1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
2 .. http://creativecommons.org/licenses/by/4.0
3 .. Copyright 2017 AT&T Intellectual Property. All rights reserved.
9 Chef JSON Key Value Description
10 -------------------------------------
12 The following provides the key value pairs that must be contained in the
13 JSON file supporting Chef action.
15 Table A1. Chef JSON File key value description
16 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
18 +-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-----------------------------------------------------------------------------------------------------------------------------------------+
19 | **Field Name** | **Description** | **Type** | **Comment** |
20 +===================+===================================================================================================================================================================================================================================================================================================+=============+=========================================================================================================================================+
21 | Environment | A JSON dictionary representing a Chef Environment object. If the VNF action requires loading or modifying Chef environment attributes associated with the VNF, all the relevant information must be provided in this JSON dictionary in a structure that conforms to a Chef Environment Object. | Optional | Depends on VNF action. |
22 +-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-----------------------------------------------------------------------------------------------------------------------------------------+
23 | Node | A JSON dictionary representing a Chef Node Object. | Mandatory | |
25 | | The Node JSON dictionary must include the run list to be triggered for the desired VNF action by the push job. It should also include any attributes that need to be configured on the Node Object as part of the VNF action. | | |
26 +-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-----------------------------------------------------------------------------------------------------------------------------------------+
27 | NodeList | Array of FQDNs that correspond to the endpoints (VMs) of a VNF registered with the Chef Server that need to trigger a chef-client run as part of the desired VNF action. | Mandatory | |
28 +-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-----------------------------------------------------------------------------------------------------------------------------------------+
29 | PushJobFlag | This field indicates whether the VNF action requires a push Job. Push job object will be created by ONAP if required. | Mandatory | If set to “True”, ONAP will request a push job. Ignored otherwise. |
30 +-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-----------------------------------------------------------------------------------------------------------------------------------------+
31 | CallbackCapable | This field indicates if the chef-client run invoked by push job corresponding to the VNF action is capable of posting results on a callback URL. | Optional | If Chef cookbook is callback capable, VNF owner is required to set it to “True”. Ignored otherwise. |
32 +-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-----------------------------------------------------------------------------------------------------------------------------------------+
33 | GetOutputFlag | Flag which indicates whether ONAP should retrieve output generated in a chef-client run from Node object attribute node[‘PushJobOutput’] for this VNF action (e.g., in Audit). | Mandatory | ONAP will retrieve output from NodeObject attributes [‘PushJobOutput’] for all nodes in NodeList if set to “True”. Ignored otherwise. |
34 +-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-----------------------------------------------------------------------------------------------------------------------------------------+
36 Chef Template example:
42 "description": "VNF Chef environment for HAR",
43 "json\_class": "Chef::Environment",
44 "chef\_type": "environment",
45 "default\_attributes": { },
46 "override\_attributes": {
49 “Database\_IP”:”10.10.1.5”
54 “name” : “signal.network.com “
56 "json\_class": "Chef::Node",
58 “IPAddress1”: “192.168.1.2”,
59 “IPAddress2”:”135.16.162.5”,
66 “chef\_environment” : “\_default”
67 "run\_list": [ "configure\_signal" ]
69 “NodeList”:[“node1.vnf\_a.onap.com”, “node2.vnf\_a.onap.com”],
71 “CallbackCapable”:True
72 “GetOutputFlag” : “False”
75 The example JSON file provided by the VNF provider for each VNF action will be
76 turned into a template by ONAP, that can be updated with instance
77 specific values at run-time.
79 Some points worth noting regarding the JSON fields:
81 a. The JSON file must be created for each action for each VNF.
83 b. If a VNF action involves multiple endpoints (VMs) of a VNF, ONAP will
84 replicate the “Node” JSON dictionary in the template and post it to
85 each FQDN (i.e., endpoint) in the NodeList after setting the “name”
86 field in the Node object to be the respective FQDN [1]_. Hence, it
87 is required that all end points (VMs) of a VNF involved in a VNF
88 action support the same set of Node Object attributes.
90 The following table describes the JSON dictionary to post in Callback.
92 Table A2. JSON Dictionary to Post in Callback
93 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
95 +-----------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------------------------------------------------------------+
96 | **Key** | **Description** | **Type** | **Comment** |
97 +=================+===========================================================================================================================================================================================================+=============+=============================================================+
98 | RequestId | A unique string associated with the original request by ONAP. This key-value pair will be provided by ONAP in the environment of the push job request and must be returned as part of the POST message. | Mandatory | |
99 +-----------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------------------------------------------------------------+
100 | StatusCode | An integer that must be set to | Mandatory | |
102 | | 200 if chef-client run on the node finished successfully | | |
104 | | 500 otherwise. | | |
105 +-----------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------------------------------------------------------------+
106 | StatusMessage | A string which must be set to | Mandatory | |
108 | | ‘SUCCESS’ if StatusCode was 200 | | |
110 | | Appropriate error message otherwise. | | |
111 +-----------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------------------------------------------------------------+
112 | Name | A string which corresponds to the name of the node where push job is run. It is required that the value be retrieved from the node object attributes (where it is always defined). | Mandatory | |
113 +-----------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------------------------------------------------------------+
114 | PushJobOutput | Any output from the chef-client run that needs to be returned to ONAP. | Optional | Depends on VNF action. If empty, it must not be included. |
115 +-----------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------------------------------------------------------------+
117 Ansible JSON Key Value Description
118 -------------------------------------------------------------
120 The following provides the key value pairs that must be contained in the
121 JSON file supporting Ansible action.
123 Table B1. Ansible JSON File key value description
124 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
126 +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------------------------------------------------------------------+
127 | **Field Name** | **Description** | **Type** | **Comment** |
128 +==================+============================================================================================================================================================================================================================================================================================+=============+=====================================================================+
129 | PlaybookName | VNF providor must list name of the playbook used to execute the VNF action. | Mandatory | |
130 +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------------------------------------------------------------------+
131 | Action | Name of VNF action. | Optional | |
132 +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------------------------------------------------------------------+
133 | EnvParameters | A JSON dictionary which should list key value pairs to be passed to the Ansible playbook. These values would correspond to instance specific parameters that a playbook may need to execute an action. | Optional | Depends on the VNF action. |
134 +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------------------------------------------------------------------+
135 | NodeList | A JSON array of FQDNs that the playbook must be executed on. | Optional | If not provided, playbook will be executed on the Ansible Server. |
136 +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------------------------------------------------------------------+
137 | FileParameters | A JSON dictionary where keys are filenames and values are contents of files. The Ansible Server will utilize this feature to generate files with keys as filenames and values as content. This attribute can be used to generate files that a playbook may require as part of execution. | Optional | Depends on the VNF action and playbook design. |
138 +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------------------------------------------------------------------+
139 | Timeout | Time (in seconds) that a playbook is expected to take to finish execution for the VNF. If playbook execution time exceeds this value, Ansible Server will terminate the playbook process. | Optional | |
140 +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+---------------------------------------------------------------------+
142 Ansible JSON file example:
146 “Action”:”Configure”,
148 "PlaybookName": "Ansible\_configure.yml",
150 "NodeList": ["test1.vnf\_b.onap.com", “test2.vnf\_b.onap.com”],
154 "EnvParameters": {"Retry": 3, "Wait": 5, “ConfigFile”:”config.txt”},
156 “FileParameters”:{“config.txt”:”db\_ip=10.1.1.1, sip\_timer=10000”}
160 In the above example, the Ansible Server will:
162 a. Process the “FileParameters” dictionary and generate a file named
163 ‘config.txt’ with contents set to the value of the ‘config.txt’ key.
165 b. Execute the playbook named ‘Ansible\_configure.yml’ on nodes with
166 FQDNs test1.vnf\_b.onap.com and test2.vnf\_b.onap.com respectively
167 while providing the following key value pairs to the playbook:
168 Retry=3, Wait=5, ConfigFile=config.txt
170 c. If execution time of the playbook exceeds 60 secs (across all hosts),
171 it will be terminated.
173 VNF License Information Guidelines
174 ------------------------------------------------------------
176 This Appendix describes the metadata to be supplied for VNF licenses.
178 1. General Information
180 Table C1 defines the required and optional fields for licenses.
182 Table C1. Required Fields for General Information
183 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
185 +---------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+-------------+
186 | **Field Name** | **Description** | **Data Type** | **Type** |
187 +=============================================+===========================================================================================================================================================================================================================================================================================================+===================+=============+
188 | VNF Provider Name | The name of the VNF provider. | String | Mandatory |
189 +---------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+-------------+
190 | VNF Provider Product | The name of the product to which this agreement applies. | String | Mandatory |
192 | | Note: a contract/agreement may apply to more than one VNF provider product. In that case, provide the metadata for each product separately. | | |
193 +---------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+-------------+
194 | VNF Provider Product Description | A general description of VNF provider software product. | String | Optional |
195 +---------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+-------------+
196 | Export Control Classification Number (ECCN) | ECCNs are 5-character alpha-numeric designations used on the Commerce Control List (CCL) to identify dual-use items for export control purposes. An ECCN categorizes items based on the nature of the product, i.e. type of commodity, software, or technology and its respective technical parameters. | String | Mandatory |
197 +---------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+-------------+
198 | Reporting Requirements | A list of any reporting requirements on the usage of the software product. | List of strings | Optional |
199 +---------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+-------------+
203 Entitlements describe software license use rights. The use rights may be
204 quantified by various metrics: # users, # software instances, # units.
205 The use rights may be limited by various criteria: location (physical or
206 logical), type of customer, type of device, time, etc.
208 One or more entitlements can be defined; each one consists of the
211 Table C2. Required Fields for Entitlements
212 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
214 +---------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+---------------+
215 | **Field Name** | **Description** | **Data Type** | **Type** |
216 +=========================================================+=======================================================================================================================================================================================+===================+===============+
217 | VNF Provider Part Number / Manufacture Reference Number | Identifier for the entitlement as described by the VNF provider in their price list / catalog / contract. | String | Mandatory |
218 +---------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+---------------+
219 | Description | Verbiage that describes the entitlement. | String | Optional |
220 +---------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+---------------+
221 | Entitlement Identifier | Each entitlement defined must be identified by a unique value (e.g., numbered 1, 2, 3….) | String | Mandatory |
222 +---------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+---------------+
223 | Minimum Order Requirement | The minimum number of entitlements that need to be purchased. For example, the entitlements must be purchased in a block of 100. If no minimum is required, the value will be zero. | Number | Mandatory |
224 +---------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+---------------+
225 | Unique Reporting Requirements | A list of any reporting requirements on the usage of the software product. (e.g.: quarterly usage reports are required) | List of Strings | Optional |
226 +---------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+---------------+
227 | License Type | Type of license applicable to the software product. (e.g.: fixed-term, perpetual, trial, subscription.) | String | Mandatory |
228 +---------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+---------------+
229 | License Duration | Valid values: | String | Conditional |
231 | | **year**, **quarter**, **month**, **day**. | | |
233 | | Not applicable when license type is Perpetual. | | |
234 +---------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+---------------+
235 | License Duration Quantification | Number of years, quarters, months, or days for which the license is valid. | Number | Conditional |
237 | | Not applicable when license type is Perpetual. | | |
238 +---------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+---------------+
239 | Limits | see section C.4 for possible values | List | Optional |
240 +---------------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------+---------------+
244 This section defines information on any License Keys associated with the
245 Software Product. A license key is a data string (or a file) providing a
246 means to authorize the use of software. License key does not provide
247 entitlement information.
249 License Keys are not required. Optionally, one or more license keys can
250 be defined; each one consists of the following fields:
252 Table C3. Required Fields for License Keys
253 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
255 +--------------------------+---------------------------------------------------------------------------------------------------------------+-----------------+-------------+
256 | **Field Name** | **Description** | **Data Type** | **Type** |
257 +==========================+===============================================================================================================+=================+=============+
258 | Description | Verbiage that describes the license key | String | Mandatory |
259 +--------------------------+---------------------------------------------------------------------------------------------------------------+-----------------+-------------+
260 | License Key Identifier | Each license key defined must be identified by a unique value (e.g., numbered 1, 2, 3….) | String | Mandatory |
261 +--------------------------+---------------------------------------------------------------------------------------------------------------+-----------------+-------------+
262 | Key Function | Lifecycle stage (e.g., Instantiation or Activation) at which the license key is applied to the software. | String | Optional |
263 +--------------------------+---------------------------------------------------------------------------------------------------------------+-----------------+-------------+
264 | License Key Type | Valid values: | String | Mandatory |
266 | | **Universal, Unique** | | |
268 | | **Universal** - a single license key value that may be used with any number of instances of the software. | | |
270 | | **Unique**- a unique license key value is required for each instance of the software. | | |
271 +--------------------------+---------------------------------------------------------------------------------------------------------------+-----------------+-------------+
272 | Limits | see section C.4 for possible values | List | Optional |
273 +--------------------------+---------------------------------------------------------------------------------------------------------------+-----------------+-------------+
275 1. Entitlement and License Key Limits
277 Limitations on the use of software entitlements and license keys may be
278 based on factors such as: features enabled in the product, the allowed
279 capacity of the product, number of installations, etc... The limits may
280 generally be categorized as:
292 Multiple limits may be applicable for an entitlement or license key.
293 Each limit may further be described by limit behavior, duration,
294 quantification, aggregation, aggregation interval, start date, end date,
297 When the limit is associated with a quantity, the quantity is relative
298 to an instance of the entitlement or license key. For example:
300 - Each entitlement grants the right to 50 concurrent users. If 10
301 entitlements are purchased, the total number of concurrent users
302 permitted would be 500. In this example, the limit category is
303 **amount**, the limit type is **users**, and the limit
304 **quantification** is **50.**
306 Each license key may be installed on 3 devices. If 5 license keys are
307 acquired, the total number of devices allowed would be 15. In this
308 example, the limit category is **usages**, the limit type is
309 **device**, and the limit **quantification** is **3.**
313 Locations may be logical or physical location (e.g., site, country). For
316 - use is allowed in Canada
318 Table C4. Required Fields for Location
319 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
321 +------------------------+---------------------------------------------------------------------------------------------------------------------+------------------+-------------+
322 | **Field Name** | **Description** | **Data Type** | **Type** |
323 +========================+=====================================================================================================================+==================+=============+
324 | Limit Identifier | Each limit defined for an entitlement or license key must be identified by a unique value (e.g., numbered 1,2,3…) | String | Mandatory |
325 +------------------------+---------------------------------------------------------------------------------------------------------------------+------------------+-------------+
326 | Limit Description | Verbiage describing the limit. | String | Mandatory |
327 +------------------------+---------------------------------------------------------------------------------------------------------------------+------------------+-------------+
328 | Limit Behavior | Description of the actions taken when the limit boundaries are reached. | String | Mandatory |
329 +------------------------+---------------------------------------------------------------------------------------------------------------------+------------------+-------------+
330 | Limit Category | Valid value: **location** | String | Mandatory |
331 +------------------------+---------------------------------------------------------------------------------------------------------------------+------------------+-------------+
332 | Limit Type | Valid values: **city, county, state, country, region, MSA, BTA, CLLI** | String | Mandatory |
333 +------------------------+---------------------------------------------------------------------------------------------------------------------+------------------+-------------+
334 | Limit List | List of locations where the VNF provider Product can be used or needs to be restricted from use | List of String | Mandatory |
335 +------------------------+---------------------------------------------------------------------------------------------------------------------+------------------+-------------+
336 | Limit Set Type | Indicates if the list is an inclusion or exclusion. | String | Mandatory |
338 | | Valid Values: | | |
340 | | **Allowed** | | |
342 | | **Not allowed** | | |
343 +------------------------+---------------------------------------------------------------------------------------------------------------------+------------------+-------------+
344 | Limit Quantification | The quantity (amount) the limit expresses. | Number | Optional |
345 +------------------------+---------------------------------------------------------------------------------------------------------------------+------------------+-------------+
349 Limit on the length of time the software may be used. For example:
351 - license key valid for 1 year from activation
353 - entitlement valid from 15 May 2018 thru 30 June 2020
355 Table C5. Required Fields for Time
356 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
358 +------------------------+-------------------------------------------------------------------------------------------------------------------------------+------------------+---------------+
359 | **Field Name** | **Description** | **Data Type** | **Type** |
360 +========================+===============================================================================================================================+==================+===============+
361 | Limit Identifier | Each limit defined for an entitlement or license key must be identified by a unique value (e.g., numbered) | String | Mandatory |
362 +------------------------+-------------------------------------------------------------------------------------------------------------------------------+------------------+---------------+
363 | Limit Description | Verbiage describing the limit. | String | Mandatory |
364 +------------------------+-------------------------------------------------------------------------------------------------------------------------------+------------------+---------------+
365 | Limit Behavior | Description of the actions taken when the limit boundaries are reached. | String | Mandatory |
367 | | The limit behavior may also describe when a time limit takes effect. (e.g., key is valid for 1 year from date of purchase). | | |
368 +------------------------+-------------------------------------------------------------------------------------------------------------------------------+------------------+---------------+
369 | Limit Category | Valid value: **time** | String | Mandatory |
370 +------------------------+-------------------------------------------------------------------------------------------------------------------------------+------------------+---------------+
371 | Limit Type | Valid values: **duration, date** | String | Mandatory |
372 +------------------------+-------------------------------------------------------------------------------------------------------------------------------+------------------+---------------+
373 | Limit List | List of times for which the VNF Provider Product can be used or needs to be restricted from use | List of String | Mandatory |
374 +------------------------+-------------------------------------------------------------------------------------------------------------------------------+------------------+---------------+
375 | Duration Units | Required when limit type is duration. Valid values: **perpetual, year, quarter, month, day, minute, second, millisecond** | String | Conditional |
376 +------------------------+-------------------------------------------------------------------------------------------------------------------------------+------------------+---------------+
377 | Limit Quantification | The quantity (amount) the limit expresses. | Number | Optional |
378 +------------------------+-------------------------------------------------------------------------------------------------------------------------------+------------------+---------------+
379 | Start Date | Required when limit type is date. | Date | Optional |
380 +------------------------+-------------------------------------------------------------------------------------------------------------------------------+------------------+---------------+
381 | End Date | May be used when limit type is date. | Date | Optional |
382 +------------------------+-------------------------------------------------------------------------------------------------------------------------------+------------------+---------------+
386 Limits based on how the software is used. For example:
388 - use is limited to a specific sub-set of the features/capabilities the
391 - use is limited to a certain environment (e.g., test, development,
394 - use is limited by processor (vm, cpu, core)
396 - use is limited by software release
398 Table C6. Required Fields for Usage
399 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
401 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
402 | **Field Name** | **Description** | **Data Type** | **Type** |
403 +========================+==============================================================================================================+==================+=============+
404 | Limit Identifier | Each limit defined for an entitlement or license key must be identified by a unique value (e.g., numbered) | String | Mandatory |
405 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
406 | Limit Description | Verbiage describing the limit. | String | Mandatory |
407 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
408 | Limit Behavior | Description of the actions taken when the limit boundaries are reached. | String | Mandatory |
409 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
410 | Limit Category | Valid value: **usages** | String | Mandatory |
411 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
412 | Limit Type | Valid values: **feature, environment, processor, version** | String | Mandatory |
413 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
414 | Limit List | List of usage limits (e.g., test, development, vm, core, R1.2.1, R1.3.5…) | List of String | Mandatory |
415 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
416 | Limit Set Type | Indicates if the list is an inclusion or exclusion. | String | Mandatory |
418 | | Valid Values: | | |
420 | | **Allowed** | | |
422 | | **Not allowed** | | |
423 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
424 | Limit Quantification | The quantity (amount) the limit expresses. | Number | Optional |
425 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
429 Limit on the entity (product line, organization, customer) allowed to
430 make use of the software. For example:
432 - allowed to be used in support of wireless products
434 - allowed to be used only for government entities
436 Table C7. Required Fields for Entity
437 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
439 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
440 | **Field Name** | **Description** | **Data Type** | **Type** |
441 +========================+==============================================================================================================+==================+=============+
442 | Limit Identifier | Each limit defined for an entitlement or license key must be identified by a unique value (e.g., numbered) | String | Mandatory |
443 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
444 | Limit Description | Verbiage describing the limit. | String | Mandatory |
445 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
446 | Limit Behavior | Description of the actions taken when the limit boundaries are reached. | String | Mandatory |
447 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
448 | Limit Category | Valid value: **entity** | String | Mandatory |
449 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
450 | Limit Type | Valid values: **product line, organization, internal customer, external customer** | String | Mandatory |
451 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
452 | Limit List | List of entities for which the VNF Provider Product can be used or needs to be restricted from use | List of String | Mandatory |
453 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
454 | Limit Set Type | Indicates if the list is an inclusion or exclusion. | String | Mandatory |
456 | | Valid Values: | | |
458 | | **Allowed** | | |
460 | | **Not allowed** | | |
461 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
462 | Limit Quantification | The quantity (amount) the limit expresses. | Number | Optional |
463 +------------------------+--------------------------------------------------------------------------------------------------------------+------------------+-------------+
467 These limits describe terms relative to utilization of the functions of
468 the software (for example, number of named users permitted, throughput,
469 or capacity). Limits of this type may also be relative to utilization of
470 other resources (for example, a limit for firewall software is not based
471 on use of the firewall software, but on the number of network
474 The metadata describing this type of limit includes the unit of measure
475 (e.g., # users, # sessions, # MB, # TB, etc.), the quantity of units,
476 any aggregation function (e.g., peak or average users), and aggregation
477 interval (day, month, quarter, year, etc.).
479 Table C8. Required Fields for Amount
480 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
482 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
483 | **Field Name** | **Description** | **Data Type** | **Type** |
484 +========================+================================================================================================================================================================================================================================================================+=================+=============+
485 | Limit Identifier | Each limit defined for an entitlement or license key must be identified by a unique value (e.g., numbered) | String | Mandatory |
486 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
487 | Limit Description | Verbiage describing the limit. | String | Mandatory |
488 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
489 | Limit Behavior | Description of the actions taken when the limit boundaries are reached. | String | Mandatory |
490 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
491 | Limit Category | Valid value: **amount** | String | Mandatory |
492 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
493 | Limit Type | Valid values: **trunk, user, subscriber, session, token, transactions, seats, KB, MB, TB, GB** | String | Mandatory |
494 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
495 | Type of Utilization | Is the limit relative to utilization of the functions of the software or relative to utilization of other resources? | String | Mandatory |
497 | | Valid values: | | |
499 | | - **software functions** | | |
501 | | - **other resources** | | |
502 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
503 | Limit Quantification | The quantity (amount) the limit expresses. | Number | Optional |
504 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
505 | Aggregation Function | Valid values: **peak, average** | String | Optional |
506 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
507 | Aggregation Interval | Time period over which the aggregation is done (e.g., average sessions per quarter). Required when an Aggregation Function is specified. | String | Optional |
509 | | Valid values: **day, month, quarter, year, minute, second, millisecond** | | |
510 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
511 | Aggregation Scope | Is the limit quantity applicable to a single entitlement or license key (each separately)? Or may the limit quantity be combined with others of the same type (resulting in limit amount that is the sum of all the purchased entitlements or license keys)? | String | Optional |
513 | | Valid values: | | |
515 | | - **single** | | |
517 | | - **combined** | | |
518 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
519 | Type of User | Describes the types of users of the functionality offered by the software (e.g., authorized, named). This field is included when Limit Type is user. | String | Optional |
520 +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------+-------------+
523 --------------------------------
525 R-11200: The VNF **MUST** keep the scope of a Cinder volume module,
526 when it exists, to be 1:1 with the VNF Base Module or Incremental Module.
528 R-01334: The VNF **MUST** conform to the NETCONF RFC 5717,
529 “Partial Lock Remote Procedure Call”.
531 R-51910: The VNF **MUST** provide all telemetry (e.g., fault event
532 records, syslog records, performance records etc.) to ONAP using the
533 model, format and mechanisms described in this section.
535 R-29324: The VNF **SHOULD** implement the protocol operation:
536 **copy-config(target, source) -** Copy the content of the configuration
537 datastore source to the configuration datastore target.
539 R-72184: The VNF **MUST** have routable FQDNs for all the endpoints
540 (VMs) of a VNF that contain chef-clients which are used to register
541 with the Chef Server. As part of invoking VNF actions, ONAP will
542 trigger push jobs against FQDNs of endpoints for a VNF, if required.
544 R-23740: The VNF **MUST** accommodate the security principle of
545 “least privilege” during development, implementation and operation.
546 The importance of “least privilege” cannot be overstated and must be
547 observed in all aspects of VNF development and not limited to security.
548 This is applicable to all sections of this document.
550 R-12709: The VNFC **SHOULD** be independently deployed, configured,
551 upgraded, scaled, monitored, and administered by ONAP.
553 R-88031: The VNF **SHOULD** implement the protocol operation:
554 **delete-config(target) -** Delete the named configuration datastore target.
556 R-42207: The VNF **MUST** design resiliency into a VNF such that the
557 resiliency deployment model (e.g., active-active) can be chosen at run-time.
559 R-98617: The VNF provider **MUST** provide information regarding any
560 dependency (e.g., affinity, anti-affinity) with other VNFs and resources.
562 R-62498: The VNF **MUST**, if not using the NCSP’s IDAM API, encrypt
563 OA&M access (e.g., SSH, SFTP).
565 R-42366: The VNF **MUST** support secure connections and transports.
567 R-33955: The VNF **SHOULD** conform its YANG model to RFC 6991,
568 “Common YANG Data Types”.
570 R-33488: The VNF **MUST** protect against all denial of service attacks,
571 both volumetric and non-volumetric, or integrate with external denial
572 of service protection tools.
574 R-57617: The VNF **MUST** include the field “success/failure” in the
575 Security alarms (where applicable and technically feasible).
577 R-57271: The VNF **MUST** provide the capability of generating security
578 audit logs by interacting with the operating system (OS) as appropriate.
580 R-44569: The VNF provider **MUST NOT** require additional infrastructure
581 such as a VNF provider license server for VNF providor functions and metrics.
583 R-67918: The VNF **MUST** handle replication race conditions both locally
584 and geo-located in the event of a data base instance failure to maintain
587 R-35532: The VNF **SHOULD** release and clear all shared assets (memory,
588 database operations, connections, locks, etc.) as soon as possible,
589 especially before long running sync and asynchronous operations, so as
590 to not prevent use of these assets by other entities.
592 R-37692: The VNFC **MUST** provide API versioning to allow for
593 independent upgrades of VNFC.
595 R-50252: The VNF **MUST** write to a specific set of text files that
596 will be retrieved and made available by the Ansible Server If, as part
597 of a VNF action (e.g., audit), a playbook is required to return any VNF
600 R-58977: The VNF **MUST** provide or support the Identity and Access
601 Management (IDAM) based threat detection data for Eavesdropping.
603 R-59391: The VNF provider **MUST**, where a VNF provider requires the
604 assumption of permissions, such as root or administrator, first log in
605 under their individual user login ID then switch to the other higher
606 level account; or where the individual user login is infeasible, must
607 login with an account with admin privileges in a way that uniquely
608 identifies the individual performing the function.
610 R-93443: The VNF **MUST** define all data models in YANG [RFC6020],
611 and the mapping to NETCONF shall follow the rules defined in this RFC.
613 R-72243: The VNF **MUST** provide or support the Identity and Access
614 Management (IDAM) based threat detection data for Phishing / SMishing.
616 R-33280: The VNF **MUST NOT** use any instance specific parameters in
619 R-73468: The VNF **MUST** allow the NETCONF server connection parameters
620 to be configurable during virtual machine instantiation through Heat
621 templates where SSH keys, usernames, passwords, SSH service and SSH port
622 numbers are Heat template parameters.
624 R-46908: The VNF **MUST**, if not using the NCSP’s IDAM API, comply with
625 "password complexity" policy. When passwords are used, they shall be complex
626 and shall at least meet the following password construction requirements:
627 (1) be a minimum configurable number of characters in length, (2) include
628 3 of the 4 following types of characters: upper-case alphabetic, lower-case
629 alphabetic, numeric, and special, (3) not be the same as the UserID with
630 which they are associated or other common strings as specified by the
631 environment, (4) not contain repeating or sequential characters or numbers,
632 (5) not to use special characters that may have command functions, and (6)
633 new passwords must not contain sequences of three or more characters from
634 the previous password.
636 R-86261: The VNF **MUST NOT** allow VNF provider access to VNFs remotely.
638 R-75343: The VNF **MUST** provide the capability of testing the validity
639 of a digital certificate by recognizing the identity represented by the
640 certificate — the "distinguished name".
642 R-40813: The VNF **SHOULD** support the use of virtual trusted platform
643 module, hypervisor security testing and standards scanning tools.
645 R-02454: The VNF **MUST** support the existence of multiple major/minor
646 versions of the VNF software and/or sub-components and interfaces that
647 support both forward and backward compatibility to be transparent to the
648 Service Provider usage.
650 R-20353: The VNF **MUST** implement at least one of the capabilities
651 **:candidate** or **:writable-running**. If both **:candidate** and
652 **:writable-running** are provided then two locks should be supported.
654 R-01556: The VNF Package **MUST** include documentation describing
655 the fault, performance, capacity events/alarms and other event records
656 that are made available by the VNF. The document must include:
658 R-56815: The VNF Package **MUST** include documentation describing
659 supported VNF scaling capabilities and capacity limits (e.g., number
660 of users, bandwidth, throughput, concurrent calls).
662 R-56793: The VNF **MUST** test for adherence to the defined performance
663 budgets at each layer, during each delivery cycle with delivered results,
664 so that the performance budget is measured and the code is adjusted to
665 meet performance budget.
667 R-54520: The VNF **MUST** log successful and unsuccessful login attempts.
669 R-10173: The VNF **MUST** allow another NETCONF session to be able to
670 initiate the release of the lock by killing the session owning the lock,
671 using the <kill-session> operation to guard against hung NETCONF sessions.
673 R-36280: The VNF provider **MUST** provide documentation describing VNF
674 Functional Capabilities that are utilized to operationalize the VNF and
675 compose complex services.
677 R-15671: The VNF **MUST NOT** provide public or unrestricted access to any
678 data without the permission of the data owner. All data classification and
679 access controls must be followed.
681 R-39342: The VNF **MUST**, if not using the NCSP’s IDAM API, comply with "password changes (includes default passwords)" policy. Products
682 will support password aging, syntax and other credential management
683 practices on a configurable basis.
685 R-21558: The VNF **SHOULD** use intelligent routing by having knowledge
686 of multiple downstream/upstream endpoints that are exposed to it, to ensure
687 there is no dependency on external services (such as load balancers) to
688 switch to alternate endpoints.
690 R-07545: The VNF **MUST** support all operations, administration and
691 management (OAM) functions available from the supplier for VNFs using
692 the supplied YANG code and associated NETCONF servers.
694 R-73541: The VNF **MUST** use access controls for VNFs and their
695 supporting computing systems at all times to restrict access to
696 authorized personnel only, e.g., least privilege. These controls
697 could include the use of system configuration or access control software.
699 R-97102: The VNF Package **MUST** include VM requirements via a Heat
700 template that provides the necessary data for:
702 R-44013: The VNF **MUST** populate an attribute, defined as
703 node[‘PushJobOutput’] with the desired output on all nodes in the push
704 job that execute chef-client run if the VNF action requires the output
705 of a chef-client run be made available (e.g., get running configuration).
707 R-40521: The VNF **MUST**, if not using the NCSP’s IDAM API, support use of
708 common third party authentication and authorization tools such as TACACS+,
711 R-41829: The VNF **MUST** be able to specify the granularity of the lock
712 via a restricted or full XPath expression.
714 R-19768: The VNF **SHOULD** support L3 VPNs that enable segregation of
715 traffic by application (dropping packets not belonging to the VPN) (i.e.,
716 AVPN, IPSec VPN for Internet routes).
718 R-55478: The VNF **MUST** log logoffs.
720 R-14853: The VNF **MUST** respond to a "move traffic" [2]_ command against a
721 specific VNFC, moving all existing session elsewhere with minimal disruption
722 if a VNF provides a load balancing function across multiple instances of its
723 VNFCs. Note: Individual VNF performance aspects (e.g., move duration or
724 disruption scope) may require further constraints.
726 R-68165: The VNF **MUST** encrypt any content containing Sensitive Personal
727 Information (SPI) or certain proprietary data, in addition to applying the
728 regular procedures for securing access and delivery.
730 R-31614: The VNF **MUST** log the field “event type” in the security audit
733 R-87662: The VNF **SHOULD** implement the NETCONF Event Notifications
736 R-26508: The VNF **MUST** support NETCONF server that can be mounted
737 on OpenDaylight (client) and perform the following operations:
739 R-26567: The VNF Package **MUST** include a run list of
740 roles/cookbooks/recipes, for each supported VNF action, that will perform
741 the desired VNF action in its entirety as specified by ONAP (see Section
742 8.c, ONAP Controller APIs and Behavior, for list of VNF actions and
743 requirements), when triggered by a chef-client run list in JSON file.
745 R-04158: The VNF **MUST** conform to the NETCONF RFC 4742,
746 “Using the NETCONF Configuration Protocol over Secure Shell (SSH)”.
748 R-49109: The VNF **MUST** encrypt TCP/IP--HTTPS (e.g., TLS v1.2) transmission
749 of data on internal and external networks.
751 R-15884: The VNF **MUST** include the field “date” in the Security alarms
752 (where applicable and technically feasible).
754 R-15885: The VNF **MUST** Upon completion of the chef-client run, POST
755 back on the callback URL, a JSON object as described in Table A2 if the
756 chef-client run list includes a cookbook/recipe that is callback capable.
757 Failure to POST on the Callback Url should not be considered a critical
758 error. That is, if the chef-client successfully completes the VNF action,
759 it should reflect this status on the Chef Server regardless of whether
760 the Callback succeeded or not.
762 R-82223: The VNF **MUST** be decomposed if the functions have significantly
763 different scaling characteristics (e.g., signaling versus media functions,
764 control versus data plane functions).
766 R-37608: The VNF **MUST** provide a mechanism to restrict access based
767 on the attributes of the VNF and the attributes of the subject.
769 R-02170: The VNF **MUST** use, whenever possible, standard implementations
770 of security applications, protocols, and format, e.g., S/MIME, TLS, SSH,
771 IPSec, X.509 digital certificates for cryptographic implementations.
772 These implementations must be purchased from reputable vendors and must
773 not be developed in-house.
775 R-11235: The VNF **MUST** implement the protocol operation:
776 **kill-session(session)** - Force the termination of **session**.
778 R-87564: The VNF **SHOULD** conform its YANG model to RFC 7317,
779 “A YANG Data Model for System Management”.
781 R-69649: The VNF **MUST** have all vulnerabilities patched as soon as
782 possible. Patching shall be controlled via change control process with
783 vulnerabilities disclosed along with mitigation recommendations.
785 R-75041: The VNF **MUST**, if not using the NCSP’s IDAM API, expire passwords
786 at regular configurable intervals.
788 R-23035: The VNF **MUST** be designed to scale horizontally (more instances
789 of a VNF or VNFC) and not vertically (moving the existing instances to larger
790 VMs or increasing the resources within a VM) to achieve effective utilization
793 R-97445: The VNF **MUST** log the field “date/time” in the security audit logs.
795 R-16777: The VNF provider **MUST** provide a JSON file for each supported
796 action for the VNF. The JSON file must contain key value pairs with all
797 relevant values populated with sample data that illustrates its usage.
798 The fields and their description are defined in Appendix B.
800 R-08134: The VNF **MUST** conform to the NETCONF RFC 6241,
801 “NETCONF Configuration Protocol”.
803 R-01382: The VNF **MUST** allow the entire configuration of the VNF to
804 be retrieved via NETCONF's <get-config> and <edit-config>, independently
805 of whether it was configured via NETCONF or other mechanisms.
807 R-98929: The VNF **MAY** have a single endpoint.
809 R-48356: The VNF **MUST** fully exploit exception handling to the extent
810 that resources (e.g., threads and memory) are released when no longer
811 needed regardless of programming language.
813 R-90007: The VNF **MUST** implement the protocol operation:
814 **close-session()**- Gracefully close the current session.
816 R-42140: The VNF **MUST** respond to data requests from ONAP as soon as
817 those requests are received, as a synchronous response.
819 R-27511: The VNF provider **MUST** provide the ability to scale up a VNF
820 provider supplied product during growth and scale down a VNF provider
821 supplied product during decline without “real-time” restrictions based
822 upon VNF provider permissions.
824 R-05470: The VNF **MUST** host connectors for access to the database layer.
826 R-85633: The VNF **MUST** implement Data Storage Encryption (database/disk
827 encryption) for Sensitive Personal Information (SPI) and other subscriber
828 identifiable data. Note: subscriber’s SPI/data must be encrypted at rest,
829 and other subscriber identifiable data should be encrypted at rest. Other
830 data protection requirements exist and should be well understood by the
833 R-36792: The VNF **MUST** automatically retry/resubmit failed requests
834 made by the software to its downstream system to increase the success rate.
836 R-49036: The VNF **SHOULD** conform its YANG model to RFC 7277,
837 “A YANG Data Model for IP Management”.
839 R-63217: The VNF **MUST**, if not using the NCSP’s IDAM API, support
840 logging via ONAP for a historical view of “who did what and when”.
842 R-44125: The VNF provider **MUST** agree to the process that can be met
843 by Service Provider reporting infrastructure. The Contract shall define
844 the reporting process and the available reporting tools.
846 R-22700: The VNF **MUST** conform its YANG model to RFC 6470,
847 “NETCONF Base Notifications”.
849 R-74958: The VNF **MUST** activate security alarms automatically when
850 the following event is detected: unsuccessful attempts to gain permissions
851 or assume the identity of another user
853 R-44281: The VNF **MUST** implement the protocol operation:
854 **edit-config(target, default-operation, test-option, error-option,
855 config)** - Edit the target configuration datastore by merging,
856 replacing, creating, or deleting new config elements.
858 R-81777: The VNF **MUST** be configured with initial address(es) to
859 use at deployment time. After that the address(es) may be changed
860 through ONAP-defined policies delivered from ONAP to the VNF using
861 PUTs to a RESTful API, in the same way that other controls over data
862 reporting will be controlled by policy.
864 R-07879: The VNF Package **MUST** include all relevant playbooks to
865 ONAP to be loaded on the Ansible Server.
867 R-57855: The VNF **MUST** support hitless staggered/rolling deployments
868 between its redundant instances to allow "soak-time/burn in/slow roll"
869 which can enable the support of low traffic loads to validate the
870 deployment prior to supporting full traffic loads.
872 R-73285: The VNF **MUST** must encode the delivered data using JSON or Avro,
873 addressed and delivered as described in the previous paragraphs.
875 R-85028: The VNF **MUST** authenticate system to system access and do not
876 conceal a VNF provider user’s individual accountability for transactions.
878 R-28545: The VNF **MUST** conform its YANG model to RFC 6060, “YANG - A
879 Data Modeling Language for the Network Configuration Protocol (NETCONF)”
881 R-74712: The VNF **MUST** utilize FQDNs (and not IP address) for both
882 Service Chaining and scaling.
884 R-29760: The VNFC **MUST** be installed on non-root file systems, unless
885 software is specifically included with the operating system distribution
888 R-08315: The VNF **SHOULD** use redundant connection pooling to connect
889 to any backend data source that can be switched between pools in an
890 automated/scripted fashion to ensure high availability of the connection
893 R-42874: The VNF **MUST** comply with Least Privilege (no more privilege
894 than required to perform job functions) when persons or non-person entities
897 R-08312: The VNF **MAY** use other options which are expected to include
899 R-19082: The VNF **MUST NOT** run security testing tools and programs, e.g.,
900 password cracker, port scanners, hacking tools in production, without
901 authorization of the VNF system owner.
903 R-39650: The VNF **SHOULD** provide the ability to test incremental growth
906 R-15325: The VNF **MUST** log the field “success/failure” in the security
909 R-07617: The VNF **MUST** log creating, removing, or changing the inherent
910 privilege level of users.
912 R-53015: The VNF **MUST** apply locking based on the sequence of NETCONF
913 operations, with the first configuration operation locking out all others
916 R-83500: The VNF **MUST** provide the capability of allowing certificate
917 renewal and revocation.
919 R-23772: The VNF **MUST** validate input at all layers implementing VNF APIs.
921 R-83227: The VNF **MUST** Provide the capability to encrypt data in transit
922 on a physical or virtual network.
924 R-36843: The VNF **MUST** support the ability of the VNFC to be deployable
925 in multi-zoned cloud sites to allow for site support in the event of cloud
926 zone failure or upgrades.
928 R-10129: The VNF **SHOULD** conform its YANG model to RFC 7223,
929 “A YANG Data Model for Interface Management”.
931 R-18733: The VNF **MUST** implement the protocol operation:
932 **discard-changes()** - Revert the candidate configuration datastore to
933 the running configuration.
935 R-21819: The VNF **MUST** support requests for information from law
936 enforcement and government agencies.
938 R-92207: The VNF **SHOULD** implement a mechanism for automated and frequent
939 "system configuration (automated provisioning / closed loop)" auditing.
941 R-63935: The VNF **MUST** release locks to prevent permanent lock-outs when
942 a user configured timer has expired forcing the NETCONF SSH Session
943 termination (i.e., product must expose a configuration knob for a user
944 setting of a lock expiration timer)
946 R-79224: The VNF **MUST** have the chef-client be preloaded with validator
947 keys and configuration to register with the designated Chef Server as part
948 of the installation process.
950 R-12467: The VNF **MUST NOT** use the SHA, DSS, MD5, SHA-1 and Skipjack
951 algorithms or other compromised encryption.
953 R-68589: The VNF **MUST**, if not using the NCSP’s IDAM API, support
954 User-IDs and passwords to uniquely identify the user/application. VNF
955 needs to have appropriate connectors to the Identity, Authentication and
956 Authorization systems that enables access at OS, Database and Application
957 levels as appropriate.
959 R-26115: The VNF **MUST** follow the data model upgrade rules defined in
960 [RFC6020] section 10. All deviations from section 10 rules shall be handled
961 by a built-in automatic upgrade mechanism.
963 R-49145: The VNF **MUST** implement **:confirmed-commit** If **:candidate**
966 R-04298: The VNF provider **MUST** provide their testing scripts to
969 R-92935: The VNF **SHOULD** minimize the propagation of state information
970 across multiple data centers to avoid cross data center traffic.
972 R-47204: The VNF **MUST** protect the confidentiality and integrity of
973 data at rest and in transit from unauthorized access and modification.
975 R-32695: The VNF **MUST** provide the ability to modify the number of
976 retries, the time between retries and the behavior/action taken after
977 the retries have been exhausted for exception handling to allow the NCSP
978 to control that behavior.
980 R-58964: The VNF **MUST** provide the capability to restrict read and
981 write access to data.
983 R-73364: The VNF **MUST** support at least two major versions of the
984 VNF software and/or sub-components to co-exist within production
985 environments at any time so that upgrades can be applied across multiple
986 systems in a staggered manner.
988 R-33946: The VNF **MUST** conform to the NETCONF RFC 4741,
989 “NETCONF Configuration Protocol”.
991 R-24269: The VNF **SHOULD** conform its YANG model to RFC 7407,
992 “A YANG Data Model for SNMP Configuration”.
994 R-16039: The VNF **SHOULD** test for adherence to the defined resiliency
995 rating recommendation at each layer, during each delivery cycle so that
996 the resiliency rating is measured and feedback is provided where software
997 resiliency requirements are not met.
999 R-46290: The VNF **MUST** respond to an ONAP request to deliver granular
1000 data on device or subsystem status or performance, referencing the YANG
1001 configuration model for the VNF by returning the requested data elements.
1003 R-11240: The VNF **MUST** respond with content encoded in JSON, as described
1004 in the RESTCONF specification. This way the encoding of a synchronous
1005 communication will be consistent with Avro.
1007 R-83790: The VNF **MUST** implement the **:validate** capability
1009 R-83873: The VNF **MUST** support **:rollback-on-error** value for the
1010 <error-option> parameter to the <edit-config> operation. If any error
1011 occurs during the requested edit operation, then the target database
1012 (usually the running configuration) will be left affected. This provides an
1013 'all-or-nothing' edit mode for a single <edit-config> request.
1015 R-25238: The VNF PACKAGE **MUST** validated YANG code using the open
1016 source pyang [3]_ program using the following commands:
1018 R-58370: The VNF **MUST** coexist and operate normally with commercial
1019 anti-virus software which shall produce alarms every time when there is
1020 a security incident.
1022 R-39604: The VNF **MUST** provide the capability of testing the validity
1023 of a digital certificate by checking the Certificate Revocation List (CRL)
1024 for the certificates of that type to ensure that the certificate has not
1027 R-06617: The VNF **MUST** support get-schema (ietf-netconf-monitoring)
1028 to pull YANG model over session.
1030 R-13344: The VNF **MUST** log starting and stopping of security logging.
1032 R-02360: The VNFC **MUST** be designed as a standalone, executable process.
1034 R-80070: The VNF **MUST** handle errors and exceptions so that they do not
1035 interrupt processing of incoming VNF requests to maintain service continuity.
1037 R-02137: The VNF **MUST** implement all monitoring and logging as described
1038 in the Security Analytics section.
1040 R-16496: The VNF **MUST** enable instantiating only the functionality that
1041 is needed for the decomposed VNF (e.g., if transcoding is not needed it
1042 should not be instantiated).
1044 R-32217: The VNF **MUST** have routable FQDNs that are reachable via the
1045 Ansible Server for the endpoints (VMs) of a VNF on which playbooks will be
1046 executed. ONAP will initiate requests to the Ansible Server for invocation
1047 of playbooks against these end points [4]_.
1049 R-47849: The VNF provider **MUST** support the metadata about licenses
1050 (and their applicable entitlements) as defined in this document for VNF
1051 software, and any license keys required to authorize use of the VNF software.
1053 This metadata will be used to facilitate onboarding the VNF into the ONAP
1054 environment and automating processes for putting the licenses into use and
1055 managing the full lifecycle of the licenses. The details of this license
1056 model are described in Appendix C. Note: License metadata support in ONAP is
1057 not currently available and planned for 1Q 2018.
1059 R-85419: The VNF **SHOULD** use REST APIs exposed to Client Applications for
1060 the implementation of OAuth 2.0 Authorization Code Grant and Client Credentials
1061 Grant, as the standard interface for a VNF.
1063 R-34660: The VNF **MUST** use the RESTCONF/NETCONF framework used by the
1064 ONAP configuration subsystem for synchronous communication.
1066 R-88026: The VNF **MUST** include a NETCONF server enabling runtime
1067 configuration and lifecycle management capabilities.
1069 R-48080: The VNF **SHOULD** support SCEP (Simple Certificate Enrollment
1072 R-43884: The VNF **MUST** integrate with external authentication and
1073 authorization services (e.g., IDAM).
1075 R-70933: The VNF **MUST** provide the ability to migrate to newer versions
1076 of cryptographic algorithms and protocols with no impact.
1078 R-48917: The VNF **MUST** monitor for and alert on (both sender and receiver)
1079 errant, running longer than expected and missing file transfers, so as to
1080 minimize the impact due to file transfer errors.
1082 R-79107: The VNF **MUST**, if not using the NCSP’s IDAM API, enforce a
1083 configurable maximum number of Login attempts policy for the users. VNF
1084 provider must comply with "terminate idle sessions" policy. Interactive
1085 sessions must be terminated, or a secure, locking screensaver must be
1086 activated requiring authentication, after a configurable period of inactivity.
1087 The system-based inactivity timeout for the enterprise identity and access
1088 management system must also be configurable.
1090 R-75850: The VNF **SHOULD** decouple persistent data from the VNFC and keep
1091 it in its own datastore that can be reached by all instances of the VNFC
1094 R-46960: The VNF **MUST** utilize only the Guest OS versions that are
1095 supported by the NCSP’s Network Cloud. [5]_
1097 R-21210: The VNF **MUST** implement the following input validation control:
1098 Validate that any input file has a correct and valid Multipurpose Internet
1099 Mail Extensions (MIME) type. Input files should be tested for spoofed MIME
1102 R-23823: The VNF Package **MUST** include appropriate credentials so that
1103 ONAP can interact with the Chef Server.
1105 R-24359: The VNF **MUST** provide the capability of testing the validity
1106 of a digital certificate by validating the date the certificate is being
1107 used is within the validity period for the certificate.
1109 R-49224: The VNF **MUST** provide unique traceability of a transaction
1110 through its life cycle to ensure quick and efficient troubleshooting.
1112 R-04982: The VNF **MUST NOT** include an authentication credential,
1113 e.g., password, in the security audit logs, even if encrypted.
1115 R-74481: The VNF **MUST** NOT require the use of a dynamic routing
1116 protocol unless necessary to meet functional requirements.
1118 R-98911: The VNF **MUST NOT** use any instance specific parameters for
1119 the VNF in roles/cookbooks/recipes invoked for a VNF action.
1121 R-89571: The VNF **MUST** support and provide artifacts for configuration
1122 management using at least one of the following technologies:
1124 R-87135: The VNF **MUST** comply with NIST standards and industry best
1125 practices for all implementations of cryptography.
1127 R-04492: The VNF **MUST** generate security audit logs that must be
1128 sent to Security Analytics Tools for analysis.
1130 R-02597: The VNF **MUST** implement the protocol operation:
1131 **lock(target)** - Lock the configuration datastore target.
1133 R-13800: The VNF **MUST** conform to the NETCONF RFC 5277, “NETCONF
1134 Event Notification”.
1136 R-64445: The VNF **MUST** support the ability of a requestor of the service
1137 to determine the version (and therefore capabilities) of the service so that
1138 Network Cloud Service Provider can understand the capabilities of the service.
1140 R-64768: The VNF **MUST** limit the size of application data packets to
1141 no larger than 9000 bytes for SDN network-based tunneling when guest data
1142 packets are transported between tunnel endpoints that support guest logical
1145 R-75608: The VNF provider **MUST** provide playbooks to be loaded on the
1146 appropriate Ansible Server.
1148 R-61354: The VNF **MUST** implement access control list for OA&M services
1149 (e.g., restricting access to certain ports or applications).
1151 R-62468: The VNF **MUST** allow all configuration data to be edited through
1152 a NETCONF <edit-config> operation. Proprietary NETCONF RPCs that make
1153 configuration changes are not sufficient.
1155 R-34552: The VNF **MUST** provide or support the Identity and Access
1156 Management (IDAM) based threat detection data for OWASP Top 10.
1158 R-29977: The VNF **MUST** provide the capability of testing the validity of
1159 a digital certificate by validating the CA signature on the certificate.
1161 R-67709: The VNF **MUST** be designed, built and packaged to enable
1162 deployment across multiple fault zones (e.g., VNFCs deployed in different
1163 servers, racks, OpenStack regions, geographies) so that in the event of a
1164 planned/unplanned downtime of a fault zone, the overall operation/throughput
1165 of the VNF is maintained.
1167 R-46567: The VNF Package **MUST** include configuration scripts for boot
1168 sequence and configuration.
1170 R-55345: The VNF **SHOULD** use techniques such as “lazy loading” when
1171 initialization includes loading catalogues and/or lists which can grow over
1172 time, so that the VNF startup time does not grow at a rate proportional to
1175 R-88482: The VNF **SHOULD** use REST using HTTPS delivery of plain text
1176 JSON for moderate sized asynchronous data sets, and for high volume data
1179 R-56786: The VNF **MUST** implement “Closed Loop” automatic implementation
1180 (without human intervention) for Known Threats with detection rate in low
1183 R-94525: The VNF **MUST** log connections to a network listener of the
1186 R-85428: The VNF **MUST** meet the same guidelines as Chef Server
1189 R-26371: The VNF **MUST** detect connectivity failure for inter VNFC instance
1190 and intra/inter VNF and re-establish connectivity automatically to maintain
1191 the VNF without manual intervention to provide service continuity.
1193 R-35851: The VNF Package **MUST** include VNF topology that describes basic
1194 network and application connectivity internal and external to the VNF
1195 including Link type, KPIs, Bandwidth, latency, jitter, QoS (if applicable)
1198 R-29301: The VNF **MUST** provide or support the Identity and Access
1199 Management (IDAM) based threat detection data for Password Attacks.
1201 R-23957: The VNF **MUST** include the field “time” in the Security alarms
1202 (where applicable and technically feasible).
1204 R-32636: The VNF **MUST** support API-based monitoring to take care of the
1205 scenarios where the control interfaces are not exposed, or are optimized
1206 and proprietary in nature.
1208 R-39562: The VNF **MUST** disable unnecessary or vulnerable cgi-bin programs.
1210 R-77334: The VNF **MUST** allow configurations and configuration parameters
1211 to be managed under version control to ensure consistent configuration
1212 deployment, traceability and rollback.
1214 R-44723: The VNF **MUST** use symmetric keys of at least 112 bits in length.
1216 R-86585: The VNFC **SHOULD** minimize the use of state within a VNFC to
1217 facilitate the movement of traffic from one instance to another.
1219 R-18725: The VNF **MUST** handle the restart of a single VNFC instance
1220 without requiring all VNFC instances to be restarted.
1222 R-53317: The VNF **MUST** conform its YANG model to RFC 6087,
1223 “Guidelines for Authors and Reviewers of YANG Data Model Documents”.
1225 R-67114: The VNF **MUST** be installed with:
1227 R-28168: The VNF **SHOULD** use an appropriately configured logging level
1228 that can be changed dynamically, so as to not cause performance degradation
1229 of the VNF due to excessive logging.
1231 R-54930: The VNF **MUST** implement the following input validation control:
1232 Do not permit input that contains content or characters inappropriate to the
1233 input expected by the design. Inappropriate input, such as SQL insertions,
1234 may cause the system to execute undesirable and unauthorized transactions
1235 against the database or allow other inappropriate access to the internal
1238 R-55830: The VNF **MUST** distribute all production code from NCSP internal
1239 sources only. No production code, libraries, OS images, etc. shall be
1240 distributed from publically accessible depots.
1242 R-22367: The VNF **MUST** support detection of malformed packets due to
1243 software misconfiguration or software vulnerability.
1245 R-93860: The VNF **MUST** provide the capability to integrate with an
1246 external encryption service.
1248 R-09467: The VNF **MUST** utilize only NCSP standard compute flavors. [5]_
1250 R-62170: The VNF **MUST** over-ride any default values for configurable
1251 parameters that can be set by ONAP in the roles, cookbooks and recipes.
1253 R-41994: The VNF **MUST**, if not using the NCSP’s IDAM API, comply with
1254 "No Self-Signed Certificates" policy. Self-signed certificates must be used
1255 for encryption only, using specified and approved encryption protocols such
1256 as TLS 1.2 or higher or equivalent security protocols such as IPSec, AES.
1258 R-38474: The VNF **MUST** have a corresponding environment file for
1261 R-81725: The VNF **MUST** have a corresponding environment file for
1262 an Incremental Module.
1264 R-53433: The VNF **MUST** have a corresponding environment file for a
1265 Cinder Volume Module.
1267 R-84160: The VNF **MUST** have security logging for VNFs and their OSs be
1268 active from initialization. Audit logging includes automatic routines to
1269 maintain activity records and cleanup programs to ensure the integrity of
1270 the audit/logging systems.
1272 R-99656: The VNF **MUST** NOT terminate stable sessions if a VNFC instance
1275 R-80898: The VNF **MUST** support heartbeat via a <get> with null filter.
1277 R-20974: The VNF **MUST** deploy the base module first, prior to the
1278 incremental modules.
1280 R-69610: The VNF **MUST** provide the capability of using certificates
1281 issued from a Certificate Authority not provided by the VNF provider.
1283 R-27310: The VNF Package **MUST** include all relevant Chef artifacts
1284 (roles/cookbooks/recipes) required to execute VNF actions requested by
1285 ONAP for loading on appropriate Chef Server.
1287 R-98191: The VNF **MUST** vary the frequency that asynchronous data is
1288 delivered based on the content and how data may be aggregated or grouped
1289 together. For example, alarms and alerts are expected to be delivered as
1290 soon as they appear. In contrast, other content, such as performance
1291 measurements, KPIs or reported network signaling may have various ways of
1292 packaging and delivering content. Some content should be streamed immediately;
1293 or content may be monitored over a time interval, then packaged as collection
1294 of records and delivered as block; or data may be collected until a package of
1295 a certain size has been collected; or content may be summarized statistically
1296 over a time interval, or computed as a KPI, with the summary or KPI being
1299 R-31412: The VNF **MUST** provide or support the Identity and Access
1300 Management (IDAM) based threat detection data for XSS / CSRF.
1302 R-58775: The VNF provider **MUST** provide software components that can be
1303 packaged with/near the VNF, if needed, to simulate any functions or systems
1304 that connect to the VNF system under test. This component is necessary only
1305 if the existing testing environment does not have the necessary simulators.
1307 R-45496: The VNF **MUST** host connectors for access to the OS
1308 (Operating System) layer.
1310 R-13151: The VNF **SHOULD** disable the paging of the data requiring
1311 encryption, if possible, where the encryption of non-transient data is
1312 required on a device for which the operating system performs paging to
1313 virtual memory. If not possible to disable the paging of the data requiring
1314 encryption, the virtual memory should be encrypted.
1316 R-49308: The VNF **SHOULD** test for adherence to the defined resiliency
1317 rating recommendation at each layer, during each delivery cycle with
1318 delivered results, so that the resiliency rating is measured and the code
1319 is adjusted to meet software resiliency requirements.
1321 R-74763: The VNF provider **MUST** provide an artifact per VNF that contains
1322 all of the VNF Event Records supported. The artifact should include reference
1323 to the specific release of the VNF Event Stream Common Event Data Model
1324 document it is based on. (e.g., `VES Event Listener <https://github.com/att/evel-test-collector/tree/master/docs/att_interface_definition>`__)
1326 R-77786: The VNF Package **MUST** include all relevant cookbooks to be loaded
1327 on the ONAP Chef Server.
1329 R-54373: The VNF **MUST** have Python >= 2.7 on the endpoint VM(s) of a
1330 VNF on which an Ansible playbook will be executed.
1332 R-60106: The VNF **MUST** implement the protocol operation:
1333 **get(filter)** - Retrieve (a filtered subset of) the running configuration
1334 and device state information. This should include the list of VNF supported
1337 R-35305: The VNF **MUST** meet the same guidelines as the Ansible Server
1340 R-95864: The VNF **MUST** use commercial tools that comply with X.509
1341 standards and produce x.509 compliant keys for public/private key generation.
1343 R-23475: The VNF **SHOULD** utilize only NCSP provided Guest OS images. [5]_
1345 R-64503: The VNF **MUST** provide minimum privileges for initial and
1346 default settings for new user accounts.
1348 R-42681: The VNF **MUST** use the NCSP’s IDAM API or comply with the
1349 requirements if not using the NCSP’s IDAM API, for identification,
1350 authentication and access control of OA&M and other system level functions.
1352 R-19219: The VNF **MUST** provide audit logs that include user ID, dates,
1353 times for log-on and log-off, and terminal location at minimum.
1355 R-73067: The VNF **MUST** use industry standard cryptographic algorithms
1356 and standard modes of operations when implementing cryptography.
1358 R-25878: The VNF **MUST** use certificates issued from publicly recognized
1359 Certificate Authorities (CA) for the authentication process where PKI-based
1360 authentication is used.
1362 R-70266: The VNF **MUST** respond to an ONAP request to deliver the current
1363 data for any of the record types defined in Section 8.d “Data Model for
1364 Event Records” by returning the requested record, populated with the current
1365 field values. (Currently the defined record types include the common header
1366 record, technology independent records such as Fault, Heartbeat, State Change,
1367 Syslog, and technology specific records such as Mobile Flow, Signaling and
1368 Voice Quality records. Additional record types will be added in the future
1369 as they are standardized and become available.)
1371 R-70496: The VNF **MUST** implement the protocol operation:
1372 **commit(confirmed, confirm-timeout)** - Commit candidate configuration
1373 datastore to the running configuration.
1375 R-19624: The VNF **MUST** encode and serialize content delivered to ONAP
1376 using JSON (option 1). High-volume data is to be encoded and serialized
1377 using Avro, where Avro data format are described using JSON (option 2) [6]_.
1379 R-25094: The VNF **MUST** perform data capture for security functions.
1381 R-44032: The VNF **MUST** provide or support the Identity and Access
1382 Management (IDAM) based threat detection data for Man in the Middle (MITM).
1384 R-47068: The VNF **MAY** expose a single endpoint that is responsible for
1387 R-49396: The VNF **MUST** support each VNF action by invocation of **one**
1388 playbook [7]_. The playbook will be responsible for executing all necessary
1389 tasks (as well as calling other playbooks) to complete the request.
1391 R-63953: The VNF **MUST** have the echo command return a zero value
1392 otherwise the validation has failed
1394 R-56904: The VNF **MUST** interoperate with the ONAP (SDN) Controller so that
1395 it can dynamically modify the firewall rules, ACL rules, QoS rules, virtual
1396 routing and forwarding rules.
1398 R-37929: The VNF **MUST** accept all necessary instance specific data
1399 from the environment or node object attributes for the VNF in
1400 roles/cookbooks/recipes invoked for a VNF action.
1402 R-84366: The VNF Package **MUST** include documentation describing VNF
1403 Functional APIs that are utilized to build network and application services.
1404 This document describes the externally exposed functional inputs and outputs
1405 for the VNF, including interface format and protocols supported.
1407 R-58421: The VNF **SHOULD** be decomposed into granular re-usable VNFCs.
1409 R-27711: The VNF provider **MUST** provide an XML file that contains a
1410 list of VNF error codes, descriptions of the error, and possible
1411 causes/corrective action.
1413 R-78282: The VNF **MUST** conform to the NETCONF RFC 6242, “Using the
1414 Network Configuration Protocol over Secure Shell”.
1416 R-99766: The VNF **MUST** allow configurations and configuration parameters
1417 to be managed under version control to ensure the ability to rollback to a
1418 known valid configuration.
1420 R-89010: The VNF **MUST** survive any single points of software failure
1421 internal to the VNF (e.g., in memory structures, JMS message queues).
1423 R-77667: The VNF **MUST** test for adherence to the defined performance
1424 budget at each layer, during each delivery cycle so that the performance
1425 budget is measured and feedback is provided where the performance budget
1428 R-21652: The VNF **MUST** implement the following input validation control:
1429 Check the size (length) of all input. Do not permit an amount of input so
1430 great that it would cause the VNF to fail. Where the input may be a file,
1431 the VNF API must enforce a size limit.
1433 R-54190: The VNF **MUST** release locks to prevent permanent lock-outs
1434 when/if a session applying the lock is terminated (e.g., SSH session
1437 R-12271: The VNF **SHOULD** conform its YANG model to RFC 7223,
1438 “IANA Interface Type YANG Module”.
1440 R-25547: The VNF **MUST** log the field “protocol” in the security audit logs.
1442 R-22286: The VNF **MUST** support Integration functionality via
1443 API/Syslog/SNMP to other functional modules in the network
1444 (e.g., PCRF, PCEF) that enable dynamic security control by blocking the
1445 malicious traffic or malicious end users
1447 R-16560: The VNF **MUST** conduct a resiliency impact assessment for all
1448 inter/intra-connectivity points in the VNF to provide an overall resiliency
1449 rating for the VNF to be incorporated into the software design and
1450 development of the VNF.
1452 R-99112: The VNF **MUST** provide the capability to restrict access to
1453 data to specific users.
1455 R-02997: The VNF **MUST** preserve their persistent data. Running VMs
1456 will not be backed up in the Network Cloud infrastructure.
1458 R-19367: The VNF **MUST** monitor API invocation patterns to detect
1459 anomalous access patterns that may represent fraudulent access or other
1460 types of attacks, or integrate with tools that implement anomaly and abuse
1463 R-33981: The VNF **SHOULD** interoperate with various access control
1464 mechanisms for the Network Cloud execution environment (e.g., Hypervisors,
1467 R-26881: The VNF provider **MUST** provide the binaries and images
1468 needed to instantiate the VNF (VNF and VNFC images).
1470 R-69565: The VNF Package **MUST** include documentation describing VNF
1471 Management APIs. The document must include information and tools for:
1473 R-92571: The VNF **MUST** provide operational instrumentation such as
1474 logging, so as to facilitate quick resolution of issues with the VNF to
1475 provide service continuity.
1477 R-29488: The VNF **MUST** implement the protocol operation:
1478 **get-config(source, filter)** - Retrieve a (filtered subset of a)
1479 configuration from the configuration datastore source.
1481 R-03070: The VNF **MUST**, by ONAP Policy, provide the ONAP addresses as
1482 data destinations for each VNF, and may be changed by Policy while the VNF
1483 is in operation. We expect the VNF to be capable of redirecting traffic to
1484 changed destinations with no loss of data, for example from one REST URL
1485 to another, or from one TCP host and port to another.
1487 R-89800: The VNF **MUST NOT** require Hypervisor-level customization from
1490 R-12110: The VNF **MUST NOT** use keys generated or derived from
1491 predictable functions or values, e.g., values considered predictable
1492 include user identity information, time of day, stored/transmitted data.
1494 R-03954: The VNF **MUST** survive any single points of failure within
1495 the Network Cloud (e.g., virtual NIC, VM, disk failure).
1497 R-98391: The VNF **MUST**, if not using the NCSP’s IDAM API, support
1498 Role-Based Access Control to permit/limit the user/application to performing
1499 specific activities.
1501 R-29967: The VNF **MUST** conform its YANG model to RFC 6022, “YANG
1502 module for NETCONF monitoring”.
1504 R-80335: The VNF **MUST** make visible a Warning Notice: A formal statement
1505 of resource intent, i.e., a warning notice, upon initial access to a VNF
1506 provider user who accesses private internal networks or Company computer
1507 resources, e.g., upon initial logon to an internal web site, system or
1508 application which requires authentication.
1510 R-48596: The VNF Package **MUST** include documentation describing the
1511 characteristics for the VNF reliability and high availability.
1513 R-49956: The VNF **MUST** pass all access to applications (Bearer, signaling
1514 and OA&M) through various security tools and platforms from ACLs, stateful
1515 firewalls and application layer gateways depending on manner of deployment.
1516 The application is expected to function (and in some cases, interwork) with
1517 these security tools.
1519 R-02616: The VNF **MUST** permit locking at the finest granularity if a VNF
1520 needs to lock an object for configuration to avoid blocking simultaneous
1521 configuration operations on unrelated objects (e.g., BGP configuration
1522 should not be locked out if an interface is being configured or entire
1523 Interface configuration should not be locked out if a non-overlapping
1524 parameter on the interface is being configured).
1526 R-15659: The VNF **MUST** restrict changing the criticality level of a
1527 system security alarm to administrator(s).
1529 R-96634: The VNF provider **MUST** describe scaling capabilities to
1530 manage scaling characteristics of the VNF.
1532 R-32641: The VNF **MUST** provide the capability to encrypt data
1533 on non-volatile memory.
1535 R-48470: The VNF **MUST** support Real-time detection and notification
1538 R-91681: The VNF **MUST** meet the ONAP Ansible Server API Interface
1541 R-41825: The VNF **MUST** activate security alarms automatically when the
1542 following event is detected: configurable number of consecutive unsuccessful
1545 R-52870: The VNF **MUST** provide a method of metrics gathering and analysis
1546 to evaluate the resiliency of the software from both a granular as well as a
1547 holistic standpoint. This includes, but is not limited to thread utilization,
1548 errors, timeouts, and retries.
1550 R-89474: The VNF **MUST** log the field “Login ID” in the security audit logs.
1552 R-13390: The VNF provider **MUST** provide cookbooks to be loaded on
1553 the appropriate Chef Server.
1555 R-24825: The VNF **MUST** provide Context awareness data (device,
1556 location, time, etc.) and be able to integrate with threat detection system.
1558 R-23882: The VNF **SHOULD** be scanned using both network scanning and
1559 application scanning security tools on all code, including underlying OS
1560 and related configuration. Scan reports shall be provided. Remediation
1561 roadmaps shall be made available for any findings.
1563 R-22946: The VNF **SHOULD** conform its YANG model to RFC 6536,
1564 “NETCONF Access Control Model”.
1566 R-89753: The VNF **MUST NOT** install or use systems, tools or utilities
1567 capable of capturing or logging data that was not created by them or sent
1568 specifically to them in production, without authorization of the VNF
1571 R-88899: The VNF **MUST** support simultaneous <commit> operations within
1572 the context of this locking requirements framework.
1574 R-96554: The VNF **MUST** implement the protocol operation: **unlock(target)**
1575 - Unlock the configuration datastore target.
1577 R-27995: The VNF **SHOULD** include control loop mechanisms to notify the
1578 consumer of the VNF of their exceeding SLA thresholds so the consumer is
1579 able to control its load against the VNF.
1581 R-31809: The VNF **MUST** support the HealthCheck RPC. The HealthCheck RPC,
1582 executes a VNF providor-defined VNF Healthcheck over the scope of the entire
1583 VNF (e.g., if there are multiple VNFCs, then run a health check, as
1584 appropriate, for all VNFCs). It returns a 200 OK if the test completes. A
1585 JSON object is returned indicating state (healthy, unhealthy), scope
1586 identifier, time-stamp and one or more blocks containing info and fault
1587 information. If the VNF is unable to run the HealthCheck, return a standard
1588 http error code and message.
1590 R-25401: The VNF **MUST** use asymmetric keys of at least 2048 bits in length.
1592 R-31961: The VNF **MUST** support integrated DPI/monitoring functionality
1593 as part of VNFs (e.g., PGW, MME).
1595 R-47597: The VNF **MUST** carry data in motion only over secure connections.
1597 R-43253: The VNF **MUST** use playbooks designed to allow Ansible Server
1598 to infer failure or success based on the “PLAY_RECAP” capability.
1600 R-23135: The VNF **MUST**, if not using the NCSP’s IDAM API, authenticate
1601 system to system communications where one system accesses the resources
1602 of another system, and must never conceal individual accountability.
1604 R-99730: The VNF **MUST** include the field “Login ID” in the
1605 Security alarms (where applicable and technically feasible).
1607 R-88199: The VNF **MUST** utilize virtualized, scalable open source
1608 database software that can meet the performance/latency requirements
1609 of the service for all datastores.
1611 R-08598: The VNF **MUST** log successful and unsuccessful changes to a
1614 R-87352: The VNF **SHOULD** utilize Cloud health checks, when available
1615 from the Network Cloud, from inside the application through APIs to check
1616 the network connectivity, dropped packets rate, injection, and auto failover
1617 to alternate sites if needed.
1619 R-56920: The VNF **MUST** protect all security audit logs (including API,
1620 OS and application-generated logs), security audit software, data, and
1621 associated documentation from modification, or unauthorized viewing, by
1622 standard OS access control mechanisms, by sending to a remote system,
1625 R-35291: The VNF **MUST** support the ability to failover a VNFC automatically
1626 to other geographically redundant sites if not deployed active-active to
1627 increase the overall resiliency of the VNF.
1629 R-43332: The VNF **MUST** activate security alarms automatically when the
1630 following event is detected: successful modification of critical system
1631 or application files
1633 R-81147: The VNF **MUST** have greater restrictions for access and
1634 execution, such as up to 3 factors of authentication and restricted
1635 authorization, for commands affecting network services, such as
1636 commands relating to VNFs.
1638 R-60656: The VNF **MUST** support sub tree filtering.
1640 R-51883: The VNF **MUST** provide or support the Identity and Access
1641 Management (IDAM) based threat detection data for Replay.
1643 R-66070: The VNF Package **MUST** include VNF Identification Data to
1644 uniquely identify the resource for a given VNF provider. The identification
1645 data must include: an identifier for the VNF, the name of the VNF as was
1646 given by the VNF provider, VNF description, VNF provider, and version.
1648 R-19804: The VNF **MUST** validate the CA signature on the certificate,
1649 ensure that the date is within the validity period of the certificate,
1650 check the Certificate Revocation List (CRL), and recognize the identity
1651 represented by the certificate where PKI-based authentication is used.
1653 R-06327: The VNF **MUST** respond to a "drain VNFC" [2]_ command against a
1654 specific VNFC, preventing new session from reaching the targeted VNFC, with
1655 no disruption to active sessions on the impacted VNFC, if a VNF provides a
1656 load balancing function across multiple instances of its VNFCs. This is used
1657 to support scenarios such as proactive maintenance with no user impact.
1659 R-85653: The VNF **MUST** provide metrics (e.g., number of sessions,number
1660 of subscribers, number of seats, etc.) to ONAP for tracking every license.
1662 R-63330: The VNF **MUST** detect when the security audit log storage medium
1663 is approaching capacity (configurable) and issue an alarm via SMS or
1664 equivalent as to allow time for proper actions to be taken to pre-empt
1667 R-22645: The VNF **SHOULD** use commercial algorithms only when there are
1668 no applicable governmental standards for specific cryptographic functions,
1669 e.g., public key cryptography, message digests.
1671 R-22888: The VNF provider **MUST** provide documentation for the VNF Policy
1672 Description to manage the VNF runtime lifecycle. The document must include
1673 a description of how the policies (conditions and actions) are implemented
1676 R-78066: The VNF **MUST** support requests for information from law
1677 enforcement and government agencies.
1679 R-35144: The VNF **MUST**, if not using the NCSP’s IDAM API, comply with
1680 the NCSP’s credential management policy.
1682 R-85959: The VNF **SHOULD** automatically enable/disable added/removed
1683 sub-components or component so there is no manual intervention required.
1685 R-28756: The VNF **MUST** support **:partial-lock** and **:partial-unlock**
1686 capabilities, defined in RFC 5717. This allows multiple independent clients
1687 to each write to a different part of the <running> configuration at the
1690 R-41252: The VNF **MUST** support the capability of online storage of
1691 security audit logs.
1693 R-77707: The VNF provider **MUST** include a Manifest File that contains
1694 a list of all the components in the VNF package.
1696 R-20860: The VNF **MUST** be agnostic to the underlying infrastructure
1697 (such as hardware, host OS, Hypervisor), any requirements should be provided
1698 as specification to be fulfilled by any hardware.
1700 R-01478: The VNF Package **MUST** include documentation describing all
1701 parameters that are available to monitor the VNF after instantiation
1702 (includes all counters, OIDs, PM data, KPIs, etc.) that must be collected
1703 for reporting purposes. The documentation must include a list of:
1705 R-22059: The VNF **MUST NOT** execute long running tasks (e.g., IO, database,
1706 network operations, service calls) in a critical section of code, so as to
1707 minimize blocking of other operations and increase concurrent throughput.
1709 R-30650: The VNF **MUST** utilize cloud provided infrastructure and VNFs
1710 (e.g., virtualized Local Load Balancer) as part of the VNF so that the cloud
1711 can manage and provide a consistent service resiliency and methods across
1714 R-30654: The VNF Package **MUST** have appropriate cookbooks that are
1715 designed to automatically ‘rollback’ to the original state in case of
1716 any errors for actions that change state of the VNF (e.g., configure).
1718 R-29705: The VNF **MUST** restrict changing the criticality level of a
1719 system security alarm to administrator(s).
1721 R-71787: The VNF **MUST** comply with Segregation of Duties (access to a
1722 single layer and no developer may access production without special oversight)
1723 when persons or non-person entities access VNFs.
1725 R-86758: The VNF **SHOULD** provide an automated test suite to validate every
1726 new version of the software on the target environment(s). The tests should be
1727 of sufficient granularity to independently test various representative VNF use
1728 cases throughout its lifecycle. Operations might choose to invoke these tests
1729 either on a scheduled basis or on demand to support various operations
1730 functions including test, turn-up and troubleshooting.
1732 R-06885: The VNF **SHOULD** support the ability to scale down a VNFC pool
1733 without jeopardizing active sessions. Ideally, an active session should not
1734 be tied to any particular VNFC instance.
1736 R-06924: The VNF **MUST** deliver asynchronous data as data becomes available,
1737 or according to the configured frequency.
1739 R-65134: The VNF **SHOULD** maintain state in a geographically redundant
1740 datastore that may, in fact, be its own VNFC.
1742 R-13627: The VNF **MUST** monitor API invocation patterns to detect anomalous
1743 access patterns that may represent fraudulent access or other types of attacks,
1744 or integrate with tools that implement anomaly and abuse detection.
1746 R-86455: The VNF **SHOULD** support hosting connectors for OS Level and
1749 R-68990: The VNF **MUST** support the **:startup** capability. It will allow
1750 the running configuration to be copied to this special database. It can also
1751 be locked and unlocked.
1753 R-78010: The VNF **MUST** use the NCSP’s IDAM API for Identification,
1754 authentication and access control of customer or VNF application users.
1756 R-46986: The VNF **SHOULD** have source code scanned using scanning tools
1757 (e.g., Fortify) and provide reports.
1759 R-97293: The VNF provider **MUST NOT** require audits of Service Provider’s
1762 R-16065: The VNF provider **MUST** provide configurable parameters (if unable
1763 to conform to YANG model) including VNF attributes/parameters and valid values,
1764 dynamic attributes and cross parameter dependencies (e.g., customer
1767 R-34484: The VNF **SHOULD** create a single component VNF for VNFCs that can
1768 be used by other VNFs.
1770 R-30278: The VNF provider **MUST** provide a Resource/Device YANG model as a
1771 foundation for creating the YANG model for configuration. This will include
1772 VNF attributes/parameters and valid values/attributes configurable by policy.
1774 R-35401: The VNF **MUST** must support SSH and allow SSH access to the Ansible
1775 server for the endpoint VM(s) and comply with the Network Cloud Service
1776 Provider guidelines for authentication and access.
1778 R-68200: The VNF **MUST** support the **:url** value to specify protocol
1779 operation source and target parameters. The capability URI for this feature
1780 will indicate which schemes (e.g., file, https, sftp) that the server supports
1781 within a particular URL value. The 'file' scheme allows for editable local
1782 configuration databases. The other schemes allow for remote storage of
1783 configuration databases.
1785 R-41159: The VNF **MUST** deliver any and all functionality from any VNFC
1786 in the pool. The VNFC pool member should be transparent to the client.
1787 Upstream and downstream clients should only recognize the function being
1788 performed, not the member performing it.
1790 R-18864: The VNF **MUST** NOT use technologies that bypass virtualization
1791 layers (such as SR-IOV) unless approved by the NCSP (e.g., if necessary to
1792 meet functional or performance requirements).
1794 R-37028: The VNF **MUST** be composed of one “base” module.
1796 R-40827: The VNF provider **MUST** enumerate all of the open source licenses
1797 their VNF(s) incorporate.
1799 R-95950: The VNF **MUST** provide a NETCONF interface fully defined by
1800 supplied YANG models for the embedded NETCONF server.
1802 R-10716: The VNF **MUST** support parallel and simultaneous configuration
1803 of separate objects within itself.
1805 R-71842: The VNF **MUST** include the field “service or program used for
1806 access” in the Security alarms (where applicable and technically feasible).
1808 R-54430: The VNF **MUST** use the NCSP’s supported library and compute flavor
1809 that supports DPDK to optimize network efficiency if using DPDK. [5]_
1811 R-03465: The VNF **MUST** release locks to prevent permanent lock-outs when
1812 the corresponding <partial-unlock> operation succeeds.
1814 R-65755: The VNF **SHOULD** support callback URLs to return information to
1815 ONAP upon completion of the chef-client run for any chef-client run
1816 associated with a VNF action.
1818 R-11499: The VNF **MUST** fully support the XPath 1.0 specification for
1819 filtered retrieval of configuration and other database contents. The 'type'
1820 attribute within the <filter> parameter for <get> and <get-config> operations
1821 may be set to 'xpath'. The 'select' attribute (which contains the XPath
1822 expression) will also be supported by the server. A server may support
1823 partial XPath retrieval filtering, but it cannot advertise the **:xpath**
1824 capability unless the entire XPath 1.0 specification is supported.
1826 R-95105: The VNF **MUST** host connectors for access to the application layer.
1828 R-77157: The VNF **MUST** conform to approved request, workflow authorization,
1829 and authorization provisioning requirements when creating privileged users.
1831 R-63473: The VNF **MUST** automatically advertise newly scaled components
1832 so there is no manual intervention required.
1834 R-13613: The VNF **MUST** provide clear measurements for licensing purposes
1835 to allow automated scale up/down by the management system.
1837 R-66793: The VNF **MUST** guarantee the VNF configuration integrity for
1838 all simultaneous configuration operations (e.g., if a change is attempted to
1839 the BUM filter rate from multiple interfaces on the same EVC, then they need
1840 to be sequenced in the VNF without locking either configuration method out).
1842 R-19790: The VNF **MUST NOT** include authentication credentials in
1843 security audit logs, even if encrypted.
1845 R-97529: The VNF **SHOULD** implement the protocol operation:
1846 **get-schema(identifier, version, format) -** Retrieve the YANG schema.
1848 R-84473: The VNF **MUST** enable DPDK in the guest OS for VNF’s requiring
1849 high packets/sec performance. High packet throughput is defined as greater
1850 than 500K packets/sec.
1852 R-54816: The VNF **MUST** support the storage of security audit logs for
1853 agreed period of time for forensic analysis.
1855 R-34957: The VNF **MUST** provide a method of metrics gathering for each
1856 layer's performance to identify/document variances in the allocations so
1857 they can be addressed.
1859 R-43958: The VNF Package **MUST** include documentation describing the
1860 tests that were conducted by the VNF provider and the test results.
1862 R-61648: The VNF **MUST** support event logging, formats, and delivery
1863 tools to provide the required degree of event data to ONAP
1865 R-18525: The VNF provider **MUST** provide a JSON file for each supported
1866 action for the VNF. The JSON file must contain key value pairs with all
1867 relevant values populated with sample data that illustrates its usage. The
1868 fields and their description are defined in Appendix A.
1870 R-99174: The VNF **MUST** comply with Individual Accountability
1871 (each person must be assigned a unique ID) when persons or non-person
1872 entities access VNFs.
1874 R-99771: The VNF **MUST** provide all code/configuration files in a
1875 “Locked down” or hardened state or with documented recommendations for
1876 such hardening. All unnecessary services will be disabled. VNF provider
1877 default credentials, community strings and other such artifacts will be
1878 removed or disclosed so that they can be modified or removed during
1881 R-58358: The VNF **MUST** implement the **:with-defaults**
1882 capability [RFC6243].
1884 R-78116: The VNF **MUST** update status on the Chef Server appropriately
1885 (e.g., via a fail or raise an exception) if the chef-client run encounters
1886 any critical errors/failures when executing a VNF action.
1888 R-84879: The VNF **MUST** have the capability of maintaining a primary and
1889 backup DNS name (URL) for connecting to ONAP collectors, with the ability to
1890 switch between addresses based on conditions defined by policy such as
1891 time-outs, and buffering to store messages until they can be delivered.
1892 At its discretion, the service provider may choose to populate only one
1893 collector address for a VNF. In this case, the network will promptly resolve
1894 connectivity problems caused by a collector or network failure transparently
1897 R-06413: The VNF **MUST** log the field “service or program used for access”
1898 in the security audit logs.
1900 R-51442: The VNF **SHOULD** use playbooks that are designed to automatically
1901 ‘rollback’ to the original state in case of any errors for actions that change
1902 state of the VNF (e.g., configure).
1904 R-98989: The VNF **SHOULD** utilize resource pooling (threads, connections,
1905 etc.)within the VNF application so that resources are not being created
1906 and destroyed resulting in resource management overhead.
1908 R-58998: The VNF **MUST** provide or support the Identity and Access Management
1909 (IDAM) based threat detection data for Malware (Key Logger).
1911 R-52499: The VNF **MUST** meet their own resiliency goals and not rely
1912 on the Network Cloud.
1914 R-43327: The VNF **SHOULD** use “Modeling JSON text with YANG”,
1915 https://trac.tools.ietf.org/id/draft-lhotka-netmod-yang-json-00.html,
1916 If YANG models need to be translated to and from JSON. YANG configuration
1917 and content can be represented via JSON, consistent with Avro, as described
1918 in “Encoding and Serialization” section.
1920 R-52060: The VNF **MUST** provide the capability to configure encryption
1921 algorithms or devices so that they comply with the laws of the jurisdiction
1922 in which there are plans to use data encryption.
1924 R-10353: The VNF **MUST** conform its YANG model to RFC 6244,
1925 “An Architecture for Network Management Using NETCONF and YANG”.
1927 R-26586: The VNF **SHOULD** support the ability to work with aliases
1928 (e.g., gateways, proxies) to protect and encapsulate resources.
1930 R-14025: The VNF **MUST** provide or support the Identity and Access
1931 Management (IDAM) based threat detection data for Session Hijacking.
1933 R-86835: The VNF **MUST** set the default settings for user access to
1934 sensitive commands and data to deny authorization.
1936 R-73583: The VNF **MUST** allow changes of configuration parameters to be
1937 consumed by the VNF without requiring the VNF or its sub-components to be
1938 bounced so that the VNF availability is not effected.
1940 R-73223: The VNF **MUST** support proactive monitoring to detect and report
1941 the attacks on resources so that the VNFs and associated VMs can be isolated,
1942 such as detection techniques for resource exhaustion, namely OS resource
1943 attacks, CPU attacks, consumption of kernel memory, local storage attacks.
1945 R-06668: The VNF **MUST** handle the start or restart of VNFC instances in
1946 any order with each VNFC instance establishing or re-establishing required
1947 connections or relationships with other VNFC instances and/or VNFs required
1948 to perform the VNF function/role without requiring VNFC instance(s) to be
1949 started/restarted in a particular order.
1951 R-41215: The VNF **MAY** have zero to many “incremental” modules.
1953 R-85991: The VNF provider **MUST** provide a universal license key per VNF to
1954 be used as needed by services (i.e., not tied to a VM instance) as the
1955 recommended solution. The VNF provider may provide pools of Unique VNF
1956 License Keys, where there is a unique key for each VNF instance as an
1957 alternate solution. Licensing issues should be resolved without interrupting
1960 R-52085: The VNF **MUST**, if not using the NCSP’s IDAM API, provide the
1961 ability to support Multi-Factor Authentication (e.g., 1st factor = Software
1962 token on device (RSA SecureID); 2nd factor = User Name+Password, etc.)
1965 R-29495: The VNF **MUST** support locking if a common object is being
1966 manipulated by two simultaneous NETCONF configuration operations on the
1967 same VNF within the context of the same writable running data store
1968 (e.g., if an interface parameter is being configured then it should be
1969 locked out for configuration by a simultaneous configuration operation
1970 on that same interface parameter).
1972 R-31751: The VNF **MUST** subject VNF provider VNF access to privilege
1973 reconciliation tools to prevent access creep and ensure correct enforcement
1976 R-48698: The VNF **MUST** utilize information from key value pairs that
1977 will be provided by the Ansible Server as extra-vars during invocation
1978 to execute the desired VNF action. If the playbook requires files,
1979 they must also be supplied using the methodology detailed in the
1982 R-44290: The VNF **MUST** control access to ONAP and to VNFs, and creation of
1983 connections, through secure credentials, log-on and exchange mechanisms.
1985 R-40293: The VNF **MUST** make available (or load on VNF Ansible Server)
1986 playbooks that conform to the ONAP requirement.
1988 R-30932: The VNF **MUST** provide security audit logs including records of
1989 successful and rejected system access data and other resource access attempts.
1991 R-12538: The VNF **SHOULD** support load balancing and discovery mechanisms
1992 in resource pools containing VNFC instances.
1994 R-59610: The VNF **MUST** implement the data model discovery and download
1995 as defined in [RFC6022].
1997 R-49945: The VNF **MUST** authorize VNF provider access through a
1998 client application API by the client application owner and the
1999 resource owner of the VNF before provisioning authorization through
2000 Role Based Access Control (RBAC), Attribute Based Access Control (ABAC),
2001 or other policy based mechanism.
2003 R-20912: The VNF **MUST** support alternative monitoring capabilities
2004 when VNFs do not expose data or control traffic or use proprietary
2005 and optimized protocols for inter VNF communication.
2008 Ansible Playbook Examples
2009 -----------------------------------------------
2011 The following sections contain examples of Ansible playbook contents
2012 which follow the guidelines.
2014 Guidelines for Playbooks to properly integrate with APPC
2015 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2017 NOTE: To support concurrent requests to multiple VNF instances of same
2018 or different type, VNF hosts and other files with VNF specific default
2019 values are kept or created in separate directories.
2021 Example of an Ansible command (after pwd) to run playbook again
2022 vfdb9904v VNF instance:
2024 .. code-block:: none
2027 /storage/vfdb/V16.1/ansible/configure
2028 $ ansible-playbook -i ../inventory/vfdb9904v/hosts site.yml --extra-vars "vnf_instance=vfdb9904v"
2030 Example of corresponding APPC API Call from ONAP – Ansible Server
2033 An example POST for requesting execution of configure Playbook:
2035 .. code-block:: none
2037 {"Id": "10", "PlaybookName":
2038 "/storage/vfdb/latest/ansible/configure/site.yml", "NodeList":
2039 ["vfdb9904v"], "Timeout": 60, "EnvParameters": {"Retry": 3, "Wait": 5},
2040 "LocalParameters": {"vfdb9904v": {"T_true": 10, "T_false": 5,
2045 - An ID number is assigned to each request. This ID number is used to
2046 track request down to completion and provide status to APPC when
2049 - Playbook Name provided in the request (full path in this case)
2051 - Playbook path (in this example provided as part of playbook name as
2052 full path) or, later in a separate variable, playbook root directory
2053 needs to be part of APPC template.
2055 Ansible Playbooks will use the VNF instance name (passed using
2056 --extra-vars "vnf\_instance=vfdb9904v") to identify other default values
2057 to run the playbook(s) against the target VNF instance. Same example as
2060 .. code-block:: none
2062 $ ansible-playbook -i ../inventory/vfdb9904v/hosts site.yml --extra-vars "vnf_instance=vfdb9904v"
2064 SSH key info (name/path), used to authenticate with the VNF VMs, is one
2065 of the attributes stored in the Ansible Server inventory hosts file for
2066 the VNF instance and later will be passed down by APPC, in the inventory
2067 hosts file, to the Ansible Server as part of the request. Here hosts
2068 file to run ansible-playbook listed in this example above (IP addresses
2071 .. code-block:: none
2073 $ more ../inventory/vfdb9904v/hosts
2075 localhost ansible_connection=local
2078 1xx.2yy.zzz.109 ansible_ssh_private_key_file=/storage/.ssh/Kilo-SSH-Key.pem
2079 1xx.2yy.zzz.110 ansible_ssh_private_key_file=/storage/.ssh/Kilo-SSH-Key.pem
2082 1xx.2yy.zzz.105 ansible_ssh_private_key_file=/storage/.ssh/Kilo-SSH-Key.pem
2083 1xx.2yy.zzz.106 ansible_ssh_private_key_file=/storage/.ssh/Kilo-SSH-Key.pem
2085 NOTE: APPC requests to run Playbooks/Cookbooks are specific to a VNF,
2086 but could be more limited to one VM or one type of VM by the request
2087 parameters. Actions that may impact a site (LCP), a service, or an
2088 entire platform must be orchestrated by MSO in order to execute requests
2089 via APPC which then invoke VNF level playbooks. Playbooks that impact
2090 more than a single VNF are not the current focus of these guidelines.
2092 And here the scrubbed default arguments for this VNF instance:
2094 .. code-block:: none
2096 vnf_instance=vfdb9904v
2098 $ more ../vars/vfdb9904v/default_args.yml
2099 vnf_provider_network_network: d69fea03-xxx-yyy-zzz-nnnnnnnnnnnn
2100 vnf_provider_network_subnet: a07f6a3d-xxxx-yyy-zzz-ssssssssssss
2101 vm_config_oam_vnfc_name: vfdb9904vm001oam001
2102 vm_config_oam_hostname: vfdb9904vm001
2103 vm_config_oam_provider_ip_address: 1xx.2yy.zzz.109
2106 IMPORTANT: The APPC and default file attribute name for
2107 vm\_config\_oam\_vnfc\_name, as an example, is derived from vm\_config
2108 array structure (list) in the CSAR package ENV file, with dots replaced
2111 .. code-block:: none
2115 oam: {vnfc_name: {{ vm_config_oam_vnfc_name }}, hostname: {{
2116 vm_config_oam_hostname }}, provider_ip_address: {{
2117 vm_config_oam_provider_ip_address }
2121 Parameters like VNF names, VNFC names, OA&M IP addresses, after
2122 February, 2018 ONAP release, will be extracted from A&AI by APPC and
2123 then passed down to Ansible Server, as part of APPC request through REST
2124 API. In the meantime, these VNF instance specific required values, will
2125 be stored on VNF instance directory, default arguments file and will be
2126 used as defaults. For parameterized playbooks attribute-value pairs
2127 passed down by APPC to Ansible Server always take precedence over
2128 template or VNF instance specific defaults stored in defaults file(s).
2130 .. code-block:: none
2133 /storage/vfdb/latest/ansible
2135 $ more vars/vfdb9904v/default_args.yml
2137 vm_config_oam1_vnfc_name: vfdb9904vm001oam001
2138 vm_config_oam1_hostname: vfdb9904vm001
2139 vm_config_oam1_provider_ip_address: 1xx.2yy.zzz.109
2141 vm_config_oam2_vnfc_name: vfdb9904vm002oam001
2142 vm_config_oam2_hostname: vfdb9904vm002
2143 vm_config_oam2_provider_ip_address: 1xx.2yy.zzz.110
2145 vm_config_rdb1_vnfc_name: vfdb9904vm003rdb001
2146 vm_config_rdb1_hostname: vfdb9904vm003
2147 vm_config_rdb1_provider_ip_address: 1xx.2yy.zzz.105
2149 vm_config_rdb2_vnfc_name: vfdb9904vm004rdb001
2150 vm_config_rdb2_hostname: vfdb9904vm004
2151 vm_config_rdb2_provider_ip_address: 1xx.2yy.zzz.106
2153 vm_config_rdb3_vnfc_name: vfdb9904vm005rdb001
2154 vm_config_rdb3_hostname: vfdb9904vm005
2155 vm_config_rdb3_provider_ip_address: 1xx.2yy.zzz.xxx
2157 vm_config_rdb4_vnfc_name: vfdb9904vm006rdb001
2158 vm_config_rdb4_hostname: vfdb9904vm006
2159 vm_config_rdb4_provider_ip_address: 1xx.2yy.zzz.yyy
2161 One of the first tasks on the Ansible Playbooks is to combine the VNF
2162 type generic template, derived from ENV files in CSAR or other files,
2163 with these default values stored on the Ansible Server, together with
2164 the overriding parameters passed down from APPC, to create the VNF
2165 instance specific set of attribute-value pairs to be used for the run in
2166 YAML format. Here is an excerpt from such a file that should look
2167 somewhat similar to ENV files:
2169 .. code-block:: none
2171 $ more tmp/vfdb9904v/all.yml
2173 deployment_prefix: vfdb9904v
2175 oam1: { vnfc_name: vfdb9904vm001oam001, hostname: vfdb9904vm001, provider_ip_address: 1xx.2yy.zzz.109, private_ip_address: 192.168.10.107 }
2176 oam2: { vnfc_name: vfdb9904vm002oam001, hostname: vfdb9904vm002, provider_ip_address: 1xx.2yy.zzz.110, private_ip_address: 192.168.10.108 }
2177 rdb1: { vnfc_name: vfdb9904vm003rdb001, hostname: vfdb9904vm003, provider_ip_address: 1xx.2yy.zzz.105, private_ip_address: 192.168.10.109 }
2178 rdb2: { vnfc_name: vfdb9904vm004rdb001, hostname: vfdb9904vm004, provider_ip_address: 1xx.2yy.zzz.106, private_ip_address: 192.168.10.110 }
2179 rdb3: { vnfc_name: vfdb9904vm005rdb001, hostname: vfdb9904vm005, provider_ip_address: 1xx.2yy.zzz.xxx, private_ip_address: 192.168.10.111 }
2180 rdb4: { vnfc_name: vfdb9904vm006rdb001, hostname: vfdb9904vm006, provider_ip_address: 1xx.2yy.zzz.yyy, private_ip_address: 192.168.10.112 }
2184 template_version: '2014-10-16'
2185 stack_name: vfdb9904v
2186 key_name: ONAPkilo-keypair
2188 stackName: vfdb9904v
2192 # logins list contain 'login name', 'login group', 'login password'
2194 .. code-block:: none
2197 - { name: 'm99999', group: 'm99999', password: 'abcdefgha' }
2198 - { name: 'gsuser', group: 'gsuser', password: ' abcdefgha' }
2199 - { name: 'peruser', group: 'peruser', password: ' abcdefgha' }
2200 - { name: 'dbuser', group: 'dbuser', password: ' abcdefgha' }
2202 NOTE: Arguments passed by APPC to Ansible Server to run a playbook take
2203 precedence over any defaults stored in Ansible Server.
2205 Ansible Playbooks – Notes On Artifacts Required to Run Playbooks
2206 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2208 Inventory hosts file: should be VNF instance specific.
2210 Default variables: should be VNF instance specific/
2212 NOTE: Some playbooks may rely on inventory directory contents to target
2213 the collection of VNFs in the Services Platform supported through
2216 Playbooks and paths to referenced files: Playbooks shall not use
2217 absolute paths for file include entries (variables or playbooks) or
2218 other types of references.
2220 For this to work properly when running playbooks, the directory where
2221 the playbook resides shall be the current directory.
2223 Playbook includes use paths relative to the main playbook directory when
2226 Root directory named ansible - Any files provided with playbooks,
2227 included or referenced by playbooks, shall reside under the ansible
2228 playbooks (root) directory, containing all playbook subdirectories, or
2229 below that ansible root directory, in other subdirectories to support
2230 on-boarding and portability of VNF collection of playbooks and related
2233 Designing for a shared environment, concurrently running playbooks,
2234 targeting multiple VNF instances – inventory hosts file:
2236 To avoid inventory hosts file overwrites or collisions between multiple
2237 concurrently running VNF instance requests, chosen approach is for each
2238 VNF instance hosts file, to be stored under the Ansible Server Playbooks
2239 root directory, under the inventory subdirectory, and under a directory
2240 for each VNF instance, named after the VNF instance, as follows:
2242 ansible/inventory/<VNF\_instance\_name>/hosts
2244 Example of inventory hosts file path, relative to ansible playbooks root
2245 directory (playbooks\_dir): ansible/inventory/vnfx0001v/hosts
2247 Designing for a shared environment, concurrently running playbooks,
2248 targeting multiple VNF instances – default argument variables for
2249 specific VNF instances:
2251 Files containing attribute name value pairs (variable name and default
2252 values), referenced/included by playbooks – Files containing VNF
2253 instance specific default values – in a later APPC release, some or all
2254 the default attribute value pairs contained in the defaults file, may be
2255 passed down by APPC, to the Ansible Server, overriding these defaults:
2257 Following the same approach for inventory hosts files, files
2258 referenced/included by playbooks containing default values,
2259 default\_args.yml, shall be stored under a directory with VNF instance
2264 ansible/vars/<VNF\_instance\_name>/default\_args.yml
2266 Files containing attribute name value pairs (variable name and default
2267 values), referenced/included by playbooks – created dynamically by
2270 Following the same approach for inventory hosts files, to avoid
2271 overwrites or collisions of multiple concurrently running VNF instance
2272 requests, files created dynamically by playbooks, based on VNF generic
2273 templates, combined with default values and arguments passed down by
2274 APPC (as part of the request), shall be stored under a directory with
2275 VNF instance name on the path.
2279 tmp/<VNF\_instance\_name>/all.yml
2281 Files containing site specific (Openstack location non-instance
2282 specific) attribute name value pairs, like NTP server and DNS server’s
2283 IP addresses and other parameters, referenced/included by playbooks, not
2284 VNF specific – Could/should be stored under vars directory, in a
2285 subdirectory named after the string used to identify the site (nyc1,
2290 ansible/vars/<Site>/default\_args.yml
2292 ansible/vars/nyc1/default\_args.yml
2294 ansible/vars/lax2/default\_args.yml
2296 \ **Ansible Server Design - Directory Structure**
2298 To help understanding the contents of this section, here are few basic
2301 **VNF type a.k.a VNF Function Code** - Based on current Services
2302 Platform naming convention, each Virtual Network Function is assigned a
2303 4 character string (example vfdb), they are the first 4 characters on
2304 the VNF instance name, which is 9 characters long. VNF instance name in
2305 some cases corresponds to the stack name for the VNF when VNF instance
2306 is built based on a single module, single stack. Example of VNF instance
2307 name: vfdb9904v. All VNF performing this function, running the same
2308 software, coming from the same VNF provider will start with the same 4
2309 characters, in this example, vfdb.
2311 VNF type, determined through these 4 characters, is also known as VNF
2312 Function Code and is assigned by inventory team. All Services Platform
2313 VNF Function Codes can be found in inventory database and/or A&AI as
2314 well as Services Platform Network Design Documents.
2316 NOTE: Current Services Platform naming convention is undergoing changes
2317 to include geographical location to the VNF names.
2319 Version – As in VNF software version is the release of the software
2320 running on the VNF for which the playbooks were developed. VNF
2321 configuration steps may change from release to release and this
2322 <Version> in the path will allow the Ansible Server to host playbooks
2323 associated with each software release. And run the playbooks that match
2324 the software release running on each VNF instance. APPC initially will
2325 not support playbook versioning only latest playbook is supported.
2327 Playbook Function - Is a name associated with a life cycle management
2328 task(s) performed by the playbook(s) stored in this directory. It should
2329 clearly identify the type of action(s) performed by the main playbook
2330 and possibly other playbooks stored in this same directory. Ideally,
2331 playbook function would match APPC corresponding function that executes
2332 the main playbook in this directory. Following Ansible Naming standards
2333 main playbook is usually named site.yml. There can be other playbooks on
2334 the same directory that use a subset of the roles used by the main
2335 playbook site.yml. Examples of Playbook Function directory names:
2337 - configure – Contains post-instantiation (bulk) configuration
2340 - healthcheck – Contains VNF health check playbook(s), roles,…
2342 - stop – Contains VNF application stop playbook(s), roles,…
2344 - start – Contains VNF application start playbook(s), roles,…
2346 Directory structure to allow hosting multiple version sets of playbooks,
2347 for the same VNF type, to be hosted in the runtime environment on the
2348 Ansible Servers. Generic directory structure:
2350 Ansible Playbooks – Function directory and main playbook:
2352 .. code-block:: none
2354 /storage/<VNF type>/<Version>/ansible/<Playbook Function>/site.yml
2356 Example – Post-instantiation (bulk) configuration –APPC Function -
2359 .. code-block:: none
2361 /storage/<VNF type>/<Version>/ansible/configure/site.yml
2363 Example – Health-check –APPC Function - HealthCheck:
2365 .. code-block:: none
2367 /storage/<VNF type>/<Version>/ansible/healthcheck/site.yml
2369 OR (Function directory name does not need to match APPC function name)
2371 .. code-block:: none
2373 /storage/<VNF type>/<Version>/ansible/check/site.yml
2375 Ansible Directories for other artifacts – VNF inventory hosts file -
2378 .. code-block:: none
2380 /storage/<VNF type>/<Version>/ansible/inventory/<VNF instance name>/hosts
2382 Ansible Directories for other artifacts – VNF inventory hosts file –
2385 .. code-block:: none
2387 /storage/<VNF type>/<Version>/ansible/vars/<VNF instance name>/default\_args.yml
2389 NOTE: This requirement is expected to be deprecated in part in the
2390 future, for automated actions, once APPC can pass down all VNF specific
2391 arguments for each action. Requirement remains while manual actions are
2392 to be supported. Other automated inventory management mechanisms may be
2393 considered in the future, Ansible supports many automated inventory
2394 management mechanisms/tools/solutions.
2396 Ansible Directories for other artifacts – VNF (special) groups –
2399 .. code-block:: none
2401 /storage/<VNF type>/<Version>/ansible/groups/<VNF instance name>/common\_groups.yml
2403 NOTE: Default groups will be created based on VNFC type, 3 characters,
2404 on VNFC name. Example: “oam”, “rdb”, “dbs”, “man”, “iox”, “app”,…
2406 Ansible Directories for other artifacts – VNF (special) other files –
2407 Optional – Example – License file:
2409 .. code-block:: none
2411 /storage/<VNF type>/<Version>/ansible/<Other directory(s)>
2413 CAUTION: On referenced files used/required by playbooks.
2415 - To avoid missing files, during on-boarding or uploading of Ansible
2416 Playbooks and related artifacts, all permanent files (not generated
2417 by playbooks as part of execution), required to run any playbook,
2418 shall reside under the ansible root directory or below on other
2421 - Any references to files, on includes or other playbook entries, shall
2424 - This is the ansible (root directory) directory referenced on this
2427 .. code-block:: none
2429 /storage/<VNF type>/<Version>/ansible/
2431 There will be a soft link to the latest set of Ansible Playbooks for
2432 each VNF type and this is the default set of playbooks that are executed
2433 unless a different release is specified in APPC request.
2435 VNF type directories use A&AI inventory VNF function code. Ansible
2436 Playbooks will be stored on a Cinder Volume mounted on the Ansible
2437 Servers as /storage. Example:
2439 /storage/vfdb/latest/ansible – This soft link point to the latest set of
2440 playbooks (or the only set)
2442 /storage/vfdb/V16.1/ansible – Root directory for database VNF Ansible
2443 Playbooks for release 16.1
2445 CAUTION: To support this directory structure as the repository to store
2446 Ansible Playbooks run by APPC, APPC API in the Ansible Server side needs
2447 to be configured to run playbooks from directory, not MySQL database.
2449 Ansible Server HTTP will be configured to support APPC REST API requests
2450 to run playbooks as needed, against specific VNF instances, or specific
2451 VM(s) as specified in the request.
2453 ONAP APPC REST API to Ansible Server is documented separately and can be
2454 found under ONAP (onap.org).
2456 **Ansible Server – On-boarding Ansible Playbooks**
2458 Once playbooks are developed following the guidelines listed in prior
2459 section(s), playbooks need to be on-boarded onto Ansible Server(s). In
2460 the future, they’ll be on-boarded and distributed through ONAP, at least
2461 that is the proposed plan, but for now they need to be uploaded
2464 These are the basic steps to on-board playbooks manually onto the
2467 1. Upload CSAR, zip, or tar file containing VNF playbooks and related
2470 2. Create full directory (using –p option below) to store Ansible
2471 Playbooks and other artifacts under /storage file system.
2473 a. Includes VNF type using VNF function code 4 characters under
2476 b. Includes VNF “Version” directory as part of the path to store
2477 playbooks for this VNF version.
2479 c. Include generic ansible root directory. Creating full directory
2482 .. code-block:: none
2484 $ mkdir –p /storage/vfdb/V16.1/ansible**/**
2486 3. Make this directory (VNF ansible root directory) current directory
2489 .. code-block:: none
2491 cd /storage/vfdb/V16.1/ansible/
2493 4. Extract Ansible Playbooks and other Ansible artifacts associated with
2494 the playbooks onto the ansible directory. Command depends on the type
2495 of file uploaded, examples would be:
2497 .. code-block:: none
2503 5. Create directory for VNF (VMs) inventory hosts file with all VMs and
2504 OA&M IP addresses for all VNF instances with known OA&M IP addresses
2505 for respective VMs, example:
2507 .. code-block:: none
2509 $ mkdir –p inventory/vfdb9904v
2511 $ touch inventory/vfdb9904v/hosts
2513 $ cat inventory/vfdb9904v/hosts
2516 localhost ansible\_connection=local
2519 1xx.2yy.zzz.109 ansible\_ssh\_private\_key\_file=/storage/.ssh/Kilo-SSH-Key.pem
2520 1xx.2yy.zzz.110 ansible\_ssh\_private\_key\_file=/storage/.ssh/Kilo-SSH-Key.pem
2523 1xx.2yy.zzz.105 ansible\_ssh\_private\_key\_file=/storage/.ssh/Kilo-SSH-Key.pem
2524 1xx.2yy.zzz.106 ansible\_ssh\_private\_key\_file=/storage/.ssh/Kilo-SSH-Key.pem
2526 6. Create directory to hold default arguments for each VNF instance,
2529 .. code-block:: none
2531 $ mkdir –p vars/vfdb9904v
2532 $ touch vars/vfdb9904v/default\_args.yml
2533 $ cat vars/vfdb9904v/default\_args.yml
2534 vm\_config\_oam1\_vnfc\_name: vfdb9904vm001oam001
2535 vm\_config\_oam1\_hostname: vfdb9904vm001
2536 vm\_config\_oam1\_provider\_ip\_address: 1xx.2yy.zzz.109
2538 vm\_config\_oam2\_vnfc\_name: vfdb9904vm002oam001
2539 vm\_config\_oam2\_hostname: vfdb9904vm002
2540 vm\_config\_oam2\_provider\_ip\_address: 1xx.2yy.zzz.110
2542 vm\_config\_rdb1\_vnfc\_name: vfdb9904vm003rdb001
2543 vm\_config\_rdb1\_hostname: vfdb9904vm003
2544 vm\_config\_rdb1\_provider\_ip\_address: 1xx.2yy.zzz.105
2546 vm\_config\_rdb2\_vnfc\_name: vfdb9904vm004rdb001
2547 vm\_config\_rdb2\_hostname: vfdb9904vm004
2548 vm\_config\_rdb2\_provider\_ip\_address: 1xx.2yy.zzz.106
2550 vm\_config\_rdb3\_vnfc\_name: vfdb9904vm005rdb001
2551 vm\_config\_rdb3\_hostname: vfdb9904vm005
2552 vm\_config\_rdb3\_provider\_ip\_address: 1xx.2yy.zzz.xxx
2554 vm\_config\_rdb4\_vnfc\_name: vfdb9904vm006rdb001
2555 vm\_config\_rdb4\_hostname: vfdb9904vm006
2556 vm\_config\_rdb4\_provider\_ip\_address: 1xx.2yy.zzz.yyy
2558 NOTE: Please note names in this file shall use underscore “\_” not dots
2561 7. Perform some basic playbook validation running with “--check” option,
2562 running dummy playbooks or other.
2564 8. Upload any SSH keys referenced on hosts file to appropriate
2567 NOTE: HOT templates used by Heat to instantiate VNF configured by these
2568 playbooks shall include the same SSH key to be installed as part of
2571 Other non-VNF provider specific playbook tasks need to be incorporated on
2572 overall post-instantiation configuration playbooks or company Playbooks
2573 need to be uploaded and executed after VNF provided or internally
2574 developed playbooks for the VNF.
2578 The “name” field is a mandatory field in a valid Chef Node Object
2582 Not currently supported in ONAP release 1
2585 https://github.com/mbj4668/pyang
2588 Upstream elements must provide the appropriate FQDN in the request to
2589 ONAP for the desired action.
2592 Refer to NCSP’s Network Cloud specification
2595 This option is not currently supported in ONAP and it is currently
2596 under consideration.
2599 Multiple ONAP actions may map to one playbook.
Code Review / vnfrqts / requirements.git / blob