What is the difference between Validation Points and CDB two-phase subscriptions from the refusing/accepting config point of view?

lynn · March 12, 2016, 7:11am

I think we could refuse the invalid configuration in the prepare phase in cdb subscriber, and also do this in validation callback. I don’t know why confd bring in validation callpoint, is there any benefit?

These folloing two differences I’ve known:

validation callpoint can accept config with warning, while cdb subscriber not.
validation callpoint must explicit writen in yang and implement callback functions which can only validate the certain scope, while cdb subscriber seems much easier to validate any config without any modification in yang.

Do I misunderstand the configuration validation?

jjohansson · March 12, 2016, 12:11pm

If you do validation in the prepare phase you have already updated the data base with the new config and will have to undo everything if validation fails.

Also, to support the :validate NETCONF capability or the validate CLI command you must ru all validation, be it must statements or C validation callbacks in the validation phase.

lynn · March 14, 2016, 2:50am

Yes, the prepare phase is after the write phase. If validation fails in prepare phase confd will undo everything, is that true?

The reason we have to validate the config in prepare phase is that, we don’t know whether the config is ok until we call the actually operation function, and check it’s return value.

cohult · March 14, 2016, 6:22am

Hi Lynn,

Correct, nothing will be set if you abort the transaction in the prepare phase.
As noted earlier above, the manager can abort the transaction in the prepare phase too, so if you do any changes in your system already at this phase outside of the scope of the transaction you must be able to undo them if you or the manager (initator of the transaction) decides to abort.

I highly recommend the ConfD example that show you a simple but very good implementation of an abort in the prepare phase:
examples.confd/cdb_subscription/twophase

See also confd_lib_cdb man pages:
cdb_sub_abort_trans() and cdb_sub_abort_trans_info()

lynn · March 14, 2016, 8:57am

Hi cohult, thank you very much.

lynn · March 14, 2016, 9:22am

If i’m planning to process all the config in prepare phase, is that safe?
the following pseudo code supposes each transaction enter prepare phase must be enter the commit phase without calling cdb_sub_abort_trans().

switch (type)
{
case CDB_SUB_PREPARE:
    task_ok = false;
    do {
        if(!do_task(cfg1)) break;
        if(!do_task(cfg2)) break;
        ...
        if(!do_task(cfgN))break;
        task_ok = true;
    }while(0);
    if(task_ok == true) 
    {
        cdb_sync_subscription_socket(ss, CDB_DONE_PRIORITY);
    }
    else
    {
        rollback_each_task_before_the_failed_one();
        cdb_sub_abort_trans();
    }
    break;
case CDB_SUB_COMMIT:
     cdb_sync_subscription_socket(ss, CDB_DONE_PRIORITY);
     break;
}

waitai · March 14, 2016, 5:22pm

Not knowing the details of your do_task( ) implementation, your pseudo code looks fine to me.

lynn · March 15, 2016, 1:55am

The do_task() perform the actually action on some resources such as enables a router, dispatches acl rules to data plane, allocates ip address pool, creates interfaces and so on.