Internet-Draft DMLMO September 2022
Palmero, et al. Expires 25 March 2023 [Page]
Workgroup:
OPSA Working Group
Internet-Draft:
draft-palmero-opsawg-dmlmo-06
Published:
Intended Status:
Standards Track
Expires:
Authors:
M. Palmero
Cisco Systems
F. Brockners
Cisco Systems
S. Kumar
NC State University
S. Bhandari
Thoughtspot
C. Cardona
NTT
D. Lopez
Telefonica I+D

Data Model for Lifecycle Management and Operations

Abstract

This document motivates and specifies a data model for lifecycle management and operations. It describes the motivation and requirements to collect asset-centric metrics including but not limited to asset adoption and usability, licensing, supported features and capabilities, enabled features and capabilities, etc.; with the primary objective to measure and improve the overall user experience along the lifecycle journey, from technical requirements and technology selection through advocacy and renewal, including the end of life of an asset.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 25 March 2023.

Table of Contents

1. Introduction

The virtualization of hardware assets and the development of applications using microservice architecture for cloud-native infrastructure created new consumption and licensing models. Any service can be deployed by composing multiple assets together where an asset refers to hardware, software, application, system or service. For example, cloud-native infrastructure from one vendor may be hosted on the physical server from another vendor or a combination of multiple cloud-native functions from one or more vendors can be combined to execute any service.

This introduces challenges for both lifecycle and adoption management of the assets. For example, a user may need to identify the capability availability of different assets or measure the usage of each capability (or the combination) from any specific asset to measure its optimal potential. Moreover, the user could pinpoint the reason: the software application could not be optimally deployed, or is not simple to use, or is not well documented, etc. The user may use feed such measurements and analysis metrics back to the support engineers and the developers, so they can focus their work effort only on features that users are adopting, or even determine when the lifecycle of the development could end.

This creates the need to collect and analyze asset-centric lifecycle management and operations data. From now on this data will be referred as Lifecycle Management and Operations (LMO); where LMO is not limited to virtualized or cloud environments, it covers all types of networking environments in which technology assets are deployed.

LMO data constitutes data needed to measure asset-centric lifecycle metrics including but not limited to asset adoption and usability, licensing, supported features and capabilities, enabled features and capabilities, etc. The primary objective is to facilitate the asset lifecycle management from the initial asset selection and positioning, licensing, feature enablement and usage, and beyond renewal to improve the overall user experience.

The main challenge in collecting LMO-related data, especially in a multi-vendor environment, relies on the ability to produce and consume such data in a vendor-agnostic, consistent and synchronized manner. APIs or telemetry are meant to collect and relay this data to receiving equipment for storing, analysis and/or visualization.

This document describes the motivation behind LMO, lists use cases, followed by the information model and data model of LMO. The list of use cases describes the need for new functional blocks and their interactions. The current version of this draft is focused on asset inventory, licenses information, feature usage and incident management. This draft specifies four YANG modules [RFC7950] focused on LMO, including:

* Licenses,
* Assets,
* Usage level of Asset features, and
* Incident Management.

This document is organized as follows. Section 2 establishes the terminology and abbreviations. In Section 3, the goals and motivation of LMO are discussed. In Section 4, use cases are introduced. Section 5 specifies the information model and the data models for LMO.

1.1. Requirements language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

2. Terminology

Terminology and abbreviations used in this document:

3. Motivation

The user experience with a specific asset can be organized into four classes:

  1. Asset characteristic class, covering anything related to asset, license, features, etc.
  2. Utilization class, to measure how the assets and features are used, duration of usage, uptime, etc.
  3. Notification class, covering any security advisory, retirement, etc.
  4. Incident class, to record and report any problem the user has faced with the asset.

The ability to measure, produce and consume LMO could benefit the user organization in addressing issues such as:

In addition to the resolution of incidents, LMO could allow developer organizations to optimize the features they offer. For example, they could consider deprecating features that are used infrequently or focus on introducing more features for the assets that are widely deployed in various infrastructures.

LMO also covers the need of communication between users and the developer. LMO can provide the capability for users to provide feedback about any asset (e.g., potential deficiency of a feature, feature enhancement request). An administrator in the user organization may include specific metrics that identify a potential problem of that specific feature or a capability of the asset. An engineer in the developer organization can determine the impact of the potential deficiency from the number of users providing feedback. Note that this channel is different from a "call to a Technical Assistance Center" in which the user may request help in resolving operational issues with the asset.

4. Use Cases

4.1. License Inventory and Activation

An operations engineer would like to understand which licenses are activated and which are used and/or consumed. It is also important for asset users to understand which features within their assets might need a license and how to activate them.

It is relatively straightforward to have an inventory of existing licenses when there is only one asset developer (providing the asset) and one asset family.

But complexity grows when there are many different developers, systems and processes involved. New service offerings have introduced new attributes and datasets and require alignment with new business models (pay-per-product, subscription model, pay-as-you-go model, etc.). They might support different license types and models: asset activation keys, trust-based model, systems that act as proxy from the back end owned by the asset developer to support the control of licenses, etc.

Sometimes it is a challenge to report which licenses have been bought by the asset user, or who in the user organization owns that license because that information might rely on different asset developers; even within the same asset developer, licenses may correspond to different types or groups of assets. Asset users often need to interact with different license systems and processes.

Information on how assets are licensed could be delivered from a combination of attributes such as: sales order, purchase order, asset activation key, serial number, etc.

If there is no consistency on how to deal with those data points, complexity increases for the consumer, potentially requiring manual steps. Automating those manual steps or exceptions becomes time-consuming, eventually leading to higher costs for the asset consumer.

Having a common data model for LMO eases the integration between different data sources, processes, and consolidation of the information under a common reference.

4.2. Features in Use

Feature logic is required to identify the configured features from the running configuration and determine how they might be used. There is often a lack of an easy method to list any configured features available in the current asset.

This information is extracted from the running configuration many times, implemented by a rule system without having an easy method to list any configured features available in the current asset.

Some of these use cases need to be built on top of others, and from them, other more complex use cases could be created. For instance, Software Compliance use cases can be automated, based on use cases like security advisory, errata, End of Life(EOL), etc.

All this brings a complete set of use cases that fulfills Lifecycle Management of assets, complementing and providing metrics on how asset users are using assets and how their experience from using those assets can be improved.

4.3. Assets in Use

Current approach to quantify how an asset is used, requires volume or aggregated usage/consumption metrics related to deployed assets, functions, features, integrations, etc. Also the need to quantify which metrics might be associated to a user, an organization, to specific services and how often are used; while others may be based on pre agreed profile (contractural or usage) of intented use. Examples include:

  • Number of search/queries sent by the user.
  • Amount of data returned to the user.
  • Amount of active time spent using the asset/feature.
  • Number of concurrent users accessing the asset/feature.
  • Number of features in use.
  • Number of users or sites using those features, etc.

The information models and data models for LMO include data fields to support metrics that might be required by consumption-based charging and licensing of asset usage.

4.4. Risk Mitigation Check (RMC)

Network, software and cloud engineers would like to be aware of known issues that are causing assets to crash so that they can act to remediate the issue quickly, or even prevent the crash if alerts are triggered on time. There are analytics tools that can process memory core dumps and crash-related files, providing the ability to the asset developers to determine the root cause.

Accordingly, asset users can remediate the problem, automate the remedy to enable incident deflection, allowing the support staff to focus on new problems. The goal of introducing normalization is not to define attributes for each of the elements being part of the crash information, but the results of RMC should be normalized and registered.

Risk Mitigation Check could also include the possibility to be aware of current and historical restarts allowing network and software engineers to enhance the service quality to asset users.

4.5. Errata

Both hardware and software critical issues or Errata need development to automate asset user matching:

  • Hardware Errata match on product identifiers (PIDs) + serial numbers along with additional hardware attributes.
  • Software Errata match on software type and software version along with some additional device attributes.

Engineering might develop the logic to check whether any critical issue applies to a single serial number or a specific software release.

The information to be correlated includes customer identification, license, and asset information that the asset user might own. All this information needs to be correlated with hardware and software Errata, and EOL information to show which part of the asset inventory might be affected.

4.6. Security Advisory

The Security Advisory use case automates the matching of asset user data to security bulletins published by asset developers.
Security Advisory logic implemented by developers could apply to a specific software release.

4.7. Optimal Software Version (OSV)

The objective of the Optimal Software Version (OSV) use case is that consumers can mark software images as OSV for their assets; based on this, it is easier for them to control and align their hardware and software assets to the set of OSVs.

Based on the logic of OSV, use cases like software compliance, risk trend analysis, acknowledge bugs, security advisories, errata, what-if analysis, etc., could be realized.

4.7.1. Software Conformance

All the assets should be at their latest recommended software version in case a security update is required to address a security issue of a specific feature.

The Software Conformance use case provides a view to the asset users and informs the users whether the assets that belong to a specific group conforms to the OSV or not. It can provide the users with a report, including a representation of software compliance for the entire network and software applications. This report could include the current software version running on the asset and the recommended software version. The report could enable users to quickly highlight which group of assets might need the most attention to inspire appropriate actions.

The Software Conformance use case uses data that might not be provided by the asset itself. Data needs to be provided and maintained also by the asset developers, through e.g., asset catalog information. Similar logic applies to a feature catalog, where the asset developer maintains the data and updates it adequately based on existing bugs, security advisories, etc.

The Software Conformance process needs to correlate the Software catalog information with the software version running on the asset.

4.7.2. Risk Trend Analysis

The Risk Trend Analysis use case provides customers with a risk trend analysis, summarizing what might change before applying changes, including registered bugs, security advisories and errata.

4.7.3. What-if Analysis

The What-if Analysis use case allows asset users to plan for new hardware or software, giving them the possibility to change the config parameters or model how new hardware or software might change the software suggestions generated by OSV.

OSV and the associated use cases involve dependencies on attributes that might need to be collected from assets directly, including related inventory information (serial numbers, asset identifiers, software versions, etc.), but also dynamic information could be required, like:

  • Information on features that might be enabled on the particular asset.
  • Catalogs, that might include information related to release notes. For example, consider a feature catalog. This catalog could include software versions that support a specific feature; the software releases that a feature is supported in; or the latest version that a feature is supported in, in case the feature is EOL.
  • Data sources to correlate information coming from reports on critical issues or errata, security advisory, End of Life, etc.

Those catalogs and data sources with errata information, EOL, etc. need to be maintained and updated by asset developers, making sure, that the software running on the assets is safe to run and up to date.

4.8. Asset Retirement - End of Life (EOL)

Hardware EOL reports need to map Hardware EOL PIDs, focusing on base PIDs so that bundles, spares, non-base PIDs, etc., do not provide false EOL reporting to asset users. Software EOL reports are used to automate the matching of user software type and software version to software EOL bulletins.

5. Information Model

The broad metric classes defined in section 3 that quantify user experience can be modeled as shown in Figure 1. There is an inventory of all assets that the user possesses. Each asset in the inventory may be entitled to one or more licenses; a license may contain one or more sub-licenses. The level of usage for each feature and license associated with the asset is measured. For every asset, a list of incidents could be created.

For example, a user needs to measure the utilization of a specific license for a specific type of asset. The information about the license may reside in a license server. The state (activated or not) of the license may reside with the asset itself or a proxy. They can be aggregated/correlated as per the information model shown in Figure 1 to give information to the user regarding the utilization of the licenses. The user experience is thus enhanced by having accurate knowledge about the utility of the given license.

 may_be_part_of                                    may_be_part_of
   +------+                                            +-------+
   |      |                                            |       |
   |      v                                            v       |
+------------+  entitled_by            tracked_by   +------------+
|  Licenses  |<------------+          +-------------|   Usage    |
+------------+-----------+ | may_be_  | +---------->+------------+
|  License   | entitles  | | part_of  | | tracks    |   Asset    |
| attributes |           | | +------+ | |           |  Features  |
+------------+           | | |      | | |           | and usage  |
                         v | |      v v |           | attributes |
                        +----------------+          +------------+
                        |     Asset      |
          future_       +----------------+    generated_by
          association   |     Asset      |<----------------+
            +---------->|   attributes   |---------------+ |
            |           +----------------+    generates  | |
            v                                            v |
      +-----------+                                 +------------+
      |  Future   |                                 |  Incident  |
      | Expansion |                                 +------------+
      +-----------+                                 |  Incident  |
                                                    | attributes |
                                                    +------------+

                 Figure 1: Information Model

The model allows for future expansion by new metrics that will quantify user experience. Notice that future asociation relationship and future expansion might be linked to asset or to one of the other datasets: incident, feature usage or licenses.

6. Data Models

6.1. Tree Diagrams of the modules that form LMO

6.1.2. Aggregated Asset Inventory

This specification uses [I-D.draft-ietf-netmod-geo-location-11], [I-D.draft-ietf-opsawg-sbom-access-03]

module: ietf-lmo-assets-inventory

  augment /ietf-lmo:lmos/ietf-lmo:lmo/ietf-lmo:inst:
    +--rw vendor?                   ietf-lmo-common:vendor-id
    +--rw name?                     string
    +--rw description?              string
    +--rw pid?                      string
    +--rw serial-number?            string
    +--rw vid?                      string
    +--rw mac-address?              yang:mac-address
    +--rw ip-address*               inet:ip-address
    +--rw entity-name?              string
    +--rw product-description?      string
    +--rw udi?                      string
    +--rw transparency-info?        inet:uri
    +--rw role?                     identityref
    +--rw aggregation?              boolean
    +--rw number-of-instances?      uint32
    +--rw platform-dependency-os?   identityref
    +--rw install-location
    |  +--rw geo-location
    |     +--rw reference-frame
    |     |  +--rw alternate-system?    string {alternate-systems}?
    |     |  +--rw astronomical-body?   string
    |     |  +--rw geodetic-system
    |     |     +--rw geodetic-datum?    string
    |     |     +--rw coord-accuracy?    decimal64
    |     |     +--rw height-accuracy?   decimal64
    |     +--rw (location)?
    |     |  +--:(ellipsoid)
    |     |  |  +--rw latitude?    decimal64
    |     |  |  +--rw longitude?   decimal64
    |     |  |  +--rw height?      decimal64
    |     |  +--:(cartesian)
    |     |     +--rw x?           decimal64
    |     |     +--rw y?           decimal64
    |     |     +--rw z?           decimal64
    |     +--rw velocity
    |     |  +--rw v-north?   decimal64
    |     |  +--rw v-east?    decimal64
    |     |  +--rw v-up?      decimal64
    |     +--rw timestamp?         yang:date-and-time
    |     +--rw valid-until?       yang:date-and-time
    +--rw deployment-mode?          identityref
    +--rw activation-date?          yang:date-and-time
    +--rw software-version?         string
    +--ro hotfixes
    |  +--ro hostfix* []
    |     +--ro version?   identityref
    |     +--ro order?     uint8
    +--rw software-type?            string
    +--rw sign-of-life-timestamp?   yang:date-and-time
    +--rw tags?                     string

6.1.3. Licenses

module: ietf-lmo-licenses

  augment /ietf-lmo:lmos/ietf-lmo:lmo/ietf-lmo:inst:
    +--rw uid?                string
    +--rw (all-1-asset)?
    |  +--:(all-assets)
    |  |  +--rw all-assets?   boolean
    |  +--:(assets)
    |     +--rw assets
    |        +--rw asset* [lmo-class id]
    |           +--rw lmo-class    -> /ietf-lmo:lmos/lmo/lmo-class
    |           +--rw id           -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id
    +--rw resource* [id]
    |  +--rw id                string
    |  +--rw name?             string
    |  +--rw summary?          string
    |  +--rw characteristic* [id]
    |     +--rw id             string
    |     +--rw name?          string
    |     +--rw description?   string
    |     +--rw unit?          string
    |     +--rw value?         yang:counter64
    |     +--rw value-max?     yang:counter64
    +--rw features
    |  +--rw feature* [lmo-class id]
    |     +--rw lmo-class    -> /ietf-lmo:lmos/lmo/lmo-class
    |     +--rw id           -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id
    +--rw state?              ietf-lmo-common:license-state-t
    +--rw renewal-profile
       +--rw activation-date?   yang:date-and-time
       +--rw expiration-date?   yang:date-and-time
  augment /ietf-lmo:lmos/ietf-lmo:lmo/ietf-lmo:inst:
    +--rw licenses
       +--rw lmo-class?   -> /ietf-lmo:lmos/lmo/lmo-class
       +--rw id?          -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id

6.1.4. Features

module: ietf-lmo-feature

  augment /ietf-lmo:lmos/ietf-lmo:lmo/ietf-lmo:inst:
    +--rw features
       +--rw feature* [lmo-class id]
          +--rw lmo-class    -> /ietf-lmo:lmos/lmo/lmo-class
          +--rw id           -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id
  augment /ietf-lmo:lmos/ietf-lmo:lmo/ietf-lmo:inst:
    +--rw name?                      string
    +--rw summary?                   string
    +--rw category?                  string
    +--rw entitlement?               string
    +--rw first-available-version?   string
    +--ro backported-versions
    |  +--ro backported-version* []
    |     +--ro version?   identityref
    +--rw scope?                     identityref
    +--rw config-options* [id]
    |  +--rw id                string
    |  +--rw name?             string
    |  +--rw summary?          string
    |  +--rw characteristic* [id]
    |     +--rw id       string
    |     +--rw name?    string
    |     +--rw value?   string
    +--rw asset
    |  +--rw lmo-class?   -> /ietf-lmo:lmos/lmo/lmo-class
    |  +--rw id?          -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id
    +--rw subfeatures
       +--rw subfeature* [lmo-class id]
          +--rw lmo-class    -> /ietf-lmo:lmos/lmo/lmo-class
          +--rw id           -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id

6.1.5. Usage

module: ietf-lmo-usage

  augment /ietf-lmo:lmos/ietf-lmo:lmo/ietf-lmo:inst:
    +--rw feature
    |  +--rw lmo-class?   -> /ietf-lmo:lmos/lmo/lmo-class
    |  +--rw id?          -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id
    +--rw name?                   string
    +--rw summary?                string
    +--rw uri?                    string
    +--rw deployment-mode?        identityref
    +--rw scope?                  identityref
    +--rw activation-status?      string
    +--rw instances?              uint32
    +--rw count-type?             identityref
    +--rw timestamp?              yang:date-and-time
    +--rw count?                  uint32
    +--rw frequency* [name]
    |  +--rw name         string
    |  +--rw type-freq?   string
    |  +--rw value?       yang:counter64
    +--rw resource-consumption* [id]
       +--rw id                string
       +--rw name?             string
       +--rw summary?          string
       +--rw characteristic* [id]
          +--rw id           string
          +--rw name?        string
          +--rw unit?        string
          +--rw value?       yang:counter64
          +--rw value-max?   yang:counter64

6.1.6. Incident Management

module: ietf-lmo-incident-management

  augment /ietf-lmo:lmos/ietf-lmo:lmo/ietf-lmo:inst:
    +--rw id?                 string
    +--rw title?              string
    +--rw summary?            string
    +--rw severity?           string
    +--rw status?             string
    +--rw created?            yang:date-and-time
    +--rw last_updated?       yang:date-and-time
    +--rw capability?         string
    +--rw technology?         string
    +--rw subtechnology?      string
    +--rw problem-type?       string
    +--rw resolution?         string
    +--rw owner?              string
    +--rw support-engineer?   string
    +--rw asset
    |  +--rw lmo-class?   -> /ietf-lmo:lmos/lmo/lmo-class
    |  +--rw id?          -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id
    +--rw feature
    |  +--rw lmo-class?   -> /ietf-lmo:lmos/lmo/lmo-class
    |  +--rw id?          -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id
    +--rw contract-number?    string

6.1.7. Organization

module: ietf-lmo-organization

  augment /ietf-lmo:lmos/ietf-lmo:lmo/ietf-lmo:inst:
    +--rw address?      string
    +--rw department?   boolean
  augment /ietf-lmo:lmos/ietf-lmo:lmo/ietf-lmo:inst:
    +--rw organization
       +--rw lmo-class?   -> /ietf-lmo:lmos/lmo/lmo-class
       +--rw id?          -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id

6.1.8. User

module: ietf-lmo-user

  augment /ietf-lmo:lmos/ietf-lmo:lmo/ietf-lmo:inst:
    +--rw billing-account?   uint32
    +--rw represents
    |  +--rw lmo-class?   -> /ietf-lmo:lmos/lmo/lmo-class
    |  +--rw id?          -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id
    +--rw authority?         enumeration
    +--rw email?             string
  augment /ietf-lmo:lmos/ietf-lmo:lmo/ietf-lmo:inst:
    +--rw user
       +--rw lmo-class?   -> /ietf-lmo:lmos/lmo/lmo-class
       +--rw id?          -> /ietf-lmo:lmos/lmo[ietf-lmo:lmo-class = current()/../lmo-class]/inst/id

6.2. LMO Modules

6.2.1. LMO Common Module

<CODE BEGINS> file "ietf-lmo-common@2022-02-28.yang"

module ietf-lmo-common {
  yang-version 1.1;
  namespace "urn:ietf:params:xml:ns:yang:ietf-lmo-common";
  prefix ietf-lmo-common;
  organization
    "IETF OPSA (Operations and Management Area) Working Group";
  contact
    "WG Web:   <https://datatracker.ietf.org/wg/opsawg/>
     WG List:  <mailto:opsawg@ietf.org>
     Editor:  Marisol Palmero
              <mailto:mpalmero@cisco.com>
     Editor:  Josh Suhr
              <mailto:josuhr@cisco.com>
     Editor:  Sudhendu Kumar
              <mailto:skumar23@ncsu.edu>";
  description
    "This YANG module defines a collection of useful data types
     and identity for Lifecycle Management and Operations (LMO).

     Copyright (c) 2021 IETF Trust and the persons identified as
     authors of the code. All rights reserved.

     Redistribution and use in source and binary forms, with or
     without modification, is permitted pursuant to, and subject to
     the license terms contained in, the Simplified BSD License set
     forth in Section 4.c of the IETF Trust's Legal Provisions

     Relating to IETF Documents
     (https://trustee.ietf.org/license-info).

     This version of this YANG module is part of RFC XXXX
     (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
     for full legal notices.";

  revision 2022-02-28 {
    description
      "Introduced flexible root structure";
    reference
      "RFC XXXX: LMO YANG Model";
  }
  revision 2021-08-23 {
    description
      "Initial revision for Common Module as part of the LMO
       YANG Model";
    reference
      "RFC XXXX: LMO YANG Model";
  }

  typedef license-id-t {
    type string;
    description
      "License ID Type";
  }
  typedef license-model-t {
    type enumeration {
      enum perpetual {
        description
          "Perpetual license";
      }
      enum subscription {
        description
          "Subscription license";
      }
      enum usage-based {
        description
          "Usage-based license";
      }
      enum other {
        description
          "Undefined license type";
      }
    }
    description
      "License Model Type";
  }
  identity license-buying-program-t {
    description
      "License Buying Program that contains the plan to generate
       revenue for specific asset";
  }
  identity enterprise-agreement {
        base license-buying-program-t;
        description
          "Enterprise Agreement";
  }
  identity managed-service-license-agreement {
        base license-buying-program-t;
        description
          "Managed Service License Agreement";
  }
  identity service-provider-network-agreement {
        base license-buying-program-t;
        description
          "Service Provider Network Agreement";
  }
  identity collab-active-user {
        base license-buying-program-t;
        description
          "Collaboration Active User";
  }
  identity service-full-coverage {
        base license-buying-program-t;
        description
          "Service Full-Coverage";
  }
  identity offer-type-t {
    description
      "License Offer Type, part of the plan to generate revenue
       for specific asset";
  }
  identity perpetual-software {
      base offer-type-t;
      description
          "Perpetual softwar gives the user the right to use the
           program indefinitely";
  }
  identity standalone-hardware {
      base offer-type-t;
      description
          "Standalone hardware is able to function independently
           of other hardware";
  }
  identity on-premise-software-subscription {
      base offer-type-t;
      description
          "On-Premise software subscription, relates to a temporary
           on-prem licencing model, allowing users to pay a per user
           fee";
  }
  identity cloud-software-saas-subscription {
      base offer-type-t;
      description
          "Cloud Software (SaaS) subscription is a service busines
           model where the user is entitled to use the cloud software
           for a specific time period";
  }
  identity third-party-software {
      base offer-type-t;
      description
          "It includes licenses, agreements, obligations or other
          commitment under which the user can use the asset not
          directly sold by the manufacturer";
  }
  identity flex-cloud-prem-subscription {
      base offer-type-t;
      description
          "Flex Cloud-Prem subscription allows software vendros to
          limit the number of licenses for the use of the specific
          asset";
  }
  typedef license-key-t {
    type string;
    description
      "License Key Type";
  }
  typedef purchase-order-t {
    type string;
    description
      "License purchase order number";
  }
  typedef license-state-t {
    type enumeration {
      enum inactive {
        description
          "Inactive State";
      }
      enum active {
        description
          "Active State";
      }
      enum unknown {
        description
          "Unknown State";
      }
    }
    description
      "License State Type";
  }

  typedef asset-id {
    type string;
    description
      "Asset ID Type";
  }

  typedef vendor-id {
    type enumeration {
      enum cisco {
        description
          "Vendor-id is Cisco";
      }
      enum other {
        description
          "Vendor-id is not determined";
      }
    }
    description
      "Vendor identifier";
  }

  identity asset-type {
    description
      "type of the asset: hardware, software, software cloud, ...";
  }
  identity hw {
    base asset-type;
    description
      "Hardware refers to any physical device";
  }
  identity sw {
    base asset-type;
    description
      "Software refers to a collection of code installed on a
      hardware asset";
  }
  identity sw-cloud {
    base asset-type;
    description
      "Cloud-based software, that allows users access to software
      application that run on a shared computing resources via
      Internet";
  }
  identity phone {
    base asset-type;
    description
      "Mobile telephone or a handheld two-way communication device
      over a cellular network.";
  }
  identity other {
    base asset-type;
    description
      "Different or additional type not specified as part of another
      defined asset-type.";
  }
  identity asset-subtype {
    description
      "subtype of the asset: router, switch, wireless,
      controller, ...";
  }
  identity router {
    base asset-subtype;
    description
      "Network connecting device. It operates at layer-3 of the OSI
      model.";
  }
  identity switch {
    base asset-subtype;
    description
      "Network connecting device. It operates at layer-2(Data Link
      Layer) of the OSI model.";
  }
  identity wireless {
    base asset-subtype;
    description
      "Network connecting device. It creates a wireless local area
      network. It connects to a wired router, switch, or hub via an
      Ethernet cable, and projects a Wi-Fi signal to a designated
      area";
  }
  identity controller {
    base asset-subtype;
    description
      "Centralized device in the network which is used in combination
      with network connection devices, when there is a need to manage
      them in large quantities.";
  }
  identity board {
    base asset-subtype;
    description
      "Electronic circuit board in an asset which interconnects
      another hardware assets attached to it.";
  }
  identity p-supply {
    base asset-subtype;
    description
      "Power supply, as it might have independent identity.";
  }
  identity transceiver {
    base asset-subtype;
    description
      "Device that is both a transmitter and a receiver. Usually
      it's in a single device.
      This is commonly used as a modular network interface";
  }
  identity others {
    base asset-subtype;
    description
      "Different or additional type not specified as part of another
      defined asset-subtype.";
  }
  identity version {
    description
      "Base identity for all version types";
  }
  identity version-sw {
  base version;
    description
      "Version release of the operating system that runs on the
      asset";
  }
  identity platform-dependency-os {
    description
      "Operating system that creates an environment for the asset
       to get deployed. Enum of options covering OS platform
       dependency.";
  }
  identity linux {
    base platform-dependency-os;
    description
      "UNIX like operating system";
  }
  identity windows {
    base platform-dependency-os;
    description
      "Windows operating system";
  }
  identity macOS {
    base platform-dependency-os;
    description
      "Mac operating system develop by Apple, Inc.";
  }
  identity darwin {
    base platform-dependency-os;
    description
      "Open-source Unix-like operating system first released by Apple
      Inc.";
  }
  identity ubuntu {
    base platform-dependency-os;
    description
      "Linux distribution, used in desktop distribution";
  }
  identity red-hat {
    base platform-dependency-os;
    description
      "Red Hat Enterprise Linux, released in multiple server and
      desktop versions";
  }
// NEED to extend and include iOS, Android, etc.;

  identity role {
    description
      "What the role of a given device/component is in the network.
      This attribute normally will be configured on the specific
      component during setup. This attribute normally will be
      configured on the specific component during setup";
  }
  identity border-router {
    base role;
    description
      "Router that provides connectivity between interior and
      exterior network routers or to the cloud";
  }
  identity access {
    base role;
    description
      "Router that provides access to a larger communication network
      of some sort.";
  }
  identity control-plane {
    base role;
    description
      "Network component that controls how data packets are
      forwarded";
  }
  identity edge {
    base role;
    description
      "Router that provides an entry point into enterprise or service
      provider core networks";
  }
  identity core {
    base role;
    description
      "Component part of the high-speed backbone of the network. It
      provides fast and efficient data transport";
  }
  identity datacenter {
    base role;
    description
      "Component placed in the data center, mantaining and housing
      back-end IT system and data stores";
  }
  identity branch {
    base role;
    description
      "Router in a remote branch of an enterprise's network";

  }
  identity deployment-mode {
    description
      "This attribute will denote the configured deployment mode
       for the asset and features, if applicable; e.g.,
       High Availability(HA) or Faiover cluster, virtual appliance,
       etc.";
  }
  identity primary {
    base deployment-mode;
    description
      "Asset or featurs that support critical applications to
      minimize system downtime, to achieve high availabiilty or
      failover";
  }
  identity secondary {
    base deployment-mode;
    description
      "Redundant asset or feature, that is triggered when the
      primary encounters performance issues, to achieve high
      availability or failover";
  }
  identity cloud {
    base deployment-mode;
    description
      "Especially it refers to remote, distributed and shared asset
      resources (i.e. data storage, computing power, etc.), which
      are hooked together and meant to operate as a single
      ecosystem.";
  }
  identity virtual-appliance {
    base deployment-mode;
    description
      "pre-configured virtual machine image, ready to run on a
      hypervisor";
  }
  identity container {
    base deployment-mode;
    description
      "Standard unit of software that packages up code and all its
      dependencies so the application runs quickly and reliably from
      one computing environment to another";

  }
  identity undeployed {
    base deployment-mode;
    description
      "it refers to an asset that is undeployed";

  }
  identity counter-type {
    description
      "Specify the different type of counters, i.e accumulated-count,
       average-count, last-count, high-water mark count, low-water
       mark count" ;
  }
  identity accumulated {
    base counter-type;
    description
      "monotonically increasing counters. They're useful for
       aggregating metric information such as the number of hits
       on a web page, how many users log into a portal, etc.";
  }
  identity average {
    base counter-type;
    description
      "typical value in a set of metrics, in particular the mean,
      which is calculated by dividing the sum of the values in the
      set by their number.";
  }
  identity last {
    base counter-type;
    description
      "Last value measured and collected for specific metric.";
  }
  identity high-water-mark {
    base counter-type;
    description
      "Highest level of value in a set of metrics.";
  }
  identity low-water-mark {
    base counter-type;
    description
      "Lowest level of value in a set of metrics.";
  }
  identity feature-scope {
    description
      "Optional tag that could apply to any usage feature, so that
       if there are multiple dimensions of reporting that need to
       be accommodated (i.e., report feature usage by 'site')";
  }
  identity site {
    base feature-scope;
    description
      "Single location, part of the network";
  }
  identity network {
    base feature-scope;
    description
      "scope limited to the networking assets";
  }
  typedef feature-usage-type {
    type enumeration {
      enum none {
        description
          "No Usage";
      }
      enum low {
        description
          "Usage meeting the Low Threshold";
      }
      enum medium {
        description
          "Usage meeting the Medium Threshold";
      }
      enum high {
        description
          "Usage meeting the High Threshold";
      }
      // NEED to elaborate more on this list, based on use case
      // validation
    }
    description
      "feature usage % 0-25-50-75-100";
  }

  identity lmo-class {
    description "Base identity for classes of LMOs";
  }

<CODE ENDS>

7. Deployment Considerations

LMO Data Models defines the data schemas for LMO data. LMO Data Models are based on YANG. YANG data models can be used independent of the transport and can be converted into any encoding format supported by the network configuration protocol. YANG is a protocol independent.

To enable the exchange of LMO data among all interested parties, deployment considerations that are out of the scope of this document, will need to include:

8. Security Considerations

The security considerations mentioned in section 17 of [RFC7950] apply.

LMO brings several security and privacy implications because of the various components and attributes of the information model. For example, each functional component can be tampered with to give manipulated data. LMO when used alone or with other relevant data, can identify an individual, revealing Personal Identifiable Information (PII). Misconfigurations can lead to data being accessed by unauthorized entities.

Methods exist to secure the communication of management information. The transport entity of the functional model MUST implement methods for secure transport. This document also contains an Information model and Data-Model in which none of the objects defined are writable. If the objects are deemed sensitive in a particular environment, access to them MUST be restricted using appropriately configured security and access control rights. The information model contains several optional elements which can be enabled or disabled for the sake of privacy and security. Proper authentication and audit trail MUST be included for all the users/processes that access the LMO.

9. IANA Considerations

9.1. The IETF XML Registry

This document registers URIs in the IETF XML registry [RFC3688]. Following the format in [RFC3688], the registrations defined below are requested:

URI: urn:ietf:params:xml:ns:yang:ietf-lmo
Registrant Contact: The OPSA WG of the IETF.
XML: N/A, the requested URI is an XML namespace.

URI: urn:ietf:params:xml:ns:yang:ietf-lmo-common
Registrant Contact: The OPSA WG of the IETF.
XML: N/A, the requested URI is an XML namespace.

URI: urn:ietf:params:xml:ns:yang:ietf-lmo-assets-inventory
Registrant Contact: The OPSA WG of the IETF.
XML: N/A, the requested URI is an XML namespace.

URI: urn:ietf:params:xml:ns:yang:ietf-lmo-licenses
Registrant Contact: The OPSA WG of the IETF.
XML: N/A, the requested URI is an XML namespace.

URI: urn:ietf:params:xml:ns:yang:ietf-lmo-feature
Registrant Contact: The OPSA WG of the IETF.
XML: N/A, the requested URI is an XML namespace.

URI: urn:ietf:params:xml:ns:yang:ietf-lmo-usage
Registrant Contact: The OPSA WG of the IETF.
XML: N/A, the requested URI is an XML namespace.

URI: urn:ietf:params:xml:ns:yang:ietf-lmo-incident-management
Registrant Contact: The OPSA WG of the IETF.
XML: N/A, the requested URI is an XML namespace.

URI: urn:ietf:params:xml:ns:yang:ietf-lmo-organization
Registrant Contact: The OPSA WG of the IETF.
XML: N/A, the requested URI is an XML namespace.

URI: urn:ietf:params:xml:ns:yang:ietf-lmo-user
Registrant Contact: The OPSA WG of the IETF.
XML: N/A, the requested URI is an XML namespace.

9.2. The YANG Module Names Registry

This document registers YANG modules in the YANG Module Names registry [RFC7950]. Following the format in [RFC7950], the registrations defined below are requested:

name: ietf-lmo
namespace: urn:ietf:params:xml:ns:yang:ietf-lmo
maintained by IANA: N
prefix: lmocom
reference: RFC XXXX

name: ietf-lmo-common
namespace: urn:ietf:params:xml:ns:yang:ietf-lmo-common
maintained by IANA: N
prefix: lmocom
reference: RFC XXXX

name: ietf-lmo-asset-inventory
namespace: urn:ietf:params:xml:ns:yang:ietf-lmo-assets-inventory
maintained by IANA: N
prefix: lmoasset
reference: RFC XXXX

name: ietf-lmo-licenses
namespace: urn:ietf:params:xml:ns:yang:ietf-lmo-licenses
maintained by IANA: N
prefix: lmolicense
reference: RFC XXXX

name: ietf-lmo-feature
namespace: urn:ietf:params:xml:ns:yang:ietf-lmo-feature
maintained by IANA: N
prefix: lmousage
reference: RFC XXXX

name: ietf-lmo-usage
namespace: urn:ietf:params:xml:ns:yang:ietf-lmo-usage
maintained by IANA: N
prefix: lmousage
reference: RFC XXXX

name: ietf-lmo-incident-management
namespace: urn:ietf:params:xml:ns:yang:ietf-lmo-incident-management
maintained by IANA: N
prefix: lmoscm
reference: RFC XXXX

name: ietf-lmo-organization
namespace: urn:ietf:params:xml:ns:yang:ietf-lmo-organization
maintained by IANA: N
prefix: lmoscm
reference: RFC XXXX

name: ietf-lmo-user
namespace: urn:ietf:params:xml:ns:yang:ietf-lmo-user
maintained by IANA: N
prefix: lmoscm
reference: RFC XXXX

10. References

10.1. Normative References

[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/info/rfc2119>.
[RFC8174]
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/info/rfc8174>.

10.2. Informative References

[I-D.draft-ietf-netmod-geo-location-11]
Hopps, C., "A YANG Grouping for Geographic Locations", Work in Progress, Internet-Draft, draft-ietf-netmod-geo-location-11, , <https://www.ietf.org/archive/id/draft-ietf-netmod-geo-location-11.txt>.
[I-D.draft-ietf-opsawg-sbom-access-03]
Lear, E. and S. Rose, "Discovering and Retrieving Software Transparency and Vulnerability Information", Work in Progress, Internet-Draft, draft-ietf-opsawg-sbom-access-03, , <https://www.ietf.org/archive/id/draft-ietf-opsawg-sbom-access-03.txt>.
[RFC3688]
Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, DOI 10.17487/RFC3688, , <https://www.rfc-editor.org/info/rfc3688>.
[RFC6241]
Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, , <https://www.rfc-editor.org/info/rfc6241>.
[RFC7950]
Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, , <https://www.rfc-editor.org/info/rfc7950>.
[RFC8040]
Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF Protocol", RFC 8040, DOI 10.17487/RFC8040, , <https://www.rfc-editor.org/info/rfc8040>.

Acknowledgments

The ideas in this document originate from early work by Tony Colon, Carlos Pignataro, and Yenu Gobena originally referred to as Experience Telemetry.

This document was created by meaningful contributions from Josh Suhr, Eric Vyncke, Yannis Viniotis, Nagendra Kumar Nainar, Yenu Gobena, Dhiren Tailor and Jan Lindblad.

The authors wish to thank Gonzalo Salgueiro, Martin Beverley and many others for their helpful comments and suggestions.

Change log

RFC Editor Note: This section is to be removed during the final publication of the document.

version 06

version 05

version 04

version 03

version 02

version 01

version 00

Authors' Addresses

Marisol Palmero
Cisco Systems
Frank Brockners
Cisco Systems
Sudhendu Kumar
NC State University
Shwetha Bhandari
Thoughtspot
Camilo Cardona
NTT
Diego Lopez
Telefonica I+D