7.3. Configuration Management

7.3.1. Controller Interactions With VNF or PNF

APPC/SDN-C expose a northbound API to clients (such as SO) in order for the clients to initiate an activity (aka command) on a VNF or PNF. APPC/SDN-C interact with VNFs or PNFs through Network and Application Adapters to perform configuration and other lifecycle management activities within NFV environment. The standardized models, protocols and mechanisms by which network functions are configured are equally applicable to VNFs and PNFs.

This section describes the list of commands that should be supported by the VNF or PNF. The following sections describe the standard protocols that are supported (NETCONF, Chef, Ansible, and REST).

The commands below are expected to be supported on all VNF or PNF’s, unless The commands below are expected to be supported on all VNF or PNF’s, unless noted otherwise, either directly (via the NETCONF or REST interface) or indirectly (via a Chef Cookbook or Ansible server).

Note that there are additional commands offered to northbound clients that are not shown below, as these commands either act internally on APPC/SDN-C itself or depend upon network cloud components for implementation (thus, these actions do not put any special requirement on the VNF or PNF provider).

The commands allow for parametric data to be passed from APPC/SDN-C to the VNF or PNF or Ansible/Chef server in the request. The format of the parameter data can be either xml (for NETCONF) or JSON (for Ansible, Chef, or REST).

7.3.1.1. Configuration Commands

Configure: The APPC/SDN-C client is requesting that a post-instantiation configuration be applied to the target VNF or PNF. After the Configure action is completed, the VNF or PNF instance should be ready for service. Note that customer specific configurations may need to be applied using the ConfigModify action. This command requires exclusive access rights of the VNF or PNF.

ConfigModify: The APPC client is requesting a configuration update to a subset of the total configuration parameters of an VNF or PNF or to apply customer specific configurations. The configuration update is typically done while the VNF or PNF is in service and should not disrupt traffic. This command requires exclusive access rights of the VNF or PNF.

ConfigBackup: The APPC client is requesting a backup of the configuration parameters where the parameters are stored on the VNF or PNF. This command is typically requested as part of an orchestration flow for scenarios such as a software upgrade. The ConfigBackup is typically done while the VNF or PNF is not in service (i.e., in a maintenance state). When the ConfigBackup command is executed, the current VNF or PNF configuration parameters are saved in storage that is preserved (if there is an existing set of backed up parameters, they are overwritten). This command requires exclusive access rights of the VNF or PNF.

ConfigRestore: The APPC client is requesting a restore action of the configuration parameters to the VNF or PNF that were saved by ConfigBackup command. This command is typically requested as part of an orchestration flow for scenarios such as a software upgrade where the software upgrade may have failed and the VNF or PNF needs to be rolled back to the prior configuration. When the ConfigRestore command is executed, the VNF or PNF configuration parameters which were backed to persistent preserved storage are applied to the VNF or PNF (replacing existing parameters). The ConfigRestore is typically done while the VNF or PNF is not in service (i.e., in a maintenance state). This command requires exclusive access rights of the VNF or PNF.

ConfigScaleOut: The APPC/SDN-C client is requesting that a configuration be applied after the VNF instance has been scaled out (i.e., one or more additional VM’s instantiated to increase capacity). For some VNF’s, ConfigScaleOut is not needed because the VNF is auto-configured after scale-out. This command is being introduced in the Beijing release to support manual Scale Out and will be extended to support Auto ScaleOut in Casablanca release. This command requires exclusive access rights of the VNF.

Audit: The APPC client is requesting that the current (last known configuration update) is audited against the running configuration on the VNF (Openstack).

Requirement: R-20741
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support APPC/SDN-C Configure command.

Requirement: R-19366
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support APPC ConfigModify command.

Requirement: R-32981
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support APPC ConfigBackup command.

Requirement: R-48247
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support APPC ConfigRestore command.

Requirement: R-94084
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support APPC/SDN-C ConfigScaleOut command.

Requirement: R-56385
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support APPC Audit command.

7.3.1.4. Notes On Command Support Using APPC/SDN-C Southbound Protocols

APPC/SDN-C are designed to support a standard set of protocols in order to communicate with the VNF or PNF instance. The supported protocols are NETCONF, Ansible, Chef, and REST.

NETCONF and REST require the VNF or PNF to implement a server which supports the RPC or REST calls.

Ansible and Chef require the use of a Ansible or Chef server which communicates with the APPC/SDN-C (northbound) and the VNF or PNF VM’s (southbound).

The vendor must select which protocol to support for the commands listed above. Notes:

  • NETCONF is most suitable for configuration related commands.
  • Ansible and Chef are suitable for any command. Ansible has the advantage that it is agentless.
  • REST is specified as an option only for the HealthCheck.

Additional details can be found in the ONAP Application Controller (APPC) API Guide, ONAP VF-C project and the ONAP SDNC project.

7.3.2. NETCONF Standards and Capabilities

APPC/SDN-C and their Adapters utilize device YANG model and NETCONF APIs to make the required changes in the VNF or PNF state and configuration. The VNF or PNF providers must provide the Device YANG model and NETCONF server supporting NETCONF APIs to comply with target ONAP and industry standards.

7.3.2.1. VNF or PNF Configuration via NETCONF Requirements

7.3.2.1.1. Configuration Management

Requirement: R-88026
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST include a NETCONF server enabling runtime configuration and lifecycle management capabilities.

Requirement: R-95950
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST provide a NETCONF interface fully defined by supplied YANG models for the embedded NETCONF server.

7.3.2.1.2. NETCONF Server Requirements

Requirement: R-73468
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST allow the NETCONF server connection parameters to be configurable during virtual machine instantiation through Heat templates where SSH keys, usernames, passwords, SSH service and SSH port numbers are Heat template parameters.

Requirement: R-90007
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the protocol operation: close-session() - Gracefully close the current session.

Requirement: R-70496
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the protocol operation: commit(confirmed, confirm-timeout) - Commit candidate configuration data store to the running configuration.

Requirement: R-18733
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the protocol operation: discard-changes() - Revert the candidate configuration data store to the running configuration.

Requirement: R-44281
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the protocol operation: edit-config(target, default-operation, test-option, error-option, config) - Edit the target configuration data store by merging, replacing, creating, or deleting new config elements.

Requirement: R-60106
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the protocol operation: get(filter) - Retrieve (a filtered subset of) the running configuration and device state information. This should include the list of VNF or PNF supported schemas.

Requirement: R-29488
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the protocol operation: get-config(source, filter - Retrieve a (filtered subset of a) configuration from the configuration data store source.

Requirement: R-11235
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the protocol operation: kill-session(session- Force the termination of session.

Requirement: R-02597
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the protocol operation: lock(target) - Lock the configuration data store target.

Requirement: R-96554
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the protocol operation: unlock(target) - Unlock the configuration data store target.

Requirement: R-29324
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD implement the protocol operation: copy-config(target, source) - Copy the content of the configuration data store source to the configuration data store target.

Requirement: R-88031
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD implement the protocol operation: delete-config(target) - Delete the named configuration data store target.

Requirement: R-97529
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD implement the protocol operation: get-schema(identifier, version, format) - Retrieve the YANG schema.

Requirement: R-62468
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST allow all configuration data to be edited through a NETCONF <edit-config> operation. Proprietary NETCONF RPCs that make configuration changes are not sufficient.

Requirement: R-01382
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST allow the entire configuration of the VNF or PNF to be retrieved via NETCONF’s <get-config> and <edit-config>, independently of whether it was configured via NETCONF or other mechanisms.

Requirement: R-28756
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support :partial-lock and :partial-unlock capabilities, defined in RFC 5717. This allows multiple independent clients to each write to a different part of the <running> configuration at the same time.

Requirement: R-83873
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support :rollback-on-error value for the <error-option> parameter to the <edit-config> operation. If any error occurs during the requested edit operation, then the target database (usually the running configuration) will be left unaffected. This provides an ‘all-or-nothing’ edit mode for a single <edit-config> request.

Requirement: R-68990
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support the :startup capability. It will allow the running configuration to be copied to this special database. It can also be locked and unlocked.

Requirement: R-68200
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support the :url value to specify protocol operation source and target parameters. The capability URI for this feature will indicate which schemes (e.g., file, https, sftp) that the server supports within a particular URL value. The ‘file’ scheme allows for editable local configuration databases. The other schemes allow for remote storage of configuration databases.

Requirement: R-20353
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement both :candidate and :writable-running capabilities. When both :candidate and :writable-running are provided then two locks should be supported.

Requirement: R-11499
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST fully support the XPath 1.0 specification for filtered retrieval of configuration and other database contents. The ‘type’ attribute within the <filter> parameter for <get> and <get-config> operations may be set to ‘xpath’. The ‘select’ attribute (which contains the XPath expression) will also be supported by the server. A server may support partial XPath retrieval filtering, but it cannot advertise the :xpath capability unless the entire XPath 1.0 specification is supported.

Requirement: R-83790
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the :validate capability.

Requirement: R-49145
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement :confirmed-commit If :candidate is supported.

Requirement: R-58358
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the :with-defaults capability [RFC6243].

Requirement: R-59610
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST implement the data model discovery and download as defined in [RFC6022].

Requirement: R-93443
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST define all data models in YANG 1.0 [RFC6020] or YANG 1.1 [RFC7950]. A combination of YANG 1.0 and YANG 1.1 modules is allowed subject to the rules in [RFC7950] section 12. The mapping to NETCONF shall follow the rules defined in this RFC.

Requirement: R-26115
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST follow the data model update rules defined in [RFC6020] section 10 for YANG 1.0 modules, and [RFC7950] section 11 for YANG 1.1 modules. All deviations from the aforementioned update rules shall be handled by a built-in automatic upgrade mechanism.

Requirement: R-10716
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support parallel and simultaneous configuration of separate objects within itself.

Requirement: R-29495
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support locking if a common object is being manipulated by two simultaneous NETCONF configuration operations on the same VNF or PNF within the context of the same writable running data store (e.g., if an interface parameter is being configured then it should be locked out for configuration by a simultaneous configuration operation on that same interface parameter).

Requirement: R-53015
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST apply locking based on the sequence of NETCONF operations, with the first configuration operation locking out all others until completed.

Requirement: R-02616
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST permit locking at the finest granularity if a VNF or PNF needs to lock an object for configuration to avoid blocking simultaneous configuration operations on unrelated objects (e.g., BGP configuration should not be locked out if an interface is being configured or entire Interface configuration should not be locked out if a non-overlapping parameter on the interface is being configured).

Requirement: R-41829
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST be able to specify the granularity of the lock via a restricted or full XPath expression.

Requirement: R-66793
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST guarantee the VNF or PNF configuration integrity for all simultaneous configuration operations (e.g., if a change is attempted to the BUM filter rate from multiple interfaces on the same EVC, then they need to be sequenced in the VNF or PNF without locking either configuration method out).

Requirement: R-54190
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST release locks to prevent permanent lock-outs when/if a session applying the lock is terminated (e.g., SSH session is terminated).

Requirement: R-03465
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST release locks to prevent permanent lock-outs when the corresponding <partial-unlock> operation succeeds.

Requirement: R-63935
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST release locks to prevent permanent lock-outs when a user configured timer has expired forcing the NETCONF SSH Session termination (i.e., product must expose a configuration knob for a user setting of a lock expiration timer).

Requirement: R-10173
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST allow another NETCONF session to be able to initiate the release of the lock by killing the session owning the lock, using the <kill-session> operation to guard against hung NETCONF sessions.

Requirement: R-88899
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support simultaneous <commit> operations within the context of this locking requirements framework.

Requirement: R-07545
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support all operations, administration and management (OAM) functions available from the supplier for VNFs or PNFs using the supplied YANG code and associated NETCONF servers.

Requirement: R-60656
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support sub tree filtering.

Requirement: R-80898
updated: dublin
target: VNF or PNF
keyword: MUST

TThe VNF or PNF MUST support heartbeat via a <get> with null filter.

Requirement: R-25238
updated: dublin
target: VNF
keyword: MUST

The VNF or PNF PACKAGE MUST validated YANG code using the open source pyang [1] program using the following commands:

$ pyang --verbose --strict <YANG-file-name(s)> $ echo $!
Requirement: R-63953
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST have the echo command return a zero value otherwise the validation has failed.

Requirement: R-26508
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support a NETCONF server that can be mounted on OpenDaylight (client) and perform the operations of: modify, update, change, rollback configurations using each configuration data element, query each state (non-configuration) data element, execute each YANG RPC, and receive data through each notification statement.

The following requirements provides the Yang models that suppliers must conform, and those where applicable, that suppliers need to use.

Requirement: R-22700
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST conform its YANG model to RFC 6470, “NETCONF Base Notifications”.

Requirement: R-10353
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST conform its YANG model to RFC 6244, “An Architecture for Network Management Using NETCONF and YANG”.

Requirement: R-53317
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST conform its YANG model to RFC 6087, “Guidelines for Authors and Reviewers of YANG Data Model specification”.

Requirement: R-33955
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD conform its YANG model to RFC 6991, “Common YANG Data Types”.

Requirement: R-22946
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD conform its YANG model to RFC 6536, “NETCONF Access Control Model”.

Requirement: R-10129
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD conform its YANG model to RFC 7223, “A YANG Data Model for Interface Management”.

Requirement: R-12271
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD conform its YANG model to RFC 7223, “IANA Interface Type YANG Module”.

Requirement: R-49036
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD conform its YANG model to RFC 7277, “A YANG Data Model for IP Management”.

Requirement: R-87564
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD conform its YANG model to RFC 7317, “A YANG Data Model for System Management”.

Requirement: R-24269
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD conform its YANG model to RFC 7407, “A YANG Data Model for SNMP Configuration”, if Netconf used to configure SNMP engine.

The NETCONF server interface shall fully conform to the following NETCONF RFCs.

Requirement: R-33946
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST conform to the NETCONF RFC 4741, “NETCONF Configuration Protocol”.

Requirement: R-04158
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST conform to the NETCONF RFC 4742, “Using the NETCONF Configuration Protocol over Secure Shell (SSH)”.

Requirement: R-13800
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST conform to the NETCONF RFC 5277, “NETCONF Event Notification”.

Requirement: R-01334
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST conform to the NETCONF RFC 5717, “Partial Lock Remote Procedure Call”.

Requirement: R-08134
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST conform to the NETCONF RFC 6241, “NETCONF Configuration Protocol”.

Requirement: R-78282
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST conform to the NETCONF RFC 6242, “Using the Network Configuration Protocol over Secure Shell”.

Requirement: R-997907
target: VNF or PNF
keyword: SHOULD
introduced: dublin

The VNF or PNF SHOULD support TLS as secure transport for the NETCONF protocol according to [RFC7589].

7.3.3. VNF or PNF REST APIs

HealthCheck is a command for which no NETCONF support exists. Therefore, this must be supported using a RESTful interface (defined in this section) or with a Chef cookbook/Ansible playbook (defined in sections Chef Standards and Capabilities and Ansible Standards and Capabilities).

See section 7.3.1.4 for the definition of Full Healthcheck and Partial Healthchecks.

The VNF or PNF must provide a REST formatted GET RPCs to support HealthCheck queries via the GET method over HTTP(s).

The port number, url, and other authentication information is provided by the VNF or PNF provider.

7.3.3.1. REST APIs

Requirement: R-31809
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support the HealthCheck RPC. The HealthCheck RPC executes a VNF or PNF Provider-defined VNF or PNF HealthCheck over the scope of the entire VNF or PNF (e.g., if there are multiple VNFCs, then run a health check, as appropriate, for all VNFCs). It returns a 200 OK if the test completes. A JSON object is returned indicating state (healthy, unhealthy), scope identifier, time-stamp and one or more blocks containing info and fault information. If the VNF or PNF is unable to run the HealthCheck, return a standard http error code and message.

Examples of responses when HealthCheck runs and is able to provide a healthy or unhealthy response:

{
  "identifier":"VNF",
  "state":"healthy",
  "time":"2018-11-28 22:39:00.809466"
},

{
  "identifier":"VNF",
  "state":"unhealthy",
  "info":"There are stopped processes or VNF is not ready, may be quiesced or frozen.",
  "fault":"VNF mtn23comx8000v not ready for service.",
  "time":"2018-11-30 05:47:48.655959"
}

7.3.4. Chef Standards and Capabilities

ATTENTION: Chef is supported by ONAP, but it is not currently used by any of the official ONAP use cases and is not part of standard release testing like REST, Ansible, and Netconf. For this reason, the other options are generally favored over Chef at this time.

ONAP will support configuration of VNFs or PNFs via Chef subject to the requirements and guidelines defined in this section.

The Chef configuration management mechanism follows a client-server model. It requires the presence of a Chef-Client on the VNF or PNF that will be directly managed by a Chef Server. The Chef-client will register with the appropriate Chef Server and are managed via ‘cookbooks’ and configuration attributes loaded on the Chef Server which contain all necessary information to execute the appropriate actions on the VNF or PNF via the Chef-client.

ONAP will utilize the open source Chef Server, invoke the documented Chef REST APIs to manage the VNF or PNF and requires the use of open source Chef-Client and Push Jobs Client on the VNF or PNF (https://downloads.chef.io/).

7.3.4.1. VNF or PNF Configuration via Chef Requirements

7.3.4.1.1. Chef Client Requirements

Requirement: R-79224
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST have the chef-client be preloaded with validator keys and configuration to register with the designated Chef Server as part of the installation process.

Requirement: R-72184
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST have routable FQDNs for all the endpoints (VMs) of a VNF or PNF that contain chef-clients which are used to register with the Chef Server. As part of invoking VNF or PNF actions, ONAP will trigger push jobs against FQDNs of endpoints for a VNF or PNF, if required.

Requirement: R-47068
updated: dublin
target: VNF or PNF
keyword: MAY

The VNF or PNF MAY expose a single endpoint that is responsible for all functionality.

Requirement: R-67114
updated: dublin
target: VNF
keyword: MUST

The VNF or PNF MUST be installed with Chef-Client >= 12.0 and Chef push jobs client >= 2.0.

7.3.4.1.2. Chef Roles/Requirements

Requirement: R-27310
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF Package MUST include all relevant Chef artifacts (roles/cookbooks/recipes) required to execute VNF or PNF actions requested by ONAP for loading on appropriate Chef Server.

Requirement: R-26567
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF Package MUST include a run list of roles/cookbooks/recipes, for each supported VNF or PNF action, that will perform the desired VNF or PNF action in its entirety as specified by ONAP (see Section 7.c, APPC/SDN-C APIs and Behavior, for list of VNF or PNF actions and requirements), when triggered by a chef-client run list in JSON file.

Requirement: R-98911
updated: dublin
target: VNF or PNF
keyword: MUST NOT

The VNF or PNF MUST NOT use any instance specific parameters for the VNF or PNF in roles/cookbooks/recipes invoked for a VNF or PNF action.

Requirement: R-37929
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST accept all necessary instance specific data from the environment or node object attributes for the VNF or PNF in roles/cookbooks/recipes invoked for a VNF or PNF action.

Requirement: R-62170
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST over-ride any default values for configurable parameters that can be set by ONAP in the roles, cookbooks and recipes.

Requirement: R-78116
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST update status on the Chef Server appropriately (e.g., via a fail or raise an exception) if the chef-client run encounters any critical errors/failures when executing a VNF or PNF action.

Requirement: R-44013
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST populate an attribute, defined as node [‘PushJobOutput’] with the desired output on all nodes in the push job that execute chef-client run if the VNF or PNF action requires the output of a chef-client run be made available (e.g., get running configuration).

Requirement: R-30654
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF Package MUST have appropriate cookbooks that are designed to automatically ‘rollback’ to the original state in case of any errors for actions that change state of the VNF or PNF (e.g., configure).

Requirement: R-65755
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD support callback URLs to return information to ONAP upon completion of the chef-client run for any chef-client run associated with a VNF or PNF action.

  • As part of the push job, ONAP will provide two parameters in the environment of the push job JSON object:

    • “RequestId” a unique Id to be used to identify the request,
    • “CallbackUrl”, the URL to post response back.
  • If the CallbackUrl field is empty or missing in the push job, then the chef-client run need not post the results back via callback.

Requirement: R-15885
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST Upon completion of the chef-client run, POST back on the callback URL, a JSON object as described in Table A2 if the chef-client run list includes a cookbook/recipe that is callback capable. Failure to POST on the Callback Url should not be considered a critical error. That is, if the chef-client successfully completes the VNF or PNF action, it should reflect this status on the Chef Server regardless of whether the Callback succeeded or not.

7.3.4.2. ONAP Chef API Usage

This section outlines the workflow that ONAP invokes when it receives an action request against a Chef managed VNF or PNF.

  1. When ONAP receives a request for an action for a Chef Managed VNF or PNF, it retrieves the corresponding template (based on action and VNF or PNF) from its database and sets necessary values in the “Environment”, “Node” and “NodeList” keys (if present) from either the payload of the received action or internal data.
  2. If “Environment” key is present in the updated template, it posts the corresponding JSON dictionary to the appropriate Environment object REST endpoint on the Chef Server thus updating the Environment attributes on the Chef Server.
  3. Next, it creates a Node Object from the “Node” JSON dictionary for all elements listed in the NodeList (using the FQDN to construct the endpoint) by replicating it [2]. As part of this process, it will set the name field in each Node Object to the corresponding FQDN. These node objects are then posted on the Chef Server to corresponding Node Object REST endpoints to update the corresponding node attributes.
  4. If PushJobFlag is set to “True” in the template, ONAP requests a push job against all the nodes in the NodeList to trigger chef-client. It will not invoke any other command via the push job. ONAP will include a callback URL in the push job request and a unique Request Id. An example push job posted by ONAP is listed below:
{
 "command": "chef-client"
 "run_timeout": 300
 "nodes": ["node1.vnf_a.onap.com", "node2.vnf_a.onap.com"]
   "env": {
            "RequestId":"8279-abcd-aksdj-19231"
            "CallbackUrl":"<callback>"
          }
}
  1. If CallbackCapable field in the template is not present or set to “False” ONAP will poll the Chef Server to check completion status of the push job.
  2. If “GetOutputFlag” is set to “True” in the template and CallbackCapable is not set to “True”, ONAP will retrieve any output from each node where the push job has finished by accessing the Node Object attribute node[‘PushJobOutput’].

7.3.5. Ansible Standards and Capabilities

ONAP will support configuration of VNFs or PNFs via Ansible subject to the requirements and guidelines defined in this section.

Ansible allows agentless management of VNFs or PNFs/VMs/VNFCs via execution of ‘playbooks’ over ssh. The ‘playbooks’ are a structured set of tasks which contain all the necessary resources and execution capabilities to take the necessary action on one or more target VMs (and/or VNFCs) of the VNF. ONAP will utilize the framework of an Ansible Server that will host all Ansible artifacts and run playbooks to manage VNFs or PNFs that support Ansible.

7.3.5.1. VNF or PNF Configuration via Ansible Requirements

7.3.5.1.1. Ansible Client Requirements

Requirement: R-32217
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST have routable management IP addresses or FQDNs that are reachable via the Ansible Server for the endpoints (VMs) of a VNF or PNF that playbooks will target. ONAP will initiate requests to the Ansible Server for invocation of playbooks against these end points [3].

Requirement: R-54373
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST have Python >= 2.6 on the endpoint VM(s) of a VNF or PNF on which an Ansible playbook will be executed.

Requirement: R-35401
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support SSH and allow SSH access by the Ansible server to the endpoint VM(s) and comply with the Network Cloud Service Provider guidelines for authentication and access.

Requirement: R-82018
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST load the Ansible Server SSH public key onto VNF or PNF VM(s) /root/.ssh/authorized_keys as part of instantiation. Alternative, is for Ansible Server SSH public key to be loaded onto VNF or PNF VM(s) under /home/<Mechanized user ID>/.ssh/authorized_keys as part of instantiation, when a Mechanized user ID is created during instantiation, and Configure and all playbooks are designed to use a mechanized user ID only for authentication (never using root authentication during Configure playbook run). This will allow the Ansible Server to authenticate to perform post-instantiation configuration without manual intervention and without requiring specific VNF or PNF login IDs and passwords.

CAUTION: For VNFs or PNFs configured using Ansible, to eliminate the need for manual steps, post-instantiation and pre-configuration, to upload of SSH public keys, SSH public keys loaded during (heat) instantiation shall be preserved and not removed by (heat) embedded (userdata) scripts.

Requirement: R-92866
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST include as part of post-instantiation configuration done by Ansible Playbooks the removal/update of the SSH public key from /root/.ssh/authorized_keys, and update of SSH keys loaded through instantiation to support Ansible. This may include creating Mechanized user ID(s) used by the Ansible Server(s) on VNF VM(s) and uploading and installing new SSH keys used by the mechanized use ID(s).

Requirement: R-97345
updated: dublin
target: VNF or PNF
keyword: MUST
introduced: casablanca

The VNF or PNF MUST permit authentication, using root account, only right after instantiation and until post-instantiation configuration is completed.

Requirement: R-97451
updated: dublin
target: VNF or PNF
keyword: MUST
introduced: casablanca

The VNF or PNF MUST provide the ability to remove root access once post-instantiation configuration (Configure) is completed.

Requirement: R-91745
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST update the Ansible Server and other entities storing and using the SSH keys for authentication when the SSH keys used by Ansible are regenerated/updated.

Note: Ansible Server itself may be used to upload new SSH public keys onto supported VNFs or PNFs.

Requirement: R-73459
updated: dublin
target: VNF or PNF
keyword: MUST
introduced: casablanca

The VNF or PNF MUST provide the ability to include a “from=” clause in SSH public keys associated with mechanized user IDs created for an Ansible Server cluster to use for VNF or PNF VM authentication.

Requirement: R-45197
updated: dublin
target: VNF or PNF
keyword: MUST
introduced: casablanca

The VNF or PNF MUST define the “from=” clause to provide the list of IP addresses of the Ansible Servers in the Cluster, separated by coma, to restrict use of the SSH key pair to elements that are part of the Ansible Cluster owner of the issued and assigned mechanized user ID.

Requirement: R-94567
updated: dublin
target: VNF or PNF
keyword: MUST
introduced: casablanca

The VNF or PNF MUST provide Ansible playbooks that are designed to run using an inventory hosts file in a supported format with only IP addresses or IP addresses and VM/VNF or PNF names.

Requirement: R-67124
updated: dublin
target: VNF or PNF
keyword: MUST
introduced: casablanca

The VNF or PNF MUST provide Ansible playbooks that are designed to run using an inventory hosts file in a supported format; with group names matching VNFC 3-character string adding “vip” for groups with virtual IP addresses shared by multiple VMs as seen in examples provided in Appendix.

Requirement: R-24482
updated: dublin
target: VNF or PNF
keyword: MUST
introduced: casablanca

The VNF or PNF MUST provide Ansible playbooks that are designed to run using an inventory hosts file in a supported format; with site group that shall be used to add site specific configurations to the target VNF or PNF VM(s) as needed.

7.3.5.1.2. Ansible Playbook Requirements

An Ansible playbook is a collection of tasks that is executed on the Ansible server (local host) and/or the target VM (s) in order to complete the desired action.

Requirement: R-49751
updated: dublin
target: VNF or PNF
keyword: MUST
introduced: casablanca

The VNF or PNF MUST support Ansible playbooks that are compatible with Ansible version 2.6 or later.

Requirement: R-40293
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST make available playbooks that conform to the ONAP requirement.

Requirement: R-49396
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST support each APPC/SDN-C VNF or PNF action by invocation of one playbook [4]. The playbook will be responsible for executing all necessary tasks (as well as calling other playbooks) to complete the request.

Requirement: R-33280
updated: dublin
target: VNF or PNF
keyword: MUST NOT

The VNF or PNF MUST NOT use any instance specific parameters in a playbook.

Requirement: R-48698
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST utilize information from key value pairs that will be provided by the Ansible Server as “extra-vars” during invocation to execute the desired VNF or PNF action. The “extra-vars” attribute-value pairs are passed to the Ansible Server by an APPC/SDN-C as part of the Rest API request. If the playbook requires files, they must also be supplied using the methodology detailed in the Ansible Server API, unless they are bundled with playbooks, example, generic templates. Any files containing instance specific info (attribute-value pairs), not obtainable from any ONAP inventory databases or other sources, referenced and used an input by playbooks, shall be provisioned (and distributed) in advance of use, e.g., VNF or PNF instantiation. Recommendation is to avoid these instance specific, manually created in advance of instantiation, files.

The Ansible Server will determine if a playbook invoked to execute an VNF or PNF action finished successfully or not using the “PLAY_RECAP” summary in Ansible log. The playbook will be considered to successfully finish only if the “PLAY RECAP” section at the end of playbook execution output has no unreachable hosts and no failed tasks. Otherwise, the playbook will be considered to have failed.

Requirement: R-43253
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST use playbooks designed to allow Ansible Server to infer failure or success based on the “PLAY_RECAP” capability.

Note: There are cases where playbooks need to interpret results of a task and then determine success or failure and return result accordingly (failure for failed tasks).

Requirement: R-50252
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST write to a response file in JSON format that will be retrieved and made available by the Ansible Server if, as part of a VNF or PNF action (e.g., audit), a playbook is required to return any VNF or PNF information/response. The text files must be written in the main playbook home directory, in JSON format. The JSON file must be created for the VNF or PNF with the name ‘<VNF or PNF name>_results.txt’. All playbook output results, for all VNF or PNF VMs, to be provided as a response to the request, must be written to this response file.

Requirement: R-51442
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD use playbooks that are designed to automatically ‘rollback’ to the original state in case of any errors for actions that change state of the VNF or PNF (e.g., configure).

Note: In case rollback at the playbook level is not supported or possible, the VNF or PNF provider shall provide alternative rollback mechanism (e.g., for a small VNF or PNF the rollback mechanism may rely on workflow to terminate and re-instantiate VNF VMs and then re-run playbook(s)). Backing up updated files is also recommended to support rollback when soft rollback is feasible.

Requirement: R-58301
updated: dublin
target: VNF or PNF
keyword: SHOULD NOT

The VNF or PNF SHOULD NOT use playbooks that make requests to Cloud resources e.g. Openstack (nova, neutron, glance, heat, etc.); therefore, there is no use for Cloud specific variables like Openstack UUIDs in Ansible Playbook related artifacts.

Rationale: Flows that require interactions with Cloud services e.g. Openstack shall rely on workflows run by an Orchestrator (Change Management) or other capability (such as a control loop or Operations GUI) outside Ansible Server which can be executed by a APPC/SDN-C. There are policies, as part of Control Loop models, that send remediation action requests to an APPC/SDN-C; these are triggered as a response to an event or correlated events published to Event Bus.

Requirement: R-02651
updated: dublin
target: VNF or PNF
keyword: SHOULD

The VNF or PNF SHOULD use available backup capabilities to save a copy of configuration files before implementing changes to support operations such as backing out of software upgrades, configuration changes or other work as this will help backing out of configuration changes when needed.

Requirement: R-43353
updated: dublin
target: VNF or PNF
keyword: MUST

The VNF or PNF MUST return control from Ansible Playbooks only after all tasks performed by playbook are fully complete, signaling that the playbook completed all tasks. When starting services, return control only after all services are up. This is critical for workflows where the next steps are dependent on prior tasks being fully completed.

Detailed examples:

StopApplication Playbook – StopApplication Playbook shall return control and a completion status response only after VNF or PNF application is fully stopped, all processes/services stopped.

StartApplication Playbook – StartApplication Playbook shall return control and a completion status only after all VNF or PNF application services are fully up, all processes/services started and ready to provide services.

NOTE: Start Playbook should not be declared complete/done after starting one or several processes that start the other processes.

HealthCheck Playbook:

SUCCESS – HealthCheck success shall be returned (return code 0) by a Playbook or Cookbook only when VNF or PNF is 100% healthy, ready to take requests and provide services, with all VNF or PNF required capabilities ready to provide services and with all active and standby resources fully ready with no open MINOR, MAJOR or CRITICAL alarms.

NOTE: In some cases, a switch may need to be turned on, but a VNF or PNF reported as healthy, should be ready to take service requests or be already processing service requests successfully.

A successful execution of a health-check playbook shall create one response file (per VNF or PNF) in JSON format, named after the VNF or PNF instance, followed by “_results.txt” (<VNF or PNF instance name>_results.txt) to be provided as a response to the requestor, indicating health-check was executed and completed successfully, example: vfdb9904v_results.txt, with the following contents:

{
 "identifier": "VNF",
 "state": "healthy",
 "time": "2018-03-16:1139"
}

Example:

$ cat vfdb9904v_results.txt
{
 "identifier": "VNF",
 "state": "healthy",
 "time": "2018-03-16:1139"
}

NOTE: See section 7.3.1.4 for comments on support of partial health checks.

FAILURE – A health check playbook shall return a non-zero return code in case VNF or PNF is not 100% healthy because one or more VNF or PNF application processes are stopped or not ready to take service requests or because critical or non-critical resources are not ready or because there are open MINOR, MAJOR or CRITICAL traps/alarms or because there are issues with the VNF or PNF that need attention even if they do not impact services provided by the VNF or PNF.

A failed health-check playbook shall also create one file (per VNF or PNF), in JSON format, named after the VNF or PNF instance name, followed by “_results.txt” to indicate health-check was executed and found issues in the health of the VNF or PNF. This is to differentiate from failure to run health-check playbook or playbook tasks to verify the health of the VNF or PNF, example: vfdb9904v_results.txt, with the following contents:

{
 "identifier": "VNF",
 "state": "unhealthy",
 "info": "Error in following VM(s). Check hcstatus files
 under /tmp/ccfx9901v for details",
 "fault": [
   "vfdb9904vm001",
   "vfdb9904vm002"
 ],
 "time": "2018-03-16:4044"
}

Example:

$ cat vfdb9904v_results.txt
{
 "identifier": "VNF",
 "state": "unhealthy",
 "info": "Error in following VM(s). Check hcstatus files
 under /tmp/ccfx9901v for details",
 "fault": [
   "vfdb9904vm001",
   "vfdb9904vm002"
 ],
 "time": "2018-03-16:4044"
}

See VNF or PNF REST APIs for additional details on HealthCheck.

Some VNFs or PNFs may support and desire to run partial health checks and receive a successful response when partial health check completes without errors. The parameter name used by HealthCheck playbook to request non-default partial health check is healthcheck_type. Example of health check types could be healthcheck_type=GuestOS, healthcheck_type=noDB, healthcheck_type=noConnections, healthcheck_type=IgnoreAlarms, etc.. This attribute-value pair may be passed by Orchestrator or Workflow or other (northbound) APPC/SDN-C clients to APPC/SDN-C as part of the request.

By default, when no argument/parameter is passed, healthcheck playbook performs a full VNF or PNF health check.

Requirement: R-24189
updated: dublin
target: VNF or PNF
keyword: SHOULD
introduced: casablanca

The VNF or PNF provider MUST deliver a new set of playbooks that includes all updated and unchanged playbooks for any new revision to an existing set of playbooks.

Requirement: R-49911
updated: dublin
target: VNF or PNF
keyword: SHOULD
introduced: casablanca

The VNF or PNF provider MUST assign a new point release to the updated playbook set. The functionality of a new playbook set must be tested before it is deployed to the production.

7.3.5.2. Ansible API Usage

This section outlines the workflow that APPC/SDN-C invokes when it receives an action request against an Ansible managed VNF or PNF.

  1. When APPC/SDN-C receives a request for an action for an Ansible managed VNF or PNF, it retrieves the corresponding template (based on action and VNF or PNF Type) from its database and sets necessary values (such as an Id, NodeList, and EnvParameters) from either information either in the request or data obtained from other sources, inventory database, is an example of such sources. This is referred to as the payload that is sent as a JSON object to the Ansible server as part of the Rest API request.
  2. The APPC/SDN-C sends a request to the Ansible server to execute the action.
  3. The APPC/SDN-C, after sending a request to the Ansible server, polls it to get results(success or failure). The APPC/SDN-C has a timeout value which is contained in the action request template. Different actions can set different timeout values (default setting is 600 seconds). If the result is not available when the timeout is reached, the APPC/SDN-C stops polling and returns a timeout error to the requester. The Ansible Server continues to process the request.

7.3.6. Support of APPC/SDN-C Commands And Southbound Protocols

The following table summarizes the commands and possible protocols selected. Note that the HealthCheck can also be supported via REST.

Table 8. APPC/SDN-C APIs and NETCONF Commands

Command NETCONF Support Chef Support Ansible
General Comments For each RPC, the appropriate RPC operation is listed.

VNF or PNF Vendor must provide any necessary roles, cookbooks, recipes to retrieve the running configuration from a VNF or PNF and place it in the respective Node Objects ‘PushJobOutput’ attribute of all nodes in NodeList when triggered by a chef-client run.

The JSON file for this VNF or PNF action is required to set “PushJobFlag” to “True” and “GetOutputFlag” to “True”. The “Node” JSON dictionary must have the run list populated with the necessary sequence of roles, cookbooks, recipes.

The Environment and Node values should contain all appropriate configuration attributes.

NodeList must list sample FQDNs that are required to conduct a chef-client run for this VNF Action.

VNF Vendor must provide an Ansible playbook to retrieve the running configuration from a VNF and place the output on the Ansible server in a manner aligned with playbook requirements listed in this document.

The PlaybookName must be provided in the JSON file.

NodeList must list IP addresses or DNS supported FQDNs of an example VNF on which to execute playbook.

Audit The <get-config> is used to return the running configuration. Supported via a cookbook that returns the running configuration. Supported via a playbook that returns the running configuration.
Configure, ModifyConfig The <edit-config> operation loads all or part of a specified data set to the specified target database. If there is no <candidate/> database, then the target is the <running/> database. A <commit> follows. Supported via a cookbook that updates the VNF or PNF configuration. Supported via a playbook that updates the VNF configuration.
Other Configuration Commands This command has no existing NETCONF RPC action. Supported via a cookbook that performs the action. Supported via a playbook that performs the action.
Lifecycle Management Commands This command has no existing NETCONF RPC action. Supported via a cookbook that performs the action. Supported via a playbook that performs the action.
Health Check This command has no existing NETCONF RPC action. Supported via a cookbook that performs a HealthCheck and returns the results. Supported via a playbook that performs the HealthCheck and returns the results.
[1]https://github.com/mbj4668/pyang
[2]Recall that the Node Object is required to be identical across all VMs of a VNF or PNF invoked as part of the action except for the “name”.
[3]Upstream elements must provide the appropriate FQDN in the request to ONAP for the desired action.
[4]Multiple ONAP actions may map to one playbook.