diff options
Diffstat (limited to 'docs/files/vFWCL_vFWSNK_report.json')
-rw-r--r-- | docs/files/vFWCL_vFWSNK_report.json | 7949 |
1 files changed, 7949 insertions, 0 deletions
diff --git a/docs/files/vFWCL_vFWSNK_report.json b/docs/files/vFWCL_vFWSNK_report.json new file mode 100644 index 000000000..e9d4deaaf --- /dev/null +++ b/docs/files/vFWCL_vFWSNK_report.json @@ -0,0 +1,7949 @@ +{ + "version": "dublin", + "template_directory": "/tmp/demo/heat/vFWCL/vFWSNK", + "timestamp": "2019-04-24T18:41:31.997833", + "checksum": "4b28a0c62135134357d7b348b29aab1a", + "categories": "", + "outcome": "FAIL", + "tests": [ + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_get_attr_usage", + "test_case": "test_08_validate_get_attr_usage", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-95303", + "text": "A VNF's Heat Orchestration Template **MUST** be defined using valid YAML.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_get_file_only_reference_local_files", + "test_case": "test_get_file_no_url_retrieval", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-41888", + "text": "A VNF's Heat Orchestration Template intrinsic function\n``get_file`` **MUST NOT** utilize URL-based file retrieval.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_get_file_only_reference_local_files", + "test_case": "test_get_file_only_reference_local_files", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-76718", + "text": "If a VNF's Heat Orchestration Template uses the intrinsic function\n``get_file``, the ``get_file`` target **MUST** be referenced in\nthe Heat Orchestration Template by file name.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_initial_configuration", + "test_case": "test_00_valid_yaml", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-95303", + "text": "A VNF's Heat Orchestration Template **MUST** be defined using valid YAML.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.env" + ], + "test_module": "test_initial_configuration", + "test_case": "test_00_valid_yaml", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-95303", + "text": "A VNF's Heat Orchestration Template **MUST** be defined using valid YAML.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_initial_configuration", + "test_case": "test_02_no_duplicate_keys_in_file", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-92635", + "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_initial_configuration", + "test_case": "test_03_all_referenced_resources_exists", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-92635", + "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_initial_configuration", + "test_case": "test_04_valid_nesting", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-92635", + "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_initial_configuration", + "test_case": "test_05_all_get_param_have_defined_parameter", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-92635", + "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_initial_configuration", + "test_case": "test_06_heat_template_resource_section_has_resources", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-90152", + "text": "A VNF's Heat Orchestration Template's\n``resources:`` section **MUST** contain the declaration of at\nleast one resource.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_all_parameters_used_in_template", + "test_case": "test_all_parameters_used_in_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-90279", + "text": "A VNF Heat Orchestration's template's parameter **MUST** be used\nin a resource with the exception of the parameters for the\n``OS::Nova::Server`` resource property ``availability_zone``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_allowed_address_pairs_include_vm_type_network_role", + "test_case": "test_external_aap_format", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-41492", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 Virtual IP (VIP)\naddress is assigned via ONAP automation\nusing the property ``allowed_address_pairs``\nmap property ``ip_address`` and\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_floating_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as type ``string``.", + "keyword": "MUST" + }, + { + "id": "R-35735", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 Virtual IP (VIP)\naddress is assigned via ONAP automation\nusing the property ``allowed_address_pairs``\nmap property ``ip_address``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_floating_v6_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as type ``string``.", + "keyword": "MUST" + }, + { + "id": "R-159016", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nECOMP definition, see Requirement R-57424),\nand an IPv4 and/or IPv6 Virtual IP (VIP)\naddress is assigned via ECOMP automation\nusing the property ``allowed_address_pairs``\nmap property ``ip_address``, the\nparameter **MUST NOT** be declared as ``type: comma_deliited_list``.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_allowed_address_pairs_include_vm_type_network_role", + "test_case": "test_internal_aap_format", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-717227", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nECOMP definition, see Requirements R-52425 and R-46461),\nand an IPv4 Virtual IP (VIP)\naddress is assigned using the property ``allowed_address_pairs``\nmap property ``ip_address``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file.\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", + "keyword": "MUST" + }, + { + "id": "R-805572", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nECOMP definition, see Requirements R-52425 and R-46461),\nand an IPv6 Virtual IP (VIP)\naddress is assigned\nusing the property ``allowed_address_pairs``\nmap property ``ip_address``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_availability_zone", + "test_case": "test_availability_zone_naming", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-98450", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``availability_zone`` parameter name\n**MUST** follow the naming convention\n\n* ``availability_zone_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at zero\nin a VNF's Heat Orchestration Templates and **MUST**\nincrement by one.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_availability_zone_params_start_at_0", + "test_case": "test_availability_zones_start_at_0", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-98450", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``availability_zone`` parameter name\n**MUST** follow the naming convention\n\n* ``availability_zone_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at zero\nin a VNF's Heat Orchestration Templates and **MUST**\nincrement by one.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "." + ], + "test_module": "test_base_template_names", + "test_case": "test_base_template_names", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-37028", + "text": "A VNF **MUST** be composed of one Base Module", + "keyword": "MUST" + }, + { + "id": "R-87485", + "text": "A VNF's Heat Orchestration Template's file extension **MUST**\nbe in the lower case format ``.yaml`` or ``.yml``.", + "keyword": "MUST" + }, + { + "id": "R-81339", + "text": "A VNF Heat Orchestration Template's Base Module file name **MUST** include\ncase insensitive 'base' in the filename and\n**MUST** match one of the following four\nformats:\n\n 1.) ``base_<text>.y[a]ml``\n\n 2.) ``<text>_base.y[a]ml``\n\n 3.) ``base.y[a]ml``\n\n 4.) ``<text>_base_<text>``.y[a]ml\n\nwhere ``<text>`` **MUST** contain only alphanumeric characters and\nunderscores '_' and **MUST NOT** contain the case insensitive word ``base``.", + "keyword": "MUST" + }, + { + "id": "R-87247", + "text": "VNF Heat Orchestration Template's Incremental Module file name\n**MUST** contain only alphanumeric characters and underscores\n'_' and **MUST NOT** contain the case insensitive word ``base``.", + "keyword": "MUST" + }, + { + "id": "R-76057", + "text": "VNF Heat Orchestration Template's Nested YAML file name **MUST** contain\nonly alphanumeric characters and underscores '_' and\n**MUST NOT** contain the case insensitive word ``base``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_cloud_config_resource_id", + "test_case": "test_cloud_config", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-04747", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::CloudConfig``\nResource ID **MUST** contain the ``{vm-type}``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_fqdn", + "test_case": "test_contrail_fqdn", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-02164", + "text": "When a VNF's Heat Orchestration Template's Contrail resource\nhas a property that\nreferences an external network that requires the network's\nFully Qualified Domain Name (FQDN), the property parameter\n\n* **MUST** follow the format ``{network-role}_net_fqdn``\n* **MUST** be declared as type ``string``\n* **MUST NOT** be enumerated in the VNF's Heat Orchestration Template's\n Environment File", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_instance_ip_resource_id", + "test_case": "test_contrail_instance_ip_resource_id_external", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-53310", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::InstanceIp``\nthat is configuring an IPv4 Address on a port attached to an external network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the {vm-type}\n* ``{network-role}`` is the network-role of the network that the port is attached to\n* ``{vmi_index}`` is the instance of the virtual machine interface\n (e.g., port) on the vm-type attached to the network of {network-role}\n* ``IP`` signifies that an IPv4 address is being configured\n* ``{index}`` is the index of the IPv4 address", + "keyword": "MUST" + }, + { + "id": "R-46128", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::InstanceIp``\nthat is configuring an IPv6 Address on a port attached to an external network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}_v6_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` is the instance of the virtual machine interface\n (e.g., port) on the vm-type\n attached to the network of {network-role}\n* ``v6_IP`` signifies that an IPv6 address is being configured\n* ``{index}`` is the index of the IPv6 address", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_instance_ip_resource_id", + "test_case": "test_contrail_instance_ip_resource_id_internal", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-62187", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::InstanceIp``\nthat is configuring an IPv4 Address on a port attached to an internal network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` is the instance of the virtual machine interface\n (e.g., port) on the vm-type\n attached to the network of ``{network-role}``\n* ``IP`` signifies that an IPv4 address is being configured\n* ``{index}`` is the index of the IPv4 address", + "keyword": "MUST" + }, + { + "id": "R-87563", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::InstanceIp``\nthat is configuring an IPv6 Address on a port attached to an internal network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}_v6_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` is the instance of the virtual machine interface\n (e.g., port) on the vm-type\n attached to the network of ``{network-role}``\n* ``v6_IP`` signifies that an IPv6 address is being configured\n* ``{index}`` is the index of the IPv6 address", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_irt_routes", + "test_case": "test_contrail_irt_route_param_format", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-28222", + "text": "If a VNF's Heat Orchestration Template\n``OS::ContrailV2::InterfaceRouteTable`` resource\n``interface_route_table_routes`` property\n``interface_route_table_routes_route`` map property parameter name\n**MUST** follow the format\n\n* ``{vm-type}_{network-role}_route_prefixes``", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_irt_routes", + "test_case": "test_contrail_irt_route_param_type", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-19756", + "text": "If a VNF's Heat Orchestration Template\n``OS::ContrailV2::InterfaceRouteTable`` resource\n``interface_route_table_routes`` property\n``interface_route_table_routes_route`` map property parameter\n``{vm-type}_{network-role}_route_prefixes``\n**MUST** be defined as type ``json``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_resource_id", + "test_case": "test_contrail_interfaceroutetable_resource_id", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-81214", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InterfaceRouteTable``\nResource ID\n**MUST**\ncontain the ``{network-role}``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_resource_id", + "test_case": "test_contrail_networkipam_resource_id", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-30753", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::NetworkIpam``\nResource ID\n**MUST**\ncontain the ``{network-role}``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_resource_id", + "test_case": "test_contrail_porttuple_resource_id", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-20065", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::PortTuple``\nResource ID **MUST** contain the ``{vm-type}``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_resource_id", + "test_case": "test_contrail_servicehealthcheck_resource_id", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-76014", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::ServiceHealthCheck``\nResource ID\n**MUST**\ncontain the ``{vm-type}``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_resource_id", + "test_case": "test_contrail_servicetemplate_resource_id", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-16437", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::ServiceTemplate``\nResource ID **MUST** contain the ``{vm-type}``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_vmi_resource_id", + "test_case": "test_contrail_instance_ip_resource_id_external", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-96253", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` that is attaching to an external network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port (i.e. virtual machine interface) is attached to\n* ``{vmi_index}`` is the instance of the vmi on the vm-type\n attached to the network of ``{network-role}``", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_vmi_resource_id", + "test_case": "test_contrail_instance_ip_resource_id_internal", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-50468", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` that is attaching to an internal network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port (i.e. virtual machine interface) is attached to\n* ``{vmi_index}`` is the instance of the vmi on the vm-type\n attached to the network of ``{network-role}``", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_contrail_vn_resource_id", + "test_case": "test_neutron_net_resource_id", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-99110", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualNetwork`` Resource ID **MUST** use the naming convention\n\n1) ``int_{network-role}_network``\n\nor\n\n2) ``int_{network-role}_RVN`` where RVN represents Resource Virtual\n Network\n\nVNF Heat Orchestration Templates can only create internal networks.\nThere is no ``{index}`` after ``{network-role}`` because ``{network-role}``\n**MUST** be unique in the scope of the VNF's\nHeat Orchestration Template.\n\nNote that option 1 is preferred.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "." + ], + "test_module": "test_env_and_yaml_same_name", + "test_case": "test_env_and_yaml_same_name", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-38474", + "text": "A VNF's Base Module **MUST** have a corresponding Environment File.", + "keyword": "MUST" + }, + { + "id": "R-81725", + "text": "A VNF's Incremental Module **MUST** have a corresponding Environment File", + "keyword": "MUST" + }, + { + "id": "R-53433", + "text": "A VNF's Cinder Volume Module **MUST** have a corresponding environment file", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "../../../../../private/tmp/VVP-186/ice_validator/env_files0" + ], + "test_module": "test_env_no_resource_registry", + "test_case": "test_env_no_resource_registry", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-67231", + "text": "A VNF's Heat Orchestration template's Environment File's\n**MUST NOT** contain the ``resource_registry:`` section.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_env_parameters_defined_in_template", + "test_case": "test_env_params_are_defined_in_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-599443", + "text": "A parameter enumerated in a\nVNF's Heat Orchestration Template's environment file **MUST** be declared\nin the\ncorresponding VNF's Heat Orchestration Template's YAML file's\n``parameters:`` section.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_environment_file_parameters", + "test_case": "test_nova_server_image_parameter_exists_in_environment_file", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-91125", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter **MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and a value **MUST** be assigned.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_environment_file_parameters", + "test_case": "test_nova_server_flavor_parameter_exists_in_environment_file", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-69431", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``flavor`` parameter **MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and a value **MUST** be assigned.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_environment_file_parameters", + "test_case": "test_neutron_port_internal_fixedips_ipaddress_parameter_exists_in_environment_file", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-28795", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST" + }, + { + "id": "R-97201", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_v6_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST" + }, + { + "id": "R-93496", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``fixed_ips``\nmap property ``ip_address``\nparameter associated with an internal network, i.e.,\n\n * ``{vm-type}_int_{network-role}_ip_{index}``\n * ``{vm-type}_int_{network-role}_v6_ip_{index}``\n * ``{vm-type}_int_{network-role}_ips``\n * ``{vm-type}_int_{network-role}_v6_ips``\n\n\n**MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and IP addresses **MUST** be\nassigned.", + "keyword": "MUST" + }, + { + "id": "R-90206", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_int_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST" + }, + { + "id": "R-98569", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_v6_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST" + }, + { + "id": "R-93496", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``fixed_ips``\nmap property ``ip_address``\nparameter associated with an internal network, i.e.,\n\n * ``{vm-type}_int_{network-role}_ip_{index}``\n * ``{vm-type}_int_{network-role}_v6_ip_{index}``\n * ``{vm-type}_int_{network-role}_ips``\n * ``{vm-type}_int_{network-role}_v6_ips``\n\n\n**MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and IP addresses **MUST** be\nassigned.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_environment_file_parameters", + "test_case": "test_heat_rg_count_parameter_exists_in_environment_file", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-50011", + "text": "A VNF's Heat Orchestration Template's ``OS::Heat::ResourceGroup``\nproperty ``count`` **MUST** be enumerated in the VNF's\nHeat Orchestration Template's Environment File and **MUST** be\nassigned a value.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.env" + ], + "test_module": "test_environment_file_structure", + "test_case": "test_environment_file_contains_required_sections", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-03324", + "text": "A VNF's Heat Orchestration template's Environment File **MUST**\ncontain the ``parameters:`` section.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_filename_is_vmtype_dot_yaml", + "test_case": "test_filename_is_vmtype_dot_yaml", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-70276", + "text": "A VNF HEAT's Orchestration Nested Template's YAML file name **MUST NOT**\nbe in the format ``{vm-type}.y[a]ml`` where ``{vm-type}`` is defined\nin the Heat Orchestration Template.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "." + ], + "test_module": "test_files_in_flat_dir", + "test_case": "test_files_in_flat_dir", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-511776", + "text": "When a VNF's Heat Orchestration Template is ready\nto be on-boarded to ONAP,\nall files composing the VNF Heat Orchestration Template\n**MUST** be placed in a flat (i.e., non-hierarchical) directory and\narchived using ZIP. The resulting ZIP file is uploaded into ONAP.", + "keyword": "MUST" + }, + { + "id": "R-99646", + "text": "A VNF's YAML files (i.e, Heat Orchestration Template files and\nNested files) **MUST** have a unique name in the scope of the VNF.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_fixed_ips_include_vm_type_network_role", + "test_case": "test_external_fip_format", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-40971", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", + "keyword": "MUST" + }, + { + "id": "R-35735", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 Virtual IP (VIP)\naddress is assigned via ONAP automation\nusing the property ``allowed_address_pairs``\nmap property ``ip_address``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_floating_v6_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as type ``string``.", + "keyword": "MUST" + }, + { + "id": "R-23503", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network", + "keyword": "MUST" + }, + { + "id": "R-71577", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", + "keyword": "MUST" + }, + { + "id": "R-04697", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_ips``\n\n where\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the external\n network", + "keyword": "MUST" + }, + { + "id": "R-34037", + "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n**MUST** be declared as either type ``string`` or type\n``comma_delimited_list``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_fixed_ips_include_vm_type_network_role", + "test_case": "test_internal_fip_format", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-27818", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", + "keyword": "MUST" + }, + { + "id": "R-29765", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", + "keyword": "MUST" + }, + { + "id": "R-85235", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", + "keyword": "MUST" + }, + { + "id": "R-78380", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is\ndefined as a ``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", + "keyword": "MUST" + }, + { + "id": "R-34037", + "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n**MUST** be declared as either type ``string`` or type\n``comma_delimited_list``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_forbidden_resources", + "test_case": "test_neutron_floating_ip_resource_type", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-05257", + "text": "A VNF's Heat Orchestration Template's **MUST NOT**\ncontain the Resource ``OS::Neutron::FloatingIP``.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_forbidden_resources", + "test_case": "test_neutron_floating_ip_association_resource_type", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-76449", + "text": "A VNF's Heat Orchestration Template's **MUST NOT**\ncontain the Resource ``OS::Neutron::FloatingIPAssociation``.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_heat_pairs_provided", + "test_case": "test_heat_pairs_provided", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-86285", + "text": "A VNF's Heat Orchestration template **MUST** have a\ncorresponding environment file.", + "keyword": "MUST" + }, + { + "id": "R-38474", + "text": "A VNF's Base Module **MUST** have a corresponding Environment File.", + "keyword": "MUST" + }, + { + "id": "R-81725", + "text": "A VNF's Incremental Module **MUST** have a corresponding Environment File", + "keyword": "MUST" + }, + { + "id": "R-53433", + "text": "A VNF's Cinder Volume Module **MUST** have a corresponding environment file", + "keyword": "MUST" + }, + { + "id": "R-56438", + "text": "A VNF's Heat Orchestration Template's Nested YAML file extension **MUST**\nbe in the lower case format ``.yaml`` or ``.yml``.", + "keyword": "MUST" + }, + { + "id": "R-74304", + "text": "A VNF's Heat Orchestration Template's Environment file extension **MUST**\nbe in the lower case format ``.env``.", + "keyword": "MUST" + }, + { + "id": "R-91342", + "text": "A VNF Heat Orchestration Template's Base Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nBase Module with ``.y[a]ml`` replaced with ``.env``.", + "keyword": "MUST" + }, + { + "id": "R-94509", + "text": "A VNF Heat Orchestration Template's Incremental Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nIncremental Module with ``.y[a]ml`` replaced with ``.env``.", + "keyword": "MUST" + }, + { + "id": "R-31141", + "text": "VNF Heat Orchestration Template's Cinder Volume Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nCinder Volume Module with ``.y[a]ml`` replaced with ``.env``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_heat_parameter_section", + "test_case": "test_default_values", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-90526", + "text": "A VNF Heat Orchestration Template parameter declaration **MUST NOT**\ncontain the ``default`` attribute.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_heat_parameter_section", + "test_case": "test_parameter_names", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-25877", + "text": "A VNF's Heat Orchestration Template's parameter name\n(i.e., <param name>) **MUST** contain only alphanumeric\ncharacters and underscores ('_').", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_heat_template_parameters_contain_required_fields", + "test_case": "test_heat_template_parameters_contain_required_fields", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-36772", + "text": "A VNF's Heat Orchestration Template's parameter **MUST** include the\nattribute ``type:``.", + "keyword": "MUST" + }, + { + "id": "R-44001", + "text": "A VNF's Heat Orchestration Template parameter declaration **MUST**\ncontain the attribute ``description``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_heat_template_structure", + "test_case": "test_heat_template_structure_contains_heat_template_version", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-27078", + "text": "A VNF's Heat Orchestration template **MUST** contain the\nsection ``heat_template_version:``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_heat_template_structure", + "test_case": "test_heat_template_structure_contains_description", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-39402", + "text": "A VNF's Heat Orchestration Template **MUST** contain the\nsection ``description:``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_heat_template_structure", + "test_case": "test_heat_template_structure_contains_parameters", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-35414", + "text": "A VNF Heat Orchestration's template **MUST** contain the\nsection ``parameters:``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_heat_template_structure", + "test_case": "test_heat_template_structure_contains_resources", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-23664", + "text": "A VNF's Heat Orchestration template **MUST**\ncontain the section ``resources:``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_heat_template_structure", + "test_case": "test_parameter_type", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-11441", + "text": "A VNF's Heat Orchestration Template's parameter type **MUST** be one of\nthe following values:\n\n* ``string``\n* ``number``\n* ``json``\n* ``comma_delimited_list``\n* ``boolean``", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_ip_parameters_start_at_0", + "test_case": "test_ips_start_at_0", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-71577", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", + "keyword": "MUST" + }, + { + "id": "R-40971", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_multipart_mime_resource_id", + "test_case": "test_multipart_mime", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-30804", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::Heat::MultipartMime``\nResource ID\n**MUST**\ncontain the ``{vm-type}``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameter_args", + "test_case": "test_nested_parameter_args", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-10834", + "text": "If a VNF's Heat Orchestration Template resource attribute\n``property:`` uses a nested ``get_param``, the nested\n``get_param`` **MUST** reference an index.\n\nThat is, to obtain a property value, two ``get_param`` intrinsic\nfunctions are used. The second ``get_param`` must be used\nto obtain an index value used to reference a parameter value in\na parameter defined as ``type: comma_delimited_list``. For\nexample:\n\n* ``name: {get_param: [ name, get_param: index ] }``", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_server_name_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_server_image_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_server_flavor_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_server_metadata_vnf_id_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_server_metadata_vf_module_id_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_server_metadata_vnf_name_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_server_metadata_vf_module_name_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_server_metadata_vm_role_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_server_metadata_vf_module_index_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_server_metadata_workload_context_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_server_metadata_environment_context_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_port_network_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_port_fip_ip_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_port_fip_subnet_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_port_aap_ip_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_vmi_net_ref_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_vmi_aap_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_parameters", + "test_case": "test_iip_instance_ip_parameter_name_doesnt_change_in_nested_template", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nested_template_parameters", + "test_case": "test_nested_template_parameters", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-11041", + "text": "All parameters defined in a VNFs Nested YAML file\n**MUST** be passed in as properties of the resource calling\nthe nested yaml file.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nesting_level", + "test_case": "test_nesting_level", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-60011", + "text": "A VNF's Heat Orchestration Template **MUST** have no more than two\nlevels of nesting.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nesting_nova_server", + "test_case": "test_nesting_nova_server", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-17528", + "text": "A VNF's Heat Orchestration Template's first level Nested YAML file\n**MUST NOT** contain more than one ``OS::Nova::Server`` resource.\nA VNF's Heat Orchestration Template's second level Nested YAML file\n**MUST NOT** contain an ``OS::Nova::Server`` resource.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_network_format", + "test_case": "test_network_resource_id_format", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-16968", + "text": "A VNF's Heat Orchestration Templates **MUST NOT** include heat\nresources to create external networks.", + "keyword": "MUST NOT" + }, + { + "id": "R-35666", + "text": "If a VNF has an internal network, the VNF Heat Orchestration Template\n**MUST** include the heat resources to create the internal network.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_network_format", + "test_case": "test_network_has_subnet", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-16241", + "text": "A VNF's internal network **MUST** have one subnet.\nA VNF's internal network **MAY** have more than one subnet.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_neutron_net_resource_id", + "test_case": "test_neutron_net_resource_id", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-25720", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Net``\nResource ID **MUST** use the naming convention\n\n* ``int_{network-role}_network``\n\nVNF Heat Orchestration Templates can only create internal networks.\nThere is no ``{index}`` after ``{network-role}`` because ``{network-role}``\n**MUST** be unique in the scope of the VNF's\nHeat Orchestration Template.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_neutron_port_addresses", + "test_case": "test_neutron_port_external_ipaddress", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-91810", + "text": "If a VNF requires ONAP to assign a Virtual IP (VIP) Address to\nports connected an external network, the port\n**MUST NOT** have more than one IPv4 VIP address.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_neutron_port_addresses", + "test_case": "test_neutron_port_external_ipaddress_v6", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-41956", + "text": "If a VNF requires ONAP to assign a Virtual IP (VIP) Address to\nports connected an external network, the port\n**MUST NOT** have more than one IPv6 VIP address.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_neutron_port_addresses", + "test_case": "test_neutron_port_floating", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-10754", + "text": "If a VNF has two or more ports that\nattach to an external network that require a Virtual IP Address (VIP),\nand the VNF requires ONAP automation to assign the IP address,\nall the Virtual Machines using the VIP address **MUST**\nbe instantiated in the same Base Module Heat Orchestration Template\nor in the same Incremental Module Heat Orchestration Template.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_neutron_port_fixed_ips_subnet", + "test_case": "test_internal_subnet_format", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-38236", + "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n**MUST** be declared type ``string``.", + "keyword": "MUST" + }, + { + "id": "R-84123", + "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see\n Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv4 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv4 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n\n * ``int_{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the internal network\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", + "keyword": "MUST" + }, + { + "id": "R-76160", + "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see Requirements\n R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv6 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv6 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n``int_{network-role}_v6_subnet_id``,\nwhere ``{network-role}`` is the network role of the internal network.\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_neutron_port_fixed_ips_subnet", + "test_case": "test_external_subnet_format", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-38236", + "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n**MUST** be declared type ``string``.", + "keyword": "MUST" + }, + { + "id": "R-62802", + "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` is attaching\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv4 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv4 subnet is to be specified\nusing the property ``fixed_ips``\nmap property ``subnet``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", + "keyword": "MUST" + }, + { + "id": "R-15287", + "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` is attaching\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv6 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv6 subnet is to be specified\nusing the property ``fixed_ips``\nmap property ``subnet``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_v6_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_neutron_port_fixed_ips_subnet", + "test_case": "test_neutron_port_internal_fixed_ips_subnet_in_base", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-84123", + "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see\n Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv4 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv4 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n\n * ``int_{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the internal network\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", + "keyword": "MUST" + }, + { + "id": "R-76160", + "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see Requirements\n R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv6 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv6 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n``int_{network-role}_v6_subnet_id``,\nwhere ``{network-role}`` is the network role of the internal network.\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_neutron_port_network_attachment", + "test_case": "test_internal_network_parameters", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-86182", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand the internal network is created in a\ndifferent Heat Orchestration Template than the ``OS::Neutron::Port``,\nthe ``network`` parameter name **MUST**\n\n * follow the naming convention ``int_{network-role}_net_id`` if the Neutron\n network UUID value is used to reference the network\n * follow the naming convention ``int_{network-role}_net_name`` if the\n OpenStack network name in is used to reference the network.\n\nwhere ``{network-role}`` is the network-role of the internal network and\na ``get_param`` **MUST** be used as the intrinsic function.", + "keyword": "MUST" + }, + { + "id": "R-22688", + "text": "If a VNF's port is connected to an internal network and the port is\ncreated in an Incremental Module and the internal network is created\nin the Base Module then the UUID of the internal network **MUST** be\nexposed as a parameter in the ``outputs:`` section of the Base Module\nand the port resource **MUST** use a ``get_param`` to obtain the network\nUUID.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_neutron_port_network_attachment", + "test_case": "test_external_network_parameter", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-62983", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424), the\n``network`` parameter name **MUST**\n\n * follow the naming convention ``{network-role}_net_id`` if the Neutron\n network UUID value is used to reference the network\n * follow the naming convention ``{network-role}_net_name`` if the\n OpenStack network name is used to reference the network.\n\nwhere ``{network-role}`` is the network-role of the external network\nand a ``get_param`` **MUST** be used as the intrinsic function.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_neutron_port_network_parameter", + "test_case": "test_neutron_port_network_param_is_string", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-18008", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``network`` parameter **MUST** be declared as type: ``string``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_no_http_resources", + "test_case": "test_no_http_resources", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-71699", + "text": "A VNF's Heat Orchestration Template's Resource\n**MUST NOT** reference a HTTP-based Nested YAML file.", + "keyword": "MUST NOT" + }, + { + "id": "R-53952", + "text": "A VNF's Heat Orchestration Template's Resource\n**MUST NOT** reference a HTTP-based resource definitions.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "." + ], + "test_module": "test_no_image_files", + "test_case": "test_no_image_files_included", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-348813", + "text": "The VNF's Heat Orchestration Template's ZIP file **MUST NOT** include\na binary image file.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_non_server_name", + "test_case": "test_non_server_name", + "result": "FAIL", + "error": " Improper name property for non-OS::Nova::Server resources. int_unprotected_private_network's name property's use str_replace does not use have a params that maps to the parameter via {get_param: vnf_name}. int_unprotected_private_subnet's name property's use str_replace does not use have a params that maps to the parameter via {get_param: vnf_name}. int_protected_private_network's name property's use str_replace does not use have a params that maps to the parameter via {get_param: vnf_name}. int_protected_private_subnet's name property's use str_replace does not use have a params that maps to the parameter via {get_param: vnf_name}\n", + "requirements": [ + { + "id": "R-85734", + "text": "If a VNF's Heat Orchestration Template contains the property ``name``\nfor a non ``OS::Nova::Server`` resource, the intrinsic function\n``str_replace`` **MUST** be used in conjunction with the ONAP\nsupplied metadata parameter ``vnf_name`` to generate a unique value.\nAdditional data **MAY** be used in the ``str_replace`` construct\nto generate a unique value.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_non_server_name", + "test_case": "test_non_server_name_unique", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-85734", + "text": "If a VNF's Heat Orchestration Template contains the property ``name``\nfor a non ``OS::Nova::Server`` resource, the intrinsic function\n``str_replace`` **MUST** be used in conjunction with the ONAP\nsupplied metadata parameter ``vnf_name`` to generate a unique value.\nAdditional data **MAY** be used in the ``str_replace`` construct\nto generate a unique value.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nova_server_name_parameters_start_at_0", + "test_case": "test_nova_server_name_parameter_starts_at", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-54171", + "text": "When the VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` parameter is defined as a ``string``,\nthe parameter name **MUST** follow the naming convention\n\n* ``{vm-type}_name_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at\nzero in a VNF's Heat Orchestration Template and **MUST** increment by one.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nova_server_resource_id", + "test_case": "test_nova_server_resource_id", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-29751", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Nova::Server`` Resource ID\n**MUST** use the naming convention\n\n* ``{vm-type}_server_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{index}`` is the index", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nova_servers_environment_context", + "test_case": "test_environment_context", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-20308", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``environment_context``\nparameter **MUST** be declared as ``environment_context`` and the\nparameter type **MUST** be defined as type: ``string``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nova_servers_resource_ids", + "test_case": "test_nova_servers_valid_resource_ids", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-40499", + "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``flavor`` even if more than one ``{vm-type}`` shares the same flavor.", + "keyword": "MUST" + }, + { + "id": "R-57282", + "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``image`` even if more than one ``{vm-type}`` shares the same image.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nova_servers_vm_types", + "test_case": "test_vm_type_consistent_on_nova_servers", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-57282", + "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``image`` even if more than one ``{vm-type}`` shares the same image.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nova_servers_vm_types", + "test_case": "test_vm_type_network_role_collision", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-48067", + "text": "A VNF's Heat Orchestration Template's ``{vm-type}`` **MUST NOT** be a\nsubstring\nof ``{network-role}``.", + "keyword": "MUST NOT" + }, + { + "id": "R-00977", + "text": "A VNF's Heat Orchestration Template's ``{network-role}``\n**MUST NOT** be a substring of ``{vm-type}``.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nova_servers_vm_types", + "test_case": "test_nova_server_flavor_parameter", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-50436", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``flavor`` parameter **MUST** be declared as type: ``string``.", + "keyword": "MUST" + }, + { + "id": "R-45188", + "text": "The VNF's Heat Orchestration Template's Resource 'OS::Nova::Server' property\n``flavor`` parameter name **MUST** follow the naming convention\n``{vm-type}_flavor_name``.", + "keyword": "MUST" + }, + { + "id": "R-40499", + "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``flavor`` even if more than one ``{vm-type}`` shares the same flavor.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nova_servers_vm_types", + "test_case": "test_nova_server_name_parameter", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-51430", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``name`` parameter **MUST** be declared as either type ``string``\nor type ``comma_delimited_list``.", + "keyword": "MUST" + }, + { + "id": "R-54171", + "text": "When the VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` parameter is defined as a ``string``,\nthe parameter name **MUST** follow the naming convention\n\n* ``{vm-type}_name_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at\nzero in a VNF's Heat Orchestration Template and **MUST** increment by one.", + "keyword": "MUST" + }, + { + "id": "R-87817", + "text": "When the VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` parameter is defined as a ``comma_delimited_list``,\nthe parameter name **MUST** follow the naming convention\n``{vm-type}_names``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nova_servers_vm_types", + "test_case": "test_nova_server_image_parameter", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-71152", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter **MUST** be declared as type: ``string``.", + "keyword": "MUST" + }, + { + "id": "R-57282", + "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``image`` even if more than one ``{vm-type}`` shares the same image.", + "keyword": "MUST" + }, + { + "id": "R-58670", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter name **MUST** follow the naming convention\n``{vm-type}_image_name``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nova_servers_vm_types_use_get_param", + "test_case": "test_vm_type_assignments_on_nova_servers_only_use_get_param", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-901331", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``image`` value **MUST** be be obtained via a ``get_param``.", + "keyword": "MUST" + }, + { + "id": "R-481670", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``flavor`` value **MUST** be be obtained via a ``get_param``.", + "keyword": "MUST" + }, + { + "id": "R-663631", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` value **MUST** be be obtained via a ``get_param``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_nova_servers_workload_context", + "test_case": "test_workload_context", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-74978", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``workload_context``\nparameter **MUST**\nbe declared as ``workload_context`` and the parameter **MUST**\nbe defined as type: ``string``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_oam_address_outputs", + "test_case": "test_oam_address_v4_zero_or_one", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-18683", + "text": "If a VNF has one IPv4 OAM Management IP Address and the\nIP Address needs to be inventoried in ONAP's A&AI\ndatabase, an output parameter **MUST** be declared in only one of the\nVNF's Heat Orchestration Templates and the parameter **MUST** be named\n``oam_management_v4_address``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_oam_address_outputs", + "test_case": "test_oam_address_v6_zero_or_one", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-94669", + "text": "If a VNF has one IPv6 OAM Management IP Address and the\nIP Address needs to be inventoried in ONAP's A&AI\ndatabase, an output parameter **MUST** be declared in only one of the\nVNF's Heat Orchestration Templates and the parameter **MUST** be named\n``oam_management_v6_address``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_port_connected_to_multiple_servers", + "test_case": "test_port_connected_to_multiple_servers", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-92635", + "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_port_resource_ids", + "test_case": "test_port_resource_ids", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-20453", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is attaching to an external network Resource ID\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_port_{port-index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{port-index}`` is the instance of the port on the vm-type\n attached to the network of ``{network-role}``", + "keyword": "MUST" + }, + { + "id": "R-26351", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is attaching to an internal network Resource ID **MUST**\nuse the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_port_{port-index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{port-index}`` is the instance of the port on the vm-type\n attached to the network of ``{network-role}``", + "keyword": "MUST" + }, + { + "id": "R-26506", + "text": "A VNF's Heat Orchestration Template's ``{network-role}`` **MUST** contain\nonly alphanumeric characters and/or underscores '_' and\n**MUST NOT** contain any of the following strings:\n``_int`` or ``int_`` or ``_int_``.", + "keyword": "MUST" + }, + { + "id": "R-681859", + "text": "A VNF's Heat Orchestration Template's ``OS::Neutron::Port`` resource's\n\n* Resource ID (defined in R-20453)\n* property ``network`` parameter name (defined in R-62983 and\n R-86182)\n* property ``fixed_ips``, map property ``ip_address`` parameter name\n (defined in R-40971, R-04697, R-71577, R-23503, R-78380, R-85235,\n R-27818, and R-29765)\n* property ``fixed_ips``, map property ``subnet`` parameter name\n (defined in R-62802, R-15287, R-84123, R-76160)\n* property ``allowed_address_pairs`` parameter name (defined in\n R-41492 and R-83418)\n\n**MUST** contain the identical ``{network-role}``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_required_parameters_no_constraints", + "test_case": "test_vnf_id_parameter_has_no_constraints", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-55218", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vnf_id`` parameter ``vnf_id`` **MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_required_parameters_no_constraints", + "test_case": "test_vf_module_id_parameter_has_no_constraints", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-98374", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` key/value pair ``vf_module_id`` parameter ``vf_module_id``\n**MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_required_parameters_no_constraints", + "test_case": "test_vnf_name_parameter_has_no_constraints", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-44318", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vnf_name``\nparameter ``vnf_name`` **MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_required_parameters_no_constraints", + "test_case": "test_workload_context_parameter_has_no_constraints", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-34055", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``workload_context``\nparameter ``workload_context`` **MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_required_parameters_no_constraints", + "test_case": "test_environment_context_parameter_has_no_constraints", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-56183", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata``key/value pair ``environment_context``\nparameter ``environment_context`` **MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_required_parameters_no_constraints", + "test_case": "test_vf_module_name_parameter_has_no_constraints", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-15480", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_name`` parameter ``vf_module_name``\n**MUST NOT** have parameter constraints defined.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_required_parameters_no_constraints", + "test_case": "test_vm_role_parameter_has_no_constraints", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-67597", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vm_role`` parameter ``vm_role``\n**MUST NOT** have parameter constraints defined.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_required_parameters_no_constraints", + "test_case": "test_vf_module_index_parameter_has_no_constraints", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-09811", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vf_module_index`` **MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_resource_ids_alphanumeric_only", + "test_case": "test_alphanumeric_resource_ids_only", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-75141", + "text": "A VNF's Heat Orchestration Template's resource name\n(i.e., <resource ID>) **MUST** only contain alphanumeric\ncharacters and underscores ('_').", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_resource_indices", + "test_case": "test_indices_start_at_0_increment", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-11690", + "text": "When a VNF's Heat Orchestration Template's Resource ID contains an\n``{index}``, the ``{index}`` is a numeric value that **MUST** start at\nzero and **MUST** increment by one.\n\nAs stated in R-16447,\n*a VNF's <resource ID> MUST be unique across all Heat\nOrchestration Templates and all HEAT Orchestration Template\nNested YAML files that are used to create the VNF*. While the ``{index}``\nwill start at zero in the VNF, the ``{index}`` may not start at zero\nin a given Heat Orchestration Template or HEAT Orchestration Template\nNested YAML file.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_server_and_port_vm_indices_match", + "test_case": "test_server_and_port_vmtype_indices_match", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-304011", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource's\n\n* Resource ID (defined in R-29751)\n* property ``image`` parameter name (defined in R-58670)\n* property ``flavor`` parameter name (defined in R-45188)\n* property ``name`` parameter name (defined in R-54171 & R-87817)\n* property port referenced OS::Neutron::Port Resource ID\n (defined in R-20453)\n\n**MUST** contain the identical ``{vm-type}``\nand **MUST** follow the naming conventions defined\nin R-58670, R-45188, R-54171, R-87817, and R-29751. And the ``{index}`` in\nthe ``OS::Nova::Server`` Resource ID (defined in R-29751) **MUST** match\nthe ``{vm-type_index}`` defined in\nthe ``OS::Nova::Server`` property ``port``\nreferenced ``OS::Neutron::Port`` Resource ID (defined in R-20453).", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_server_parameters", + "test_case": "test_availability_zone_parameter_type", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-23311", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Nova::Server`` property\n``availability_zone`` parameter **MUST** be declared as type: ``string``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_server_parameters", + "test_case": "test_vnf_id_parameter_type_and_parameter_name", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-07507", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vnf_id`` parameter\n**MUST** be declared as ``vnf_id`` and the parameter **MUST**\nbe defined as type: ``string``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_server_parameters", + "test_case": "test_vf_module_id_parameter_type_and_parameter_name", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-82134", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` key/value pair ``vf_module_id`` parameter **MUST**\nbe declared as ``vf_module_id`` and the parameter **MUST**\nbe defined as type: ``string``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_server_parameters", + "test_case": "test_vnf_name_parameter_type_and_parameter_name", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-62428", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vnf_name`` parameter **MUST**\nbe declared as ``vnf_name`` and the parameter **MUST** be defined as\ntype: ``string``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_server_parameters", + "test_case": "test_vf_module_name_parameter_type_and_parameter_name", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-39067", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_name`` parameter **MUST** be\ndeclared as ``vf_module_name`` and the parameter **MUST**\nbe defined as type: ``string``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_server_parameters", + "test_case": "test_vf_module_index_parameter_type_and_parameter_name", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-54340", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_index`` parameter **MUST**\nbe declared as ``vf_module_index`` and the parameter **MUST** be\ndefined as type: ``number``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_servers_have_required_metadata", + "test_case": "test_servers_have_required_metadata", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-37437", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property ``metadata`` **MUST**\ncontain the key/value pair ``vnf_id``\nand the value **MUST** be obtained via a ``get_param``.", + "keyword": "MUST" + }, + { + "id": "R-71493", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` **MUST**\ncontain the key/value pair ``vf_module_id``\nand the value MUST be obtained via a ``get_param``.", + "keyword": "MUST" + }, + { + "id": "R-72483", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` **MUST** contain the key/value pair ``vnf_name`` and the\nvalue **MUST** be obtained via a ``get_param``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_servers_metadata_use_get_param", + "test_case": "test_servers_vnf_id_metadata_use_get_param", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-37437", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property ``metadata`` **MUST**\ncontain the key/value pair ``vnf_id``\nand the value **MUST** be obtained via a ``get_param``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_servers_metadata_use_get_param", + "test_case": "test_servers_vf_module_id_metadata_use_get_param", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-71493", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` **MUST**\ncontain the key/value pair ``vf_module_id``\nand the value MUST be obtained via a ``get_param``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_servers_metadata_use_get_param", + "test_case": "test_servers_vnf_name_metadata_use_get_param", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-72483", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` **MUST** contain the key/value pair ``vnf_name`` and the\nvalue **MUST** be obtained via a ``get_param``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_servers_metadata_use_get_param", + "test_case": "test_servers_vf_module_name_metadata_use_get_param", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-68023", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` **SHOULD**\ncontain the key/value pair ``vf_module_name`` and the value **MUST**\nbe obtained via a ``get_param``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_servers_metadata_use_get_param", + "test_case": "test_servers_vf_module_index_metadata_use_get_param", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-50816", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property ``metadata`` **MAY**\ncontain the key/value pair ``vf_module_index``\nand the value **MUST** be obtained via a ``get_param``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_software_config_resource_id", + "test_case": "test_software_config_vm_type", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-08975", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::SoftwareConfig``\nResource ID **MUST** contain the ``{vm-type}``.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_unique_name_str_replace_use_req_params", + "test_case": "test_unique_name_str_replace_use_req_params", + "result": "FAIL", + "error": " Resource(int_unprotected_private_network) does not use str_replace and the vnf_name parameter to set the name property, Resource(int_unprotected_private_subnet) does not use str_replace and the vnf_name parameter to set the name property, Resource(int_protected_private_network) does not use str_replace and the vnf_name parameter to set the name property, Resource(int_protected_private_subnet) does not use str_replace and the vnf_name parameter to set the name property\n", + "requirements": [ + { + "id": "R-85734", + "text": "If a VNF's Heat Orchestration Template contains the property ``name``\nfor a non ``OS::Nova::Server`` resource, the intrinsic function\n``str_replace`` **MUST** be used in conjunction with the ONAP\nsupplied metadata parameter ``vnf_name`` to generate a unique value.\nAdditional data **MAY** be used in the ``str_replace`` construct\nto generate a unique value.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_unique_resources_across_all_templates", + "test_case": "test_unique_resources_across_all_yaml_files", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-16447", + "text": "A VNF's <resource ID> **MUST** be unique across all Heat\nOrchestration Templates and all HEAT Orchestration Template\nNested YAML files that are used to create the VNF.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_vm_class_has_unique_type", + "test_case": "test_vm_class_has_unique_type", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-01455", + "text": "When a VNF's Heat Orchestration Template creates a Virtual Machine\n(i.e., ``OS::Nova::Server``),\neach \"class\" of VMs **MUST** be assigned a VNF unique\n``{vm-type}``; where \"class\" defines VMs that\n**MUST** have the following identical characteristics:\n\n 1.) ``OS::Nova::Server`` resource property ``flavor`` value\n\n 2.) ``OS::Nova::Server`` resource property ``image`` value\n\n 3.) Cinder Volume attachments\n\n - Each VM in the \"class\" **MUST** have the identical Cinder Volume\n configuration\n\n 4.) Network attachments and IP address requirements\n\n - Each VM in the \"class\" **MUST** have the identical number of\n ports connecting to the identical networks and requiring the identical\n IP address configuration.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_vm_role_value", + "test_case": "test_vm_role_hardcoded", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-86476", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vm_role`` value **MUST**\nonly contain alphanumeric characters and underscores (i.e., '_').", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_vm_role_value", + "test_case": "test_vm_role_from_env_file", + "result": "SKIP", + "error": "", + "requirements": [ + { + "id": "R-86476", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vm_role`` value **MUST**\nonly contain alphanumeric characters and underscores (i.e., '_').", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_vm_type_case", + "test_case": "test_vm_type_case", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-32394", + "text": "A VNF's Heat Orchestration Template's use of ``{vm-type}`` in all Resource\nproperty parameter names **MUST** be the same case.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_vm_type_resource_id", + "test_case": "test_vm_type_resource_id", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-46839", + "text": "A VNF's Heat Orchestration Template's use of ``{vm-type}``\nin all Resource IDs **MUST** be the same case.", + "keyword": "MUST" + } + ] + }, + { + "files": [ + "base_vfw.yaml" + ], + "test_module": "test_vm_type_syntax", + "test_case": "test_vm_type_syntax", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-98407", + "text": "A VNF's Heat Orchestration Template's ``{vm-type}`` **MUST** contain only\nalphanumeric characters and/or underscores '_' and **MUST NOT**\ncontain any of the following strings:\n``_int`` or ``int_`` or ``_int_``.", + "keyword": "MUST NOT" + } + ] + }, + { + "files": [ + "." + ], + "test_module": "test_volume_module_naming", + "test_case": "test_detected_volume_module_follows_naming_convention", + "result": "PASS", + "error": "", + "requirements": [ + { + "id": "R-589037", + "text": "A VNF Heat Orchestration Template's Cinder Volume Module resources section\n**MUST** only be defined using one of the following:\n\n* one of more ``OS::Cinder::Volume`` resources\n* one or more ``OS::Heat::ResourceGroup`` resources that call a nested YAML\n file that contains only ``OS::Cinder::Volume`` resources\n* a resource that calls a nested YAML file (static nesting) that contains\n only ``OS::Cinder::Volume`` resources", + "keyword": "MUST" + } + ] + } + ], + "requirements": [ + { + "id": "R-00011", + "text": "A VNF's Heat Orchestration Template's parameter defined\nin a nested YAML file\n**SHOULD NOT** have a parameter constraint defined.", + "keyword": "SHOULD NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-00068", + "text": "The xNF Package **MUST** include documentation which includes\na description of parameters that can be monitored for the xNF\nand event records (status, fault, flow, session, call, control\nplane, etc.) generated by the xNF after instantiation.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-00098", + "text": "The VNF **MUST NOT** impact the ability of the VNF to provide\nservice/function due to a single container restart.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-00156", + "text": "The xNF Package **MUST** include documentation describing xNF\nManagement APIs, which must include information and tools for\nONAP to monitor the health of the xNF (conditions that require\nhealing and/or scaling responses).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-00228", + "text": "A VNF's Heat Orchestration Template **MAY**\nreference the nested heat statically by repeated definition.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-00606", + "text": "A VNF **MAY** be connected to zero, one or more than one external\nnetwork.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-00977", + "text": "A VNF's Heat Orchestration Template's ``{network-role}``\n**MUST NOT** be a substring of ``{vm-type}``.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-01033", + "text": "The xNF **MAY** use another option which is expected to include SFTP\nfor asynchronous bulk files, such as bulk files that contain large volumes\nof data collected over a long time interval or data collected across many\nxNFs. (Preferred is to reorganize the data into more frequent or more focused\ndata sets, and deliver these by REST or TCP as appropriate.)", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-01101", + "text": "A VNF's Heat Orchestration Template **MAY**\nreference the nested heat dynamically using the resource\n``OS::Heat::ResourceGroup``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-01123", + "text": "The VNF package Manifest file **MUST** contain: VNF package meta-data, a\nlist of all artifacts (both internal and external) entry's including\ntheir respected URI's, an algorithm to calculate a digest and a digest\nresult calculated on the content of each artifacts, as specified in\nETSI GS NFV-SOL004. The VNF Package MUST include VNF Identification\nData to uniquely identify the resource for a given VNF provider. The\nidentification data must include: an identifier for the VNF, the name\nof the VNF as was given by the VNF provider, VNF description, VNF\nprovider, and version.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-01334", + "text": "The xNF **MUST** conform to the NETCONF RFC 5717,\n\"Partial Lock Remote Procedure Call\".", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-01359", + "text": "A VNF's Heat Orchestration Template that contains an ``OS::Nova:Server``\nResource **MAY** define a parameter for the property\n``availability_zone`` that is not utilized in any ``OS::Nova::Server``\nresources in the Heat Orchestration Template.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-01382", + "text": "The xNF **MUST** allow the entire configuration of the xNF to be\nretrieved via NETCONF's <get-config> and <edit-config>, independently\nof whether it was configured via NETCONF or other mechanisms.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-01427", + "text": "The xNF **MUST** support the provisioning of security and authentication\nparameters (HTTP username and password) in order to be able to authenticate\nwith DCAE (in ONAP).\n\nNote: In R3, a username and password are used with the DCAE VES Event\nListener which are used for HTTP Basic Authentication.\n\nNote: The configuration management and provisioning software are specific\nto a vendor architecture.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-01455", + "text": "When a VNF's Heat Orchestration Template creates a Virtual Machine\n(i.e., ``OS::Nova::Server``),\neach \"class\" of VMs **MUST** be assigned a VNF unique\n``{vm-type}``; where \"class\" defines VMs that\n**MUST** have the following identical characteristics:\n\n 1.) ``OS::Nova::Server`` resource property ``flavor`` value\n\n 2.) ``OS::Nova::Server`` resource property ``image`` value\n\n 3.) Cinder Volume attachments\n\n - Each VM in the \"class\" **MUST** have the identical Cinder Volume\n configuration\n\n 4.) Network attachments and IP address requirements\n\n - Each VM in the \"class\" **MUST** have the identical number of\n ports connecting to the identical networks and requiring the identical\n IP address configuration.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-01478", + "text": "The xNF Package **MUST** include documentation describing all\nparameters that are available to monitor the xNF after instantiation\n(includes all counters, OIDs, PM data, KPIs, etc.) that must be\ncollected for reporting purposes.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-01556", + "text": "The xNF Package **MUST** include documentation describing the\nfault, performance, capacity events/alarms and other event records\nthat are made available by the xNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-01896", + "text": "A VNF's Heat Orchestration Template's parameter values that are constant\nacross all deployments **MUST** be declared in a Heat Orchestration\nTemplate Environment File.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-02164", + "text": "When a VNF's Heat Orchestration Template's Contrail resource\nhas a property that\nreferences an external network that requires the network's\nFully Qualified Domain Name (FQDN), the property parameter\n\n* **MUST** follow the format ``{network-role}_net_fqdn``\n* **MUST** be declared as type ``string``\n* **MUST NOT** be enumerated in the VNF's Heat Orchestration Template's\n Environment File", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-02170", + "text": "The VNF **MUST** use, whenever possible, standard implementations\nof security applications, protocols, and formats, e.g., S/MIME, TLS, SSH,\nIPSec, X.509 digital certificates for cryptographic implementations.\nThese implementations must be purchased from reputable vendors or obtained\nfrom reputable open source communities and must not be developed in-house.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-02360", + "text": "The VNFC **MUST** be designed as a standalone, executable process.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-02454", + "text": "The VNF **MUST** support the existence of multiple major/minor\nversions of the VNF software and/or sub-components and interfaces that\nsupport both forward and backward compatibility to be transparent to\nthe Service Provider usage.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-02597", + "text": "The xNF **MUST** implement the protocol operation:\n``lock(target)`` - Lock the configuration data store target.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-02616", + "text": "The xNF **MUST** permit locking at the finest granularity\nif a xNF needs to lock an object for configuration to avoid blocking\nsimultaneous configuration operations on unrelated objects (e.g., BGP\nconfiguration should not be locked out if an interface is being\nconfigured or entire Interface configuration should not be locked out\nif a non-overlapping parameter on the interface is being configured).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-02651", + "text": "The xNF **SHOULD** use available backup capabilities to save a\ncopy of configuration files before implementing changes to support\noperations such as backing out of software upgrades, configuration\nchanges or other work as this will help backing out of configuration\nchanges when needed.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-02691", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``workload_context``\nparameter ``workload_context`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-02997", + "text": "The VNF **MUST** preserve their persistent data. Running VMs\nwill not be backed up in the Network Cloud infrastructure.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-03070", + "text": "The xNF **MUST**, by ONAP Policy, provide the ONAP addresses\nas data destinations for each xNF, and may be changed by Policy while\nthe xNF is in operation. We expect the xNF to be capable of redirecting\ntraffic to changed destinations with no loss of data, for example from\none REST URL to another, or from one TCP host and port to another.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-03251", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::CinderVolume``\n**MAY** be defined in a Cinder Volume Module.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-03324", + "text": "A VNF's Heat Orchestration template's Environment File **MUST**\ncontain the ``parameters:`` section.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-03465", + "text": "The xNF **MUST** release locks to prevent permanent lock-outs\nwhen the corresponding <partial-unlock> operation succeeds.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-03595", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup`` that\nis applicable to more than one ``{vm-type}`` and one external network Resource ID\n**SHOULD** use the naming convention\n\n* ``{network-role}_security_group``\n\nwhere\n\n* ``{network-role}`` is the network-role", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-03656", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::SoftwareConfig``\nResource ID **MAY** use the naming convention\n\n* ``{vm-type}_RSC``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RSC`` signifies that it is the Resource Software Config", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-03954", + "text": "The VNF **MUST** survive any single points of failure within\nthe Network Cloud (e.g., virtual NIC, VM, disk failure).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-04158", + "text": "The xNF **MUST** conform to the NETCONF RFC 4742,\n\"Using the NETCONF Configuration Protocol over Secure Shell (SSH)\".", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-04298", + "text": "The xNF provider **MUST** provide their testing scripts to\nsupport testing.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-04344", + "text": "A VNF's Nested YAML file **MAY** be invoked by more than one of\na VNF's Heat Orchestration Templates (when the VNF is composed of two\nor more Heat Orchestration Templates).", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-04492", + "text": "The VNF **MUST** generate security audit logs that can be sent\nto Security Analytics Tools for analysis.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-04697", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_ips``\n\n where\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the external\n network", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-04747", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::CloudConfig``\nResource ID **MUST** contain the ``{vm-type}``.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-04982", + "text": "The VNF **MUST NOT** include an authentication credential,\ne.g., password, in the security audit logs, even if encrypted.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-05050", + "text": "A VNF's Heat Orchestration Templates intrinsic function\n``get_file`` <content key> **MAY** be used:\n\n * more than once in a VNF's Heat Orchestration Template\n * in two or more of a VNF's Heat Orchestration Templates\n * in a VNF's Heat Orchestration Templates nested YAML file", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-05201", + "text": "When a VNF connects to two or more unique networks, each\nnetwork **MUST** be assigned a unique ``{network-role}``\nin the context of the VNF for use in the VNF's Heat Orchestration\nTemplate.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-05257", + "text": "A VNF's Heat Orchestration Template's **MUST NOT**\ncontain the Resource ``OS::Neutron::FloatingIP``.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-06327", + "text": "The VNF **MUST** respond to a \"drain VNFC\" [#4.5.2]_ command against\na specific VNFC, preventing new session from reaching the targeted VNFC,\nwith no disruption to active sessions on the impacted VNFC, if a VNF\nprovides a load balancing function across multiple instances of its VNFCs.\nThis is used to support scenarios such as proactive maintenance with no\nuser impact.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-06413", + "text": "The VNF **MUST** log the field \"service or program used for access\"\nin the security audit logs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-06613", + "text": "A VNF's Heat Orchestration Template's parameter defined\nin a non-nested YAML file as type\n``boolean`` **MAY** have a parameter constraint defined.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-06668", + "text": "The VNF **MUST** handle the start or restart of VNFC instances\nin any order with each VNFC instance establishing or re-establishing\nrequired connections or relationships with other VNFC instances and/or\nVNFs required to perform the VNF function/role without requiring VNFC\ninstance(s) to be started/restarted in a particular order.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-06885", + "text": "The VNF **SHOULD** support the ability to scale down a VNFC pool\nwithout jeopardizing active sessions. Ideally, an active session should\nnot be tied to any particular VNFC instance.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-06924", + "text": "The xNF **MUST** deliver asynchronous data as data becomes\navailable, or according to the configured frequency.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-07251", + "text": "The xNF **MUST** support APPC/SDN-C ``ResumeTraffic`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-07443", + "text": "A VNF's Heat Orchestration Templates' Cinder Volume Module Output\nParameter's name and type **MUST** match the input parameter name and type\nin the corresponding Base Module or Incremental Module.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-07507", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vnf_id`` parameter\n**MUST** be declared as ``vnf_id`` and the parameter **MUST**\nbe defined as type: ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-07545", + "text": "The xNF **MUST** support all operations, administration and\nmanagement (OAM) functions available from the supplier for xNFs using\nthe supplied YANG code and associated NETCONF servers.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-07617", + "text": "The VNF **MUST** log success and unsuccessful creation, removal, or\nchange to the inherent privilege level of users.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-08134", + "text": "The xNF **MUST** conform to the NETCONF RFC 6241,\n\"NETCONF Configuration Protocol\".", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-08312", + "text": "The xNF **MAY** use another option which is expected to include REST\ndelivery of binary encoded data sets.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-08315", + "text": "The VNF **SHOULD** use redundant connection pooling to connect\nto any backend data source that can be switched between pools in an\nautomated/scripted fashion to ensure high availability of the connection\nto the data source.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-08775", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup``\nthat is applicable to one ``{vm-type}`` and more than one network (internal\nand/or external) Resource ID **SHOULD** use the naming convention\n\n* ``{vm-type}_security_group``\n\nwhere\n\n* ``{vm-type}`` is the vm-type", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-08975", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::SoftwareConfig``\nResource ID **MUST** contain the ``{vm-type}``.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-09467", + "text": "The VNF **MUST** utilize only NCSP standard compute flavors. [#4.5.1]_", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-09811", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vf_module_index`` **MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-10087", + "text": "The VNF package **MUST** contain all standard artifacts as specified in\nETSI GS NFV-SOL004 including Manifest file, VNFD (or Main TOSCA/YAML\nbased Service Template) and other optional artifacts. CSAR Manifest\nfile as per SOL004 - for example ROOT\\\\ **MainServiceTemplate.mf**", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-10129", + "text": "The xNF **SHOULD** conform its YANG model to RFC 7223,\n\"A YANG Data Model for Interface Management\".", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-10173", + "text": "The xNF **MUST** allow another NETCONF session to be able to\ninitiate the release of the lock by killing the session owning the lock,\nusing the <kill-session> operation to guard against hung NETCONF sessions.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-10353", + "text": "The xNF **MUST** conform its YANG model to RFC 6244,\n\"An Architecture for Network Management Using NETCONF and YANG\".", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-106240", + "text": "The following VES Events **MUST** be supported by the PNF: pnfRegistration\nVES Event, HVol VES Event, and Fault VES Event. These are onboarded via\nhe SDC Design Studio.\n\nNote: these VES Events are emitted from the PNF to support PNF Plug and\nPlay, High Volume Measurements, and Fault events respectively.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-10716", + "text": "The xNF **MUST** support parallel and simultaneous\nconfiguration of separate objects within itself.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-10754", + "text": "If a VNF has two or more ports that\nattach to an external network that require a Virtual IP Address (VIP),\nand the VNF requires ONAP automation to assign the IP address,\nall the Virtual Machines using the VIP address **MUST**\nbe instantiated in the same Base Module Heat Orchestration Template\nor in the same Incremental Module Heat Orchestration Template.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-10834", + "text": "If a VNF's Heat Orchestration Template resource attribute\n``property:`` uses a nested ``get_param``, the nested\n``get_param`` **MUST** reference an index.\n\nThat is, to obtain a property value, two ``get_param`` intrinsic\nfunctions are used. The second ``get_param`` must be used\nto obtain an index value used to reference a parameter value in\na parameter defined as ``type: comma_delimited_list``. For\nexample:\n\n* ``name: {get_param: [ name, get_param: index ] }``", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-11041", + "text": "All parameters defined in a VNFs Nested YAML file\n**MUST** be passed in as properties of the resource calling\nthe nested yaml file.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-11168", + "text": "A VNF's Heat Orchestration Template's Resource ID that is associated with\nan external network **MUST** include the ``{network-role}`` as part\nof the resource ID.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-11200", + "text": "A VNF's Cinder Volume Module, when it exists, **MUST** be 1:1\nwith a Base module or Incremental module.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-11235", + "text": "The xNF **MUST** implement the protocol operation:\n``kill-session(session``- Force the termination of **session**.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-11240", + "text": "The xNF **MUST** respond with content encoded in JSON, as\ndescribed in the RESTCONF specification. This way the encoding of a\nsynchronous communication will be consistent with Avro.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-11441", + "text": "A VNF's Heat Orchestration Template's parameter type **MUST** be one of\nthe following values:\n\n* ``string``\n* ``number``\n* ``json``\n* ``comma_delimited_list``\n* ``boolean``", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-11499", + "text": "The xNF **MUST** fully support the XPath 1.0 specification\nfor filtered retrieval of configuration and other database contents.\nThe 'type' attribute within the <filter> parameter for <get> and\n<get-config> operations may be set to 'xpath'. The 'select' attribute\n(which contains the XPath expression) will also be supported by the\nserver. A server may support partial XPath retrieval filtering, but\nit cannot advertise the ``:xpath`` capability unless the entire XPath\n1.0 specification is supported.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-11690", + "text": "When a VNF's Heat Orchestration Template's Resource ID contains an\n``{index}``, the ``{index}`` is a numeric value that **MUST** start at\nzero and **MUST** increment by one.\n\nAs stated in R-16447,\n*a VNF's <resource ID> MUST be unique across all Heat\nOrchestration Templates and all HEAT Orchestration Template\nNested YAML files that are used to create the VNF*. While the ``{index}``\nwill start at zero in the VNF, the ``{index}`` may not start at zero\nin a given Heat Orchestration Template or HEAT Orchestration Template\nNested YAML file.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-11790", + "text": "The VNF **MUST** support ONAP Controller's\n**Restart (stop/start or reboot)** command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-118669", + "text": "Login access (e.g., shell access) to the operating system layer, whether\ninteractive or as part of an automated process, **MUST** be through an\nencrypted protocol such as SSH or TLS.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-120182", + "text": "The xNF provider **MUST** indicate specific conditions that may arise, and\nrecommend actions that may be taken at specific thresholds, or if specific\nconditions repeat within a specified time interval, using the semantics and\nsyntax described by the :doc:`VES Event Registration specification <../../../../vnfsdk/model.git/docs/files/VESEventRegistration_3_0>`.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-12110", + "text": "The VNF **MUST NOT** use keys generated or derived from\npredictable functions or values, e.g., values considered predictable\ninclude user identity information, time of day, stored/transmitted data.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-12271", + "text": "The xNF **SHOULD** conform its YANG model to RFC 7223,\n\"IANA Interface Type YANG Module\".", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-123044", + "text": "The xNF Provider **MAY** require that specific events, identified by their\n``eventName``, require that certain fields, which are optional in the common\nevent format, must be present when they are published.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-12467", + "text": "The VNF **MUST NOT** use compromised encryption algorithms.\nFor example, SHA, DSS, MD5, SHA-1 and Skipjack algorithms.\nAcceptable algorithms can be found in the NIST FIPS publications\n(https://csrc.nist.gov/publications/fips) and in the\nNIST Special Publications (https://csrc.nist.gov/publications/sp).", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-12538", + "text": "The VNF **SHOULD** support load balancing and discovery\nmechanisms in resource pools containing VNFC instances.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-12678", + "text": "The xNF Package **MUST** include documentation which includes a\ndescription of runtime lifecycle events and related actions (e.g.,\ncontrol responses, tests) which can be performed for the xNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-12706", + "text": "The xNF **MUST** support APPC/SDN-C ``QuiesceTraffic`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-12709", + "text": "The VNFC **SHOULD** be independently deployed, configured,\nupgraded, scaled, monitored, and administered by ONAP.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-13151", + "text": "The VNF **SHOULD** disable the paging of the data requiring\nencryption, if possible, where the encryption of non-transient data is\nrequired on a device for which the operating system performs paging to\nvirtual memory. If not possible to disable the paging of the data\nrequiring encryption, the virtual memory should be encrypted.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-13194", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``environment_context`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-13196", + "text": "A VNF **MAY** be composed of zero to many Incremental Modules.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-13344", + "text": "The VNF **MUST** log starting and stopping of security\nlogging.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-13390", + "text": "The xNF provider **MUST** provide cookbooks to be loaded\non the appropriate Chef Server.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-13613", + "text": "The VNF **MUST** provide clear measurements for licensing\npurposes to allow automated scale up/down by the management system.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-13627", + "text": "The VNF **MUST** monitor API invocation patterns to detect\nanomalous access patterns that may represent fraudulent access or other\ntypes of attacks, or integrate with tools that implement anomaly and\nabuse detection.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-13800", + "text": "The xNF **MUST** conform to the NETCONF RFC 5277,\n\"NETCONF Event Notification\".", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-14198", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup`` that\nis applicable to one {vm-type} and one internal network Resource ID **SHOULD**\nuse the naming convention\n\n* ``{vm-type}_int_{network-role}_security_group``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{network-role}`` is the network-role", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-14447", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::ServiceTemplate``\nResource ID **MAY** use the naming convention\n\n* ``{vm-type}_RST_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RST`` signifies that it is the Resource Service Template\n* ``{index}`` is the index", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-146931", + "text": "The xNF **MUST** report exactly one Measurement event per period\nper source name.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-14853", + "text": "The VNF **MUST** respond to a \"move traffic\" [#4.5.2]_ command\nagainst a specific VNFC, moving all existing session elsewhere with\nminimal disruption if a VNF provides a load balancing function across\nmultiple instances of its VNFCs.\n\nNote: Individual VNF performance aspects (e.g., move duration or\ndisruption scope) may require further constraints.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-15189", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Nova::ServerGroup`` Resource ID\n**MAY** use the naming convention\n\n* ``{vm-type}_RSG``\n\nor\n\n* ``{vm-type}_Server_Grp``\n\nor\n\n* ``{vm-type}_ServerGroup``\n\nor\n\n* ``{vm-type}_servergroup``", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-15287", + "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` is attaching\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv6 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv6 subnet is to be specified\nusing the property ``fixed_ips``\nmap property ``subnet``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_v6_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-15325", + "text": "The VNF **MUST** log the field \"success/failure\" in the\nsecurity audit logs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-15480", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_name`` parameter ``vf_module_name``\n**MUST NOT** have parameter constraints defined.", + "keyword": "MUST NOT", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-15671", + "text": "The VNF **MUST** provide access controls that allow the Operator\nto restrict access to VNF functions and data to authorized entities.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-15837", + "text": "The following table defines the major TOSCA Types specified in\nETSI NFV-SOL001 standard draft. The VNFD provided by a VNF vendor\n**MUST** comply with the below definitions:", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-15884", + "text": "The VNF **MUST** include the field \"date\" in the Security alarms\n(where applicable and technically feasible).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-15885", + "text": "The xNF **MUST** Upon completion of the chef-client run,\nPOST back on the callback URL, a JSON object as described in Table\nA2 if the chef-client run list includes a cookbook/recipe that is\ncallback capable. Failure to POST on the Callback Url should not be\nconsidered a critical error. That is, if the chef-client successfully\ncompletes the xNF action, it should reflect this status on the Chef\nServer regardless of whether the Callback succeeded or not.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-159016", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nECOMP definition, see Requirement R-57424),\nand an IPv4 and/or IPv6 Virtual IP (VIP)\naddress is assigned via ECOMP automation\nusing the property ``allowed_address_pairs``\nmap property ``ip_address``, the\nparameter **MUST NOT** be declared as ``type: comma_deliited_list``.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-16039", + "text": "The VNF **SHOULD** test for adherence to the defined\nresiliency rating recommendation at each layer, during each\ndelivery cycle so that the resiliency rating is measured and\nfeedback is provided where software resiliency requirements are\nnot met.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-16065", + "text": "The xNF provider **MUST** provide configurable parameters\n(if unable to conform to YANG model) including xNF attributes/parameters\nand valid values, dynamic attributes and cross parameter dependencies\n(e.g., customer provisioning data).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-16241", + "text": "A VNF's internal network **MUST** have one subnet.\nA VNF's internal network **MAY** have more than one subnet.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-16437", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::ServiceTemplate``\nResource ID **MUST** contain the ``{vm-type}``.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-16447", + "text": "A VNF's <resource ID> **MUST** be unique across all Heat\nOrchestration Templates and all HEAT Orchestration Template\nNested YAML files that are used to create the VNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-16496", + "text": "The VNF **MUST** enable instantiating only the functionality that\nis needed for the decomposed VNF (e.g., if transcoding is not needed it\nshould not be instantiated).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-16560", + "text": "The VNF **SHOULD** conduct a resiliency impact assessment for all\ninter/intra-connectivity points in the VNF to provide an overall resiliency\nrating for the VNF to be incorporated into the software design and\ndevelopment of the VNF.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-16777", + "text": "The xNF provider **MUST** provide a JSON file for each\nsupported action for the xNF. The JSON file must contain key value\npairs with all relevant values populated with sample data that illustrates\nits usage. The fields and their description are defined in Table B1\nin the Appendix.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-16875", + "text": "The xNF Package **MUST** include documentation which must include\na unique identification string for the specific xNF, a description of\nthe problem that caused the error, and steps or procedures to perform\nRoot Cause Analysis and resolve the issue.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-16968", + "text": "A VNF's Heat Orchestration Templates **MUST NOT** include heat\nresources to create external networks.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-17334", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup``\nthat is applicable to one ``{vm-type}`` and one external network Resource ID\n**SHOULD** use the naming convention\n\n* ``{vm-type}_{network-role}_security_group``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{network-role}`` is the network-role", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-17528", + "text": "A VNF's Heat Orchestration Template's first level Nested YAML file\n**MUST NOT** contain more than one ``OS::Nova::Server`` resource.\nA VNF's Heat Orchestration Template's second level Nested YAML file\n**MUST NOT** contain an ``OS::Nova::Server`` resource.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-17624", + "text": "The PNF **MAY** support the optional parameters for Service\nConfiguration Parameters.\n\nNote: These are detailed in the Stage 5 PnP\n\nNote: These parameters are optional, and not all PNFs will support any\nor all of these parameters, it is up to the vendor and service provider\nto ascertain which ones are supported up to an including all of the ones\nthat have been defined. Note: It is expected that there will be a growing\nlist of supported configuration parameters in future releases of ONAP.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-17852", + "text": "The VNFD **MAY** include TOSCA/YAML definitions that are not part of\nNFV Profile. If provided, these definitions MUST comply with TOSCA\nSimple Profile in YAML v.1.2.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-18001", + "text": "If the VNF's ports connected to a unique internal network\nand the port's IP addresses are statically assigned IP Addresses,\nthe IPv4 Addresses **MAY** be from different subnets and the\nIPv6 Addresses **MAY** be from different subnets.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-18008", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``network`` parameter **MUST** be declared as type: ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-18202", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::Heat::MultipartMime``\nResource ID\n**MAY**\nuse the naming convention\n\n* ``{vm-type}_RMM``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RMM`` signifies that it is the Resource Multipart Mime", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-18525", + "text": "The xNF provider **MUST** provide a JSON file for each\nsupported action for the xNF. The JSON file must contain key value\npairs with all relevant values populated with sample data that illustrates\nits usage. The fields and their description are defined in Tables A1\nand A2 in the Appendix.\n\nNote: Chef support in ONAP is not currently available and planned for 4Q 2017.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-18683", + "text": "If a VNF has one IPv4 OAM Management IP Address and the\nIP Address needs to be inventoried in ONAP's A&AI\ndatabase, an output parameter **MUST** be declared in only one of the\nVNF's Heat Orchestration Templates and the parameter **MUST** be named\n``oam_management_v4_address``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-18725", + "text": "The VNF **MUST** handle the restart of a single VNFC instance\nwithout requiring all VNFC instances to be restarted.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-18733", + "text": "The xNF **MUST** implement the protocol operation:\n``discard-changes()`` - Revert the candidate configuration\ndata store to the running configuration.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-18864", + "text": "The VNF **MUST NOT** use technologies that bypass virtualization\nlayers (such as SR-IOV) unless approved by the NCSP (e.g., if necessary\nto meet functional or performance requirements).", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-19082", + "text": "The VNF **MUST** allow the Operator to disable or remove any security\ntesting tools or programs included in the VNF, e.g., password cracker,\nport scanner.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-19366", + "text": "The xNF **MUST** support APPC ``ConfigModify`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-19624", + "text": "The xNF, when leveraging JSON for events, **MUST** encode and serialize\ncontent delivered to ONAP using JSON (RFC 7159) plain text format.\nHigh-volume data is to be encoded and serialized using\n`Avro <http://avro.apache.org/>`_, where the Avro [#7.4.1]_ data\nformat are described using JSON.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-19756", + "text": "If a VNF's Heat Orchestration Template\n``OS::ContrailV2::InterfaceRouteTable`` resource\n``interface_route_table_routes`` property\n``interface_route_table_routes_route`` map property parameter\n``{vm-type}_{network-role}_route_prefixes``\n**MUST** be defined as type ``json``.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-19768", + "text": "The VNF **SHOULD** support network segregation, i.e., separation of OA&M\ntraffic from signaling and payload traffic, using technologies such as\nVPN and VLAN.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-19922", + "text": "The xNF **MUST** support APPC/SDN-C ``UpgradePrecheck`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-20065", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::PortTuple``\nResource ID **MUST** contain the ``{vm-type}``.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-20204", + "text": "The VNF Package **MUST** include VM requirements via a Heat\ntemplate that provides the necessary data for network connections,\ninterface connections, internal and external to VNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-20308", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``environment_context``\nparameter **MUST** be declared as ``environment_context`` and the\nparameter type **MUST** be defined as type: ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-20319", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::CloudConfig``\nResource ID **MAY** use the naming convention\n\n* ``{vm-type}_RCC``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RCC`` signifies that it is the Resource Cloud Config", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-20353", + "text": "The xNF **MUST** implement both ``:candidate`` and\n``:writable-running`` capabilities. When both ``:candidate`` and\n``:writable-running`` are provided then two locks should be supported.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-20453", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is attaching to an external network Resource ID\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_port_{port-index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{port-index}`` is the instance of the port on the vm-type\n attached to the network of ``{network-role}``", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-20547", + "text": "When an ONAP Volume Module Output Parameter is declared as an input\nparameter in a base or an incremental module Heat Orchestration\nTemplate, parameter constraints **SHOULD NOT** be declared.", + "keyword": "SHOULD NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-20741", + "text": "The xNF **MUST** support APPC/SDN-C ``Configure`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-20856", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vnf_id`` parameter ``vnf_id`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-20860", + "text": "The VNF **MUST** be agnostic to the underlying infrastructure\n(such as hardware, host OS, Hypervisor), any requirements should be\nprovided as specification to be fulfilled by any hardware.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-21210", + "text": "The VNF **MUST** implement the following input validation control\non APIs: Validate that any input file has a correct and valid\nMultipurpose Internet Mail Extensions (MIME) type. Input files\nshould be tested for spoofed MIME types.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-21322", + "text": "The VNF provider **MUST** provide their testing scripts to support\ntesting as specified in ETSI NFV-SOL004 - Testing directory in CSAR", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-21330", + "text": "A VNF's Heat Orchestration Template's Resource property parameter that is\nassociated with external network **MUST** include the ``{network-role}``\nas part of the parameter name.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-21511", + "text": "A VNF's Heat Orchestration Template's use of ``{network-role}``\nin all Resource IDs **MUST** be the same case.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-21558", + "text": "The VNF **SHOULD** use intelligent routing by having knowledge\nof multiple downstream/upstream endpoints that are exposed to it, to\nensure there is no dependency on external services (such as load balancers)\nto switch to alternate endpoints.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-21652", + "text": "The VNF **MUST** implement the following input validation\ncontrol: Check the size (length) of all input. Do not permit an amount\nof input so great that it would cause the VNF to fail. Where the input\nmay be a file, the VNF API must enforce a size limit.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-21819", + "text": "The VNF **MUST** provide functionality that enables the Operator to comply\nwith requests for information from law enforcement and government agencies.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22059", + "text": "The VNF **MUST NOT** execute long running tasks (e.g., IO,\ndatabase, network operations, service calls) in a critical section\nof code, so as to minimize blocking of other operations and increase\nconcurrent throughput.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22286", + "text": "The VNF **MUST** support Integration functionality via\nAPI/Syslog/SNMP to other functional modules in the network (e.g.,\nPCRF, PCEF) that enable dynamic security control by blocking the\nmalicious traffic or malicious end users.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22288", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n``int_{network-role}_v6_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22346", + "text": "The xNF package MUST provide :doc:`VES Event Registration <../../../../vnfsdk/model.git/docs/files/VESEventRegistration_3_0>`\nfor all VES events provided by that xNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22367", + "text": "The VNF **MUST** support detection of malformed packets due to software\nmisconfiguration or software vulnerability, and generate an error to the\nsyslog console facility.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22589", + "text": "A VNF's Heat Orchestration Template parameter declaration\n**MAY** contain the attribute ``immutable:``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22608", + "text": "When a VNF's Heat Orchestration Template's Base Module's output\nparameter is declared as an input parameter in an Incremental Module,\nthe parameter attribute ``constraints:`` **SHOULD NOT** be declared.", + "keyword": "SHOULD NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22680", + "text": "The xNF Package **MUST** include documentation that describes\nany requirements for the monitoring component of tools for Network\nCloud automation and management to provide these records to components\nof the xNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22688", + "text": "If a VNF's port is connected to an internal network and the port is\ncreated in an Incremental Module and the internal network is created\nin the Base Module then the UUID of the internal network **MUST** be\nexposed as a parameter in the ``outputs:`` section of the Base Module\nand the port resource **MUST** use a ``get_param`` to obtain the network\nUUID.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22700", + "text": "The xNF **MUST** conform its YANG model to RFC 6470,\n\"NETCONF Base Notifications\".", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22838", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``name`` parameter **MUST NOT** be enumerated in the Heat Orchestration\nTemplate's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22888", + "text": "The xNF provider **MUST** provide documentation for the xNF\nPolicy Description to manage the xNF runtime lifecycle. The document\nmust include a description of how the policies (conditions and actions)\nare implemented in the xNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-22946", + "text": "The xNF **SHOULD** conform its YANG model to RFC 6536,\n\"NETCONF Access Control Model\".", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-23035", + "text": "The VNF **MUST** be designed to scale horizontally (more\ninstances of a VNF or VNFC) and not vertically (moving the existing\ninstances to larger VMs or increasing the resources within a VM)\nto achieve effective utilization of cloud resources.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-23135", + "text": "The VNF **MUST**, if not integrated with the Operator's identity and\naccess management system, authenticate all access to protected GUIs, CLIs,\nand APIs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-231402", + "text": "The VNF **MUST** provide a means for the user to explicitly logout, thus\nending that session for that authenticated user.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-23311", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Nova::Server`` property\n``availability_zone`` parameter **MUST** be declared as type: ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-23475", + "text": "VNFCs **SHOULD** be agnostic to the details of the Network Cloud\n(such as hardware, host OS, Hypervisor or container technology) and must run\non the Network Cloud with acknowledgement to the paradigm that the Network\nCloud will continue to rapidly evolve and the underlying components of\nthe platform will change regularly.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-23503", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-23664", + "text": "A VNF's Heat Orchestration template **MUST**\ncontain the section ``resources:``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-23740", + "text": "The VNF **MUST** implement and enforce the principle of least privilege\non all protected interfaces.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-23882", + "text": "The VNF **SHOULD** provide the capability for the Operator to run security\nvulnerability scans of the operating system and all application layers.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-23957", + "text": "The VNF **MUST** include the field \"time\" in the Security alarms\n(where applicable and technically feasible).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-240760", + "text": "The VNF **MUST NOT** contain any backdoors.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-24189", + "text": "The xNF provider **MUST** deliver a new set of playbooks that includes\nall updated and unchanged playbooks for any new revision to an existing\nset of playbooks.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-24269", + "text": "The xNF **SHOULD** conform its YANG model to RFC 7407,\n\"A YANG Data Model for SNMP Configuration\", if Netconf used to\nconfigure SNMP engine.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-24359", + "text": "The VNF **MUST** provide the capability of testing the validity\nof a digital certificate by validating the date the certificate is being\nused is within the validity period for the certificate.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-24482", + "text": "The xNF **MUST** provide Ansible playbooks that are designed to run using\nan inventory hosts file in a supported format; with site group that shall\nbe used to add site specific configurations to the target xNF VM(s) as\nneeded.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-24893", + "text": "A VNF's Heat Orchestration template's Environment File's\n**MAY** contain the ``event_sinks:`` section.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-24997", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Nova::Keypair`` applies to\none ``{vm-type}`` Resource ID **SHOULD** use the naming convention\n\n* ``{vm-type}_keypair_{index}``\n\nwhere\n\n* ``{network-role}`` is the network-role\n* ``{index}`` is the ``{index}`` of the keypair", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-25190", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Cinder::Volume``\n**SHOULD NOT** declare the property ``availability_zone``.", + "keyword": "SHOULD NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-25238", + "text": "The xNF PACKAGE **MUST** validated YANG code using the open\nsource pyang [#7.3.1]_ program using the following commands:\n\n.. code-block:: text\n\n $ pyang --verbose --strict <YANG-file-name(s)> $ echo $!", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-25401", + "text": "The VNF **MUST** use asymmetric keys of at least 2048 bits in length.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-25547", + "text": "The VNF **MUST** log the field \"protocol\" in the security audit logs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-256267", + "text": "If SNMP is utilized, the VNF **MUST** support at least SNMPv3 with\nmessage authentication.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-256347", + "text": "The PNF **MUST** support one of the protocols for a Service Configuration\nmessage exchange between the PNF and PNF Controller (in ONAP):\na) Netconf/YANG, b) Chef, or c) Ansible.\n\nNote: The PNF Controller may be VF-C, APP-C or SDN-C based on the\nPNF and PNF domain.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-25720", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Net``\nResource ID **MUST** use the naming convention\n\n* ``int_{network-role}_network``\n\nVNF Heat Orchestration Templates can only create internal networks.\nThere is no ``{index}`` after ``{network-role}`` because ``{network-role}``\n**MUST** be unique in the scope of the VNF's\nHeat Orchestration Template.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-257367", + "text": "The xNF, when leveraging Google Protocol Buffers for events, **MUST**\nserialize the events using native Google Protocol Buffers (GPB) according\nto the following guidelines:\n\n * The keys are represented as integers pointing to the system resources\n for the xNF being monitored\n * The values correspond to integers or strings that identify the\n operational state of the VNF resource, such a statistics counters and\n the state of an xNF resource.\n * The required Google Protocol Buffers (GPB) metadata is provided in the\n form of .proto files.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-258352", + "text": "The PNF **MUST** support & accept the provisioning of an ONAP contact IP\naddress (in IPv4 or IPv6 format).\n\nNote: For example, it a possibility is that an external EMS would configure\n& provision the ONAP contact IP address to the PNF (in either IPv4 or\nIPv6 format). For the PNF Plug and Play Use Case, this IP address is the\nservice provider's \"point of entry\" to the DCAE VES Listener.\n\nNote: different service provider's network architecture may also require\nspecial setup to allow an external PNF to contact the ONAP installation.\nFor example, in the AT&T network, a maintenance tunnel is used to access\nONAP.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-258686", + "text": "The VNF application processes **MUST NOT** run as root.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-25877", + "text": "A VNF's Heat Orchestration Template's parameter name\n(i.e., <param name>) **MUST** contain only alphanumeric\ncharacters and underscores ('_').", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-26115", + "text": "The xNF **MUST** follow the data model upgrade rules defined\nin [RFC6020] section 10. All deviations from section 10 rules shall\nbe handled by a built-in automatic upgrade mechanism.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-26124", + "text": "If a VNF Heat Orchestration Template parameter has a default value,\nit **MUST** be enumerated in the environment file.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-26351", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is attaching to an internal network Resource ID **MUST**\nuse the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_port_{port-index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{port-index}`` is the instance of the port on the vm-type\n attached to the network of ``{network-role}``", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-26371", + "text": "The VNF **MUST** detect communication failure for inter VNFC\ninstance and intra/inter VNF and re-establish communication\nautomatically to maintain the VNF without manual intervention to\nprovide service continuity.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-26506", + "text": "A VNF's Heat Orchestration Template's ``{network-role}`` **MUST** contain\nonly alphanumeric characters and/or underscores '_' and\n**MUST NOT** contain any of the following strings:\n``_int`` or ``int_`` or ``_int_``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-26508", + "text": "The xNF **MUST** support a NETCONF server that can be mounted on\nOpenDaylight (client) and perform the operations of: modify, update,\nchange, rollback configurations using each configuration data element,\nquery each state (non-configuration) data element, execute each YANG\nRPC, and receive data through each notification statement.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-26567", + "text": "The xNF Package **MUST** include a run list of\nroles/cookbooks/recipes, for each supported xNF action, that will\nperform the desired xNF action in its entirety as specified by ONAP\n(see Section 7.c, APPC/SDN-C APIs and Behavior, for list of xNF\nactions and requirements), when triggered by a chef-client run list\nin JSON file.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-26881", + "text": "The xNF provider **MUST** provide the binaries and images\nneeded to instantiate the xNF (xNF and VNFC images).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-26885", + "text": "The VNF provider **MUST** provide the binaries and images needed to\ninstantiate the VNF (VNF and VNFC images) either as:\n\n - Local artifact in CSAR: ROOT\\\\Artifacts\\\\ **VNF_Image.bin**\n\n - externally referred (by URI) artifact in Manifest file (also may be\n referred by VNF Descriptor)\n\nNote: Currently, ONAP doesn't have the capability of Image management,\nwe upload the image into VIM/VNFM manually.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-270358", + "text": "A VNF's Heat Orchestration Template's Cinder Volume Template **MUST**\ncontain either\n\n* An ``OS::Cinder::Volume`` resource\n* An ``OS::Heat::ResourceGroup`` resource that references a Nested YAML\n file that contains an ``OS::Cinder::Volume`` resource\n* A resource that defines the property ``type`` as a Nested YAML file\n (i.e., static nesting) and the Nested YAML contains\n an ``OS::Cinder::Volume`` resource", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-27078", + "text": "A VNF's Heat Orchestration template **MUST** contain the\nsection ``heat_template_version:``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-27310", + "text": "The xNF Package **MUST** include all relevant Chef artifacts\n(roles/cookbooks/recipes) required to execute xNF actions requested by\nONAP for loading on appropriate Chef Server.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-27469", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is creating a *Reserve Port* with an IPv4 address Resource ID\n**SHOULD** use the naming convention\n\n* ``reserve_port_{vm-type}_{network-role}_floating_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{index}`` is the instance of the IPv4 *Reserve Port*\n for the vm-type attached to the network of ``{network-role}``", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-27511", + "text": "The VNF provider **MUST** provide the ability to scale\nup a VNF provider supplied product during growth and scale down a\nVNF provider supplied product during decline without \"real-time\"\nrestrictions based upon VNF provider permissions.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-27711", + "text": "The xNF provider **MUST** provide an XML file that contains a\nlist of xNF error codes, descriptions of the error, and possible\ncauses/corrective action.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-27818", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-27970", + "text": "When a VNF's Heat Orchestration Template's resource is associated with\nmore than one ``{vm-type}`` and/or more than one internal and/or external\nnetwork, the Resource ID **MAY** contain the term ``shared`` and/or **MAY**\ncontain text that identifies the VNF.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-27995", + "text": "The VNF **SHOULD** include control loop mechanisms to notify\nthe consumer of the VNF of their exceeding SLA thresholds so the consumer\nis able to control its load against the VNF.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-28168", + "text": "The VNF **SHOULD** use an appropriately configured logging\nlevel that can be changed dynamically, so as to not cause performance\ndegradation of the VNF due to excessive logging.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-28189", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InterfaceRouteTable``\nResource ID **MAY** use the naming convention\n\n* ``{network-role}_RIRT``\n\nwhere\n\n* ``{network-role}`` is the network-role\n* ``RIRT`` signifies that it is the Resource Interface Route Table", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-28222", + "text": "If a VNF's Heat Orchestration Template\n``OS::ContrailV2::InterfaceRouteTable`` resource\n``interface_route_table_routes`` property\n``interface_route_table_routes_route`` map property parameter name\n**MUST** follow the format\n\n* ``{vm-type}_{network-role}_route_prefixes``", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-283988", + "text": "The VNF, when publishing events, **MUST NOT** send information through\nextensible structures if the event specification has explicitly defined\nfields for that information.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-284934", + "text": "If the PNF encounters an error authenticating, reaching the ONAP DCAE VES\nEvent listener or recieves an error response from sending the pnfRegistration\nVES Event, it **MAY** log the error, and notify the operator.\n\nNote: the design of how errors are logged, retrieved and reported\nwill be a vendor-specific architecture. Reporting faults and errors\nis also a vendor specific design. It is expected that the PNF shall\nhave a means to log an error and notify a user when a fault condition\noccurs in trying to contact ONAP, authenticate or send a pnfRegistration\nevent.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-28545", + "text": "The xNF **MUST** conform its YANG model to RFC 6060,\n\"YANG - A Data Modeling Language for the Network Configuration\nProtocol (NETCONF)\".", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-28756", + "text": "The xNF **MUST** support ``:partial-lock`` and\n``:partial-unlock`` capabilities, defined in RFC 5717. This\nallows multiple independent clients to each write to a different\npart of the <running> configuration at the same time.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-28795", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-28980", + "text": "A VNF's incremental module **MAY** be used for initial VNF deployment only.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-29324", + "text": "The xNF **SHOULD** implement the protocol operation:\n``copy-config(target, source)`` - Copy the content of the\nconfiguration data store source to the configuration data store target.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-29488", + "text": "The xNF **MUST** implement the protocol operation:\n``get-config(source, filter`` - Retrieve a (filtered subset of\na) configuration from the configuration data store source.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-29495", + "text": "The xNF **MUST** support locking if a common object is\nbeing manipulated by two simultaneous NETCONF configuration operations\non the same xNF within the context of the same writable running data\nstore (e.g., if an interface parameter is being configured then it\nshould be locked out for configuration by a simultaneous configuration\noperation on that same interface parameter).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-29705", + "text": "The VNF **MUST** restrict changing the criticality level of a\nsystem security alarm to users with administrative privileges.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-29751", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Nova::Server`` Resource ID\n**MUST** use the naming convention\n\n* ``{vm-type}_server_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{index}`` is the index", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-29760", + "text": "The VNFC **MUST** be installed on non-root file systems,\nunless software is specifically included with the operating system\ndistribution of the guest image.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-29765", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-29872", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``network``\nparameter **MUST NOT** be enumerated in the Heat Orchestration\nTemplate's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-29977", + "text": "The VNF **MUST** provide the capability of testing the validity\nof a digital certificate by validating the CA signature on the certificate.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-30005", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup`` that\nis applicable to more than one ``{vm-type}`` and more than one network\n(internal and/or external) Resource ID **MAY**\nuse the naming convention\n\n* ``shared_security_group``\n\nor\n\n* ``{vnf-type}_security_group``\n\nwhere\n\n* ``{vnf-type}`` describes the VNF", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-30278", + "text": "The xNF provider **MUST** provide a Resource/Device YANG model\nas a foundation for creating the YANG model for configuration. This will\ninclude xNF attributes/parameters and valid values/attributes configurable\nby policy.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-303569", + "text": "The VNF **MUST** log the Source IP address in the security audit logs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-30395", + "text": "A VNF's Cinder Volume Module **MAY** utilize nested heat.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-304011", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource's\n\n* Resource ID (defined in R-29751)\n* property ``image`` parameter name (defined in R-58670)\n* property ``flavor`` parameter name (defined in R-45188)\n* property ``name`` parameter name (defined in R-54171 & R-87817)\n* property port referenced OS::Neutron::Port Resource ID\n (defined in R-20453)\n\n**MUST** contain the identical ``{vm-type}``\nand **MUST** follow the naming conventions defined\nin R-58670, R-45188, R-54171, R-87817, and R-29751. And the ``{index}`` in\nthe ``OS::Nova::Server`` Resource ID (defined in R-29751) **MUST** match\nthe ``{vm-type_index}`` defined in\nthe ``OS::Nova::Server`` property ``port``\nreferenced ``OS::Neutron::Port`` Resource ID (defined in R-20453).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-30650", + "text": "The VNF **MUST** utilize cloud provided infrastructure and\nVNFs (e.g., virtualized Local Load Balancer) as part of the VNF so\nthat the cloud can manage and provide a consistent service resiliency\nand methods across all VNF's.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-30654", + "text": "The xNF Package **MUST** have appropriate cookbooks that are\ndesigned to automatically 'rollback' to the original state in case of\nany errors for actions that change state of the xNF (e.g., configure).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-30753", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::NetworkIpam``\nResource ID\n**MUST**\ncontain the ``{network-role}``.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-30804", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::Heat::MultipartMime``\nResource ID\n**MUST**\ncontain the ``{vm-type}``.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-30932", + "text": "The VNF **MUST** log successful and unsuccessful access to VNF\nresources, including data.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-31141", + "text": "VNF Heat Orchestration Template's Cinder Volume Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nCinder Volume Module with ``.y[a]ml`` replaced with ``.env``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-31614", + "text": "The VNF **MUST** log the field \"event type\" in the security audit\nlogs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-31809", + "text": "The xNF **MUST** support the HealthCheck RPC. The HealthCheck\nRPC executes a xNF Provider-defined xNF HealthCheck over the scope of\nthe entire xNF (e.g., if there are multiple VNFCs, then run a health check,\nas appropriate, for all VNFCs). It returns a 200 OK if the test completes.\nA JSON object is returned indicating state (healthy, unhealthy), scope\nidentifier, time-stamp and one or more blocks containing info and fault\ninformation. If the xNF is unable to run the HealthCheck, return a\nstandard http error code and message.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-32094", + "text": "A VNF's Heat Orchestration Template parameter declaration **MAY**\ncontain the attribute ``label:``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-32155", + "text": "The VNFD provided by VNF vendor may use the below described TOSCA\ninterface types. An on-boarding entity (ONAP SDC) **MUST** support them.\n\n **tosca.interfaces.nfv.vnf.lifecycle.Nfv** supports LCM operations", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-32217", + "text": "The xNF **MUST** have routable management IP addresses or FQDNs that\nare reachable via the Ansible Server for the endpoints (VMs) of a\nxNF that playbooks will target. ONAP will initiate requests to the\nAnsible Server for invocation of playbooks against these end\npoints [#7.3.3]_.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-32394", + "text": "A VNF's Heat Orchestration Template's use of ``{vm-type}`` in all Resource\nproperty parameter names **MUST** be the same case.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-32557", + "text": "A VNF's Heat Orchestration Template parameter declaration **MAY**\ncontain the attribute ``hidden:``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-32636", + "text": "The VNF **MUST** support API-based monitoring to take care of\nthe scenarios where the control interfaces are not exposed, or are\noptimized and proprietary in nature.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-32641", + "text": "The VNF **MUST** provide the capability to encrypt data on\nnon-volatile memory.Non-volative memory is storage that is\ncapable of retaining data without electrical power, e.g.\nComplementary metal-oxide-semiconductor (CMOS) or hard drives.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-32695", + "text": "The VNF **MUST** provide the ability to modify the number of\nretries, the time between retries and the behavior/action taken after\nthe retries have been exhausted for exception handling to allow the\nNCSP to control that behavior, where the interface and/or functional\nspecification allows for altering behaviour.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-328086", + "text": "The xNF **MUST**, if serving as a distribution point or anchor point for\nsteering point from source to destination, support the ONAP Controller's\n``DistributeTraffic`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-32981", + "text": "The xNF **MUST** support APPC ``ConfigBackup`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-33132", + "text": "A VNF's Heat Orchestration Template **MAY** be\n 1.) Base Module Heat Orchestration Template (also referred to as a\n Base Module),\n 2.) Incremental Module Heat Orchestration Template (referred to as\n an Incremental Module), or\n 3.) a Cinder Volume Module Heat Orchestration Template (referred to as\n Cinder Volume Module).", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-332680", + "text": "The xNF **SHOULD** deliver all syslog messages to the VES Collector per the\nspecifications in Monitoring and Management chapter.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-33280", + "text": "The xNF **MUST NOT** use any instance specific parameters\nin a playbook.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-33488", + "text": "The VNF **MUST** protect against all denial of service\nattacks, both volumetric and non-volumetric, or integrate with external\ndenial of service protection tools.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-33694", + "text": "The xNF Package **MUST** include documentation to when applicable,\nprovide calculators needed to convert raw data into appropriate reporting\nartifacts.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-33846", + "text": "The VNF **MUST** install the NCSP required software on Guest OS\nimages when not using the NCSP provided Guest OS images. [#4.5.1]_", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-33904", + "text": "The xNF Package **MUST** include documentation for each KPI, provide\nlower and upper limits.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-33946", + "text": "The xNF **MUST** conform to the NETCONF RFC 4741,\n\"NETCONF Configuration Protocol\".", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-33955", + "text": "The xNF **SHOULD** conform its YANG model to RFC 6991,\n\"Common YANG Data Types\".", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-34037", + "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n**MUST** be declared as either type ``string`` or type\n``comma_delimited_list``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-34055", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``workload_context``\nparameter ``workload_context`` **MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-343842", + "text": "The VNF **MUST**, after a successful login at command line or a GUI,\ndisplay the last valid login date and time and the number of unsuccessful\nattempts since then made with that user's ID. This requirement is only\napplicable when the user account is defined locally in the VNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-34484", + "text": "The VNF **SHOULD** create a single component VNF for VNFCs\nthat can be used by other VNFs.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-34552", + "text": "The VNF **MUST** be implemented so that it is not vulnerable to OWASP\nTop 10 web application security risks.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-34660", + "text": "The xNF **MUST** use the RESTCONF/NETCONF framework used by\nthe ONAP configuration subsystem for synchronous communication.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-348813", + "text": "The VNF's Heat Orchestration Template's ZIP file **MUST NOT** include\na binary image file.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-34957", + "text": "The VNF **MUST** provide a method of metrics gathering for each\nlayer's performance to identify/document variances in the allocations so\nthey can be addressed.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-35291", + "text": "The VNF **MUST** support the ability to failover a VNFC\nautomatically to other geographically redundant sites if not\ndeployed active-active to increase the overall resiliency of the VNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-35401", + "text": "The xNF **MUST** support SSH and allow SSH access by the\nAnsible server to the endpoint VM(s) and comply with the Network\nCloud Service Provider guidelines for authentication and access.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-35414", + "text": "A VNF Heat Orchestration's template **MUST** contain the\nsection ``parameters:``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-35532", + "text": "The VNF **SHOULD** release and clear all shared assets (memory,\ndatabase operations, connections, locks, etc.) as soon as possible,\nespecially before long running sync and asynchronous operations, so as\nto not prevent use of these assets by other entities.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-35666", + "text": "If a VNF has an internal network, the VNF Heat Orchestration Template\n**MUST** include the heat resources to create the internal network.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-35735", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 Virtual IP (VIP)\naddress is assigned via ONAP automation\nusing the property ``allowed_address_pairs``\nmap property ``ip_address``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_floating_v6_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as type ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-35851", + "text": "The xNF Package **MUST** include xNF topology that describes\nbasic network and application connectivity internal and external to the\nxNF including Link type, KPIs, Bandwidth, latency, jitter, QoS (if\napplicable) for each interface.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-35854", + "text": "The VNF Descriptor (VNFD) provided by VNF vendor **MUST** comply with\nTOSCA/YAML based Service template for VNF descriptor specified in\nETSI NFV-SOL001.\n\n**Note**: As the ETSI NFV-SOL001 is work in progress the below tables\nsummarizes the TOSCA definitions agreed to be part of current version\nof NFV profile and that VNFD MUST comply with in ONAP Release 2+\nRequirements.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-35960", + "text": "The xNF Package **MUST** include documentation which must include\nall events, severity level (e.g., informational, warning, error) and\ndescriptions including causes/fixes if applicable for the event.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-36280", + "text": "The xNF provider **MUST** provide documentation describing\nxNF Functional Capabilities that are utilized to operationalize the\nxNF and compose complex services.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-36542", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vnf_name`` parameter\n``vnf_name`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-36582", + "text": "A VNF's Base Module **MAY** utilize nested heat.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-36687", + "text": "A VNF's Heat Orchestration Template's ``{vm-type}`` case in Resource\nproperty parameter names **SHOULD** match the case of ``{vm-type}``\nin Resource IDs and vice versa.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-36772", + "text": "A VNF's Heat Orchestration Template's parameter **MUST** include the\nattribute ``type:``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-36792", + "text": "The VNF **MUST** automatically retry/resubmit failed requests\nmade by the software to its downstream system to increase the success rate.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-36843", + "text": "The VNF **MUST** support the ability of the VNFC to be deployable\nin multi-zoned cloud sites to allow for site support in the event of cloud\nzone failure or upgrades.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-36982", + "text": "A VNF's Heat Orchestration template **MAY** contain the ``outputs:``\nsection.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-37028", + "text": "A VNF **MUST** be composed of one Base Module", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-37039", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_index`` parameter\n``vf_module_index`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-37437", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property ``metadata`` **MUST**\ncontain the key/value pair ``vnf_id``\nand the value **MUST** be obtained via a ``get_param``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-37692", + "text": "The VNFC **MUST** provide API versioning to allow for\nindependent upgrades of VNFC.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-378131", + "text": "(Error Case) - If an error is encountered by the PNF during a\nService Configuration exchange with ONAP, the PNF **MAY** log the\nerror and notify an operator.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-37929", + "text": "The xNF **MUST** accept all necessary instance specific\ndata from the environment or node object attributes for the xNF\nin roles/cookbooks/recipes invoked for a xNF action.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-38001", + "text": "The VNF **MUST** support ONAP Controller's **Rebuild** command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-38236", + "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n**MUST** be declared type ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-384337", + "text": "The VNF documentation **MUST** contain a list of the files within the VNF\npackage that are static during the VNF's runtime.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-38474", + "text": "A VNF's Base Module **MUST** have a corresponding Environment File.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-39067", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_name`` parameter **MUST** be\ndeclared as ``vf_module_name`` and the parameter **MUST**\nbe defined as type: ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-39349", + "text": "A VNF Heat Orchestration Template **MUST NOT** be designed to utilize the\nOpenStack ``heat stack-update`` command for scaling (growth/de-growth).", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-39402", + "text": "A VNF's Heat Orchestration Template **MUST** contain the\nsection ``description:``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-39562", + "text": "The VNF **MUST** disable unnecessary or vulnerable cgi-bin programs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-39604", + "text": "The VNF **MUST** provide the capability of testing the\nvalidity of a digital certificate by checking the Certificate Revocation\nList (CRL) for the certificates of that type to ensure that the\ncertificate has not been revoked.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-39650", + "text": "The VNF **SHOULD** provide the ability to test incremental\ngrowth of the VNF.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-39841", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_{network-role}_ip_{index}``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-40293", + "text": "The xNF **MUST** make available playbooks that conform\nto the ONAP requirement.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-40499", + "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``flavor`` even if more than one ``{vm-type}`` shares the same flavor.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-40518", + "text": "A VNF's Heat Orchestration Template's parameter defined\nin a non-nested YAML file as type\n``string`` **MAY** have a parameter constraint defined.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-40551", + "text": "A VNF's Heat Orchestration Template's Nested YAML files **MAY**\n(or **MAY NOT**) contain the section ``resources:``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-40813", + "text": "The VNF **SHOULD** support the use of virtual trusted platform\nmodule.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-40820", + "text": "The VNF provider MUST enumerate all of the open source licenses\ntheir VNF(s) incorporate. CSAR License directory as per ETSI SOL004.\n\nfor example ROOT\\\\Licenses\\\\ **License_term.txt**", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-40827", + "text": "The xNF provider **MUST** enumerate all of the open\nsource licenses their xNF(s) incorporate.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-408813", + "text": "The VNF, when publishing events, **MUST** pass all information it is\nable to collect even if the information field is identified as optional.\nHowever, if the data cannot be collected, then optional fields can be\nomitted.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-40971", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-41159", + "text": "The VNF **MUST** deliver any and all functionality from any\nVNFC in the pool (where pooling is the most suitable solution). The\nVNFC pool member should be transparent to the client. Upstream and\ndownstream clients should only recognize the function being performed,\nnot the member performing it.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-41215", + "text": "The VNF **MAY** have zero to many \"incremental\" modules.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-41252", + "text": "The VNF **MUST** support the capability of online storage of\nsecurity audit logs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-41430", + "text": "The xNF **MUST** support APPC/SDN-C ``HealthCheck`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-41492", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 Virtual IP (VIP)\naddress is assigned via ONAP automation\nusing the property ``allowed_address_pairs``\nmap property ``ip_address`` and\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_floating_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as type ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-41825", + "text": "The VNF **MUST** activate security alarms automatically when\na configurable number of consecutive unsuccessful login attempts\nis reached.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-41829", + "text": "The xNF **MUST** be able to specify the granularity of the\nlock via a restricted or full XPath expression.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-41888", + "text": "A VNF's Heat Orchestration Template intrinsic function\n``get_file`` **MUST NOT** utilize URL-based file retrieval.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-41956", + "text": "If a VNF requires ONAP to assign a Virtual IP (VIP) Address to\nports connected an external network, the port\n**MUST NOT** have more than one IPv6 VIP address.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-41994", + "text": "The VNF **MUST** support the use of X.509 certificates issued from any\nCertificate Authority (CA) that is compliant with RFC5280, e.g., a public\nCA such as DigiCert or Let's Encrypt, or an RFC5280 compliant Operator\nCA.\n\nNote: The VNF provider cannot require the use of self-signed certificates\nin an Operator's run time environment.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-42018", + "text": "The xNF Package **MUST** include documentation which must include\nall events (fault, measurement for xNF Scaling, Syslogs, State Change\nand Mobile Flow), that need to be collected at each VM, VNFC (defined in `VNF Guidelines <https://onap.readthedocs.io/en/latest/submodules/vnfrqts/guidelines.git/docs/vnf_guidelines/vnf_guidelines.html>`__ ) and for the overall xNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-42140", + "text": "The xNF **MUST** respond to data requests from ONAP as soon\nas those requests are received, as a synchronous response.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-42207", + "text": "The VNF **MUST** design resiliency into a VNF such that the\nresiliency deployment model (e.g., active-active) can be chosen at\nrun-time.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-42366", + "text": "The xNF **MUST** support secure connections and transports such as\nTransport Layer Security (TLS) protocol\n[`RFC5246 <https://tools.ietf.org/html/rfc5246>`_] and should adhere to\nthe best current practices outlined in\n`RFC7525 <https://tools.ietf.org/html/rfc7525>`_.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-42685", + "text": "A VNF's Heat Orchestration template's Environment File's\n**MAY** contain the ``parameter_merge_strategies:`` section.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-42874", + "text": "The VNF **MUST** allow the Operator to restrict access based on\nthe assigned permissions associated with an ID in order to support\nLeast Privilege (no more privilege than required to perform job\nfunctions).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-43253", + "text": "The xNF **MUST** use playbooks designed to allow Ansible\nServer to infer failure or success based on the \"PLAY_RECAP\" capability.\n\n**Note**: There are cases where playbooks need to interpret results\nof a task and then determine success or failure and return result\naccordingly (failure for failed tasks).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-43327", + "text": "The xNF **SHOULD** use `Modeling JSON text with YANG\n<https://tools.ietf.org/html/rfc7951>`_, If YANG models need to be\ntranslated to and from JSON{RFC7951]. YANG configuration and content can\nbe represented via JSON, consistent with Avro, as described in \"Encoding\nand Serialization\" section.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-43332", + "text": "The VNF **MUST** activate security alarms automatically when\nit detects the successful modification of a critical system or\napplication file.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-43353", + "text": "The xNF **MUST** return control from Ansible Playbooks only after all\ntasks performed by playbook are fully complete, signaling that the\nplaybook completed all tasks. When starting services, return control\nonly after all services are up. This is critical for workflows where\nthe next steps are dependent on prior tasks being fully completed.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-43413", + "text": "A VNF **MUST** utilize a modular Heat Orchestration Template design to\nsupport scaling (growth/de-growth).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-43740", + "text": "VNF's Heat Orchestration Template's Resource **MAY** declare the\nattribute ``deletion_policy:``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-43884", + "text": "The VNF **SHOULD** integrate with the Operator's authentication and\nauthorization services (e.g., IDAM).", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-43958", + "text": "The xNF Package **MUST** include documentation describing\nthe tests that were conducted by the xNF provider and the test results.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-44001", + "text": "A VNF's Heat Orchestration Template parameter declaration **MUST**\ncontain the attribute ``description``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-44013", + "text": "The xNF **MUST** populate an attribute, defined as node\n['PushJobOutput'] with the desired output on all nodes in the push job\nthat execute chef-client run if the xNF action requires the output of a\nchef-client run be made available (e.g., get running configuration).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-440220", + "text": "The xNF **SHOULD** support File transferring protocol, such as FTPES or SFTP,\nwhen supporting the event-driven bulk transfer of monitoring data.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-44125", + "text": "The xNF provider **MUST** agree to the process that can\nbe met by Service Provider reporting infrastructure. The Contract\nshall define the reporting process and the available reporting tools.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-44271", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``name`` parameter value **SHOULD NOT** contain special characters\nsince the Contrail GUI has a limitation displaying special characters.\n\nHowever, if special characters must be used, the only special characters\nsupported are: --- \\\" ! $ ' (\\ \\ ) = ~ ^ | @ ` { } [ ] > , . _", + "keyword": "SHOULD NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-44281", + "text": "The xNF **MUST** implement the protocol operation:\n``edit-config(target, default-operation, test-option, error-option,\nconfig)`` - Edit the target configuration data store by merging,\nreplacing, creating, or deleting new config elements.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-44290", + "text": "The xNF **MUST** control access to ONAP and to xNFs, and creation\nof connections, through secure credentials, log-on and exchange mechanisms.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-44318", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vnf_name``\nparameter ``vnf_name`` **MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-44569", + "text": "The xNF provider **MUST NOT** require additional\ninfrastructure such as a xNF provider license server for xNF provider\nfunctions and metrics.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-44723", + "text": "The VNF **MUST** use symmetric keys of at least 112 bits in length.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-44896", + "text": "The VNF Package **MUST** include VM requirements via a Heat\ntemplate that provides the necessary data for high availability\nredundancy model.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-45188", + "text": "The VNF's Heat Orchestration Template's Resource 'OS::Nova::Server' property\n``flavor`` parameter name **MUST** follow the naming convention\n``{vm-type}_flavor_name``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-45197", + "text": "The xNF **MUST** define the \"from=\" clause to provide the list of IP\naddresses of the Ansible Servers in the Cluster, separated by coma, to\nrestrict use of the SSH key pair to elements that are part of the Ansible\nCluster owner of the issued and assigned mechanized user ID.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-45602", + "text": "If a VNF's Port is attached to a network (internal or external)\nand the port's IP addresses are cloud assigned by OpenStack's DHCP\nService, the ``OS::Neutron::Port`` Resource's\n\n* property ``fixed_ips`` map property ``ip_address`` **MUST NOT** be used\n* property ``fixed_ips`` map property ``subnet``\n **MAY** be used", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-45719", + "text": "The VNF **MUST**, if not integrated with the Operator's Identity and Access\nManagement system, or enforce a configurable \"terminate idle sessions\"\npolicy by terminating the session after a configurable period of inactivity.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-45856", + "text": "The xNF **MUST** support APPC/SDN-C ``UpgradePostCheck`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46096", + "text": "A VNF's Heat Orchestration template's Environment File's\n**MAY** contain the ``encrypted_parameters:`` section.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46119", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::CinderVolume``\n**MAY** be defined in a Base Module.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46128", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::InstanceIp``\nthat is configuring an IPv6 Address on a port attached to an external network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}_v6_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` is the instance of the virtual machine interface\n (e.g., port) on the vm-type\n attached to the network of {network-role}\n* ``v6_IP`` signifies that an IPv6 address is being configured\n* ``{index}`` is the index of the IPv6 address", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-46290", + "text": "The xNF **MUST** respond to an ONAP request to deliver granular\ndata on device or subsystem status or performance, referencing the YANG\nconfiguration model for the xNF by returning the requested data elements.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46461", + "text": "A VNF's port connected to an internal network **MUST NOT** use the port\nfor the purpose of reaching VMs in another VNF and/or an\nexternal gateway and/or\nexternal router.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-465236", + "text": "The VNF **SHOULD** provide the capability of maintaining the integrity of\nits static files using a cryptographic method.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46527", + "text": "A VNFD is a deployment template which describes a VNF in terms of\ndeployment and operational behavior requirements. It contains\nvirtualized resources (nodes) requirements as well as connectivity\nand interfaces requirements and **MUST** comply with info elements\nspecified in ETSI GS NFV-IFA 011. The main parts of the VNFD are\nthe following:\n\n - VNF topology: it is modeled in a cloud agnostic way using virtualized\n containers and their connectivity. Virtual Deployment Units (VDU)\n describe the capabilities of the virtualized containers, such as\n virtual CPU, RAM, disks; their connectivity is modeled with VDU\n Connection Point Descriptors (VduCpd), Virtual Link Descriptors\n (VnfVld) and VNF External Connection Point Descriptors\n (VnfExternalCpd);\n\n - VNF deployment aspects: they are described in one or more\n deployment flavours, including configurable parameters, instantiation\n levels, placement constraints (affinity / antiaffinity), minimum and\n maximum VDU instance numbers. Horizontal scaling is modeled with\n scaling aspects and the respective scaling levels in the deployment\n flavours;\n\n**Note**: The deployment aspects (deployment flavour etc.) are postponed\nfor future ONAP releases.\n\n - VNF lifecycle management (LCM) operations: describes the LCM operations\n supported per deployment flavour, and their input parameters;\n Note, thatthe actual LCM implementation resides in a different layer,\n namely referring to additional template artifacts.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46567", + "text": "The xNF Package **MUST** include configuration scripts\nfor boot sequence and configuration.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46839", + "text": "A VNF's Heat Orchestration Template's use of ``{vm-type}``\nin all Resource IDs **MUST** be the same case.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46851", + "text": "The VNF **MUST** support ONAP Controller's Evacuate command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46908", + "text": "The VNF **MUST**, if not integrated with the Operator's Identity and\nAccess Management system, comply with \"password complexity\" policy. When\npasswords are used, they shall be complex and shall at least meet the\nfollowing password construction requirements: (1) be a minimum configurable\nnumber of characters in length, (2) include 3 of the 4 following types of\ncharacters: upper-case alphabetic, lower-case alphabetic, numeric, and\nspecial, (3) not be the same as the UserID with which they are associated\nor other common strings as specified by the environment, (4) not contain\nrepeating or sequential characters or numbers, (5) not to use special\ncharacters that may have command functions, and (6) new passwords must\nnot contain sequences of three or more characters from the previous\npassword.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46960", + "text": "NCSPs **MAY** operate a limited set of Guest OS and CPU\narchitectures and families, virtual machines, etc.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46968", + "text": "VNF's Heat Orchestration Template's Resource **MAY** declare the\nattribute ``depends_on:``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-46986", + "text": "The VNF **SHOULD** have source code scanned using scanning\ntools (e.g., Fortify) and provide reports.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-47061", + "text": "A VNF's Heat Orchestration Template's OS::Nova::Server\nResource **SHOULD** contain the metadata map value parameter\n'workload_context'.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-47068", + "text": "The xNF **MAY** expose a single endpoint that is\nresponsible for all functionality.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-470963", + "text": "The VNF, when publishing events, **MUST** leverage camel case to separate\nwords and acronyms used as keys that will be sent through extensible fields.\nWhen an acronym is used as the key, then only the first letter shall be\ncapitalized.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-47204", + "text": "The VNF **MUST** be capable of protecting the confidentiality and integrity\nof data at rest and in transit from unauthorized access and modification.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-47597", + "text": "The xNF **MUST** carry data in motion only over secure connections.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-47849", + "text": "The xNF provider **MUST** support the metadata about\nlicenses (and their applicable entitlements) as defined in this\ndocument for xNF software, and any license keys required to authorize\nuse of the xNF software. This metadata will be used to facilitate\nonboarding the xNF into the ONAP environment and automating processes\nfor putting the licenses into use and managing the full lifecycle of\nthe licenses. The details of this license model are described in\nTables C1 to C8 in the Appendix.\n\nNote: License metadata support in ONAP is not currently available\nand planned for 1Q 2018.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-47874", + "text": "A VNF **MAY** have\n * Only an IPv4 OAM Management IP Address\n * Only an IPv6 OAM Management IP Address\n * Both a IPv4 and IPv6 OAM Management IP Addresses", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-479386", + "text": "The VNF **MUST NOT** display \"Welcome\" notices or messages that could\nbe misinterpreted as extending an invitation to unauthorized users.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-48067", + "text": "A VNF's Heat Orchestration Template's ``{vm-type}`` **MUST NOT** be a\nsubstring\nof ``{network-role}``.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-48080", + "text": "The VNF **SHOULD** support an automated certificate management protocol\nsuch as CMPv2, Simple Certificate Enrollment Protocol (SCEP) or\nAutomated Certificate Management Environment (ACME).", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-481670", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``flavor`` value **MUST** be be obtained via a ``get_param``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-48247", + "text": "The xNF **MUST** support APPC ``ConfigRestore`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-48356", + "text": "The VNF **MUST** fully exploit exception handling to the extent\nthat resources (e.g., threads and memory) are released when no longer\nneeded regardless of programming language.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-48470", + "text": "The VNF **MUST** support Real-time detection and\nnotification of security events.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-48596", + "text": "The xNF Package **MUST** include documentation describing\nthe characteristics for the xNF reliability and high availability.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-48698", + "text": "The xNF **MUST** utilize information from key value pairs that will be\nprovided by the Ansible Server as \"extra-vars\" during invocation to\nexecute the desired xNF action. The \"extra-vars\" attribute-value pairs\nare passed to the Ansible Server by an APPC/SDN-C as part of the\nRest API request. If the playbook requires files, they must also be\nsupplied using the methodology detailed in the Ansible Server API, unless\nthey are bundled with playbooks, example, generic templates. Any files\ncontaining instance specific info (attribute-value pairs), not obtainable\nfrom any ONAP inventory databases or other sources, referenced and used an\ninput by playbooks, shall be provisioned (and distributed) in advance of\nuse, e.g., xNF instantiation. Recommendation is to avoid these instance\nspecific, manually created in advance of instantiation, files.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-48761", + "text": "The VNF **MUST** support ONAP Controller's Snapshot command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-48880", + "text": "If a VNF's Port is attached to an external network and the port's\nIP addresses are assigned by ONAP's SDN-Controller,\nthe ``OS::Neutron::Port`` Resource's\n\n* property ``fixed_ips`` map property ``ip_address`` **MUST** be used\n* property ``fixed_ips`` map property ``subnet``\n **MUST NOT** be used", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-48917", + "text": "The VNF **MUST** monitor for and alert on (both sender and\nreceiver) errant, running longer than expected and missing file transfers,\nso as to minimize the impact due to file transfer errors.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-48987", + "text": "If the VNF's OAM Management IP Address is cloud assigned and\nand the OAM IP Address is required to be inventoried in ONAP A&AI,\nthen the parameter **MUST** be obtained by the\nresource ``OS::Neutron::Port``\nattribute ``ip_address``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-49036", + "text": "The xNF **SHOULD** conform its YANG model to RFC 7277,\n\"A YANG Data Model for IP Management\".", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-49109", + "text": "The VNF **MUST** support HTTP/S using TLS v1.2 or higher\nwith strong cryptographic ciphers.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-49145", + "text": "The xNF **MUST** implement ``:confirmed-commit`` If\n``:candidate`` is supported.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-49224", + "text": "The VNF **MUST** provide unique traceability of a transaction\nthrough its life cycle to ensure quick and efficient troubleshooting.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-49308", + "text": "The VNF **SHOULD** test for adherence to the defined resiliency\nrating recommendation at each layer, during each delivery cycle with\ndelivered results, so that the resiliency rating is measured and the\ncode is adjusted to meet software resiliency requirements.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-49396", + "text": "The xNF **MUST** support each APPC/SDN-C xNF action\nby invocation of **one** playbook [#7.3.4]_. The playbook will be responsible\nfor executing all necessary tasks (as well as calling other playbooks)\nto complete the request.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-49466", + "text": "The xNF **MUST** support APPC/SDN-C ``UpgradeSoftware`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-49751", + "text": "The xNF **MUST** support Ansible playbooks that are compatible with\nAnsible version 2.6 or later.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-49911", + "text": "The xNF provider **MUST** assign a new point release to the updated\nplaybook set. The functionality of a new playbook set must be tested before\nit is deployed to the production.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-50011", + "text": "A VNF's Heat Orchestration Template's ``OS::Heat::ResourceGroup``\nproperty ``count`` **MUST** be enumerated in the VNF's\nHeat Orchestration Template's Environment File and **MUST** be\nassigned a value.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-50252", + "text": "The xNF **MUST** write to a response file in JSON format that will be\nretrieved and made available by the Ansible Server if, as part of a xNF\naction (e.g., audit), a playbook is required to return any xNF\ninformation/response. The text files must be written in the main playbook\nhome directory, in JSON format. The JSON file must be created for the xNF\nwith the name '<xNF name>_results.txt'. All playbook output results, for\nall xNF VMs, to be provided as a response to the request, must be written\nto this response file.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-50436", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``flavor`` parameter **MUST** be declared as type: ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-50468", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` that is attaching to an internal network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port (i.e. virtual machine interface) is attached to\n* ``{vmi_index}`` is the instance of the vmi on the vm-type\n attached to the network of ``{network-role}``", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-50816", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property ``metadata`` **MAY**\ncontain the key/value pair ``vf_module_index``\nand the value **MUST** be obtained via a ``get_param``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-511776", + "text": "When a VNF's Heat Orchestration Template is ready\nto be on-boarded to ONAP,\nall files composing the VNF Heat Orchestration Template\n**MUST** be placed in a flat (i.e., non-hierarchical) directory and\narchived using ZIP. The resulting ZIP file is uploaded into ONAP.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-51347", + "text": "The VNF package **MUST** be arranged as a CSAR archive as specified in\nTOSCA Simple Profile in YAML 1.2.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-51430", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``name`` parameter **MUST** be declared as either type ``string``\nor type ``comma_delimited_list``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-51442", + "text": "The xNF **SHOULD** use playbooks that are designed to\nautomatically 'rollback' to the original state in case of any errors\nfor actions that change state of the xNF (e.g., configure).\n\n**Note**: In case rollback at the playbook level is not supported or\npossible, the xNF provider shall provide alternative rollback\nmechanism (e.g., for a small xNF the rollback mechanism may rely\non workflow to terminate and re-instantiate VNF VMs and then re-run\nplaybook(s)). Backing up updated files is also recommended to support\nrollback when soft rollback is feasible.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-52060", + "text": "The VNF **MUST** provide the capability to configure encryption\nalgorithms or devices so that they comply with the laws of the jurisdiction\nin which there are plans to use data encryption.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-520802", + "text": "The xNF provider **MUST** provide a YAML file formatted in adherence with\nthe :doc:`VES Event Registration specification <../../../../vnfsdk/model.git/docs/files/VESEventRegistration_3_0>`\nthat defines the following information for each event produced by the VNF:\n\n* ``eventName``\n* Required fields\n* Optional fields\n* Any special handling to be performed for that event", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-52425", + "text": "A VNF's port connected to an internal network **MUST**\nuse the port for the purpose of reaching VMs in the same VNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-52499", + "text": "The VNF **MUST** meet their own resiliency goals and not rely\non the Network Cloud.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-52753", + "text": "VNF's Heat Orchestration Template's Base Module's output parameter's\nname and type **MUST** match the VNF's Heat Orchestration Template's\nincremental Module's name and type.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-52870", + "text": "The VNF **MUST** provide a method of metrics gathering\nand analysis to evaluate the resiliency of the software from both\na granular as well as a holistic standpoint. This includes, but is\nnot limited to thread utilization, errors, timeouts, and retries.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-528866", + "text": "The VNF **MUST** produce VES events that include the following mandatory\nfields in the common event header.\n\n * ``domain`` - the event domain enumeration\n * ``eventId`` - the event key unique to the event source\n * ``eventName`` - the unique event name\n * ``lastEpochMicrosec`` - the latest unix time (aka epoch time) associated\n with the event\n * ``priority`` - the processing priority enumeration\n * ``reportingEntityName`` - name of the entity reporting the event or\n detecting a problem in another xNF\n * ``sequence`` - the ordering of events communicated by an event source\n * ``sourceName`` - name of the entity experiencing the event issue, which\n may be detected and reported by a separate reporting entity\n * ``startEpochMicrosec`` - the earliest unix time (aka epoch time)\n associated with the event\n * ``version`` - the version of the event header\n * ``vesEventListenerVersion`` - Version of the VES event listener API spec\n that this event is compliant with", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-53015", + "text": "The xNF **MUST** apply locking based on the sequence of\nNETCONF operations, with the first configuration operation locking\nout all others until completed.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-53310", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::InstanceIp``\nthat is configuring an IPv4 Address on a port attached to an external network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the {vm-type}\n* ``{network-role}`` is the network-role of the network that the port is attached to\n* ``{vmi_index}`` is the instance of the virtual machine interface\n (e.g., port) on the vm-type attached to the network of {network-role}\n* ``IP`` signifies that an IPv4 address is being configured\n* ``{index}`` is the index of the IPv4 address", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-53317", + "text": "The xNF **MUST** conform its YANG model to RFC 6087,\n\"Guidelines for Authors and Reviewers of YANG Data Model Documents\".", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-53433", + "text": "A VNF's Cinder Volume Module **MUST** have a corresponding environment file", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-53598", + "text": "The xNF Package **MUST** include documentation to, when relevant,\nprovide a threshold crossing alert point for each KPI and describe the\nsignificance of the threshold crossing.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-53952", + "text": "A VNF's Heat Orchestration Template's Resource\n**MUST NOT** reference a HTTP-based resource definitions.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-54171", + "text": "When the VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` parameter is defined as a ``string``,\nthe parameter name **MUST** follow the naming convention\n\n* ``{vm-type}_name_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at\nzero in a VNF's Heat Orchestration Template and **MUST** increment by one.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-54190", + "text": "The xNF **MUST** release locks to prevent permanent lock-outs\nwhen/if a session applying the lock is terminated (e.g., SSH session\nis terminated).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-54340", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_index`` parameter **MUST**\nbe declared as ``vf_module_index`` and the parameter **MUST** be\ndefined as type: ``number``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-54356", + "text": "The below table includes the data types used by NFV node and is based\non TOSCA/YAML constructs specified in draft GS NFV-SOL 001. The node\ndata definitions/attributes used in VNFD **MUST** comply with the below\ntable.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-54373", + "text": "The xNF **MUST** have Python >= 2.6 on the endpoint VM(s)\nof a xNF on which an Ansible playbook will be executed.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-54430", + "text": "The VNF **MUST** use the NCSP's supported library and compute\nflavor that supports DPDK to optimize network efficiency if using DPDK. [#4.1.1]_", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-54517", + "text": "When a VNF's Heat Orchestration Template's resource is associated with\na single ``{vm-type}``, the Resource ID **MUST** contain the\n``{vm-type}``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-54520", + "text": "The VNF **MUST** log successful and unsuccessful authentication\nattempts, e.g., authentication associated with a transaction,\nauthentication to create a session, authentication to assume elevated\nprivilege.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-54816", + "text": "The VNF **MUST** support the storage of security audit logs for a\nconfigurable period of time.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-54876", + "text": "The below table describes the data types used for LCM configuration\nand is based on TOSCA constructs specified in draft GS NFV-SOL 001.\nThe LCM configuration data elements used in VNFD **MUST** comply\nwith the below table.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-54930", + "text": "The VNF **MUST** implement the following input validation controls:\nDo not permit input that contains content or characters inappropriate\nto the input expected by the design. Inappropriate input, such as\nSQL expressions, may cause the system to execute undesirable and\nunauthorized transactions against the database or allow other\ninappropriate access to the internal network (injection attacks).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-55218", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vnf_id`` parameter ``vnf_id`` **MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-55306", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vf_module_index`` **MUST NOT**\nbe used in a ``OS::Cinder::Volume`` resource and **MUST NOT** be\nused in VNF's Volume template;\nit is not supported.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-55345", + "text": "The VNF **SHOULD** use techniques such as \"lazy loading\" when\ninitialization includes loading catalogues and/or lists which can grow\nover time, so that the VNF startup time does not grow at a rate\nproportional to that of the list.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-55478", + "text": "The VNF **MUST** log logoffs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-55802", + "text": "The VNF Package **MUST** include VM requirements via a Heat\ntemplate that provides the necessary data for scaling/growth VM\nspecifications.\n\nNote: Must comply with the *Heat requirements in 5.b*.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-56183", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata``key/value pair ``environment_context``\nparameter ``environment_context`` **MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-56218", + "text": "The VNF **MUST** support ONAP Controller's Migrate command that\nmoves container (VM) from a live Physical Server / Compute Node to\nanother live Physical Server / Compute Node.\n\n Note: Container migrations MUST be transparent to the VNF and no more intrusive than a stop,\n followed by some down time for the migration to be performed from one Compute Node / Physical\n Server to another, followed by a start of the same VM with same configuration on the new\n Compute Node / Physical Server.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-56287", + "text": "If the VNF's OAM Management IP Address is assigned by ONAP SDN-C and\nassigned in the VNF's Heat Orchestration Template's via a heat resource\n``OS::Neutron::Port`` property ``fixed_ips`` map property\n``ip_adress`` parameter (e.g., ``{vm-type}_{network-role}_ip_{index}``,\n``{vm-type}_{network-role}_v6_ip_{index}``)\nand the OAM IP Address is required to be inventoried in ONAP A&AI,\nthen the parameter **MUST** be echoed in an output statement.\n\n.. code-block:: yaml\n\n outputs:\n oam_management_v4_address:\n value: {get_param: {vm-type}_{network-role}_ip_{index} }\n oam_management_v6_address:\n value: {get_param: {vm-type}_{network-role}_v6_ip_{index} }", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-56385", + "text": "The xNF **MUST** support APPC ``Audit`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-56438", + "text": "A VNF's Heat Orchestration Template's Nested YAML file extension **MUST**\nbe in the lower case format ``.yaml`` or ``.yml``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-56718", + "text": "The PNF Vendor **MAY** provide software version(s) to be supported by PNF\nfor SDC Design Studio PNF Model. This is set in the PNF Model property\nsoftware_versions.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-56721", + "text": "A VNF's Incremental Module **MAY** utilize nested heat.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-56793", + "text": "The VNF **MUST** test for adherence to the defined performance\nbudgets at each layer, during each delivery cycle with delivered\nresults, so that the performance budget is measured and the code\nis adjusted to meet performance budget.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-56815", + "text": "The xNF Package **MUST** include documentation describing\nsupported xNF scaling capabilities and capacity limits (e.g., number\nof users, bandwidth, throughput, concurrent calls).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-56904", + "text": "The VNF **MUST** interoperate with the ONAP (SDN) Controller so that\nit can dynamically modify the firewall rules, ACL rules, QoS rules, virtual\nrouting and forwarding rules.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-56920", + "text": "The VNF **MUST** protect all security audit logs (including\nAPI, OS and application-generated logs), security audit software, data,\nand associated documentation from modification, or unauthorized viewing,\nby standard OS access control mechanisms, by sending to a remote system,\nor by encryption.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-570134", + "text": "The events produced by the xNF **MUST** must be compliant with the common\nevent format defined in the\n:doc:`VES Event Listener<../../../../vnfsdk/model.git/docs/files/VESEventListener_7_0_1>`\nspecification.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-57282", + "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``image`` even if more than one ``{vm-type}`` shares the same image.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-57424", + "text": "A VNF's port connected to an external network **MUST**\nuse the port for the purpose of reaching\nVMs in another VNF and/or an external gateway and/or external router.\nA VNF's port connected to an external network **MAY**\nuse the port for the purpose of reaching VMs in the same VNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-57617", + "text": "The VNF **MUST** include the field \"success/failure\" in the\nSecurity alarms (where applicable and technically feasible).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-57855", + "text": "The VNF **MUST** support hitless staggered/rolling deployments\nbetween its redundant instances to allow \"soak-time/burn in/slow roll\"\nwhich can enable the support of low traffic loads to validate the\ndeployment prior to supporting full traffic loads.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-579051", + "text": "The PNF **MAY** support a HTTP connection to the DCAE VES Event Listener.\n\nNote: HTTP is allowed but not recommended.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-581188", + "text": "A failed authentication attempt **MUST NOT** identify the reason for the\nfailure to the user, only that the authentication failed.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-58301", + "text": "The xNF **SHOULD NOT** use playbooks that make requests to\nCloud resources e.g. Openstack (nova, neutron, glance, heat, etc.);\ntherefore, there is no use for Cloud specific variables like Openstack\nUUIDs in Ansible Playbook related artifacts.\n\n**Rationale**: Flows that require interactions with Cloud services e.g.\nOpenstack shall rely on workflows run by an Orchestrator\n(Change Management) or other capability (such as a control loop or\nOperations GUI) outside Ansible Server which can be executed by a\nAPPC/SDN-C. There are policies, as part of Control Loop\nmodels, that send remediation action requests to an APPC/SDN-C; these\nare triggered as a response to an event or correlated events published\nto Event Bus.", + "keyword": "SHOULD NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-58358", + "text": "The xNF **MUST** implement the ``:with-defaults`` capability\n[RFC6243].", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-58370", + "text": "The VNF **SHOULD** operate with anti-virus software which produces alarms\nevery time a virus is detected.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-58421", + "text": "The VNF **SHOULD** be decomposed into granular re-usable VNFCs.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-58424", + "text": "A VNF's Heat Orchestration Template's use of ``{network-role}``\nin all Resource property parameter names **MUST** be the same case.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-58670", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter name **MUST** follow the naming convention\n``{vm-type}_image_name``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-58775", + "text": "The xNF provider **MUST** provide software components that\ncan be packaged with/near the xNF, if needed, to simulate any functions\nor systems that connect to the xNF system under test. This component is\nnecessary only if the existing testing environment does not have the\nnecessary simulators.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-589037", + "text": "A VNF Heat Orchestration Template's Cinder Volume Module resources section\n**MUST** only be defined using one of the following:\n\n* one of more ``OS::Cinder::Volume`` resources\n* one or more ``OS::Heat::ResourceGroup`` resources that call a nested YAML\n file that contains only ``OS::Cinder::Volume`` resources\n* a resource that calls a nested YAML file (static nesting) that contains\n only ``OS::Cinder::Volume`` resources", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-58964", + "text": "The VNF **MUST** provide the capability to restrict read\nand write access to data handled by the VNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-59391", + "text": "The VNF **MUST NOT** allow the assumption of the permissions of another\naccount to mask individual accountability. For example, use SUDO when a\nuser requires elevated permissions such as root or admin.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-59434", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Subnet``\nResource ID **SHOULD** use the naming convention\n\n* ``int_{network-role}_subnet_{index}``\n\nwhere\n\n* ``{network-role}`` is the network-role\n* ``{index}`` is the ``{index}`` of the subnet of the network", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-59482", + "text": "A VNF's Heat Orchestration Template **MUST NOT** be VNF instance\nspecific or cloud site specific.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-59568", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``availability_zone`` parameter **MUST NOT** be enumerated in the Heat\nOrchestration\nTemplate's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-59610", + "text": "The xNF **MUST** implement the data model discovery and\ndownload as defined in [RFC6022].", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-59930", + "text": "A VNF's Heat Orchestration template's Environment File's\n**MAY** contain the ``parameter_defaults:`` section.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-599443", + "text": "A parameter enumerated in a\nVNF's Heat Orchestration Template's environment file **MUST** be declared\nin the\ncorresponding VNF's Heat Orchestration Template's YAML file's\n``parameters:`` section.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-60011", + "text": "A VNF's Heat Orchestration Template **MUST** have no more than two\nlevels of nesting.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-60106", + "text": "The xNF **MUST** implement the protocol operation:\n``get(filter)`` - Retrieve (a filtered subset of) the running\nconfiguration and device state information. This should include\nthe list of xNF supported schemas.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-60656", + "text": "The xNF **MUST** support sub tree filtering.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-61001", + "text": "A shared Heat Orchestration Template resource is a resource that **MUST**\nbe defined in the base module and will be referenced by one or\nmore resources in one or more incremental modules.\n\nThe UUID of the shared resource (created in the base module) **MUST** be\nexposed by declaring a parameter in the\n``outputs`` section of the base module.\n\nFor ONAP to provided the UUID value of the shared resource to the\nincremental module, the parameter name defined in the ``outputs``\nsection of the base module **MUST** be defined as a parameter\nin the ``parameters`` section of the incremental module.\n\nONAP will capture the output parameter name and value in the base module\nand provide the value to the corresponding parameter(s) in the\nincremental module(s).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-61354", + "text": "The VNF **MUST** provide a mechanism (e.g., access control list) to\npermit and/or restrict access to services on the VNF by source,\ndestination, protocol, and/or port.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-62170", + "text": "The xNF **MUST** over-ride any default values for\nconfigurable parameters that can be set by ONAP in the roles,\ncookbooks and recipes.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-62187", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::InstanceIp``\nthat is configuring an IPv4 Address on a port attached to an internal network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` is the instance of the virtual machine interface\n (e.g., port) on the vm-type\n attached to the network of ``{network-role}``\n* ``IP`` signifies that an IPv4 address is being configured\n* ``{index}`` is the index of the IPv4 address", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-62428", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vnf_name`` parameter **MUST**\nbe declared as ``vnf_name`` and the parameter **MUST** be defined as\ntype: ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-62468", + "text": "The xNF **MUST** allow all configuration data to be\nedited through a NETCONF <edit-config> operation. Proprietary\nNETCONF RPCs that make configuration changes are not sufficient.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-62498", + "text": "The VNF **MUST** support encrypted access protocols, e.g., TLS,\nSSH, SFTP.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-62590", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``fixed_ips``\nmap property ``ip_address``\nparameter associated with an external network, i.e.,\n\n * ``{vm-type}_{network-role}_ip_{index}``\n * ``{vm-type}_{network-role}_v6_ip_{index}``\n * ``{vm-type}_{network-role}_ips``\n * ``{vm-type}_{network-role}_v6_ips``\n\n\n**MUST NOT** be enumerated in the Heat Orchestration\nTemplate's Environment File. ONAP provides the IP address\nassignments at orchestration time.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-62802", + "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` is attaching\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv4 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv4 subnet is to be specified\nusing the property ``fixed_ips``\nmap property ``subnet``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-629534", + "text": "The VNF **MUST** be capable of automatically synchronizing the system clock\ndaily with the Operator's trusted time source, to assure accurate time\nreporting in log files. It is recommended that Coordinated Universal Time\n(UTC) be used where possible, so as to eliminate ambiguity owing to daylight\nsavings time.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-62983", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424), the\n``network`` parameter name **MUST**\n\n * follow the naming convention ``{network-role}_net_id`` if the Neutron\n network UUID value is used to reference the network\n * follow the naming convention ``{network-role}_net_name`` if the\n OpenStack network name is used to reference the network.\n\nwhere ``{network-role}`` is the network-role of the external network\nand a ``get_param`` **MUST** be used as the intrinsic function.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-63137", + "text": "VNF's Heat Orchestration Template's Resource **MAY** declare the\nattribute ``update_policy:``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-63229", + "text": "The xNF **MAY** use another option which is expected to include REST\nfor synchronous data, using RESTCONF (e.g., for xNF state polling).", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-63330", + "text": "The VNF **MUST** detect when its security audit log storage\nmedium is approaching capacity (configurable) and issue an alarm.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-63473", + "text": "The VNF **MUST** automatically advertise newly scaled\ncomponents so there is no manual intervention required.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-638216", + "text": "(Error Case) - The PNF **MUST** support a configurable timer to stop the\nperiodicity sending of the pnfRegistration VES event. If this timer expires\nduring a Service Configuration exchange between the PNF and ONAP, it\nMAY log a time-out error and notify an operator.\n\nNote: It is expected that each vendor will enforce and define a PNF\nservice configuration timeout period. This is because the PNF cannot\nwait indefinitely as there may also be a technician on-site trying to\ncomplete installation & commissioning. The management of the VES event\nexchange is also a requirement on the PNF to be developed by the PNF\nvendor.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-638682", + "text": "The VNF **MUST** log any security event required by the VNF Requirements to\nSyslog using LOG_AUTHPRIV for any event that would contain sensitive\ninformation and LOG_AUTH for all other relevant events.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-63935", + "text": "The xNF **MUST** release locks to prevent permanent lock-outs\nwhen a user configured timer has expired forcing the NETCONF SSH Session\ntermination (i.e., product must expose a configuration knob for a user\nsetting of a lock expiration timer).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-63953", + "text": "The xNF **MUST** have the echo command return a zero value\notherwise the validation has failed.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-63956", + "text": "If the VNF's ports connected to a unique external network\nand the port's IP addresses are ONAP SDN-C assigned IP Addresses,\nthe IPv4 Addresses **MAY** be from different subnets and the IPv6\nAddresses **MAY** be from different subnets.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-64445", + "text": "The VNF **MUST** support the ability of a requestor of the\nservice to determine the version (and therefore capabilities) of the\nservice so that Network Cloud Service Provider can understand the\ncapabilities of the service.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-64713", + "text": "The VNF **SHOULD** support a software promotion methodology\nfrom dev/test -> pre-prod -> production in software, development &\ntesting and operations.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-64768", + "text": "The VNF **MUST** limit the size of application data packets\nto no larger than 9000 bytes for SDN network-based tunneling when\nguest data packets are transported between tunnel endpoints that\nsupport guest logical networks.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-65134", + "text": "The VNF **SHOULD** maintain state in a geographically\nredundant datastore that may, in fact, be its own VNFC.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-65486", + "text": "The VNFD **MUST** comply with ETSI GS NFV-SOL001 document endorsing\nthe above mentioned NFV Profile and maintaining the gaps with the\nrequirements specified in ETSI GS NFV-IFA011 standard.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-65515", + "text": "The VNF **MUST** provide a mechanism and tool to start VNF\ncontainers (VMs) without impacting service or service quality assuming\nanother VNF in same or other geographical location is processing service\nrequests.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-65516", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Nova::Keypair`` applies to\nall Virtual Machines in the VNF, the Resource ID **SHOULD** use the naming\nconvention\n\n* ``{vnf-type}_keypair``\n\nwhere\n\n* ``{vnf-type}`` describes the VNF", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-65618", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::ServiceHealthCheck`` Resource ID **MAY** use the naming convention\n\n* ``{vm-type}_RSHC_{LEFT|RIGHT}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RSHC`` signifies that it is the Resource Service Health Check\n* ``LEFT`` is used if the Service Health Check is on the left interface\n* ``RIGHT`` is used if the Service Health Check is on the right interface", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-65641", + "text": "The xNF **MUST** support APPC/SDN-C ``UpgradeBackOut`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-65755", + "text": "The xNF **SHOULD** support callback URLs to return information\nto ONAP upon completion of the chef-client run for any chef-client run\nassociated with a xNF action.\n\n- As part of the push job, ONAP will provide two parameters in the\n environment of the push job JSON object:\n\n - \"RequestId\" a unique Id to be used to identify the request,\n - \"CallbackUrl\", the URL to post response back.\n\n- If the CallbackUrl field is empty or missing in the push job, then\n the chef-client run need not post the results back via callback.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-659655", + "text": "The xNF **SHOULD** leverage the JSON-driven model, as depicted in Figure 2,\nfor data delivery unless there are specific performance or operational\nconcerns agreed upon by the Service Provider that would warrant using an\nalternate model.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-66070", + "text": "The xNF Package **MUST** include xNF Identification Data to\nuniquely identify the resource for a given xNF provider. The identification\ndata must include: an identifier for the xNF, the name of the xNF as was\ngiven by the xNF provider, xNF description, xNF provider, and version.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-663631", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` value **MUST** be be obtained via a ``get_param``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-66793", + "text": "The xNF **MUST** guarantee the xNF configuration integrity\nfor all simultaneous configuration operations (e.g., if a change is\nattempted to the BUM filter rate from multiple interfaces on the same\nEVC, then they need to be sequenced in the xNF without locking either\nconfiguration method out).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-67114", + "text": "The xNF **MUST** be installed with Chef-Client >= 12.0 and Chef\npush jobs client >= 2.0.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-67124", + "text": "The xNF **MUST** provide Ansible playbooks that are designed to run using\nan inventory hosts file in a supported format; with group names matching\nVNFC 3-character string adding \"vip\" for groups with virtual IP addresses\nshared by multiple VMs as seen in examples provided in Appendix.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-67231", + "text": "A VNF's Heat Orchestration template's Environment File's\n**MUST NOT** contain the ``resource_registry:`` section.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-67386", + "text": "A VNF's Heat Orchestration Template's Resource **MAY** declare the\nattribute ``metadata``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-67597", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vm_role`` parameter ``vm_role``\n**MUST NOT** have parameter constraints defined.", + "keyword": "MUST NOT", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-67709", + "text": "The VNF **MUST** be designed, built and packaged to enable\ndeployment across multiple fault zones (e.g., VNFCs deployed in\ndifferent servers, racks, OpenStack regions, geographies) so that\nin the event of a planned/unplanned downtime of a fault zone, the\noverall operation/throughput of the VNF is maintained.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-67793", + "text": "When a VNF's Heat Orchestration Template's resource is associated\nwith more than one ``{vm-type}`` and/or more than one internal and/or\nexternal network, the Resource ID **MUST** not contain the ``{vm-type}``\nand/or ``{network-role}``/``int_{network-role}``. It also should contain the\nterm ``shared`` and/or contain text that identifies the VNF.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-67895", + "text": "The VNFD provided by VNF vendor may use the below described TOSCA\ncapabilities. An on-boarding entity (ONAP SDC) **MUST** support them.\n\n **tosca.capabilities.nfv.VirtualBindable**\n\n A node type that includes the VirtualBindable capability indicates\n that it can be pointed by **tosca.relationships.nfv.VirtualBindsTo**\n relationship type.\n\n **tosca.capabilities.nfv.VirtualLinkable**\n\n A node type that includes the VirtualLinkable capability indicates\n that it can be pointed by **tosca.relationships.nfv.VirtualLinksTo**\n relationship.\n\n **tosca.capabilities.nfv.ExtVirtualLinkable**\n\n A node type that includes the ExtVirtualLinkable capability\n indicates that it can be pointed by\n **tosca.relationships.nfv.VirtualLinksTo** relationship.\n\n **Note**: This capability type is used in Casablanca how it does\n not exist in the last SOL001 draft\n\n **tosca.capabilities.nfv.VirtualCompute** and\n **tosca.capabilities.nfv.VirtualStorage** includes flavours of VDU", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-67918", + "text": "The VNF **MUST** handle replication race conditions both locally\nand geo-located in the event of a data base instance failure to maintain\nservice continuity.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-68023", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` **SHOULD**\ncontain the key/value pair ``vf_module_name`` and the value **MUST**\nbe obtained via a ``get_param``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-68122", + "text": "A VNF's incremental module **MAY** be deployed more than once,\neither during initial VNF deployment and/or scale out.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-68165", + "text": "The xNF **MUST** encrypt any content containing Sensitive Personal\nInformation (SPI) or certain proprietary data, in addition to applying the\nregular procedures for securing access and delivery.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-681859", + "text": "A VNF's Heat Orchestration Template's ``OS::Neutron::Port`` resource's\n\n* Resource ID (defined in R-20453)\n* property ``network`` parameter name (defined in R-62983 and\n R-86182)\n* property ``fixed_ips``, map property ``ip_address`` parameter name\n (defined in R-40971, R-04697, R-71577, R-23503, R-78380, R-85235,\n R-27818, and R-29765)\n* property ``fixed_ips``, map property ``subnet`` parameter name\n (defined in R-62802, R-15287, R-84123, R-76160)\n* property ``allowed_address_pairs`` parameter name (defined in\n R-41492 and R-83418)\n\n**MUST** contain the identical ``{network-role}``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-68198", + "text": "A VNF's Heat Orchestration template's Environment File's\n``parameters:`` section **MAY** (or **MAY NOT**) enumerate parameters.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-68200", + "text": "The xNF **MUST** support the ``:url`` value to specify\nprotocol operation source and target parameters. The capability URI\nfor this feature will indicate which schemes (e.g., file, https, sftp)\nthat the server supports within a particular URL value. The 'file'\nscheme allows for editable local configuration databases. The other\nschemes allow for remote storage of configuration databases.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-68520", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is creating a *Reserve Port* with an IPv6 address Resource ID\n**SHOULD** use the naming convention\n\n* ``reserve_port_{vm-type}_{network-role}_floating_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{index}`` is the instance of the IPv6 *Reserve Port*\n for the vm-type attached to the network of ``{network-role}``", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-686466", + "text": "The PNF **MUST** support sending a pnfRegistration VES event.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-68990", + "text": "The xNF **MUST** support the ``:startup`` capability. It\nwill allow the running configuration to be copied to this special\ndatabase. It can also be locked and unlocked.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-69014", + "text": "When a VNF's port connects to an internal network or external network,\na network role, referred to\nas the ``{network-role}`` **MUST** be assigned to the network for\nuse in the VNF's Heat Orchestration Template. The ``{network-role}``\nis used in the VNF's Heat Orchestration Template resource IDs\nand resource property parameter names.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-69431", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``flavor`` parameter **MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and a value **MUST** be assigned.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-69565", + "text": "The xNF Package **MUST** include documentation describing xNF\nManagement APIs, which must include information and tools for ONAP to\ndeploy and configure (initially and ongoing) the xNF application(s)\n(e.g., NETCONF APIs) which includes a description of configurable\nparameters for the xNF and whether the parameters can be configured\nafter xNF instantiation.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-69588", + "text": "When a VNF's Heat Orchestration Template's Virtual Machine\n(i.e., ``OS::Nova::Server`` Resource) boots from Cinder Volume, the\n``OS::Nova::Server`` resource property\n``block_device_mapping`` or ``block_device_mapping_v2``\n**MUST** be used.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-69610", + "text": "The VNF **MUST** provide the capability of using X.509 certificates\nissued by an external Certificate Authority.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-69634", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n``int_{network-role}_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-69649", + "text": "The VNF Provider **MUST** have patches available for vulnerabilities\nin the VNF as soon as possible. Patching shall be controlled via change\ncontrol process with vulnerabilities disclosed along with\nmitigation recommendations.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-69663", + "text": "A VNF **MAY** be composed from one or more Heat Orchestration\nTemplates, each of which represents a subset of the overall VNF.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-697654", + "text": "The xNF **MAY** leverage the Google Protocol Buffers (GPB) delivery model\ndepicted in Figure 3 to support real-time performance management (PM) data.\nIn this model the VES events are streamed as binary-encoded GBPs over via\nTCP sockets.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-69877", + "text": "The xNF Package **MUST** include documentation for each KPI,\nidentify the suggested actions that need to be performed when a\nthreshold crossing alert event is recorded.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-70013", + "text": "The VNF **MUST NOT** require any manual steps to get it ready for\nservice after a container rebuild.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-70266", + "text": "The xNF **MUST** respond to an ONAP request to deliver the\ncurrent data for any of the record types defined in\n`Event Records - Data Structure Description`_ by returning the requested\nrecord, populated with the current field values. (Currently the defined\nrecord types include fault fields, mobile flow fields, measurements for\nxNF scaling fields, and syslog fields. Other record types will be added\nin the future as they become standardized and are made available.)", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-70276", + "text": "A VNF HEAT's Orchestration Nested Template's YAML file name **MUST NOT**\nbe in the format ``{vm-type}.y[a]ml`` where ``{vm-type}`` is defined\nin the Heat Orchestration Template.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-703767", + "text": "The VNF **MUST** have the capability to securely transmit the security logs\nand security events to a remote system before they are purged from the\nsystem.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-70496", + "text": "The xNF **MUST** implement the protocol operation:\n``commit(confirmed, confirm-timeout)`` - Commit candidate\nconfiguration data store to the running configuration.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-707977", + "text": "When the PNF receives a Service configuration from ONAP, the PNF **MUST**\ncease sending the pnfRegistration VES Event.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-708564", + "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically, the names of the parameters\npassed into the nested YAML file **MUST NOT** change.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-70933", + "text": "The VNF **MUST** provide the ability to migrate to newer\nversions of cryptographic algorithms and protocols with minimal impact.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-70964", + "text": "If a VNF's Port is attached to an internal network and the port's\nIP addresses are statically assigned by the VNF's Heat Orchestration\\\nTemplate (i.e., enumerated in the Heat Orchestration Template's\nenvironment file), the ``OS::Neutron::Port`` Resource's\n\n* property ``fixed_ips`` map property ``ip_address`` **MUST** be used\n* property ``fixed_ips`` map property ``subnet``\n **MUST NOT** be used", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-71152", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter **MUST** be declared as type: ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-71493", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` **MUST**\ncontain the key/value pair ``vf_module_id``\nand the value MUST be obtained via a ``get_param``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-71577", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-71699", + "text": "A VNF's Heat Orchestration Template's Resource\n**MUST NOT** reference a HTTP-based Nested YAML file.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-717227", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nECOMP definition, see Requirements R-52425 and R-46461),\nand an IPv4 Virtual IP (VIP)\naddress is assigned using the property ``allowed_address_pairs``\nmap property ``ip_address``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file.\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-71787", + "text": "Each architectural layer of the VNF (eg. operating system, network,\napplication) **MUST** support access restriction independently of all\nother layers so that Segregation of Duties can be implemented.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-71842", + "text": "The VNF **MUST** include the field \"service or program used for\naccess\" in the Security alarms (where applicable and technically feasible).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-72184", + "text": "The xNF **MUST** have routable FQDNs for all the endpoints\n(VMs) of a xNF that contain chef-clients which are used to register\nwith the Chef Server. As part of invoking xNF actions, ONAP will\ntrigger push jobs against FQDNs of endpoints for a xNF, if required.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-72483", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` **MUST** contain the key/value pair ``vnf_name`` and the\nvalue **MUST** be obtained via a ``get_param``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-72871", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` key/value pair ``vf_module_id`` parameter ``vf_module_id``\n**MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-73067", + "text": "The VNF **MUST** use NIST and industry standard cryptographic\nalgorithms and standard modes of operations when implementing\ncryptography.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-73213", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup`` that\nis applicable to more than one ``{vm-type}`` and one internal network Resource ID\n**SHOULD** use the naming convention\n\n* ``int_{network-role}_security_group``\n\nwhere\n\n* ``{network-role}`` is the network-role", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-73223", + "text": "The VNF **MUST** support proactive monitoring to detect and\nreport the attacks on resources so that the VNFs and associated VMs can\nbe isolated, such as detection techniques for resource exhaustion, namely\nOS resource attacks, CPU attacks, consumption of kernel memory, local\nstorage attacks.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-73285", + "text": "The xNF **MUST** must encode, address and deliver the data\nas described in the previous paragraphs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-73364", + "text": "The VNF **MUST** support at least two major versions of the\nVNF software and/or sub-components to co-exist within production\nenvironments at any time so that upgrades can be applied across\nmultiple systems in a staggered manner.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-73459", + "text": "The xNF **MUST** provide the ability to include a \"from=\" clause in SSH\npublic keys associated with mechanized user IDs created for an Ansible\nServer cluster to use for xNF VM authentication.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-73468", + "text": "The xNF **MUST** allow the NETCONF server connection\nparameters to be configurable during virtual machine instantiation\nthrough Heat templates where SSH keys, usernames, passwords, SSH\nservice and SSH port numbers are Heat template parameters.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-73560", + "text": "The xNF Package **MUST** include documentation about monitoring\nparameters/counters exposed for virtual resource management and xNF\napplication management.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-73583", + "text": "The VNF **MUST** allow changes of configuration parameters\nto be consumed by the VNF without requiring the VNF or its sub-components\nto be bounced so that the VNF availability is not effected.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-74304", + "text": "A VNF's Heat Orchestration Template's Environment file extension **MUST**\nbe in the lower case format ``.env``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-74481", + "text": "The VNF **MUST NOT** require the use of a dynamic routing\nprotocol unless necessary to meet functional requirements.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-74712", + "text": "The VNF **MUST** utilize FQDNs (and not IP address) for\nboth Service Chaining and scaling.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-74763", + "text": "The xNF provider **MUST** provide an artifact per xNF that contains\nall of the xNF Event Records supported. The artifact should include\nreference to the specific release of the xNF Event Stream Common Event\nData Model document it is based on. (e.g.,\n`VES Event Listener <https://onap.readthedocs.io/en/latest/submodules/vnfsdk/model.git/docs/files/VESEventListener.html>`__)", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-74958", + "text": "The VNF **MUST** activate security alarms automatically when\nit detects an unsuccessful attempt to gain permissions\nor assume the identity of another user.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-74978", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``workload_context``\nparameter **MUST**\nbe declared as ``workload_context`` and the parameter **MUST**\nbe defined as type: ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-75041", + "text": "The VNF **MUST**, if not integrated with the Operator's Identity and\nAccess Management system, support configurable password expiration.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-75141", + "text": "A VNF's Heat Orchestration Template's resource name\n(i.e., <resource ID>) **MUST** only contain alphanumeric\ncharacters and underscores ('_').", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-75343", + "text": "The VNF **MUST** provide the capability of testing the\nvalidity of a digital certificate by recognizing the identity represented\nby the certificate - the \"distinguished name\".", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-75608", + "text": "The xNF provider **MUST** provide playbooks to be loaded\non the appropriate Ansible Server.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-756950", + "text": "The VNF **MUST** be operable without the use of Network File System (NFS).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-75850", + "text": "The VNF **SHOULD** decouple persistent data from the VNFC\nand keep it in its own datastore that can be reached by all instances\nof the VNFC requiring the data.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-75943", + "text": "The xNF **SHOULD** support the data schema defined in 3GPP TS 32.435, when\nsupporting the event-driven bulk transfer of monitoring data.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-76014", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::ServiceHealthCheck``\nResource ID\n**MUST**\ncontain the ``{vm-type}``.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-76057", + "text": "VNF Heat Orchestration Template's Nested YAML file name **MUST** contain\nonly alphanumeric characters and underscores '_' and\n**MUST NOT** contain the case insensitive word ``base``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-76160", + "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see Requirements\n R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv6 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv6 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n``int_{network-role}_v6_subnet_id``,\nwhere ``{network-role}`` is the network role of the internal network.\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-763774", + "text": "The PNF **MUST** support a HTTPS connection to the DCAE VES Event\nListener.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-76449", + "text": "A VNF's Heat Orchestration Template's **MUST NOT**\ncontain the Resource ``OS::Neutron::FloatingIPAssociation``.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-76682", + "text": "If a VNF's Heat Orchestration Template\n``OS::ContrailV2::InterfaceRouteTable`` resource\n``interface_route_table_routes`` property\n``interface_route_table_routes_route`` map property parameter\n``{vm-type}_{network-role}_route_prefixes``\n**MUST NOT** be enumerated in the VNF's Heat Orchestration Template's\nEnvironment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-76718", + "text": "If a VNF's Heat Orchestration Template uses the intrinsic function\n``get_file``, the ``get_file`` target **MUST** be referenced in\nthe Heat Orchestration Template by file name.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-76901", + "text": "The VNF **MUST** support a container rebuild mechanism based on existing\nimage (e.g. Glance image in Openstack environment) or a snapshot.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-77334", + "text": "The VNF **MUST** allow configurations and configuration parameters\nto be managed under version control to ensure consistent configuration\ndeployment, traceability and rollback.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-77667", + "text": "The VNF **MUST** test for adherence to the defined performance\nbudget at each layer, during each delivery cycle so that the performance\nbudget is measured and feedback is provided where the performance budget\nis not met.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-77707", + "text": "The xNF provider **MUST** include a Manifest File that\ncontains a list of all the components in the xNF package.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-78010", + "text": "The VNF **MUST** integrate with standard identity and access management\nprotocols such as LDAP, TACACS+, Windows Integrated Authentication\n(Kerberos), SAML federation, or OAuth 2.0.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-78116", + "text": "The xNF **MUST** update status on the Chef Server\nappropriately (e.g., via a fail or raise an exception) if the\nchef-client run encounters any critical errors/failures when\nexecuting a xNF action.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-78282", + "text": "The xNF **MUST** conform to the NETCONF RFC 6242,\n\"Using the Network Configuration Protocol over Secure Shell\".", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-78380", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is\ndefined as a ``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-78569", + "text": "VNF's Heat Orchestration Template's Resource **MAY** declare the\nattribute ``external_id:``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-79107", + "text": "The VNF **MUST**, if not integrated with the Operator's Identity\nand Access Management system, support the ability to disable the\nuserID after a configurable number of consecutive unsuccessful\nauthentication attempts using the same userID.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-79224", + "text": "The xNF **MUST** have the chef-client be preloaded with\nvalidator keys and configuration to register with the designated\nChef Server as part of the installation process.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-793716", + "text": "The PNF **MUST** have \"ONAP Aware\" software which is capable of performing\nPNF PnP registration with ONAP. The \"ONAP Aware\" software is capable of\nperforming the PNF PnP Registration with ONAP MUST either be loaded\nseparately or integrated into the PNF software upon physical delivery\nand installation of the PNF.\n\nNote: It is up to the specific vendor to design the software management\nfunctions.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-79412", + "text": "The xNF **MAY** use another option which is expected to include TCP\nfor high volume streaming asynchronous data sets and for other high volume\ndata sets. TCP delivery can be used for either JSON or binary encoded data\nsets.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-79817", + "text": "A VNF's Heat Orchestration Template's parameter defined\nin a non-nested YAML file as\ntype ``comma_delimited_list`` **MAY** have a parameter constraint defined.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-798933", + "text": "The xNF **SHOULD** deliver event records that fall into the event domains\nsupported by VES.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-79952", + "text": "The VNF **SHOULD** support container snapshots if not for rebuild\nand evacuate for rollback or back out mechanism.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-80070", + "text": "The VNF **MUST** handle errors and exceptions so that they do\nnot interrupt processing of incoming VNF requests to maintain service\ncontinuity (where the error is not directly impacting the software\nhandling the incoming request).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-80335", + "text": "For all GUI and command-line interfaces, the VNF **MUST** provide the\nability to present a warning notice that is set by the Operator. A warning\nnotice is a formal statement of resource intent presented to everyone\nwho accesses the system.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-80374", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vf_module_name``\nparameter ``vf_module_name`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-805572", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nECOMP definition, see Requirements R-52425 and R-46461),\nand an IPv6 Virtual IP (VIP)\naddress is assigned\nusing the property ``allowed_address_pairs``\nmap property ``ip_address``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-80829", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n``{network-role}_v6_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-80898", + "text": "TThe xNF **MUST** support heartbeat via a <get> with null filter.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-809261", + "text": "The PNF **MUST** use a IP address to contact ONAP.\n\nNote: it is expected that an ONAP operator can ascertain the ONAP IP\naddress or the security gateway to reach ONAP on the VID or ONAP portal\nGUI.\n\nNote: The ONAP contact IP address has been previously configured and\nprovisioned prior to this step.\n\nNote: The ONAP IP address could be provisioned or resolved through\nFQDN & DNS.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-81147", + "text": "The VNF **MUST** support strong authentication, also known as\nmultifactor authentication, on all protected interfaces exposed by the\nVNF for use by human users. Strong authentication uses at least two of the\nthree different types of authentication factors in order to prove the\nclaimed identity of a user.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-81214", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InterfaceRouteTable``\nResource ID\n**MUST**\ncontain the ``{network-role}``.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-81339", + "text": "A VNF Heat Orchestration Template's Base Module file name **MUST** include\ncase insensitive 'base' in the filename and\n**MUST** match one of the following four\nformats:\n\n 1.) ``base_<text>.y[a]ml``\n\n 2.) ``<text>_base.y[a]ml``\n\n 3.) ``base.y[a]ml``\n\n 4.) ``<text>_base_<text>``.y[a]ml\n\nwhere ``<text>`` **MUST** contain only alphanumeric characters and\nunderscores '_' and **MUST NOT** contain the case insensitive word ``base``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-814377", + "text": "The VNF **MUST** have the capability of allowing the Operator to create,\nmanage, and automatically provision user accounts using an Operator\napproved identity lifecycle management tool using a standard protocol,\ne.g., NETCONF API.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-81725", + "text": "A VNF's Incremental Module **MUST** have a corresponding Environment File", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-81777", + "text": "The xNF **MUST** be configured with initial address(es) to use\nat deployment time. Subsequently, address(es) may be changed through\nONAP-defined policies delivered from ONAP to the xNF using PUTs to a\nRESTful API, in the same manner that other controls over data reporting\nwill be controlled by policy.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-81979", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::NetworkIpam``\nResource ID **MAY** use the naming convention\n\n* ``{network-role}_RNI``\n\nwhere\n\n* ``{network-role}`` is the network-role\n* ``RNI`` signifies that it is the Resource Network IPAM", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-82018", + "text": "The xNF **MUST** load the Ansible Server SSH public key onto xNF\nVM(s) /root/.ssh/authorized_keys as part of instantiation. Alternative,\nis for Ansible Server SSH public key to be loaded onto xNF VM(s) under\n/home/<Mechanized user ID>/.ssh/authorized_keys as part of instantiation,\nwhen a Mechanized user ID is created during instantiation, and Configure\nand all playbooks are designed to use a mechanized user ID only for\nauthentication (never using root authentication during Configure playbook\nrun). This will allow the Ansible Server to authenticate to perform\npost-instantiation configuration without manual intervention and without\nrequiring specific xNF login IDs and passwords.\n\n*CAUTION*: For xNFs configured using Ansible, to eliminate the need\nfor manual steps, post-instantiation and pre-configuration, to\nupload of SSH public keys, SSH public keys loaded during (heat)\ninstantiation shall be preserved and not removed by (heat) embedded\n(userdata) scripts.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-82115", + "text": "When a VNF's Heat Orchestration Template's resource is associated with a\nsingle ``{vm-type}``\nand a single external network, the Resource ID text **MUST** contain both\nthe ``{vm-type}``\nand the ``{network-role}``\n\n- the ``{vm-type}`` **MUST** appear before the ``{network-role}`` and\n **MUST** be separated by an underscore '_'\n\n\n - e.g., ``{vm-type}_{network-role}``, ``{vm-type}_{index}_{network-role}``\n\n\n- note that an ``{index}`` value **MAY** separate the ``{vm-type}`` and the\n ``{network-role}`` and when this occurs underscores **MUST** separate the\n three values. (e.g., ``{vm-type}_{index}_{network-role}``).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-82134", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` key/value pair ``vf_module_id`` parameter **MUST**\nbe declared as ``vf_module_id`` and the parameter **MUST**\nbe defined as type: ``string``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-821473", + "text": "The xNF MUST produce heartbeat indicators consisting of events containing\nthe common event header only per the VES Listener Specification.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-821839", + "text": "The xNF **MUST** deliver event records to ONAP using the common transport\nmechanisms and protocols defined in this document.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-82223", + "text": "The VNF **MUST** be decomposed if the functions have\nsignificantly different scaling characteristics (e.g., signaling\nversus media functions, control versus data plane functions).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-82481", + "text": "A VNF's Heat Orchestration Template's Resource property parameter that is\nassociated with a unique Virtual Machine type **MUST** include\n``{vm-type}`` as part of the parameter name with two exceptions:\n\n 1.) The Resource ``OS::Nova::Server`` property ``availability_zone``\n parameter **MUST NOT** be prefixed with a common ``{vm-type}`` identifier,\n\n 2.) The Resource ``OS::Nova::Server`` mandatory and optional\n ``metadata`` parameters\n\n * ``vnf_name``\n * ``vnf_id``\n * ``vf_module_id``\n * ``vf_module_name``\n * ``vf_module_index``\n * ``environment_context``\n * ``workload_context``\n\n **MUST NOT** be prefixed with a common ``{vm-type}`` identifier.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-82551", + "text": "When a VNF's Heat Orchestration Template's resource is associated with a\nsingle ``{vm-type}`` and a single internal network, the Resource ID **MUST**\ncontain both the ``{vm-type}`` and the ``int_{network-role}`` and\n\n- the ``{vm-type}`` **MUST** appear before the ``int_{network-role}`` and\n **MUST** be separated by an underscore '_'\n\n - (e.g., ``{vm-type}_int_{network-role}``,\n ``{vm-type}_{index}_int_{network-role}``)\n\n- note that an ``{index}`` value **MAY** separate the\n ``{vm-type}`` and the ``int_{network-role}`` and when this occurs\n underscores **MUST** separate the three values.\n (e.g., ``{vm-type}_{index}_int_{network-role}``).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-82732", + "text": "A VNF Heat Orchestration Template's Cinder Volume Module **MUST**\nbe named identical to the base or incremental module it is supporting with\n``_volume`` appended.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-82811", + "text": "The xNF **MUST** support APPC ``StartApplication`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-83146", + "text": "The xNF **MUST** support APPC ``StopApplication`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-83227", + "text": "The VNF **MUST** Provide the capability to encrypt data in\ntransit on a physical or virtual network.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-83412", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``allowed_address_pairs``\nmap property ``ip_address`` parameter\n``{vm-type}_{network-role}_floating_ip``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-83418", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``allowed_address_pairs``\nmap property ``ip_address`` parameter\n``{vm-type}_{network-role}_floating_v6_ip``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-83500", + "text": "The VNF **MUST** provide the capability of allowing certificate\nrenewal and revocation.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-83677", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n``{network-role}_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-83706", + "text": "When a VNF's Heat Orchestration Template's Virtual Machine\n(i.e., ``OS::Nova::Server`` resource) boots from an image, the\n``OS::Nova::Server`` resource property ``image`` **MUST** be used.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-83790", + "text": "The xNF **MUST** implement the ``:validate`` capability.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-83873", + "text": "The xNF **MUST** support ``:rollback-on-error`` value for\nthe <error-option> parameter to the <edit-config> operation. If any\nerror occurs during the requested edit operation, then the target\ndatabase (usually the running configuration) will be left unaffected.\nThis provides an 'all-or-nothing' edit mode for a single <edit-config>\nrequest.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-84123", + "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see\n Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv4 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv4 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n\n * ``int_{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the internal network\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-84160", + "text": "The VNF **MUST** have security logging for VNFs and their\nOSs be active from initialization. Audit logging includes automatic\nroutines to maintain activity records and cleanup programs to ensure\nthe integrity of the audit/logging systems.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-841740", + "text": "The xNF **SHOULD** support FileReady VES event for event-driven bulk transfer\nof monitoring data.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-842258", + "text": "The VNF **MUST** include a configuration, e.g., a heat template or CSAR\npackage, that specifies the targetted parameters, e.g. a limited set of\nports, over which the VNF will communicate (including internal, external\nand management communication).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-84322", + "text": "A VNF's Heat Orchestration Template's Resource property parameter that\nis associated with an internal network **MUST** include\n``int_{network-role}`` as part of the parameter name,\nwhere ``int_`` is a hard coded string.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-84366", + "text": "The xNF Package **MUST** include documentation describing\nxNF Functional APIs that are utilized to build network and\napplication services. This document describes the externally exposed\nfunctional inputs and outputs for the xNF, including interface\nformat and protocols supported.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-844011", + "text": "The VNF MUST not store authentication credentials to itself in clear\ntext or any reversible form and must use salting.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-84457", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::PortTuple``\nResource ID **MAY** use the naming convention\n\n* ``{vm-type}_RPT``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RPT`` signifies that it is the Resource Port Tuple", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-84473", + "text": "The VNF **MUST** enable DPDK in the guest OS for VNF's requiring\nhigh packets/sec performance. High packet throughput is defined as greater\nthan 500K packets/sec.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-84517", + "text": "The Contrail GUI has a limitation displaying special characters.\nThe issue is documented in\nhttps://bugs.launchpad.net/juniperopenstack/+bug/1590710.\nIt is recommended that special **SHOULD** characters be avoided.\nHowever, if special characters must be used, note that for\nthe following resources:\n\n* Virtual Machine\n* Virtual Network\n* Port\n* Security Group\n* Policies\n* IPAM Creation\n\nthe only special characters supported\nare - \\\" ! $\\ \\ ' ( ) = ~ ^ | @ ` { } [ ] > , . _\"", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-84879", + "text": "The xNF **MUST** have the capability of maintaining a primary\nand backup DNS name (URL) for connecting to ONAP collectors, with the\nability to switch between addresses based on conditions defined by policy\nsuch as time-outs, and buffering to store messages until they can be\ndelivered. At its discretion, the service provider may choose to populate\nonly one collector address for a xNF. In this case, the network will\npromptly resolve connectivity problems caused by a collector or network\nfailure transparently to the xNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-85235", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-85328", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` **MAY**\ncontain the key/value pair ``vm_role`` and the value **MUST** be\nobtained either via\n\n- ``get_param``\n- hard coded in the key/value pair ``vm_role``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-85419", + "text": "The VNF **SHOULD** support OAuth 2.0 authorization using an external\nAuthorization Server.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-85653", + "text": "The xNF **MUST** provide metrics (e.g., number of sessions,\nnumber of subscribers, number of seats, etc.) to ONAP for tracking\nevery license.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-85734", + "text": "If a VNF's Heat Orchestration Template contains the property ``name``\nfor a non ``OS::Nova::Server`` resource, the intrinsic function\n``str_replace`` **MUST** be used in conjunction with the ONAP\nsupplied metadata parameter ``vnf_name`` to generate a unique value.\nAdditional data **MAY** be used in the ``str_replace`` construct\nto generate a unique value.", + "keyword": "MUST", + "result": "FAIL", + "errors": [ + " Improper name property for non-OS::Nova::Server resources. int_unprotected_private_network's name property's use str_replace does not use have a params that maps to the parameter via {get_param: vnf_name}. int_unprotected_private_subnet's name property's use str_replace does not use have a params that maps to the parameter via {get_param: vnf_name}. int_protected_private_network's name property's use str_replace does not use have a params that maps to the parameter via {get_param: vnf_name}. int_protected_private_subnet's name property's use str_replace does not use have a params that maps to the parameter via {get_param: vnf_name}\n", + " Resource(int_unprotected_private_network) does not use str_replace and the vnf_name parameter to set the name property, Resource(int_unprotected_private_subnet) does not use str_replace and the vnf_name parameter to set the name property, Resource(int_protected_private_network) does not use str_replace and the vnf_name parameter to set the name property, Resource(int_protected_private_subnet) does not use str_replace and the vnf_name parameter to set the name property\n" + ] + }, + { + "id": "R-859208", + "text": "The VNF **MUST** log automated remote activities performed with\nelevated privileges.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-85959", + "text": "The VNF **SHOULD** automatically enable/disable added/removed\nsub-components or component so there is no manual intervention required.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-85991", + "text": "The xNF provider **MUST** provide a universal license key\nper xNF to be used as needed by services (i.e., not tied to a VM\ninstance) as the recommended solution. The xNF provider may provide\npools of Unique xNF License Keys, where there is a unique key for\neach xNF instance as an alternate solution. Licensing issues should\nbe resolved without interrupting in-service xNFs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86182", + "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand the internal network is created in a\ndifferent Heat Orchestration Template than the ``OS::Neutron::Port``,\nthe ``network`` parameter name **MUST**\n\n * follow the naming convention ``int_{network-role}_net_id`` if the Neutron\n network UUID value is used to reference the network\n * follow the naming convention ``int_{network-role}_net_name`` if the\n OpenStack network name in is used to reference the network.\n\nwhere ``{network-role}`` is the network-role of the internal network and\na ``get_param`` **MUST** be used as the intrinsic function.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86235", + "text": "The xNF Package **MUST** include documentation about the monitoring\nparameters that must include latencies, success rates, retry rates, load\nand quality (e.g., DPM) for the key transactions/functions supported by\nthe xNF and those that must be exercised by the xNF in order to perform\nits function.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86261", + "text": "The VNF **MUST** support the ability to prohibit remote access to the VNF\nvia a host based security mechanism.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86285", + "text": "A VNF's Heat Orchestration template **MUST** have a\ncorresponding environment file.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86476", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vm_role`` value **MUST**\nonly contain alphanumeric characters and underscores (i.e., '_').", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86497", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::Cinder::VolumeAttachment``\nResource ID\n**SHOULD**\nuse the naming convention\n\n* ``{vm-type}_volume_attachment_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{index}`` starts at zero and increments by one", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86585", + "text": "The VNFC **SHOULD** minimize the use of state within\na VNFC to facilitate the movement of traffic from one instance\nto another.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86586", + "text": "The xNF **MUST** use the YANG configuration models and RESTCONF\n[RFC8040] (https://tools.ietf.org/html/rfc8040).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86588", + "text": "A VNF's Heat Orchestration Template's ``{network-role}`` case in Resource\nproperty parameter names **SHOULD** match the case of ``{network-role}``\nin Resource IDs and vice versa.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86758", + "text": "The VNF **SHOULD** provide an automated test suite to validate\nevery new version of the software on the target environment(s). The tests\nshould be of sufficient granularity to independently test various\nrepresentative VNF use cases throughout its lifecycle. Operations might\nchoose to invoke these tests either on a scheduled basis or on demand to\nsupport various operations functions including test, turn-up and\ntroubleshooting.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86835", + "text": "The VNF **MUST** set the default settings for user access\nto deny authorization, except for a super user type of account.\nWhen a VNF is added to the network, nothing should be able to use\nit until the super user configures the VNF to allow other users\n(human and application) have access.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86926", + "text": "A VNF's incremental module **MAY** be used for scale out only.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-86972", + "text": "A VNF **SHOULD** create the internal network in the VNF's Heat\nOrchestration Template Base Module.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-87004", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::Cinder::Volume``\nResource ID\n**SHOULD**\nuse the naming convention\n\n* ``{vm-type}_volume_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{index}`` starts at zero and increments by one", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-87096", + "text": "A VNF **MAY** contain zero, one or more than one internal network.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-87123", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_{network-role}_v6_ip_{index}``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-87234", + "text": "The VNF package provided by a VNF vendor **MAY** be either with\nTOSCA-Metadata directory (CSAR Option 1) or without TOSCA-Metadata\ndirectory (CSAR Option 2) as specified in ETSI GS NFV-SOL004. On-boarding\nentity (ONAP SDC) must support both options.\n\n**Note:** SDC supports only the CSAR Option 1 in Casablanca. The Option 2\nwill be considered in future ONAP releases,", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-87247", + "text": "VNF Heat Orchestration Template's Incremental Module file name\n**MUST** contain only alphanumeric characters and underscores\n'_' and **MUST NOT** contain the case insensitive word ``base``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-872986", + "text": "The VNF **MUST** store Authentication Credentials used to authenticate to\nother systems encrypted except where there is a technical need to store\nthe password unencrypted in which case it must be protected using other\nsecurity techniques that include the use of file and directory permissions.\nIdeally, credentials SHOULD rely on a HW Root of Trust, such as a\nTPM or HSM.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-87352", + "text": "The VNF **SHOULD** utilize Cloud health checks, when available\nfrom the Network Cloud, from inside the application through APIs to check\nthe network connectivity, dropped packets rate, injection, and auto failover\nto alternate sites if needed.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-87485", + "text": "A VNF's Heat Orchestration Template's file extension **MUST**\nbe in the lower case format ``.yaml`` or ``.yml``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-87563", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::InstanceIp``\nthat is configuring an IPv6 Address on a port attached to an internal network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}_v6_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` is the instance of the virtual machine interface\n (e.g., port) on the vm-type\n attached to the network of ``{network-role}``\n* ``v6_IP`` signifies that an IPv6 address is being configured\n* ``{index}`` is the index of the IPv6 address", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-87564", + "text": "The xNF **SHOULD** conform its YANG model to RFC 7317,\n\"A YANG Data Model for System Management\".", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-87817", + "text": "When the VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` parameter is defined as a ``comma_delimited_list``,\nthe parameter name **MUST** follow the naming convention\n``{vm-type}_names``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-88026", + "text": "The xNF **MUST** include a NETCONF server enabling\nruntime configuration and lifecycle management capabilities.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-88031", + "text": "The xNF **SHOULD** implement the protocol operation:\n``delete-config(target)`` - Delete the named configuration\ndata store target.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-88199", + "text": "The VNF **MUST** utilize a persistent datastore service that\ncan meet the data performance/latency requirements. (For example:\nDatastore service could be a VNFC in VNF or a DBaaS in the Cloud\nexecution environment)", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-88482", + "text": "The xNF **SHOULD** use REST using HTTPS delivery of plain\ntext JSON for moderate sized asynchronous data sets, and for high\nvolume data sets when feasible.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-88524", + "text": "A VNF's Heat Orchestration Template's Volume Template\nOutput Parameter names\n**MUST** contain ``{vm-type}`` when appropriate.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-88536", + "text": "A VNF's Heat Orchestration Template's OS::Nova::Server\nResource **SHOULD** contain the metadata map value parameter\n'environment_context'.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-88863", + "text": "A VNF's Heat Orchestration Template's parameter defined\nin a non-nested YAML file as type\n``number`` **MAY** have a parameter constraint defined.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-88899", + "text": "The xNF **MUST** support simultaneous <commit> operations\nwithin the context of this locking requirements framework.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-89010", + "text": "The VNF **MUST** survive any single points of software failure\ninternal to the VNF (e.g., in memory structures, JMS message queues).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-894004", + "text": "When the xNF sets up a HTTP or HTTPS connection to the collector, it **MUST**\nprovide a username and password to the DCAE VES Collector for HTTP Basic\nAuthentication.\n\nNote: HTTP Basic Authentication has 4 steps: Request, Authenticate,\nAuthorization with Username/Password Credentials, and Authentication Status\nas per RFC7617 and RFC 2617.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-89474", + "text": "The VNF **MUST** log the field \"Login ID\" in the security audit logs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-89571", + "text": "The xNF **MUST** support and provide artifacts for configuration\nmanagement using at least one of the following technologies;\na) Netconf/YANG, b) Chef, or c) Ansible.\n\nNote: The requirements for Netconf/YANG, Chef, and Ansible protocols\nare provided separately and must be supported only if the corresponding\nprotocol option is provided by the xNF providor.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-89800", + "text": "The VNF **MUST NOT** require Hypervisor-level customization\nfrom the cloud provider.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-89913", + "text": "A VNF's Heat Orchestration Template's Cinder Volume Module Output\nParameter(s)\n**MUST** include the\nUUID(s) of the Cinder Volumes created in template.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-90007", + "text": "The xNF **MUST** implement the protocol operation:\n``close-session()`` - Gracefully close the current session.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-90022", + "text": "A VNF's Nested YAML file **MAY** be invoked more than once by\na VNF's Heat Orchestration Template.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-901331", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``image`` value **MUST** be be obtained via a ``get_param``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-90152", + "text": "A VNF's Heat Orchestration Template's\n``resources:`` section **MUST** contain the declaration of at\nleast one resource.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-90206", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_int_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-90279", + "text": "A VNF Heat Orchestration's template's parameter **MUST** be used\nin a resource with the exception of the parameters for the\n``OS::Nova::Server`` resource property ``availability_zone``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-90526", + "text": "A VNF Heat Orchestration Template parameter declaration **MUST NOT**\ncontain the ``default`` attribute.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-90632", + "text": "The xNF Package **MUST** include documentation about KPIs and\nmetrics that need to be collected at each VM for capacity planning\nand performance management purposes.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-90748", + "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::CinderVolume``\n**MAY** be defined in an Incremental Module.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-908291", + "text": "The XNF **MAY** leverage bulk xNF telemetry transmission mechanism, as\ndepicted in Figure 4, in instances where other transmission methods are not\npractical or advisable.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-91125", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter **MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and a value **MUST** be assigned.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-91273", + "text": "A VNF Heat Orchestration's template's parameter for the\n``OS::Nova::Server`` resource property ``availability_zone``\n**MAY NOT** be used in any ``OS::Nova::Server``.", + "keyword": "MAY NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-91342", + "text": "A VNF Heat Orchestration Template's Base Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nBase Module with ``.y[a]ml`` replaced with ``.env``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-91497", + "text": "A VNF's incremental module **MAY** be used for both deployment and\nscale out.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-91745", + "text": "The xNF **MUST** update the Ansible Server and other entities\nstoring and using the SSH keys for authentication when the SSH\nkeys used by Ansible are regenerated/updated.\n\n**Note**: Ansible Server itself may be used to upload new SSH public\nkeys onto supported xNFs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-91810", + "text": "If a VNF requires ONAP to assign a Virtual IP (VIP) Address to\nports connected an external network, the port\n**MUST NOT** have more than one IPv4 VIP address.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-92193", + "text": "A VNF's Heat Orchestration Template's parameter\n``{network-role}_net_fqdn``\n**MUST NOT** be enumerated in the VNF's Heat Orchestration Template's\nEnvironment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-92207", + "text": "The VNF **SHOULD** provide a mechanism that enables the operators to\nperform automated system configuration auditing at configurable time\nintervals.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-92571", + "text": "The VNF **MUST** provide operational instrumentation such as\nlogging, so as to facilitate quick resolution of issues with the VNF to\nprovide service continuity.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-92635", + "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-92866", + "text": "The xNF **MUST** include as part of post-instantiation configuration\ndone by Ansible Playbooks the removal/update of the SSH public key from\n/root/.ssh/authorized_keys, and update of SSH keys loaded through\ninstantiation to support Ansible. This may include creating Mechanized user\nID(s) used by the Ansible Server(s) on VNF VM(s) and uploading and\ninstalling new SSH keys used by the mechanized use ID(s).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-92935", + "text": "The VNF **SHOULD** minimize the propagation of state information\nacross multiple data centers to avoid cross data center traffic.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-93030", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_{network-role}_v6_ips``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-931076", + "text": "The VNF **MUST** support account names that contain at least A-Z, a-z,\n0-9 character sets and be at least 6 characters in length.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-93177", + "text": "When the VNF's Heat Orchestration Template's resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand the internal network is created in the\nsame Heat Orchestration Template as the ``OS::Neutron::Port``,\nthe ``network`` property value **MUST** obtain the UUID\nof the internal network by using the intrinsic function\n``get_resource``\nand referencing the Resource ID of the internal network.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-932071", + "text": "The xNF provider **MUST** reach agreement with the Service Provider on\nthe selected methods for encoding, serialization and data delivery\nprior to the on-boarding of the xNF into ONAP SDC Design Studio.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-93443", + "text": "The xNF **MUST** define all data models in YANG [RFC6020],\nand the mapping to NETCONF shall follow the rules defined in this RFC.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-93496", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``fixed_ips``\nmap property ``ip_address``\nparameter associated with an internal network, i.e.,\n\n * ``{vm-type}_int_{network-role}_ip_{index}``\n * ``{vm-type}_int_{network-role}_v6_ip_{index}``\n * ``{vm-type}_int_{network-role}_ips``\n * ``{vm-type}_int_{network-role}_v6_ips``\n\n\n**MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and IP addresses **MUST** be\nassigned.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-93860", + "text": "The VNF **SHOULD** provide the capability to integrate with an\nexternal encryption service.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-94084", + "text": "The xNF **MUST** support APPC/SDN-C ``ConfigScaleOut`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-94509", + "text": "A VNF Heat Orchestration Template's Incremental Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nIncremental Module with ``.y[a]ml`` replaced with ``.env``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-94525", + "text": "The VNF **MUST** log connections to the network listeners of the\nresource.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-94567", + "text": "The xNF **MUST** provide Ansible playbooks that are designed to run using\nan inventory hosts file in a supported format with only IP addresses or\nIP addresses and VM/xNF names.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-94669", + "text": "If a VNF has one IPv6 OAM Management IP Address and the\nIP Address needs to be inventoried in ONAP's A&AI\ndatabase, an output parameter **MUST** be declared in only one of the\nVNF's Heat Orchestration Templates and the parameter **MUST** be named\n``oam_management_v6_address``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-94978", + "text": "The VNF **MUST** provide a mechanism and tool to perform a graceful\nshutdown of all the containers (VMs) in the VNF without impacting service\nor service quality assuming another VNF in same or other geographical\nlocation can take over traffic and process service requests.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-952314", + "text": "If the PNF set up a TLS connection and mutual (two-way) authentication is\nbeing used, then the PNF **MUST** provide its own X.509v3 Certificate to\nthe DCAE VES Collector for authentication.\n\nNote: This allows TLS authentication by DCAE VES Collector.\n\nNote: The PNF got its X.509 certificate through Enrollment with an\noperator certificate authority or a X.509 vendor certificate from the\nvendor factory CA.\n\nNote: In R3 three authentication options are supported:\n\n(1) HTTP with Username & Password and no TLS.\n\n(2) HTTP with Username & Password & TLS with two-way certificate\n authentication.\n\n(3) HTTP with Username & Password & TLS with server-side\n certificate authentication.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-95303", + "text": "A VNF's Heat Orchestration Template **MUST** be defined using valid YAML.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-95321", + "text": "The VNFD provided by VNF vendor may use the below described TOSCA\nrelationships. An on-boarding entity (ONAP SDC) **MUST** support them.\n\n **tosca.relationships.nfv.VirtualBindsTo**\n\n This relationship type represents an association relationship between\n VDU and CP node types.\n\n **tosca.relationships.nfv.VirtualLinksTo**\n\n This relationship type represents an association relationship between\n the VduCpd's and VirtualLinkDesc node types.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-95430", + "text": "If a VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vm_role`` value is obtained via\n``get_param``, the parameter **MAY** be declared as\n\n* ``vm_role`` and the parameter defined as ``type: string``.\n* ``vm_roles`` and the parameter defined as ``type: comma_delimited_list``.\n* ``{vm-type}_vm_role`` and the parameter defined as ``type: string``.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-95864", + "text": "The VNF **MUST** support digital certificates that comply with X.509\nstandards.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-95950", + "text": "The xNF **MUST** provide a NETCONF interface fully defined\nby supplied YANG models for the embedded NETCONF server.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-96227", + "text": "A VNF's Heat Orchestration Template's parameter defined\nin a non-nested YAML file as type\n``json`` **MAY** have a parameter constraint defined.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-96253", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` that is attaching to an external network\nResource ID **MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` is the instance of the ``{vm-type}``\n* ``{network-role}`` is the network-role of the network\n that the port (i.e. virtual machine interface) is attached to\n* ``{vmi_index}`` is the instance of the vmi on the vm-type\n attached to the network of ``{network-role}``", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-96482", + "text": "When a VNF's Heat Orchestration Template's resource is associated\nwith a single external network, the Resource ID **MUST** contain the text\n``{network-role}``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-96554", + "text": "The xNF **MUST** implement the protocol operation:\n``unlock(target)`` - Unlock the configuration data store target.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-96634", + "text": "The xNF provider **MUST** describe scaling capabilities\nto manage scaling characteristics of the xNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-96983", + "text": "A VNF's Heat Orchestration Template's Resource ID that is associated\nwith an internal network **MUST** include ``int_{network-role}`` as part\nof the Resource ID, where ``int_`` is a hard coded string.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-97102", + "text": "The VNF Package **MUST** include VM requirements via a Heat\ntemplate that provides the necessary data for VM specifications\nfor all VNF components - for hypervisor, CPU, memory, storage.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-97201", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_v6_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-97293", + "text": "The xNF provider **MUST NOT** require audits\nof Service Provider's business.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-97343", + "text": "The xNF **MUST** support APPC/SDN-C ``UpgradeBackup`` command.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-97345", + "text": "The xNF **MUST** permit authentication, using root account, only right\nafter instantiation and until post-instantiation configuration is\ncompleted.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-97445", + "text": "The VNF **MUST** log the field \"date/time\" in the security audit\nlogs.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-97451", + "text": "The xNF **MUST** provide the ability to remove root access once\npost-instantiation configuration (Configure) is completed.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-97529", + "text": "The xNF **SHOULD** implement the protocol operation:\n``get-schema(identifier, version, format)`` - Retrieve the YANG schema.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-97726", + "text": "A VNF's Heat Orchestration Template's Base Module Output Parameter names\n**MUST** contain ``{vm-type}`` and/or ``{network-role}`` when appropriate.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-978752", + "text": "The xNF providers **MUST** provide the Service Provider the following\nartifacts to support the delivery of high-volume xNF telemetry to\nDCAE via GPB over TLS/TCP:\n\n * A valid VES Event .proto definition file, to be used validate and\n decode an event\n * A valid high volume measurement .proto definition file, to be used for\n processing high volume events\n * A supporting PM content metadata file to be used by analytics\n applications to process high volume measurement events", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-980039", + "text": "The PNF **MUST** send the pnfRegistration VES event periodically.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-98138", + "text": "When a VNF's Heat Orchestration Template's resource is associated with a\nsingle internal network, the Resource ID **MUST** contain the text\n``int_{network-role}``.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-981585", + "text": "The pnfRegistration VES event periodicity **MUST** be configurable.\n\nNote: The PNF uses the service configuration request as a semaphore to\nstop sending the pnfRegistration sent. See the requirement PNP-5360\nrequirement.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-98191", + "text": "The xNF **MUST** vary the frequency that asynchronous data\nis delivered based on the content and how data may be aggregated or\ngrouped together.\n\n Note:\n\n - For example, alarms and alerts are expected to be delivered as\n soon as they appear. In contrast, other content, such as performance\n measurements, KPIs or reported network signaling may have various\n ways of packaging and delivering content. Some content should be\n streamed immediately; or content may be monitored over a time\n interval, then packaged as collection of records and delivered\n as block; or data may be collected until a package of a certain\n size has been collected; or content may be summarized statistically\n over a time interval, or computed as a KPI, with the summary or KPI\n being delivered.\n - We expect the reporting frequency to be configurable depending on\n the virtual network functions needs for management. For example,\n Service Provider may choose to vary the frequency of collection\n between normal and trouble-shooting scenarios.\n - Decisions about the frequency of data reporting will affect\n the size of delivered data sets, recommended delivery method,\n and how the data will be interpreted by ONAP. These considerations\n should not affect deserialization and decoding of the data, which\n will be guided by the accompanying JSON schema or GPB definition\n files.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-98374", + "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` key/value pair ``vf_module_id`` parameter ``vf_module_id``\n**MUST NOT**\nhave parameter constraints defined.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-98391", + "text": "The VNF **MUST**, if not integrated with the Operator's Identity and\nAccess Management system, support Role-Based Access Control to enforce\nleast privilege.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-98407", + "text": "A VNF's Heat Orchestration Template's ``{vm-type}`` **MUST** contain only\nalphanumeric characters and/or underscores '_' and **MUST NOT**\ncontain any of the following strings:\n``_int`` or ``int_`` or ``_int_``.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-98450", + "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``availability_zone`` parameter name\n**MUST** follow the naming convention\n\n* ``availability_zone_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at zero\nin a VNF's Heat Orchestration Templates and **MUST**\nincrement by one.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-98569", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_v6_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-98617", + "text": "The xNF provider **MUST** provide information regarding any\ndependency (e.g., affinity, anti-affinity) with other xNFs and resources.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-98905", + "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_{network-role}_ips``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-98911", + "text": "The xNF **MUST NOT** use any instance specific parameters\nfor the xNF in roles/cookbooks/recipes invoked for a xNF action.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + }, + { + "id": "R-98989", + "text": "The VNF **SHOULD** utilize resource pooling (threads,\nconnections, etc.) within the VNF application so that resources\nare not being created and destroyed resulting in resource management\noverhead.", + "keyword": "SHOULD", + "result": "PASS", + "errors": [] + }, + { + "id": "R-99110", + "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualNetwork`` Resource ID **MUST** use the naming convention\n\n1) ``int_{network-role}_network``\n\nor\n\n2) ``int_{network-role}_RVN`` where RVN represents Resource Virtual\n Network\n\nVNF Heat Orchestration Templates can only create internal networks.\nThere is no ``{index}`` after ``{network-role}`` because ``{network-role}``\n**MUST** be unique in the scope of the VNF's\nHeat Orchestration Template.\n\nNote that option 1 is preferred.", + "keyword": "MUST", + "result": "SKIP", + "errors": [] + }, + { + "id": "R-99174", + "text": "The VNF **MUST**, if not integrated with the Operator's Identity and\nAccess Management system, support the creation of multiple IDs so that\nindividual accountability can be supported.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-99646", + "text": "A VNF's YAML files (i.e, Heat Orchestration Template files and\nNested files) **MUST** have a unique name in the scope of the VNF.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-99656", + "text": "The VNF **MUST** NOT terminate stable sessions if a VNFC\ninstance fails.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-99730", + "text": "The VNF **MUST** include the field \"Login ID\" in the Security\nalarms (where applicable and technically feasible).", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-99766", + "text": "The VNF **MUST** allow configurations and configuration parameters\nto be managed under version control to ensure the ability to rollback to\na known valid configuration.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-99771", + "text": "The VNF **MUST** have all code (e.g., QCOW2) and configuration files\n(e.g., HEAT template, Ansible playbook, script) hardened, or with\ndocumented recommended configurations for hardening and interfaces that\nallow the Operator to harden the VNF. Actions taken to harden a system\ninclude disabling all unnecessary services, and changing default values\nsuch as default credentials and community strings.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-99794", + "text": "An external network **MUST** have one subnet. An external network\n**MAY** have more than one subnet.", + "keyword": "MUST", + "result": "PASS", + "errors": [] + }, + { + "id": "R-99798", + "text": "A VNF's Heat Orchestration Template's Virtual Machine\n(i.e., ``OS::Nova::Server`` resource) **MAY** boot from an image or\n**MAY** boot from a Cinder Volume.", + "keyword": "MAY", + "result": "PASS", + "errors": [] + }, + { + "id": "R-99812", + "text": "A value for VNF's Heat Orchestration Template's property ``name``\nfor a non ``OS::Nova::Server`` resource **MUST NOT** be declared\nin the VNF's Heat Orchestration Template's Environment File.", + "keyword": "MUST NOT", + "result": "PASS", + "errors": [] + } + ] +}
\ No newline at end of file |