Transcript Subscribing to Events and YANG datastores

Subscribing to Events and YANG datastores
IETF #96 Berlin
21-July-2016
Andy Bierman
Sharon Chisholm
Alexander Clemm
Einar Nilsen-Nygaard
Yan Gang
Peipei Guo
Susan Hares
Tim Jenkins
Balazs Lengyel
Alberto Gonzalez Prieto
Hector Trevino
Ambika Prasad Tripathy
Eric Voit
Kent Watsen
Guangying Zheng (Walker)
Must have Alternative to Polling
push
Anything different?
no
Anything different?
No.
Anything different?
NO!
Anything different?
Yeah.
Continuous Polling Device
Well known cost/scale limits with
continuous polling
•
Propagation latency
•
CPU, Bandwidth
•
Multiple Polling devices
Device
Subscribing Device
Up-to-date objects delivered
•
Reaction speed
•
CPU, Bandwidth reduced
•
New use cases based on
distributed synched state
Subscriptions
Subscriber
Subscription
Request
Publisher
Receiver
Response
Datastore
Pushed
Updates
Events
Device
Generalized Publisher Capabilities
Streaming of updates
Subscribing to updates
• Customized to recipient
• On-change or Periodic
• Event Stream or Subtree(s) of YANG Datastore
• Statically configured or dynamically signaled
Subscription
interface
Streaming
mechanism
Publisher
Any Model
Datastore
Vendor Model
Events
Many Consumption Models
Application
Collector
NMS
Network
Element
Orchestration
Application
Routes
Counters
Status
Subscriber
Counters
Flows
Config
Status
Config
Config
Routes
Subscriber
Subscriber
Subscriber
Publisher
Datastore
Subscriber
Events
Network Element
Config
Capacity
Subscriber
Controller
Application
Config
Counters
Status
Routes
Subscriber
Publisher
Applicability beyond the Network Element
NMS
Subscriber
Controller/Collector
Publisher
Datastore
Application
YANG Models describing
network state can be
published as well.
Subscriber
Network
Element
Publisher
Events
Which in turn can be
integrated as part of fast
reacting multi-layered
abstraction
Differentiating Event Notifications &
YANG Datastore Push
Datastore
Events
complimentary
What you need
Consume a stream of Publisher generated
messages at the cadence determined by
the Publisher
Consume a stream of Publisher generated
YANG data updates at a cadence
negotiated with the Subscriber
What to
Use
5277bis Event Notifications
YANG Push
Requirements
RFC 5277 + NETCONF WG Discussions
RFC 7923
Tracking the Subscription work
• Github repository for 4 drafts under discussion
https://github.com/netconf-wg
Current draft
YANG Datastore Push
Subscription draft-ietf-netconf-yang-push
Mechanism: Subscriptions for Event Notifications
draft-gonzalez-netconf-5277bis
Choice of
Transports:
Git name
yang-push
rfc5277bis
NETCONF Transport for Event Notifications
draft-gonzalez-netconf-event-notifications
notif-netconf
RESTCONF & HTTP Transport for Event Notifications
draft-voit-netconf-restconf-notif
notif-restconf
Future Transport Notification drafts
Functional Partitioning
Subscription
Event Notifications
Types of Subscription
Subscriptions per Session
Negotiation
RPCs
5277 Mode
Dynamic
one
No
create
Control Plane Notifications
None
Transport
Data Plane Notifications
notification
NETCONF
RESTConf, HTTP, HTTP2
No
YANG Datastore
Push
Enhanced
Dynamic and Configured
many
Yes
establish, modify, delete
started, suspended, resumed,
terminated, modified
push-update,
+subscription-id push-change-update
Yes
Yes
Legend
YANG Datastore Push
Subscriptions for Event Notifications
NETCONF Transport for Event Notifications
RESTCONF Transport for Event Notifications
Compatibility with RFC-5277
Current Functional Partitioning Context
YANG Datastore Push (includes functions above Base Subscription Draft):
• Datastore on-change and periodic triggers • Push-update, Push• YANG filters per RFC6241
change-update
• Authorization model per object
• New stream types & stuff
• Negotiation
Subscriptions for Event Notifications (Base Subscription Draft)
• Support for many subscriptions / transport • Stream discovery
• Dynamic & Configured state machines
• Stream configuration
• Multiple configured receivers
• Data Plane Notification
• New stream types (syslog?)
• 5277 mode & YANG model
• Authorization model per stream
• Replay (by Stream type)
• RFC5277 & XPATH filters
• Prioritization
• RPCs: Establish, modify, delete
• Monitoring
• Error responses (under error-info?)
• Notifications: started, suspended, resumed, terminated, modified
NETCONF Transport for Event
Notifications
• Transport mapping
• 5277 mode
RESTCONF & HTTP Transport for Event
Notifications
• Transport mappings
• Subscriber/receiver different
• Heartbeats and clean-up
• Subscription to HTTP2 stream
Out of Scope/future: dynamic stream creation, new undefined filter types
Requirements of RFC 7923
VRF support
Parameter negotiation
Dynamic
Start/stop time
Configured
Multiple receivers
Event Notification
Push synchronization
Configuration
Periodic
Burst dampening
On-change
Per leaf/subtree
DDoS protection
Admission Control
Operations
Trigger
Modify
Subscriptions
Filters
Subtree
Security
QoS
Visibility
Transport
Encoding
Stateful
Substring
Netconf
Range
Restconf
Prioritized Push
XML
JSON
HTTP/2
Only for YANG Datastore Push
Context with OC-Telemetry.yang
Netconf
Restconf
Periodic
Security by subtree
On-change
Dampened Eventing
Configured subscriptions
Parameter negotiation
Dynamic subscriptions
RFC-5277 Compatibility
Multiple receivers
Value and Range filtering
Subtree filtering
Prioritized subscriptions
HTTP/2
DDoS vector protection
DSCP
Push synchronization
Start/stop time
JSON
VRF support
XML
GBP
gRPC
Recurring requirement: specification of market requested, non-IETF technologies
Only for YANG Datastore Push
MUST UPDATE
Key items in –v02 subscription Data Model
Signaled
(Dynamic)
Subscriptions
+ also for
Configured
(Static)
Subscriptions
+--rw datastore-push-subscription*
+--rw subscription-id
+--rw stream?
+--rw encoding?
+--rw subscription-start-time?
+--rw subscription-stop-time?
+--rw (filterspec)?
| +--rw (filter-type)?
|
+--:(subtree)
|
| +--rw subtree-filter
|
+--:(xpath)
|
+--rw xpath-filter?
+--rw (update-trigger)?
| +--:(periodic)
| | +--rw period
| +--:(on-change)
|
+--rw no-synch-on-start?
|
+--rw dampening-period
|
+--rw excluded change*
+--rw dscp?
+--rw subscription-priority?
+--rw subscription-dependency?
|
+--rw receiver* [address]
| +--rw address
| +--rw port?
+--rw (push-source)?
+--:(address-originated)
| +--rw source-vrf?
: +--rw source-address
Config? Operational? Ephemeral? Multiple? Other?
Encode in XML? in JSON?
Timeframe of interest
Filter stream so that just items desired are pushed
Extensible for multiple filter types
The amount of time between periodic updates
Send full initial state?
Minimum interval between pushes
Push object adds/deletes? Property changes?
Network QoS Class
Dequeuing precedence
One or more pre-configured recipients
Should the Push egress from a specific place?
Transport for Event Notifications
Transport bindings defined
NETCONF
RESTCONF
Locally Configured
Publisher
HTTP Receiver
Publisher
Subscription
Subscription
Subscription
Subscription
Subscriber
Requests
Subscription
Subscription
Publisher
Subscription
Subscription
Subscriber
Requests
Subscription
Subscription
Configured
YANG
YANG
YANG
YANG
YANG
XML
XML
JSON
JSON
JSON
JSON
Netconf Client
Netconf Server
Restconf Client
Restconf Server
HTTP2 Server
HTTP2
Client
Stream
Stream
YANG
RESTCONF & HTTP Transport for Event Notifications
Appendix
YANG
JSON
Restconf Client
YANG
JSON
Restconf HTTP
Server Client
Subscription
Subscription
Publisher
Subscription
Subscription
Subscriber
Requests
Separate Subscriber & Receiver
Receiver
YANG
JSON
HTTP Server
YANG Push results at IETF95 Hackathon
Objective
• Extend OpenDaylight’s YANG Push Client
Coded / Demonstrated
• Create Subscription (via OpenDaylight)
• Delete Subscription (via NETCONF session)
• On-change subscription (via NETCONF session)
March 2016
Questions?
• Also will do a deeper dive in NETCONF on Thursday….
Subtree and XPATH Filtering
• Can enable a reduction in sent objects by order(s) of magnitude
• Subtree and XPATH cannot be combined
Subscribe to this target node
Subtree Filtering
Use when you want to explicitly
exclude (or include) all of an
object type:
Interfaces-state
interface [name]
name
oper-status
phys-address
speed
statistics
discontinuity-time
in-octets
out-octets
in-discards
…
XPATH Filtering
Use when you want a subset of instances
from a list
(e.g.: [E0, E1])
Dampening Period & Suppressed Periodic
Behavior
Subscription to interface state
Subscription
Interfaces-state
interface [name]
E0
E1
oper-status
Interface UP
Interface DOWN
Events
E0
E0 E0E0 E0 E0 E0 E0E0
E1 E1
Time
YANG Push
Dampening period =10
On-change
OC-Telemetry.yang
Period =10
Suppress Redundant = Yes
0
10 11
E0
E1
0
E0
E1
21
E0
10
20
E0
23
33
43
E0
E0
E0
E1
30
40
Update Stream
• State at a certain time
Update Stream
• Faster reaction
• Shows flaps underway
50
Dampening Period & Suppressed Periodic
Behavior
Subscription to Access Control List
Subscription
ACL*
ACL entries
ACE
matches
action
commit
200
commit
100
200
commit commit
50
100
100
200
200
50 access-list permit ip any any
100 access-list permit host 192.168.1.1
200 access-list deny any any
YANG Push
Dampening period = 60
On-change
OC-Telemetry.yang
Period = 60
Suppress Redundant = Yes
0
25
85
create
200
create
100
60
create
100
200
Security Vulnerability
Time
125
delete
50
120
Update Stream
• Exposes
existence of
transient config
Thank you!
21