the basic principles of the instance data
format:
There are parts of the configuration that must be fully configurable P1 Two standard formats are based on the XML and the JSON encoding
by the operator, however for which often a simple default
configuration will be sufficient.
One example is access control groups/roles and related rules. While P2 Re-use existing formats from the <get> operation/request
a sophisticated operator may define dozens of different groups often
a basic (read-only operator, read-write system administrator,
security-administrator) triplet will be enough. Vendors will often
provide such default configuration data to make device configuration
easier for an operator.
Defining Access control data is a complex task. To help the device P3 Add metadata about the instance data set
vendor pre-defines a set of default groups (/nacm:nacm/groups) and
rules for these groups to access specific parts of common models
(/nacm:nacm/rule-list/rule).
YANG Based Instance data files are used to document and/or preload P4 A YANG instance data file shall contain only a single YANG
the default configurationp. instance data set
2.1.3. Use Case 3: Dcoumenting Factory Default Settings P5 A YANG instance data set may contain data for many target YANG
modules
Nearly every YANG server has a factory default configuration. If the P6 Instance data may include configuration data, state data or a mix
system is really badly misconfigured or if the current configuration of the two
is to be abandoned the system can be reset to this default.
In Netconf the <delete-config> operation can already be used to do P7 Partial data sets are allowed
this for the startup configuration. There are ongoing efforts to
introduce a new, more generic reset operation for the same purpose
[I-D.wu-netconf-restconf-factory-restore]
The operator currently has no way to know what the default P8 YANG instance data format may be used for any data for which
configuration actually contains. YANG Based Instance data can be target YANG module(s) are defined and available to the reader,
used to document the factory default configuration. independent of whether the module is actually implemented by a
YANG server
3. Instance Data File Format 3. Instance Data File Format
Two standard formats to represent YANG Based Instance Data are A YANG instance data file MUST contain a single instance data set and
specified based on the XML and JSON encoding. The XML format is no additional data.
based on [RFC7950] while the JSON format is based on [RFC7951].
Later as other YANG encodings (e.g. CBOR) are defined further
Instance Data formats may be specified.
For both formats data is placed in a top level auxiliary container The instance data set is placed in a top level auxiliary container
named "instance-data-set". The purpose of the container, which is named "instance-data-set". An instance data set is made up of a
not part of the real data itself, is to carry meta-data for the header part and content-data. The initial header part carries
complete instance-data-set. metadata for the instance data set. It is defined by the ietf-yang-
instance-data YANG module. The content-data is all data inside the
anydata datanode, this carries the "real data" that we want to
document/provide. The syntax and semantics of content-data is
defined by the target YANG modules.
The XML format SHALL follow the format returned for a NETCONF GET Two formats are specified that can be used to represent YANG instance
operation. The <data> anydata (which is not part of the real data data based on the XML and JSON encoding. Later as other YANG
itself) SHALL contain all data that would be inside the <data> encodings (e.g. CBOR) are defined further instance data formats may
wrapper element of a reply to the <get> operation. XML attributes be specified.
SHOULD NOT be present, however if a SW receiving a YANG Based
Instance data file encounters XML attributes unknown to it, it MUST
ignore them, allowing them to be used later for other purposes.
The JSON format SHALL follow the format of the reply returmed for a The content-data part of the XML format SHALL follow the format
RESTCONF GET request directed at the datastore resource: returned for a NETCONF GET operation. The <content-data> anydata
{+restconf}/data. ETags and Timestamps SHOULD NOT be included, but node SHALL contain all elements that would be inside the <data>
if present SHOULD be ignored. wrapper element of a reply to the <get> operation. Some XML
attributes (e.g. metadata like origin) MAY be absent. SW handling
YANG instance data MUST ignore XML attributes unknown to it, allowing
them to be used later for other purposes.
A YANG Based Instance data file MUST contain a single instance data The content-data part of the JSON format SHALL follow the format of
set. Instance data MUST conform to the corresponding target YANG the payload of the reply returned for a RESTCONF GET request directed
Modules and follow the XML/JSON encoding rules as defined in at the datastore resource: {+restconf}/data or
[RFC7950] and [RFC7951] and use UTF-8 character encoding. A single {+restconf}/ds/<datastore>.
instance data set MAY contain data for any number of target YANG
modules, if needed it MAY carry the complete configuraton and state
data set for a YANG server. Default values SHOULD NOT but MAY be
included. Config=true and config=false data MAY be mixed in the
instance data file. Instance data files MAY contain partial data
sets. This means mandatory, min-elements or require-instance=true
constrains MAY be violated.
The name of the file SHOULD be of the form: Instance data MUST conform to the corresponding target YANG Modules
and follow the XML/JSON encoding rules as defined in [RFC7950] and
[RFC7951] and MUST use UTF-8 character encoding. A single instance
data set MAY contain data for any number of target YANG modules; if
needed it MAY carry the complete configuration and state data set for
a YANG server. Default values SHOULD NOT be included.
instance-data-set-name ['@' revision-date] ( '.yid' ) Config=true and config=false data MAY be mixed in the instance data
file.
E.g. acme-router-modules@2018-01-25.yid Instance data files MAY contain partial data sets. This means
mandatory, min-elements or require-instance=true constrains MAY be
violated.
The revision date is optional. It SHOULD NOT be used if the file is The name of the file SHALL be of the form:
stored in a version control system (e.g. git) because the change of
file names will break the connection between the different revisions
of the file.
Meta data, information about the data set itself SHALL be included in instance-data-set-name ['@' revision-date] '.filetype'
E.g. acme-router-modules@2018-01-25.xml
The revision date is optional. ".filetype" SHALL be ".json" or ".xml"
according to the format used.
Metadata, information about the data set itself SHALL be included in
the instance data set. This data will be children of the top level the instance data set. This data will be children of the top level
instance-data-set container as defined in the ietf-instance-data YANG instance-data-set container as defined in the ietf-instance-data YANG
module. Meta data SHALL include: module. Metadata MUST include:
o Name of the instance data set o name of the instance data set
Metadata SHOULD include:
Meta data SHOULD include: o target-ptr: A pointer to the list of target YANG modules their
revision, supported features and deviations.
o Revision date of the instance data set o Revision date of the instance data set. If both this date and and
the date in the instance data file name are present they MUST have
the same value.
o Description of the instance data set. The description SHOULD o Description of the instance data set. The description SHOULD
contain information whether and how the data can change during the contain information whether and how the data can change during the
lifetime of the YANG server. lifetime of the YANG server.
Metadata MAY include:
o Organization responsible for the instance data set
o Contact information
o Information about the datastore associated with the instance data
set e.g. the datastore from where the data was read or the
datastore where the data could be loaded or the datastore which is
being documented. This information is optional, as often a single
datastore can not be specified.
o Timestamp: The date and time when the instance data set was last
modified.
o It is anticipated that different organizations will have the need
to augment the metadata with various other data nodes.
3.1. Specifying the Target YANG Modules: target-ptr
To properly understand and use an instance data set the user needs to
know the list of target YANG modules their revision, supported
features and deviations. The metadata "target-ptr" is used to
specify the YANG target module list. One of the following 3 options
SHALL be used:
IN-LINE method: Include the needed information as part of instance
data as defined by ietf-yang-library
URI method: Include a URI that points to the target module set.
(if you don't want to repeat the info again and again)
EXTERNAL Method: Do not include the target-ptr as the target YANG
module set is already known, or the information is available
through external documents.
Note, the specified target YANG modules only indicate the set of
modules that were used to define this YANG instance data set.
Sometimes instance data may be used for a YANG server supporting a
different YANG module set e.g. for UC2 preloading data the instance
data set may not be updated every time the YANG modules on the YANG
server are updated, an unchanged instance data set may still be
usable. Whether the instance data set is usable for a possibly
different real-life target YANG module set depends on the
compatibility between the specified target and the real-life target
YANG module set (considering modules, revisions, features,
deviations).
3.1.1. IN-LINE Method
Target-ptr MUST bet set to:
'inline:ietf-yang-library@' revision-date '.yang'
E.g. inline:ietf-yang-library@2016-06-21.yang
The revision date in the inline target-ptr is mandatory, it specifies
the revision of the ietf-yang-library used. The first group of data
inside the "anydata data" element MUST be instance data targeted at
the ietf-yang-library. This data SHALL specify the target YANG
modules, revisions, supported features and deviations for this and
all the other target YANG modules.
3.1.2. URI Method
Target-ptr MUST bet set to a URI that references another YANG
instance data file. The current instance data file will use the same
set of target YANG modules, revisions, supported features and
deviations as the other referenced YANG instance data file.
The referenced instance data file will usually contain data only for
ietf-yang-library to specify the target YANG modules for the original
instance data file.
The URI method is advantageous when the user wants to avoid the
overhead of specifying the target YANG modules in the instance data
file: E.g. In Use Case 6, when the system creates a diagnostic file
every 10 minutes to document the state of the YANG server.
The referenced YANG instance data file might use the in-line method
or might use the URI method to reference further instance data
file(s). However at the end of this reference chain there MUST be an
instance data file using the in-line method.
If a referenced instance data file is not available the revision
data, supported features and deviations for the target YANG modules
are unknown.
3.2. Examples
The following example is based on UC1, documenting server
capabilities. It provides (a shortened) list of supported YANG
modules for a YANG server. It uses the inline method for the target-
ptr.
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<instance-data-set xmlns= <instance-data-set xmlns=
"urn:ietf:params:xml:ns:yang:ietf-yang-instance-data"> "urn:ietf:params:xml:ns:yang:ietf-yang-instance-data">
<name>acme-router-modules</name> <name>acme-router-modules</name>
<revision>2108-01-25</revision> <target-ptr>inline:ietf-yang-library@2016-06-21.yang</target-ptr>
<revision>
<date>2108-01-25</date>
<description>Initial version</description>
</revision>
<description>Defines the minimal set of modules that any acme-router <description>Defines the minimal set of modules that any acme-router
will contain. These modules will always be present.</description> will contain.</description>
<contact>info@acme.com</contact> <contact>info@acme.com</contact>
<data> <content-data>
<yang-library xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-library"> <!-- The example lists only 4 modules, but it could list the
<module-set> full set of supported modules for a YANG server, potentially many
<name>basic</name> dozens of modules -->
<module> <module-state xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-library">
<name>ietf-system</> <module>
<revision>2014-08-06</revision> <name>ietf-yang-library</name>
<!-- description "A later revision may be used."; --> <revision>2016-06-21</revision>
<namespace>urn:ietf:params:xml:ns:yang:ietf-system</namespace> <namespace>urn:ietf:params:xml:ns:yang:ietf-yang-library</namespace>
<feature>authentication</feature> <conformance-type>implement</conformance-type>
<feature>radius-authentication</feature> </module>
</module> <module>
</module-set> <name>ietf-system</name>
</yang-library> <revision>2014-08-06</revision>
</data> <namespace>urn:ietf:params:xml:ns:yang:ietf-system</namespace>
<feature>sys:authentication</feature>
<feature>sys:local-users</feature>
<feature>sys:ntp</feature>
<deviation>
<name>acme-system-ext</name>
<revision>2018-08-06</revision>
</deviation>
<conformance-type>implement</conformance-type>
</module>
<module>
<name>ietf-yang-types</name>
<revision>2013-07-15</revision>
<namespace>urn:ietf:params:xml:ns:yang:ietf-yang-types</namespace>
<conformance-type>import</conformance-type>
</module>
<module>
<name>acme-system-ext</name>
<revision>2018-08-06</revision>
<namespace>urn:rdns:acme.com:oammodel:acme-system-ext</namespace>
<conformance-type>implement</conformance-type>
</module>
</module-state>
</content-data>
</instance-data-set> </instance-data-set>
Figure 1: XML Instance Data File example Figure 1: XML Instance Data Set - Use case 1, Documenting server
capabilities
The following example is based on UC2, preloading default
configuration. It provides (a shortened) default rule set for a
read-only operator role. It uses the inline method for the target-
ptr.
<?xml version="1.0" encoding="UTF-8"?>
<instance-data-set xmlns=
"urn:ietf:params:xml:ns:yang:ietf-yang-instance-data">
<name>read-only-acm-rules</name>
<target-ptr>inline:ietf-yang-library@2016-06-21.yang</target-ptr>
<revision>
<date>2018-01-25</date>
<description>Initial version</description>
</revision>
<description>Access control rules for a read-only role.</description>
<contact>info@acme.com</contact>
<content-data>
<module-state xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-library">
<module>
<name>ietf-yang-library</name>
<revision>2016-06-21</revision>
</module>
<module>
<name>ietf-netconf-acm</name>
<revision>2012-02-22</revision>
</module>
</module-state>
<nacm xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-acm">
<enable-nacm>true</enable-nacm>
<read-default>deny</read-default>
<exec-default>deny</exec-default>
<rule-list>
<name>read-only-role</name>
<group>read-only-group</group>
<rule>
<name>read-all</name>
<module-name>*</module-name>
<access-operation>read</access-operation>
<action>permit</action>
</rule>
</rule-list>
</nacm>
</content-data>
</instance-data-set>
Figure 2: XML Instance Data Set - Use case 2, Preloading access
control data
The following example is based on UC6 Storing diagnostics data. An
instance data set is produced by the YANG server every 15 minutes
that contains statistics about netconf. As a new set is produced
automatically a revision-date would be useless; instead a timestamp
is included.
{ {
"ietf-yang-instance-data:instance-data-set": { "ietf-yang-instance-data:instance-data-set": {
"name": "acme-router-modules", "name": "acme-router-netconf-diagnostics",
"revision": "2108-01-25", "target-ptr": "file:///acme-netconf-diagnostics-yanglib.json",
"contact": "info@acme.com", "timestamp": "2018-01-25T17:00:38Z",
"description": "description":
"Defines the set of modules that an acme-router will contain.", "Netconf statistics",
"data": { "content-data": {
"ietf-yang-library:yang-library": { "ietf-netconf-monitoring:netconf-state": {
"module-set": [ "statistics": {
"name": "basic", "netconf-start-time ": "2018-12-05T17:45:00Z",
"module": [ "in-bad-hellos ": "32",
{ "in-sessions ": "397",
"name": "ietf-system", "dropped-sessions ": "87",
"revision": "2014-08-06", "in-rpcs ": "8711",
"namespace": "urn:ietf:params:xml:ns:yang:ietf-system", "in-bad-rpcs ": "408",
"feature": ["authentication", "radius-authentication"] "out-rpc-errors ": "408",
} "out-notifications": "39007"
} }
] }
]
} }
} }
} }
Figure 2: JSON Instance Data File example Figure 3: JSON Instance Data File example - UC6 Storing diagnostics
data
4. Data Life cycle 4. Data Life cycle
Data defined or documented in YANG Based Instance Data Sets may be Data defined or documented in YANG instance data sets may be used for
used for preloading a YANG server with this data, but the server may preloading a YANG server with this data, but the server may populate
populate the data without using the actual file in which case the the data without using the actual file in which case the instance
Instance Data File is only used as documentation. data file is only used as documentation.
While such data will usually not change, data documented by Instance While such data will usually not change, data documented by instance
Data sets MAY be changed by the YANG server itself or by management data sets MAY be changed by the YANG server itself or by management
operations. It is out of scope for this document to specify a method operations. It is out of scope for this document to specify a method
to prevent this. Whether such data changes and if so, when and how, to prevent this. Whether such data changes and if so, when and how,
SHOULD be described either in the instance data file description SHOULD be described either in the instance data file description
statement or in some other implementation specific manner. statement or in some other implementation specific manner.
YANG Based Instance data is a snap-shot of information at a specific YANG instance data is a snap-shot of information at a specific point
point of time. If the data changes afterwards this is not of time. If the data changes afterwards this is not represented in
represented in the instance data set anymore, the valid values can be the instance data set anymore, the valid values can be retrieved in
retrieved in run-time via Netconf/Restconf run-time via Netconf/Restconf
Notifications about the change of data documented by Instance Data Notifications about the change of data documented by instance data
Sets may be supplied by e.g. the Yang-Push mechanism, but it is out sets may be supplied by e.g. the Yang-Push mechanism, but it is out
of scope for this document. of scope for this document.
5. Delivery of Instance Data 5. Delivery of Instance Data
Instance data files SHOULD be available without the need for a live Instance data sets that are produced as a result of some sort of
YANG server e.g. via download from the vendor's website, or any specification or design effort SHOULD be available without the need
other way together with other product documentation. for a live YANG server e.g. via download from the vendor's website,
or in any other way product documentation is distributed.
Other instance data sets may be read from or produced by the YANG
server itself e.g. UC6 documenting diagnostic data.
6. YANG Model 6. YANG Model
<CODE BEGINS> file "ietf-yang-instance-data.yang" <CODE BEGINS> file "ietf-yang-instance-data.yang"
module ietf-yang-instance-data { module ietf-yang-instance-data {
yang-version 1.1; yang-version 1.1;
namespace namespace
"urn:ietf:params:xml:ns:yang:ietf-yang-instance-data"; "urn:ietf:params:xml:ns:yang:ietf-yang-instance-data";
prefix yid ; prefix yid ;
import ietf-yang-data-ext { prefix yd; } import ietf-yang-data-ext { prefix yd; }
import ietf-datastores { prefix ds; }
import ietf-inet-types { prefix inet; }
import ietf-yang-types { prefix yang; }
import ietf-datastores { prefix ds; } organization "IETF NETMOD Working Group";
contact
"WG Web: <https://datatracker.ietf.org/wg/netmodf/>
WG List: <mailto:netmod@ietf.org>
organization "IETF NETMOD Working Group"; Author: Balazs Lengyel
contact <mailto:balazs.lengyel@ericsson.com>";
"WG Web: <https://datatracker.ietf.org/wg/netmodf/>
WG List: <mailto:netmod@ietf.org>
Author: Balazs Lengyel description "The module defines the structure and content of YANG
<mailto:balazs.lengyel@ericsson.com>"; instance data sets.";
description "The module defines the structure and content of YANG revision 2018-11-30 {
Instance Data Sets."; description "Initial revision.";
reference "RFC XXXX: YANG Instance Data Format";
}
revision 2018-06-30 { yd:yang-data instance-data-format {
description "Initial revision."; container instance-data-set {
reference "RFC XXXX: YANG Based Instance Data"; description "Auxiliary container to carry meta-data for
} the complete instance data set.";
yd:yang-data instance-data-format { leaf name {
container instance-data-set { type string;
description "Auxiliary container to carry meta-data for mandatory true;
the complete instance data set."; description "Name of the YANG instance data set.";
}
leaf name { leaf target-ptr {
type string; type union {
mandatory true; type string {
description "Name of a YANG Based Instance data set."; pattern 'inline:ietf-yang-library@\d{4}-\d{2}-\d{2}\.yang';
} }
type inet:uri;
}
description "A pointer to the list of target YANG modules
their revisions, supported features and deviations.
target-ptr SHALL use one of the following formats:
leaf description { type string; } IN-LINE format: target-ptr should bet set to:
'inline:ietf-yang-library@' revision-date '.yang'
E.g. inline:ietf-yang-library@2016-06-21.yang
The revision date is mandatory. When using the in-line
format the first group of data inside the content-data
node MUST be instance data targeted at the
ietf-yang-library. This data SHALL specify the target YANG
modules, revisions, supported features and deviations for
this and all the other target YANG modules of the set.
leaf contact { URI format. target-ptr MUST be a URI that references
type string; another YANG instance data file.
description "Contains the same information the contact This instance data file will use the same set of target
statement carries for a YANG module."; YANG modules, revisions, supported features and deviations
} as this other referenced YANG instance data file.";
}
leaf organization { leaf description { type string; }
type string;
description "Contains the same information the
organization statement carries for a YANG module.";
}
leaf datastore { leaf contact {
type ds:datastore-ref; type string;
description "The identity of the datastore for which description "Contact information for the person or
the instance data is documented for config=true data nodes. organization to whom queries concerning this
The leaf MAY be absent in which case the running dtastore or instance data set should be sent.";
if thats not writable, the candidate datastore is implied. }
For config=false data nodes always the operational leaf organization {
data store is implied."; type string;
} description "Organization responsible for the instance
data set.";
}
list revision { leaf datastore {
key date; type ds:datastore-ref;
description "An instance-data-set SHOULD have at least description "The identity of the datastore with which the
one revision entry. For every published instance data set is associated. If a single specific
editorial change, a new one SHOULD be added in front datastore can not be specified, the leaf MUST be absent.
of the revisions sequence so that all revisions are
in reverse chronological order.";
leaf date { If this leaf is absent, then the datastore to which the
type string { instance data belongs is undefined.";
pattern '\d{4}-\d{2}-\d{2}'; }
}
description "Specifies the data the revision
was last modified. Formated as YYYY-MM-DD";
}
leaf description { type string; } list revision {
} key date;
description "Instance data sets that are produced as
a result of some sort of specification or design effort
SHOULD have at least one revision entry. For every
published editorial change, a new one SHOULD be added
in front of the revisions sequence so that all
revisions are in reverse chronological order.
anydata data { For instance data sets that are read from
mandatory true; or produced by the YANG server or otherwise
description "Contains the real instance data. subject to frequent updates or changes, revision
The data MUST conform to the relevant YANG Modules."; SHOULD NOT be present";
}
} leaf date {
} type string {
} pattern '\d{4}-\d{2}-\d{2}';
}
description "Specifies the date the instance data set
was last modified. Formatted as YYYY-MM-DD";
}
leaf description { type string; }
}
leaf timestamp {
type yang:date-and-time;
description "The date and time when the instance data set
was last modified.
For instance data sets that are read from or produced
by the YANG server or otherwise subject to frequent
updates or changes, timestamp SHOULD be present";
}
anydata content-data {
mandatory true;
description "Contains the real instance data.
The data MUST conform to the relevant YANG Modules.";
}
}
}
}
<CODE ENDS> <CODE ENDS>
7. Security Considerations 7. Security Considerations
Depending on the nature of the instance data, instance data files MAY Depending on the nature of the instance data, instance data files MAY
need to be handled in a secure way. The same type of handling should need to be handled in a secure way. The same type of handling should
be applied, that would be needed for the result of a <get> operation be applied, that would be needed for the result of a <get> operation
returning the same data. returning the same data.
8. IANA Considerations 8. IANA Considerations
To be completed, all the usual requests for a new YANG module This document registers one URI and one YANG module.
9. References 8.1. URI Registration
9.1. Normative References This document registers one URI in the IETF XML registry [RFC3688].
Following the format in RFC 3688, the following registration is
requested to be made:
URI: urn:ietf:params:xml:ns:yang:ietf-yang-instance-data
Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace.
8.2. YANG Module Name Registration
This document registers one YANG module in the YANG Module Names
registry [RFC6020].
name: ietf-yang-instance-data
namespace: urn:ietf:params:xml:ns:yang:ietf-yang-instance-data
prefix: yid
reference: RFC XXXX
9. Acknowledgments
For their valuable comments, discussions, and feedback, we wish to
acknowledge Andy Bierman, Juergen Schoenwaelder, Rob Wilton, Joe
Clark, Martin Bjorklund, Ladislav Lhotka, Qin Wu and other members of
the Netmod WG.
10. References
10.1. Normative References
[I-D.ietf-netmod-yang-data-ext] [I-D.ietf-netmod-yang-data-ext]
Bierman, A., Bjorklund, M., and K. Watsen, "YANG Data Bierman, A., Bjorklund, M., and K. Watsen, "YANG Data
Extensions", draft-ietf-netmod-yang-data-ext-01 (work in Extensions", draft-ietf-netmod-yang-data-ext-01 (work in
progress), March 2018. progress), March 2018.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020,
DOI 10.17487/RFC6020, October 2010,
<https://www.rfc-editor.org/info/rfc6020>.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016, RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/info/rfc7950>. <https://www.rfc-editor.org/info/rfc7950>.
[RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG",
RFC 7951, DOI 10.17487/RFC7951, August 2016, RFC 7951, DOI 10.17487/RFC7951, August 2016,
<https://www.rfc-editor.org/info/rfc7951>. <https://www.rfc-editor.org/info/rfc7951>.
9.2. Informative References 10.2. Informative References
[I-D.ietf-ccamp-alarm-module] [I-D.ietf-ccamp-alarm-module]
Vallin, S. and M. Bjorklund, "YANG Alarm Module", draft- Vallin, S. and M. Bjorklund, "YANG Alarm Module", draft-
ietf-ccamp-alarm-module-04 (work in progress), October ietf-ccamp-alarm-module-06 (work in progress), November
2018. 2018.
[I-D.ietf-netconf-rfc7895bis] [I-D.ietf-netconf-rfc7895bis]
Bierman, A., Bjorklund, M., Schoenwaelder, J., Watsen, K., Bierman, A., Bjorklund, M., Schoenwaelder, J., Watsen, K.,
and R. Wilton, "YANG Library", draft-ietf-netconf- and R. Wilton, "YANG Library", draft-ietf-netconf-
rfc7895bis-07 (work in progress), October 2018. rfc7895bis-07 (work in progress), October 2018.
[I-D.ietf-netconf-yang-push] [I-D.ietf-netconf-yang-push]
Clemm, A., Voit, E., Prieto, A., Tripathy, A., Nilsen- Clemm, A., Voit, E., Prieto, A., Tripathy, A., Nilsen-
Nygaard, E., Bierman, A., and B. Lengyel, "Subscription to Nygaard, E., Bierman, A., and B. Lengyel, "Subscription to
skipping to change at page 12, line 32 skipping to change at page 17, line 27
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
Appendix A. Open Issues Appendix A. Open Issues
o If we define metadata per target module, a list of target YAM
could be included in the metadata. This depends on what
additional metadata we will include.
o How do we know for which version of the target Yang Module is a
data set valid? Proposal: One possibility would be to just
indicate for which module version(s) was the data set last
updated. This would be a hint about compatibility, but nothing
more. Maybe we should wait till the YANG versioning work is
complete/stable. Identifying just one version is way to strict,
so something enforcing that shall not be used.
o Should we document what YANG features does the instance data set
implicitly require? Proposal: that is already a use case,
documenting data from the YANG library.
o Augmenting metadata must be possible. As of now it looks like o Augmenting metadata must be possible. As of now it looks like
yang-data-ext will solve that. If not, define instance data as yang-data-ext will solve that. If not, define instance data as
regular YANG instead of yd:yang-data. regular YANG instead of yd:yang-data.
Appendix B. Changes between revisions Appendix B. Changes between revisions
v00 - v01
o Added the target-ptr metadata with 3 methods
o Added timestamp metadata
o Removed usage of dedicated .yid file extension
o Added list of use cases
o Added list of principles
o Updated examples
o Moved detailed use case descriptions to appendix
v05 - v00-netmod
o New name for the draft following Netmod workgroup adoption. No
other changes
v04 - v05 v04 - v05
o Changed title and introduction to clarify that this draft is only o Changed title and introduction to clarify that this draft is only
about the file format and documenting server capabilities is just about the file format and documenting server capabilities is just
a use case. a use case.
o Added reference to draft-wu-netconf-restconf-factory-restore o Added reference to draft-wu-netconf-restconf-factory-restore
o Added new open issues. o Added new open issues.
skipping to change at page 14, line 4 skipping to change at page 18, line 50
be just the primary use-case. (Merged chapter 4 into the use case be just the primary use-case. (Merged chapter 4 into the use case
chapter.) chapter.)
o Stated that RFC7950/7951 encoding must be followed which also o Stated that RFC7950/7951 encoding must be followed which also
defines (dis)allowed whitespace rules. defines (dis)allowed whitespace rules.
o Added UTF-8 encoding as it is not specified in t950 for instance o Added UTF-8 encoding as it is not specified in t950 for instance
data data
o added XML declaration o added XML declaration
v00 - v01
v00 - v01
o Redefined using yang-data-ext o Redefined using yang-data-ext
o Moved meta data into ordinary leafs/leaf-lists o Moved metadata into ordinary leafs/leaf-lists
Appendix C. Detailed Use Cases - Non-Normative
C.1. Use Cases
We present a number of use cases were YANG instance data is needed.
C.1.1. Use Case 1: Early Documentation of Server Capabilities
A YANG server has a number of server-capabilities that are defined in
YANG modules and can be retrieved from the server using protocols
like NETCONF or RESTCONF. YANG server capabilities include
o data defined in ietf-yang-library: YANG modules, submodules,
features, deviations, schema-mounts, datastores supported
([I-D.ietf-netconf-rfc7895bis])
o alarms supported ([I-D.ietf-ccamp-alarm-module])
o data nodes, subtrees that support or do not support on-change
notifications ([I-D.ietf-netconf-yang-push])
o netconf-capabilities in ietf-netconf-monitoring
While it is good practice to allow a client to query these
capabilities from the live YANG server, that is often not possible.
Often when a network node is released an associated NMS (network
management system) is also released with it. The NMS depends on the
capabilities of the YANG server. During NMS implementation
information about server capabilities is needed. If the information
is not available early in some off-line document, but only as
instance data from the live network node, the NMS implementation will
be delayed, because it has to wait for the network node to be ready.
Also assuming that all NMS implementors will have a correctly
configured network node available to retrieve data from, is a very
expensive proposition. (An NMS may handle dozens of node types.)
Network operators often build their own home-grown NMS systems that
needs to be integrated with a vendor's network node. The operator
needs to know the network node's server capabilities in order to do
this. Moreover the network operator's decision to buy a vendor's
product may even be influenced by the network node's OAM feature set
documented as the Yang server's capabilities.
Beside NMS implementors, system integrators and many others also need
the same information early. Examples could be model driven testing,
generating documentation, etc.
Most server-capabilities are relatively stable and change only during
upgrade or due to licensing or addition or removal of HW. They are
usually defined by a vendor in design time, before the product is
released. It feasible and advantageous to define/document them early
e.g. in a YANG instance data File.
It is anticipated that a separate IETF document will define in detail
how and which set of server capabilities should be documented.
C.1.2. Use Case 2: Preloading Data
There are parts of the configuration that must be fully configurable
by the operator, however for which often a simple default
configuration will be sufficient.
One example is access control groups/roles and related rules. While
a sophisticated operator may define dozens of different groups often
a basic (read-only operator, read-write system administrator,
security-administrator) triplet will be enough. Vendors will often
provide such default configuration data to make device configuration
easier for an operator.
Defining Access control data is a complex task. To help the device
vendor pre-defines a set of default groups (/nacm:nacm/groups) and
rules for these groups to access specific parts of common models
(/nacm:nacm/rule-list/rule).
YANG instance data files are used to document and/or preload the
default configuration.
C.1.3. Use Case 3: Documenting Factory Default Settings
Nearly every YANG server has a factory default configuration. If the
system is really badly misconfigured or if the current configuration
is to be abandoned the system can be reset to this default.
In Netconf the <delete-config> operation can already be used to reset
the startup datastore. There are ongoing efforts to introduce a new,
more generic reset-datastore operation for the same purpose
[I-D.wu-netconf-restconf-factory-restore]
The operator currently has no way to know what the default
configuration actually contains. YANG instance data can be used to
document the factory default configuration.
Authors' Addresses Authors' Addresses
Balazs Lengyel Balazs Lengyel
Ericsson Ericsson
Magyar Tudosok korutja 11 Magyar Tudosok korutja 11
1117 Budapest 1117 Budapest
Hungary Hungary
Phone: +36-70-330-7909 Phone: +36-70-330-7909
 End of changes. 85 change blocks. 
295 lines changed or deleted 644 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/