draft-ietf-opsawg-model-automation-framework-08.txt   draft-ietf-opsawg-model-automation-framework-09.txt 
skipping to change at page 1, line 16 skipping to change at page 1, line 16
Expires: April 26, 2021 Orange Expires: April 26, 2021 Orange
D. Lopez D. Lopez
Telefonica I+D Telefonica I+D
C. Xie C. Xie
China Telecom China Telecom
L. Geng L. Geng
China Mobile China Mobile
October 23, 2020 October 23, 2020
A Framework for Automating Service and Network Management with YANG A Framework for Automating Service and Network Management with YANG
draft-ietf-opsawg-model-automation-framework-08 draft-ietf-opsawg-model-automation-framework-09
Abstract Abstract
Data models provide a programmatic approach to represent services and Data models provide a programmatic approach to represent services and
networks. Concretely, they can be used to derive configuration networks. Concretely, they can be used to derive configuration
information for network and service components, and state information information for network and service components, and state information
that will be monitored and tracked. Data models can be used during that will be monitored and tracked. Data models can be used during
the service and network management life cycle, such as service the service and network management life cycle, such as service
instantiation, provisioning, optimization, monitoring, diagnostic, instantiation, provisioning, optimization, monitoring, diagnostic,
and assurance. Data models are also instrumental in the automation and assurance. Data models are also instrumental in the automation
skipping to change at page 15, line 25 skipping to change at page 15, line 25
lifecycle management. lifecycle management.
4.1.1. Service Exposure 4.1.1. Service Exposure
A service in the context of this document (sometimes called, Network A service in the context of this document (sometimes called, Network
Service) is some form of connectivity between customer sites and the Service) is some form of connectivity between customer sites and the
Internet or between customer sites across the operator's network and Internet or between customer sites across the operator's network and
across the Internet. across the Internet.
Service exposure is used to capture services offered to customers Service exposure is used to capture services offered to customers
(ordering and order handling). One typical example is that a (ordering and order handling). One example is that a customer can
customer can use a L3VPN Service Model (L3SM) to request L3VPN use a L3VPN Service Model (L3SM) to request L3VPN service by
service by providing the abstract technical characterization of the providing the abstract technical characterization of the intended
intended service between customer sites. service between customer sites.
Service model catalogs can be created along to expose the various Service model catalogs can be created along to expose the various
services and the information needed to invoke/order a given service. services and the information needed to invoke/order a given service.
4.1.2. Service Creation/Modification 4.1.2. Service Creation/Modification
A customer is usually unaware of the technology that the network A customer is usually unaware of the technology that the network
operator has available to deliver the service, so the customer does operator has available to deliver the service, so the customer does
not make requests specific to the underlying technology but is not make requests specific to the underlying technology but is
limited to making requests specific to the service that is to be limited to making requests specific to the service that is to be
skipping to change at page 16, line 27 skipping to change at page 16, line 27
The performance measurement telemetry (Section 4.2) can be used to The performance measurement telemetry (Section 4.2) can be used to
provide service assurance at Service and/or Network levels. provide service assurance at Service and/or Network levels.
Performance measurement telemetry model can tie with service or Performance measurement telemetry model can tie with service or
network models to monitor network performance or Service Level network models to monitor network performance or Service Level
Agreement. Agreement.
4.1.4. Service Optimization 4.1.4. Service Optimization
Service optimization is a technique that gets the configuration of Service optimization is a technique that gets the configuration of
the network updated due to network changes, incident mitigation, or the network updated due to network changes, incident mitigation, or
new service requirements. One typical example is once a tunnel or a new service requirements. One example is once a tunnel or a VPN is
VPN is setup, Performance monitoring information or telemetry setup, Performance monitoring information or telemetry information
information per tunnel (or per VPN) can be collected and fed into the per tunnel (or per VPN) can be collected and fed into the management
management system. If the network performance doesn't meet the system. If the network performance doesn't meet the service
service requirements, the management system can create new VPN requirements, the management system can create new VPN policies
policies capturing network service requirements and populate them capturing network service requirements and populate them into the
into the network. network.
Both network performance information and policies can be modelled Both network performance information and policies can be modelled
using YANG. With Policy-based management, self-configuration and using YANG. With Policy-based management, self-configuration and
self-optimization behavior can be specified and implemented. self-optimization behavior can be specified and implemented.
The overall service optimization is managed at the service level, The overall service optimization is managed at the service level,
while the network level is responsible for the optimization of the while the network level is responsible for the optimization of the
specific network services it provides. specific network services it provides.
4.1.5. Service Diagnosis 4.1.5. Service Diagnosis
skipping to change at page 25, line 17 skipping to change at page 25, line 17
The NETCONF access control model [RFC8341] provides the means to The NETCONF access control model [RFC8341] provides the means to
restrict access for particular NETCONF or RESTCONF users to a restrict access for particular NETCONF or RESTCONF users to a
preconfigured subset of all available NETCONF or RESTCONF protocol preconfigured subset of all available NETCONF or RESTCONF protocol
operations and content. operations and content.
Security considerations specific to each of the technologies and Security considerations specific to each of the technologies and
protocols listed in the document are discussed in the specification protocols listed in the document are discussed in the specification
documents of each of these protocols. documents of each of these protocols.
In order to prevent leaking sensitive information and "confused In order to prevent leaking sensitive information and the "confused
deputy" problem [Hardy] in general, special care should be considered deputy" problem [Hardy] in general, special care should be considered
when translating between the various layers in Section 4 or when when translating between the various layers in Section 4 or when
aggregating data retrieved from various sources. Typically, aggregating data retrieved from various sources. Authorization and
authorization and authentication checks should be performed to ensure authentication checks should be performed to ensure that a data is
that a data is available to an authorized entity. The network available to an authorized entity. The network operator must enforce
operator must enforce means to protect privacy-related information means to protect privacy-related information included in customer-
included in customer-facing models. facing models.
To detect misalignment between layers that might be induced by To detect misalignment between layers that might be induced by
misbehaving nodes, upper layers should continuously monitor the misbehaving nodes, upper layers should continuously monitor the
perceived service (Section 4.1.4) and should proceed with checks to perceived service (Section 4.1.4) and should proceed with checks to
assess that the provided service complies with the expected service assess that the provided service complies with the expected service
and that the data reported by an underlying layer is matching the and that the data reported by an underlying layer is matching the
perceived service by the above layer. Typically, such checks are the perceived service by the above layer. Such checks are the
responsibility of the service diagnosis (Section 4.1.5). responsibility of the service diagnosis (Section 4.1.5).
When a YANG module includes security-related parameters, it is When a YANG module includes security-related parameters, it is
recommended to include the relevant information as part of the recommended to include the relevant information as part of the
service assurance to track the correct functioning of the security service assurance to track the correct functioning of the security
mechanisms. mechanisms.
Additional considerations are discussed in the following subsections. Additional considerations are discussed in the following subsections.
6.1. Service Level 6.1. Service Level
 End of changes. 6 change blocks. 
19 lines changed or deleted 19 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/