...
- SDC supports SOL004 VNF/PNF package onboarding, and stores the original vendor VNF/PNF package inside the SDC package
- SOL004 package includes SOL001 VNFD/PNFD
- PNF onboarding has been tested
- VNF onboarding will be tested in El Alto / Frankfurt
- SDC will support SOL007 NS package onboarding and store the original vendor NS package inside the SDC package
- NS onboarding will be supported
- NS onboarding will be tested
- SDC supports VNF/PNF package management interfaces from OSS/BSS via SOL005 Package Management APIs (TBD)
- SO supports NS package management interfaces from OSS via SOL005 Package Management APIs (TBD)
- ETSI Catalog Manager stores SOL004/SOL007 Packages for other ONAP runtime components such as SO, SOL003/SOL005 Adapters, VFC and others
- ONAP-ETSI Catalog Manager will store SOL004 packages for VNF and PNF
- ONAP-ETSI Catalog Manager will store SOL007 packages for NS
- SOL003 VNFM Adapter provides VNFMs Query/Fetch VNF packages/contents/artifacts, Reading VNFD and subscription/notification services
- SOL005 Adapter provides NS/PNF/VNF package management to VF-C/External NFVO by leveraging SOL005 package management APIs
Onboarding
Gliffy Diagram | ||||||
---|---|---|---|---|---|---|
|
Design NS
Gliffy Diagram | ||||||
---|---|---|---|---|---|---|
|
Distribution
Gliffy Diagram | ||||||
---|---|---|---|---|---|---|
|
- ETSI Package Distribution Flows
SDC VNF/PNF/NS Onboarding and Distribution
This section describes SDC VNF/PNF onboarding and the End-to-End package distribution from SDC to SVNFM/external NFVOs.
SDC takes the vendor provided package and adds some files or changes files and meta data according to SDC procedure.
SDC VNF/PNF Onboarding Procedure and Original Vendor VNF/PNF Package Handling
- Enhancement (Ericsson contribution) was made to the SDC Dublin to support SOL004 PNF onboarding with .zip and .csar file extensions.
- The enhancement can be used for VNF onboarding – it is being tested.
- SDC VSP and Resource csar files have the ONBOARDED_PACKAGE, which contains the original vendor VNF package.
- The VNFM and external NFVO use the original vendor VNF/NS packages.
- ONAP-ETSI Catalog Manager will be changed for the location of the original vendor package.
- At onboarding, SDC checks the file extension and performs the following procedures
- If the file is .zip, SDC unzips
- If it has .cert & .cms, it is a package with security and security validation will be performed.
- If it does not include .cert & .cms, it is an existing Heat template onboarding, and SDC follows the Heat template onboarding procedure
- If the file is .zip, SDC unzips
- If the file is .csar, it is a package without security.
- Next, SDC will check the TOSCA.meta file.
- If it contains SOL004v2.?.1 keywords, the package will be handled as SOL004v2.?.1.
- Otherwise, it will be handled as existing TOSCA (non-SOL004) package onboarding which will not have the ONBOARDED_PACKAGE artifact.
Gliffy Diagram | ||||||
---|---|---|---|---|---|---|
|
Design NS
Gliffy Diagram | ||||||
---|---|---|---|---|---|---|
|
Distribution
ETSI packages will be distributed from SDC to the ETSI Catalog Manager for other ONAP runtime components such as SO (SOL003/SOL005 Adapter) and VF-C.
- The original vendor package format could be one of the following.
- Vendor package including certificate and signature (Zip format)
- Vendor package without certificate and signature (CSAR format)
- Open Issues:
- Distribution of vendor VNF packages with certificates and signatures to SVFNM need to be sorted out.
Package Distribution Components Interactions
The following diagram depicts the ETSI package distribution.
Gliffy Diagram | ||||||
---|---|---|---|---|---|---|
|
ETSI Package Distribution Flows
PlantUML Macro | ||
---|---|---|
| ||
@startuml
participant OSS_BSS
participant SDC
participant ONAP_ETSI_Catalog_Mgr
participant SOL003_Adapter
participant SOL005_Adapter
participant VNFM
participant VFC
participant Ext_NFVO
autonumber
OSS_BSS -> SDC : Vendor SOL004/SOL007 package onboarding,\nincluding SOL001
SDC --> SDC : onboard SOL004/SOL007 package and put the vendor package\ninto the ONBOARD_PACKAGE directory
| ||
PlantUML Macro | ||
| ||
@startuml participant OSS_BSS participant SDC participant ONAP_ETSI_Catalog_Mgr participant SOL003_Adapter participant SOL005_Adapter participant VNFM participant VFC participant Ext_NFVO autonumber OSS_BSS -> SDC : Vendor SOL004/SOL007 package onboarding,\nincluding SOL001 SDC --> SDC : onboard SOL004/SOL007 package and put the vendor package\ninto the ONBOARD_PACKAGE directory ONAP_ETSI_Catalog_Mgr -> SDC : register for SDC notification SDC -> ONAP_ETSI_Catalog_Mgr : send a notification for SDC CSAR with the original vendor CSAR/Zip ONAP_ETSI_Catalog_Mgr -> SDC : query the SDC CSAR with the SDC CSAR id ONAP_ETSI_Catalog_Mgr --> ONAP_ETSI_Catalog_Mgr : extract SOL004/Sol007 package CSAR/Zip from the SDC CSAR \nand store it group VNF PACKAGE TO SVNFM ONAP_ETSI_Catalog_Mgr -> SOL003_Adapter : send a notification to SOL003_Adapter SOL003_Adapter -> VNFM : send a notification VNFM -> SOL003_Adapter : query for a VNF package SOL003_Adapter -> ONAP_ETSI_Catalog_Mgr : query for a VNF package ONAP_ETSI_Catalog_Mgr -> SOL003_Adapter : send a VNF package SOL003_Adapter -> VNFM : sends a VNF package end group VNF PACKAGE TO Ext NFVO ONAP_ETSI_Catalog_Mgr -> SOL005_Adapter : send a notification to SOL005_Adapter SOL005_Adapter -> Ext_NFVO : send a notification Ext_NFVO -> SOL005_Adapter : query for a VNF/PNF/NS package SOL005_Adapter -> ONAP_ETSI_Catalog_Mgr : query for a VNF/PNF/NS package ONAP_ETSI_Catalog_Mgr -> SOL005_AdapterSDC : sendregister a VNF/PNF/NS package SOL005_Adapterfor SDC notification SDC -> Ext_NFVOONAP_ETSI_Catalog_Mgr : sendssend a VNF/PNF/NS package end group VNF PACKAGE TO VFC notification for SDC CSAR with the original vendor CSAR/Zip ONAP_ETSI_Catalog_Mgr -> SOL005_AdapterSDC : sendquery athe notificationSDC to SOL005_Adapter SOL005_Adapter -> VFC : send a notification VFC -> SOL005_Adapter : query for a VNF/PNF/NS package SOL005_Adapter -> CSAR with the SDC CSAR id ONAP_ETSI_Catalog_Mgr --> ONAP_ETSI_Catalog_Mgr : extract SOL004/Sol007 package CSAR/Zip from the SDC CSAR \nand store it group VNF PACKAGE TO SVNFM ONAP_ETSI_Catalog_Mgr -> SOL003_Adapter : querysend fora a VNF/PNF/NS package ONAP_ETSI_Catalog_Mgrnotification to SOL003_Adapter SOL003_Adapter -> SOL005_AdapterVNFM : send a VNF/PNF/NS package notification SOL005_AdapterVNFM -> VFCSOL003_Adapter : query sendsfor a VNF/PNF/NS package end @enduml |
SDC VNF/PNF Onboarding and Distribution
This section describes SDC VNF/PNF onboarding and the End-to-End package distribution from SDC to SVNFM/external NFVOs.
SDC takes the vendor provided package and adds some files or changes files and meta data according to SDC procedure.
SDC VNF/PNF Onboarding Procedure and Original Vendor VNF/PNF Package Handling
- Enhancement (Ericsson contribution) was made to the SDC Dublin to support SOL004 PNF onboarding with .zip and .csar file extensions.
- The enhancement can be used for VNF onboarding – it is being tested.
- SDC VSP and Resource csar files have the ONBOARDED_PACKAGE, which contains the original vendor VNF package.
- The VNFM and external NFVO use the original vendor VNF/NS packages.
- ONAP-ETSI Catalog Manager will be changed for the location of the original vendor package.
- At onboarding, SDC checks the file extension and performs the following procedures
- If the file is .zip, SDC unzips
- If it has .cert & .cms, it is a package with security and security validation will be performed.
- If it does not include .cert & .cms, it is an existing Heat template onboarding, and SDC follows the Heat template onboarding procedure
- If the file is .zip, SDC unzips
- If the file is .csar, it is a package without security.
- Next, SDC will check the TOSCA.meta file.
- If it contains SOL004v2.?.1 keywords, the package will be handled as SOL004v2.?.1.
- Otherwise, it will be handled as existing TOSCA (non-SOL004) package onboarding which will not have the ONBOARDED_PACKAGE artifact.
SDC SOL004/SOL007 VNF Package Security
Among the SOL004/SOL007 VNF package security options, the SDC supports the option2 as depicted below. In the option 2, there are two ways to zip the VNF packages, and SDC supports both.
SDC validates the VNF packages based on the embedded signature and certificate by leveraging CA.
- Vendor SOL004/SOL007 VNF Package with certificate and signature is onboarded into SDC
- ZIP-format VNF package includes CSAR, Signature and Certificate
- SDC validates VNF package based on the certificate and signature
- SDC generates SDC internal model plus the vendor SOL004/SOL007 package CSAR and ZIP (with certificate and signature) – the supported format is TBD based on the security requirement
ETSI Package Distribution
ETSI packages will be distributed from SDC to other ONAP runtime components such as SO and VF-C. SO will store the packages to its ETSI Catalog DB and further distribute the packages to SVNFMs/external NFVOs thru the SOL003/SOL005 Adapters.
- The original vendor package contents between the Adapters and SVNFMs/NFVOs could be one of the following.
- Vendor package including certificate and signature (Zip format)
- Vendor package without certificate and signature (CSAR format)
- Open Issues:
- Distribution of vendor VNF packages with certificates and signatures to SVFNM need to be sorted out.
- Currently, VF-C supports CSAR-format without certificate or signature – TBD
- The following diagram depicts the ETSI package distribution.
...
SOL003_Adapter -> ONAP_ETSI_Catalog_Mgr : query for a VNF package
ONAP_ETSI_Catalog_Mgr -> SOL003_Adapter : send a VNF package
SOL003_Adapter -> VNFM : sends a VNF package
end
group VNF PACKAGE TO Ext NFVO
ONAP_ETSI_Catalog_Mgr -> SOL005_Adapter : send a notification to SOL005_Adapter
SOL005_Adapter -> Ext_NFVO : send a notification
Ext_NFVO -> SOL005_Adapter : query for a VNF/PNF/NS package
SOL005_Adapter -> ONAP_ETSI_Catalog_Mgr : query for a VNF/PNF/NS package
ONAP_ETSI_Catalog_Mgr -> SOL005_Adapter : send a VNF/PNF/NS package
SOL005_Adapter -> Ext_NFVO : sends a VNF/PNF/NS package
end
group VNF PACKAGE TO VFC
ONAP_ETSI_Catalog_Mgr -> SOL005_Adapter : send a notification to SOL005_Adapter
SOL005_Adapter -> VFC : send a notification
VFC -> SOL005_Adapter : query for a VNF/PNF/NS package
SOL005_Adapter -> ONAP_ETSI_Catalog_Mgr : query for a VNF/PNF/NS package
ONAP_ETSI_Catalog_Mgr -> SOL005_Adapter : send a VNF/PNF/NS package
SOL005_Adapter -> VFC : sends a VNF/PNF/NS package
end
@enduml |
SDC SOL004/SOL007 VNF Package Security
Among the SOL004/SOL007 VNF package security options, the SDC supports the option2 as depicted below. In the option 2, there are two ways to zip the VNF packages, and SDC supports both.
SDC validates the VNF packages based on the embedded signature and certificate by leveraging CA.
- Vendor SOL004/SOL007 VNF Package with certificate and signature is onboarded into SDC
- ZIP-format VNF package includes CSAR, Signature and Certificate
- SDC validates VNF package based on the certificate and signature
- SDC generates SDC internal model plus the vendor SOL004/SOL007 package CSAR and ZIP (with certificate and signature) – the supported format is TBD based on the security requirement
Package Security
A VNF package uses the signature and certificate to ensure package integrity and validity. A CSAR file is digitally signed with the VNF provider private key. During the VNF package onboarding to SDC, SDC validates the package and then does the following:
...