This area is for discussion of the conceptual data model to be used for the command tool.

  • "natural" objects and operations

A management data model is only useful when it facilitates the work of the organization to accomplish their goals.I refer to the steps necessary to accomplish the goals as a set of operations on a set of objects. When the objects and operations fit the goals and processes well, I refer to them as a natural fit.

The ideal is to find the balance between a model that is so specific to a single organization that is has no further use and a model that is so general as to provide no benefit.

  • looking for natural objects from the protocols

The natural objects of the DNS protocol are names (fully qualified) that are made up of labels (letters and numbers between dots), resource records which provide various types of information about a name and zone cuts, which provide all the navigation information to traverse the hierarchy to locate the name server for a given name.

The natural objects of DHCP are machines/interfaces with mac addresses and address ranges which have options attached to them and leases for dynamically allocated addresses.

a cursory look at an object model

  • devices: things that are capable of communicating on an IP network
    • interfaces: the end points of IP communications
      • Primary address
      • secondary address
      • mac address
      • name(s)
      • options for dhcp
    • services: things this device provides for other devices
      • web
        • preferred interface
        • ports
        • virtual hosts
      • mail
        • namespaces considered local
        • namespaces considered a recipient for
        • priority for namespaces
      • name server
        • preferred interface
      • DHCP server
        • probably need linked TFTP servers
      • routing
  • namespaces
    • zone cuts (including apex)
      • name servers
      • control info
      • common zone info (* mx...)
    • delegations (where the namespace changes from local administrative control)
    • names (things that don't generate from other data)
      • class, type, data
      • linkages (certain names/types are connected to others and want to be controlled simultaneously)
  • addresses
    • subnets
      • prefix, broadcast
      • default PTR generator (fills in in-addr if there is no more specific info)
      • options
      • dhcp servers
    • direct ranges (addr-addr)
      • dhcp servers
      • lease control (often used for dynamic allocation)
      • forward and reverse generators
    • single addresses
      • (many built from device model)
  • rolls, accounts and change control
    • Role based access control (RBAC)
    • accounts get OR of all role permissions on login
    • hierarchical scoping of roles
  • attachments (metadata pieces that can be attached to other elements)
    • auditing info
      • time of last action
      • account for last action
      • append only audit mechanism
    • operational info
      • ticket, provisioning or other action trace mechanism
      • approval status and requirement
      • other linkage hooks (such as a whois pointer for a registry delegation)
    • back trace objects (opaque tags in lower level data to be traced back for source identification)
Last modified 8 years ago Last modified on Sep 21, 2010, 12:48:07 AM