| RFC 8819 | YANG Module Tags | January 2021 |
| Hopps, et al. | Standards Track | [Page] |
This document provides for the association of tags with YANG modules. The expectation is for such tags to be used to help classify and organize modules. A method for defining, reading, and writing modules tags is provided. Tags may be registered and assigned during module definition, assigned by implementations, or dynamically defined and set by users. This document also provides guidance to future model writers; as such, this document updates RFC 8407.¶
This is an Internet Standards Track document.¶
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.¶
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc8819.¶
Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.¶
The use of tags for classification and organization is fairly
ubiquitous not only within IETF protocols but in the internet itself
(e.g., #hashtags).
One benefit of using tags for organization
over a rigid structure is that it is more flexible and can more easily
adapt over time as technologies evolve. Tags can be usefully registered,
but they can also serve as a non-registered mechanism available for
users to define themselves. This document provides a mechanism to define
tags and associate them with YANG modules in a flexible manner. In
particular, tags may be registered as well as assigned during module
definition, assigned by implementations, or dynamically defined and set
by users.¶
This document defines a YANG module [RFC7950] that provides a list of module entries to allow for adding or removing tags as well as viewing the set of tags associated with a module.¶
This document defines an extension statement to indicate tags that SHOULD be added by the module implementation automatically (i.e., outside of configuration).¶
This document also defines an IANA registry for tag prefixes as well as a set of globally assigned tags.¶
Section 6 provides guidelines for authors of YANG data models.¶
This document updates [RFC8407].¶
The YANG data model in this document conforms to the Network Management Datastore Architecture (NMDA) defined in [RFC8342].¶
During this document's development, there were requests for example uses of module tags. The following are a few example use cases for tags. This list is certainly not exhaustive.¶
One example use of tags would be to help filter different discrete categories of YANG modules supported by a device. For example, if modules are suitably tagged, then an XPath query can be used to list all of the vendor modules supported by a device.¶
Tags can also be used to help coordination when multiple, semi-independent clients are interacting with the same devices. For example, one management client could mark that some modules should not be used because they have not been verified to behave correctly, so that other management clients avoid querying the data associated with those modules.¶
Tag classification is useful for users searching module repositories (e.g., YANG catalog). A query restricted to the 'ietf:routing' module tag could be used to return only the IETF YANG modules associated with routing. Without tags, a user would need to know the name of all the IETF routing protocol YANG modules.¶
Future management protocol extensions could allow for filtering queries of configuration or operational state on a server based on tags (for example, return all operational state related to system management).¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
All tags SHOULD begin with a prefix indicating who owns their definition. An IANA registry (Section 7.1) is used to support registering tag prefixes. Currently, three prefixes are defined. No further structure is imposed by this document on the value following the registered prefix, and the value can contain any YANG type 'string' characters except carriage returns, newlines, and tabs.¶
Again, except for the conflict-avoiding prefix, this document is purposefully not specifying any structure on (i.e., restricting) the tag values. The intent is to avoid arbitrarily restricting the values that designers, implementers, and users can use. As a result of this choice, designers, implementers, and users are free to add or not add any structure they may require to their own tag values.¶
A vendor tag is a tag that has the prefix "vendor:". These tags are defined by the vendor that implements the module and are not registered; however, it is RECOMMENDED that the vendor include extra identification in the tag to avoid collisions, such as using the enterprise or organization name following the "vendor:" prefix (e.g., vendor:example.com:vendor-defined-classifier).¶
A user tag is any tag that has the prefix "user:". These tags are defined by the user/administrator and are not meant to be registered. Users are not required to use the "user:" prefix; however, doing so is RECOMMENDED as it helps avoid collisions.¶
Any tag not starting with the prefix "ietf:", "vendor:", or "user:" is reserved for future use. These tag values are not invalid but simply reserved in the context of specifications (e.g., RFCs).¶
Tags can become associated with a module in a number of ways. Tags may be defined and associated at module design time, at implementation time, or via user administrative control. As the main consumer of tags are users, users may also remove any tag, no matter how the tag became associated with a module.¶
A module definition MAY indicate a set of tags to be added by the module implementer. These design-time tags are indicated using the module-tag extension statement.¶
If the module is defined in an IETF Standards Track document, the tags MUST be IETF tags (Section 2.1). Thus, new modules can drive the addition of new IETF tags to the IANA registry defined in Section 7.2, and the IANA registry can serve as a check against duplication.¶
An implementation MAY include additional tags associated with a module. These tags SHOULD be IETF tags (i.e., registered) or vendor-specific tags.¶
Tags of any kind, with or without a prefix, can be assigned and
removed by the user using normal configuration mechanisms. In order to
remove a tag from the operational datastore, the user adds a matching
masked-tag entry for a given module.¶
The tree associated with the "ietf-module-tags" module follows. The meaning of the symbols can be found in [RFC8340].¶
It is worth noting that a different YANG module classification document exists [RFC8199]. That document only classifies modules in a logical manner and does not define tagging or any other mechanisms. It divides YANG modules into two categories (service or element) and then into one of three origins: standard, vendor, or user. It does provide a good way to discuss and identify modules in general. This document defines IETF tags to support the classification style described in [RFC8199].¶
This section updates [RFC8407].¶
A module MAY indicate, using module-tag extension statements, a set of tags that are to be automatically associated with it (i.e., not added through configuration).¶
module example-module {
namespace "https://example.com/yang/example";
prefix "ex";
//...
import module-tags { prefix tags; }
tags:module-tag "ietf:some-new-tag";
tags:module-tag "ietf:some-other-tag";
// ...
}
¶
The module writer can use existing standard tags or use new tags defined in the model definition, as appropriate. For IETF standardized modules, new tags MUST be assigned in the IANA registry defined below, see Section 7.2.¶
IANA has created the "YANG Module Tag Prefixes" subregistry in the "YANG Module Tags" registry.¶
This registry allocates tag prefixes. All YANG module tags SHOULD begin with one of the prefixes in this registry.¶
Prefix entries in this registry should be short strings consisting of lowercase ASCII alpha-numeric characters and a final ":" character.¶
The allocation policy for this registry is Specification Required [RFC8126]. The Reference and Assignee values should be sufficient to identify and contact the organization that has been allocated the prefix.¶
The initial values for this registry are as follows.¶
| Prefix | Description | Reference | Assignee |
|---|---|---|---|
| ietf: | IETF tags allocated in the IANA "IETF YANG Module Tags" registry. | RFC 8819 | IETF |
| vendor: | Non-registered tags allocated by the module implementer. | RFC 8819 | IETF |
| user: | Non-registered tags allocated by and for the user. | RFC 8819 | IETF |
Other standards development organizations (SDOs) wishing to allocate their own set of tags should allocate a prefix from this registry.¶
This document registers a URI in the "IETF XML Registry" [RFC3688]. Following the format in [RFC3688], the following registrations have been made:¶
This document registers two YANG modules in the "YANG Module Names" registry [RFC6020]. Following the format in [RFC6020], the following registrations have been made:¶
The YANG module defined in this memo is designed to be accessed via the NETCONF protocol [RFC6241]. The lowest NETCONF layer is the secure transport layer and the mandatory-to-implement secure transport is Secure Shell (SSH) [RFC6242].¶
This document adds the ability to associate tag metadata with YANG modules. This document does not define any actions based on these associations, and none are yet defined; therefore, it does not by itself introduce any new security considerations directly.¶
Users of the tag metadata may define various actions to be taken based on the tag metadata. These actions and their definitions are outside the scope of this document. Users will need to consider the security implications of any actions they choose to define, including the potential for a tag to get 'masked' by another user.¶
The following is a fictional NETCONF example result from a query of the module tags list. For the sake of brevity, only a few module results are shown.¶
<ns0:data xmlns:ns0="urn:ietf:params:xml:ns:netconf:base:1.0">
<t:module-tags
xmlns:t="urn:ietf:params:xml:ns:yang:ietf-module-tags">
<t:module>
<t:name>ietf-bfd</t:name>
<t:tag>ietf:network-element-class</t:tag>
<t:tag>ietf:oam</t:tag>
<t:tag>ietf:protocol</t:tag>
<t:tag>ietf:sdo-defined-class</t:tag>
</t:module>
<t:module>
<t:name>ietf-isis</t:name>
<t:tag>ietf:network-element-class</t:tag>
<t:tag>ietf:protocol</t:tag>
<t:tag>ietf:sdo-defined-class</t:tag>
<t:tag>ietf:routing</t:tag>
</t:module>
<t:module>
<t:name>ietf-ssh-server</t:name>
<t:tag>ietf:network-element-class</t:tag>
<t:tag>ietf:protocol</t:tag>
<t:tag>ietf:sdo-defined-class</t:tag>
<t:tag>ietf:system-management</t:tag>
</t:module>
</t:module-tags>
</ns0:data>
As per [RFC8407], the following is a non-NMDA module to support viewing the operational state for non-NMDA compliant servers.¶
Special thanks to Robert Wilton for his help improving the introduction and providing the example use cases, as well as generating the non-NMDA module.¶