Hi,
Apologies for the delay for this review.
Please see comments below. I've also attached them in case they get truncated
(which has happened on other reviews).
Thank you for this document. Overall, it is very well written, easy to read
and easy to understand.
Comments:
1. Introduction
As the following figure shows, a GRASP implementation could contain
two major sub-layers. The bottom is the GRASP base protocol module,
which is only responsible for sending and receiving GRASP messages
and maintaining shared data structures. The upper layer contains
I found the text, relative to the diagram, to be somewhat confusing, although
the subsequent paragraphs make its intent clearer.
I think that the top sub-layer is meant to be "GRASP Extended Function
Modules", and the "Grasp Modules" is the bottom sub-layer. However, the
diagram seems to have a sub-layer split in "GRASP Modules", and doesn't
necessarily equate to "GRASP base protocol module".
1. Introduction
It is desirable that ASAs can be designed as portable user-space
programs using a system-independent API. In many implementations,
the GRASP module will therefore be split into two layers. The top
layer is a library that provides the API and communicates directly
with ASAs. The lower layer is a daemon, or a set of sub-services,
providing GRASP core functions that are independent of specific ASAs,
such as multicast handling and relaying, and common data structures
such as the discovery cache. The GRASP API library would need to
communicate with the GRASP core via an inter-process communication
(IPC) mechanism. The details of this are system-dependent.
I also find this text confusing relative to the diagram. More naturally, I
would assume that the boxes represent different processes and hence you would
have IPC between ASA and say the "GRASP API Library". If I was to draw this,
then I would probably have put the GRASP API library co-located with the ASA
boxes.
1. Introduction
Note that a simple autonomic node might contain very few ASAs in
addition to the autonomic infrastructure components described in
[I-D.ietf-anima-bootstrapping-keyinfra] and
[I-D.ietf-anima-autonomic-control-plane]. Such a node might directly
integrate GRASP in its code and therefore not require this API to be
installed. However, the programmer would then need a deeper
understanding of the GRASP protocol than is needed to use the API.
Perhaps change "integrate GRASP in its code" to something like "integrate the
full GRASP implementation in its code"?
2.2.1. Alternative Asynchronous Mechanisms
Thus, some ASAs need to support asynchronous operations, and
therefore the GRASP core must do so. Depending on both the operating
system and the programming language in use, there are three main
techniques for such parallel operations: multi-threading, an event
loop structure using polling, and an event loop structure using
callback functions.
Rather than "there are three main techniques for such parallel operations",
perhaps just "three common techniques are considered for parallel operations".
Reasoning, there are other approaches for effectively handling concurrent
operations, e.g., actors, futures, cooperative threads backed by a OS thread
pool ...
Possibly, change "simple function calls" in the multi-threading paragraph to be
"simple synchronous function calls" to emphasize the synchronous nature.
2.2.2. Multiple Negotiation Scenario
In the callback model, for the scenario just described, the ASAs "A"
and "B" will each provide two instances of negotiate_step_received(),
one for each session. For this reason, each ASA must be able to
distinguish the two sessions, and the peer's IP address is not
sufficient for this. It is also not safe to rely on transport port
numbers for this, since future variants of GRASP might use shared
ports rather than a separate port per session. This is why the GRASP
design includes a session identifier. Thus, when necessary, a
'session_nonce' parameter is used in the API to distinguish
simultaneous GRASP sessions from each other, so that any number of
sessions may proceed asynchronously in parallel.
It wasn't obvious to me why both ASAs "A" and "B" both provide callbacks, I
presume that this is because there are multiple asynchronous steps involved.
If so, would it be helpful to clarify this point? Also in this paragraph
suggest "Hence, " rather than "This is wht"
2.2.3. Overlapping Sessions and Operations
In calls where it is used, the 'session_nonce' is an opaque read/
write parameter. On the first call, it is set to a null value, and
the API returns a non-null 'session_nonce' value based on the GRASP
session identifier. This value must be used in all subsequent calls
for the same session, and will be provided as a parameter in the
callback functions. By this mechanism, multiple overlapping sessions
can be distinguished, both in the ASA and in the GRASP core. The
value of the 'session_nonce" is opaque to the ASA.
Query the use of a null value, and whether that is too restrictive.
2.3. API definition
Possibly this API would benefit from a short section (or even pseudo code)
explaining the flow or flows of how the APIs are expected to work together.
This could also be in an appendix. Perhaps the GRASP specification makes this
obvious, in which case references back to the GRASP spec would be sufficient.
2.3.1.3. Objective
* name (UTF-8 string) - the objective's name
Should there be a limit on the length of the name? This question equivalently
applies to the other strings/variable sized types.
* value - a specific data structure expressing the value of the
objective. The format is language dependent, with the constraint
that it can be validly represented in CBOR (default integer = 0).
I didn't understand the "default integer = 0" part. If this is a byte string
then I would thought that the default might be an empty length bytestring, or
perhaps a CBOR Null.
An essential requirement for all language mappings and all
implementations is that, regardless of what other options exist
for a language-specific represenation of the value, there is
always an option to use a CBOR byte string as the value. The API
will then wrap this byte string in CBOR Tag 24 for transmission
via GRASP, and unwrap it after reception.
It was unclear whether you just meant an opaque CBOR byte string here (CBOR
major type 2), or a CBOR byte string that itself contains CBOR encoded data
(i.e. CBOR Tag 24). Is there any limit on the length of the CBOR byte string
that is allowed?
2.3.2. Registration
Some APIs list "Asynchronous Mechanisms:" and others don't. It might be
helpful to clarify that those APIs that don't list asynchronous mechanisms are
implicitly synchronous in their behaviour.
* deregister_asa()
- Note - the ASA name is strictly speaking redundant in this
call, but is present for clarity.
Presumably it also makes it significantly harder for a rogue client to try and
deregister all ASAs by looping through all asa_nonces.
2.3.4. Negotiation
2. The 'session_nonce' parameter is not null. In this case
negotiation must continue. The returned
'proffered_objective' contains the first value proffered by
the negotiation peer. Note that this instance of the
objective must be used in the subsequent negotiation call
because it also contains the current loop count. The
'session_nonce' must be presented in all subsequent
negotiation steps.
Presumably the loop count in the proffered_objective must be one greater than
the loop count in the objective structure? Would it be helpful to mention this?
I also wasn't sure whether it must be "this instance of the objective must be
used", or just that the loop counter must be copied across. E.g., functional
languages would encourage these structures to be immutable.
- Asynchronous Mechanisms:
o Event loop implementation: The 'session_nonce' parameter is
used in read/write mode.
It is unclear to me, exactly what you mean by this, particularly because this
is a return parameter. Perhaps this could be further explained in the text, or
refer back the previous text.
2.3.4. Negotiation
* listen_negotiate()
I was surprised that the listen_negotate didn't include any timeout, e.g. to
allow it to be used in polling fashion. Same comment applies to
listen_synchronize().
2.3.4. Negotiation
* negotiate_wait()
It wasn't clear to me why you would want to do this, although that may be
apparent in the GRASP draft. Perhaps a cross reference might be helpful?
2.3.4. Negotiation
* end_negotiate()
Possibly "successful" might be a better parameter name than "reply". I think
that you reply both if the negotiation is successful and also if it failed.
2.3.5. Synchronization and Flooding
* synchronize()
- If the objective was already flooded, the flooded value is
returned immediately in the 'result' parameter. In this case,
the 'source' and 'timeout' are ignored.
Should source be quoted here? It is unclear what it is referring to.
- Otherwise, synchronization with a discovered ASA is performed.
The 'peer' parameter is an 'ASA_locator' as returned by
discover(). If 'peer' is null, GRASP discovery is performed
first.
How does the GRASP discovery work in this scenario? Does this require use of
the discovery APIs? This may require further explanation.
3. Implementation Status [RFC Editor: please remove]
A prototype open source Python implementation of GRASP, including an
API similar to this document, has been used to verify the concepts
for the threaded model. It may be found at
https://github.com/becarpenter/graspy with associated documentation
and demonstration ASAs.
This section will be removed anyway, but I thought that the GIL (global
interpreter lock) effectively prevented Python threads from running
concurrently.
Nits:
I've noted that you have chosen not to use RFC2119 language. No issues with
this, but this may come up in IESG review ...
Use of the term "nonce". Note in UK English this word sometimes takes an
alternative meaning, depending on who you ask and which dictionary you look at:
https://dictionary.cambridge.org/dictionary/english/nonce
You may wish to consider an alternative term, but please note that this is up
to the authors. I'm not objecting to this term, just making you aware, if you
weren't already.
Abstract:
Maybe languages => programming languages.
1. Introduction
As the following figure shows,
Given that the figure is a few paragraphs away (and on the next page in the txt
version), perhaps give the figure a name and reference it by name.
2.3.1.3. Objective.
For me, I would outdent the "} objective" in the C struct example.
represenation -> representation
Thanks,
Rob
Overall, very well written, easy to read and understand.
Comments:
1. Introduction
As the following figure shows, a GRASP implementation could contain
two major sub-layers. The bottom is the GRASP base protocol module,
which is only responsible for sending and receiving GRASP messages
and maintaining shared data structures. The upper layer contains
I found the text, relative to the diagram, to be somewhat confusing, although
the subsequent paragraphs make its intent clearer.
I think that the top sub-layer is meant to be "GRASP Extended Function
Modules", and the "Grasp Modules" is the bottom sub-layer. However, the
diagram seems to have a sub-layer split in "GRASP Modules", and doesn't
necessarily equate to "GRASP base protocol module".
1. Introduction
It is desirable that ASAs can be designed as portable user-space
programs using a system-independent API. In many implementations,
the GRASP module will therefore be split into two layers. The top
layer is a library that provides the API and communicates directly
with ASAs. The lower layer is a daemon, or a set of sub-services,
providing GRASP core functions that are independent of specific ASAs,
such as multicast handling and relaying, and common data structures
such as the discovery cache. The GRASP API library would need to
communicate with the GRASP core via an inter-process communication
(IPC) mechanism. The details of this are system-dependent.
I also find this text confusing relative to the diagram. More naturally, I
would assume that the boxes represent different processes and hence you would
have IPC between ASA and say the "GRASP API Library". If I was to draw this,
then I would probably have put the GRASP API library co-located with the ASA
boxes.
1. Introduction
Note that a simple autonomic node might contain very few ASAs in
addition to the autonomic infrastructure components described in
[I-D.ietf-anima-bootstrapping-keyinfra] and
[I-D.ietf-anima-autonomic-control-plane]. Such a node might directly
integrate GRASP in its code and therefore not require this API to be
installed. However, the programmer would then need a deeper
understanding of the GRASP protocol than is needed to use the API.
Perhaps change "integrate GRASP in its code" to something like "integrate the
full GRASP implementation in its code"?
2.2.1. Alternative Asynchronous Mechanisms
Thus, some ASAs need to support asynchronous operations, and
therefore the GRASP core must do so. Depending on both the operating
system and the programming language in use, there are three main
techniques for such parallel operations: multi-threading, an event
loop structure using polling, and an event loop structure using
callback functions.
Rather than "there are three main techniques for such parallel operations",
perhaps just "three common techniques are considered for parallel operations".
Reasoning, there are other approaches for effectively handling concurrent
operations, e.g., actors, futures, cooperative threads backed by a OS thread
pool ...
Possibly, change "simple function calls" in the multi-threading paragraph to be
"simple synchronous function calls" to emphasize the synchronous nature.
2.2.2. Multiple Negotiation Scenario
In the callback model, for the scenario just described, the ASAs "A"
and "B" will each provide two instances of negotiate_step_received(),
one for each session. For this reason, each ASA must be able to
distinguish the two sessions, and the peer's IP address is not
sufficient for this. It is also not safe to rely on transport port
numbers for this, since future variants of GRASP might use shared
ports rather than a separate port per session. This is why the GRASP
design includes a session identifier. Thus, when necessary, a
'session_nonce' parameter is used in the API to distinguish
simultaneous GRASP sessions from each other, so that any number of
sessions may proceed asynchronously in parallel.
It wasn't obvious to me why both ASAs "A" and "B" both provide callbacks, I
presume that this is because there are multiple asynchronous steps involved.
If so, would it be helpful to clarify this point? Also in this paragraph
suggest "Hence, " rather than "This is wht"
2.2.3. Overlapping Sessions and Operations
In calls where it is used, the 'session_nonce' is an opaque read/
write parameter. On the first call, it is set to a null value, and
the API returns a non-null 'session_nonce' value based on the GRASP
session identifier. This value must be used in all subsequent calls
for the same session, and will be provided as a parameter in the
callback functions. By this mechanism, multiple overlapping sessions
can be distinguished, both in the ASA and in the GRASP core. The
value of the 'session_nonce" is opaque to the ASA.
Query the use of a null value, and whether that is too restrictive.
2.3. API definition
Possibly this API would benefit from a short section (or even pseudo code)
explaining the flow or flows of how the APIs are expected to work together.
This could also be in an appendix. Perhaps the GRASP specification makes this
obvious, in which case references back to the GRASP spec would be sufficient.
2.3.1.3. Objective
* name (UTF-8 string) - the objective's name
Should there be a limit on the length of the name? This question equivalently
applies to the other strings/variable sized types.
* value - a specific data structure expressing the value of the
objective. The format is language dependent, with the constraint
that it can be validly represented in CBOR (default integer = 0).
I didn't understand the "default integer = 0" part. If this is a byte string
then I would thought that the default might be an empty length bytestring, or
perhaps a CBOR Null.
An essential requirement for all language mappings and all
implementations is that, regardless of what other options exist
for a language-specific represenation of the value, there is
always an option to use a CBOR byte string as the value. The API
will then wrap this byte string in CBOR Tag 24 for transmission
via GRASP, and unwrap it after reception.
It was unclear whether you just meant an opaque CBOR byte string here (CBOR
major type 2), or a CBOR byte string that itself contains CBOR encoded data
(i.e. CBOR Tag 24). Is there any limit on the length of the CBOR byte string
that is allowed?
2.3.2. Registration
Some APIs list "Asynchronous Mechanisms:" and others don't. It might be
helpful to clarify that those APIs that don't list asynchronous mechanisms are
implicitly synchronous in their behaviour.
* deregister_asa()
- Note - the ASA name is strictly speaking redundant in this
call, but is present for clarity.
Presumably it also makes it significantly harder for a rogue client to try and
deregister all ASAs by looping through all asa_nonces.
2.3.4. Negotiation
2. The 'session_nonce' parameter is not null. In this case
negotiation must continue. The returned
'proffered_objective' contains the first value proffered by
the negotiation peer. Note that this instance of the
objective must be used in the subsequent negotiation call
because it also contains the current loop count. The
'session_nonce' must be presented in all subsequent
negotiation steps.
Presumably the loop count in the proffered_objective must be one greater than
the loop count in the objective structure? Would it be helpful to mention this?
I also wasn't sure whether it must be "this instance of the objective must be
used", or just that the loop counter must be copied across. E.g., functional
languages would encourage these structures to be immutable.
- Asynchronous Mechanisms:
o Event loop implementation: The 'session_nonce' parameter is
used in read/write mode.
It is unclear to me, exactly what you mean by this, particularly because this
is a return parameter. Perhaps this could be further explained in the text, or
refer back the previous text.
2.3.4. Negotiation
* listen_negotiate()
I was surprised that the listen_negotate didn't include any timeout, e.g. to
allow it to be used in polling fashion. Same comment applies to
listen_synchronize().
2.3.4. Negotiation
* negotiate_wait()
It wasn't clear to me why you would want to do this, although that may be
apparent in the GRASP draft. Perhaps a cross reference might be helpful?
2.3.4. Negotiation
* end_negotiate()
Possibly "successful" might be a better parameter name than "reply". I think
that you reply both if the negotiation is successful and also if it failed.
2.3.5. Synchronization and Flooding
* synchronize()
- If the objective was already flooded, the flooded value is
returned immediately in the 'result' parameter. In this case,
the 'source' and 'timeout' are ignored.
Should source be quoted here? It is unclear what it is referring to.
- Otherwise, synchronization with a discovered ASA is performed.
The 'peer' parameter is an 'ASA_locator' as returned by
discover(). If 'peer' is null, GRASP discovery is performed
first.
How does the GRASP discovery work in this scenario? Does this require use of
the discovery APIs? This may require further explanation.
3. Implementation Status [RFC Editor: please remove]
A prototype open source Python implementation of GRASP, including an
API similar to this document, has been used to verify the concepts
for the threaded model. It may be found at
https://github.com/becarpenter/graspy with associated documentation
and demonstration ASAs.
This section will be removed anyway, but I thought that the GIL (global
interpreter lock) effectively prevented Python threads from running
concurrently.
Nits:
I've noted that you have chosen not to use RFC2119 language. No issues with
this, but this may come up in IESG review ...
Use of the term "nonce". Note in UK English this word sometimes takes an
alternative meaning, depending on who you ask and which dictionary you look at:
https://dictionary.cambridge.org/dictionary/english/nonce
You may wish to consider an alternative term, but please note that this is up
to the authors. I'm not objecting to this term, just making you aware, if you
weren't already.
Abstract:
Maybe languages => programming languages.
1. Introduction
As the following figure shows,
Given that the figure is a few paragraphs away (and on the next page in the txt
version), perhaps give the figure a name and reference it by name.
2.3.1.3. Objective.
For me, I would outdent the "} objective" in the C struct example.
represenation -> representation
Thanks,
Rob_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima
