1 .. Modifications Copyright © 2017-2018 AT&T Intellectual Property.
3 .. Licensed under the Creative Commons License, Attribution 4.0 Intl.
4 (the "License"); you may not use this documentation except in compliance
5 with the License. You may obtain a copy of the License at
7 .. https://creativecommons.org/licenses/by/4.0/
9 .. Unless required by applicable law or agreed to in writing, software
10 distributed under the License is distributed on an "AS IS" BASIS,
11 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 See the License for the specific language governing permissions and
13 limitations under the License.
16 Requirement Changes Introduced in Guilin
17 ----------------------------------------
19 This document summarizes the requirement changes by section that were
20 introduced between the Frankfurt release and
21 Guilin release. Click on the requirement number to
30 * **Requirements Added:** 30
31 * **Requirements Changed:** 51
32 * **Requirements Removed:** 37
35 Configuration Management > Ansible Standards and Capabilities > VNF or PNF Configuration via Ansible Requirements > Ansible Client Requirements
36 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
47 The VNF or PNF Provider's Ansible playbooks **MUST** be designed to run
48 using an inventory hosts file in a supported format; with group names
49 matching VNFC 3-character string adding "vip" for groups with virtual IP
50 addresses shared by multiple VMs as seen in examples provided in Appendix.
57 The VNF or PNF Provider's Ansible playbooks **MUST** be designed to run
58 using an inventory hosts file in a supported format with only IP addresses
59 or IP addresses and VM/VNF or PNF names.
66 The VNF or PNF Provider's Ansible playbooks **MUST** be designed to run
67 using an inventory hosts file in a supported format; with site group that
68 shall be used to add site specific configurations to the target VNF or PNF
76 The VNF or PNF **MUST** load the Ansible Server SSH public key onto VNF or
77 PNF VM(s) /root/.ssh/authorized_keys as part of instantiation. Alternative,
78 is for Ansible Server SSH public key to be loaded onto VNF or PNF
79 under /home/<Mechanized user ID>/.ssh/authorized_keys as part of
80 instantiation, when a Mechanized user ID is created during instantiation,
81 and Configure and all playbooks are designed to use a mechanized user ID
82 only for authentication (never using root authentication during Configure
83 playbook run). This will allow the Ansible Server to authenticate to
84 perform post-instantiation configuration without manual intervention and
85 without requiring specific VNF or PNF login IDs and passwords.
87 *CAUTION*: For VNFs or PNFs configured using Ansible, to eliminate the need
88 for manual steps, post-instantiation and pre-configuration, to
89 upload of SSH public keys, SSH public keys loaded during (heat)
90 instantiation shall be preserved and not removed by (heat) embedded
98 The VNF or PNF Provider **MUST** include as part of post-instantiation
99 configuration done by Ansible Playbooks the removal/update of the SSH
100 public key from ``/root/.ssh/authorized_keys``, and update of SSH keys
101 loaded through instantiation to support Ansible. This may include creating
102 Mechanized user ID(s) used by the Ansible Server(s) on VNF VM(s) and
103 uploading and installing new SSH keys used by the mechanized use ID(s).
106 Configuration Management > Ansible Standards and Capabilities > VNF or PNF Configuration via Ansible Requirements > Ansible Playbook Requirements
107 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
118 The VNF or PNF Provider's Ansible playbooks **SHOULD** compare the version(s)
119 of Ansible that the VNF Provider developed and tested against to the
120 ``ansible_version.full`` value during playbook execution, and issue a
121 ``WARNING`` message if the operator version is not one of the tested
129 The VNF or PNF Provider's Ansible playbooks **SHOULD** issue log messages
130 in the same format as Ansible's default messages:
131 ``[<Log Level>]: <message>``
135 ``[WARNING]: Ansible version 2.9.3 does not match a known,
136 tested version: 2.8.1, 2.8.2``
143 The VNF or PNF Provider's Ansible playbooks **MUST NOT** fail due to
144 a mismatched version check as specified in R-918136. The warning message
145 should be issued, and the playbook execution should continue as normal.
156 The VNF or PNF Provider **MUST** assign a new point release to the updated
157 Ansible playbook set. The functionality of a new playbook set must be
158 tested before it is deployed to the production.
165 The VNF or PNF Provider **MUST** deliver a new set of Ansible playbooks that
166 includes all updated and unchanged playbooks for any new revision to an
167 existing set of playbooks.
174 The VNF or PNF Provider's Ansible playbooks **MUST NOT** require
175 passwords or secrets to be passed in clear text in the command line or
176 Rest API request to run the playbook.
183 The VNF or PNF Provider's Ansible playbooks **SHOULD** be designed to
184 automatically 'rollback' to the original state in case of any errors
185 for actions that change state of the VNF or PNF (e.g., configure).
187 **Note**: In case rollback at the playbook level is not supported or
188 possible, the VNF or PNF provider shall provide alternative rollback
189 mechanism (e.g., for a small VNF or PNF the rollback mechanism may rely
190 on workflow to terminate and re-instantiate VNF VMs and then re-run
191 playbook(s)). Backing up updated files is also recommended to support
192 rollback when soft rollback is feasible.
199 The VNF or PNF Provider's Ansible playbooks **MUST** support each APPC/SDN-C
200 VNF or PNF action by invocation of **one** playbook [#7.3.4]_. The playbook
201 will be responsible for executing all necessary tasks (as well as calling
202 other playbooks) to complete the request.
209 The VNF or PNF Provider's Ansible playbooks **MUST** write to a response
210 file in JSON format that will be retrieved and made available by the
211 Ansible Server if, as part of a VNF or PNF action (e.g., audit), a playbook
212 is required to return any VNF or PNF information/response. The text files
213 must be written in the main playbook home directory, in JSON format. The
214 JSON file must be created for the VNF or PNF with the name '<VNF or PNF name>_results.txt'. All playbook
215 output results, for all VNF VMS or PNF Server/Blades, to be provided as a
216 response to the request, must be written to this response file.
223 The VNF or PNF Provider's Ansible playbooks **SHOULD NOT** make requests to
224 Cloud resources e.g. Openstack (nova, neutron, glance, heat, etc.);
225 therefore, there is no use for Cloud specific variables like Openstack
226 UUIDs in Ansible Playbook related artifacts.
228 **Rationale**: Flows that require interactions with Cloud services e.g.
229 Openstack shall rely on workflows run by an Orchestrator
230 (Change Management) or other capability (such as a control loop or
231 Operations GUI) outside Ansible Server which can be executed by a
232 APPC/SDN-C. There are policies, as part of Control Loop
233 models, that send remediation action requests to an APPC/SDN-C; these
234 are triggered as a response to an event or correlated events published
242 The VNF or PNF Provider's Ansible playbooks **MUST** store any playbook
243 configuration data that requires encryption (passwords, secrets, etc.) in
244 a JSON (.json), YAML (.yaml|.yml) or INI (.ini) file, which will be placed
245 in ``<VNF type>/<Version>/ansible/vars`` directory.
252 The VNF or PNF Provider's Ansible playbooks **MUST** store passwords and
253 other attributes that must remain secret in JSON, YAML or INI with
254 differentiated names when passwords and secrets vary from environment to
255 environment. Example, name must include <Mechanized user ID>_...json or
256 <Mechanized user ID>_...xml when labs and production use different passwords
257 and/or secrets. The <Mechanized user ID> is discovered from the environment
258 ``/etc/ansible/ansible.cfg`` where the playbook runs.
265 The VNF or PNF Provider's Ansible playbooks **MUST** utilize information
266 from key value pairs that will be provided by the Ansible Server as
267 ``extra-vars`` during invocation to execute the desired VNF or PNF action.
268 The "extra-vars" attribute-value pairs are passed to the Ansible Server by
269 an APPC/SDN-C as part of the Rest API request. If the playbook requires
270 files, they must also be supplied using the methodology detailed in the
271 Ansible Server API, unless they are bundled with playbooks, example,
272 generic templates. Any files containing instance specific info
273 (attribute-value pairs), not obtainable
274 from any ONAP inventory databases or other sources, referenced and used as
275 input by playbooks, shall be provisioned (and distributed) in advance of
276 use, e.g., VNF or PNF instantiation. Recommendation is to avoid these
277 instance specific, manually created in advance of instantiation, files.
284 The VNF or PNF Provider's Ansible playbooks **MUST** load passwords
285 and other attributes that must remain secret from JSON, YAML or INI files
286 that can be encrypted/decrypted using Ansible Vault capabilities.
293 The VNF or PNF Provider's Ansible playbooks **MUST** store passwords and
294 other attributes that must remain secret in JSON, YAML or INI files that
295 can be encrypted/decrypted using Ansible Vault capabilities.
302 The VNF or PNF Provider's Ansible playbooks **MUST** be designed to allow
303 Ansible Server to infer failure or success based on the "PLAY_RECAP"
306 **Note**: There are cases where playbooks need to interpret results
307 of a task and then determine success or failure and return result
308 accordingly (failure for failed tasks).
315 The VNF or PNF Provider's Ansible playbooks **SHOULD** provide a single
316 YAML or JSON file with all the passwords and secrets to reduce the number
317 of files to be decrypted/encrypted before on-boarding into the central
325 The VNF or PNF Provider's Ansible playbooks **MUST** not log or
326 display passwords and other attributes that must remain secret when
327 running playbook in debug mode.
329 NOTE: Use ``no_log: True``
336 The VNF or PNF Provider's Ansible playbooks that target a subset of VMs (or
337 servers/blades) part of a VNF (or PNF) instance **MUST** be designed to use
338 the VNF or PNF inventory host file and to use a parameter named
339 ``target_vm_list`` to provide the subset of VMs in the VNF instance
340 specifically targeted by the playbook.
342 NOTE: Example of such playbooks would be playbooks used to configure VMs
343 added to a VNF instance as part of a scale-out/up or scale-in/down
344 operation. Such playbook is expected to also need to perform
345 configuration/reconfiguration tasks part of the base VNF instance build.
352 The VNF or PNF Provider's Ansible playbooks **MUST** return control only
353 after all tasks performed by playbook are fully complete, signaling that the
354 playbook completed all tasks. When starting services, return control
355 only after all services are up. This is critical for workflows where
356 the next steps are dependent on prior tasks being fully completed.
363 The VNF or PNF Provider's Ansible playbooks **SHOULD** place the passwords
364 and secrets to be edited at the top of the single YAML or JSON file with
365 all the secrets, and the (default) ones that are to remain unchanged '
366 towards the bottom, with commentary separating them.
373 The VNF or PNF Provider's Ansible playbooks **MUST NOT** contain instance
374 specific values that can not be provided by a parameter to the playbook.
381 The VNF or PNF Provider's Ansible playbooks **MUST** load any configuration
382 data that requires encryption (passwords, secrets, etc.) in a JSON (.json),
383 YAML (.yaml|.yml) or INI (.ini) file, from the
384 ``<VNF type>/<Version>/ansible/vars`` directory.
391 The VNF or PNF Provider's Ansible playbooks **SHOULD** use available backup
392 capabilities to save a copy of configuration files before implementing
393 changes to support operations such as backing out of software upgrades,
394 configuration changes or other work as this will help backing out of
395 configuration changes when needed.
406 The VNF or PNF **MUST** make available playbooks that conform
407 to the ONAP requirement.
414 The VNF or PNF **MUST** support Ansible playbooks that are compatible with
415 Ansible version 2.6 or later.
418 Monitoring & Management > Bulk Performance Measurement
419 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
430 The VNF or PNF **SHOULD** support the data schema defined in 3GPP TS 32.435 or 3GPP TS 28.532, when
431 supporting the event-driven bulk transfer of monitoring data.
434 Monitoring & Management > Monitoring & Management Requirements > Addressing and Delivery Protocol
435 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
446 The VNF or PNF **MAY** use another option which is expected to include SFTP
447 for asynchronous bulk files, such as bulk files that contain large volumes
448 of data collected over a long time interval or data collected across many
449 VNFs or PNFs. (Preferred is to reorganize the data into more frequent or more focused
450 data sets, and deliver these by REST or TCP as appropriate.)
457 The VNF or PNF **MUST**, by ONAP Policy, provide the ONAP addresses
458 as data destinations for each VNF or PNF, and may be changed by Policy while
459 the VNF or PNF is in operation. We expect the VNF or PNF to be capable of redirecting
460 traffic to changed destinations with no loss of data, for example from
461 one REST URL to another, or from one TCP host and port to another.
468 The VNF or PNF **MAY** use another option which is expected to include REST
469 delivery of binary encoded data sets.
476 The VNF or PNF **MAY** use another option which is expected to include REST
477 for synchronous data, using RESTCONF (e.g., for VNF or PNF state polling).
484 The VNF or PNF **MAY** use another option which is expected to include TCP
485 for high volume streaming asynchronous data sets and for other high volume
486 data sets. TCP delivery can be used for either JSON or binary encoded data
494 The VNF or PNF **MUST** be configured with initial address(es) to use
495 at deployment time. Subsequently, address(es) may be changed through
496 ONAP-defined policies delivered from ONAP to the VNF or PNF using PUTs to a
497 RESTful API, in the same manner that other controls over data reporting
498 will be controlled by policy.
505 The VNF or PNF **MUST** have the capability of maintaining a primary
506 and backup DNS name (URL) for connecting to ONAP collectors, with the
507 ability to switch between addresses based on conditions defined by policy
508 such as time-outs, and buffering to store messages until they can be
509 delivered. At its discretion, the service provider may choose to populate
510 only one collector address for a VNF or PNF. In this case, the network will
511 promptly resolve connectivity problems caused by a collector or network
512 failure transparently to the VNF or PNF.
519 The VNF or PNF **SHOULD** use REST using HTTPS delivery of plain
520 text JSON for moderate sized asynchronous data sets, and for high
521 volume data sets when feasible.
524 Monitoring & Management > Monitoring & Management Requirements > Asynchronous and Synchronous Data Delivery
525 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
536 The VNF or PNF **MUST** respond with content encoded in JSON, as
537 described in the RESTCONF specification. This way the encoding of a
538 synchronous communication will be consistent with Avro.
545 The VNF or PNF **MUST** use the RESTCONF/NETCONF framework used by
546 the ONAP configuration subsystem for synchronous communication.
553 The VNF or PNF **MUST** respond to data requests from ONAP as soon
554 as those requests are received, as a synchronous response.
561 The VNF or PNF **SHOULD** use `Modeling JSON text with YANG
562 <https://tools.ietf.org/html/rfc7951>`_, If YANG models need to be
563 translated to and from JSON{RFC7951]. YANG configuration and content can
564 be represented via JSON, consistent with Avro, as described in "Encoding
565 and Serialization" section.
572 The VNF or PNF **MUST** respond to an ONAP request to deliver granular
573 data on device or subsystem status or performance, referencing the YANG
574 configuration model for the VNF or PNF by returning the requested data elements.
581 The VNF or PNF **MUST** respond to an ONAP request to deliver the
582 current data for any of the record types defined in
583 `Event Records - Data Structure Description`_ by returning the requested
584 record, populated with the current field values. (Currently the defined
585 record types include fault fields, mobile flow fields, measurements for
586 VNF or PNF scaling fields, and syslog fields. Other record types will be added
587 in the future as they become standardized and are made available.)
594 The VNF or PNF **MUST** must encode, address and deliver the data
595 as described in the previous paragraphs.
602 The VNF or PNF **MUST** use the YANG configuration models and RESTCONF
603 [RFC8040] (https://tools.ietf.org/html/rfc8040).
606 Monitoring & Management > Monitoring & Management Requirements > Google Protocol Buffers (GPB)
607 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
618 The VNF or PNF, when leveraging Google Protocol Buffers for events, **MUST**
619 serialize the events using native Google Protocol Buffers (GPB) according
620 to the following guidelines:
622 * The keys are represented as integers pointing to the system resources
623 for the VNF or PNF being monitored
624 * The values correspond to integers or strings that identify the
625 operational state of the VNF resource, such a statistics counters and
626 the state of an VNF or PNF resource.
627 * The required Google Protocol Buffers (GPB) metadata is provided in the
628 form of .proto files.
635 The VNF or PNF providers **MUST** provide the Service Provider the following
636 artifacts to support the delivery of high-volume VNF or PNF telemetry to
637 DCAE via GPB over TLS/TCP:
639 * A valid VES Event .proto definition file, to be used validate and
641 * A valid high volume measurement .proto definition file, to be used for
642 processing high volume events
643 * A supporting PM content metadata file to be used by analytics
644 applications to process high volume measurement events
647 Monitoring & Management > Monitoring & Management Requirements > JSON
648 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
659 The VNF or PNF, when leveraging JSON for events, **MUST** encode and serialize
660 content delivered to ONAP using JSON (RFC 7159) plain text format.
661 High-volume data is to be encoded and serialized using
662 `Avro <http://avro.apache.org/>`_, where the Avro data
663 format are described using JSON.
666 Monitoring & Management > Monitoring & Management Requirements > Reporting Frequency
667 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
678 The VNF or PNF **MUST** report exactly one Measurement event per period
686 The VNF or PNF **MUST** vary the frequency that asynchronous data
687 is delivered based on the content and how data may be aggregated or
692 - For example, alarms and alerts are expected to be delivered as
693 soon as they appear. In contrast, other content, such as performance
694 measurements, KPIs or reported network signaling may have various
695 ways of packaging and delivering content. Some content should be
696 streamed immediately; or content may be monitored over a time
697 interval, then packaged as collection of records and delivered
698 as block; or data may be collected until a package of a certain
699 size has been collected; or content may be summarized statistically
700 over a time interval, or computed as a KPI, with the summary or KPI
702 - We expect the reporting frequency to be configurable depending on
703 the virtual network functions needs for management. For example,
704 Service Provider may choose to vary the frequency of collection
705 between normal and trouble-shooting scenarios.
706 - Decisions about the frequency of data reporting will affect
707 the size of delivered data sets, recommended delivery method,
708 and how the data will be interpreted by ONAP. These considerations
709 should not affect deserialization and decoding of the data, which
710 will be guided by the accompanying JSON schema or GPB definition
714 Monitoring & Management > Monitoring & Management Requirements > Security
715 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
726 If the VNF or PNF is using Basic Authentication, then the VNF or
727 PNF **MUST** support the provisioning of security and authentication
728 parameters (HTTP username and password) in order to be able to
729 authenticate with DCAE VES Event Listener.
731 Note: The configuration management and provisioning software
732 are specific to a vendor architecture.
739 The VNF or PNF **MUST** support secure connections and transports such as
740 Transport Layer Security (TLS) protocol
741 [`RFC5246 <https://tools.ietf.org/html/rfc5246>`_] and should adhere to
742 the best current practices outlined in
743 `RFC7525 <https://tools.ietf.org/html/rfc7525>`_.
750 If the VNF or PNF is using Certificate Authentication, the
751 VNF or PNF **MUST** support mutual TLS authentication and the Subject
752 Name in the end-entity certificate MUST be used according to
753 `RFC5280 <https://tools.ietf.org/html/rfc5280>`_.
755 Note: In mutual TLS authentication, the client (VNF or PNF) must
756 authenticate the server (DCAE) certificate and must provide its own
757 X.509v3 end-entity certificate to the server for authentication.
764 The VNF or PNF **MUST** control access to ONAP and to VNFs or PNFs, and creation
765 of connections, through secure credentials, log-on and exchange mechanisms.
772 The VNF or PNF **MUST** carry data in motion only over secure connections.
779 If VNF or PNF is using Basic Authentication, then the VNF or PNF
780 **MUST** be in compliance with
781 `RFC7617 <https://tools.ietf.org/html/rfc7617>`_ for authenticating HTTPS
782 connections to the DCAE VES Event Listener.
789 If the VNF or PNF is using Basic Authentication, then when the VNF
790 or PNF sets up a HTTPS connection to the DCAE VES Event Listener,
791 the VNF or PNF **MUST** provide a username and password to the
792 DCAE VES Event Listener in the Authorization header and the VNF
793 or PNF MUST support one-way TLS authentication.
795 Note: In one-way TLS authentication, the client (VNF or PNF)
796 must authentication the server (DCAE) certificate.
799 Monitoring & Management > Monitoring & Management Requirements > VNF telemetry via standardized interface
800 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
811 The VNF or PNF MUST produce heartbeat indicators consisting of events containing
812 the common event header only per the VES Listener Specification.
815 Monitoring & Management > Monitoring and Fault Protocol Selection
816 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
827 The VNF or PNF producing VES syslog events **SHOULD** restrict these
828 events to those that convey significant errors or warnings needed to support
829 the operation or troubleshooting of the VNF or PNF. It is expected the
830 volume of such events would be lower (e.g. less than 2000 per day) than
831 more detailed events produced in the course of normal operations.
838 The VNF or PNF **MUST** report performance metrics using
839 :ref:`Virtual Function Event Streaming (VES) <ves_monitoring_requirements>`
840 or :ref:`bulk_performance_measurement`.
847 The VNF or PNF **MAY** produce telemetry data using the
848 :doc:`RESTConf Collector <dcae:sections/services/restconf/index>`, but this
849 requires additional coordination with the operator to appropriately
850 map the data internally to a VES-like structure used within ONAP. If this
851 option is needed, then the VNF or PNF Provider must coordinate with with the
852 Operator for the data to be successfully collected and processed by DCAE.
859 The VNF or PNF **MUST** report application logs using either
860 :ref:`Virtual Function Event Streaming (VES) <ves_monitoring_requirements>`
861 or Syslog in compliance with
862 `RFC 5424 <https://tools.ietf.org/html/rfc5424>`__ .
869 The VNF or PNF **MUST** report faults and alarms using either
870 :ref:`Virtual Function Event Streaming (VES) <ves_monitoring_requirements>`
871 or :ref:`SNMP <snmp_monitoring_requirements>`. (NOTE: See relevant sections
872 for more detailed requirements)
879 VNF or PNF Provider **MUST** have agreement with the Service Provider before
880 utilizing the :doc:`HV-VES option <dcae:sections/services/ves-hv/index>`
881 for monitoring as this option does not fully integrate with the ONAP's DCAE
882 event processing capabilities.
889 The VNF or PNF **MUST** report heartbeats using
890 :ref:`Virtual Function Event Streaming (VES) <ves_monitoring_requirements>`.
901 The VNF or PNF **MAY** leverage ONAP's High Volume VNF Event Streaming
902 (HV-VES) when there is a need to deliver large volumes of real-time
903 performance management metrics. See
904 :doc:`HV-VES collector <dcae:sections/services/ves-hv/index>`
905 service details for more information.
912 The VNF or PNF producing VES events **SHOULD** deliver syslog messages
913 that meet the criteria in R-209104 to the VES Event Listener using the
914 ``syslog`` VES domain.
921 The VNF or PNF **MAY** leverage a bulk VNF or PNF telemetry transmission
922 mechanism in instances where other transmission
923 methods are not practical or advisable.
925 NOTE: For additional information and use cases for the Bulk Telemetry
926 Transmission Mechanism, please refer to
927 the :ref:`bulk_performance_measurement` requirements and the
928 `5G - Bulk PM ONAP Development <https://wiki.onap.org/display/DW/5G+-+Bulk+PM>`__
932 Monitoring & Management > SNMP Monitoring Requirements
933 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
944 If the VNF or PNF is using SNMP, then the VNF or PNF Provider **SHOULD**
945 provide examples of all SNMP alarms.
952 If the VNF or PNF is using SNMP, then the VNF or PNF Provider **MUST**
953 provide a Management Information Base (MIB) file that uniquely identifies
954 and describes all SNMP events exposed by the network function.
957 Monitoring & Management > Transports and Protocols Supporting Resource Interfaces
958 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
969 The VNF or PNF **SHOULD** deliver event records that fall into the event domains
977 The VNF or PNF **MUST** deliver event records to ONAP using the common
978 transport mechanisms and protocols defined in this specification.
985 The VNF or PNF provider **MUST** reach agreement with the Service Provider on
986 the selected methods for encoding, serialization and data delivery
987 prior to the on-boarding of the VNF or PNF into ONAP SDC Design Studio.
990 Monitoring & Management > Transports and Protocols Supporting Resource Interfaces > VNF or PNF Telemetry using VES/JSON Model
991 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1002 The VNF or PNF **SHOULD** leverage the JSON-driven model, as depicted in Figure 2,
1003 for data delivery unless there are specific performance or operational
1004 concerns agreed upon by the Service Provider that would warrant using an
1008 Monitoring & Management > Virtual Function Event Streaming (VES) Client Requirements > Buffering and Redelivery
1009 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1020 A VNF or PNF producing VES events that is buffering events due to an
1021 unavailable VES Event Listener **MAY** leverage to ``publishEventBatch``
1022 operation to redeliver buffered events. Please note this can only be
1023 used when all buffered events belong to the same domain due to the
1024 restrictions in place for the operation.
1031 A VNF or PNF producing VES events that is buffering events per R-658596
1032 **MUST** store in-scope events even when the maximum capacity of the
1033 buffer (defined in R-636251) has been reached. To make room for new events
1034 in this situation, hte oldest event in the buffer shall be removed
1035 as necessary. (i.e. First In First Out)
1042 A VNF or PNF producing VES events that is buffering events due to an
1043 unavailable VES Event Listener **MUST** redeliver all buffered events
1044 according to the following rules when the VNF or PNF detects the VES Event
1045 Listener has become available:
1047 * Deliver all previously buffered events before sending new events
1048 * Deliver buffered events in the order they were received
1055 A VNF or PNF producing VES events **MAY** discard buffered events older
1056 than a maximum retention period, not less than 1 hour, even if the event
1057 was never successfully delivered to the event listener. While discarding
1058 based on this retention period is supported for backwards compatibility, it
1059 is recommended to retain events until the maximum buffer size is reached per
1060 R-346137 as that will maximize the number of events delivered.
1067 A VNF or PNF producing VES events **MUST** size the event buffer
1068 referenced in R-658596 such that it can buffer a minimum of 1 hours of
1069 events under nominal load.
1076 A VNF or PNF producing VES events **MUST** buffer events that meet the
1077 following criteria if the VES Event Listener is unreachable or the request
1078 encounters a timeout.
1080 * Faults with eventSeverity of ``MINOR``, ``MAJOR``, ``NORMAL``, or
1082 * Syslog with syslogSev of ``Emergency``, ``Alert``, ``Critical``,
1083 ``Error``, or ``Warning``
1084 * All measurement events
1091 The VNF or PNF producing VES events **MUST** not allow an unavailable or
1092 timing out VES Event Listener to impact the performance, stability, or
1093 correct execution of network function.
1096 Monitoring & Management > Virtual Function Event Streaming (VES) Client Requirements > Configuration Requirements
1097 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1108 The VNF or PNF producing VES events **MUST** allow the configuration of
1109 the attributes defined in Table 1 and utilize the provided default value
1110 (where applicable) when the configuration value is not provided by the
1118 A VNF or PNF producing VES events **SHOULD** use the recommended parameter
1119 name for the configurable value from Table 1.
1122 Monitoring & Management > Virtual Function Event Streaming (VES) Client Requirements > Configuration Requirements > VES Listener Endpoint and DNS Resolution
1123 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1134 The VNF or PNF **MUST** respect the Time To Live provided by the DNS for
1135 the VES Event Listener FQDN.
1142 The VNF or PNF **MUST** support DNS resolution of the VES Listener Endpoint
1143 if a Fully Qualified Domain Name (FQDN) is provided.
1146 Monitoring & Management > Virtual Function Event Streaming (VES) Client Requirements > Event Definition and Registration
1147 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1150 Requirements Changed
1151 ~~~~~~~~~~~~~~~~~~~~
1158 A VNF or PNF Provider utilizing VES **MUST** indicate specific conditions
1159 that may arise, and recommend actions that may be taken at specific
1160 thresholds, or if specific conditions repeat within a specified time
1161 interval, using the semantics and syntax described by the
1162 :ref:`VES Event Registration specification <ves_event_registration_3_2>`.
1164 **NOTE:** The Service Provider may override VNF or PNF provider Event
1165 Registrations using the ONAP SDC Design Studio to finalizes Service
1166 Provider engineering rules for the processing of the VNF or PNF events.
1167 These changes may modify any of the following:
1170 * Specified actions related to conditions
1177 If the VNF or PNF is using VES, then the VNF or PNF Provider **MUST** provide
1178 a YAML file formatted in adherence with the
1179 :ref:`VES Event Registration specification <ves_event_registration_3_2>`
1180 that defines the following information for each event produced by the VNF:
1185 * Any special handling to be performed for that event
1188 Monitoring & Management > Virtual Function Event Streaming (VES) Client Requirements > Event Delivery Requirements
1189 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1200 The VNF or PNF producing VES events **SHOULD NOT** send syslog events to the
1201 VES Event Listener during debug mode, but rather store syslog events locally
1202 for access or possible file transfer.
1209 The VNF or PNF producing VES events **MUST** respect the configured
1210 VES Timeout Value when delivering VES events, and abort any call where
1211 the VES Event Listener does not successfully acknowledge the delivery of
1212 event(s) within the Timeout Value. These failed transactions should be
1213 buffered and retried in accordance with the
1214 :ref:`ves_buffering_requirements` Requirements.
1217 Requirements Changed
1218 ~~~~~~~~~~~~~~~~~~~~
1225 The VNF or PNF producing VES events **MUST** deliver VES events as it
1226 becomes available or according to the configured measurement interval.
1229 Monitoring & Management > Virtual Function Event Streaming (VES) Client Requirements > Event Formatting and Usage
1230 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1241 The VNF or a PNF producing VES stndDefined domain events to report
1242 standards-organization defined events to ONAP, **MUST** set the
1243 event.stndDefinedNamespace property. By default, ONAP ships with support
1248 * 3GPP-FaultSupervision
1249 * 3GPP-PerformanceAssurance
1251 Another namespace, outside of the list provided, needs to registered in ONAP in coordination
1252 with the operator before it can be used.
1259 If the VNF or PNF producing VES stndDefined domain events provides
1260 the event.stndDefinedFields.schemaReference then it **MUST** set its value
1261 to the publicUrl value in DCAE's VES Collector `etc/externalRepo/schema-map.json <https://github.com/onap/dcaegen2-collectors-ves/blob/guilin/etc/externalRepo/schema-map.json/>`_
1262 that describes the data being sent in event.stndDefinedFields.data.
1269 If the VNF or PNF producing VES stndDefined domain events provides
1270 the event.stndDefinedFields.schemaReference then it **MUST** only pass events
1271 that conform to schema references previously registered with DCAE otherwise
1272 the event will be rejected. By default, ONAP ships with support for schemas
1273 found in DCAE's VES Collector `etc/externalRepo/schema-map.json <https://github.com/onap/dcaegen2-collectors-ves/blob/guilin/etc/externalRepo/schema-map.json/>`_.
1280 The VNF or PNF Provider producing stndDefined events **MUST** coordinate with
1281 the operator, willing to validate stndDefined events, to configure DCAE to
1282 accept any new event schema prior to sending those events or the events
1290 If the VNF or PNF producing VES stndDefined domain events provides
1291 the event.stndDefinedFields.schemaReference then it **MUST** set the
1292 event.stndDefined.schemaReference property to an exact structure,
1293 from supported schemaReference, describing the notification within
1294 an openAPI specification, using JSON Pointer as URI fragment e.g.
1295 “https://forge.3gpp.org/.../faultMnS.yaml#/components/schemas/notifyNewAlarm"
1298 Requirements Changed
1299 ~~~~~~~~~~~~~~~~~~~~
1306 A VNF or PNF producing VES events **MUST** pass all information it is
1307 able to collect even if the information field is identified as optional.
1308 However, if the data cannot be collected, then optional fields can be
1316 The VES events produced by the VNF or PNF **MUST** be compliant with the
1317 common event formats defined in one of the following specifications:
1319 * :ref:`VES Event Listener 5.4.1<ves_event_listener_5_4_1>`
1320 * :ref:`VES Event Listener 7.1.1<ves_event_listener_7_1>`
1321 * :ref:`VES Event Listener 7.2<ves_event_listener_7_2>`
1323 The latest version (7.2) should be preferred. Earlier versions are
1324 provided for backwards compatibility.
1331 A VNF or PNF producing VES events **MUST NOT** send information through
1332 extensible structures if the event specification has explicitly defined
1333 fields for that information.
1340 The VES events produced by the VNF or PNF **MUST** conform to the schema and
1341 other formatting requirements specified in the relevant VES Event Listener
1349 A VNF or PNF producing VES events **SHOULD** leverage camel case to
1350 separate words and acronyms used as keys that will be sent through extensible
1351 fields. When an acronym is used as the key, then only the first letter shall
1355 Monitoring & Management > Virtual Function Event Streaming (VES) Client Requirements > Security
1356 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1359 Requirements Changed
1360 ~~~~~~~~~~~~~~~~~~~~
1367 The VNF or PNF **MUST** utilize one of the authentication methods
1368 prescribed by the relevant VES Event Listener specification.
1371 ONAP Heat VNF Modularity
1372 ^^^^^^^^^^^^^^^^^^^^^^^^
1375 Requirements Changed
1376 ~~~~~~~~~~~~~~~~~~~~
1383 A VNF's Heat Orchestration Template's Incremental Module **MUST**
1386 - one or more ``OS::Nova::Server`` resources OR
1387 - one or more ``OS::Cinder::Volume`` resources.
1389 An ``OS::Nova::Server``
1390 **MAY** be created in the incremental module or a nested yaml file invoked
1391 by the incremental module.
1393 An ``OS::Cinder::Volume``
1394 **MAY** be created in the incremental module or a nested yaml file invoked
1395 by the incremental module.
1398 PNF Plug and Play > PNF Plug and Play
1399 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1402 Requirements Changed
1403 ~~~~~~~~~~~~~~~~~~~~
1410 A PNF MUST support the pnfRegistration VES event which is required to integrate with ONAP’s PNF Plug and Play capabilities.
1413 TOSCA PNF Descriptor > Capability Types
1414 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1417 Requirements Changed
1418 ~~~~~~~~~~~~~~~~~~~~
1425 The PNFD provided by a PNF vendor **MUST** comply with the following
1426 Capabilities Types as specified in ETSI NFV-SOL001 standard:
1428 - tosca.capabilities.nfv.VirtualLinkable
1431 TOSCA PNF Descriptor > Policy Types
1432 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1435 Requirements Changed
1436 ~~~~~~~~~~~~~~~~~~~~
1443 The PNFD provided by a PNF vendor **MUST** comply with the following Policy
1444 Types as specified in ETSI NFV-SOL001 standard:
1446 - tosca.policies.nfv.SecurityGroupRule
1449 TOSCA PNF Descriptor > Relationship Types
1450 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1453 Requirements Changed
1454 ~~~~~~~~~~~~~~~~~~~~
1461 The PNFD provided by a PNF vendor **MUST** comply with the following
1462 Relationship Types as specified in ETSI NFV-SOL001 standard:
1464 - tosca.relations.nfv.VirtualLinksTo
1467 VNF and PNF On-boarding and package management > Licensing Requirements
1468 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1471 Requirements Changed
1472 ~~~~~~~~~~~~~~~~~~~~
1479 If the VNF or PNF requires a license then the VNF or PNF provider **MUST** provide a universal license key
1480 per VNF or PNF to be used as needed by services (i.e., not tied to a VM
1481 instance) as the recommended solution. The VNF or PNF provider may provide
1482 pools of Unique VNF or PNF License Keys, where there is a unique key for
1483 each VNF or PNF instance as an alternate solution. In all cases, licensing issues should
1484 be resolved without interrupting in-service VNFs or PNFs.
1491 If ONAP licensing management solution is used, then the VNF or PNF provider **MUST NOT** require additional
1492 infrastructure such as a VNF or PNF provider license server for VNF or PNF provider
1493 functions and metrics.
1500 The VNF **MUST** provide clear measurements for licensing
1501 purposes if needed to allow automated scale up/down by the management system.
1508 If ONAP licensing management solution is used, then the VNF or PNF provider
1509 **MUST** support the metadata about licenses (and their applicable
1510 entitlements) as defined in the
1511 `ONAP License Management Information Model <https://docs.onap.org/projects/onap-modeling-modelspec/en/latest/ONAP%20Model%20Spec/im/License/LicenseModel.html>`__,
1512 and any license keys required to authorize use of the VNF or PNF software.
1513 This metadata will be used to facilitate onboarding the VNF or PNF into the
1514 ONAP environment and automating processes for putting the licenses into use
1515 and managing the full lifecycle of the licenses.
1522 If ONAP licensing management solution is used, then the VNF or PNF **MUST** provide metrics (e.g., number of sessions,
1523 number of subscribers, number of seats, etc.) to ONAP for tracking
1527 Requirements Removed
1528 ~~~~~~~~~~~~~~~~~~~~
1535 The VNF or PNF provider **MUST** agree to the process that can
1536 be met by Service Provider reporting infrastructure. The Contract
1537 shall define the reporting process and the available reporting tools.
1544 The VNF or PNF provider **MUST NOT** require audits
1545 of Service Provider's business.
1548 VNF and PNF On-boarding and package management > Resource Description
1549 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1552 Requirements Changed
1553 ~~~~~~~~~~~~~~~~~~~~
1560 The VNF or PNF Provider **MUST** provide :ref:`VES Event Registration <ves_event_registration_3_2>`
1561 for all VES events provided by that VNF or PNF.
1564 VNF or PNF CSAR Package > VNF or PNF Package Contents
1565 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1568 Requirements Changed
1569 ~~~~~~~~~~~~~~~~~~~~
1576 The VNF CSAR PACKAGE **MUST** enumerate all of the open source
1577 licenses their VNF(s) incorporate. CSAR License directory as per ETSI
1580 for example ROOT\\Licenses\\ **License_term.txt**