1 .. Modifications Copyright © 2017-2018 AT&T Intellectual Property.
3 .. Licensed under the Creative Commons License, Attribution 4.0 Intl.
4 (the "License"); you may not use this documentation except in compliance
5 with the License. You may obtain a copy of the License at
7 .. https://creativecommons.org/licenses/by/4.0/
9 .. Unless required by applicable law or agreed to in writing, software
10 distributed under the License is distributed on an "AS IS" BASIS,
11 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 See the License for the specific language governing permissions and
13 limitations under the License.
15 .. _vnf_configuration_management:
17 Configuration Management
18 ------------------------
19 The protocol used to communicate with VNF or PNF for life cycle management (LCM) operations are NETCONF, Ansible, Chef, and REST.
20 A VNF or PNF shall support at least one of communication protocols as specified in the requirement R-305645.
26 :introduced: frankfurt
28 The VNF or PNF MUST support configuration management including
29 life cycle management (LCM) using at least one of the following
30 protocols a)NETCONF/YANG, b)Ansible and c)Chef.
32 Since Frankfurt release, SO building blocks can use either APPC client or CDS client
33 for life cycle management (LCM) operations. The associated API is either APPC/SDN-C LCM API or CDS self-service API.
34 A VNF or PNF must support LCM operations that using either of two APIs.
35 The selection of which API to use for LCM operations for a given PNF/VNF type is defined in design time by the service designer.
37 The requirements for supporting of SDN-C/APPC LCM API for LCM operations are documented in section 7.3.1.
39 Controller Interactions With VNF or PNF
40 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
41 This section is not applicable to LCM operations using CDS self-service API.
43 APPC/SDN-C expose a northbound API to clients (such as SO) in order for
44 the clients to initiate an activity (aka command) on a VNF or PNF. APPC/SDN-C
45 interact with VNFs or PNFs through Network and Application Adapters to perform
46 configuration and other lifecycle management activities within NFV environment.
47 The standardized models, protocols and mechanisms by which network functions
48 are configured are equally applicable to VNFs and PNFs.
50 This section describes the list of commands that should be supported
51 by the VNF or PNF. The following sections describe the standard protocols
52 that are supported (NETCONF, Chef, Ansible, and REST).
54 The commands below are expected to be supported on all VNF or PNF's, unless
55 The commands below are expected to be supported on all VNF or PNF's, unless
56 noted otherwise, either directly (via the NETCONF or REST interface)
57 or indirectly (via a Chef Cookbook or Ansible server).
59 **Note that there are additional commands offered to northbound clients that
60 are not shown below, as these commands either act internally on APPC/SDN-C
61 itself or depend upon network cloud components for implementation (thus, these
62 actions do not put any special requirement on the VNF or PNF provider).**
64 The commands allow for parametric data to be passed from APPC/SDN-C
65 to the VNF or PNF or Ansible/Chef server in the request. The format of the
66 parameter data can be either xml (for NETCONF) or JSON (for Ansible,
69 Configuration Commands
70 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 ``Configure``: The APPC/SDN-C client is requesting that a post-instantiation
73 configuration be applied to the target VNF or PNF. After the Configure
74 action is completed, the VNF or PNF instance should be ready for service.
75 Note that customer specific configurations may need to be applied using
76 the ConfigModify action. This command requires exclusive access rights of
79 ``ConfigModify``: The APPC client is requesting a configuration
80 update to a subset of the total configuration parameters of an VNF or PNF or to
81 apply customer specific configurations. The configuration update is
82 typically done while the VNF or PNF is in service and should not disrupt
83 traffic. This command requires exclusive access rights of the VNF or PNF.
85 ``ConfigBackup``: The APPC client is requesting a backup of the
86 configuration parameters where the parameters are stored on the VNF or PNF.
87 This command is typically requested as part of an orchestration flow
88 for scenarios such as a software upgrade. The ConfigBackup is typically
89 done while the VNF or PNF is not in service (i.e., in a maintenance state).
90 When the ConfigBackup command is executed, the current VNF or PNF configuration
91 parameters are saved in storage that is preserved (if there is an existing
92 set of backed up parameters, they are overwritten). This command requires
93 exclusive access rights of the VNF or PNF.
95 ``ConfigRestore``: The APPC client is requesting a restore action of
96 the configuration parameters to the VNF or PNF that were saved by ConfigBackup
97 command. This command is typically requested as part of an orchestration
98 flow for scenarios such as a software upgrade where the software upgrade
99 may have failed and the VNF or PNF needs to be rolled back to the prior
101 When the ConfigRestore command is executed, the VNF or PNF configuration
102 parameters which were backed to persistent preserved storage are applied to the
103 VNF or PNF (replacing existing parameters). The ConfigRestore is typically done
104 while the VNF or PNF is not in service (i.e., in a maintenance state). This
105 command requires exclusive access rights of the VNF or PNF.
107 ``ConfigScaleOut``: The APPC/SDN-C client is requesting that a configuration
108 be applied after the VNF instance has been scaled out (i.e., one or more
109 additional VM's instantiated to increase capacity). For some VNF's,
110 ConfigScaleOut is not needed because the VNF is auto-configured after
111 scale-out. This command is being introduced in the Beijing release to support
112 manual Scale Out and will be extended to support Auto ScaleOut in Casablanca
113 release. This command requires exclusive access rights of the VNF.
115 ``Audit``: The APPC client is requesting that the current (last known
116 configuration update) is audited against the running configuration on the VNF
125 The VNF or PNF **MUST** support APPC/SDN-C ``Configure`` command.
133 The VNF or PNF **MUST** support APPC ``ConfigModify`` command.
141 The VNF or PNF **MUST** support APPC ``ConfigBackup`` command.
149 The VNF or PNF **MUST** support APPC ``ConfigRestore`` command.
157 The VNF or PNF **MUST** support APPC/SDN-C ``ConfigScaleOut`` command.
165 The VNF or PNF **MUST** support APPC ``Audit`` command.
167 Lifecycle Management Related Commands
168 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
170 **The following commands are needed to support various lifecycle management
171 flows where the VNF may need to be removed for service.**
173 Full details on the APIs can be found in the
174 :doc:`APPC LCM API Guide <../../../../appc.git/docs/APPC LCM API Guide/APPC LCM API Guide>`
176 ``DistributeTraffic`` The APPC/SDN-C client is requesting a change to
177 traffic distribution (redistribution) done by a traffic balancing/distribution
178 entity (aka anchor point) or mechanism. This action targets the traffic
179 balancing/distribution entity, in some cases DNS, other cases a load balancer
180 external to the VNF instance, as examples. Traffic distribution (weight)
181 changes intended to take a VNF instance out of service are completed only
182 when all in-flight traffic/transactions have been completed. To complete
183 the traffic redistribution process, gracefully taking a VNF instance
184 out-of-service, without dropping in-flight calls or sessions, QuiesceTraffic
185 command may need to follow traffic distribution changes (assigning weight 0
186 or very low weight to VNF instance). The VNF application remains in an active
189 ``QuiesceTraffic`` The APPC/SDN-C client is requesting the VNF or PNF
190 gracefully stop traffic (aka block and drain traffic). The method for quiescing
191 traffic is specific to the VNF or PNF architecture. The action is completed
192 when all (in-flight transactions) traffic has stopped. The VNF or PNF remains
193 in an active state where the VNF or PNF is able to process traffic (initiated
194 using the ResumeTraffic action).
196 ``ResumeTraffic``: The APPC/SDN-C client is requesting the VNF or PNF resume
197 processing traffic. The method to resume traffic is specific to the VNF or PNF
200 ``StopApplication``: The APPC client is requesting that the application
201 running on the VNF or PNF is stopped gracefully (i.e., without traffic loss).
202 This is equivalent to quiescing the traffic and then stopping the application
203 processes. The processes can be restarted using the StartApplication command.
205 ``StartApplication``: The APPC client is requesting that the application
206 running on the VNF or PNF is started. Get ready to process traffic.
207 Traffic processing can be resumed using the ResumeTraffic command.
209 **The following commands are needed to support software upgrades, in-place or
210 other type of software upgrade. The VNF or PNF instance may be removed from
211 service for the upgrade.**
213 ``UpgradePrecheck``: The APPC/SDN-C client is requesting a confirmation that
214 the VNF or PNF can (and needs to) be upgraded to a specific software version
215 (specified in the request). Checking software installed and running on
216 the VNF or PNF matches software version, intended to be upgraded, is one of the
219 ``UpgradeSoftware``: The APPC/SDN-C client is requesting that a (in-place)
220 software upgrade be performed on the VNF or PNF. The software to be applied is
221 pre-loaded to a specified location.
223 ``UpgradePostCheck``: The APPC/SDN-C client is requesting a confirmation that
224 the VNF or PNF software upgrade has been completed successfully (VNF or PNF
225 upgraded to the new software version). Checking software installed and running
226 on the VNF or PNF matches software version, of the newly upgraded software, is
227 one of the recommended checks.
229 ``UpgradeBackup``: The APPC/SDN-C client is requesting that the VNF or PNF is
230 backed up prior to the UpgradeSoftware.
232 ``UpgradeBackOut``: The APPC/SDN-C client is requesting that the VNF or PNF
233 upgrade is backed out (in the event that the SoftwareUpgrade or
234 UpgradePostCheck failed).
240 :introduced: casablanca
243 The VNF or PNF **MUST**, if serving as a distribution point or anchor point for
244 steering point from source to destination, support the ONAP Controller's
245 ``DistributeTraffic`` command.
253 The VNF or PNF **MUST** support APPC/SDN-C ``QuiesceTraffic`` command.
261 The VNF or PNF **MUST** support APPC/SDN-C ``ResumeTraffic`` command.
269 The VNF or PNF **MUST** support APPC ``StopApplication`` command.
277 The VNF or PNF **MUST** support APPC ``StartApplication`` command.
285 The VNF or PNF **MUST** support APPC/SDN-C ``UpgradePrecheck`` command.
293 The VNF or PNF **MUST** support APPC/SDN-C ``UpgradeSoftware`` command.
301 The VNF or PNF **MUST** support APPC/SDN-C ``UpgradePostCheck`` command.
309 The VNF or PNF **MUST** support APPC/SDN-C ``UpgradeBackup`` command.
317 The VNF or PNF **MUST** support APPC/SDN-C ``UpgradeBackOut`` command.
320 HealthCheck and Failure Related Commands
321 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
323 ``HealthCheck`` The APPC/SDN-C client is requesting a health check over the
324 entire scope of the VNF or PNF. The VNF or PNF must be 100% healthy, ready to
325 take requests and provide services, with all VNF or PNF required capabilities
326 ready to provide services and with all active and standby resources fully ready
327 with no open MINOR, MAJOR or CRITICAL alarms. This is expected to be the
328 default in the event that no parameter is passed to the Healthcheck playbook,
331 Some VNFs or PNFs may support and desire to run partial healthchecks and
332 receive a successful response when partial health check completes without
333 errors. The parameter name used by HealthCheck playbook to request non-default
334 partial health check is healthcheck_type. Example of health check types
335 could be healthcheck_type=GuestOS, healthcheck_type=noDB,
336 healthcheck_type=noConnections, healthcheck_type=IgnoreAlarms, etc..
337 This attribute-value pair may be passed by the Orchestrator or Workflow
338 or other (northbound) APPC/SDN-C clients to the APPC/SDN-C as part of the
341 **Note**: In addition to the commands above, the APPC/SDN-C supports a set of
342 Openstack failure recovery related commands that are executed on-demand or via
343 Control Loop at the VM level. The VNF must support these commands in a fully
352 The VNF or PNF **MUST** support APPC/SDN-C ``HealthCheck`` command.
354 Notes On Command Support Using APPC/SDN-C Southbound Protocols
355 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
357 APPC/SDN-C are designed to support a standard set of protocols in
358 order to communicate with the VNF or PNF instance. The supported protocols are
359 NETCONF, Ansible, Chef, and REST.
361 NETCONF and REST require the VNF or PNF to implement a server which supports
362 the RPC or REST calls.
364 Ansible and Chef require the use of a Ansible or Chef server which communicates
365 with the APPC/SDN-C (northbound) and the VNF or PNF VM's (southbound).
367 The vendor must select which protocol to support for the commands listed above.
370 * NETCONF is most suitable for configuration related commands.
372 * Ansible and Chef are suitable for any command.
373 Ansible has the advantage that it is agentless.
375 * REST is specified as an option only for the HealthCheck.
378 Additional details can be found in the
379 `ONAP Application Controller (APPC) API Guide <https://onap.readthedocs.io/en/latest/submodules/appc.git/docs/index.html>`_,
380 `ONAP VF-C project <https://onap.readthedocs.io/en/latest/submodules/vfc/nfvo/lcm.git/docs/index.html>`_ and
381 the `ONAP SDNC project <https://onap.readthedocs.io/en/latest/submodules/sdnc/oam.git/docs/index.html>`_.
383 NETCONF Standards and Capabilities
384 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
386 APPC/SDN-C and their Adapters utilize device YANG model and
387 NETCONF APIs to make the required changes in the VNF or PNF state and
388 configuration. The VNF or PNF providers must provide the Device YANG model and
389 NETCONF server supporting NETCONF APIs to comply with target ONAP and
392 VNF or PNF Configuration via NETCONF Requirements
393 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
395 Configuration Management
396 +++++++++++++++++++++++++++
405 The VNF or PNF **MUST** include a NETCONF server enabling
406 runtime configuration and lifecycle management capabilities.
414 The VNF or PNF **MUST** provide a NETCONF interface fully defined
415 by supplied YANG models for the embedded NETCONF server.
417 NETCONF Server Requirements
418 ++++++++++++++++++++++++++++++
427 The VNF or PNF **MUST** allow the NETCONF server connection
428 parameters to be configurable during virtual machine instantiation
429 through Heat templates where SSH keys, usernames, passwords, SSH
430 service and SSH port numbers are Heat template parameters.
438 The VNF or PNF **MUST** implement the protocol operation:
439 ``close-session()`` - Gracefully close the current session.
447 The VNF or PNF **MUST** implement the protocol operation:
448 ``commit(confirmed, confirm-timeout)`` - Commit candidate
449 configuration data store to the running configuration.
457 The VNF or PNF **MUST** implement the protocol operation:
458 ``discard-changes()`` - Revert the candidate configuration
459 data store to the running configuration.
467 The VNF or PNF **MUST** implement the protocol operation:
468 ``edit-config(target, default-operation, test-option, error-option,
469 config)`` - Edit the target configuration data store by merging,
470 replacing, creating, or deleting new config elements.
478 The VNF or PNF **MUST** implement the protocol operation:
479 ``get(filter)`` - Retrieve (a filtered subset of) the running
480 configuration and device state information. This should include
481 the list of VNF or PNF supported schemas.
489 The VNF or PNF **MUST** implement the protocol operation:
490 ``get-config(source, filter`` - Retrieve a (filtered subset of
491 a) configuration from the configuration data store source.
499 The VNF or PNF **MUST** implement the protocol operation:
500 ``kill-session(session``- Force the termination of **session**.
508 The VNF or PNF **MUST** implement the protocol operation:
509 ``lock(target)`` - Lock the configuration data store target.
517 The VNF or PNF **MUST** implement the protocol operation:
518 ``unlock(target)`` - Unlock the configuration data store target.
526 The VNF or PNF **SHOULD** implement the protocol operation:
527 ``copy-config(target, source)`` - Copy the content of the
528 configuration data store source to the configuration data store target.
536 The VNF or PNF **SHOULD** implement the protocol operation:
537 ``delete-config(target)`` - Delete the named configuration
546 The VNF or PNF **SHOULD** implement the protocol operation:
547 ``get-schema(identifier, version, format)`` - Retrieve the YANG schema.
555 The VNF or PNF **MUST** allow all configuration data to be
556 edited through a NETCONF <edit-config> operation. Proprietary
557 NETCONF RPCs that make configuration changes are not sufficient.
565 The VNF or PNF **MUST** allow the entire configuration of the VNF or PNF to be
566 retrieved via NETCONF's <get-config> and <edit-config>, independently
567 of whether it was configured via NETCONF or other mechanisms.
575 The VNF or PNF **MUST** support ``:partial-lock`` and
576 ``:partial-unlock`` capabilities, defined in RFC 5717. This
577 allows multiple independent clients to each write to a different
578 part of the <running> configuration at the same time.
586 The VNF or PNF **MUST** support ``:rollback-on-error`` value for
587 the <error-option> parameter to the <edit-config> operation. If any
588 error occurs during the requested edit operation, then the target
589 database (usually the running configuration) will be left unaffected.
590 This provides an 'all-or-nothing' edit mode for a single <edit-config>
599 The VNF or PNF **MUST** support the ``:startup`` capability. It
600 will allow the running configuration to be copied to this special
601 database. It can also be locked and unlocked.
609 The VNF or PNF **MUST** support the ``:url`` value to specify
610 protocol operation source and target parameters. The capability URI
611 for this feature will indicate which schemes (e.g., file, https, sftp)
612 that the server supports within a particular URL value. The 'file'
613 scheme allows for editable local configuration databases. The other
614 schemes allow for remote storage of configuration databases.
622 The VNF or PNF **MUST** implement both ``:candidate`` and
623 ``:writable-running`` capabilities. When both ``:candidate`` and
624 ``:writable-running`` are provided then two locks should be supported.
632 The VNF or PNF **MUST** fully support the XPath 1.0 specification
633 for filtered retrieval of configuration and other database contents.
634 The 'type' attribute within the <filter> parameter for <get> and
635 <get-config> operations may be set to 'xpath'. The 'select' attribute
636 (which contains the XPath expression) will also be supported by the
637 server. A server may support partial XPath retrieval filtering, but
638 it cannot advertise the ``:xpath`` capability unless the entire XPath
639 1.0 specification is supported.
647 The VNF or PNF **MUST** implement the ``:validate`` capability.
655 The VNF or PNF **MUST** implement ``:confirmed-commit`` If
656 ``:candidate`` is supported.
664 The VNF or PNF **MUST** implement the ``:with-defaults`` capability
673 The VNF or PNF **MUST** implement the data model discovery and
674 download as defined in [RFC6022].
682 The VNF or PNF **MUST** define all data models in YANG 1.0 [RFC6020] or
683 YANG 1.1 [RFC7950]. A combination of YANG 1.0 and YANG 1.1 modules is
684 allowed subject to the rules in [RFC7950] section 12. The mapping to
685 NETCONF shall follow the rules defined in this RFC.
693 The VNF or PNF **MUST** follow the data model update rules defined in
694 [RFC6020] section 10 for YANG 1.0 modules, and [RFC7950] section 11
695 for YANG 1.1 modules. All deviations from the aforementioned update
696 rules shall be handled by a built-in automatic upgrade mechanism.
704 The VNF or PNF **MUST** support parallel and simultaneous
705 configuration of separate objects within itself.
713 The VNF or PNF **MUST** support locking if a common object is
714 being manipulated by two simultaneous NETCONF configuration operations
715 on the same VNF or PNF within the context of the same writable running data
716 store (e.g., if an interface parameter is being configured then it
717 should be locked out for configuration by a simultaneous configuration
718 operation on that same interface parameter).
726 The VNF or PNF **MUST** apply locking based on the sequence of
727 NETCONF operations, with the first configuration operation locking
728 out all others until completed.
736 The VNF or PNF **MUST** permit locking at the finest granularity
737 if a VNF or PNF needs to lock an object for configuration to avoid blocking
738 simultaneous configuration operations on unrelated objects (e.g., BGP
739 configuration should not be locked out if an interface is being
740 configured or entire Interface configuration should not be locked out
741 if a non-overlapping parameter on the interface is being configured).
749 The VNF or PNF **MUST** be able to specify the granularity of the
750 lock via a restricted or full XPath expression.
758 The VNF or PNF **MUST** guarantee the VNF or PNF configuration integrity
759 for all simultaneous configuration operations (e.g., if a change is
760 attempted to the BUM filter rate from multiple interfaces on the same
761 EVC, then they need to be sequenced in the VNF or PNF without locking either
762 configuration method out).
770 The VNF or PNF **MUST** release locks to prevent permanent lock-outs
771 when/if a session applying the lock is terminated (e.g., SSH session
780 The VNF or PNF **MUST** release locks to prevent permanent lock-outs
781 when the corresponding <partial-unlock> operation succeeds.
789 The VNF or PNF **MUST** release locks to prevent permanent lock-outs
790 when a user configured timer has expired forcing the NETCONF SSH Session
791 termination (i.e., product must expose a configuration knob for a user
792 setting of a lock expiration timer).
800 The VNF or PNF **MUST** allow another NETCONF session to be able to
801 initiate the release of the lock by killing the session owning the lock,
802 using the <kill-session> operation to guard against hung NETCONF sessions.
810 The VNF or PNF **MUST** support simultaneous <commit> operations
811 within the context of this locking requirements framework.
819 The VNF or PNF **MUST** support all operations, administration and
820 management (OAM) functions available from the supplier for VNFs or PNFs
821 using the supplied YANG code and associated NETCONF servers.
829 The VNF or PNF **MUST** support sub tree filtering.
837 TThe VNF or PNF **MUST** support heartbeat via a <get> with null filter.
845 The VNF or PNF PACKAGE **MUST** validated YANG code using the open
846 source pyang [#7.3.1]_ program using the following commands:
850 $ pyang --verbose --strict <YANG-file-name(s)> $ echo $!
858 The VNF or PNF **MUST** have the echo command return a zero value
859 otherwise the validation has failed.
867 The VNF or PNF **MUST** support a NETCONF server that can be mounted on
868 OpenDaylight (client) and perform the operations of: modify, update,
869 change, rollback configurations using each configuration data element,
870 query each state (non-configuration) data element, execute each YANG
871 RPC, and receive data through each notification statement.
873 The following requirements provides the Yang models that suppliers must
874 conform, and those where applicable, that suppliers need to use.
883 The VNF or PNF **MUST** conform its YANG model to RFC 6470,
884 "NETCONF Base Notifications".
892 The VNF or PNF **MUST** conform its YANG model to RFC 6244,
893 "An Architecture for Network Management Using NETCONF and YANG".
901 The VNF or PNF **MUST** conform its YANG model to RFC 6087,
902 "Guidelines for Authors and Reviewers of YANG Data Model specification".
910 The VNF or PNF **SHOULD** conform its YANG model to RFC 6991,
911 "Common YANG Data Types".
919 The VNF or PNF **SHOULD** conform its YANG model to RFC 6536,
920 "NETCONF Access Control Model".
928 The VNF or PNF **SHOULD** conform its YANG model to RFC 7223,
929 "A YANG Data Model for Interface Management".
937 The VNF or PNF **SHOULD** conform its YANG model to RFC 7223,
938 "IANA Interface Type YANG Module".
946 The VNF or PNF **SHOULD** conform its YANG model to RFC 7277,
947 "A YANG Data Model for IP Management".
955 The VNF or PNF **SHOULD** conform its YANG model to RFC 7317,
956 "A YANG Data Model for System Management".
964 The VNF or PNF **SHOULD** conform its YANG model to RFC 7407,
965 "A YANG Data Model for SNMP Configuration", if Netconf used to
966 configure SNMP engine.
968 The NETCONF server interface shall fully conform to the following
978 The VNF or PNF **MUST** conform to the NETCONF RFC 4741,
979 "NETCONF Configuration Protocol".
987 The VNF or PNF **MUST** conform to the NETCONF RFC 4742,
988 "Using the NETCONF Configuration Protocol over Secure Shell (SSH)".
996 The VNF or PNF **MUST** conform to the NETCONF RFC 5277,
997 "NETCONF Event Notification".
1005 The VNF or PNF **MUST** conform to the NETCONF RFC 5717,
1006 "Partial Lock Remote Procedure Call".
1014 The VNF or PNF **MUST** conform to the NETCONF RFC 6241,
1015 "NETCONF Configuration Protocol".
1023 The VNF or PNF **MUST** conform to the NETCONF RFC 6242,
1024 "Using the Network Configuration Protocol over Secure Shell".
1032 The VNF or PNF **SHOULD** support TLS as secure transport for the NETCONF
1033 protocol according to [RFC7589].
1038 VNF or PNF REST APIs
1039 ^^^^^^^^^^^^^^^^^^^^
1041 HealthCheck is a command for which no NETCONF support exists.
1042 Therefore, this must be supported using a RESTful interface
1043 (defined in this section) or with a Chef cookbook/Ansible playbook
1044 (defined in sections `Chef Standards and Capabilities`_ and
1045 `Ansible Standards and Capabilities`_).
1047 See section 7.3.1.4 for the definition of Full Healthcheck and Partial
1050 The VNF or PNF must provide a REST formatted GET RPCs to support HealthCheck
1051 queries via the GET method over HTTP(s).
1053 The port number, url, and other authentication information is provided
1054 by the VNF or PNF provider.
1065 The VNF or PNF **MUST** support the HealthCheck RPC. The HealthCheck
1066 RPC executes a VNF or PNF Provider-defined VNF or PNF HealthCheck over the
1067 scope of the entire VNF or PNF (e.g., if there are multiple VNFCs, then
1068 run a health check, as appropriate, for all VNFCs). It returns a 200 OK if
1069 the test completes. A JSON object is returned indicating state (healthy,
1070 unhealthy), scope identifier, time-stamp and one or more blocks containing
1071 info and fault information. If the VNF or PNF is unable to run the
1072 HealthCheck, return a standard http error code and message.
1074 Examples of responses when HealthCheck runs and is able to provide a healthy
1075 or unhealthy response:
1077 .. code-block:: java
1082 "time":"2018-11-28 22:39:00.809466"
1087 "state":"unhealthy",
1088 "info":"There are stopped processes or VNF is not ready, may be quiesced or frozen.",
1089 "fault":"VNF mtn23comx8000v not ready for service.",
1090 "time":"2018-11-30 05:47:48.655959"
1094 Chef Standards and Capabilities
1095 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1099 **ATTENTION**: Chef is supported by ONAP, but it is not currently used by
1100 any of the official ONAP use cases and is not part of standard release
1101 testing like REST, Ansible, and Netconf. For this reason, the other
1102 options are generally favored over Chef at this time.
1105 ONAP will support configuration of VNFs or PNFs via Chef subject to the
1106 requirements and guidelines defined in this section.
1108 The Chef configuration management mechanism follows a client-server
1109 model. It requires the presence of a Chef-Client on the VNF or PNF that will be
1110 directly managed by a Chef Server. The Chef-client will register with
1111 the appropriate Chef Server and are managed via 'cookbooks' and
1112 configuration attributes loaded on the Chef Server which contain all
1113 necessary information to execute the appropriate actions on the VNF or PNF via
1116 ONAP will utilize the open source Chef Server, invoke the documented
1117 Chef REST APIs to manage the VNF or PNF and requires the use of open source
1118 Chef-Client and Push Jobs Client on the VNF or PNF
1119 (https://downloads.chef.io/).
1121 VNF or PNF Configuration via Chef Requirements
1122 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1124 Chef Client Requirements
1125 +++++++++++++++++++++++++
1134 The VNF or PNF **MUST** have the chef-client be preloaded with
1135 validator keys and configuration to register with the designated
1136 Chef Server as part of the installation process.
1144 The VNF or PNF **MUST** have routable FQDNs for all the endpoints
1145 (VMs) of a VNF or PNF that contain chef-clients which are used to register
1146 with the Chef Server. As part of invoking VNF or PNF actions, ONAP will
1147 trigger push jobs against FQDNs of endpoints for a VNF or PNF, if required.
1155 The VNF or PNF **MAY** expose a single endpoint that is
1156 responsible for all functionality.
1164 The VNF or PNF **MUST** be installed with Chef-Client >= 12.0 and Chef
1165 push jobs client >= 2.0.
1167 Chef Roles/Requirements
1168 ++++++++++++++++++++++++++
1176 The VNF or PNF Package **MUST** include all relevant Chef artifacts
1177 (roles/cookbooks/recipes) required to execute VNF or PNF actions requested
1178 by ONAP for loading on appropriate Chef Server.
1186 The VNF or PNF Package **MUST** include a run list of
1187 roles/cookbooks/recipes, for each supported VNF or PNF action, that will
1188 perform the desired VNF or PNF action in its entirety as specified by ONAP
1189 (see Section 7.c, APPC/SDN-C APIs and Behavior, for list of VNF or PNF
1190 actions and requirements), when triggered by a chef-client run list
1199 The VNF or PNF **MUST NOT** use any instance specific parameters
1200 for the VNF or PNF in roles/cookbooks/recipes invoked for a VNF or PNF
1209 The VNF or PNF **MUST** accept all necessary instance specific
1210 data from the environment or node object attributes for the VNF or PNF
1211 in roles/cookbooks/recipes invoked for a VNF or PNF action.
1219 The VNF or PNF **MUST** over-ride any default values for
1220 configurable parameters that can be set by ONAP in the roles,
1221 cookbooks and recipes.
1229 The VNF or PNF **MUST** update status on the Chef Server
1230 appropriately (e.g., via a fail or raise an exception) if the
1231 chef-client run encounters any critical errors/failures when
1232 executing a VNF or PNF action.
1240 The VNF or PNF **MUST** populate an attribute, defined as node
1241 ['PushJobOutput'] with the desired output on all nodes in the push job
1242 that execute chef-client run if the VNF or PNF action requires the output
1243 of a chef-client run be made available (e.g., get running configuration).
1251 The VNF or PNF Package **MUST** have appropriate cookbooks that are
1252 designed to automatically 'rollback' to the original state in case of
1253 any errors for actions that change state of the VNF or PNF (e.g.,
1262 The VNF or PNF **SHOULD** support callback URLs to return information
1263 to ONAP upon completion of the chef-client run for any chef-client run
1264 associated with a VNF or PNF action.
1266 - As part of the push job, ONAP will provide two parameters in the
1267 environment of the push job JSON object:
1269 - "RequestId" a unique Id to be used to identify the request,
1270 - "CallbackUrl", the URL to post response back.
1272 - If the CallbackUrl field is empty or missing in the push job, then
1273 the chef-client run need not post the results back via callback.
1281 The VNF or PNF **MUST** Upon completion of the chef-client run,
1282 POST back on the callback URL, a JSON object as described in Table
1283 A2 if the chef-client run list includes a cookbook/recipe that is
1284 callback capable. Failure to POST on the Callback Url should not be
1285 considered a critical error. That is, if the chef-client successfully
1286 completes the VNF or PNF action, it should reflect this status on the Chef
1287 Server regardless of whether the Callback succeeded or not.
1292 This section outlines the workflow that ONAP invokes when it receives an
1293 action request against a Chef managed VNF or PNF.
1295 1. When ONAP receives a request for an action for a Chef Managed VNF or PNF, it
1296 retrieves the corresponding template (based on **action** and
1297 **VNF or PNF**) from its database and sets necessary values in the
1298 "Environment", "Node" and "NodeList" keys (if present) from either
1299 the payload of the received action or internal data.
1301 2. If "Environment" key is present in the updated template, it posts the
1302 corresponding JSON dictionary to the appropriate Environment object
1303 REST endpoint on the Chef Server thus updating the Environment
1304 attributes on the Chef Server.
1306 3. Next, it creates a Node Object from the "Node" JSON dictionary for
1307 all elements listed in the NodeList (using the FQDN to construct the
1308 endpoint) by replicating it [#7.3.2]_. As part of this process, it will
1309 set the name field in each Node Object to the corresponding FQDN.
1310 These node objects are then posted on the Chef Server to
1311 corresponding Node Object REST endpoints to update the corresponding
1314 4. If PushJobFlag is set to "True" in the template, ONAP requests a push
1315 job against all the nodes in the NodeList to trigger
1316 chef-client. It will not invoke any other command via the push
1317 job. ONAP will include a callback URL in the push job request and a
1318 unique Request Id. An example push job posted by ONAP is listed
1321 .. code-block:: java
1324 "command": "chef-client"
1326 "nodes": ["node1.vnf_a.onap.com", "node2.vnf_a.onap.com"]
1328 "RequestId":"8279-abcd-aksdj-19231"
1329 "CallbackUrl":"<callback>"
1334 5. If CallbackCapable field in the template is not present or set to
1335 "False" ONAP will poll the Chef Server to check completion status of
1338 6. If "GetOutputFlag" is set to "True" in the template and
1339 CallbackCapable is not set to "True", ONAP will retrieve any output
1340 from each node where the push job has finished by accessing the Node
1341 Object attribute node['PushJobOutput'].
1343 .. _ansible_playbook_requirements:
1345 Ansible Standards and Capabilities
1346 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1348 ONAP will support configuration of VNFs or PNFs via Ansible subject to the
1349 requirements and guidelines defined in this section.
1351 Ansible allows agentless management of VNFs or PNFs/VMs/VNFCs via execution
1352 of 'playbooks' over ssh. The 'playbooks' are a structured set of
1353 tasks which contain all the necessary resources and execution capabilities
1354 to take the necessary action on one or more target VMs (and/or VNFCs)
1355 of the VNF. ONAP will utilize the framework of an Ansible Server that
1356 will host all Ansible artifacts and run playbooks to manage VNFs or PNFs that
1359 VNF or PNF Configuration via Ansible Requirements
1360 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1362 Ansible Client Requirements
1363 +++++++++++++++++++++++++++++
1372 The VNF or PNF **MUST** have routable management IP addresses or FQDNs that
1373 are reachable via the Ansible Server for the endpoints (VMs) of a
1374 VNF or PNF that playbooks will target. ONAP will initiate requests to the
1375 Ansible Server for invocation of playbooks against these end
1384 The VNF or PNF **MUST** have Python >= 2.6 on the endpoint VM(s)
1385 of a VNF or PNF on which an Ansible playbook will be executed.
1393 The VNF or PNF **MUST** support SSH and allow SSH access by the
1394 Ansible server to the endpoint VM(s) and comply with the Network
1395 Cloud Service Provider guidelines for authentication and access.
1403 The VNF or PNF **MUST** load the Ansible Server SSH public key onto VNF or
1404 PNF VM(s) /root/.ssh/authorized_keys as part of instantiation. Alternative,
1405 is for Ansible Server SSH public key to be loaded onto VNF or PNF VM(s)
1406 under /home/<Mechanized user ID>/.ssh/authorized_keys as part of
1407 instantiation, when a Mechanized user ID is created during instantiation,
1408 and Configure and all playbooks are designed to use a mechanized user ID
1409 only for authentication (never using root authentication during Configure
1410 playbook run). This will allow the Ansible Server to authenticate to
1411 perform post-instantiation configuration without manual intervention and
1412 without requiring specific VNF or PNF login IDs and passwords.
1414 *CAUTION*: For VNFs or PNFs configured using Ansible, to eliminate the need
1415 for manual steps, post-instantiation and pre-configuration, to
1416 upload of SSH public keys, SSH public keys loaded during (heat)
1417 instantiation shall be preserved and not removed by (heat) embedded
1426 The VNF or PNF **MUST** include as part of post-instantiation configuration
1427 done by Ansible Playbooks the removal/update of the SSH public key from
1428 /root/.ssh/authorized_keys, and update of SSH keys loaded through
1429 instantiation to support Ansible. This may include creating Mechanized user
1430 ID(s) used by the Ansible Server(s) on VNF VM(s) and uploading and
1431 installing new SSH keys used by the mechanized use ID(s).
1437 :introduced: casablanca
1440 The VNF or PNF **MUST** permit authentication, using root account, only
1441 right after instantiation and until post-instantiation configuration is
1448 :introduced: casablanca
1451 The VNF or PNF **MUST** provide the ability to remove root access once
1452 post-instantiation configuration (Configure) is completed.
1460 The VNF or PNF **MUST** update the Ansible Server and other entities
1461 storing and using the SSH keys for authentication when the SSH
1462 keys used by Ansible are regenerated/updated.
1464 **Note**: Ansible Server itself may be used to upload new SSH public
1465 keys onto supported VNFs or PNFs.
1471 :introduced: casablanca
1474 The VNF or PNF **MUST** provide the ability to include a "from=" clause in
1475 SSH public keys associated with mechanized user IDs created for an Ansible
1476 Server cluster to use for VNF or PNF VM authentication.
1482 :introduced: casablanca
1485 The VNF or PNF **MUST** define the "from=" clause to provide the list of IP
1486 addresses of the Ansible Servers in the Cluster, separated by coma, to
1487 restrict use of the SSH key pair to elements that are part of the Ansible
1488 Cluster owner of the issued and assigned mechanized user ID.
1494 :introduced: casablanca
1497 The VNF or PNF **MUST** provide Ansible playbooks that are designed to run
1498 using an inventory hosts file in a supported format with only IP addresses
1499 or IP addresses and VM/VNF or PNF names.
1505 :introduced: casablanca
1508 The VNF or PNF **MUST** provide Ansible playbooks that are designed to run
1509 using an inventory hosts file in a supported format; with group names
1510 matching VNFC 3-character string adding "vip" for groups with virtual IP
1511 addresses shared by multiple VMs as seen in examples provided in Appendix.
1517 :introduced: casablanca
1520 The VNF or PNF **MUST** provide Ansible playbooks that are designed to run
1521 using an inventory hosts file in a supported format; with site group that
1522 shall be used to add site specific configurations to the target VNF or PNF
1525 Ansible Playbook Requirements
1526 +++++++++++++++++++++++++++++++
1528 An Ansible playbook is a collection of tasks that is executed on the
1529 Ansible server (local host) and/or the target VM (s) in order to
1530 complete the desired action.
1536 :introduced: casablanca
1539 The VNF or PNF **MUST** support Ansible playbooks that are compatible with
1540 Ansible version 2.6 or later.
1548 The VNF or PNF **MUST** make available playbooks that conform
1549 to the ONAP requirement.
1557 The VNF or PNF **MUST** support each APPC/SDN-C VNF or PNF action
1558 by invocation of **one** playbook [#7.3.4]_. The playbook will be
1559 responsible for executing all necessary tasks (as well as calling other
1560 playbooks) to complete the request.
1568 The VNF or PNF **MUST NOT** use any instance specific parameters
1577 The VNF or PNF **MUST** utilize information from key value pairs that will
1578 be provided by the Ansible Server as "extra-vars" during invocation to
1579 execute the desired VNF or PNF action. The "extra-vars" attribute-value
1580 pairs are passed to the Ansible Server by an APPC/SDN-C as part of the
1581 Rest API request. If the playbook requires files, they must also be
1582 supplied using the methodology detailed in the Ansible Server API, unless
1583 they are bundled with playbooks, example, generic templates. Any files
1584 containing instance specific info (attribute-value pairs), not obtainable
1585 from any ONAP inventory databases or other sources, referenced and used an
1586 input by playbooks, shall be provisioned (and distributed) in advance of
1587 use, e.g., VNF or PNF instantiation. Recommendation is to avoid these
1588 instance specific, manually created in advance of instantiation, files.
1590 The Ansible Server will determine if a playbook invoked to execute an
1591 VNF or PNF action finished successfully or not using the "PLAY_RECAP" summary
1592 in Ansible log. The playbook will be considered to successfully finish
1593 only if the "PLAY RECAP" section at the end of playbook execution output
1594 has no unreachable hosts and no failed tasks. Otherwise, the playbook
1595 will be considered to have failed.
1604 The VNF or PNF **MUST** use playbooks designed to allow Ansible
1605 Server to infer failure or success based on the "PLAY_RECAP" capability.
1607 **Note**: There are cases where playbooks need to interpret results
1608 of a task and then determine success or failure and return result
1609 accordingly (failure for failed tasks).
1617 The VNF or PNF **MUST** write to a response file in JSON format that will
1618 be retrieved and made available by the Ansible Server if, as part of a VNF
1619 or PNF action (e.g., audit), a playbook is required to return any VNF or
1620 PNF information/response. The text files must be written in the main
1621 playbook home directory, in JSON format. The JSON file must be created for
1622 the VNF or PNF with the name '<VNF or PNF name>_results.txt'. All playbook
1623 output results, for all VNF or PNF VMs, to be provided as a response to the
1624 request, must be written to this response file.
1632 The VNF or PNF **SHOULD** use playbooks that are designed to
1633 automatically 'rollback' to the original state in case of any errors
1634 for actions that change state of the VNF or PNF (e.g., configure).
1636 **Note**: In case rollback at the playbook level is not supported or
1637 possible, the VNF or PNF provider shall provide alternative rollback
1638 mechanism (e.g., for a small VNF or PNF the rollback mechanism may rely
1639 on workflow to terminate and re-instantiate VNF VMs and then re-run
1640 playbook(s)). Backing up updated files is also recommended to support
1641 rollback when soft rollback is feasible.
1646 :keyword: SHOULD NOT
1649 The VNF or PNF **SHOULD NOT** use playbooks that make requests to
1650 Cloud resources e.g. Openstack (nova, neutron, glance, heat, etc.);
1651 therefore, there is no use for Cloud specific variables like Openstack
1652 UUIDs in Ansible Playbook related artifacts.
1654 **Rationale**: Flows that require interactions with Cloud services e.g.
1655 Openstack shall rely on workflows run by an Orchestrator
1656 (Change Management) or other capability (such as a control loop or
1657 Operations GUI) outside Ansible Server which can be executed by a
1658 APPC/SDN-C. There are policies, as part of Control Loop
1659 models, that send remediation action requests to an APPC/SDN-C; these
1660 are triggered as a response to an event or correlated events published
1669 The VNF or PNF **SHOULD** use available backup capabilities to save a
1670 copy of configuration files before implementing changes to support
1671 operations such as backing out of software upgrades, configuration
1672 changes or other work as this will help backing out of configuration
1673 changes when needed.
1681 The VNF or PNF **MUST** return control from Ansible Playbooks only after
1682 all tasks performed by playbook are fully complete, signaling that the
1683 playbook completed all tasks. When starting services, return control
1684 only after all services are up. This is critical for workflows where
1685 the next steps are dependent on prior tasks being fully completed.
1689 ``StopApplication Playbook`` – StopApplication Playbook shall return control
1690 and a completion status response only after VNF or PNF application is fully
1691 stopped, all processes/services stopped.
1693 ``StartApplication Playbook`` – StartApplication Playbook shall return control
1694 and a completion status only after all VNF or PNF application services are
1695 fully up, all processes/services started and ready to provide services.
1697 **NOTE**: Start Playbook should not be declared complete/done after starting
1698 one or several processes that start the other processes.
1700 HealthCheck Playbook:
1702 SUCCESS – HealthCheck success shall be returned (return code 0) by a
1703 Playbook or Cookbook only when VNF or PNF is 100% healthy, ready to take
1704 requests and provide services, with all VNF or PNF required capabilities ready
1705 to provide services and with all active and standby resources fully ready with
1706 no open MINOR, MAJOR or CRITICAL alarms.
1708 NOTE: In some cases, a switch may need to be turned on, but a VNF or PNF
1709 reported as healthy, should be ready to take service requests or be
1710 already processing service requests successfully.
1712 A successful execution of a health-check playbook shall create one response
1713 file (per VNF or PNF) in JSON format, named after the VNF or PNF instance,
1714 followed by "_results.txt" (<VNF or PNF instance name>_results.txt) to be
1715 provided as a response to the requestor, indicating health-check was executed
1716 and completed successfully, example: vfdb9904v_results.txt, with the following
1719 .. code-block:: java
1722 "identifier": "VNF",
1724 "time": "2018-03-16:1139"
1729 .. code-block:: java
1731 $ cat vfdb9904v_results.txt
1733 "identifier": "VNF",
1735 "time": "2018-03-16:1139"
1739 **NOTE**: See section 7.3.1.4 for comments on support of partial health checks.
1741 FAILURE – A health check playbook shall return a non-zero return code in
1742 case VNF or PNF is not 100% healthy because one or more VNF or PNF application
1743 processes are stopped or not ready to take service requests or because critical
1744 or non-critical resources are not ready or because there are open MINOR, MAJOR
1745 or CRITICAL traps/alarms or because there are issues with the VNF or PNF that
1746 need attention even if they do not impact services provided by the VNF or PNF.
1748 A failed health-check playbook shall also create one file (per VNF or PNF), in
1749 JSON format, named after the VNF or PNF instance name, followed by
1750 "_results.txt" to indicate health-check was executed and found issues in the
1751 health of the VNF or PNF. This is to differentiate from failure to run
1752 health-check playbook or playbook tasks to verify the health of the VNF or
1753 PNF, example: vfdb9904v_results.txt, with the following contents:
1755 .. code-block:: java
1758 "identifier": "VNF",
1759 "state": "unhealthy",
1760 "info": "Error in following VM(s). Check hcstatus files
1761 under /tmp/ccfx9901v for details",
1766 "time": "2018-03-16:4044"
1772 .. code-block:: java
1774 $ cat vfdb9904v_results.txt
1776 "identifier": "VNF",
1777 "state": "unhealthy",
1778 "info": "Error in following VM(s). Check hcstatus files
1779 under /tmp/ccfx9901v for details",
1784 "time": "2018-03-16:4044"
1788 See `VNF or PNF REST APIs`_ for additional details on HealthCheck.
1790 Some VNFs or PNFs may support and desire to run partial health checks and
1791 receive a successful response when partial health check completes without
1792 errors. The parameter name used by HealthCheck playbook to request non-default
1793 partial health check is healthcheck_type. Example of health check types
1794 could be healthcheck_type=GuestOS, healthcheck_type=noDB,
1795 healthcheck_type=noConnections, healthcheck_type=IgnoreAlarms, etc.. This
1796 attribute-value pair may be passed by Orchestrator or Workflow or other
1797 (northbound) APPC/SDN-C clients to APPC/SDN-C as part of the request.
1799 By default, when no argument/parameter is passed, healthcheck playbook
1800 performs a full VNF or PNF health check.
1806 :introduced: casablanca
1809 The VNF or PNF provider **MUST** deliver a new set of playbooks that
1810 includes all updated and unchanged playbooks for any new revision to an
1811 existing set of playbooks.
1818 :introduced: casablanca
1820 The VNF or PNF provider **MUST** assign a new point release to the updated
1821 playbook set. The functionality of a new playbook set must be tested before
1822 it is deployed to the production.
1826 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1828 This section outlines the workflow that APPC/SDN-C invokes when
1829 it receives an action request against an Ansible managed VNF or PNF.
1831 #. When APPC/SDN-C receives a request for an action for an
1832 Ansible managed VNF or PNF, it retrieves the corresponding template (based
1833 on **action** and **VNF or PNF Type**) from its database and sets necessary
1834 values (such as an Id, NodeList, and EnvParameters) from either
1835 information either in the request or data obtained from other sources,
1836 inventory database, is an example of such sources.
1837 This is referred to as the payload that is sent as a JSON object
1838 to the Ansible server as part of the Rest API request.
1839 #. The APPC/SDN-C sends a request to the Ansible server to
1841 #. The APPC/SDN-C, after sending a request to the Ansible server,
1842 polls it to get results(success or failure). The APPC/SDN-C has a
1843 timeout value which is contained in the action request template. Different
1844 actions can set different timeout values (default setting is 600 seconds).
1845 If the result is not available when the timeout is reached, the APPC/SDN-C
1846 stops polling and returns a timeout error to the requester.
1847 The Ansible Server continues to process the request.
1850 Support of APPC/SDN-C Commands And Southbound Protocols
1851 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1853 The following table summarizes the commands and possible protocols selected.
1854 Note that the HealthCheck can also be supported via REST.
1856 Table 8. APPC/SDN-C APIs and NETCONF Commands
1858 +-------------+--------------------+--------------------+--------------------+
1859 |**Command** |**NETCONF Support** |**Chef Support** |**Ansible** |
1860 +=============+====================+====================+====================+
1861 |General |For each RPC, the |VNF or PNF Vendor |VNF Vendor must |
1862 |Comments |appropriate RPC |must provide any |provide an Ansible |
1863 | |operation is listed.|necessary roles, |playbook to retrieve|
1864 | | |cookbooks, recipes |the running |
1865 | | |to retrieve the |configuration from a|
1866 | | |running |VNF and place the |
1867 | | |configuration from |output on the |
1868 | | |a VNF or PNF and |Ansible server in |
1869 | | |place it in the |a manner aligned |
1870 | | |respective Node |with playbook |
1871 | | |Objects |requirements listed |
1872 | | |'PushJobOutput' |in this document. |
1873 | | |attribute of all | |
1874 | | |nodes in NodeList |The PlaybookName |
1875 | | |when triggered by a |must be provided |
1876 | | |chef-client run. |in the JSON file. |
1878 | | |The JSON file for |NodeList must list |
1879 | | |this VNF or PNF |IP addresses or DNS |
1880 | | |action is required |supported FQDNs of |
1881 | | |to set "PushJobFlag"|an example VNF |
1882 | | |to "True" and |on which to |
1883 | | |"GetOutputFlag" to |execute playbook. |
1884 | | |"True". The "Node" | |
1885 | | |JSON dictionary | |
1886 | | |must have the run | |
1887 | | |list populated | |
1888 | | |with the necessary | |
1889 | | |sequence of roles, | |
1890 | | |cookbooks, recipes. | |
1892 | | |The Environment | |
1893 | | |and Node values | |
1894 | | |should contain all | |
1895 | | |appropriate | |
1896 | | |configuration | |
1897 | | |attributes. | |
1899 | | |NodeList must | |
1900 | | |list sample FQDNs | |
1901 | | |that are required to| |
1903 | | |chef-client run for | |
1904 | | |this VNF Action. | |
1905 +-------------+--------------------+--------------------+--------------------+
1906 |Audit |The <get-config> is |Supported via a |Supported via a |
1907 | |used to return the |cookbook that |playbook that |
1908 | |running |returns the running |returns the running |
1909 | |configuration. |configuration. |configuration. |
1910 +-------------+--------------------+--------------------+--------------------+
1911 |Configure, |The <edit-config> |Supported via a |Supported via a |
1912 |ModifyConfig |operation loads all |cookbook that |playbook that |
1913 | |or part of a |updates the VNF or |updates the VNF |
1914 | |specified data set |PNF configuration. |configuration. |
1915 | |to the specified | | |
1916 | |target database. If | | |
1917 | |there is no | | |
1918 | |<candidate/> | | |
1919 | |database, then the | | |
1920 | |target is the | | |
1921 | |<running/> database.| | |
1922 | |A <commit> follows. | | |
1923 +-------------+--------------------+--------------------+--------------------+
1924 |Other |This command has no |Supported via a |Supported via a |
1925 |Configuration|existing NETCONF RPC|cookbook that |playbook that |
1926 |Commands |action. |performs |performs |
1927 | | |the action. |the action. |
1928 +-------------+--------------------+--------------------+--------------------+
1929 |Lifecycle |This command has no |Supported via a |Supported via a |
1930 |Management |existing NETCONF RPC|cookbook that |playbook that |
1931 |Commands |action. |performs |performs |
1932 | | |the action. |the action. |
1933 +-------------+--------------------+--------------------+--------------------+
1934 |Health Check |This command has no |Supported via a |Supported |
1935 | |existing NETCONF RPC|cookbook |via a |
1936 | |action. |that |playbook |
1937 | | |performs |that |
1938 | | |a HealthCheck and |performs |
1939 | | |returns the results.|the |
1940 | | | |HealthCheck |
1941 | | | |and returns |
1944 +-------------+--------------------+--------------------+--------------------+
1947 https://github.com/mbj4668/pyang
1950 Recall that the Node Object **is required** to be identical across
1951 all VMs of a VNF or PNF invoked as part of the action except for the "name".
1954 Upstream elements must provide the appropriate FQDN in the request to
1955 ONAP for the desired action.
1958 Multiple ONAP actions may map to one playbook.