Entity deregistration API proposals #2779
Conversation
albinsuresh
requested review from
reubenmiller and
didier-wenzek
as code owners
albinsuresh
had a problem deploying
to
Test Pull Request
GitHub Actions
Failure
There was a problem hiding this comment.
For the following reason, I prefer a solution where the user triggers the de-registration by clearing retained messages and thin-edge takes care of cascading the de-registration to avoid orphans.
- Symmetry. Child devices, services and capabilities are registered by publishing retained messages. The same mechanism should be used to de-register these entities. At least to trigger the de-registration. What is done by the proposed
tedge deregistercommand can be done by the mapper or the agent on reception of an empty message onte/device/child01//. - Completeness. A new
tedge deregistercommand is call for atedge registercommand. Similarly, if we opt for an HTTP DELETE method to de-register an entity, I would expect an HTTP PUT for entity registration. And even an HTTP GET to see the current state. - Robustness. As retained message are used to store entities metadata and relationship, thin-edge must handle properly clearing retained messages. i.e. cascading clearing messages from a child devices to all its metadata, services and capabilities.
There are open questions though:
- As highlighted, in the 3rd proposal, it might be better that the agent and not the mapper triggers the appropriate cascade of de-registration. However, currently, the agent has no view on the entities.
- Cascading the removal of all grand-child devices on child-device de-registration might be error prone. Can these grand-child devices attached to the parent of the child-device that has been removed?
|
|
||
| **Cons** | ||
|
|
||
| * Deregistrations can't be done remotely, unless `tedge` is installed on those remote device as well. |
There was a problem hiding this comment.
Why? As far I understand the proposal, this tedge deregister command uses MQTT to fetch and clear the relevant topics and the mapper does the clean-up on disk and on the cloud.
There was a problem hiding this comment.
What I meant is that, if the API to deregister the entities is provided only as a tedge command, then it can only be invoked from a device where tedge is installed, even though the command internally uses MQTT only. That's why it is still possible to do this remotely as well, as long as tedge is installed on that remote device as well.
There was a problem hiding this comment.
I still see value for having a user friendly tedge deregister command, however that should just use the MQTT or HTTP API that we provide to deregister an entity. The command should not have to subscribe to messages itself.
| mosquitto_sub --remove-retained -t "te/device/child01/+/+/#" | ||
| ``` | ||
|
|
||
| The mappers must also be updated to remove entities from their entity store on receipt of these clear messages. |
There was a problem hiding this comment.
Don't the mappers have to do that in any case?
There was a problem hiding this comment.
Currently, the mapper just ignores empty registration messages. So, this mapper change is a must-have regardless of the solution that we pick.
There was a problem hiding this comment.
Since the mappers are responsible for the interactions with the clouds, they should also be configurable when removing the device from the cloud as sometimes you only want to delete the local data and want to keep the data in the cloud (e.g. measurements from a decommissioned device), and since not deleting the data from the cloud is less destructive, then that should be the default (to avoid unexpected data loss).
| The responsibility of issuing the clear messages is left with the agent instead of the mapper, | ||
| which already has its own entity store, to prevent multiple mappers from doing the same simultaneously. |
There was a problem hiding this comment.
That's an interesting point. It would be indeed better to avoid duplicates of clean-up messages when two mappers are running. That said would this be an issue? Clearing a retained message is idempotent as well as all the clearing operations on-disk and in the cloud.
There was a problem hiding this comment.
Yeah, multiple mappers issuing clear messages is not really a blocker issue or anything, considering their idempotent nature.
There is also the ownership aspect of that responsibility. If it's with tedge-agent, then we provide it out of the box irrespective of the mapper used. But, if we leave it to the mapper, then we need to replicate it in every mapper (of course we can reuse the logic with our own mappers), but even third-party mappers will have to support the same from their end. That's why I was more in favour of our own component owning that responsibility, and the mapper just being a mapper of those clear messages.
There was a problem hiding this comment.
There is also the ownership aspect of that responsibility. If it's with
tedge-agent, then we provide it out of the box irrespective of the mapper used. But, if we leave it to the mapper, then we need to replicate it in every mapper (of course we can reuse the logic with our own mappers), but even third-party mappers will have to support the same from their end. That's why I was more in favour of our own component owning that responsibility, and the mapper just being a mapper of those clear messages.
This makes sense. I wonder if this could be then pushed a bit further by also moving the auto-registration logic into the agent. The latter will be then responsible of maintaining a consistent view of the device entities.
There was a problem hiding this comment.
Maybe we could use more explicit "Death" messages (sparkplug b spec has both BIRTH and DEATH messages to communicate when an entity is being added or removed), then the mapper could react to the explicit "death" message (to unregister the appropriate entity)
Some examples of the message provided by sparkplug B
I'm completely aligned with that thought on symmetry, and using empty registration message on the same topic id was the first idea that I started with as well. Even though it works for the default case where the device and all its linked entities are deregisterd, it was the desire to support those additional targeting/filtering capabilities, like removing only the services of that target device or only the children of that target device, that pushed me towards a completely independent API. I really feel that a single API to remove all the linked entities of a device would come in really handy, especially for the main device. And this wouldn't have been possible if we used empty retained messages as the cue for deregistration. If we change it from an empty retained message to a non-retained message with the filtering options as well, then it kinda beats the symmetry aspect and complicates the non-empty payload handling as well (parse and then determine if the payload is a registration message or a deregister message). The second reason why I modelled it specifically as a
I thought those HTTP endpoints are already in the roadmap, and I assumed this task would be the first step towards that goal.
But, isn't that the most common use-case? When I delete a child device from C8y, I almost always want its entire child hierarchy also gone with it, as cleanup is usually my primary goal. So, I definitely would want that as the default behaviour as I can't really imagine the use-case for attaching a child device's sensors (nested child devices) or services to a parent device and what would that even mean, at a physical deployment level. On the cloud also, esp C8y, migrating parents is going to be a complex operation. But, open to explore those potential use-cases and provide this as an extra option. |
I appreciate the benefits but wonder if it's worth it. Indeed, this will add quite a lot of complexity (for the user and in the code), for something that is not a daily use-case.
You are correct. See thin-edge/thin-edge.io-roadmap#75. However, I would take a different approach: building the HTTP API on top of the MQTT API, exposing all the |
reubenmiller
added
theme:mqtt
We will need to have options regarding the deregistration in the near future so that users can control whether the device should also be deleted from the cloud or not, so designing around this criteria will be useful. Using the |
albinsuresh
had a problem deploying
to
Test Pull Request
GitHub Actions
Failure
albinsuresh
had a problem deploying
to
Test Pull Request
GitHub Actions
Failure
There was a problem hiding this comment.
I'm not really happy with the asymmetry introduced here:
- registration done using declarative retained messages (describing a view over the entities),
- deregistration done using procedural commands (using retained messages, sure, but for a different purpose).
This will be a source of confusion for the users but also for the implementers. This is already proven to be a source of problems with the mix of auto-registration and user-defined MQTT schema.
Can we:
- use empty retain messages as the main mechanism to prune an entity and all its sub-entities
- add a
deregistercommand to cherry pick the entities to be removed and publish the appropriate empty retain messages. - deprecate auto-registration in favor of a
registercommand similar/symmetric to the proposedderegistercommand.
albinsuresh
had a problem deploying
to
Test Pull Request
GitHub Actions
Failure
|
|
||
| This message will result in the deregistration of that target entity and all the nested entities (services and child devices) linked to it. | ||
|
|
||
| Different `tedge` components will react to the deregistration messages as follows: |
There was a problem hiding this comment.
So, if I understand correctly:
- The user emits a single MQTT message to prune a hierarchy of entities.
- This clearing message is an empty retained message published on the root topic of the pruned hierarchy
- The mappers propagate entity removal to the cloud, pruning all attached entities (services, child devices, twin metadata, capabilities, ...)
- The agent has to responsibility to clear the local view of the entities. It cascades clearing messages along the pruned hierarchy ensuring these sub-entities will not be re-created on mapper restart.
This is okay, but we need to be aware that combined with auto-registration this might lead to strange hierarchy if the device is restarted before the agent gets a chance to prune all the sub-entities. Some will be re-created by the mapper but using the auto-registration logic.
albinsuresh
force-pushed
the
feat/delete-entity-api
branch
from
61ac7e0
to
cfa79cb
Compare
albinsuresh
had a problem deploying
to
Test Pull Request
GitHub Actions
Failure
There was a problem hiding this comment.
Approved.
However, as said in this comment we will have to re-think auto-registration in combination with deregistration.
albinsuresh
force-pushed
the
feat/delete-entity-api
branch
from
cfa79cb
to
bc13827
Compare
albinsuresh
had a problem deploying
to
Test Pull Request
GitHub Actions
Failure
albinsuresh
force-pushed
the
feat/delete-entity-api
branch
from
bc13827
to
3d60970
Compare
albinsuresh
temporarily deployed
to
Test Pull Request
GitHub Actions
Inactive
Robot Results
|
Proposed changes
Entity deregistration API proposals with pros and cons of each approach.
Types of changes
Paste Link to the issue
Checklist
cargo fmtas mentioned in CODING_GUIDELINEScargo clippyas mentioned in CODING_GUIDELINESFurther comments