NETMOD Working Group H. Birkholz Internet-Draft Fraunhofer SIT Intended status: Standards Track Q. Wu Expires: November 13, 2020 Huawei I. Bryskin Individual X. Liu Volta Networks B. Claise Cisco May 12, 2020 A YANG Data model for ECA Policy Management draft-wwx-netmod-event-yang-07 Abstract This document defines a YANG data model for the Event Condition Action (ECA) policy management. The ECA policy YANG provides the ability for the network management function (within a network element) to control the configuration and monitor state change and take simple and instant action on the server when a trigger condition on the system state is met. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on November 13, 2020. Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. Birkholz, et al. Expires November 13, 2020 [Page 1] Internet-Draft ECA YANG May 2020 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Conventions used in this document . . . . . . . . . . . . . . 3 2.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 2.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 4 3. Overview of ECA YANG Data Model . . . . . . . . . . . . . . . 4 3.1. ECA Policy Variable and Value . . . . . . . . . . . . . . 5 3.2. ECA Event . . . . . . . . . . . . . . . . . . . . . . . . 6 3.3. ECA Condition . . . . . . . . . . . . . . . . . . . . . . 8 3.4. ECA Action . . . . . . . . . . . . . . . . . . . . . . . 8 3.5. ECA . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 4. Where ECA scripts are executed? . . . . . . . . . . . . . . . 11 5. ECA YANG Model (Tree Structure) . . . . . . . . . . . . . . . 11 6. ECA YANG Module . . . . . . . . . . . . . . . . . . . . . . . 15 7. Security Considerations . . . . . . . . . . . . . . . . . . . 32 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 33 9. Acknowledges . . . . . . . . . . . . . . . . . . . . . . . . 34 10. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 34 11. Normative References . . . . . . . . . . . . . . . . . . . . 35 Appendix A. ECA Condition Expression Examples . . . . . . . . . 37 Appendix B. ECA Model Usage Example . . . . . . . . . . . . . . 37 Appendix C. Changes between Revisions . . . . . . . . . . . . . 39 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 40 1. Introduction Network management consists of using one or multiple device-, technology-, service specific policies to influence management behavior within the system and make sure policies are enforced or executed correctly. Event-driven policy management can be used to monitor state changes of managed objects or resource across a wide range of devices and automatic trigger of rules in response to events so as to better service assurance for customers and provide rapid autonomic response that can exhibit self-management properties including self- configuration, self-healing, self-optimization, and self-protection. Birkholz, et al. Expires November 13, 2020 [Page 2] Internet-Draft ECA YANG May 2020 Following are some of the use-cases where such ECA Policy can be used: o To filter out of objects underneath a requested a subtree, the subscriber may use YANG Push mechanism to request the network server to monitor specific network management data objects and send updates only when the value exceeds a certain threshold for the first time but not again until the threshold is cleared. o To provide rapid autonomic response that can exhibit self- management properties, the management system delegate event response behaviors (e.g., auto-recover from network failure) to the network device so that the network can react to network change as quickly as the event is detected. The event response behaviors delegation can be done using ECA policy,e.g., to preconfigure protection/ restoration capability on the network device. o To perform troubleshoot failures (i.e., fault verification and localization) and provide root cause analysis, the management system monitoring specific network management data objects may request the network device to export state information of a set of managed data objects when the value of monitored data object exceeds a certain threshold. o To set up an LSP and reserve resources within the network via NETCONF protocol operation, Path Computation API RPC model can be invoked to calculate a path meeting end-to-end network performance criteria. This document defines a ECA Policy management YANG data model. The ECA Policy YANG provides the ability for the network management function (within a network element) to control the configurations and monitor state parameters and take simple and instant action on the server when a trigger condition on the system state is met. The data model in this document is designed to be compliant with the Network Management Datastore Architecture (NMDA) [RFC8342]. 2. Conventions used in this document 2.1. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. In this document, these words will appear with that interpretation only when in ALL CAPS. Lower case uses of these words are not to be interpreted as carrying [RFC2119] significance. Birkholz, et al. Expires November 13, 2020 [Page 3] Internet-Draft ECA YANG May 2020 The following terms are defined in [RFC7950] [RFC3460] and are not redefined here: o Server o Client o Policy variable o Policy value o Implicit policy variable o explicit policy variable This document uses the following terms: Event: Something that happens which may be of interest or trigger the invocation of the rule. A fault, an alarm, a change in network state, network security threat, hardware malfunction, buffer untilization crossing a threshold, network connection setup, an external input to the system, for example. Condition: Condition can be seen as a logical test that, if satisfied or evaluated to be true, cause the action to be carried out. Action: Updates or invocations on local managed object attributes. 2.2. Tree Diagrams Tree diagrams used in this document follow the notation defined in [RFC8340]. 3. Overview of ECA YANG Data Model A ECA policy rule is read as: when event occurs in a situation where condition is true, then action is executed. Therefore ECA comprises three key elements: event, associated conditions, and actions. These three elements should be pushed down and configured on the server by the client. If the action is rejected by the server duing ECA policy execution, the action should be rolled back and cleaned up. Birkholz, et al. Expires November 13, 2020 [Page 4] Internet-Draft ECA YANG May 2020 3.1. ECA Policy Variable and Value ECA policy variable (PV) generically represents datastore states that change (or "varie"), and that is set or evaluated by software. ECA policy value is used for modeling values and constants used in policy conditions and actions. In policy, conditions and actions can abstract information as "policy variables" to be evaluated in logical expressions, or set by actions, e.g., the policy condition has the semantics "variable matches value" while policy action has the semantics "set variable to value". In ECA, two type of policy variables are defined, implicit variable and explicit variable. Explicit variables are bound to exact data object instance in the model while implicit variables are defined and evaluated outside of a model. Each ECA policy variable has the following attributes: o Name with Globally unique or ECA unique scope ; o Type either implicit or explicit; The implicit or explicit type can be further broken down into global or local. o Value data stored in the policy variable structured according to the PV type. This structure can be used to keep intermediate results/meta data during the execution of an ECA policy. The following operations are allowed with/on a PV: o initialize (with a constant/enum/identity); o set (with contents of another same type PV); o read (retrieve datastore contents pointed by the specified same type XPath/sub-tree); o write (modify configuration data in the datastore with the PV's content/value); o insert (PV's content into a same type list); o iterate (copy into PV one by one same type list elements) o function calls in a form of F(arg1,arg2,...), where F is an identity of a function from extendable function library, arg1,arg2,etc are PVs respectively, the function's input parameters, with the result returned in result policy variable. Birkholz, et al. Expires November 13, 2020 [Page 5] Internet-Draft ECA YANG May 2020 PVs could be used as input/output of an ECA invoked RPC and policy argument in the func calls. PVs could also be a source of information sent to the client in notification messages. PVs could be also used in condition expressions. The model structure for the Policy Variable is shown below: +--rw policy-variables | +--rw policy-variable* [name] | +--rw name string | +--rw (type-choice)? | | +--:(implicit) | | | +--rw implicit-variable identityref | | +--:(explicit) | | | +--rw explicit-variable yang:xpath1.0 | +--rw value? 3.2. ECA Event The ECA Event is any subscribable event notification either explicitly defined in a YANG module (e.g., alarm model) supported by the server or a event stream conveyed to the server via YANG Push subscription. The ECA event are used to keep track of state of changes associated with one of multiple operational state data objects in the network device. Typical examples of ECA event include a fault, an alarm, a change in network state, network security threat, hardware malfunction, buffer utilization crossing a threshold, network connection setup, and an external input to the system. Each ECA Event has the following attributes: o name, the name of ECA event; o type, either one time or periodic scheduling; o scheduled-time,in case of periodic scheduling. A client may define an event of interest by making use of YANG PUSH subscription. Specifically, the client may configure an ECA event according to the ECA model specifying the event's name, as well as the name of corresponding PUSH subscrition. In this case the server is expected to: Birkholz, et al. Expires November 13, 2020 [Page 6] Internet-Draft ECA YANG May 2020 o Register the event recording its name and using the referred PUSH subsription trigger as definition of the event firing trigger; o Auto-configure the event's ECA input in the form of local PVs using the PUSH subscription's filters; o At the moment of event firing intercept the notifications that would be normally sent to the PUSH subscription's client(s); copy the data store states pointed by the PUSH subscription's filters into the auto-configured ECA's local PVs and execute the ECA's condition-action chain. All events (specified in at least one ECA pushed to the server) are required to be constantly monitored by the server. One way to think of this is that the server subscribes to its own publications with respect to all events that are associated with at least one ECA. The model structure for the ECA Event is shown below: +--rw event* [name type] +--rw name string +--rw policy-variable? | -> /gnca/policy-variables/policy-variable/name +--rw local-policy-variable? | -> /gnca/ecas/eca/policy-variable/name +--rw (type-choice)? | +--:(stream) | +--rw stream | | +--rw name? string | | +--rw filter* string | +--:(alarm-event-stream) | | +--rw resource resource | | +--rw alarm-type-id alarm-type-id | | +--rw alarm-type-qualifier alarm-type-qualifier | | +--rw alt-resource resource | | +--rw related-alarm* | | +--rw impacted-resource* resource | | +--rw root-cause-resource* resource | | +--rw time yang:date-and-time | | +--rw percieved-severity severity-with-clear | | +--rw alarm-text alarm-text | +--:(timer) | | +--rw time-schedule! | | +--rw start? yang:date-and-time | | +--rw repeat-interval? uint32 Birkholz, et al. Expires November 13, 2020 [Page 7] Internet-Draft ECA YANG May 2020 3.3. ECA Condition The ECA Condition is the logical expression that is specified in a form of Xpath expression and evaluated to TRUE or FALSE. The XPath expression specifies an arbitrary logical/mathematical expression; The elements of the ECA Condition expression are referred by the XPaths pointing to referred datastore states. The ECA Condition expression in the form of XPath expression allows for specifying a condition of arbitrary complexity as a single string with an XPath expression, in which pertinent PVs and datastore states are referred to by their respective positions in the YANG tree. ECA Conditions are associated with ECA Events and evaluated only within event threads triggered by the event detection. When an ECA Condition is evaluated to TRUE, the associated ECA Action is executed. The model structure for the condition is shown below: +--rw conditions | +--rw condition* [name] | +--rw name string | +--rw (expression-choice)? | +--:(xpath) | +--rw condition-xpath? string 3.4. ECA Action The ECA Action list consists of updates or invocations on local managed object attributes and a set of actions are defined as follows, which will be performed when the corresponding event is triggered: o sending one time notification o (-re)configuration - modifying a configuration data in the conventional configuration datastore. o (re-)configuration scheduling - scheduling one time or periodic (re-)configuration in the future o adding/removing event notify subscription (essentially, the same action as performed when a client explicitly adds/removes a subscription) Birkholz, et al. Expires November 13, 2020 [Page 8] Internet-Draft ECA YANG May 2020 o executing an RPC defined by a YANG module supported by the server (the same action as performed when a client interactively calls the RPC); o performing operations and function calls on PVs (such as assign, read, insert, iterate, etc); o starting/stopping timers; o stopping current ECA; o invoking another ECA; o NO-ACTION action - meaningful only within ECA's Cleanup Condition- Action list to indicate that the ECA's Normal Condition-Action thread must be terminated as soon as one of the required Actions is rejected by the server. Two points are worth noting: o When a NETWONF/YANG RPC appears in an ECA Action body, the server is expected to interpret this as follows: execute the same logic, as when the client explicitly calls said RPC via NETCONF. For example, when TE_Tunnel_Path_Computation RPC is found in the currently executed Action, the server is expected to call its TE path computation engine and pass to it the specified parameters in the Action input. o When a "Send notification" action is configured as an ECA Action, the notification message to be sent to the client may contain not only elements of the data store (as, for example, YANG PUSH or smart filter notifications do), but also the contents of global and local PVs, which store results of arbitrary operations performed on the data store contents (possibly over arbitrary period of time) to determine, for example, history/evolution of data store changes, median values, ranges and rates of the changes, results of configured function calls and expressions, etc. - in short, any data the client may find interesting about the associated event with all the logic to compute said data delegated to the server. Importantly, ECA notifications are the only ECA actions that directly interact with and hence need to be unambiguously understood by the client. Furthermore, the same ECA may originate numerous single or repetitive semantically different notifications within the same or separate event firings. In order to facilitate for the client the correlation of events and ECA notifications received from the server, the GNCA model requires each notification to carry mandatory information, such as event and (event scope unique) notification names. Birkholz, et al. Expires November 13, 2020 [Page 9] Internet-Draft ECA YANG May 2020 Multiple ECA Actions could be triggered by a single ECA event. Any given ECA Condition or Action may appear in more than one ECAs. The model structure for the actions is shown below: +--rw actions | +--rw action* [name] | +--rw name string | +--rw action-element* [name] | | +--rw name string | | +--rw action-type? identityref | | +--rw (action-operation)? | | +--:(action) | | | +--rw action-name? | | | -> /eca/actions/action/name | | +--:(set) | | | +--rw name? string | | | +--rw policy-variable* [name] | | | +--rw name string | | | +--rw policy-argument | | | +--rw policy-value | | +--:(function-call) | | | +--rw function-call | | | +--rw function-type? identityref | | | +--rw src | | | | +--rw policy-argument | | | +--rw dst | | | +--rw policy-argument | | +--:(rpc-operation) | | | +--rw rpc-operation | | | +--rw name? string | | | +--rw nc-action-xpath? string | | | +--rw policy-variable* [name] | | | +--rw name string | | | +--rw policy-argument | | +--:(notify-operation) | | +--rw notify-operation | | +--rw name? string | | +--rw policy-variable* [name] | | +--rw name string | | +--rw policy-argument | +--rw time-schedule | +--rw start? yang:date-and-time | +--rw repeat-interval? string Birkholz, et al. Expires November 13, 2020 [Page 10] Internet-Draft ECA YANG May 2020 3.5. ECA An ECA container includes: o ECA name o List of local PVs. As mentioned, local PVs could be configured as dynamic (their instances appear/disappear with start/stop of the ECA execution) or static (their instances exisr as long as the ECA is configured). The ECA input (the contents of the associated notification message, such as YANG PUSH or smart filter notification message) are the ECA's implict local dynamic PVs with automatically generated names o Normal CONDITION-ACTION list: configured conditions each with associated actions to be executed if the condition is evaluated to TRUE o Cleanup CONDITION-ACTION list: configured conditions/actions to be evaluated/executed in case any Action from the Normal CONDITION- ACTION list was attempted and rejected by the server. In other words, this list specifies the ECA cleanup/unroll logic after rejection of an Action from the Normal CONDITION-ACTION list. An empty Cleanup CONDITION-ACTION list signifies that the ECA's normal Actions should be executed regardless of whether the previously attempted ECA Actions were rejected or not by the server. Cleanup CONDITION-ACTION list containing a single NO- ACTION Action signifies that the ECA thread is to be immediately terminated on rejection of any attempted Action (without executing any cleanup logic) 4. Where ECA scripts are executed? It could be said that the main idea of the ECA is decoupling the place where the network control logic is defined from the place where it is executed. In previous sections of this document it is assumed that the network control logic is defined by a client and pushed to and executed by the network (server). This is accomplished via ECA scripts, which are essentially bunches of regular NETCONF style operations (such as get, set, call rpc) and event notifications glued together via Policy Variables, PVs. 5. ECA YANG Model (Tree Structure) The following tree diagrams [RFC8340] provide an overview of the data model for the "ietf-eca" module. module: ietf-eca Birkholz, et al. Expires November 13, 2020 [Page 11] Internet-Draft ECA YANG May 2020 +--rw gnca +--rw policy-variables | +--rw policy-variable* [name] | +--rw name string | +--rw (type-choice)? | | +--:(implicit) | | | +--rw implicit-variable identityref | | +--:(explicit) | | | +--rw explicit-variable yang:xpath1.0 | +--rw value? +--rw event* [name type] | +--rw name string | +--rw policy-variable? | | -> /gnca/policy-variables/policy-variable/name | +--rw local-policy-variable? | | -> /gnca/ecas/eca/policy-variable/name | +--rw (type-choice)? | | +--:(stream) | | +--rw stream | | | +--rw name? string | | | +--rw filter* string | | | +--rw remote-publisher! | | | +--rw address? inet:ip-address-no-zone | | | +--rw port? inet:port-number | | | +--rw transport? sn:transport | | +--:(alarm-event-stream) | | | +--rw resource resource | | | +--rw alarm-type-id alarm-type-id | | | +--rw alarm-type-qualifier alarm-type-qualifier | | | +--rw alt-resource resource | | | +--rw related-alarm* | | | +--rw impacted-resource* resource | | | +--rw root-cause-resource* resource | | | +--rw time yang:date-and-time | | | +--rw percieved-severity severity-with-clear | | | +--rw alarm-text alarm-text | | +--:(timer) | | | +--rw time-schedule! | | | +--rw start? yang:date-and-time | | | +--rw repeat-interval? uint32 +--rw conditions | +--rw condition* [name] | +--rw name string | +--rw (expression-choice)? | +--:(xpath) | +--rw condition-xpath? string +--rw actions | +--rw action* [name] Birkholz, et al. Expires November 13, 2020 [Page 12] Internet-Draft ECA YANG May 2020 | +--rw name string | +--rw action-element* [name] | | +--rw name string | | +--rw action-type? identityref | | +--rw (action-operation)? | | +--:(action) | | | +--rw action-name? | | | -> /eca/actions/action/name | | +--:(set) | | | +--rw name? string | | | +--rw policy-variable* [name] | | | +--rw name string | | | +--rw policy-argument | | | +--rw policy-value | | +--:(function-call) | | | +--rw function-call | | | +--rw function-type? identityref | | | +--rw src | | | | +--rw policy-argument | | | +--rw dst | | | +--rw policy-argument | | +--:(rpc-operation) | | | +--rw rpc-operation | | | +--rw name? string | | | +--rw nc-action-xpath? string | | | +--rw policy-variable* [name] | | | +--rw name string | | | +--rw policy-argument | | +--:(notify-operation) | | +--rw notify-operation | | +--rw name? string | | +--rw policy-variable* [name] | | +--rw name string | | +--rw policy-argument | +--rw time-schedule | +--rw start? yang:date-and-time | +--rw repeat-interval? string +--rw ecas | +--rw eca* [name] | +--rw name string | +--rw event-name leafref | +--rw policy-variable* [name] | | +--rw name string | | +--rw (type-choice)? | | +--:(implicit) | | | +--rw implicit-variable identityref | | +--:(explicit) | | | +--rw explicit-variable yang:xpath1.0 Birkholz, et al. Expires November 13, 2020 [Page 13] Internet-Draft ECA YANG May 2020 | | +--rw value? | +--rw condition-action* [name] | | +--rw name string | | +--rw condition? -> /gnca/conditions/condition/name | | +--rw action? -> /gnca/actions/action/name | +--rw cleanup-condition-action* [name] | | +--rw name string | | +--rw condition? -> /gnca/conditions/condition/name | | +--rw action? -> /gnca/actions/action/name | +---x start | +---x stop | +---x pause | +---x resume | +---x next-action | +--ro execution* [id] | +--ro id uint32 | +--ro oper-status? oper-status | +--ro start-time? | | yang:date-and-time | +--ro stop-time? | | yang:date-and-time | +--ro next-scheduled-time? | | yang:date-and-time | +--ro last-condition-action? | | -> ../../condition-action/name | +--ro last-condition? | | -> ../../condition-action/condition | +--ro last-action? | | -> ../../condition-action/action | +--ro last-cleanup-condition-action? | -> ../../cleanup-condition-action/name +--rw eca-scripts | +--rw eca-script* [script-name] | +--rw script-name string | +--rw eca* [eca-name] | +--rw eca-name -> /gnca/ecas/eca/name notifications: +---n eca-execution +--ro oper-status oper-status +--ro name string +--ro policy-variable* [name] +--ro name string +--ro policy-argument | +--ro type? identityref | +--ro (argument-choice)? | +--:(policy-constant) | | +--ro constant? string Birkholz, et al. Expires November 13, 2020 [Page 14] Internet-Draft ECA YANG May 2020 | +--:(policy-variable) | | +--ro policy-variable? -> /gnca/policy-variables/policy-variable/name | +--:(local-policy-variable) | | +--ro local-policy-variable? -> /gnca/ecas/eca/policy-variable/name | +--:(xpath) | +--ro xpath? string +--ro value? 6. ECA YANG Module file "ietf-eca@2019-10-28.yang" module ietf-eca { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:ietf-eca"; prefix "gncd"; import ietf-yang-types { prefix "yang"; } import ietf-inet-types { prefix "inet"; } import ietf-alarms { prefix "al"; } import ietf-subscribed-notifications { prefix "sn"; } organization "IETF Network Configuration (NETCONF) Working Group"; contact "WG Web: WG List: Editor: Qin Wu Editor: Igor Bryskin Editor: Henk Birkholz Editor: Xufeng Liu Editor: Benoit Claise Editor: Alexander Clemm "; Birkholz, et al. Expires November 13, 2020 [Page 15] Internet-Draft ECA YANG May 2020 description "Event Condition Action (ECA) model."; revision 2018-06-22 { description "Initial revision"; reference "RFC XXXX"; } /* * Typedefs */ identity argument-type { description "Possible values are: constant, variable, or datastore state."; } identity comparison-type { description "Possible values are: equal, not-equal, greater, greater-equal, less, less-equal."; } identity logical-operation-type { description "Possible values are: not, or, and."; } identity function-type { description "Possible values are: plus, minus, mult, divide, remain."; } identity content-moving-operation-type { description "Possible values are: copy, iterate, insert."; } identity action-type { description "Possible values are: action, content-move, function-call, rpc, notify."; } identity policy-variable-type { Birkholz, et al. Expires November 13, 2020 [Page 16] Internet-Draft ECA YANG May 2020 description "Possible values are: boolean, int32, int64, uint32, uint64, string, etc."; } /* * Typedefs */ typedef oper-status { type enumeration { enum completed { description "Completed with no error."; } enum running { description "Currently with no error."; } enum sleeping { description "Sleeping because of time schedule."; } enum paused { description "Paused by the operator."; } enum stoped { description "Stopped by the operator."; } enum failed { description "Failed with errors."; } enum error-handling { description "Asking the operator to handle an error."; } } description "The operational status of an ECA execution."; } /* * Groupings */ grouping policy-variable-attributes { description "Defining the policy variable attributes, including name, type and value. These attributes are used as part of the Policy Variable (PV) definition."; leaf name { type string; description Birkholz, et al. Expires November 13, 2020 [Page 17] Internet-Draft ECA YANG May 2020 "A string to uniquely identify a Policy Variable (PV), either globally for a global PV, or within the soope of ECA for a local PV."; } choice type-choice { description "The type of a policy variable may be either a common primative type like boolean or a type from existing schema node referenced by an XPath string."; case implicit { leaf implicit-variable { type identityref { base policy-variable-type; } description "A common policy variable type, defined as an identity."; } } case explicit { leaf explicit-variable { type yang:xpath1.0; description "A XPath string, referencing a schema node, whose type is used as the type of the policy variable."; } } } anydata value { description "The value of the policy variable, in a format that is determined by the policy type."; } } // policy-variable-attributes grouping policy-argument { description "Defining a policy argument, which can be used in a comparison or an action."; container policy-argument { description "Containing the attributes of a policy argument."; leaf type { type identityref { base argument-type; } description "Identifies the argument type."; Birkholz, et al. Expires November 13, 2020 [Page 18] Internet-Draft ECA YANG May 2020 } choice argument-choice { description "Argument formation options, depending on the policy type."; case policy-constant { leaf constant { type string; description "The constant value of the policy argument."; } } case policy-variable { leaf policy-variable { type leafref { path "/gncd/policy-variables/" + "policy-variable/name"; } description "A reference to a global policy variable, which is shared by all ECA scripts."; } } case local-policy-variable { leaf local-policy-variable { type leafref { path "/gncd/ecas/eca/policy-variable/name"; } description "A reference to a local policy variable, which is kept within an ECA instance, and appears/ disappears with start/stop of the ECA execution."; } } case xpath { leaf xpath { type string; description "An XPath string, referencing the data in the datastore."; } } } } } // policy-argument grouping action-element-attributes { description Birkholz, et al. Expires November 13, 2020 [Page 19] Internet-Draft ECA YANG May 2020 "Grouping of action element attributes."; leaf action-type { type identityref { base action-type; } description "Identifies the action type."; } choice action-operation { description "The operation choices that an ECA Action can take."; case action { leaf action-name { type leafref { path "/gncd/actions/action/name"; } description "The operation is to execute a configured ECA Action."; } } // action case set-operation { container set-operation { description "The operation is to set policy variable into a value."; leaf name { type string; description "Name of the subscribed YANG notification."; } list policy-variable { key name; description "A list of policy arguments carried in the notification message."; leaf name { type string; description "A string name used as the list key to form a list of policy arguments."; } uses policy-argument; anydata value { description "The value of the policy variable, in a format that is determined by the policy type."; } } } Birkholz, et al. Expires November 13, 2020 [Page 20] Internet-Draft ECA YANG May 2020 } // notify-operation case function-call { container function-call { description "The operation is to call a function, which is of one of a few basic predefined types, such as plus, minus, multiply, devide, or remainder."; leaf function-type { type identityref { base function-type; } description "One of the predefined basic function types, such as plus, minus, multiply, devide, or remainder."; } container src { description "The source policy argument."; uses policy-argument; } container dst { description "The distination policy argument."; uses policy-argument; } } } // function-call case rpc-operation { container rpc-operation { description "The operation is to call an RPC, which is defined by a YANG module supported by the server."; leaf name { type string; description "The name of the YANG RPC or YANG action to be called."; } leaf nc-action-xpath { type string; description "The location where the YANG action is defined. This is used if and only if a YANG action is called. This leaf is not set when a YANG RPC is called."; } list policy-variable { key name; description Birkholz, et al. Expires November 13, 2020 [Page 21] Internet-Draft ECA YANG May 2020 "A list of policy arguments used as the input or output parameters passed to the RPC."; leaf name { type string; description "A string name used as the list key to form a list of policy arguments."; } uses policy-argument; } } } // rpc-operation case notify-operation { container notify-operation { description "The operation is to send a YANG notification."; leaf name { type string; description "Name of the subscribed YANG notification."; } list policy-variable { key name; description "A list of policy arguments carried in the notification message."; leaf name { type string; description "A string name used as the list key to form a list of policy arguments."; } uses policy-argument; } } } // notify-operation } } // action-element-attributes grouping time-schedule-container { description "Grouping to define a container of a time schedule."; container time-schedule { presence "Presence indicates that the timer is enabled."; description "Specifying the time schedule to execute an ECA Action, or trigger an event."; Birkholz, et al. Expires November 13, 2020 [Page 22] Internet-Draft ECA YANG May 2020 leaf start { type yang:date-and-time; description "The start time of the ECA Action, or the specified event. If not specified, the ECA Action is executed immediately when it is called, or the event is triggered immediately."; } leaf repeat-interval { type string { pattern '(R\d*/)?P(\d+Y)?(\d+M)?(\d+W)?(\d+D)?T(\d+H)?' + '(\d+M)?(\d+S)?'; } description "The repeat interval to execute this ECA Action, or to trigger the event. The repeat interval is a string in ISO 8601 format, representing a delay duration or a repeated delay duration. If not specified, the ECA Action or the evetn trigger is executed without delay and without repetition."; } } // time-schedule } /* * Data nodes */ container gncd { description "Top level container for Generalized Network Control Automation (gncd)."; // policy-variables container policy-variables { description "Container of global Policy Variables (PVs)."; list policy-variable { key name; description "A list of global Policy Variables (PVs), with a string name as the entry key."; uses policy-variable-attributes; } } // policy-variables container events { Birkholz, et al. Expires November 13, 2020 [Page 23] Internet-Draft ECA YANG May 2020 description "Container of ECA events."; list event { key name; description "A list of events used as the triggers of ECAs."; leaf name { type string; description "The name of the event."; } leaf policy-variable { type leafref { path "/gncd/policy-variables/" + "policy-variable/name"; } description "Optional association to a global policy variable, which is shared by all ECA scripts."; } leaf local-policy-variable { type leafref { path "/gncd/ecas/eca/policy-variable/name"; } description "Optional associateion to a local policy variable, which is kept within an ECA instance, and appears/ disappears with start/stop of the ECA execution."; } choice type-choice { description "The type of an event, including subscribed stream."; case stream { container stream { description "The information of the subscribed stream."; leaf name { type string; description "The name of a stream subscribed and reported in the model ietf-subscribed-notifications."; } leaf-list filter { type yang:xpath1.0; description "A list of filters to be applied to the subscribed stream."; Birkholz, et al. Expires November 13, 2020 [Page 24] Internet-Draft ECA YANG May 2020 } container remote-publisher { presence "The presence indicates the publisher is remote. Otherwise, the publisher is the local system."; description "If the subscribed stream is from a remote server, this container specifies the information of the remote server."; leaf address { type inet:host; description "IP address of the remote publisher."; } leaf port { type inet:port-number; description "The port number on the publisher for a subscription request RPC."; } leaf transport { type sn:transport; description "The transport used between this system and remote publisher."; } } } } case alarm-event-stream { uses al:common-alarm-parameters; uses al:alarm-state-change-parameters; } case timer { uses time-schedule-container { description "Specifying the time schedule to trigger the event. If not specified, the event is not triggered."; } } } } } container conditions { description "Container of ECA Conditions."; list condition { Birkholz, et al. Expires November 13, 2020 [Page 25] Internet-Draft ECA YANG May 2020 key name; description "A list of ECA Conditions."; leaf name { type string; description "A string name to uniquely identify an ECA Condition globally."; } choice expression-choice { description "The choices of expression format to specify a condition, which can be either a XPath string."; case xpath { leaf condition-xpath { type string; description "A XPath string, representing a logical expression, which can contain comparisons of datastore values and logical operations in the XPath format."; } } // xpath } // expression-choice } // condition } // conditions container actions { description "Container of ECA Actions."; list action { key name; description "A list of ECA Actions."; leaf name { type string; description "A string name to uniquely identify an ECA Action globally."; } list action-element { key name; description "A list of elements contained in an ECA Action. "; leaf name { type string; description "A string name to uniquely identify the action element Birkholz, et al. Expires November 13, 2020 [Page 26] Internet-Draft ECA YANG May 2020 within the scope of an ECA action."; } uses action-element-attributes; } uses time-schedule-container { description "Specifying the time schedule to execute this ECA Action. If not specified, the ECA Action is executed immediately when it is called."; } } } // actions container ecas { description "Container of ECAs."; list eca { key name; description "A lis of ECAs"; leaf name { type string; description "A string name to uniquely identify an ECA globally."; } leaf event-name { type string; mandatory true; description "The name of an event that triggers the execution of this ECA."; } list policy-variable { key name; description "A list of ECA local Policy Variables (PVs), with a string name as the entry key."; uses policy-variable-attributes; leaf is-static { type boolean; description "'true' if the PV is static; 'false' if the PV is dynamic. A dynamic PV appears/disappears with the start/stop of the ECA execution; a static PV exists as long as Birkholz, et al. Expires November 13, 2020 [Page 27] Internet-Draft ECA YANG May 2020 the ECA is configured."; } } list condition-action { key name; description "A list of Condition-Actions, which are configured conditions each with associated actions to be executed if the condition is evaluated to TRUE"; leaf name { type string; description "A string name uniquely identify a Condition-Action within this ECA."; } leaf condition { type leafref { path "/gncd/conditions/condition/name"; } description "The reference to a configured condition."; } leaf action { type leafref { path "/gncd/actions/action/name"; } description "The reference to a configured action."; } } // condition-action list cleanup-condition-action { key name; description "A list of Condition-Actions, which are configured conditions each with associated actions to be executed if the condition is evaluated to TRUE. This is the exception handler of this ECA, and is evaluated and executed in case any Action from the normal Condition-Action list was attempted and rejected by the server."; leaf name { type string; description "A string name uniquely identify a Condition-Action within this ECA."; } Birkholz, et al. Expires November 13, 2020 [Page 28] Internet-Draft ECA YANG May 2020 leaf condition { type leafref { path "/gncd/conditions/condition/name"; } description "The reference to a configured condition."; } leaf action { type leafref { path "/gncd/actions/action/name"; } description "The reference to a configured action."; } } // cleanup-condition-action action start { description "Start to execute this ECA."; } action stop { description "Stop the execution of this ECA."; } action pause { description "Pause the execution of this ECA."; } action resume { description "Resume the execution of this ECA."; } action next-action { description "Resume the execution of this ECA to complete the next action."; } list execution { key id; config false; description "A list of executions that this ECA has completed, are currently running, and will start in the scheduled future."; leaf id { type uint32; description "The ID to uniquely identify an execution of the ECA."; Birkholz, et al. Expires November 13, 2020 [Page 29] Internet-Draft ECA YANG May 2020 } leaf oper-status { type oper-status; description "The running status of the execution."; } leaf start-time { type yang:date-and-time; description "The time when the ECA started."; } leaf stop-time { type yang:date-and-time; description "The time when the ECA completed or stopped."; } leaf next-scheduled-time { type yang:date-and-time; description "The next time when the ECA is scheduled to resume."; } leaf last-condition-action { type leafref { path "../../condition-action/name"; } description "The reference to a condition-action last executed or being executed."; } leaf last-condition { type leafref { path "../../condition-action/condition"; } description "The reference to a condition last executed or being executed."; } leaf last-action { type leafref { path "../../condition-action/action"; } description "The reference to aa action last executed or being executed."; } leaf last-cleanup-condition-action { type leafref { path "../../cleanup-condition-action/name"; Birkholz, et al. Expires November 13, 2020 [Page 30] Internet-Draft ECA YANG May 2020 } description "The reference to a cleanup-condition-action last executed or being executed."; } } } } // ecas container eca-scripts { description "Container of ECA Scripts."; list eca-script { key script-name; description "A list of ECA Script."; leaf script-name { type string; description "A string name to uniquely identify an ECA Script."; } list eca { key eca-name; description "A list of ECAs contained in this ECA Script."; leaf eca-name { type leafref { path "/gncd/ecas/eca/name"; } description "The reference to a configured ECA."; } } } } // eca-scripts leaf running-script { type leafref { path "/gncd/eca-scripts/eca-script/script-name"; } description "The reference to the ECA script that is currently running."; } } /* * NOTIFICATIONS */ Birkholz, et al. Expires November 13, 2020 [Page 31] Internet-Draft ECA YANG May 2020 notification eca-execution { description "This notification is to send the result of an ECA execution that is specified to use notify-operation."; leaf oper-status { type oper-status; mandatory true; description "The running status of the execution."; } leaf name { type string; mandatory true; description "Name of the subscribed YANG notification."; } list policy-variable { key name; description "A list of policy arguments carried in the notification message."; leaf name { type string; description "A string name used as the list key to form a list of policy arguments."; } uses policy-argument; anydata value { description "The value of the policy variable, in a format that is determined by the policy type."; } } } } 7. Security Considerations The YANG modules defined in this document MAY be accessed via the RESTCONF protocol [RFC8040] or NETCONF protocol ([RFC6241]). The lowest RESTCONF or NETCONF layer requires that the transport-layer protocol provides both data integrity and confidentiality, see Section 2 in [RFC8040] and [RFC6241]. The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH)[RFC6242] . The lowest RESTCONF layer Birkholz, et al. Expires November 13, 2020 [Page 32] Internet-Draft ECA YANG May 2020 is HTTPS, and the mandatory-to-implement secure transport is TLS [RFC5246]. The NETCONF access control model [RFC6536] provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. There are a number of data nodes defined in this YANG module that are writable/creatable/deletable (i.e., config true, which is the default). These data nodes may be considered sensitive or vulnerable in some network environments. Write operations (e.g., edit-config) to these data nodes without proper protection can have a negative effect on network operations. These are the subtrees and data nodes and their sensitivity/vulnerability: o /gncd:policy-variables/gncd:policy-variable/gncd:name o /gncd:events/gncd:event/gncd:name o /gncd:conditions/gncd:condition/gncd:name o /gncd:actions/gncd:action/gncd:name o /gncd:ecas/gncd:eca/gncd:name o /gncd:eca-scripts/gncd:eca-script/gncd:script-name 8. IANA Considerations This document registers two URIs in the IETF XML registry [RFC3688]. Following the format in [RFC3688], the following registrations are requested to be made: --------------------------------------------------------------------- URI: urn:ietf:params:xml:ns:yang:ietf-eca Registrant Contact: The IESG. XML: N/A, the requested URI is an XML namespace. --------------------------------------------------------------------- This document registers one YANG module in the YANG Module Names registry [RFC6020]. Birkholz, et al. Expires November 13, 2020 [Page 33] Internet-Draft ECA YANG May 2020 --------------------------------------------------------------------- Name: ietf-eca Namespace: urn:ietf:params:xml:ns:yang:ietf-eca Prefix: gnca Reference: RFC xxxx --------------------------------------------------------------------- 9. Acknowledges Igor Bryskin, Xufeng Liu, Alexander Clemm, Henk Birkholz, Tianran Zhou contributed to an earlier version of [GNCA]. We would like to thank the authors of that document on event response behaviors delegation for material that assisted in thinking that helped improve this document. 10. Contributors Birkholz, et al. Expires November 13, 2020 [Page 34] Internet-Draft ECA YANG May 2020 Alexander Clemm Futurewei Email: ludwig@clemm.org Michale Wang Huawei Email:wangzitao@huawei.com Chongfeng Xie China Telecom Email: xiechf@ctbri.com.cn Xiaopeng Qin Huawei Huawei Bld., No.156 Beiqing Rd. Beijing 100095 China qinxiaopeng@huawei.com Tianran Zhou Huawei Email: zhoutianran@huawei.com Aihua Guo Individual aihguo1@gmail.com Nicola Sambo Scuola Superiore Sant'Anna Via Moruzzi 1 Pisa 56124 Italy Email: nicola.sambo@sssup.it Giuseppe Fioccola Huawei Technologies Riesstrasse, 25 Munich 80992 Germany Email: giuseppe.fioccola@huawei.com 11. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", March 1997. Birkholz, et al. Expires November 13, 2020 [Page 35] Internet-Draft ECA YANG May 2020 [RFC2981] Kavasseri, R., Ed., "Event MIB", RFC 2981, DOI 10.17487/RFC2981, October 2000, . [RFC3460] Moore, B., Ed., "Policy Core Information Model (PCIM) Extensions", RFC 3460, DOI 10.17487/RFC3460, January 2003, . [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, DOI 10.17487/RFC3688, January 2004, . [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, DOI 10.17487/RFC6020, October 2010, . [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, . [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, . [RFC6370] Bocci, M., Swallow, G., and E. Gray, "MPLS Transport Profile (MPLS-TP) Identifiers", RFC 6370, DOI 10.17487/RFC6370, September 2011, . [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration Protocol (NETCONF) Access Control Model", RFC 6536, DOI 10.17487/RFC6536, March 2012, . [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, August 2016, . [RFC7952] Lhotka, L., "Defining and Using Metadata with YANG", RFC 7952, DOI 10.17487/RFC7952, August 2016, . Birkholz, et al. Expires November 13, 2020 [Page 36] Internet-Draft ECA YANG May 2020 Appendix A. ECA Condition Expression Examples Here are two examples of Condition Expression: (a) a condition that only includes data store states and constants, for example: TE metric of Link L in Topology T greater than 100, it can be expressed as follows: "/nw:networks/nw:network[network-id='T']/nt:link[link-id='L']/tet:te/tet:te-link-attributes/tet:te-delay-metric > 100" (b) a condition that also includes a Policy Variable, for example: Allocated bandwidth of Link L in Topology T greater than 75% of what is stored in Policy Variable B, it can be expressed as follows: "/nw:networks/nw:network[network-id='T']/nt:link[link-id='L']/tet:te/tet:te-link-attributes/tet:max-resv-link-bandwidth > (ietf-eca:policy-variables/policy-variable[name='B']/value) * 0.75" Appendix B. ECA Model Usage Example +---------------------------+ | Management System | +---------------------------+ | ECA | Model | | V +----------------------^-----+ | Managed Device | | | | | | //--\\ Condition--+ | | | Event| / \ | | | |----->|Actions | | \\--// \ / | | ---- | +----------------------------+ The management system pushes down one ECA policy to control temperature sensor behavior in the managed device or the router chasis that supports NETCONF/RESTCONF protocol operation. The event type is chosen as alarm-event-stream, each alarm instance is identified by 3 tuples (resource, alarm-type identifier, and alarm- type qualifier), in this example, resource instance-identifier is set to '/hw:hardware/hw:component[hw:name='fan1']', the alarm-type is set to 'enviromental-alarm', the alarm-type qualifier is set to 'fan- temperature-anamoly'. The event name is set to 'fan-temperature- monitoring', when the temperature of fan component within the managed Birkholz, et al. Expires November 13, 2020 [Page 37] Internet-Draft ECA YANG May 2020 device cross preconfigured threshold 80 degree Celsius , the managed device needs to send one time log notification to the management system. The XML example snippet is shown as below: fan-temperature-monitoring /hw:hardware/hw:component[hw:name='fan1'] enviromental-alarm fan-temperature-anamoly fan-temperature-condition /hw:hardware/hw:component[hw:name='fan1']/hw:sensor-data/hw:value > 80 && /hw:hardware/hw:component[hw:name='fan1']/hw:sensor-data/hw:value-type='celsius' fan-temperature-anamoly log-report anamoly-report /hw:hardware/hw:component[hw:name='fan1']/hw:sensor-data/hw:value fan-temperature-handling fan-temperature-monitoring temperature-cross-threshold-handling fan-temperature-condition fan-temperature-anamoly Birkholz, et al. Expires November 13, 2020 [Page 38] Internet-Draft ECA YANG May 2020 Appendix C. Changes between Revisions v05 - v07 o Reuse alarm notification event received on an event stream (RFC 8639) in ECA logic; o Represent ECA condition expression only in the form of Xpath expression; o Add ECA condition expression example in the appendix; o Add ECA model usage example in the appendix; o Remove the section to discuss the relation with YANG push; o Remove the dependency to SUPA framework draft; o Remove smart filter extension example in the Appendix. o Bind ECA script with condition expression in the model. v05 - v06 o Decouple ECA model from NETCONF protocol and make it applicable to other network mangement protocols. o Move objective section to the last section with additional generic objectives. v04 - v05 o Harmonize with draft-bryskin and add additional attributes in the models (e.g., policy variable, func call enhancement, rpc execution); o ECA conditions part harmonization; o ECA Event, Condition, Action, Policy Variable and Value definition; o Change ietf-event.yang into ietf-eca.yang and remove ietf-event- trigger.yang v02 - v03 Birkholz, et al. Expires November 13, 2020 [Page 39] Internet-Draft ECA YANG May 2020 o Usage Example Update: add an usage example to introduce how to reuse the ietf-event-trigger module to define the subscription- notification smarter filter. v01 - v02 o Introduce the group-id which allow group a set of events that can be executed together o Change threshold trigger condition into variation trigger condition to further clarify the difference between boolean trigger condition and variation trigger condition. o Module structure optimization. o Usage Example Update. v00 - v01 o Separate ietf-event-trigger.yang from Event management modeland ietf-event.yang and make it reusable in other YANG models. o Clarify the difference between boolean trigger condition and threshold trigger condition. o Change evt-smp-min and evt-smp-max into min-data-object and max- data-object in the data model. Authors' Addresses Henk Birkholz Fraunhofer SIT Email: henk.birkholz@sit.fraunhofer.de Qin Wu Huawei 101 Software Avenue, Yuhua District Nanjing, Jiangsu 210012 China Email: bill.wu@huawei.com Birkholz, et al. Expires November 13, 2020 [Page 40] Internet-Draft ECA YANG May 2020 Igor Bryskin Individual Email: i_bryskin@yahoo.com Xufeng Liu Volta Networks Email: xufeng.liu.ietf@gmail.com Benoit Claise Cisco Email: bclaise@cisco.com Birkholz, et al. Expires November 13, 2020 [Page 41]