- Resource commitment:
- Ericsson: primary contact Byung-Woo Jun
- CMCC: primary contact Yan Yang
- Verizon: primary contact Fernando Oliveira
- Samsung: primary contact Katsia Kazak Pawel Slowikowski
- Usecase:
- Ericsson: primary contact Byung-Woo Jun
- CMCC: primary contact Yan Yang
- Verizon: primary contact Fernando Oliveira
- Samsung: primary contact Katsia Kazak Pawel Slowikowski
- TSC Contact:
- Ericsson: primary contact Stephen Terrill
- Participating ONAP Projects:
- SO, SOL003 Adapter, SOL005 Adapter, SOL002 Adapter
- SDC
- AAI
- SDNC
Table of Contents
Overall Use Cases
- ETSI Package Management Use Case
- SOL004 VNF/PNF/NS Package includes SOL001 VNFD/PNFD/NSD with the original vendor package
- SOL004 VNF/PNF/NS Package Security
- SO ETSI Catalog DB enhancement, by leveraging ETSI Catalog Management Microservices
- ETSI Catalog Management Use Case
- ETSI Catalog API Management
- ETSI Catalog Database
- ETSI-Alignment SOL003 Adapter Use Case
- Package Management for SVNFM
- Granting Enhancement with HPA
- Query
- Modify (TBD)
- Policy-based Scaling (Stretch goal)
- Security between the Adapter and VNFMs
- Additional operations will be determined
- ETSI-Alignment SOL005 Adapter Use Case
- Package Management for External NFVO
- Security between the Adapters and External NFVOs
- Additional operations will be determined
- ETSI-Alignment SOL002 Adapter Use Case
- Package Management
- Security between the Adapters and VNFM
The use cases are described further in the sub sections.
- ETSI Package Management
- ETSI Catalog Manager
- SOL003 Adapter
- SOL005 Adapter
- SOL002 Adapter
- SOL001 VNFD Mapping to SDC AID DM
Feature Descriptions
Feature | Description |
---|---|
Epic and User Story
Epic | User Story | Description |
---|---|---|
Overall ETSI-Alignment Architecture
The following sections describe ETSI-Alignment overall architecture.
<add ETSI-Alignment overall architecture diagram here>
Common Function Use Case, Architecture, Design
<describe common functions>
SDC VNF/PNF Onboarding and Distribution
This section describes SDC VNF/PNF onboarding and the End-to-End package distribution from SDC to SVNFM/external NFVOs.
SDC takes the vendor provided package and adds some files or changes files and meta data according to SDC procedure.
SDC VNF/PNF Onboarding Procedure and Original Vendor VNF/PNF Package Handling
- Enhancement (Ericsson contribution) was made to the SDC Dublin to support SOL004 PNF onboarding with .zip and .csar file extensions.
- The enhancement can be used for VNF onboarding – it is being tested.
- SDC VSP and Resource csar files have the ONBOARDING_PACKAGE, which contains the original vendor VNF package.
- The VNFM and external NFVO use the original vendor VNF/NS packages.
- ETSI Catalog Manager will be changed for the location of the original vendor package.
- At onboarding, SDC checks the file extension and performs the following procedures
- If the file is .zip, SDC unzips
- If it has .cert & .cms, it is a package with security and security validation will be performed.
- If it does not include .cert & .cms, it is an existing Heat template onboarding, and SDC follows the Heat template onboarding procedure
- If the file is .zip, SDC unzips
- If the file is .csar, it is a package without security.
- Next, SDC will check the TOSCA.meta file.
- If it contains SOL004v2.?.1 keywords, the package will be handled as SOL004v2.?.1.
- Otherwise, it will be handled as existing TOSCA (non-SOL004) package onboarding which will not have the ONBOARDING_PACKAGE artifact.
SDC SOL004 VNF Package Security
Among the SOL004 VNF package security options, the SDC supports the option2 as depicted below. In the option 2, there are two ways to zip the VNF packages, and SDC supports both.
SDC validates the VNF packages based on the embedded signature and certificate by leveraging CA.
- Vendor SOL004 VNF Package with certificate and signature is onboarded into SDC
- ZIP-format VNF package includes CSAR, Signature and Certificate
- SDC validates VNF package based on the certificate and signature
- SDC generates SDC internal model plus the vendor SOL004 package CSAR and ZIP (with certificate and signature) – the supported format is TBD based on the security requirement
ETSI Package Distribution
ETSI packages will be distributed from SDC to other ONAP runtime components such as SO and VF-C. SO will store the packages to its ETSI Catalog DB and further distribute the packages to SVNFMs/external NFVOs thru the SOL003/SOL005 Adapters.
- The original vendor package contents between the Adapters and SVNFMs/NFVOs could be one of the following.
- Vendor package including certificate and signature (Zip format)
- Vendor package without certificate and signature (CSAR format)
- Open Issues:
- Distribution of vendor VNF packages with certificates and signatures to SVFNM need to be sorted out.
- Currently, VF-C supports CSAR-format without certificate or signature – TBD
- The following diagram depicts the ETSI package distribution.
- The following sequence diagram depicts the Package Information Flows.
Communication Security for SOL005 and SOL003 APIs
- Requirement: External NFVO and SVNFM need to validate incoming ETSI package
- The SOL003/SOL005 Adapters communicate with the SVNFM and the external NFVO via secured HTTPS protocol with a proper authentication and authorization.
- <describe authentication choices and use of AAF here>
SOL001 VNFD to SDC AID DM Mapping
TBD
Open Issues
- Storing the original vendor VNF package with certificate and signature?
- Mapping between SOL001 VNFD to SDC AID DM, including ScalingAspect+Delta and VF-Module - Not all VNFD needs to be transformed to the SDC AID DM
- Deployment location of SOL003 Adapter
- How does ONAP support vendor-specific SVNFM security (authentication/authorization)?
- SOL007 (NS package) support is under discussion
- Certificate generation and distribution by AAF
- SOL005 Adapter requirements for the ETSI Catalog Manager
- Where (SOL003 Adapter, or SO NFVO) do we support VNF software image transfer to VIM?
Presentation Slide Deck
- The following slide deck was presented at the LFN+DDF event.