1 .. Modifications Copyright © 2017-2018 AT&T Intellectual Property.
3 .. Licensed under the Creative Commons License, Attribution 4.0 Intl.
4 (the "License"); you may not use this documentation except in compliance
5 with the License. You may obtain a copy of the License at
7 .. https://creativecommons.org/licenses/by/4.0/
9 .. Unless required by applicable law or agreed to in writing, software
10 distributed under the License is distributed on an "AS IS" BASIS,
11 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 See the License for the specific language governing permissions and
13 limitations under the License.
16 Configuration Management
17 ------------------------
19 Controller Interactions With VNF
20 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
22 ONAP Controllers (such as APPC) expose a northbound API to clients
23 (such as SO) in order for the clients to initiate an activity
24 (aka command) on a VNF. ONAP controllers interact with VNFs through
25 Network and Application Adapters to perform configuration and other
26 lifecycle management activities within NFV environment.
27 The standardized models, protocols and mechanisms by which network
28 functions are configured are equally applicable to VNFs and PNFs.
30 This section describes the list of commands that should be supported
31 by the VNF. The following sections describe the standard protocols
32 that are supported (NETCONF, Chef, Ansible, and REST).
34 The commands below are expected to be supported on all VNF's, unless
35 noted otherwise, either directly (via the NETCONF or REST interface)
36 or indirectly (via a Chef Cookbook or Ansible server). Note that there
37 are additional commands offered to northbound clients that are not shown
38 below, as these commands either act internally on the Controller itself
39 or depend upon network cloud components for implementation (thus, these
40 actions do not put any special requirement on the VNF provider).
42 The commands allow for parametric data to be passed from the controller
43 to the VNF or Ansible/Chef server in the request. The format of the
44 parameter data can be either xml (for NETCONF) or JSON (for Ansible,
47 Configuration Commands
48 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
50 **Configure**: The Controller client is requesting that a post-instantiation
51 configuration be applied to the target VNF instance. After the Configure
52 action is completed, the VNF instance should be ready for service.
53 Note that customer specific configurations may need to be applied using
54 the ConfigModify action.
56 **ConfigModify**: The Controller client is requesting a configuration
57 update to a subset of the total configuration parameters of a VNF or to
58 apply customer specific configurations. The configuration update is
59 typically done while the VNF is in service and should not disrupt traffic.
61 **ConfigBackup**: The Controller client is requesting a backup of the
62 configuration parameters where the parameters are stored on the VNF.
63 This command is typically requested as part of an orchestration flow
64 for scenarios such as a software upgrade. The ConfigBackup is typically
65 done while the VNF is not in service (i.e., in a maintenance state).
66 When the ConfigBackup command is executed, the current VNF configuration
67 parameters are saved in storage that is preserved (if there is an existing
68 set of backed up parameters, they are overwritten).
70 **ConfigRestore**: The Controller client is requesting a restore action of
71 the configuration parameters to the VNF that were saved by ConfigBackup
72 command. This command is typically requested as part of an orchestration
73 flow for scenarios such as a software upgrade where the software upgrade
74 may have failed and the VNF needs to be rolled back to the prior configuration.
75 When the ConfigRestore command is executed, the VNF configuration parameters
76 which were backed to persistent preserved storage are applied to the VNF
77 (replacing existing parameters). The ConfigRestore is typically done while
78 the VNF is not in service (i.e., in a maintenance state).
80 **ConfigScaleOut**: The Controller client is requesting that a configuration
81 be applied after the VNF instance has been scaled out (i.e., one or more
82 additional VM's instantiated to increase capacity). For some VNF's,
83 ConfigScaleOut is not needed because the VNF is auto-configured after
84 scale-out. This command is being introduced in the Beijing release.
86 **Audit**: The Controller client is requesting that the current (last known
87 configuration update) is audited against the running configuration on the VNF.
95 The xNF **MUST** support ONAP Controller's **Configure** command.
102 The xNF **MUST** support ONAP Controller's **ConfigModify** command.
109 The xNF **MUST** support ONAP Controller's **ConfigBackup** command.
116 The xNF **MUST** support ONAP Controller's **ConfigRestore** command.
123 The xNF **MUST** support ONAP Controller's **ConfigScaleOut** command.
130 The xNF **MUST** support ONAP Controller's **Audit** command.
132 LifeCycle Management Related Commands
133 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
135 **The following commands are needed to support various lifecycle management
136 flows where the VNF may need to be removed for service.**
138 **QuiesceTraffic**: The Controller client is requesting the VNF gracefully
139 stop traffic (aka block and drain traffic). The method for quiescing traffic
140 is specific to the VNF architecture. The action is completed when all
141 (in-flight transactions) traffic has stopped. The VNF remains in an active
142 state where the VNF is able to process traffic (initiated using the
143 StartTraffic action).
145 **ResumeTraffic**: The Controller client is requesting the VNF resume
146 processing traffic. The method to resume traffic is specific to the VNF
149 **StopApplication**: The Controller client is requesting that the application
150 running on the VNF is stopped gracefully (i.e., without traffic loss).
151 This is equivalent to quiescing the traffic and then stopping the application
152 processes. The processes can be restarted using the StartApplication command.
154 **StartApplication**: The Controller client is requesting that the application
155 running on the VNF is started. Get ready to process traffic.
157 **The following commands are needed to support software upgrades, in-place or
158 other type of software upgrade. The VNF instance may be removed from service
161 **UpgradePrecheck**: The Controller client is requesting a confirmation that
162 the VNF can (and needs to) be upgraded to a specific software version
163 (specified in the request).
165 **UpgradeSoftware**: The Controller client is requesting that a (in-place)
166 software upgrade be performed on the VNF. The software to be applied is
167 pre-loaded to a specified location.
169 **UpgradePostCheck**: The Controller client is requesting a confirmation that
170 the VNF software upgrade has been completed successfully (VNF upgraded to
171 the new software version).
173 **UpgradeBackup**: The Controller client is requesting that the VNF is backed
174 up prior to the UpgradeSoftware.
176 **UpgradeBackOut**: The Controller client is requesting that the VNF upgrade
177 is backed out (in the event that the SoftwareUpgrade or UpgradePostCheck
186 The xNF **MUST** support ONAP Controller's **QuiesceTraffic** command.
193 The xNF **MUST** support ONAP Controller's **ResumeTraffic** command.
200 The xNF **MUST** support ONAP Controller's **StopApplication** command.
207 The xNF **MUST** support ONAP Controller's **StartApplication** command.
214 The xNF **MUST** support ONAP Controller's **UpgradePrecheck** command.
221 The xNF **MUST** support ONAP Controller's **UpgradeSoftware** command.
228 The xNF **MUST** support ONAP Controller's **UpgradePostCheck** command.
235 The xNF **MUST** support ONAP Controller's **UpgradeBackup** command.
242 The xNF **MUST** support ONAP Controller's **UpgradeBackOut** command.
244 Virtual Function - Container Recovery Requirements
245 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
247 As part of life cycle management, for Cloud environment, VNFs need to
248 support a set of basic recovery capabilities to maintain the health
249 and extend the life of the VNF, eliminating and reducing the frequency
250 that an entire VNF needs to be rebuilt or re-instantiated to recover one
251 or more of its containers. For instance, a VNF in an Openstack environment
252 is composed of one or more containers called VMs (Virtual Machines). During
253 the life of a VNF it is expected that Cloud infrastructure hardware will
254 fail or they would need to be taken down for maintenance or hardware and
255 software upgrades (e.g. firmware upgrades, HostOS (Hypervisor), power
256 maintenance, power outages, etc.) To deal with such life cycle events
257 without having to rebuild entire VNFs or even entire sites these basic
258 recovery capabilities of individual containers, Virtual Machines or other,
267 The VNF **MUST** support ONAP Controller's
268 **Restart (stop/start or reboot)** command.
275 The VNF **MUST** support ONAP Controller's Migrate command that
276 moves container (VM) from a live Physical Server / Compute Node to
277 another live Physical Server / Compute Node.
279 Note: Container migrations MUST be transparent to the VNF and no more intrusive than a stop,
280 followed by some down time for the migration to be performed from one Compute Node / Physical
281 Server to another, followed by a start of the same VM with same configuration on the new
282 Compute Node / Physical Server.
289 The VNF **MUST** support ONAP Controller's **Rebuild** command.
296 The VNF **MUST** support a container rebuild mechanism based on existing
297 image (e.g. Glance image in Openstack environment) or a snapshot.
299 HealthCheck and Failure Related Commands
300 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
302 **HealthCheck**: The Controller client is requesting a health check over the
303 entire scope of the VNF. The VNF must be 100% healthy, ready to take requests
304 and provide services, with all VNF required capabilities ready to provide
305 services and with all active and standby resources fully ready with no open
306 MINOR, MAJOR or CRITICAL alarms.
308 Note: In addition to the commands above, the Controller supports a set of
309 Openstack failure recovery related commands that are executed on-demand or via
310 Control Loop at the VM level. The VNF must support these commands in a fully
319 The xNF **MUST** support ONAP Controller's **HealthCheck** command.
321 Notes On Command Support Using Controller Southbound Protocols
322 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
324 The ONAP Controllers are designed to support a standard set of protocols in
325 order to communicate with the VNF instance. The supported protocols are
326 NETCONF, Ansible, Chef, and REST.
328 NETCONF and REST require the VNF to implement a server which supports the RPC
331 Ansible and Chef require the use of a Ansible or Chef server which communicates
332 with the Controller (northbound) and the VNF VM's (southbound).
334 The vendor must select which protocol to support for the commands listed above.
337 * NETCONF is most suitable for configuration related commands
339 * Ansible and Chef are suitable for any command.
340 Ansible has the advantage that it is agentless.
342 * REST is specified as an option only for the HealthCheck.
345 Additional details can be found in the
346 `ONAP Application Controller (APPC) API Guide <https://onap.readthedocs.io/en/latest/submodules/appc.git/docs/index.html>`_,
347 `ONAP VF-C project <https://onap.readthedocs.io/en/latest/submodules/vfc/nfvo/lcm.git/docs/index.html>`_ and
348 the `ONAP SDNC project <https://onap.readthedocs.io/en/latest/submodules/sdnc/oam.git/docs/index.html>`_.
350 NETCONF Standards and Capabilities
351 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
353 ONAP Controllers and their Adapters utilize device YANG model and
354 NETCONF APIs to make the required changes in the VNF state and
355 configuration. The VNF providers must provide the Device YANG model and
356 NETCONF server supporting NETCONF APIs to comply with target ONAP and
359 VNF Configuration via NETCONF Requirements
360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
362 Configuration Management
363 +++++++++++++++++++++++++++
371 The xNF **MUST** include a NETCONF server enabling
372 runtime configuration and lifecycle management capabilities.
379 The xNF **MUST** provide a NETCONF interface fully defined
380 by supplied YANG models for the embedded NETCONF server.
382 NETCONF Server Requirements
383 ++++++++++++++++++++++++++++++
391 The xNF **MUST** allow the NETCONF server connection
392 parameters to be configurable during virtual machine instantiation
393 through Heat templates where SSH keys, usernames, passwords, SSH
394 service and SSH port numbers are Heat template parameters.
401 The xNF **MUST** implement the protocol operation:
402 **close-session()**- Gracefully close the current session.
409 The xNF **MUST** implement the protocol operation:
410 **commit(confirmed, confirm-timeout)** - Commit candidate
411 configuration datastore to the running configuration.
418 The xNF **MUST** implement the protocol operation:
419 **discard-changes()** - Revert the candidate configuration
420 datastore to the running configuration.
427 The xNF **MUST** implement the protocol operation:
428 **edit-config(target, default-operation, test-option, error-option,
429 config)** - Edit the target configuration datastore by merging,
430 replacing, creating, or deleting new config elements.
437 The xNF **MUST** implement the protocol operation:
438 **get(filter)** - Retrieve (a filtered subset of) the running
439 configuration and device state information. This should include
440 the list of xNF supported schemas.
447 The xNF **MUST** implement the protocol operation:
448 **get-config(source, filter)** - Retrieve a (filtered subset of
449 a) configuration from the configuration datastore source.
456 The xNF **MUST** implement the protocol operation:
457 **kill-session(session)** - Force the termination of **session**.
464 The xNF **MUST** implement the protocol operation:
465 **lock(target)** - Lock the configuration datastore target.
472 The xNF **MUST** implement the protocol operation:
473 **unlock(target)** - Unlock the configuration datastore target.
480 The xNF **SHOULD** implement the protocol operation:
481 **copy-config(target, source) -** Copy the content of the
482 configuration datastore source to the configuration datastore target.
489 The xNF **SHOULD** implement the protocol operation:
490 **delete-config(target) -** Delete the named configuration
498 The xNF **SHOULD** implement the protocol operation:
499 **get-schema(identifier, version, format) -** Retrieve the YANG schema.
506 The xNF **MUST** allow all configuration data to be
507 edited through a NETCONF <edit-config> operation. Proprietary
508 NETCONF RPCs that make configuration changes are not sufficient.
515 The xNF **MUST** allow the entire configuration of the xNF to be
516 retrieved via NETCONF's <get-config> and <edit-config>, independently
517 of whether it was configured via NETCONF or other mechanisms.
524 The xNF **MUST** support **:partial-lock** and
525 **:partial-unlock** capabilities, defined in RFC 5717. This
526 allows multiple independent clients to each write to a different
527 part of the <running> configuration at the same time.
534 The xNF **MUST** support **:rollback-on-error** value for
535 the <error-option> parameter to the <edit-config> operation. If any
536 error occurs during the requested edit operation, then the target
537 database (usually the running configuration) will be left unaffected.
538 This provides an 'all-or-nothing' edit mode for a single <edit-config>
546 The xNF **MUST** support the **:startup** capability. It
547 will allow the running configuration to be copied to this special
548 database. It can also be locked and unlocked.
555 The xNF **MUST** support the **:url** value to specify
556 protocol operation source and target parameters. The capability URI
557 for this feature will indicate which schemes (e.g., file, https, sftp)
558 that the server supports within a particular URL value. The 'file'
559 scheme allows for editable local configuration databases. The other
560 schemes allow for remote storage of configuration databases.
567 The xNF **MUST** implement both **:candidate** and
568 **:writable-running** capabilities. When both **:candidate** and
569 **:writable-running** are provided then two locks should be supported.
576 The xNF **MUST** fully support the XPath 1.0 specification
577 for filtered retrieval of configuration and other database contents.
578 The 'type' attribute within the <filter> parameter for <get> and
579 <get-config> operations may be set to 'xpath'. The 'select' attribute
580 (which contains the XPath expression) will also be supported by the
581 server. A server may support partial XPath retrieval filtering, but
582 it cannot advertise the **:xpath** capability unless the entire XPath
583 1.0 specification is supported.
590 The xNF **MUST** implement the **:validate** capability.
597 The xNF **MUST** implement **:confirmed-commit** If
598 **:candidate** is supported.
605 The xNF **MUST** implement the **:with-defaults** capability
613 The xNF **MUST** implement the data model discovery and
614 download as defined in [RFC6022].
621 The xNF **MUST** define all data models in YANG [RFC6020],
622 and the mapping to NETCONF shall follow the rules defined in this RFC.
629 The xNF **MUST** follow the data model upgrade rules defined
630 in [RFC6020] section 10. All deviations from section 10 rules shall
631 be handled by a built-in automatic upgrade mechanism.
638 The xNF **MUST** support parallel and simultaneous
639 configuration of separate objects within itself.
646 The xNF **MUST** support locking if a common object is
647 being manipulated by two simultaneous NETCONF configuration operations
648 on the same xNF within the context of the same writable running data
649 store (e.g., if an interface parameter is being configured then it
650 should be locked out for configuration by a simultaneous configuration
651 operation on that same interface parameter).
658 The xNF **MUST** apply locking based on the sequence of
659 NETCONF operations, with the first configuration operation locking
660 out all others until completed.
667 The xNF **MUST** permit locking at the finest granularity
668 if a xNF needs to lock an object for configuration to avoid blocking
669 simultaneous configuration operations on unrelated objects (e.g., BGP
670 configuration should not be locked out if an interface is being
671 configured or entire Interface configuration should not be locked out
672 if a non-overlapping parameter on the interface is being configured).
679 The xNF **MUST** be able to specify the granularity of the
680 lock via a restricted or full XPath expression.
687 The xNF **MUST** guarantee the xNF configuration integrity
688 for all simultaneous configuration operations (e.g., if a change is
689 attempted to the BUM filter rate from multiple interfaces on the same
690 EVC, then they need to be sequenced in the xNF without locking either
691 configuration method out).
698 The xNF **MUST** release locks to prevent permanent lock-outs
699 when/if a session applying the lock is terminated (e.g., SSH session
707 The xNF **MUST** release locks to prevent permanent lock-outs
708 when the corresponding <partial-unlock> operation succeeds.
715 The xNF **MUST** release locks to prevent permanent lock-outs
716 when a user configured timer has expired forcing the NETCONF SSH Session
717 termination (i.e., product must expose a configuration knob for a user
718 setting of a lock expiration timer).
725 The xNF **MUST** allow another NETCONF session to be able to
726 initiate the release of the lock by killing the session owning the lock,
727 using the <kill-session> operation to guard against hung NETCONF sessions.
734 The xNF **MUST** support simultaneous <commit> operations
735 within the context of this locking requirements framework.
742 The xNF **MUST** support all operations, administration and
743 management (OAM) functions available from the supplier for xNFs using
744 the supplied YANG code and associated NETCONF servers.
751 The xNF **MUST** support sub tree filtering.
758 TThe xNF **MUST** support heartbeat via a <get> with null filter.
765 The xNF PACKAGE **MUST** validated YANG code using the open
766 source pyang [#7.3.1]_ program using the following commands:
770 $ pyang --verbose --strict <YANG-file-name(s)> $ echo $!
777 The xNF **MUST** have the echo command return a zero value
778 otherwise the validation has failed.
785 The xNF **MUST** support a NETCONF server that can be mounted on
786 OpenDaylight (client) and perform the operations of: modify, update,
787 change, rollback configurations using each configuration data element,
788 query each state (non-configuration) data element, execute each YANG
789 RPC, and receive data through each notification statement.
791 The following requirements provides the Yang models that suppliers must
792 conform, and those where applicable, that suppliers need to use.
800 The xNF **MUST** conform its YANG model to RFC 6060,
801 "YANG - A Data Modeling Language for the Network Configuration
809 The xNF **MUST** conform its YANG model to RFC 6470,
810 "NETCONF Base Notifications".
817 The xNF **MUST** conform its YANG model to RFC 6244,
818 "An Architecture for Network Management Using NETCONF and YANG".
825 The xNF **MUST** conform its YANG model to RFC 6087,
826 "Guidelines for Authors and Reviewers of YANG Data Model Documents".
833 The xNF **SHOULD** conform its YANG model to RFC 6991,
834 "Common YANG Data Types".
841 The xNF **SHOULD** conform its YANG model to RFC 6536,
842 "NETCONF Access Control Model".
849 The xNF **SHOULD** conform its YANG model to RFC 7223,
850 "A YANG Data Model for Interface Management".
857 The xNF **SHOULD** conform its YANG model to RFC 7223,
858 "IANA Interface Type YANG Module".
865 The xNF **SHOULD** conform its YANG model to RFC 7277,
866 "A YANG Data Model for IP Management".
873 The xNF **SHOULD** conform its YANG model to RFC 7317,
874 "A YANG Data Model for System Management".
881 The xNF **SHOULD** conform its YANG model to RFC 7407,
882 "A YANG Data Model for SNMP Configuration", if Netconf used to
883 configure SNMP engine.
885 The NETCONF server interface shall fully conform to the following
894 The xNF **MUST** conform to the NETCONF RFC 4741,
895 "NETCONF Configuration Protocol".
902 The xNF **MUST** conform to the NETCONF RFC 4742,
903 "Using the NETCONF Configuration Protocol over Secure Shell (SSH)".
910 The xNF **MUST** conform to the NETCONF RFC 5277,
911 "NETCONF Event Notification".
918 The xNF **MUST** conform to the NETCONF RFC 5717,
919 "Partial Lock Remote Procedure Call".
926 The xNF **MUST** conform to the NETCONF RFC 6241,
927 "NETCONF Configuration Protocol".
934 The xNF **MUST** conform to the NETCONF RFC 6242,
935 "Using the Network Configuration Protocol over Secure Shell".
940 HealthCheck is a command for which no NETCONF support exists.
941 Therefore, this must be supported using a RESTful interface
942 (defined in this section) or with a Chef cookbook/Ansible playbook
943 (defined in sections `Chef Standards and Capabilities`_ and
944 `Ansible Standards and Capabilities`_).
946 HealthCheck Definition: The VNF level HealthCheck is a check over
947 the entire scope of the VNF. The VNF must be 100% healthy, ready
948 to take requests and provide services, with all VNF required
949 capabilities ready to provide services and with all active and
950 standby resources fully ready with no open MINOR, MAJOR or CRITICAL
951 alarms. NOTE: A switch may need to be turned on, but the VNF should
952 be ready to take service requests or be already processing service
953 requests successfully.
955 The VNF must provide a REST formatted GET RPCs to support HealthCheck
956 queries via the GET method over HTTP(s).
958 The port number, url, and other authentication information is provided
970 The xNF **MUST** support the HealthCheck RPC. The HealthCheck
971 RPC executes a xNF Provider-defined xNF HealthCheck over the scope of
972 the entire xNF (e.g., if there are multiple VNFCs, then run a health check,
973 as appropriate, for all VNFCs). It returns a 200 OK if the test completes.
974 A JSON object is returned indicating state (healthy, unhealthy), scope
975 identifier, time-stamp and one or more blocks containing info and fault
976 information. If the xNF is unable to run the HealthCheck, return a
977 standard http error code and message.
979 Examples of responses when HealthCheck runs and is able to provide a healthy
980 or unhealthy response:
985 "identifier": "scope represented",
987 "time": "01-01-1000:0000"
991 "identifier": "scope represented",
992 "state": "unhealthy",
994 "info": "System threshold exceeded details",
1001 "time": "01-01-1000:0000"
1005 Chef Standards and Capabilities
1006 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1008 ONAP will support configuration of VNFs via Chef subject to the
1009 requirements and guidelines defined in this section.
1011 The Chef configuration management mechanism follows a client-server
1012 model. It requires the presence of a Chef-Client on the VNF that will be
1013 directly managed by a Chef Server. The Chef-client will register with
1014 the appropriate Chef Server and are managed via 'cookbooks' and
1015 configuration attributes loaded on the Chef Server which contain all
1016 necessary information to execute the appropriate actions on the VNF via
1019 ONAP will utilize the open source Chef Server, invoke the documented
1020 Chef REST APIs to manage the VNF and requires the use of open source
1021 Chef-Client and Push Jobs Client on the VNF
1022 (https://downloads.chef.io/).
1024 VNF Configuration via Chef Requirements
1025 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1027 Chef Client Requirements
1028 +++++++++++++++++++++++++
1036 The xNF **MUST** have the chef-client be preloaded with
1037 validator keys and configuration to register with the designated
1038 Chef Server as part of the installation process.
1045 The xNF **MUST** have routable FQDNs for all the endpoints
1046 (VMs) of a xNF that contain chef-clients which are used to register
1047 with the Chef Server. As part of invoking xNF actions, ONAP will
1048 trigger push jobs against FQDNs of endpoints for a xNF, if required.
1055 The xNF **MAY** expose a single endpoint that is
1056 responsible for all functionality.
1063 The xNF **MUST** be installed with Chef-Client >= 12.0 and Chef
1064 push jobs client >= 2.0.
1066 Chef Roles/Requirements
1067 ++++++++++++++++++++++++++
1075 The xNF Package **MUST** include all relevant Chef artifacts
1076 (roles/cookbooks/recipes) required to execute xNF actions requested by
1077 ONAP for loading on appropriate Chef Server.
1084 The xNF Package **MUST** include a run list of
1085 roles/cookbooks/recipes, for each supported xNF action, that will
1086 perform the desired xNF action in its entirety as specified by ONAP
1087 (see Section 7.c, ONAP Controller APIs and Behavior, for list of xNF
1088 actions and requirements), when triggered by a chef-client run list
1096 The xNF **MUST NOT** use any instance specific parameters
1097 for the xNF in roles/cookbooks/recipes invoked for a xNF action.
1104 The xNF **MUST** accept all necessary instance specific
1105 data from the environment or node object attributes for the xNF
1106 in roles/cookbooks/recipes invoked for a xNF action.
1113 The xNF **MUST** over-ride any default values for
1114 configurable parameters that can be set by ONAP in the roles,
1115 cookbooks and recipes.
1122 The xNF **MUST** update status on the Chef Server
1123 appropriately (e.g., via a fail or raise an exception) if the
1124 chef-client run encounters any critical errors/failures when
1125 executing a xNF action.
1132 The xNF **MUST** populate an attribute, defined as node
1133 ['PushJobOutput'] with the desired output on all nodes in the push job
1134 that execute chef-client run if the xNF action requires the output of a
1135 chef-client run be made available (e.g., get running configuration).
1142 The xNF Package **MUST** have appropriate cookbooks that are
1143 designed to automatically 'rollback' to the original state in case of
1144 any errors for actions that change state of the xNF (e.g., configure).
1151 The xNF **SHOULD** support callback URLs to return information
1152 to ONAP upon completion of the chef-client run for any chef-client run
1153 associated with a xNF action.
1155 - As part of the push job, ONAP will provide two parameters in the
1156 environment of the push job JSON object:
1158 - "RequestId" a unique Id to be used to identify the request,
1159 - "CallbackUrl", the URL to post response back.
1161 - If the CallbackUrl field is empty or missing in the push job, then
1162 the chef-client run need not post the results back via callback.
1169 The xNF **MUST** Upon completion of the chef-client run,
1170 POST back on the callback URL, a JSON object as described in Table
1171 A2 if the chef-client run list includes a cookbook/recipe that is
1172 callback capable. Failure to POST on the Callback Url should not be
1173 considered a critical error. That is, if the chef-client successfully
1174 completes the xNF action, it should reflect this status on the Chef
1175 Server regardless of whether the Callback succeeded or not.
1180 This section outlines the workflow that ONAP invokes when it receives an
1181 action request against a Chef managed VNF.
1183 1. When ONAP receives a request for an action for a Chef Managed VNF, it
1184 retrieves the corresponding template (based on **action** and
1185 **VNF)** from its database and sets necessary values in the
1186 "Environment", "Node" and "NodeList" keys (if present) from either
1187 the payload of the received action or internal data.
1189 2. If "Environment" key is present in the updated template, it posts the
1190 corresponding JSON dictionary to the appropriate Environment object
1191 REST endpoint on the Chef Server thus updating the Environment
1192 attributes on the Chef Server.
1194 3. Next, it creates a Node Object from the "Node" JSON dictionary for
1195 all elements listed in the NodeList (using the FQDN to construct the
1196 endpoint) by replicating it [#7.3.2]_. As part of this process, it will
1197 set the name field in each Node Object to the corresponding FQDN.
1198 These node objects are then posted on the Chef Server to
1199 corresponding Node Object REST endpoints to update the corresponding
1202 4. If PushJobFlag is set to "True" in the template, ONAP requests a push
1203 job against all the nodes in the NodeList to trigger
1204 chef-client\ **.** It will not invoke any other command via the push
1205 job. ONAP will include a callback URL in the push job request and a
1206 unique Request Id. An example push job posted by ONAP is listed
1209 .. code-block:: java
1212 "command": "chef-client"
1214 "nodes": ["node1.vnf\_a.onap.com", "node2.vnf\_a.onap.com"]
1216 "RequestId":"8279-abcd-aksdj-19231"
1217 "CallbackUrl":"<callback>"
1222 5. If CallbackCapable field in the template is not present or set to
1223 "False" ONAP will poll the Chef Server to check completion status of
1226 6. If "GetOutputFlag" is set to "True" in the template and
1227 CallbackCapable is not set to "True", ONAP will retrieve any output
1228 from each node where the push job has finished by accessing the Node
1229 Object attribute node['PushJobOutput'].
1231 Ansible Standards and Capabilities
1232 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1234 ONAP will support configuration of VNFs via Ansible subject to the
1235 requirements and guidelines defined in this section.
1237 Ansible allows agentless management of VNFs/VMs/VNFCs via execution
1238 of 'playbooks' over ssh. The 'playbooks' are a structured set of
1239 tasks which contain all the necessary resources and execution capabilities
1240 to take the necessary action on one or more target VMs (and/or VNFCs)
1241 of the VNF. ONAP will utilize the framework of an Ansible Server that
1242 will host all Ansible artifacts and run playbooks to manage VNFs that support
1245 VNF Configuration via Ansible Requirements
1246 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1248 Ansible Client Requirements
1249 +++++++++++++++++++++++++++++
1257 The xNF **MUST** have routable FQDNs that are reachable via
1258 the Ansible Server for the endpoints (VMs) of a xNF on which playbooks
1259 will be executed. ONAP will initiate requests to the Ansible Server
1260 for invocation of playbooks against these end points [#7.3.3]_.
1267 The xNF **MUST** have Python >= 2.6 on the endpoint VM(s)
1268 of a xNF on which an Ansible playbook will be executed.
1275 The xNF **MUST** support SSH and allow SSH access by the
1276 Ansible server for the endpoint VM(s) and comply with the Network
1277 Cloud Service Provider guidelines for authentication and access.
1284 The xNF **MUST** load the Ansible Server SSH public key onto xNF
1285 VM(s) as part of instantiation. This will allow the Ansible Server
1286 to authenticate to perform post-instantiation configuration without
1287 manual intervention and without requiring specific xNF login IDs and
1290 CAUTION: For VNFs configured using Ansible, to eliminate the need
1291 for manual steps, post-instantiation and pre-configuration, to
1292 upload of SSH public keys, SSH public keys loaded during (heat)
1293 instantiation shall be preserved and not removed by (heat) embedded
1301 The xNF **MUST** include as part of post-instantiation configuration
1302 done by Ansible Playbooks the removal/update of the SSH public key from
1303 /root/.ssh/authorized_keys, and update of SSH keys loaded through
1304 instantiation to support Ansible. This may include download and install of
1305 new SSH keys and new mechanized IDs.
1312 The xNF **MUST** update the Ansible Server and other entities
1313 storing and using the SSH keys for authentication when the SSH
1314 keys used by Ansible are regenerated/updated.
1316 Note: Ansible Server itself may be used to upload new SSH public
1317 keys onto supported VNFs.
1319 Ansible Playbook Requirements
1320 +++++++++++++++++++++++++++++++
1322 An Ansible playbook is a collection of tasks that is executed on the
1323 Ansible server (local host) and/or the target VM (s) in order to
1324 complete the desired action.
1332 The xNF **MUST** make available playbooks that conform
1333 to the ONAP requirement.
1340 The xNF **MUST** support each ONAP (APPC) xNF action
1341 by invocation of **one** playbook [#7.3.4]_. The playbook will be responsible
1342 for executing all necessary tasks (as well as calling other playbooks)
1343 to complete the request.
1350 The xNF **MUST NOT** use any instance specific parameters
1358 The xNF **MUST** utilize information from key value pairs
1359 that will be provided by the Ansible Server as "extra-vars" during
1360 invocation to execute the desired xNF action. If the playbook requires
1361 files, they must also be supplied using the methodology detailed in
1362 the Ansible Server API, unless they are bundled with playbooks, example,
1365 The Ansible Server will determine if a playbook invoked to execute a
1366 xNF action finished successfully or not using the "PLAY_RECAP" summary
1367 in Ansible log. The playbook will be considered to successfully finish
1368 only if the "PLAY RECAP" section at the end of playbook execution output
1369 has no unreachable hosts and no failed tasks. Otherwise, the playbook
1370 will be considered to have failed.
1378 The xNF **MUST** use playbooks designed to allow Ansible
1379 Server to infer failure or success based on the "PLAY_RECAP" capability.
1381 Note: There are cases where playbooks need to interpret results
1382 of a task and then determine success or failure and return result
1383 accordingly (failure for failed tasks).
1390 The xNF **MUST** write to a specific one text files that
1391 will be retrieved and made available by the Ansible Server if, as part
1392 of a xNF action (e.g., audit), a playbook is required to return any
1393 xNF information. The text files must be written in the same directory as
1394 the one from which the playbook is being executed. A text file must be
1395 created for the xNF playbook run targets/affects, with the name
1396 '<VNFname>_results.txt' into which any desired output from each
1397 respective VM/xNF must be written.
1404 The xNF **SHOULD** use playbooks that are designed to
1405 automatically 'rollback' to the original state in case of any errors
1406 for actions that change state of the xNF (e.g., configure).
1408 Note: In case rollback at the playbook level is not supported or
1409 possible, the xNF provider shall provide alternative locking
1410 mechanism (e.g., for a small xNF the rollback mechanism may rely
1411 on workflow to terminate and re-instantiate VNF VMs and then re-run
1412 playbook(s)). Backing up updated files also recommended to support
1413 rollback when soft rollback is feasible.
1418 :keyword: SHOULD NOT
1420 The xNF **SHOULD NOT** use playbooks that make requests to
1421 Cloud resources e.g. Openstack (nova, neutron, glance, heat, etc.);
1422 therefore, there is no use for Cloud specific variables like Openstack
1423 UUIDs in Ansible Playbooks.
1425 Rationale: Flows that require interactions with Cloud services e.g.
1426 Openstack shall rely on workflows run by an Orchestrator
1427 (Change Management) or other capability (such as a control loop or
1428 Operations GUI) outside Ansible Server which can be executed by a
1429 Controller such as APPC. There are policies, as part of Control Loop
1430 models, that send remediation action requests to APPC; these are
1431 triggered as a response to an event or correlated events published
1439 The xNF **SHOULD** use the Ansible backup feature to save a
1440 copy of configuration files before implementing changes to support
1441 operations such as backing out of software upgrades, configuration
1442 changes or other work as this will help backing out of configuration
1443 changes when needed.
1450 The xNF **MUST** return control from Ansible Playbooks only
1451 after tasks are fully complete, signaling that the playbook completed
1452 all tasks. When starting services, return control only after all services
1453 are up. This is critical for workflows where the next steps are dependent
1454 on prior tasks being fully completed.
1458 StopApplication Playbook – StopApplication Playbook shall return control
1459 and a completion status only after VNF application is fully stopped, all
1460 processes/services stopped.
1461 StartApplication Playbook – StartApplication Playbook shall return control
1462 and a completion status only after all VNF application services are fully up,
1463 all processes/services started and ready to provide services. NOTE: Start
1464 Playbook should not be declared complete/done after starting one or several
1465 processes that start the other processes.
1467 HealthCheck Playbook:
1469 SUCCESS – HealthCheck success shall be returned (return code 0) by a
1470 Playbook or Cookbook only when VNF is 100% healthy, ready to take requests
1471 and provide services, with all VNF required capabilities ready to provide
1472 services and with all active and standby resources fully ready with no
1473 open MINOR, MAJOR or CRITICAL alarms.
1475 NOTE: In some cases, a switch may need to be turned on, but a VNF
1476 reported as healthy, should be ready to take service requests or be
1477 already processing service requests successfully.
1479 A successful execution of a health-check playbook shall also create one
1480 file per VNF VM, named after the VNF instance name followed by
1481 "_results.txt (<vnf_instance>_results.txt) to indicate health-check was
1482 executed and completed successfully, example: vfdb9904v_results.txt,
1483 with the following contents:
1485 .. code-block:: java
1488 "identifier": "VNF",
1490 "time": "2018-03-16:1139"
1495 .. code-block:: java
1497 $ cat vfdb9904v_results.txt
1499 "identifier": "VNF",
1501 "time": "2018-03-16:1139"
1505 FAILURE – A health check playbook shall return a non-zero return code in
1506 case VNF is not 100% healthy because one or more VNF application processes
1507 are stopped or not ready to take service requests or because critical or
1508 non-critical resources are not ready or because there are open MINOR, MAJOR
1509 or CRITICAL traps/alarms or because there are issues with the VNF that
1510 need attention even if they do not impact services provided by the VNF.
1512 A failed health-check playbook shall also create one file per VNF,
1513 named after the VNF instance name, followed by
1514 "_results.txt to indicate health-check was executed and found issues
1515 in the health of the VNF. This is to differentiate from failure to
1516 run health-check playbook or playbook tasks to verify the health of the VNF,
1517 example: vfdb9904v_results.txt, with the following contents:
1519 .. code-block:: java
1522 "identifier": "VNF",
1523 "state": "unhealthy",
1524 "info": "Error in following VM(s). Check hcstatus files
1525 under /tmp/ccfx9901v for details",
1530 "time": "2018-03-16:4044"
1536 .. code-block:: java
1538 $ cat vfdb9904v_results.txt
1540 "identifier": "VNF",
1541 "state": "unhealthy",
1542 "info": "Error in following VM(s). Check hcstatus files
1543 under /tmp/ccfx9901v for details",
1548 "time": "2018-03-16:4044"
1552 See `VNF REST APIs`_ for additional details on HealthCheck.
1556 ONAP Controller / Ansible API Usage
1557 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1559 This section outlines the workflow that ONAP Controller invokes when
1560 it receives an action request against an Ansible managed VNF.
1562 #. When ONAP Controller receives a request for an action for an
1563 AnsibleManaged VNF, it retrieves the corresponding template (based
1564 on **action** and **VNF**) from its database and sets necessary
1565 values (such as an Id, NodeList, and EnvParameters) from either
1566 information in the request or data obtained from other sources.
1567 This is referred to as the payload that is sent as a JSON object
1568 to the Ansible server.
1569 #. The ONAP Controller sends a request to the Ansible server to
1571 #. The ONAP Controller polls the Ansible Server for result (success
1572 or failure). The ONAP Controllers has a timeout value which is
1573 contained in the template. If the result is not available when the
1574 timeout is reached, the ONAP Controller stops polling and returns a
1575 timeout error to the requester. The Ansible Server continues to
1576 process the request.
1579 Support of Controller Commands And Southbound Protocols
1580 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1582 The following table summarizes the commands and possible protocols selected.
1583 Note that the HealthCheck can also be supported via REST.
1585 Table 8. ONAP Controller APIs and NETCONF Commands
1587 +-------------+--------------------+--------------------+--------------------+
1588 |**Command** |**NETCONF Support** |**Chef Support** |**Ansible** |
1589 +=============+====================+====================+====================+
1590 |General |For each RPC, the |VNF Vendor must |VNF Vendor must |
1591 |Comments |appropriate RPC |provide any |provide an Ansible |
1592 | |operation is listed.|necessary roles, |playbook to retrieve|
1593 | | |cookbooks, recipes |the running |
1594 | | |to retrieve the |configuration from a|
1595 | | |running |VNF and place the |
1596 | | |configuration from |output on the |
1597 | | |a VNF and place it |Ansible server in |
1598 | | |in the respective |a manner aligned |
1599 | | |Node Objects |with playbook |
1600 | | |'PushJobOutput' |requirements listed |
1601 | | |attribute of all |in this document. |
1602 | | |nodes in NodeList | |
1603 | | |when triggered |The PlaybookName |
1604 | | |by a chef-client |must be provided |
1605 | | |run. |in the JSON file. |
1607 | | |The JSON file for |NodeList must list |
1608 | | |this VNF action is |IP addresses or DNS |
1609 | | |required to set |supported FQDNs of |
1610 | | |"PushJobFlag" to |an example VNF |
1611 | | |"True" and |on which to |
1612 | | |"GetOutputFlag" to |execute playbook. |
1613 | | |"True". The "Node" | |
1614 | | |JSON dictionary | |
1615 | | |must have the run | |
1616 | | |list populated | |
1617 | | |with the necessary | |
1618 | | |sequence of roles, | |
1619 | | |cookbooks, recipes. | |
1621 | | |The Environment | |
1622 | | |and Node values | |
1623 | | |should contain all | |
1624 | | |appropriate | |
1625 | | |configuration | |
1626 | | |attributes. | |
1628 | | |NodeList must | |
1629 | | |list sample FQDNs | |
1630 | | |that are required to| |
1632 | | |chef-client run for | |
1633 | | |this VNF Action. | |
1634 +-------------+--------------------+--------------------+--------------------+
1635 |Audit |The <get-config> is |Supported via a |Supported via a |
1636 | |used to return the |cookbook that |playbook that |
1637 | |running |returns the running |returns the running |
1638 | |configuration. |configuration. |configuration. |
1639 +-------------+--------------------+--------------------+--------------------+
1640 |Configure, |The <edit-config> |Supported via a |Supported via a |
1641 |ModifyConfig |operation loads all |cookbook that |playbook that |
1642 | |or part of a |updates the VNF |updates the VNF |
1643 | |specified data set |configuration. |configuration. |
1644 | |to the specified | | |
1645 | |target database. If | | |
1646 | |there is no | | |
1647 | |<candidate/> | | |
1648 | |database, then the | | |
1649 | |target is the | | |
1650 | |<running/> database.| | |
1651 | |A <commit> follows. | | |
1652 +-------------+--------------------+--------------------+--------------------+
1653 |Other |This command has no |Supported via a |Supported via a |
1654 |Configuration|existing NETCONF RPC|cookbook that |playbook that |
1655 |Commands |action. |performs |performs |
1656 | | |the action. |the action. |
1657 +-------------+--------------------+--------------------+--------------------+
1658 |Lifecycle |This command has no |Supported via a |Supported via a |
1659 |Management |existing NETCONF RPC|cookbook that |playbook that |
1660 |Commands |action. |performs |performs |
1661 | | |the action. |the action. |
1662 +-------------+--------------------+--------------------+--------------------+
1663 |Health Check |This command has no |Supported via a |Supported |
1664 | |existing NETCONF RPC|cookbook |via a |
1665 | |action. |that |playbook |
1666 | | |performs |that |
1667 | | |a HealthCheck and |performs |
1668 | | |returns the results.|the |
1669 | | | |HealthCheck |
1670 | | | |and returns |
1673 +-------------+--------------------+--------------------+--------------------+
1676 https://github.com/mbj4668/pyang
1679 Recall that the Node Object **is required** to be identical across
1680 all VMs of a VNF invoked as part of the action except for the "name".
1683 Upstream elements must provide the appropriate FQDN in the request to
1684 ONAP for the desired action.
1687 Multiple ONAP actions may map to one playbook.