Page History

...

ETSI Package Onboarding and Distribution
- SOL004 VNF/PNF /NS Package includes SOL001 VNFD/PNFD with the original vendor package will be distributed from SDC to SVNFM/External NFVO.
- SOL007 NS Package includes SOL001 NSD with the original vendor package will be distributed from SDC to SVNFM/ External NFVO.
- SOL003 and SOL005 Package Management APIs will be used for the distribution.
- SOL004 VNF/PNF Package Security will be supported by the package signature and certificate.
- SOL007 NS Package Security will be supported by the package signature and certificate

Feature Descriptions

Feature

Description

ETSI Package Management

SOL004 VNF/PNF /NS Package includes SOL001 VNFD/PNFD with the original vendor package will be distributed from SDC to SVNFM/External NFVO.
SOL007 NS Package includes SOL001 NSD with the original vendor package will be distributed from SDC to SVNFM/External NFVO.
SOL003 and SOL005 Package Management APIs will be used for the distribution.
- SOL003/SOL005 Adapters passes vendor packages to SVNFM/NFVO

ETSI Package Security

If the vendor package includes signature and certificate, ONAP supports the package security.

SOL004 VNF/PNF Package security will be supported by the package signature and certificate
SOL007 NS Package security will be supported by the package signature and certificate
SDC will store the vendor package with signature and certificate in a zip format in the ONBOARDING_PACKAGE directory.
SO stores ONBOARDING_PACKAGE zip files in the ONAP-ETSI Catalog DB through ONAP-ETSI Catalog Manager APIs.SOL003/SOL005 Adapters passes vendor packages to SVNFM/NFVO
SVNFM/NFVO extracts the CSAR files file from the vendor packages package
- For Frankfurt, extracting the CSAR without validation is allowed

Epic and User Story

Epic	User Story	Description	Frankfurt?
Support ETSI Package Management	ONAP supports ETSI package management (onboarding and distribution)	ONAP supports ETSI package management (onboarding and distribution)	Yes
	SDC Supports ETSI package onboarding SDC supports onboarding of the SOL004 VNF/PNF /NS Package includes SOL001 VNFD/PNFD/NSD TOSCA service templates PNFD onboarding is done and its regression testing will be done VNFD onboarding is tested in El Alto, and further testing is necessaryits regression testing will be done SDC supports onboarding of the SOL007 NS Package including SOL001 NS NSD onboarding is needed for will be supported for NFVO operations through SOL005 SDC VSP and Resource CSAR files includes the original vendor package This is done in Dublin and its regression testing will be done	SOL004 PNF package onboarding is done in Dublin Storing the original vendor package in the SDC CSAR is done SOL004 VNF package onboarding is tested in El Alto Further testing is necessary in Frankfurt SOL004 SOL007 NS package onboarding needs to be designed and implemented in Frankfurtwill be supported for SOL005 NS operations	YesYes for VNF and NS package onboarding
	OSS/BSS onboards the vendor SOL004 SOL007 NS package to SO directly through SOL005 Package Management APIs	Verizon and Samsung are supposed to provide their use cases for this direct onboarding from OSS/BSS to SO. It is possible this onboarding path is out of scope from Frankfurt	TBD
	The vendor package will be distributed from SDC to SVNFM/External NFVO The vendor package will be stored at the ONAP-ETSI Catalog DB SOL003 and SOL005 Package Management APIs will be used for the distribution SOL003/SOL005 Adapters passes vendor packages to SVNFM/NFVO	Refer to the ONAP-ETSI Catalog Manager, SO ETSI Catalog Manager and SOL003/SOL005 Package Management use cases	Yes
Support ETSI Package Security	ONAP supports vendor ETSI Package Security If the vendor package includes signature and certificate, ONAP supports the package security	ONAP SDC already supports this in Dublin - Done	Done
	SOL004 VNF/PNF Package security will be supported by SDC, based on the package signature and certificate	ONAP SDC supports this	Done	the package security	Done
	SOL007 NS Package security will be supported by SDC, based on the package signature and certificate	ONAP SDC supports the package security	Yes
	SDC SDC will store the vendor package with signature and certificate in a zip format in the ONBOARDING_PACKAGE directory.	It is done in El Alto	Done
	SO stores ONBOARDING_PACKAGE zip files in the ONAP-ETSI Catalog DB through ONAP-ETSI Catalog Manager APIs.	Refer to the ONAP-ETSI Catalog Manager and SO ETSI Catalog Manager use cases	Yes
	SVNFM/NFVO extracts the CSAR files file from the vendor packages package For Frankfurt, extracting the CSAR without validation is allowed	SVNFM and External NFVO requirements on how to handle the zip-format packages For Frankfurt, extracting the CSAR file without validation is allowed	Yes

ETSI Package Management Architecture

...

SDC supports SOL004 VNF/PNF package onboarding, and stores the original vendor VNF/PNF /NS package inside the SDC package
1. SOL004 package includes SOL001 VNFD/NSD/PNFD TOSCA service template
2. PNF onboarding was has been tested
3. VNF onboarding is being will be tested in El Alto / Frankfurt
SDC will support SOL007 NS package onboarding and store the original vendor NS package inside the SDC package
1. NS onboarding will be supported in Frankfurt
SDC supports VNF/PNF package onboarding and/or accepts VNF/PNF management interfaces from OSS/BSS via SOL005 Package Management APIs (TBD)
SO supports NS package management interfaces from OSS /BSS via SOL005 Package Management APIs (TBD)
ONAP Runtime components store SOL004 Packages as neededfor their operations
1. For the SO case, SO stores SOL004 packages for NS, VNF and PNF by leveraging the ONAP-ETSI Catalog DB microservicesManager
2. For the SO case, SO stores SOL007 packages for NS by leveraging the ONAP-ETSI Catalog Manager
SOL003 VNFM Adapter provides VNFMs Query/Fetch VNF packages/contents/artifacts, Reading VNFD and subscription/notification services
SOL005 Adapter provides NSD/PNFD management and SOL005 VNF package management

Note:

SOL007 (NS package) support is under discussion.
To simplify the package distribution and storage, the Runtime Catalog Manager is suggested for the future.

NS/PNF/VNF package management to VF-C/External NFVO by leveraging SOL005 package management APIs

Gliffy Diagram

name	ONAP ETSI Package Management
pagePin	67

ETSI Package Distribution Flows

...

At onboarding, SDC checks the file extension and performs the following procedures
1. If the file is .zip, SDC unzips
  1. If it has .cert & .cms, it is a package with security and security validation will be performed.
  2. If it does not include .cert & .cms, it is an existing Heat template onboarding, and SDC follows the Heat template onboarding procedure
If the file is .csar, it is a package without security.
Next, SDC will check the TOSCA.meta file.
If it contains SOL004v2.?.1 keywords, the package will be handled as SOL004v2.?.1.
Otherwise, it will be handled as existing TOSCA (non-SOL004) package onboarding which will not have the ONBOARDING_PACKAGE artifact.

SDC SOL004/SOL007 VNF Package Security

Among the SOL004/SOL007 VNF package security options, the SDC supports the option2 as depicted below. In the option 2, there are two ways to zip the VNF packages, and SDC supports both.

SDC validates the VNF packages based on the embedded signature and certificate by leveraging CA.

Vendor SOL004/SOL007 VNF Package with certificate and signature is onboarded into SDC
- ZIP-format VNF package includes CSAR, Signature and Certificate
SDC validates VNF package based on the certificate and signature
SDC generates SDC internal model plus the vendor SOL004/SOL007 package CSAR and ZIP (with certificate and signature) – the supported format is TBD based on the security requirement

...

Space shortcuts

Page tree

Versions Compared

Old Version 46

New Version 47

Key

Feature Descriptions

Epic and User Story

ETSI Package Management Architecture

SDC SOL004/SOL007 VNF Package Security