{ "version": "elalto", "template_directory": "/template", "timestamp": "2019-10-15T09:21:27.528797", "checksum": "4f631925b1ebe5aa3bae1501135df92f", "categories": "", "outcome": "PASS", "tests": [ { "files": [ "../vvp/base_vpkg.env" ], "test_module": "test_initial_configuration", "test_case": "test_00_valid_yaml", "result": "PASS", "error": "", "requirements": [ { "id": "R-95303", "text": "A VNF's Heat Orchestration Template **MUST** be defined using valid YAML.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_initial_configuration", "test_case": "test_00_valid_yaml", "result": "PASS", "error": "", "requirements": [ { "id": "R-95303", "text": "A VNF's Heat Orchestration Template **MUST** be defined using valid YAML.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_initial_configuration", "test_case": "test_02_no_duplicate_keys_in_file", "result": "PASS", "error": "", "requirements": [ { "id": "R-92635", "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.env" ], "test_module": "test_initial_configuration", "test_case": "test_02a_no_duplicate_keys_in_env", "result": "PASS", "error": "", "requirements": [ { "id": "R-92635", "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_initial_configuration", "test_case": "test_03_all_referenced_resources_exists", "result": "PASS", "error": "", "requirements": [ { "id": "R-92635", "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_initial_configuration", "test_case": "test_04_valid_nesting", "result": "PASS", "error": "", "requirements": [ { "id": "R-92635", "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_initial_configuration", "test_case": "test_05_all_get_param_have_defined_parameter", "result": "PASS", "error": "", "requirements": [ { "id": "R-92635", "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_initial_configuration", "test_case": "test_06_heat_template_resource_section_has_resources", "result": "PASS", "error": "", "requirements": [ { "id": "R-90152", "text": "A VNF's Heat Orchestration Template's\n``resources:`` section **MUST** contain the declaration of at\nleast one resource.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_get_attr_usage", "test_case": "test_08_validate_get_attr_usage", "result": "PASS", "error": "", "requirements": [ { "id": "R-95303", "text": "A VNF's Heat Orchestration Template **MUST** be defined using valid YAML.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_get_file_only_reference_local_files", "test_case": "test_get_file_no_url_retrieval", "result": "PASS", "error": "", "requirements": [ { "id": "R-41888", "text": "A VNF's Heat Orchestration Template intrinsic function\n``get_file`` **MUST NOT** utilize URL-based file retrieval.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_get_file_only_reference_local_files", "test_case": "test_get_file_only_reference_local_files", "result": "PASS", "error": "", "requirements": [ { "id": "R-76718", "text": "If a VNF's Heat Orchestration Template uses the intrinsic function\n``get_file``, the ``get_file`` target **MUST** be referenced in\nthe Heat Orchestration Template by file name.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_all_parameters_used_in_template", "test_case": "test_all_parameters_used_in_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-90279", "text": "A VNF Heat Orchestration's template's parameter **MUST** be used\nin a resource with the exception of the parameters for the\n``OS::Nova::Server`` resource property ``availability_zone``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_resource_ids_alphanumeric_only", "test_case": "test_alphanumeric_resource_ids_only", "result": "PASS", "error": "", "requirements": [ { "id": "R-75141", "text": "A VNF's Heat Orchestration Template's resource name\n(i.e., ) **MUST** only contain alphanumeric\ncharacters and underscores ('_').", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_availability_zone", "test_case": "test_availability_zone_naming", "result": "PASS", "error": "", "requirements": [ { "id": "R-98450", "text": "A VNF's Heat Orchestration Template's base module or incremental module\nresource ``OS::Nova::Server``\nproperty ``availability_zone`` parameter\n**MUST** follow the naming convention\n\n* ``availability_zone_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at zero\nin a VNF's Heat Orchestration Templates and **MUST**\nincrement by one.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_server_parameters", "test_case": "test_availability_zone_parameter_type", "result": "PASS", "error": "", "requirements": [ { "id": "R-23311", "text": "The VNF's Heat Orchestration Template's base module or incremental module\nresource ``OS::Nova::Server`` property\n``availability_zone`` parameter **MUST** be declared as type: ``string``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_availability_zone_params_start_at_0", "test_case": "test_availability_zones_start_at_0", "result": "PASS", "error": "", "requirements": [ { "id": "R-98450", "text": "A VNF's Heat Orchestration Template's base module or incremental module\nresource ``OS::Nova::Server``\nproperty ``availability_zone`` parameter\n**MUST** follow the naming convention\n\n* ``availability_zone_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at zero\nin a VNF's Heat Orchestration Templates and **MUST**\nincrement by one.", "keyword": "MUST" } ] }, { "files": [ "../vvp/template" ], "test_module": "test_base_template_names", "test_case": "test_base_template_names", "result": "PASS", "error": "", "requirements": [ { "id": "R-37028", "text": "A VNF **MUST** be composed of one Base Module", "keyword": "MUST" }, { "id": "R-87485", "text": "A VNF's Heat Orchestration Template's file extension **MUST**\nbe in the lower case format ``.yaml`` or ``.yml``.", "keyword": "MUST" }, { "id": "R-81339", "text": "A VNF Heat Orchestration Template's Base Module file name **MUST** include\ncase insensitive 'base' in the filename and\n**MUST** match one of the following four\nformats:\n\n 1.) ``base_.y[a]ml``\n\n 2.) ``_base.y[a]ml``\n\n 3.) ``base.y[a]ml``\n\n 4.) ``_base_``.y[a]ml\n\nwhere ```` **MUST** contain only alphanumeric characters and\nunderscores '_' and **MUST NOT** contain the case insensitive string\n``base`` or ``volume``.", "keyword": "MUST" }, { "id": "R-87247", "text": "VNF Heat Orchestration Template's Incremental Module file name\n**MUST** contain only alphanumeric characters and underscores\n'_' and **MUST NOT** contain the case insensitive string ``base``.", "keyword": "MUST" }, { "id": "R-76057", "text": "VNF Heat Orchestration Template's Nested YAML file name **MUST** contain\nonly alphanumeric characters and underscores '_' and\n**MUST NOT** contain the case insensitive string ``base``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_cloud_config_resource_id", "test_case": "test_cloud_config", "result": "SKIP", "error": "", "requirements": [ { "id": "R-04747", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::CloudConfig``\nResource ID **MUST** contain the ``{vm-type}``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_instance_ip_parameters", "test_case": "test_contrail_external_instance_ip_address_parameter", "result": "PASS", "error": "", "requirements": [ { "id": "R-100000", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n**MUST** be declared as either type ``string`` or type\n``comma_delimited_list``.", "keyword": "MUST" }, { "id": "R-100010", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network (per the ONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST" }, { "id": "R-100030", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_ips``\n\n where\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the external\n network", "keyword": "MUST" }, { "id": "R-100050", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network\n(per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST" }, { "id": "R-100070", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_instance_ip_parameters", "test_case": "test_contrail_external_instance_subnet_id_parameter", "result": "PASS", "error": "", "requirements": [ { "id": "R-100190", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::ContrailV2::InstanceIp`` property ``subnet_uuid``\nparameter\n**MUST** be declared type ``string``.", "keyword": "MUST" }, { "id": "R-100200", "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv4 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv4 subnet is to be specified\nusing the property ``subnet_uuid``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", "keyword": "MUST" }, { "id": "R-100220", "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv6 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv6 subnet is to be specified\nusing the property ``subnet_uuid``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_v6_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_fqdn", "test_case": "test_contrail_fqdn", "result": "SKIP", "error": "", "requirements": [ { "id": "R-02164", "text": "When a VNF's Heat Orchestration Template's Contrail resource\nhas a property that\nreferences an external network that requires the network's\nFully Qualified Domain Name (FQDN), the property parameter\n\n* **MUST** follow the format ``{network-role}_net_fqdn``\n* **MUST** be declared as type ``string``\n* **MUST NOT** be enumerated in the VNF's Heat Orchestration Template's\n Environment File", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_instance_ip_parameters", "test_case": "test_contrail_incremental_module_internal_subnet_usage", "result": "PASS", "error": "", "requirements": [ { "id": "R-100240", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::ContrailV2::InstanceIp`` in an Incremental Module is\n assigning an IP address\n to an internal network (per the ONAP definition, see\n Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv4 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv4 subnet is to be specified\n using the property ``subnet_uuid``,\n\nthe parameter **MUST** follow the naming convention\n\n * ``int_{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the internal network\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST" }, { "id": "R-100260", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::ContrailV2::InstanceIp`` in an Incremental Module is\n attaching\n to an internal network (per the ONAP definition,\n see Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv6 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv6 subnet is to be specified\n using the property ``subnet_uuid``,\n\nthe parameter **MUST** follow the naming convention\n``int_{network-role}_v6_subnet_id``,\nwhere ``{network-role}`` is the network role of the internal network.\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_instance_ip_resource_id", "test_case": "test_contrail_instance_ip_resource_id_external", "result": "SKIP", "error": "", "requirements": [ { "id": "R-53310", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` Resource ID\nthat is configuring an IPv4 Address on a virtual machine interface\n(i.e., OS::ContrailV2::VirtualMachineInterface)\nattached to an external network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network that the\n virtual machine interface is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.\n* ``IP`` signifies that an IPv4 address is being configured\n* ``{index}`` references the instance of the IPv4 address configured\n on the virtual machine interface. The ``{index}`` is a numeric value\n that **MUST** start at zero on an\n instance of a virtual machine interface and **MUST** increment by one\n each time a new IPv4 address is configured on the\n virtual machine interface.", "keyword": "MUST" }, { "id": "R-46128", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` Resource ID\nthat is configuring an IPv6 Address on a virtual machine interface\n(i.e., OS::ContrailV2::VirtualMachineInterface)\nattached to an external network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}_v6_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.\n* ``v6_IP`` signifies that an IPv6 address is being configured\n* ``{index}`` references the instance of the IPv6 address configured\n on the virtual machine interface. The ``{index}`` is a numeric value\n that **MUST** start at zero on an\n instance of a virtual machine interface and **MUST** increment by one\n each time a new IPv6 address is configured on the\n virtual machine interface.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_vmi_resource_id", "test_case": "test_contrail_instance_ip_resource_id_external", "result": "SKIP", "error": "", "requirements": [ { "id": "R-96253", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` Resource ID\nthat is attaching to an external network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port (i.e. virtual machine interface) is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_instance_ip_resource_id", "test_case": "test_contrail_instance_ip_resource_id_internal", "result": "SKIP", "error": "", "requirements": [ { "id": "R-62187", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` Resource ID\nthat is configuring an IPv4 Address on a virtual machine interface\n(i.e., OS::ContrailV2::VirtualMachineInterface)\nattached to an internal network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.\n* ``IP`` signifies that an IPv4 address is being configured\n* ``{index}`` references the instance of the IPv4 address configured\n on the virtual machine interface. The ``{index}`` is a numeric value\n that **MUST** start at zero on an\n instance of a virtual machine interface and **MUST** increment by one\n each time a new IPv4 address is configured on the\n virtual machine interface.", "keyword": "MUST" }, { "id": "R-87563", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` Resource ID\nthat is configuring an IPv6 Address on a virtual machine interface\n(i.e., OS::ContrailV2::VirtualMachineInterface)\nattached to an internal network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}_v6_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.\n* ``v6_IP`` signifies that an IPv6 address is being configured\n* ``{index}`` references the instance of the IPv6 address configured\n on the virtual machine interface. The ``{index}`` is a numeric value\n that **MUST** start at zero on an\n instance of a virtual machine interface and **MUST** increment by one\n each time a new IPv6 address is configured on the\n virtual machine interface.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_vmi_resource_id", "test_case": "test_contrail_instance_ip_resource_id_internal", "result": "SKIP", "error": "", "requirements": [ { "id": "R-50468", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` Resource ID\nthat is attaching to an internal network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port (i.e. virtual machine interface) is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_resource_id", "test_case": "test_contrail_interfaceroutetable_resource_id", "result": "SKIP", "error": "", "requirements": [ { "id": "R-81214", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InterfaceRouteTable``\nResource ID\n**MUST**\ncontain the ``{network-role}``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_instance_ip_parameters", "test_case": "test_contrail_internal_instance_ip_address_parameter", "result": "PASS", "error": "", "requirements": [ { "id": "R-100000", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n**MUST** be declared as either type ``string`` or type\n``comma_delimited_list``.", "keyword": "MUST" }, { "id": "R-100090", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is\ndefined as a ``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST" }, { "id": "R-100110", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", "keyword": "MUST" }, { "id": "R-100130", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address to an\ninternal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a\n``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST" }, { "id": "R-100150", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address to an\ninternal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_environment_file_parameters", "test_case": "test_contrail_internal_instance_ip_does_exist_in_environment_file", "result": "PASS", "error": "", "requirements": [ { "id": "R-100100", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n``{vm-type}_int_{network-role}_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST" }, { "id": "R-100120", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n``{vm-type}_int_{network-role}_int_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST" }, { "id": "R-100140", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n``{vm-type}_int_{network-role}_v6_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST" }, { "id": "R-100160", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_v6_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST" }, { "id": "R-100180", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp``\nproperty ``instance_ip_address``\nparameter associated with an internal network, i.e.,\n\n * ``{vm-type}_int_{network-role}_ip_{index}``\n * ``{vm-type}_int_{network-role}_v6_ip_{index}``\n * ``{vm-type}_int_{network-role}_ips``\n * ``{vm-type}_int_{network-role}_v6_ips``\n\n\n**MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and IP addresses **MUST** be\nassigned.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_instance_ip_parameters", "test_case": "test_contrail_internal_instance_subnet_id_parameter", "result": "PASS", "error": "", "requirements": [ { "id": "R-100190", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::ContrailV2::InstanceIp`` property ``subnet_uuid``\nparameter\n**MUST** be declared type ``string``.", "keyword": "MUST" }, { "id": "R-100240", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::ContrailV2::InstanceIp`` in an Incremental Module is\n assigning an IP address\n to an internal network (per the ONAP definition, see\n Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv4 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv4 subnet is to be specified\n using the property ``subnet_uuid``,\n\nthe parameter **MUST** follow the naming convention\n\n * ``int_{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the internal network\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST" }, { "id": "R-100260", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::ContrailV2::InstanceIp`` in an Incremental Module is\n attaching\n to an internal network (per the ONAP definition,\n see Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv6 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv6 subnet is to be specified\n using the property ``subnet_uuid``,\n\nthe parameter **MUST** follow the naming convention\n``int_{network-role}_v6_subnet_id``,\nwhere ``{network-role}`` is the network role of the internal network.\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_allowed_address_pairs_include_vm_type_network_role", "test_case": "test_contrail_internal_vmi_aap_parameter", "result": "PASS", "error": "", "requirements": [ { "id": "R-100360", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` is attaching to an\ninternal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 Virtual IP (VIP)\naddress is assigned using the map property,\n``virtual_machine_interface_allowed_address_pairs,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n, the parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file.\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", "keyword": "MUST" }, { "id": "R-100370", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` is attaching to an\ninternal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 Virtual IP (VIP)\naddress is assigned\nusing the map property,\n``virtual_machine_interface_allowed_address_pairs,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n, the parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_irt_routes", "test_case": "test_contrail_irt_route_param_format", "result": "SKIP", "error": "", "requirements": [ { "id": "R-28222", "text": "If a VNF's Heat Orchestration Template\n``OS::ContrailV2::InterfaceRouteTable`` resource\n``interface_route_table_routes`` property\n``interface_route_table_routes_route`` map property parameter name\n**MUST** follow the format\n\n* ``{vm-type}_{network-role}_route_prefixes``", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_irt_routes", "test_case": "test_contrail_irt_route_param_type", "result": "SKIP", "error": "", "requirements": [ { "id": "R-19756", "text": "If a VNF's Heat Orchestration Template\n``OS::ContrailV2::InterfaceRouteTable`` resource\n``interface_route_table_routes`` property\n``interface_route_table_routes_route`` map property parameter\n``{vm-type}_{network-role}_route_prefixes``\n**MUST** be defined as type ``json``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_resource_id", "test_case": "test_contrail_networkipam_resource_id", "result": "SKIP", "error": "", "requirements": [ { "id": "R-30753", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::NetworkIpam``\nResource ID\n**MUST**\ncontain the ``{network-role}``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_resource_id", "test_case": "test_contrail_porttuple_resource_id", "result": "SKIP", "error": "", "requirements": [ { "id": "R-20065", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::PortTuple``\nResource ID **MUST** contain the ``{vm-type}``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_resource_id", "test_case": "test_contrail_servicehealthcheck_resource_id", "result": "SKIP", "error": "", "requirements": [ { "id": "R-76014", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::ServiceHealthCheck``\nResource ID\n**MUST**\ncontain the ``{vm-type}``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_resource_id", "test_case": "test_contrail_servicetemplate_resource_id", "result": "SKIP", "error": "", "requirements": [ { "id": "R-16437", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::ServiceTemplate``\nResource ID **MUST** contain the ``{vm-type}``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_heat_parameter_section", "test_case": "test_default_values", "result": "PASS", "error": "", "requirements": [ { "id": "R-90526", "text": "A VNF Heat Orchestration Template parameter declaration **MUST NOT**\ncontain the ``default`` attribute.", "keyword": "MUST" } ] }, { "files": [ "../vvp/template" ], "test_module": "test_volume_module_naming", "test_case": "test_detected_volume_module_follows_naming_convention", "result": "PASS", "error": "", "requirements": [ { "id": "R-589037", "text": "A VNF Heat Orchestration Template's Cinder Volume Module ``resources:``\nsection\n**MUST** only be defined using one of the following:\n\n* one of more ``OS::Cinder::Volume`` resources\n* one or more ``OS::Heat::ResourceGroup`` resources that call a nested YAML\n file that contains only ``OS::Cinder::Volume`` resources\n* a resource that calls a nested YAML file (static nesting) that contains\n only ``OS::Cinder::Volume`` resources", "keyword": "MUST" } ] }, { "files": [ "../vvp/template" ], "test_module": "test_env_and_yaml_same_name", "test_case": "test_env_and_yaml_same_name", "result": "PASS", "error": "", "requirements": [ { "id": "R-38474", "text": "A VNF's Base Module **MUST** have a corresponding Environment File.", "keyword": "MUST" }, { "id": "R-81725", "text": "A VNF's Incremental Module **MUST** have a corresponding Environment File", "keyword": "MUST" }, { "id": "R-53433", "text": "A VNF's Cinder Volume Module **MUST** have a corresponding environment file", "keyword": "MUST" } ] }, { "files": [ "../vvp/env_files0" ], "test_module": "test_env_no_resource_registry", "test_case": "test_env_no_resource_registry", "result": "PASS", "error": "", "requirements": [ { "id": "R-67231", "text": "A VNF's Heat Orchestration template's Environment File's\n**MUST NOT** contain the ``resource_registry:`` section.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_env_parameters_defined_in_template", "test_case": "test_env_params_are_defined_in_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-599443", "text": "A parameter enumerated in a\nVNF's Heat Orchestration Template's environment file **MUST** be declared\nin the\ncorresponding VNF's Heat Orchestration Template's YAML file's\n``parameters:`` section.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nova_servers_environment_context", "test_case": "test_environment_context", "result": "PASS", "error": "", "requirements": [ { "id": "R-20308", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``environment_context``\nparameter **MUST** be declared as ``environment_context`` and the\nparameter type **MUST** be defined as type: ``string``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_required_parameters_no_constraints", "test_case": "test_environment_context_parameter_has_no_constraints", "result": "SKIP", "error": "", "requirements": [ { "id": "R-56183", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata``key/value pair ``environment_context``\nparameter ``environment_context`` **MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.env" ], "test_module": "test_environment_file_structure", "test_case": "test_environment_file_contains_required_sections", "result": "PASS", "error": "", "requirements": [ { "id": "R-03324", "text": "A VNF's Heat Orchestration template's Environment File **MUST**\ncontain the ``parameters:`` section.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_allowed_address_pairs_include_vm_type_network_role", "test_case": "test_external_aap_format", "result": "PASS", "error": "", "requirements": [ { "id": "R-41492", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::Neutron::Port`` is attaching to an external network\n(per the ONAP definition, see Requirement R-57424),\nand the IPv4 VIP is required to be supported by the ONAP data model,\nthe property ``allowed_address_pairs`` map property ``ip_address``\nparameter name **MUST** follow the naming convention\n\n* ``{vm-type}_{network-role}_floating_ip``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n\nAnd the parameter **MUST** be declared as type ``string``.\n\nAs noted in the introduction to this section, the ONAP data model\ncan only support one IPv4 VIP address.", "keyword": "MUST" }, { "id": "R-35735", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::Neutron::Port`` is attaching to an external network\n(per the ONAP definition, see Requirement R-57424),\nand the IPv6 VIP is required to be supported by the ONAP data model,\nthe property ``allowed_address_pairs`` map property ``ip_address``\nparameter name **MUST** follow the naming convention\n\n* ``{vm-type}_{network-role}_floating_v6_ip``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n\nAnd the parameter **MUST** be declared as type ``string``.\n\nAs noted in the introduction to this section, the ONAP data model\ncan only support one IPv6 VIP address.", "keyword": "MUST" }, { "id": "R-41493", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::Neutron::Port`` is attaching to an external network\n(per the ONAP definition, see Requirement R-57424),\nand the IPv4 VIP address and/or IPv6 VIP address\nis **not** supported by the ONAP data model,\nthe property ``allowed_address_pairs`` map property ``ip_address``\n\n* Parameter name **MAY** use any naming convention. That is, there is no\n ONAP mandatory parameter naming convention.\n* Parameter **MAY** be declared as type ``string`` or type\n``comma_delimited_list``.\n\nAnd the ``OS::Neutron::Port`` resource **MUST** contain\nresource-level ``metadata`` (not property-level).\n\nAnd the ``metadata`` format **MUST** must contain the\nkey value ``aap_exempt`` with a list of all\n``allowed_address_pairs`` map property ``ip_address`` parameters\n**not** supported by the ONAP data model.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_allowed_address_pairs_include_vm_type_network_role", "test_case": "test_external_aap_format_contrail", "result": "PASS", "error": "", "requirements": [ { "id": "R-100280", "text": "If a VNF's Heat Orchestration Template's resource\n``OS::ContrailV2::VirtualMachineInterface``\nis attaching to an external network (per the\nONAP definition, see Requirement R-57424), the\nmap property\n\n``virtual_machine_interface_allowed_address_pairs``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n\nparameter\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT" }, { "id": "R-100310", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::ContrailV2::VirtualMachineInterface`` is attaching to an external\nnetwork (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 Virtual IP (VIP)\nis required to be supported by the ONAP data model,\nthe map property\n\n``virtual_machine_interface_allowed_address_pairs``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n\nparameter name **MUST** follow the naming convention\n\n* ``{vm-type}_{network-role}_floating_ip``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n\nAnd the parameter **MUST** be declared as type ``string``.\n\nThe ONAP data model can only support one IPv4 VIP address.", "keyword": "MUST" }, { "id": "R-100330", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::ContrailV2::VirtualMachineInterface`` is attaching to an external\nnetwork (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 Virtual IP (VIP)\nis required to be supported by the ONAP data model,\nthe map property\n\n``virtual_machine_interface_allowed_address_pairs``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n\nparameter name **MUST** follow the naming convention\n\n* ``{vm-type}_{network-role}_floating_v6_ip``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n\nAnd the parameter **MUST** be declared as type ``string``.\n\nThe ONAP data model can only support one IPv6 VIP address.", "keyword": "MUST" }, { "id": "R-100350", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::ContrailV2::VirtualMachineInterface`` is attaching to an\nexternal network\n(per the ONAP definition, see Requirement R-57424),\nand the IPv4 VIP address and/or IPv6 VIP address\nis **not** supported by the ONAP data model,\nthe map property\n\n``virtual_machine_interface_allowed_address_pairs``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n\n* Parameter name **MAY** use any naming convention. That is, there is no\n ONAP mandatory parameter naming convention.\n* Parameter **MAY** be declared as type ``string`` or type\n``comma_delimited_list``.\n\nAnd the ``OS::ContrailV2::VirtualMachineInterface`` resource\n**MUST** contain resource-level ``metadata`` (not property-level).\n\nAnd the ``metadata`` format **MUST** must contain the\nkey value ``aap_exempt`` with a list of all map property\n\n``virtual_machine_interface_allowed_address_pairs``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n\nparameters **not** supported by the ONAP data model.", "keyword": "MUST NOT" }, { "id": "R-41493", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::Neutron::Port`` is attaching to an external network\n(per the ONAP definition, see Requirement R-57424),\nand the IPv4 VIP address and/or IPv6 VIP address\nis **not** supported by the ONAP data model,\nthe property ``allowed_address_pairs`` map property ``ip_address``\n\n* Parameter name **MAY** use any naming convention. That is, there is no\n ONAP mandatory parameter naming convention.\n* Parameter **MAY** be declared as type ``string`` or type\n``comma_delimited_list``.\n\nAnd the ``OS::Neutron::Port`` resource **MUST** contain\nresource-level ``metadata`` (not property-level).\n\nAnd the ``metadata`` format **MUST** must contain the\nkey value ``aap_exempt`` with a list of all\n``allowed_address_pairs`` map property ``ip_address`` parameters\n**not** supported by the ONAP data model.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_fixed_ips_include_vm_type_network_role", "test_case": "test_external_fip_format", "result": "PASS", "error": "", "requirements": [ { "id": "R-40971", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST" }, { "id": "R-35735", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::Neutron::Port`` is attaching to an external network\n(per the ONAP definition, see Requirement R-57424),\nand the IPv6 VIP is required to be supported by the ONAP data model,\nthe property ``allowed_address_pairs`` map property ``ip_address``\nparameter name **MUST** follow the naming convention\n\n* ``{vm-type}_{network-role}_floating_v6_ip``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n\nAnd the parameter **MUST** be declared as type ``string``.\n\nAs noted in the introduction to this section, the ONAP data model\ncan only support one IPv6 VIP address.", "keyword": "MUST" }, { "id": "R-23503", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network", "keyword": "MUST" }, { "id": "R-71577", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST" }, { "id": "R-04697", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_ips``\n\n where\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the external\n network", "keyword": "MUST" }, { "id": "R-34037", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n**MUST** be declared as either type ``string`` or type\n``comma_delimited_list``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_neutron_port_network_attachment", "test_case": "test_external_network_parameter", "result": "PASS", "error": "", "requirements": [ { "id": "R-62983", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424), the\n``network`` parameter name **MUST**\n\n * follow the naming convention ``{network-role}_net_id`` if the Neutron\n network UUID value is used to reference the network\n * follow the naming convention ``{network-role}_net_name`` if the\n OpenStack network name is used to reference the network.\n\nwhere ``{network-role}`` is the network-role of the external network\nand a ``get_param`` **MUST** be used as the intrinsic function.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_neutron_port_fixed_ips_subnet", "test_case": "test_external_subnet_format", "result": "PASS", "error": "", "requirements": [ { "id": "R-38236", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n**MUST** be declared type ``string``.", "keyword": "MUST" }, { "id": "R-62802", "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` is attaching\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv4 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv4 subnet is to be specified\nusing the property ``fixed_ips``\nmap property ``subnet``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", "keyword": "MUST" }, { "id": "R-15287", "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` is attaching\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv6 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv6 subnet is to be specified\nusing the property ``fixed_ips``\nmap property ``subnet``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_v6_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_filename_is_vmtype_dot_yaml", "test_case": "test_filename_is_vmtype_dot_yaml", "result": "PASS", "error": "", "requirements": [ { "id": "R-70276", "text": "A VNF HEAT's Orchestration Nested Template's YAML file name **MUST NOT**\nbe in the format ``{vm-type}.y[a]ml`` where ``{vm-type}`` is defined\nin the Heat Orchestration Template.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/template" ], "test_module": "test_files_in_flat_dir", "test_case": "test_files_in_flat_dir", "result": "PASS", "error": "", "requirements": [ { "id": "R-511776", "text": "When a VNF's Heat Orchestration Template is ready\nto be on-boarded to ONAP,\nall files composing the VNF Heat Orchestration Template\n**MUST** be placed in a flat (i.e., non-hierarchical) directory and\narchived using ZIP. The resulting ZIP file is uploaded into ONAP.", "keyword": "MUST" }, { "id": "R-99646", "text": "A VNF's YAML files (i.e, Heat Orchestration Template files and\nNested files) **MUST** have a unique name in the scope of the VNF.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_heat_pairs_provided", "test_case": "test_heat_pairs_provided", "result": "PASS", "error": "", "requirements": [ { "id": "R-86285", "text": "A VNF's Heat Orchestration template **MUST** have a\ncorresponding environment file.", "keyword": "MUST" }, { "id": "R-38474", "text": "A VNF's Base Module **MUST** have a corresponding Environment File.", "keyword": "MUST" }, { "id": "R-81725", "text": "A VNF's Incremental Module **MUST** have a corresponding Environment File", "keyword": "MUST" }, { "id": "R-53433", "text": "A VNF's Cinder Volume Module **MUST** have a corresponding environment file", "keyword": "MUST" }, { "id": "R-56438", "text": "A VNF's Heat Orchestration Template's Nested YAML file extension **MUST**\nbe in the lower case format ``.yaml`` or ``.yml``.", "keyword": "MUST" }, { "id": "R-74304", "text": "A VNF's Heat Orchestration Template's Environment file extension **MUST**\nbe in the lower case format ``.env``.", "keyword": "MUST" }, { "id": "R-91342", "text": "A VNF Heat Orchestration Template's Base Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nBase Module with ``.y[a]ml`` replaced with ``.env``.", "keyword": "MUST" }, { "id": "R-94509", "text": "A VNF Heat Orchestration Template's Incremental Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nIncremental Module with ``.y[a]ml`` replaced with ``.env``.", "keyword": "MUST" }, { "id": "R-31141", "text": "VNF Heat Orchestration Template's Cinder Volume Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nCinder Volume Module with ``.y[a]ml`` replaced with ``.env``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_environment_file_parameters", "test_case": "test_heat_rg_count_parameter_exists_in_environment_file", "result": "PASS", "error": "", "requirements": [ { "id": "R-50011", "text": "A VNF's Heat Orchestration Template's ``OS::Heat::ResourceGroup``\nproperty ``count`` **MUST** be enumerated in the VNF's\nHeat Orchestration Template's Environment File and **MUST** be\nassigned a value.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_heat_template_parameters_contain_required_fields", "test_case": "test_heat_template_parameters_contain_required_fields", "result": "PASS", "error": "", "requirements": [ { "id": "R-36772", "text": "A VNF's Heat Orchestration Template's parameter **MUST** include the\nattribute ``type:``.", "keyword": "MUST" }, { "id": "R-44001", "text": "A VNF's Heat Orchestration Template parameter declaration **MUST**\ncontain the attribute ``description``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_heat_template_structure", "test_case": "test_heat_template_structure_contains_description", "result": "PASS", "error": "", "requirements": [ { "id": "R-39402", "text": "A VNF's Heat Orchestration Template **MUST** contain the\nsection ``description:``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_heat_template_structure", "test_case": "test_heat_template_structure_contains_heat_template_version", "result": "PASS", "error": "", "requirements": [ { "id": "R-27078", "text": "A VNF's Heat Orchestration template **MUST** contain the\nsection ``heat_template_version:``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_heat_template_structure", "test_case": "test_heat_template_structure_contains_parameters", "result": "PASS", "error": "", "requirements": [ { "id": "R-35414", "text": "A VNF Heat Orchestration's template **MUST** contain the\nsection ``parameters:``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_heat_template_structure", "test_case": "test_heat_template_structure_contains_resources", "result": "PASS", "error": "", "requirements": [ { "id": "R-23664", "text": "A VNF's Heat Orchestration template **MUST**\ncontain the section ``resources:``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_iip_instance_ip_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_iip_subnet_uuid_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_incremental_module", "test_case": "test_incremental_module_has_server", "result": "PASS", "error": "", "requirements": [ { "id": "R-610030", "text": "A VNF's Heat Orchestration Template's Incremental Module **MUST**\ndeclare one or more ``OS::Nova::Server`` resources. A ``OS::Nova::Server``\n**MAY** be created in the incremental module or a nested yaml file invoked\nby the incremental module.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_resource_indices", "test_case": "test_indices_start_at_0_increment", "result": "PASS", "error": "", "requirements": [ { "id": "R-11690", "text": "When a VNF's Heat Orchestration Template's Resource ID contains an\n``{index}``, the ``{index}`` is a numeric value that **MUST** start at\nzero and **MUST** increment by one.\n\nAs stated in R-16447,\n*a VNF's MUST be unique across all Heat\nOrchestration Templates and all HEAT Orchestration Template\nNested YAML files that are used to create the VNF*. While the ``{index}``\nwill start at zero in the VNF, the ``{index}`` may not start at zero\nin a given Heat Orchestration Template or HEAT Orchestration Template\nNested YAML file.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_allowed_address_pairs_include_vm_type_network_role", "test_case": "test_internal_aap_format", "result": "PASS", "error": "", "requirements": [ { "id": "R-717227", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 Virtual IP (VIP)\naddress is assigned using the property ``allowed_address_pairs``\nmap property ``ip_address``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file.\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", "keyword": "MUST" }, { "id": "R-805572", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 Virtual IP (VIP)\naddress is assigned\nusing the property ``allowed_address_pairs``\nmap property ``ip_address``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_fixed_ips_include_vm_type_network_role", "test_case": "test_internal_fip_format", "result": "PASS", "error": "", "requirements": [ { "id": "R-27818", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST" }, { "id": "R-29765", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", "keyword": "MUST" }, { "id": "R-85235", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", "keyword": "MUST" }, { "id": "R-78380", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is\ndefined as a ``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST" }, { "id": "R-34037", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n**MUST** be declared as either type ``string`` or type\n``comma_delimited_list``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_neutron_port_network_attachment", "test_case": "test_internal_network_parameters", "result": "PASS", "error": "", "requirements": [ { "id": "R-86182", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port``\nis in an incremental module and\nis attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nthe ``network`` parameter name **MUST**\n\n * follow the naming convention ``int_{network-role}_net_id`` if the\n network UUID value is used to reference the network\n * follow the naming convention ``int_{network-role}_net_name`` if the\n network name in is used to reference the network.\n\nwhere ``{network-role}`` is the network-role of the internal network and\na ``get_param`` **MUST** be used as the intrinsic function.", "keyword": "MUST" }, { "id": "R-22688", "text": "When a VNF's Heat Orchestration Template creates an internal network\n(per the ONAP definition, see Requirements R-52425 and R-46461\nand R-35666) and the internal network needs to be shared between modules\nwithin a VNF, the internal network **MUST** be created either in the\n\n* the base module\n* a nested YAML file invoked by the base module\n\nand the base module **MUST** contain an output parameter that provides\neither the network UUID or network name.\n\n* If the network UUID value is used to reference the network, the output\n parameter name in the base module **MUST** follow the naming convention\n ``int_{network-role}_net_id``\n* If the network name in is used to reference the network, the output\n parameter name in the base template **MUST** follow the naming convention\n ``int_{network-role}_net_name``\n\n``{network-role}`` **MUST** be the network-role of the internal network\ncreated in the Base Module.\n\nThe Base Module Output Parameter MUST be declared in the ``parameters:``\nsection of the Incremental Module(s) where the ``OS::Neutron::Port``\nresource(s) is attaching to the internal network.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_neutron_port_fixed_ips_subnet", "test_case": "test_internal_subnet_format", "result": "PASS", "error": "", "requirements": [ { "id": "R-38236", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n**MUST** be declared type ``string``.", "keyword": "MUST" }, { "id": "R-84123", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see\n Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv4 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv4 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n\n * ``int_{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the internal network\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST" }, { "id": "R-76160", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see Requirements\n R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv6 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv6 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n``int_{network-role}_v6_subnet_id``,\nwhere ``{network-role}`` is the network role of the internal network.\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_ip_parameters_start_at_0", "test_case": "test_ips_start_at_0", "result": "PASS", "error": "", "requirements": [ { "id": "R-71577", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST" }, { "id": "R-40971", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_multipart_mime_resource_id", "test_case": "test_multipart_mime", "result": "SKIP", "error": "", "requirements": [ { "id": "R-30804", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::Heat::MultipartMime``\nResource ID\n**MUST**\ncontain the ``{vm-type}``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameter_args", "test_case": "test_nested_parameter_args", "result": "PASS", "error": "", "requirements": [ { "id": "R-10834", "text": "A VNF's Heat Orchestration Template resource attribute ``property:``\n**MUST NOT** use more than two levels of nested ``get_param`` intrinsic\nfunctions when deriving a property value. SDC does not support nested\n``get_param`` with recursive lists (i.e., a list inside list).\nThe second ``get_param`` in a nested lookup must directly derive its value\nwithout further calls to ``get_param`` functions.\n\n* Example of valid nesting:\n\n * ``name: {get_param: [ {vm-type}_names, {get_param : index } ] }``\n\n* Examples of invalid nesting. SDC will not support these examples since\n there is an array inside array.\n\n * ``name: {get_param: [ {vm-type}_names, { get_param: [ indexlist, 0 ] } ] }``\n * ``name: {get_param: [ {vm-type}_names, { get_param: [ indexlist1, { get_param: indexlist2 } ] } ] }``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_template_parameters", "test_case": "test_nested_template_parameters", "result": "SKIP", "error": "", "requirements": [ { "id": "R-11041", "text": "All parameters defined in a VNFs Nested YAML file\n**MUST** be passed in as properties of the resource calling\nthe nested yaml file.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nesting_level", "test_case": "test_nesting_level", "result": "PASS", "error": "", "requirements": [ { "id": "R-60011", "text": "A VNF's Heat Orchestration Template **MUST** have no more than two\nlevels of nesting.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nesting_nova_server", "test_case": "test_nesting_nova_server", "result": "PASS", "error": "", "requirements": [ { "id": "R-17528", "text": "A VNF's Heat Orchestration Template's first level Nested YAML file\n**MUST NOT** contain more than one ``OS::Nova::Server`` resource.\nA VNF's Heat Orchestration Template's second level Nested YAML file\n**MUST NOT** contain an ``OS::Nova::Server`` resource.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_network_format", "test_case": "test_network_has_subnet", "result": "PASS", "error": "", "requirements": [ { "id": "R-16241", "text": "A VNF's internal network **MUST** have one subnet.\nA VNF's internal network **MAY** have more than one subnet.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_network_format", "test_case": "test_network_resource_id_format", "result": "PASS", "error": "", "requirements": [ { "id": "R-16968", "text": "A VNF's Heat Orchestration Templates **MUST NOT** include heat\nresources to create external networks.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_internal_networks", "test_case": "test_networks_exist_for_internal_network_params", "result": "PASS", "error": "", "requirements": [ { "id": "R-35666", "text": "If a VNF has an internal network, the VNF Heat Orchestration Template\n**MUST** include the heat resources to create the internal network.\n\nA VNF's Internal Network is created using Neutron Heat Resources\n(i.e., ``OS::Neutron::Net``, ``OS::Neutron::Subnet``) and/or\nContrail Heat Resources (i.e., ``OS::ContrailV2::VirtualNetwork``,\n``ContrailV2::NetworkIpam``).", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_forbidden_resources", "test_case": "test_neutron_floating_ip_association_resource_type", "result": "PASS", "error": "", "requirements": [ { "id": "R-76449", "text": "A VNF's Heat Orchestration Template's **MUST NOT**\ncontain the Resource ``OS::Neutron::FloatingIPAssociation``.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_forbidden_resources", "test_case": "test_neutron_floating_ip_resource_type", "result": "PASS", "error": "", "requirements": [ { "id": "R-05257", "text": "A VNF's Heat Orchestration Template's **MUST NOT**\ncontain the Resource ``OS::Neutron::FloatingIP``.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_contrail_vn_resource_id", "test_case": "test_neutron_net_resource_id", "result": "SKIP", "error": "", "requirements": [ { "id": "R-99110", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualNetwork`` Resource ID **MUST** use the naming\nconvention\n\n* ``int_{network-role}_network``\n\nVNF Heat Orchestration Templates can only create internal networks.\nThere is no ``{index}`` after ``{network-role}`` because ``{network-role}``\n**MUST** be unique in the scope of the VNF's\nHeat Orchestration Template.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_neutron_net_resource_id", "test_case": "test_neutron_net_resource_id", "result": "SKIP", "error": "", "requirements": [ { "id": "R-25720", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Net``\nResource ID **MUST** use the naming convention\n\n* ``int_{network-role}_network``\n\nVNF Heat Orchestration Templates can only create internal networks.\nThere is no ``{index}`` after ``{network-role}`` because ``{network-role}``\n**MUST** be unique in the scope of the VNF's\nHeat Orchestration Template.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_neutron_port_fixed_ips_subnet", "test_case": "test_neutron_port_internal_fixed_ips_subnet_in_base", "result": "PASS", "error": "", "requirements": [ { "id": "R-84123", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see\n Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv4 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv4 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n\n * ``int_{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the internal network\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST" }, { "id": "R-76160", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see Requirements\n R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv6 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv6 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n``int_{network-role}_v6_subnet_id``,\nwhere ``{network-role}`` is the network role of the internal network.\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_environment_file_parameters", "test_case": "test_neutron_port_internal_fixedips_ipaddress_parameter_exists_in_environment_file", "result": "PASS", "error": "", "requirements": [ { "id": "R-28795", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST" }, { "id": "R-97201", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_v6_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST" }, { "id": "R-93496", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``fixed_ips``\nmap property ``ip_address``\nparameter associated with an internal network, i.e.,\n\n * ``{vm-type}_int_{network-role}_ip_{index}``\n * ``{vm-type}_int_{network-role}_v6_ip_{index}``\n * ``{vm-type}_int_{network-role}_ips``\n * ``{vm-type}_int_{network-role}_v6_ips``\n\n\n**MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and IP addresses **MUST** be\nassigned.", "keyword": "MUST" }, { "id": "R-90206", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_int_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST" }, { "id": "R-98569", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_v6_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST" }, { "id": "R-93496", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``fixed_ips``\nmap property ``ip_address``\nparameter associated with an internal network, i.e.,\n\n * ``{vm-type}_int_{network-role}_ip_{index}``\n * ``{vm-type}_int_{network-role}_v6_ip_{index}``\n * ``{vm-type}_int_{network-role}_ips``\n * ``{vm-type}_int_{network-role}_v6_ips``\n\n\n**MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and IP addresses **MUST** be\nassigned.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_neutron_port_network_parameter", "test_case": "test_neutron_port_network_param_is_string", "result": "PASS", "error": "", "requirements": [ { "id": "R-18008", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``network`` parameter **MUST** be declared as type: ``string``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_no_http_resources", "test_case": "test_no_http_resources", "result": "PASS", "error": "", "requirements": [ { "id": "R-71699", "text": "A VNF's Heat Orchestration Template's Resource\n**MUST NOT** reference a HTTP-based Nested YAML file.", "keyword": "MUST NOT" }, { "id": "R-53952", "text": "A VNF's Heat Orchestration Template's Resource\n**MUST NOT** reference a HTTP-based resource definitions.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/template" ], "test_module": "test_no_image_files", "test_case": "test_no_image_files_included", "result": "PASS", "error": "", "requirements": [ { "id": "R-348813", "text": "The VNF's Heat Orchestration Template's ZIP file **MUST NOT** include\na binary image file.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_non_server_name", "test_case": "test_non_server_name", "result": "PASS", "error": "", "requirements": [ { "id": "R-85734", "text": "If a VNF's Heat Orchestration Template contains the property ``name``\nfor a non ``OS::Nova::Server`` resource, the intrinsic function\n``str_replace`` **MUST** be used in conjunction with the ONAP\nsupplied metadata parameter ``vnf_name`` to generate a unique value.\nAdditional data **MAY** be used in the ``str_replace`` construct\nto generate a unique value.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_non_server_name", "test_case": "test_non_server_name_unique", "result": "PASS", "error": "", "requirements": [ { "id": "R-85734", "text": "If a VNF's Heat Orchestration Template contains the property ``name``\nfor a non ``OS::Nova::Server`` resource, the intrinsic function\n``str_replace`` **MUST** be used in conjunction with the ONAP\nsupplied metadata parameter ``vnf_name`` to generate a unique value.\nAdditional data **MAY** be used in the ``str_replace`` construct\nto generate a unique value.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nova_servers_vm_types", "test_case": "test_nova_server_flavor_parameter", "result": "PASS", "error": "", "requirements": [ { "id": "R-50436", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``flavor`` parameter **MUST** be declared as type: ``string``.", "keyword": "MUST" }, { "id": "R-45188", "text": "The VNF's Heat Orchestration Template's Resource 'OS::Nova::Server' property\n``flavor`` parameter name **MUST** follow the naming convention\n``{vm-type}_flavor_name``.", "keyword": "MUST" }, { "id": "R-40499", "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``flavor`` even if more than one ``{vm-type}`` shares the same flavor.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_environment_file_parameters", "test_case": "test_nova_server_flavor_parameter_exists_in_environment_file", "result": "PASS", "error": "", "requirements": [ { "id": "R-69431", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``flavor`` parameter **MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and a value **MUST** be assigned.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nova_servers_vm_types", "test_case": "test_nova_server_image_parameter", "result": "PASS", "error": "", "requirements": [ { "id": "R-71152", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter **MUST** be declared as type: ``string``.", "keyword": "MUST" }, { "id": "R-57282", "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``image`` even if more than one ``{vm-type}`` shares the same image.", "keyword": "MUST" }, { "id": "R-58670", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter name **MUST** follow the naming convention\n``{vm-type}_image_name``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_environment_file_parameters", "test_case": "test_nova_server_image_parameter_exists_in_environment_file", "result": "PASS", "error": "", "requirements": [ { "id": "R-91125", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter **MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and a value **MUST** be assigned.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nova_servers_vm_types", "test_case": "test_nova_server_name_parameter", "result": "PASS", "error": "", "requirements": [ { "id": "R-51430", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``name`` parameter **MUST** be declared as either type ``string``\nor type ``comma_delimited_list``.", "keyword": "MUST" }, { "id": "R-54171", "text": "When the VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` parameter is defined as a ``string``,\nthe parameter name **MUST** follow the naming convention\n\n* ``{vm-type}_name_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at\nzero in a VNF's Heat Orchestration Template and **MUST** increment by one.", "keyword": "MUST" }, { "id": "R-87817", "text": "When the VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` parameter is defined as a ``comma_delimited_list``,\nthe parameter name **MUST** follow the naming convention\n``{vm-type}_names``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nova_server_name_parameters_start_at_0", "test_case": "test_nova_server_name_parameter_starts_at", "result": "PASS", "error": "", "requirements": [ { "id": "R-54171", "text": "When the VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` parameter is defined as a ``string``,\nthe parameter name **MUST** follow the naming convention\n\n* ``{vm-type}_name_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at\nzero in a VNF's Heat Orchestration Template and **MUST** increment by one.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nova_server_resource_id", "test_case": "test_nova_server_resource_id", "result": "PASS", "error": "", "requirements": [ { "id": "R-29751", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nResource ID\n**MUST** use the naming convention\n\n* ``{vm-type}_server_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{index}`` is the index.\n The ``{index}`` **MUST** starts at zero and increment by one\n as described in R-11690.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nova_servers_resource_ids", "test_case": "test_nova_servers_valid_resource_ids", "result": "PASS", "error": "", "requirements": [ { "id": "R-40499", "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``flavor`` even if more than one ``{vm-type}`` shares the same flavor.", "keyword": "MUST" }, { "id": "R-57282", "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``image`` even if more than one ``{vm-type}`` shares the same image.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_oam_address_outputs", "test_case": "test_oam_address_v4_zero_or_one", "result": "PASS", "error": "", "requirements": [ { "id": "R-18683", "text": "If a VNF has one IPv4 OAM Management IP Address and the\nIP Address needs to be inventoried in ONAP's A&AI\ndatabase, an output parameter **MUST** be declared in only one of the\nVNF's Heat Orchestration Templates and the parameter **MUST** be named\n``oam_management_v4_address``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_oam_address_outputs", "test_case": "test_oam_address_v6_zero_or_one", "result": "PASS", "error": "", "requirements": [ { "id": "R-94669", "text": "If a VNF has one IPv6 OAM Management IP Address and the\nIP Address needs to be inventoried in ONAP's A&AI\ndatabase, an output parameter **MUST** be declared in only one of the\nVNF's Heat Orchestration Templates and the parameter **MUST** be named\n``oam_management_v6_address``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_heat_parameter_section", "test_case": "test_parameter_names", "result": "PASS", "error": "", "requirements": [ { "id": "R-25877", "text": "A VNF's Heat Orchestration Template's parameter name\n(i.e., ) **MUST** contain only alphanumeric\ncharacters and underscores ('_').", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_heat_template_structure", "test_case": "test_parameter_type", "result": "PASS", "error": "", "requirements": [ { "id": "R-11441", "text": "A VNF's Heat Orchestration Template's parameter type **MUST** be one of\nthe following values:\n\n* ``string``\n* ``number``\n* ``json``\n* ``comma_delimited_list``\n* ``boolean``", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_port_aap_ip_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_port_connected_to_multiple_servers", "test_case": "test_port_connected_to_multiple_servers", "result": "PASS", "error": "", "requirements": [ { "id": "R-92635", "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_port_fip_ip_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_port_fip_subnet_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_port_network_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_port_resource_ids", "test_case": "test_port_resource_ids", "result": "PASS", "error": "", "requirements": [ { "id": "R-20453", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is attaching to an external network Resource ID\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_port_{port-index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{port_index}`` references the instance of the port on the ``{vm-type}``\n attached to ``{network-role}`` network. The\n ``{port_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new port is defined on the instance of the ``{vm-type}`` attached to\n ``{network-role}`` network.", "keyword": "MUST" }, { "id": "R-26351", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is attaching to an internal network Resource ID **MUST**\nuse the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_port_{port-index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{port_index}`` references the instance of the port on the ``{vm-type}``\n attached to ``{network-role}`` network. The\n ``{port_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new port is defined on the instance of the ``{vm-type}`` attached to\n ``{network-role}`` network.", "keyword": "MUST" }, { "id": "R-26506", "text": "A VNF's Heat Orchestration Template's ``{network-role}`` **MUST** contain\nonly alphanumeric characters and/or underscores '_' and\n\n* **MUST NOT** contain any of the following strings: ``_int`` or ``int_``\n or ``_int_``\n* **MUST NOT** end in the string: ``_v6``\n* **MUST NOT** contain the strings ``_#_``, where ``#`` is a number\n* **MUST NOT** end in the string: ``_#``, where ``#`` is a number", "keyword": "MUST NOT" }, { "id": "R-681859", "text": "A VNF's Heat Orchestration Template's ``OS::Neutron::Port`` resource's\n\n* Resource ID (defined in R-20453)\n* property ``network`` parameter name (defined in R-62983 and\n R-86182)\n* property ``fixed_ips``, map property ``ip_address`` parameter name\n (defined in R-40971, R-04697, R-71577, R-23503, R-78380, R-85235,\n R-27818, and R-29765)\n* property ``fixed_ips``, map property ``subnet`` parameter name\n (defined in R-62802, R-15287, R-84123, R-76160)\n* property ``allowed_address_pairs`` parameter name (defined in\n R-41492 and R-83418)\n\n**MUST** contain the identical ``{network-role}``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_server_and_port_vm_indices_match", "test_case": "test_server_and_port_vmtype_indices_match", "result": "PASS", "error": "", "requirements": [ { "id": "R-304011", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource's\n\n* Resource ID (defined in R-29751)\n* property ``image`` parameter name (defined in R-58670)\n* property ``flavor`` parameter name (defined in R-45188)\n* property ``name`` parameter name (defined in R-54171 & R-87817)\n* property ``networks`` map property ``port`` value which is a\n ``OS::Neutron::Port`` Resource ID (defined in R-20453)\n referenced using the intrinsic function ``get_attr``\n\n**MUST** contain the identical ``{vm-type}``\nand **MUST** follow the naming conventions defined\nin R-58670, R-45188, R-54171, R-87817, and R-29751. And the ``{index}`` in\nthe ``OS::Nova::Server`` Resource ID (defined in R-29751) **MUST** match\nthe ``{vm-type_index}`` defined in\nthe ``OS::Nova::Server`` property ``networks`` map property ``port``\nreferenced ``OS::Neutron::Port`` Resource ID (defined in R-20453).", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_server_flavor_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_server_image_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_server_metadata_environment_context_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_server_metadata_vf_module_id_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_server_metadata_vf_module_index_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_server_metadata_vf_module_name_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_server_metadata_vm_role_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_server_metadata_vnf_id_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_server_metadata_vnf_name_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_server_metadata_workload_context_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_server_name_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_servers_have_required_metadata", "test_case": "test_servers_have_required_metadata", "result": "PASS", "error": "", "requirements": [ { "id": "R-37437", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property ``metadata`` **MUST**\ncontain the key/value pair ``vnf_id``\nand the value **MUST** be obtained via a ``get_param``.", "keyword": "MUST" }, { "id": "R-71493", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` **MUST**\ncontain the key/value pair ``vf_module_id``\nand the value MUST be obtained via a ``get_param``.", "keyword": "MUST" }, { "id": "R-72483", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` **MUST** contain the key/value pair ``vnf_name`` and the\nvalue **MUST** be obtained via a ``get_param``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_servers_metadata_use_get_param", "test_case": "test_servers_vf_module_id_metadata_use_get_param", "result": "PASS", "error": "", "requirements": [ { "id": "R-71493", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` **MUST**\ncontain the key/value pair ``vf_module_id``\nand the value MUST be obtained via a ``get_param``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_servers_metadata_use_get_param", "test_case": "test_servers_vf_module_index_metadata_use_get_param", "result": "PASS", "error": "", "requirements": [ { "id": "R-50816", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property ``metadata``\nkey/value pair ``vf_module_index``\nvalue **MUST** be obtained via a ``get_param``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_servers_metadata_use_get_param", "test_case": "test_servers_vf_module_name_metadata_use_get_param", "result": "PASS", "error": "", "requirements": [ { "id": "R-68023", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vf_module_name``\nvalue **MUST**\nbe obtained via a ``get_param``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_servers_metadata_use_get_param", "test_case": "test_servers_vnf_id_metadata_use_get_param", "result": "PASS", "error": "", "requirements": [ { "id": "R-37437", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property ``metadata`` **MUST**\ncontain the key/value pair ``vnf_id``\nand the value **MUST** be obtained via a ``get_param``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_servers_metadata_use_get_param", "test_case": "test_servers_vnf_name_metadata_use_get_param", "result": "PASS", "error": "", "requirements": [ { "id": "R-72483", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` **MUST** contain the key/value pair ``vnf_name`` and the\nvalue **MUST** be obtained via a ``get_param``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_software_config_resource_id", "test_case": "test_software_config_vm_type", "result": "SKIP", "error": "", "requirements": [ { "id": "R-08975", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::SoftwareConfig``\nResource ID **MUST** contain the ``{vm-type}``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_unique_resources_across_all_templates", "test_case": "test_unique_resources_across_all_yaml_files", "result": "PASS", "error": "", "requirements": [ { "id": "R-16447", "text": "A VNF's **MUST** be unique across all Heat\nOrchestration Templates and all HEAT Orchestration Template\nNested YAML files that are used to create the VNF.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_required_parameters_no_constraints", "test_case": "test_vf_module_id_parameter_has_no_constraints", "result": "PASS", "error": "", "requirements": [ { "id": "R-98374", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` key/value pair ``vf_module_id`` parameter ``vf_module_id``\n**MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_server_parameters", "test_case": "test_vf_module_id_parameter_type_and_parameter_name", "result": "PASS", "error": "", "requirements": [ { "id": "R-82134", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` key/value pair ``vf_module_id`` parameter **MUST**\nbe declared as ``vf_module_id`` and the parameter **MUST**\nbe defined as type: ``string``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_required_parameters_no_constraints", "test_case": "test_vf_module_index_parameter_has_no_constraints", "result": "SKIP", "error": "", "requirements": [ { "id": "R-09811", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vf_module_index`` **MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_server_parameters", "test_case": "test_vf_module_index_parameter_type_and_parameter_name", "result": "PASS", "error": "", "requirements": [ { "id": "R-54340", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_index`` parameter **MUST**\nbe declared as ``vf_module_index`` and the parameter **MUST** be\ndefined as type: ``number``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_required_parameters_no_constraints", "test_case": "test_vf_module_name_parameter_has_no_constraints", "result": "SKIP", "error": "", "requirements": [ { "id": "R-15480", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_name`` parameter ``vf_module_name``\n**MUST NOT** have parameter constraints defined.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_server_parameters", "test_case": "test_vf_module_name_parameter_type_and_parameter_name", "result": "PASS", "error": "", "requirements": [ { "id": "R-39067", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_name`` parameter **MUST** be\ndeclared as ``vf_module_name`` and the parameter **MUST**\nbe defined as type: ``string``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_vm_class_has_unique_type", "test_case": "test_vm_class_has_unique_type", "result": "SKIP", "error": "", "requirements": [ { "id": "R-01455", "text": "When a VNF's Heat Orchestration Template creates a Virtual Machine\n(i.e., ``OS::Nova::Server``),\neach \"class\" of VMs **MUST** be assigned a VNF unique\n``{vm-type}``; where \"class\" defines VMs that\n**MUST** have the following identical characteristics:\n\n 1.) ``OS::Nova::Server`` resource property ``flavor`` value\n\n 2.) ``OS::Nova::Server`` resource property ``image`` value\n\n 3.) Cinder Volume attachments\n\n - Each VM in the \"class\" **MUST** have the identical Cinder Volume\n configuration\n\n 4.) Network attachments and IP address requirements\n\n - Each VM in the \"class\" **MUST** have the identical number of\n ports connecting to the identical networks and requiring the identical\n IP address configuration.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_vm_role_value", "test_case": "test_vm_role_from_env_file", "result": "SKIP", "error": "", "requirements": [ { "id": "R-86476", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vm_role`` value **MUST**\nonly contain alphanumeric characters and underscores (i.e., '_').", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_vm_role_value", "test_case": "test_vm_role_hardcoded", "result": "PASS", "error": "", "requirements": [ { "id": "R-86476", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vm_role`` value **MUST**\nonly contain alphanumeric characters and underscores (i.e., '_').", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_required_parameters_no_constraints", "test_case": "test_vm_role_parameter_has_no_constraints", "result": "SKIP", "error": "", "requirements": [ { "id": "R-67597", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vm_role`` parameter ``vm_role``\n**MUST NOT** have parameter constraints defined.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nova_servers_vm_types_use_get_param", "test_case": "test_vm_type_assignments_on_nova_servers_only_use_get_param", "result": "PASS", "error": "", "requirements": [ { "id": "R-901331", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``image`` value **MUST** be be obtained via a ``get_param``.", "keyword": "MUST" }, { "id": "R-481670", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``flavor`` value **MUST** be be obtained via a ``get_param``.", "keyword": "MUST" }, { "id": "R-663631", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` value **MUST** be be obtained via a ``get_param``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_vm_type_case", "test_case": "test_vm_type_case", "result": "PASS", "error": "", "requirements": [ { "id": "R-32394", "text": "A VNF's Heat Orchestration Template's use of ``{vm-type}`` in all Resource\nproperty parameter names **MUST** be the same case.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nova_servers_vm_types", "test_case": "test_vm_type_consistent_on_nova_servers", "result": "PASS", "error": "", "requirements": [ { "id": "R-57282", "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``image`` even if more than one ``{vm-type}`` shares the same image.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nova_servers_vm_types", "test_case": "test_vm_type_network_role_collision", "result": "PASS", "error": "", "requirements": [ { "id": "R-48067", "text": "A VNF's Heat Orchestration Template's ``{vm-type}`` **MUST NOT** be a\nsubstring\nof ``{network-role}``.", "keyword": "MUST NOT" }, { "id": "R-00977", "text": "A VNF's Heat Orchestration Template's ``{network-role}``\n**MUST NOT** be a substring of ``{vm-type}``.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_vm_type_resource_id", "test_case": "test_vm_type_resource_id", "result": "PASS", "error": "", "requirements": [ { "id": "R-46839", "text": "A VNF's Heat Orchestration Template's use of ``{vm-type}``\nin all Resource IDs **MUST** be the same case.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_vm_type_syntax", "test_case": "test_vm_type_syntax", "result": "PASS", "error": "", "requirements": [ { "id": "R-98407", "text": "A VNF's Heat Orchestration Template's ``{vm-type}`` **MUST** contain only\nalphanumeric characters and/or underscores '_' and **MUST NOT**\ncontain any of the following strings:\n``_int`` or ``int_`` or ``_int_``.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_vmi_aap_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nested_parameters", "test_case": "test_vmi_net_ref_parameter_name_doesnt_change_in_nested_template", "result": "PASS", "error": "", "requirements": [ { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_required_parameters_no_constraints", "test_case": "test_vnf_id_parameter_has_no_constraints", "result": "PASS", "error": "", "requirements": [ { "id": "R-55218", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vnf_id`` parameter ``vnf_id`` **MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_server_parameters", "test_case": "test_vnf_id_parameter_type_and_parameter_name", "result": "PASS", "error": "", "requirements": [ { "id": "R-07507", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vnf_id`` parameter\n**MUST** be declared as ``vnf_id`` and the parameter **MUST**\nbe defined as type: ``string``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_required_parameters_no_constraints", "test_case": "test_vnf_name_parameter_has_no_constraints", "result": "PASS", "error": "", "requirements": [ { "id": "R-44318", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vnf_name``\nparameter ``vnf_name`` **MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_server_parameters", "test_case": "test_vnf_name_parameter_type_and_parameter_name", "result": "PASS", "error": "", "requirements": [ { "id": "R-62428", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vnf_name`` parameter **MUST**\nbe declared as ``vnf_name`` and the parameter **MUST** be defined as\ntype: ``string``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_nova_servers_workload_context", "test_case": "test_workload_context", "result": "PASS", "error": "", "requirements": [ { "id": "R-74978", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``workload_context``\nparameter **MUST**\nbe declared as ``workload_context`` and the parameter **MUST**\nbe defined as type: ``string``.", "keyword": "MUST" } ] }, { "files": [ "../vvp/base_vpkg.yaml" ], "test_module": "test_required_parameters_no_constraints", "test_case": "test_workload_context_parameter_has_no_constraints", "result": "SKIP", "error": "", "requirements": [ { "id": "R-34055", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``workload_context``\nparameter ``workload_context`` **MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT" } ] } ], "requirements": [ { "id": "R-00011", "text": "A VNF's Heat Orchestration Template's parameter defined\nin a nested YAML file\n**SHOULD NOT** have a parameter constraint defined.", "keyword": "SHOULD NOT", "result": "PASS", "errors": [] }, { "id": "R-00068", "text": "The VNF or PNF Documentation Package **MUST** include\na description of parameters that can be monitored for the VNF or PNF\nand event records (status, fault, flow, session, call, control\nplane, etc.) generated by the VNF or PNF after instantiation.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-00098", "text": "The VNF **MUST NOT** impact the ability of the VNF to provide\nservice/function due to a single container restart.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-00156", "text": "The VNF or PNF Documentation Package **MUST** describe the VNF or PNF\nManagement APIs, which must include information and tools for\nONAP to monitor the health of the VNF or PNF (conditions that require\nhealing and/or scaling responses).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-00228", "text": "A VNF's Heat Orchestration Template **MAY**\nreference the nested heat statically by repeated definition.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-00606", "text": "A VNF **MAY** be connected to zero, one or more than one external\nnetwork.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-00977", "text": "A VNF's Heat Orchestration Template's ``{network-role}``\n**MUST NOT** be a substring of ``{vm-type}``.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-01033", "text": "The VNF or PNF **MAY** use another option which is expected to include SFTP\nfor asynchronous bulk files, such as bulk files that contain large volumes\nof data collected over a long time interval or data collected across many\nVNFs or PNFs. (Preferred is to reorganize the data into more frequent or more focused\ndata sets, and deliver these by REST or TCP as appropriate.)", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-01101", "text": "A VNF's Heat Orchestration Template **MAY**\nreference the nested heat dynamically using the resource\n``OS::Heat::ResourceGroup``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-01123", "text": "The VNF or PNF package Manifest file **MUST** contain: VNF or PNF\npackage meta-data, a list of all artifacts (both internal and\nexternal) entry's including their respected URI's, as specified\nin ETSI GS NFV-SOL 004", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-01334", "text": "The VNF or PNF **MUST** conform to the NETCONF RFC 5717,\n\"Partial Lock Remote Procedure Call\".", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-01359", "text": "A VNF's Heat Orchestration Template that contains an ``OS::Nova:Server``\nresource **MAY** define a parameter for the property\n``availability_zone`` that is not utilized in any ``OS::Nova::Server``\nresources in the Heat Orchestration Template.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-01382", "text": "The VNF or PNF **MUST** allow the entire configuration of the VNF or PNF to be\nretrieved via NETCONF's and , independently\nof whether it was configured via NETCONF or other mechanisms.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-01427", "text": "If the VNF or PNF is using Basic Authentication, then the VNF or\nPNF **MUST** support the provisioning of security and authentication\nparameters (HTTP username and password) in order to be able to\nauthenticate with DCAE VES Event Listener.\n\nNote: The configuration management and provisioning software\nare specific to a vendor architecture.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-01455", "text": "When a VNF's Heat Orchestration Template creates a Virtual Machine\n(i.e., ``OS::Nova::Server``),\neach \"class\" of VMs **MUST** be assigned a VNF unique\n``{vm-type}``; where \"class\" defines VMs that\n**MUST** have the following identical characteristics:\n\n 1.) ``OS::Nova::Server`` resource property ``flavor`` value\n\n 2.) ``OS::Nova::Server`` resource property ``image`` value\n\n 3.) Cinder Volume attachments\n\n - Each VM in the \"class\" **MUST** have the identical Cinder Volume\n configuration\n\n 4.) Network attachments and IP address requirements\n\n - Each VM in the \"class\" **MUST** have the identical number of\n ports connecting to the identical networks and requiring the identical\n IP address configuration.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-01478", "text": "The VNF or PNF Documentation Package **MUST** describe all\nparameters that are available to monitor the VNF or PNF after instantiation\n(includes all counters, OIDs, PM data, KPIs, etc.) that must be\ncollected for reporting purposes.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-01556", "text": "The VNF or PNF Documentation Package **MUST** describe the\nfault, performance, capacity events/alarms and other event records\nthat are made available by the VNF or PNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-01896", "text": "A VNF's Heat Orchestration Template's parameter values that are constant\nacross all deployments **MUST** be declared in a Heat Orchestration\nTemplate Environment File.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-02164", "text": "When a VNF's Heat Orchestration Template's Contrail resource\nhas a property that\nreferences an external network that requires the network's\nFully Qualified Domain Name (FQDN), the property parameter\n\n* **MUST** follow the format ``{network-role}_net_fqdn``\n* **MUST** be declared as type ``string``\n* **MUST NOT** be enumerated in the VNF's Heat Orchestration Template's\n Environment File", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-02170", "text": "The VNF **MUST** use, whenever possible, standard implementations\nof security applications, protocols, and formats, e.g., S/MIME, TLS, SSH,\nIPSec, X.509 digital certificates for cryptographic implementations.\nThese implementations must be purchased from reputable vendors or obtained\nfrom reputable open source communities and must not be developed in-house.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-02360", "text": "The VNFC **MUST** be designed as a standalone, executable process.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-02454", "text": "The VNF **MUST** support the existence of multiple major/minor\nversions of the VNF software and/or sub-components and interfaces that\nsupport both forward and backward compatibility to be transparent to\nthe Service Provider usage.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-025941", "text": "The VNF or PNF PROVIDER **MUST** provide FM Meta Data to support the\nanalysis of fault events delivered to DCAE. The Meta Data must be\nincluded in the VES Registration YAML file with each fault event\nsupported by that NF at onboarding time and the Meta Data must follow\nthe VES Event Listener and VES Event Registration Specifications.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-02597", "text": "The VNF or PNF **MUST** implement the protocol operation:\n``lock(target)`` - Lock the configuration data store target.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-02616", "text": "The VNF or PNF **MUST** permit locking at the finest granularity\nif a VNF or PNF needs to lock an object for configuration to avoid blocking\nsimultaneous configuration operations on unrelated objects (e.g., BGP\nconfiguration should not be locked out if an interface is being\nconfigured or entire Interface configuration should not be locked out\nif a non-overlapping parameter on the interface is being configured).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-02651", "text": "The VNF or PNF **SHOULD** use available backup capabilities to save a\ncopy of configuration files before implementing changes to support\noperations such as backing out of software upgrades, configuration\nchanges or other work as this will help backing out of configuration\nchanges when needed.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-02691", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``workload_context``\nparameter ``workload_context`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-02997", "text": "The VNF **MUST** preserve their persistent data. Running VMs\nwill not be backed up in the Network Cloud infrastructure.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-03070", "text": "The VNF or PNF **MUST**, by ONAP Policy, provide the ONAP addresses\nas data destinations for each VNF or PNF, and may be changed by Policy while\nthe VNF or PNF is in operation. We expect the VNF or PNF to be capable of redirecting\ntraffic to changed destinations with no loss of data, for example from\none REST URL to another, or from one TCP host and port to another.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-03251", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Cinder::Volume``\n**MAY** be defined in a Cinder Volume Module.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-03324", "text": "A VNF's Heat Orchestration template's Environment File **MUST**\ncontain the ``parameters:`` section.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-03465", "text": "The VNF or PNF **MUST** release locks to prevent permanent lock-outs\nwhen the corresponding operation succeeds.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-03595", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup`` that\nis applicable to more than one ``{vm-type}`` and one external network Resource ID\n**SHOULD** use the naming convention\n\n* ``{network-role}_security_group``\n\nwhere\n\n* ``{network-role}`` is the network-role", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-03656", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::SoftwareConfig``\nResource ID **MAY** use the naming convention\n\n* ``{vm-type}_RSC``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RSC`` signifies that it is the Resource Software Config", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-03954", "text": "The VNF **MUST** survive any single points of failure within\nthe Network Cloud (e.g., virtual NIC, VM, disk failure).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-04158", "text": "The VNF or PNF **MUST** conform to the NETCONF RFC 4742,\n\"Using the NETCONF Configuration Protocol over Secure Shell (SSH)\".", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-04298", "text": "The VNF provider **MUST** provide their testing scripts to\nsupport testing.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-04344", "text": "A VNF's Nested YAML file **MAY** be invoked by more than one of\na VNF's Heat Orchestration Templates (when the VNF is composed of two\nor more Heat Orchestration Templates).", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-04492", "text": "The VNF **MUST** generate security audit logs that can be sent\nto Security Analytics Tools for analysis.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-04697", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_ips``\n\n where\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the external\n network", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-04747", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::CloudConfig``\nResource ID **MUST** contain the ``{vm-type}``.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-04982", "text": "The VNF **MUST NOT** include an authentication credential,\ne.g., password, in the security audit logs, even if encrypted.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-05050", "text": "A VNF's Heat Orchestration Templates intrinsic function\n``get_file`` **MAY** be used:\n\n * more than once in a VNF's Heat Orchestration Template\n * in two or more of a VNF's Heat Orchestration Templates\n * in a VNF's Heat Orchestration Templates nested YAML file", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-05201", "text": "When a VNF connects to two or more unique networks, each\nnetwork **MUST** be assigned a unique ``{network-role}``\nin the context of the VNF for use in the VNF's Heat Orchestration\nTemplate.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-05257", "text": "A VNF's Heat Orchestration Template's **MUST NOT**\ncontain the Resource ``OS::Neutron::FloatingIP``.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-06327", "text": "The VNF **MUST** respond to a \"drain VNFC\" [#4.5.2]_ command against\na specific VNFC, preventing new session from reaching the targeted VNFC,\nwith no disruption to active sessions on the impacted VNFC, if a VNF\nprovides a load balancing function across multiple instances of its VNFCs.\nThis is used to support scenarios such as proactive maintenance with no\nuser impact.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-06413", "text": "The VNF **MUST** log the field \"service or program used for access\"\nin the security audit logs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-06613", "text": "A VNF's Heat Orchestration Template's parameter defined\nin a non-nested YAML file as type\n``boolean`` **MAY** have a parameter constraint defined.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-06668", "text": "The VNF **MUST** handle the start or restart of VNFC instances\nin any order with each VNFC instance establishing or re-establishing\nrequired connections or relationships with other VNFC instances and/or\nVNFs required to perform the VNF function/role without requiring VNFC\ninstance(s) to be started/restarted in a particular order.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-06885", "text": "The VNF **SHOULD** support the ability to scale down a VNFC pool\nwithout jeopardizing active sessions. Ideally, an active session should\nnot be tied to any particular VNFC instance.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-06924", "text": "The VNF or PNF **MUST** deliver asynchronous data as data becomes\navailable, or according to the configured frequency.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-07251", "text": "The VNF or PNF **MUST** support APPC/SDN-C ``ResumeTraffic`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-07443", "text": "A VNF's Heat Orchestration Templates' Cinder Volume Module Output\nParameter's name and type **MUST** match the input parameter name and type\nin the corresponding Base Module or Incremental Module.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-07507", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vnf_id`` parameter\n**MUST** be declared as ``vnf_id`` and the parameter **MUST**\nbe defined as type: ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-07545", "text": "The VNF or PNF **MUST** support all operations, administration and\nmanagement (OAM) functions available from the supplier for VNFs or PNFs\nusing the supplied YANG code and associated NETCONF servers.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-07617", "text": "The VNF **MUST** log success and unsuccessful creation, removal, or\nchange to the inherent privilege level of users.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-08134", "text": "The VNF or PNF **MUST** conform to the NETCONF RFC 6241,\n\"NETCONF Configuration Protocol\".", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-08312", "text": "The VNF or PNF **MAY** use another option which is expected to include REST\ndelivery of binary encoded data sets.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-08315", "text": "The VNF **SHOULD** use redundant connection pooling to connect\nto any backend data source that can be switched between pools in an\nautomated/scripted fashion to ensure high availability of the connection\nto the data source.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-08775", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup``\nthat is applicable to one ``{vm-type}`` and more than one network (internal\nand/or external) Resource ID **SHOULD** use the naming convention\n\n* ``{vm-type}_security_group``\n\nwhere\n\n* ``{vm-type}`` is the vm-type", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-08975", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::SoftwareConfig``\nResource ID **MUST** contain the ``{vm-type}``.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-09467", "text": "The VNF **MUST** utilize only NCSP standard compute flavors. [#4.5.1]_", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-09811", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vf_module_index`` **MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT", "result": "SKIP", "errors": [] }, { "id": "R-100000", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n**MUST** be declared as either type ``string`` or type\n``comma_delimited_list``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100010", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network (per the ONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100020", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n``{vm-type}_{network-role}_ip_{index}``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-100030", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_ips``\n\n where\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the external\n network", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100040", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n``{vm-type}_{network-role}_ips``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-100050", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network\n(per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100060", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n``{vm-type}_{network-role}_v6_ip_{index}``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-100070", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100080", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n``{vm-type}_{network-role}_v6_ips``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-100090", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is\ndefined as a ``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100100", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n``{vm-type}_int_{network-role}_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100110", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100120", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n``{vm-type}_int_{network-role}_int_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100130", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address to an\ninternal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a\n``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100140", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nparameter\n``{vm-type}_int_{network-role}_v6_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100150", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` is assigning an IP address to an\ninternal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``instance_ip_address``\nand the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100160", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``instance_ip_address``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_v6_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100170", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp``\nproperty ``instance_ip_address``\nparameter associated with an external network, i.e.,\n\n * ``{vm-type}_{network-role}_ip_{index}``\n * ``{vm-type}_{network-role}_v6_ip_{index}``\n * ``{vm-type}_{network-role}_ips``\n * ``{vm-type}_{network-role}_v6_ips``\n\n\n**MUST NOT** be enumerated in the Heat Orchestration\nTemplate's Environment File. ONAP provides the IP address\nassignments at orchestration time.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-100180", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp``\nproperty ``instance_ip_address``\nparameter associated with an internal network, i.e.,\n\n * ``{vm-type}_int_{network-role}_ip_{index}``\n * ``{vm-type}_int_{network-role}_v6_ip_{index}``\n * ``{vm-type}_int_{network-role}_ips``\n * ``{vm-type}_int_{network-role}_v6_ips``\n\n\n**MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and IP addresses **MUST** be\nassigned.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100190", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::ContrailV2::InstanceIp`` property ``subnet_uuid``\nparameter\n**MUST** be declared type ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100200", "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv4 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv4 subnet is to be specified\nusing the property ``subnet_uuid``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100210", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``subnet_uuid``\nparameter\n``{network-role}_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-100220", "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::ContrailV2::InstanceIp`` is assigning an IP address\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv6 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv6 subnet is to be specified\nusing the property ``subnet_uuid``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_v6_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100230", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``subnet_uuid``\nparameter\n``{network-role}_v6_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-100240", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::ContrailV2::InstanceIp`` in an Incremental Module is\n assigning an IP address\n to an internal network (per the ONAP definition, see\n Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv4 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv4 subnet is to be specified\n using the property ``subnet_uuid``,\n\nthe parameter **MUST** follow the naming convention\n\n * ``int_{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the internal network\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100250", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``subnet_uuid``\nparameter\n``int_{network-role}_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-100260", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::ContrailV2::InstanceIp`` in an Incremental Module is\n attaching\n to an internal network (per the ONAP definition,\n see Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv6 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv6 subnet is to be specified\n using the property ``subnet_uuid``,\n\nthe parameter **MUST** follow the naming convention\n``int_{network-role}_v6_subnet_id``,\nwhere ``{network-role}`` is the network role of the internal network.\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100270", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` property ``subnet_uuid``\nparameter\n``int_{network-role}_v6_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-100280", "text": "If a VNF's Heat Orchestration Template's resource\n``OS::ContrailV2::VirtualMachineInterface``\nis attaching to an external network (per the\nONAP definition, see Requirement R-57424), the\nmap property\n\n``virtual_machine_interface_allowed_address_pairs``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n\nparameter\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-100310", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::ContrailV2::VirtualMachineInterface`` is attaching to an external\nnetwork (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 Virtual IP (VIP)\nis required to be supported by the ONAP data model,\nthe map property\n\n``virtual_machine_interface_allowed_address_pairs``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n\nparameter name **MUST** follow the naming convention\n\n* ``{vm-type}_{network-role}_floating_ip``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n\nAnd the parameter **MUST** be declared as type ``string``.\n\nThe ONAP data model can only support one IPv4 VIP address.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100330", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::ContrailV2::VirtualMachineInterface`` is attaching to an external\nnetwork (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 Virtual IP (VIP)\nis required to be supported by the ONAP data model,\nthe map property\n\n``virtual_machine_interface_allowed_address_pairs``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n\nparameter name **MUST** follow the naming convention\n\n* ``{vm-type}_{network-role}_floating_v6_ip``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n\nAnd the parameter **MUST** be declared as type ``string``.\n\nThe ONAP data model can only support one IPv6 VIP address.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100350", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::ContrailV2::VirtualMachineInterface`` is attaching to an\nexternal network\n(per the ONAP definition, see Requirement R-57424),\nand the IPv4 VIP address and/or IPv6 VIP address\nis **not** supported by the ONAP data model,\nthe map property\n\n``virtual_machine_interface_allowed_address_pairs``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n\n* Parameter name **MAY** use any naming convention. That is, there is no\n ONAP mandatory parameter naming convention.\n* Parameter **MAY** be declared as type ``string`` or type\n``comma_delimited_list``.\n\nAnd the ``OS::ContrailV2::VirtualMachineInterface`` resource\n**MUST** contain resource-level ``metadata`` (not property-level).\n\nAnd the ``metadata`` format **MUST** must contain the\nkey value ``aap_exempt`` with a list of all map property\n\n``virtual_machine_interface_allowed_address_pairs``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``,\n\n``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n\nparameters **not** supported by the ONAP data model.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-100360", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` is attaching to an\ninternal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 Virtual IP (VIP)\naddress is assigned using the map property,\n``virtual_machine_interface_allowed_address_pairs,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n, the parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file.\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100370", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` is attaching to an\ninternal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 Virtual IP (VIP)\naddress is assigned\nusing the map property,\n``virtual_machine_interface_allowed_address_pairs,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip,\nvirtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n, the parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-100380", "text": "If a VNF requires the use of an SSH key created by OpenStack, the VNF\nHeat Orchestration Template **SHOULD** create the ``OS::Nova::Keypair``\nin the base module, and expose the public key as an output value.\n\nThis allows re-use of the key by ONAP when triggering scale out, recovery,\nor other day 1 operations.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-100400", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty metadata **SHOULD** contain the key/value pair ``vf_module_name``.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-100410", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property ``metadata`` **MAY**\ncontain the key/value pair ``vf_module_index``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-10087", "text": "The VNF or PNF CSAR package **MUST** include all artifacts required by\nETSI GS NFV-SOL004 including Manifest file, VNFD or PNFD (or Main\nTOSCA/YAML based Service Template) and other optional artifacts.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-10129", "text": "The VNF or PNF **SHOULD** conform its YANG model to RFC 7223,\n\"A YANG Data Model for Interface Management\".", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-10173", "text": "The VNF or PNF **MUST** allow another NETCONF session to be able to\ninitiate the release of the lock by killing the session owning the lock,\nusing the operation to guard against hung NETCONF sessions.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-10353", "text": "The VNF or PNF **MUST** conform its YANG model to RFC 6244,\n\"An Architecture for Network Management Using NETCONF and YANG\".", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-106240", "text": "The following VES Events **SHOULD** be supported by the PNF: pnfRegistration\nVES Event, HVol VES Event, and Fault VES Event. These are onboarded via\nhe SDC Design Studio.\n\nNote: these VES Events are emitted from the PNF to support PNF Plug and\nPlay, High Volume Measurements, and Fault events respectively.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-10716", "text": "The VNF or PNF **MUST** support parallel and simultaneous\nconfiguration of separate objects within itself.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-10834", "text": "A VNF's Heat Orchestration Template resource attribute ``property:``\n**MUST NOT** use more than two levels of nested ``get_param`` intrinsic\nfunctions when deriving a property value. SDC does not support nested\n``get_param`` with recursive lists (i.e., a list inside list).\nThe second ``get_param`` in a nested lookup must directly derive its value\nwithout further calls to ``get_param`` functions.\n\n* Example of valid nesting:\n\n * ``name: {get_param: [ {vm-type}_names, {get_param : index } ] }``\n\n* Examples of invalid nesting. SDC will not support these examples since\n there is an array inside array.\n\n * ``name: {get_param: [ {vm-type}_names, { get_param: [ indexlist, 0 ] } ] }``\n * ``name: {get_param: [ {vm-type}_names, { get_param: [ indexlist1, { get_param: indexlist2 } ] } ] }``", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-11041", "text": "All parameters defined in a VNFs Nested YAML file\n**MUST** be passed in as properties of the resource calling\nthe nested yaml file.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-11168", "text": "A VNF's Heat Orchestration Template's Resource ID that is associated with\nan external network **MUST** include the ``{network-role}`` as part\nof the resource ID.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-11200", "text": "A VNF's Cinder Volume Module, when it exists, **MUST** be 1:1\nwith a Base module or Incremental module.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-11235", "text": "The VNF or PNF **MUST** implement the protocol operation:\n``kill-session(session``- Force the termination of **session**.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-11240", "text": "The VNF or PNF **MUST** respond with content encoded in JSON, as\ndescribed in the RESTCONF specification. This way the encoding of a\nsynchronous communication will be consistent with Avro.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-11441", "text": "A VNF's Heat Orchestration Template's parameter type **MUST** be one of\nthe following values:\n\n* ``string``\n* ``number``\n* ``json``\n* ``comma_delimited_list``\n* ``boolean``", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-11499", "text": "The VNF or PNF **MUST** fully support the XPath 1.0 specification\nfor filtered retrieval of configuration and other database contents.\nThe 'type' attribute within the parameter for and\n operations may be set to 'xpath'. The 'select' attribute\n(which contains the XPath expression) will also be supported by the\nserver. A server may support partial XPath retrieval filtering, but\nit cannot advertise the ``:xpath`` capability unless the entire XPath\n1.0 specification is supported.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-11690", "text": "When a VNF's Heat Orchestration Template's Resource ID contains an\n``{index}``, the ``{index}`` is a numeric value that **MUST** start at\nzero and **MUST** increment by one.\n\nAs stated in R-16447,\n*a VNF's MUST be unique across all Heat\nOrchestration Templates and all HEAT Orchestration Template\nNested YAML files that are used to create the VNF*. While the ``{index}``\nwill start at zero in the VNF, the ``{index}`` may not start at zero\nin a given Heat Orchestration Template or HEAT Orchestration Template\nNested YAML file.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-11790", "text": "The VNF **MUST** support ONAP Controller's\n**Restart (stop/start or reboot)** command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-118669", "text": "Login access (e.g., shell access) to the operating system layer, whether\ninteractive or as part of an automated process, **MUST** be through an\nencrypted protocol such as SSH or TLS.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-120182", "text": "The VNF or PNF provider **MUST** indicate specific conditions that may arise, and\nrecommend actions that may be taken at specific thresholds, or if specific\nconditions repeat within a specified time interval, using the semantics and\nsyntax described by the :ref:`VES Event Registration specification `.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-12110", "text": "The VNF **MUST NOT** use keys generated or derived from\npredictable functions or values, e.g., values considered predictable\ninclude user identity information, time of day, stored/transmitted data.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-12271", "text": "The VNF or PNF **SHOULD** conform its YANG model to RFC 7223,\n\"IANA Interface Type YANG Module\".", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-123044", "text": "The VNF or PNF Provider **MAY** require that specific events, identified by their\n``eventName``, require that certain fields, which are optional in the common\nevent format, must be present when they are published.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-12467", "text": "The VNF **MUST NOT** use compromised encryption algorithms.\nFor example, SHA, DSS, MD5, SHA-1 and Skipjack algorithms.\nAcceptable algorithms can be found in the NIST FIPS publications\n(https://csrc.nist.gov/publications/fips) and in the\nNIST Special Publications (https://csrc.nist.gov/publications/sp).", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-12538", "text": "The VNF **SHOULD** support load balancing and discovery\nmechanisms in resource pools containing VNFC instances.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-12678", "text": "The VNF or PNF Documentation Package **MUST** include a\ndescription of runtime lifecycle events and related actions (e.g.,\ncontrol responses, tests) which can be performed for the VNF or PNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-12706", "text": "The VNF or PNF **MUST** support APPC/SDN-C ``QuiesceTraffic`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-12709", "text": "The VNFC **SHOULD** be independently deployed, configured,\nupgraded, scaled, monitored, and administered by ONAP.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-130206", "text": "If the VNF or PNF CSAR Package utilizes Option 1 for package security, then\nthe complete CSAR file **MUST** contain a Digest (a.k.a. hash) for each of\nthe components of the VNF or PNF package. The table of hashes is included\nin the package manifest file, which is signed with the VNF or PNF provider\nprivate key. In addition, the VNF or PNF provider MUST include a signing\ncertificate that includes the VNF or PNF provider public key, following a\nTOSCA pre-defined naming convention and located either at the root of the\narchive or in a predefined location specified by the TOSCA.meta file with\nthe corresponding entry named \"ETSI-Entry-Certificate\".", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-13151", "text": "The VNF **SHOULD** disable the paging of the data requiring\nencryption, if possible, where the encryption of non-transient data is\nrequired on a device for which the operating system performs paging to\nvirtual memory. If not possible to disable the paging of the data\nrequiring encryption, the virtual memory should be encrypted.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-13194", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``environment_context`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-13196", "text": "A VNF **MAY** be composed of zero to many Incremental Modules.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-13344", "text": "The VNF **MUST** log starting and stopping of security\nlogging.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-13390", "text": "The VNF or PNF provider **MUST** provide cookbooks to be loaded\non the appropriate Chef Server.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-13613", "text": "The VNF **MUST** provide clear measurements for licensing\npurposes to allow automated scale up/down by the management system.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-13627", "text": "The VNF **MUST** monitor API invocation patterns to detect\nanomalous access patterns that may represent fraudulent access or other\ntypes of attacks, or integrate with tools that implement anomaly and\nabuse detection.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-13800", "text": "The VNF or PNF **MUST** conform to the NETCONF RFC 5277,\n\"NETCONF Event Notification\".", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-14198", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup`` that\nis applicable to one {vm-type} and one internal network Resource ID **SHOULD**\nuse the naming convention\n\n* ``{vm-type}_int_{network-role}_security_group``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{network-role}`` is the network-role", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-14447", "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::ServiceTemplate``\nResource ID **MAY** use the naming convention\n\n* ``{vm-type}_RST_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RST`` signifies that it is the Resource Service Template\n* ``{index}`` is the index.\n The ``{index}`` starts at zero and increments by one\n (as described in R-11690).", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-146092", "text": "If one or more non-MANO artifact(s) is included in the VNF or PNF TOSCA CSAR\npackage, the Manifest file in this CSAR package **MUST** contain: non-MANO\nartifact set which MAY contain following ONAP public tag.\n\n - onap_ves_events: contains VES registration files\n\n - onap_pm_dictionary: contains the PM dictionary files\n\n - onap_yang_modules: contains Yang module files for configurations\n\n - onap_ansible_playbooks: contains any ansible_playbooks\n\n - onap_others: contains any other non_MANO artifacts, e.g. informational\n documents", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-146931", "text": "The VNF or PNF **MUST** report exactly one Measurement event per period\nper source name.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-14853", "text": "The VNF **MUST** respond to a \"move traffic\" [#4.5.2]_ command\nagainst a specific VNFC, moving all existing session elsewhere with\nminimal disruption if a VNF provides a load balancing function across\nmultiple instances of its VNFCs.\n\nNote: Individual VNF performance aspects (e.g., move duration or\ndisruption scope) may require further constraints.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-15189", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Nova::ServerGroup`` Resource ID\n**MAY** use the naming convention\n\n* ``{vm-type}_RSG``\n\nor\n\n* ``{vm-type}_Server_Grp``\n\nor\n\n* ``{vm-type}_ServerGroup``\n\nor\n\n* ``{vm-type}_servergroup``", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-15287", "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` is attaching\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv6 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv6 subnet is to be specified\nusing the property ``fixed_ips``\nmap property ``subnet``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_v6_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-15325", "text": "The VNF **MUST** log the field \"success/failure\" in the\nsecurity audit logs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-15480", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_name`` parameter ``vf_module_name``\n**MUST NOT** have parameter constraints defined.", "keyword": "MUST NOT", "result": "SKIP", "errors": [] }, { "id": "R-15671", "text": "The VNF **MUST** provide access controls that allow the Operator\nto restrict access to VNF functions and data to authorized entities.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-15837", "text": "The following table defines the major TOSCA Types specified in\nETSI NFV-SOL001 standard draft. The VNFD provided by a VNF vendor\n**MUST** comply with the below definitions:", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-15884", "text": "The VNF **MUST** include the field \"date\" in the Security alarms\n(where applicable and technically feasible).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-15885", "text": "The VNF or PNF **MUST** Upon completion of the chef-client run,\nPOST back on the callback URL, a JSON object as described in Table\nA2 if the chef-client run list includes a cookbook/recipe that is\ncallback capable. Failure to POST on the Callback Url should not be\nconsidered a critical error. That is, if the chef-client successfully\ncompletes the VNF or PNF action, it should reflect this status on the Chef\nServer regardless of whether the Callback succeeded or not.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-16039", "text": "The VNF **SHOULD** test for adherence to the defined\nresiliency rating recommendation at each layer, during each\ndelivery cycle so that the resiliency rating is measured and\nfeedback is provided where software resiliency requirements are\nnot met.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-16065", "text": "The VNF or PNF provider **MUST** provide configurable parameters\n(if unable to conform to YANG model) including VNF or PNF attributes/parameters\nand valid values, dynamic attributes and cross parameter dependencies\n(e.g., customer provisioning data).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-16241", "text": "A VNF's internal network **MUST** have one subnet.\nA VNF's internal network **MAY** have more than one subnet.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-16437", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::ServiceTemplate``\nResource ID **MUST** contain the ``{vm-type}``.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-16447", "text": "A VNF's **MUST** be unique across all Heat\nOrchestration Templates and all HEAT Orchestration Template\nNested YAML files that are used to create the VNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-16496", "text": "The VNF **MUST** enable instantiating only the functionality that\nis needed for the decomposed VNF (e.g., if transcoding is not needed it\nshould not be instantiated).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-16560", "text": "The VNF **SHOULD** conduct a resiliency impact assessment for all\ninter/intra-connectivity points in the VNF to provide an overall resiliency\nrating for the VNF to be incorporated into the software design and\ndevelopment of the VNF.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-16777", "text": "The VNF or PNF provider **MUST** provide a JSON file for each\nsupported action for the VNF or PNF. The JSON file must contain key value\npairs with all relevant values populated with sample data that illustrates\nits usage. The fields and their description are defined in Table B1\nin the Appendix.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-16875", "text": "The VNF or PNF Documentation Package **MUST** include documentation which must\ninclude a unique identification string for the specific VNF or PNF, a description\nof the problem that caused the error, and steps or procedures to perform\nRoot Cause Analysis and resolve the issue.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-16968", "text": "A VNF's Heat Orchestration Templates **MUST NOT** include heat\nresources to create external networks.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-17334", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup``\nthat is applicable to one ``{vm-type}`` and one external network Resource ID\n**SHOULD** use the naming convention\n\n* ``{vm-type}_{network-role}_security_group``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{network-role}`` is the network-role", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-17528", "text": "A VNF's Heat Orchestration Template's first level Nested YAML file\n**MUST NOT** contain more than one ``OS::Nova::Server`` resource.\nA VNF's Heat Orchestration Template's second level Nested YAML file\n**MUST NOT** contain an ``OS::Nova::Server`` resource.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-17624", "text": "The PNF **MAY** support the optional parameters for Service\nConfiguration Parameters.\n\nNote: These are detailed in the Stage 5 PnP\n\nNote: These parameters are optional, and not all PNFs will support any\nor all of these parameters, it is up to the vendor and service provider\nto ascertain which ones are supported up to an including all of the ones\nthat have been defined. Note: It is expected that there will be a growing\nlist of supported configuration parameters in future releases of ONAP.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-177937", "text": "The PNFD provided by a PNF vendor\u00a0**MUST**\u00a0comply with the following\nCapabilities Types as specified in ETSI NFV-SOL001 standard:\n\n - tosca.datatypes.nfv.VirtualLinkable", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-17852", "text": "The VNFD **MAY** include TOSCA/YAML definitions that are not part of\nNFV Profile. If provided, these definitions MUST comply with TOSCA\nSimple Profile in YAML v.1.2.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-18001", "text": "If the VNF's ports connected to a unique internal network\nand the port's IP addresses are statically assigned IP addresses,\nthe IPv4 addresses **MAY** be from different subnets and the\nIPv6 addresses **MAY** be from different subnets.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-18008", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``network`` parameter **MUST** be declared as type: ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-18202", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::Heat::MultipartMime``\nResource ID\n**MAY**\nuse the naming convention\n\n* ``{vm-type}_RMM``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RMM`` signifies that it is the Resource Multipart Mime", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-18525", "text": "The VNF or PNF provider **MUST** provide a JSON file for each\nsupported action for the VNF or PNF. The JSON file must contain key value\npairs with all relevant values populated with sample data that illustrates\nits usage. The fields and their description are defined in Tables A1\nand A2 in the Appendix.\n\nNote: Chef support in ONAP is not currently available and planned for 4Q 2017.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-18683", "text": "If a VNF has one IPv4 OAM Management IP Address and the\nIP Address needs to be inventoried in ONAP's A&AI\ndatabase, an output parameter **MUST** be declared in only one of the\nVNF's Heat Orchestration Templates and the parameter **MUST** be named\n``oam_management_v4_address``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-18725", "text": "The VNF **MUST** handle the restart of a single VNFC instance\nwithout requiring all VNFC instances to be restarted.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-18733", "text": "The VNF or PNF **MUST** implement the protocol operation:\n``discard-changes()`` - Revert the candidate configuration\ndata store to the running configuration.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-18864", "text": "The VNF **MUST NOT** use technologies that bypass virtualization\nlayers (such as SR-IOV) unless approved by the NCSP (e.g., if necessary\nto meet functional or performance requirements).", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-19082", "text": "The VNF **MUST** allow the Operator to disable or remove any security\ntesting tools or programs included in the VNF, e.g., password cracker,\nport scanner.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-19366", "text": "The VNF or PNF **MUST** support APPC ``ConfigModify`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-19624", "text": "The VNF or PNF, when leveraging JSON for events, **MUST** encode and serialize\ncontent delivered to ONAP using JSON (RFC 7159) plain text format.\nHigh-volume data is to be encoded and serialized using\n`Avro `_, where the Avro data\nformat are described using JSON.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-19756", "text": "If a VNF's Heat Orchestration Template\n``OS::ContrailV2::InterfaceRouteTable`` resource\n``interface_route_table_routes`` property\n``interface_route_table_routes_route`` map property parameter\n``{vm-type}_{network-role}_route_prefixes``\n**MUST** be defined as type ``json``.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-19768", "text": "The VNF **SHOULD** support network segregation, i.e., separation of OA&M\ntraffic from signaling and payload traffic, using technologies such as\nVPN and VLAN.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-19922", "text": "The VNF or PNF **MUST** support APPC/SDN-C ``UpgradePrecheck`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-20065", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::PortTuple``\nResource ID **MUST** contain the ``{vm-type}``.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-20204", "text": "The VNF Package **MUST** include VM requirements via a Heat\ntemplate that provides the necessary data for network connections,\ninterface connections, internal and external to VNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-20308", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``environment_context``\nparameter **MUST** be declared as ``environment_context`` and the\nparameter type **MUST** be defined as type: ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-20319", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Heat::CloudConfig``\nResource ID **MAY** use the naming convention\n\n* ``{vm-type}_RCC``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RCC`` signifies that it is the Resource Cloud Config", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-20353", "text": "The VNF or PNF **MUST** implement both ``:candidate`` and\n``:writable-running`` capabilities. When both ``:candidate`` and\n``:writable-running`` are provided then two locks should be supported.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-20453", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is attaching to an external network Resource ID\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_port_{port-index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{port_index}`` references the instance of the port on the ``{vm-type}``\n attached to ``{network-role}`` network. The\n ``{port_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new port is defined on the instance of the ``{vm-type}`` attached to\n ``{network-role}`` network.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-20547", "text": "When an ONAP Volume Module Output Parameter is declared as an input\nparameter in a base or an incremental module Heat Orchestration\nTemplate, parameter constraints **SHOULD NOT** be declared.", "keyword": "SHOULD NOT", "result": "PASS", "errors": [] }, { "id": "R-20741", "text": "The VNF or PNF **MUST** support APPC/SDN-C ``Configure`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-20856", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vnf_id`` parameter ``vnf_id`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-20860", "text": "The VNF **MUST** be agnostic to the underlying infrastructure\n(such as hardware, host OS, Hypervisor), any requirements should be\nprovided as specification to be fulfilled by any hardware.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-21210", "text": "The VNF **MUST** implement the following input validation control\non APIs: Validate that any input file has a correct and valid\nMultipurpose Internet Mail Extensions (MIME) type. Input files\nshould be tested for spoofed MIME types.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-21322", "text": "The VNF provider **MUST** provide their testing scripts to support\ntesting as specified in ETSI NFV-SOL004 - Testing directory in CSAR", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-21330", "text": "A VNF's Heat Orchestration Template's Resource property parameter that is\nassociated with external network **MUST** include the ``{network-role}``\nas part of the parameter name.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-21511", "text": "A VNF's Heat Orchestration Template's use of ``{network-role}``\nin all Resource IDs **MUST** be the same case.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-21558", "text": "The VNF **SHOULD** use intelligent routing by having knowledge\nof multiple downstream/upstream endpoints that are exposed to it, to\nensure there is no dependency on external services (such as load balancers)\nto switch to alternate endpoints.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-21652", "text": "The VNF **MUST** implement the following input validation\ncontrol: Check the size (length) of all input. Do not permit an amount\nof input so great that it would cause the VNF to fail. Where the input\nmay be a file, the VNF API must enforce a size limit.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-21819", "text": "VNFs that are subject to regulatory requirements **MUST** provide\nfunctionality that enables the Operator to comply with ETSI TC LI\nrequirements, and, optionally, other relevant national equivalents.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-22059", "text": "The VNF **MUST NOT** execute long running tasks (e.g., IO,\ndatabase, network operations, service calls) in a critical section\nof code, so as to minimize blocking of other operations and increase\nconcurrent throughput.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-221914", "text": "The VNF or PNF package **MUST** contain a a human-readable change log text\nfile. The Change Log file keeps a history describing any changes in the VNF\nor PNF package. The Change Log file is kept up to date continuously from\nthe creation of the CSAR package.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-22288", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n``int_{network-role}_v6_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-22346", "text": "The VNF or PNF package **MUST** provide :ref:`VES Event Registration `\nfor all VES events provided by that VNF or PNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-22367", "text": "The VNF **MUST** support detection of malformed packets due to software\nmisconfiguration or software vulnerability, and generate an error to the\nsyslog console facility.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-22589", "text": "A VNF's Heat Orchestration Template parameter declaration\n**MAY** contain the attribute ``immutable:``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-22608", "text": "When a VNF's Heat Orchestration Template's Base Module's output\nparameter is declared as an input parameter in an Incremental Module,\nthe parameter attribute ``constraints:`` **SHOULD NOT** be declared.", "keyword": "SHOULD NOT", "result": "PASS", "errors": [] }, { "id": "R-22680", "text": "The VNF or PNF Documentation Package **MUST** describe\nany requirements for the monitoring component of tools for Network\nCloud automation and management to provide these records to components\nof the VNF or PNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-22688", "text": "When a VNF's Heat Orchestration Template creates an internal network\n(per the ONAP definition, see Requirements R-52425 and R-46461\nand R-35666) and the internal network needs to be shared between modules\nwithin a VNF, the internal network **MUST** be created either in the\n\n* the base module\n* a nested YAML file invoked by the base module\n\nand the base module **MUST** contain an output parameter that provides\neither the network UUID or network name.\n\n* If the network UUID value is used to reference the network, the output\n parameter name in the base module **MUST** follow the naming convention\n ``int_{network-role}_net_id``\n* If the network name in is used to reference the network, the output\n parameter name in the base template **MUST** follow the naming convention\n ``int_{network-role}_net_name``\n\n``{network-role}`` **MUST** be the network-role of the internal network\ncreated in the Base Module.\n\nThe Base Module Output Parameter MUST be declared in the ``parameters:``\nsection of the Incremental Module(s) where the ``OS::Neutron::Port``\nresource(s) is attaching to the internal network.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-22700", "text": "The VNF or PNF **MUST** conform its YANG model to RFC 6470,\n\"NETCONF Base Notifications\".", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-22838", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``name`` parameter **MUST NOT** be enumerated in the Heat Orchestration\nTemplate's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-22888", "text": "The VNF or PNF Documentation Package **MUST** provide the VNF or PNF\nPolicy Description to manage the VNF or PNF runtime lifecycle. The document\nmust include a description of how the policies (conditions and actions)\nare implemented in the VNF or PNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-22946", "text": "The VNF or PNF **SHOULD** conform its YANG model to RFC 6536,\n\"NETCONF Access Control Model\".", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-23035", "text": "The VNF **MUST** be designed to scale horizontally (more\ninstances of a VNF or VNFC) and not vertically (moving the existing\ninstances to larger VMs or increasing the resources within a VM)\nto achieve effective utilization of cloud resources.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-23135", "text": "The VNF **MUST**, if not integrated with the Operator's identity and\naccess management system, authenticate all access to protected GUIs, CLIs,\nand APIs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-231402", "text": "The VNF **MUST** provide a means for the user to explicitly logout, thus\nending that session for that authenticated user.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-23311", "text": "The VNF's Heat Orchestration Template's base module or incremental module\nresource ``OS::Nova::Server`` property\n``availability_zone`` parameter **MUST** be declared as type: ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-23475", "text": "VNFCs **SHOULD** be agnostic to the details of the Network Cloud\n(such as hardware, host OS, Hypervisor or container technology) and must run\non the Network Cloud with acknowledgement to the paradigm that the Network\nCloud will continue to rapidly evolve and the underlying components of\nthe platform will change regularly.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-23503", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-23664", "text": "A VNF's Heat Orchestration template **MUST**\ncontain the section ``resources:``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-23740", "text": "The VNF **MUST** implement and enforce the principle of least privilege\non all protected interfaces.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-23882", "text": "The VNF **SHOULD** provide the capability for the Operator to run security\nvulnerability scans of the operating system and all application layers.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-23957", "text": "The VNF **MUST** include the field \"time\" in the Security alarms\n(where applicable and technically feasible).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-240760", "text": "The VNF **MUST NOT** contain any backdoors.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-24189", "text": "The VNF or PNF provider **MUST** deliver a new set of playbooks that\nincludes all updated and unchanged playbooks for any new revision to an\nexisting set of playbooks.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-24269", "text": "The VNF or PNF **SHOULD** conform its YANG model to RFC 7407,\n\"A YANG Data Model for SNMP Configuration\", if Netconf used to\nconfigure SNMP engine.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-24359", "text": "The VNF **MUST** provide the capability of testing the validity\nof a digital certificate by validating the date the certificate is being\nused is within the validity period for the certificate.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-24482", "text": "The VNF or PNF **MUST** provide Ansible playbooks that are designed to run\nusing an inventory hosts file in a supported format; with site group that\nshall be used to add site specific configurations to the target VNF or PNF\nVM(s) as needed.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-24632", "text": "The PNF Descriptor (PNFD) provided by PNF vendor **MUST** comply with\nTOSCA/YAML based Service template for PNF descriptor specified in ETSI\nNFV-SOL001.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-24893", "text": "A VNF's Heat Orchestration template's Environment File's\n**MAY** contain the ``event_sinks:`` section.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-24997", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Nova::Keypair`` applies to\none ``{vm-type}`` Resource ID **SHOULD** use the naming convention\n\n* ``{vm-type}_keypair_{index}``\n\nwhere\n\n* ``{network-role}`` is the network-role\n* ``{index}`` is the ``{index}`` of the keypair.\n The ``{index}`` starts at zero and increments by one\n (as described in R-11690).", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-25190", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Cinder::Volume``\n**SHOULD NOT** declare the property ``availability_zone``.", "keyword": "SHOULD NOT", "result": "PASS", "errors": [] }, { "id": "R-25238", "text": "The VNF or PNF PACKAGE **MUST** validated YANG code using the open\nsource pyang [#7.3.1]_ program using the following commands:\n\n.. code-block:: text\n\n $ pyang --verbose --strict $ echo $!", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-25401", "text": "The VNF **MUST** use asymmetric keys of at least 2048 bits in length.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-25547", "text": "The VNF **MUST** log the field \"protocol\" in the security audit logs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-256267", "text": "If SNMP is utilized, the VNF **MUST** support at least SNMPv3 with\nmessage authentication.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-256347", "text": "The PNF **MUST** support one of the protocols for a Service Configuration\nmessage exchange between the PNF and PNF Controller (in ONAP):\na) Netconf/YANG, b) Chef, or c) Ansible.\n\nNote: The PNF Controller may be VF-C, APP-C or SDN-C based on the\nPNF and PNF domain.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-256790", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``availability_zone`` parameter name **MAY** change when\npast into a nested YAML file.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-25720", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Net``\nResource ID **MUST** use the naming convention\n\n* ``int_{network-role}_network``\n\nVNF Heat Orchestration Templates can only create internal networks.\nThere is no ``{index}`` after ``{network-role}`` because ``{network-role}``\n**MUST** be unique in the scope of the VNF's\nHeat Orchestration Template.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-257367", "text": "The VNF or PNF, when leveraging Google Protocol Buffers for events, **MUST**\nserialize the events using native Google Protocol Buffers (GPB) according\nto the following guidelines:\n\n * The keys are represented as integers pointing to the system resources\n for the VNF or PNF being monitored\n * The values correspond to integers or strings that identify the\n operational state of the VNF resource, such a statistics counters and\n the state of an VNF or PNF resource.\n * The required Google Protocol Buffers (GPB) metadata is provided in the\n form of .proto files.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-258352", "text": "The PNF **MUST** support & accept the provisioning of an ONAP contact IP\naddress (in IPv4 or IPv6 format).\n\nNote: For example, it a possibility is that an external EMS would configure\n& provision the ONAP contact IP address to the PNF (in either IPv4 or\nIPv6 format). For the PNF Plug and Play Use Case, this IP address is the\nservice provider's \"point of entry\" to the DCAE VES Listener.\n\nNote: different service provider's network architecture may also require\nspecial setup to allow an external PNF to contact the ONAP installation.\nFor example, in the AT&T network, a maintenance tunnel is used to access\nONAP.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-258686", "text": "The VNF application processes **SHOULD NOT** run as root. If a VNF\napplication process must run as root, the technical reason must\nbe documented.", "keyword": "SHOULD NOT", "result": "PASS", "errors": [] }, { "id": "R-25877", "text": "A VNF's Heat Orchestration Template's parameter name\n(i.e., ) **MUST** contain only alphanumeric\ncharacters and underscores ('_').", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-26115", "text": "The VNF or PNF **MUST** follow the data model update rules defined in\n[RFC6020] section 10 for YANG 1.0 modules, and [RFC7950] section 11\nfor YANG 1.1 modules. All deviations from the aforementioned update\nrules shall be handled by a built-in automatic upgrade mechanism.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-26124", "text": "If a VNF Heat Orchestration Template parameter has a default value,\nit **MUST** be enumerated in the environment file.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-26351", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is attaching to an internal network Resource ID **MUST**\nuse the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_port_{port-index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{port_index}`` references the instance of the port on the ``{vm-type}``\n attached to ``{network-role}`` network. The\n ``{port_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new port is defined on the instance of the ``{vm-type}`` attached to\n ``{network-role}`` network.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-26371", "text": "The VNF **MUST** detect communication failure for inter VNFC\ninstance and intra/inter VNF and re-establish communication\nautomatically to maintain the VNF without manual intervention to\nprovide service continuity.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-26506", "text": "A VNF's Heat Orchestration Template's ``{network-role}`` **MUST** contain\nonly alphanumeric characters and/or underscores '_' and\n\n* **MUST NOT** contain any of the following strings: ``_int`` or ``int_``\n or ``_int_``\n* **MUST NOT** end in the string: ``_v6``\n* **MUST NOT** contain the strings ``_#_``, where ``#`` is a number\n* **MUST NOT** end in the string: ``_#``, where ``#`` is a number", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-26508", "text": "The VNF or PNF **MUST** support a NETCONF server that can be mounted on\nOpenDaylight (client) and perform the operations of: modify, update,\nchange, rollback configurations using each configuration data element,\nquery each state (non-configuration) data element, execute each YANG\nRPC, and receive data through each notification statement.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-26567", "text": "The VNF or PNF Package **MUST** include a run list of\nroles/cookbooks/recipes, for each supported VNF or PNF action, that will\nperform the desired VNF or PNF action in its entirety as specified by ONAP\n(see Section 7.c, APPC/SDN-C APIs and Behavior, for list of VNF or PNF\nactions and requirements), when triggered by a chef-client run list\nin JSON file.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-26881", "text": "The VNF provider **MUST** provide the binaries and images\nneeded to instantiate the VNF (VNF and VNFC images).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-270358", "text": "A VNF's Heat Orchestration Template's Cinder Volume Template **MUST**\ncontain either\n\n* An ``OS::Cinder::Volume`` resource\n* An ``OS::Heat::ResourceGroup`` resource that references a Nested YAML\n file that contains an ``OS::Cinder::Volume`` resource\n* A resource that defines the property ``type`` as a Nested YAML file\n (i.e., static nesting) and the Nested YAML contains\n an ``OS::Cinder::Volume`` resource", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-27078", "text": "A VNF's Heat Orchestration template **MUST** contain the\nsection ``heat_template_version:``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-27310", "text": "The VNF or PNF Package **MUST** include all relevant Chef artifacts\n(roles/cookbooks/recipes) required to execute VNF or PNF actions requested\nby ONAP for loading on appropriate Chef Server.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-27469", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is creating a *Reserve Port* with an IPv4 address Resource ID\n**SHOULD** use the naming convention\n\n* ``reserve_port_{vm-type}_{network-role}_floating_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{index}`` is the instance of the IPv4 *Reserve Port*\n for the vm-type attached to the network of ``{network-role}``.\n The ``{index}`` starts at zero and increments by one\n (as described in R-11690).", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-27511", "text": "The VNF provider **MUST** provide the ability to scale\nup a VNF provider supplied product during growth and scale down a\nVNF provider supplied product during decline without \"real-time\"\nrestrictions based upon VNF provider permissions.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-27818", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-27970", "text": "When a VNF's Heat Orchestration Template's resource is associated with\nmore than one ``{vm-type}`` and/or more than one internal and/or external\nnetwork, the Resource ID **MAY** contain the term ``shared`` and/or **MAY**\ncontain text that identifies the VNF.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-27995", "text": "The VNF **SHOULD** include control loop mechanisms to notify\nthe consumer of the VNF of their exceeding SLA thresholds so the consumer\nis able to control its load against the VNF.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-28168", "text": "The VNF **SHOULD** use an appropriately configured logging\nlevel that can be changed dynamically, so as to not cause performance\ndegradation of the VNF due to excessive logging.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-28189", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InterfaceRouteTable``\nResource ID **MAY** use the naming convention\n\n* ``{network-role}_RIRT``\n\nwhere\n\n* ``{network-role}`` is the network-role\n* ``RIRT`` signifies that it is the Resource Interface Route Table", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-28222", "text": "If a VNF's Heat Orchestration Template\n``OS::ContrailV2::InterfaceRouteTable`` resource\n``interface_route_table_routes`` property\n``interface_route_table_routes_route`` map property parameter name\n**MUST** follow the format\n\n* ``{vm-type}_{network-role}_route_prefixes``", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-283988", "text": "The VNF, when publishing events, **MUST NOT** send information through\nextensible structures if the event specification has explicitly defined\nfields for that information.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-284934", "text": "If the PNF encounters an error authenticating, reaching the ONAP DCAE VES\nEvent listener or recieves an error response from sending the pnfRegistration\nVES Event, it **MAY** log the error, and notify the operator.\n\nNote: the design of how errors are logged, retrieved and reported\nwill be a vendor-specific architecture. Reporting faults and errors\nis also a vendor specific design. It is expected that the PNF shall\nhave a means to log an error and notify a user when a fault condition\noccurs in trying to contact ONAP, authenticate or send a pnfRegistration\nevent.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-28756", "text": "The VNF or PNF **MUST** support ``:partial-lock`` and\n``:partial-unlock`` capabilities, defined in RFC 5717. This\nallows multiple independent clients to each write to a different\npart of the configuration at the same time.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-28795", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-28980", "text": "A VNF's incremental module **MAY** be used for initial VNF deployment only.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-29324", "text": "The VNF or PNF **SHOULD** implement the protocol operation:\n``copy-config(target, source)`` - Copy the content of the\nconfiguration data store source to the configuration data store target.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-293901", "text": "The VNF or PNF CSAR PACKAGE with TOSCA-Metadata **MUST** include following\nadditional keywords pointing to TOSCA files:\n\n - ETSI-Entry-Manifest\n\n - ETSI-Entry-Change-Log\n\nNote: For a CSAR containing a TOSCA-Metadata directory, which includes\nthe TOSCA.meta metadata file. The TOSCA.meta metadata file includes block_0\nwith the Entry-Definitions keyword pointing to a TOSCA definitions YAML\nfile used as entry for parsing the contents of the overall CSAR archive.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-29488", "text": "The VNF or PNF **MUST** implement the protocol operation:\n``get-config(source, filter`` - Retrieve a (filtered subset of\na) configuration from the configuration data store source.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-29495", "text": "The VNF or PNF **MUST** support locking if a common object is\nbeing manipulated by two simultaneous NETCONF configuration operations\non the same VNF or PNF within the context of the same writable running data\nstore (e.g., if an interface parameter is being configured then it\nshould be locked out for configuration by a simultaneous configuration\noperation on that same interface parameter).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-29705", "text": "The VNF **MUST** restrict changing the criticality level of a\nsystem security alarm to users with administrative privileges.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-29751", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nResource ID\n**MUST** use the naming convention\n\n* ``{vm-type}_server_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{index}`` is the index.\n The ``{index}`` **MUST** starts at zero and increment by one\n as described in R-11690.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-29760", "text": "The VNFC **MUST** be installed on non-root file systems,\nunless software is specifically included with the operating system\ndistribution of the guest image.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-29765", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-29872", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``network``\nparameter **MUST NOT** be enumerated in the Heat Orchestration\nTemplate's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-29977", "text": "The VNF **MUST** provide the capability of testing the validity\nof a digital certificate by validating the CA signature on the certificate.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-30005", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup`` that\nis applicable to more than one ``{vm-type}`` and more than one network\n(internal and/or external) Resource ID **MAY**\nuse the naming convention\n\n* ``shared_security_group``\n\nor\n\n* ``{vnf-type}_security_group``\n\nwhere\n\n* ``{vnf-type}`` describes the VNF", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-30278", "text": "The VNF or PNF provider **SHOULD** provide a Resource/Device YANG model\nas a foundation for creating the YANG model for configuration.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-303569", "text": "The VNF **MUST** log the Source IP address in the security audit logs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-30395", "text": "A VNF's Cinder Volume Module **MAY** utilize nested heat.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-304011", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource's\n\n* Resource ID (defined in R-29751)\n* property ``image`` parameter name (defined in R-58670)\n* property ``flavor`` parameter name (defined in R-45188)\n* property ``name`` parameter name (defined in R-54171 & R-87817)\n* property ``networks`` map property ``port`` value which is a\n ``OS::Neutron::Port`` Resource ID (defined in R-20453)\n referenced using the intrinsic function ``get_attr``\n\n**MUST** contain the identical ``{vm-type}``\nand **MUST** follow the naming conventions defined\nin R-58670, R-45188, R-54171, R-87817, and R-29751. And the ``{index}`` in\nthe ``OS::Nova::Server`` Resource ID (defined in R-29751) **MUST** match\nthe ``{vm-type_index}`` defined in\nthe ``OS::Nova::Server`` property ``networks`` map property ``port``\nreferenced ``OS::Neutron::Port`` Resource ID (defined in R-20453).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-30650", "text": "The VNF **MUST** utilize cloud provided infrastructure and\nVNFs (e.g., virtualized Local Load Balancer) as part of the VNF so\nthat the cloud can manage and provide a consistent service resiliency\nand methods across all VNF's.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-30654", "text": "The VNF or PNF Package **MUST** have appropriate cookbooks that are\ndesigned to automatically 'rollback' to the original state in case of\nany errors for actions that change state of the VNF or PNF (e.g.,\nconfigure).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-30753", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::NetworkIpam``\nResource ID\n**MUST**\ncontain the ``{network-role}``.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-30804", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::Heat::MultipartMime``\nResource ID\n**MUST**\ncontain the ``{vm-type}``.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-30932", "text": "The VNF **MUST** log successful and unsuccessful access to VNF\nresources, including data.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-31141", "text": "VNF Heat Orchestration Template's Cinder Volume Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nCinder Volume Module with ``.y[a]ml`` replaced with ``.env``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-31614", "text": "The VNF **MUST** log the field \"event type\" in the security audit\nlogs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-31809", "text": "The VNF or PNF **MUST** support the HealthCheck RPC. The HealthCheck\nRPC executes a VNF or PNF Provider-defined VNF or PNF HealthCheck over the\nscope of the entire VNF or PNF (e.g., if there are multiple VNFCs, then\nrun a health check, as appropriate, for all VNFCs). It returns a 200 OK if\nthe test completes. A JSON object is returned indicating state (healthy,\nunhealthy), scope identifier, time-stamp and one or more blocks containing\ninfo and fault information. If the VNF or PNF is unable to run the\nHealthCheck, return a standard http error code and message.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-32094", "text": "A VNF's Heat Orchestration Template parameter declaration **MAY**\ncontain the attribute ``label:``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-32155", "text": "The VNFD provided by VNF vendor may use the below described TOSCA\ninterface types. An on-boarding entity (ONAP SDC) **MUST** support them.\n\n **tosca.interfaces.nfv.vnf.lifecycle.Nfv** supports LCM operations", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-32217", "text": "The VNF or PNF **MUST** have routable management IP addresses or FQDNs that\nare reachable via the Ansible Server for the endpoints (VMs) of a\nVNF or PNF that playbooks will target. ONAP will initiate requests to the\nAnsible Server for invocation of playbooks against these end\npoints [#7.3.3]_.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-32394", "text": "A VNF's Heat Orchestration Template's use of ``{vm-type}`` in all Resource\nproperty parameter names **MUST** be the same case.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-32557", "text": "A VNF's Heat Orchestration Template parameter declaration **MAY**\ncontain the attribute ``hidden:``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-32636", "text": "The VNF **MUST** support API-based monitoring to take care of\nthe scenarios where the control interfaces are not exposed, or are\noptimized and proprietary in nature.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-32641", "text": "The VNF **MUST** provide the capability to encrypt data on\nnon-volatile memory.Non-volative memory is storage that is\ncapable of retaining data without electrical power, e.g.\nComplementary metal-oxide-semiconductor (CMOS) or hard drives.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-32695", "text": "The VNF **MUST** provide the ability to modify the number of\nretries, the time between retries and the behavior/action taken after\nthe retries have been exhausted for exception handling to allow the\nNCSP to control that behavior, where the interface and/or functional\nspecification allows for altering behaviour.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-328086", "text": "The VNF or PNF **MUST**, if serving as a distribution point or anchor point for\nsteering point from source to destination, support the ONAP Controller's\n``DistributeTraffic`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-32981", "text": "The VNF or PNF **MUST** support APPC ``ConfigBackup`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-33132", "text": "A VNF's Heat Orchestration Template **MAY** be\n 1.) Base Module Heat Orchestration Template (also referred to as a\n Base Module),\n 2.) Incremental Module Heat Orchestration Template (referred to as\n an Incremental Module), or\n 3.) a Cinder Volume Module Heat Orchestration Template (referred to as\n Cinder Volume Module).", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-332680", "text": "The VNF or PNF **SHOULD** deliver all syslog messages to the VES Collector per the\nspecifications in Monitoring and Management chapter.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-33280", "text": "The VNF or PNF **MUST NOT** use any instance specific parameters\nin a playbook.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-33488", "text": "The VNF **MUST** protect against all denial of service\nattacks, both volumetric and non-volumetric, or integrate with external\ndenial of service protection tools.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-33694", "text": "The VNF or PNF Package **MUST** include documentation to when applicable,\nprovide calculators needed to convert raw data into appropriate reporting\nartifacts.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-33846", "text": "The VNF **MUST** install the NCSP required software on Guest OS\nimages when not using the NCSP provided Guest OS images. [#4.5.1]_", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-33878", "text": "The VNF or PNF **MUST** support one of the following authentication\nmethods for authenticating HTTPS connections to the DCAE VES Event\nListener:\n\n- The preferred method is Certificate Authentication\n\n- The non-preferred option is Basic Authentication.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-33904", "text": "The VNF or PNF Package **MUST** include documentation for each KPI, provide\nlower and upper limits.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-33946", "text": "The VNF or PNF **MUST** conform to the NETCONF RFC 4741,\n\"NETCONF Configuration Protocol\".", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-33955", "text": "The VNF or PNF **SHOULD** conform its YANG model to RFC 6991,\n\"Common YANG Data Types\".", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-34037", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n**MUST** be declared as either type ``string`` or type\n``comma_delimited_list``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-34055", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``workload_context``\nparameter ``workload_context`` **MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT", "result": "SKIP", "errors": [] }, { "id": "R-343842", "text": "The VNF **MUST**, after a successful login at command line or a GUI,\ndisplay the last valid login date and time and the number of unsuccessful\nattempts since then made with that user's ID. This requirement is only\napplicable when the user account is defined locally in the VNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-34484", "text": "The VNF **SHOULD** create a single component VNF for VNFCs\nthat can be used by other VNFs.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-34552", "text": "The VNF **MUST** be implemented so that it is not vulnerable to OWASP\nTop 10 web application security risks.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-34660", "text": "The VNF or PNF **MUST** use the RESTCONF/NETCONF framework used by\nthe ONAP configuration subsystem for synchronous communication.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-348813", "text": "The VNF's Heat Orchestration Template's ZIP file **MUST NOT** include\na binary image file.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-34957", "text": "The VNF **MUST** provide a method of metrics gathering for each\nlayer's performance to identify variances in the allocations so\nthey can be addressed.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-35291", "text": "The VNF **MUST** support the ability to failover a VNFC\nautomatically to other geographically redundant sites if not\ndeployed active-active to increase the overall resiliency of the VNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-35401", "text": "The VNF or PNF **MUST** support SSH and allow SSH access by the\nAnsible server to the endpoint VM(s) and comply with the Network\nCloud Service Provider guidelines for authentication and access.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-35414", "text": "A VNF Heat Orchestration's template **MUST** contain the\nsection ``parameters:``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-35532", "text": "The VNF **SHOULD** release and clear all shared assets (memory,\ndatabase operations, connections, locks, etc.) as soon as possible,\nespecially before long running sync and asynchronous operations, so as\nto not prevent use of these assets by other entities.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-35666", "text": "If a VNF has an internal network, the VNF Heat Orchestration Template\n**MUST** include the heat resources to create the internal network.\n\nA VNF's Internal Network is created using Neutron Heat Resources\n(i.e., ``OS::Neutron::Net``, ``OS::Neutron::Subnet``) and/or\nContrail Heat Resources (i.e., ``OS::ContrailV2::VirtualNetwork``,\n``ContrailV2::NetworkIpam``).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-35735", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::Neutron::Port`` is attaching to an external network\n(per the ONAP definition, see Requirement R-57424),\nand the IPv6 VIP is required to be supported by the ONAP data model,\nthe property ``allowed_address_pairs`` map property ``ip_address``\nparameter name **MUST** follow the naming convention\n\n* ``{vm-type}_{network-role}_floating_v6_ip``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n\nAnd the parameter **MUST** be declared as type ``string``.\n\nAs noted in the introduction to this section, the ONAP data model\ncan only support one IPv6 VIP address.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-35851", "text": "The VNF HEAT Package\u00a0**MUST**\u00a0include VNF topology that describes basic\nnetwork and application connectivity internal and external to the VNF\nincluding Link type, KPIs, Bandwidth, latency, jitter, QoS (if applicable)\nfor each interface.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-35854", "text": "The VNF Descriptor (VNFD) provided by VNF vendor **MUST** comply with\nTOSCA/YAML based Service template for VNF descriptor specified in\nETSI NFV-SOL001.\n\n**Note**: As the ETSI NFV-SOL001 is work in progress the below tables\nsummarizes the TOSCA definitions agreed to be part of current version\nof NFV profile and that VNFD MUST comply with in ONAP Release 2+\nRequirements.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-35960", "text": "The VNF or PNF Package **MUST** include documentation which must include\nall events, severity level (e.g., informational, warning, error) and\ndescriptions including causes/fixes if applicable for the event.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-36280", "text": "The VNF or PNF Documentation Package **MUST** describe the\nVNF or PNF Functional Capabilities that are utilized to operationalize the\nVNF or PNF and compose complex services.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-36542", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vnf_name`` parameter\n``vnf_name`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-36582", "text": "A VNF's Base Module **MAY** utilize nested heat.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-36687", "text": "A VNF's Heat Orchestration Template's ``{vm-type}`` case in Resource\nproperty parameter names **SHOULD** match the case of ``{vm-type}``\nin Resource IDs and vice versa.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-36772", "text": "A VNF's Heat Orchestration Template's parameter **MUST** include the\nattribute ``type:``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-36792", "text": "The VNF **MUST** automatically retry/resubmit failed requests\nmade by the software to its downstream system to increase the success rate.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-36843", "text": "The VNF **MUST** support the ability of the VNFC to be deployable\nin multi-zoned cloud sites to allow for site support in the event of cloud\nzone failure or upgrades.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-36982", "text": "A VNF's Heat Orchestration template **MAY** contain the ``outputs:``\nsection.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-37028", "text": "A VNF **MUST** be composed of one Base Module", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-37039", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_index`` parameter\n``vf_module_index`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-37437", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property ``metadata`` **MUST**\ncontain the key/value pair ``vnf_id``\nand the value **MUST** be obtained via a ``get_param``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-37692", "text": "The VNFC **MUST** provide API versioning to allow for\nindependent upgrades of VNFC.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-378131", "text": "(Error Case) - If an error is encountered by the PNF during a\nService Configuration exchange with ONAP, the PNF **MAY** log the\nerror and notify an operator.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-37929", "text": "The VNF or PNF **MUST** accept all necessary instance specific\ndata from the environment or node object attributes for the VNF or PNF\nin roles/cookbooks/recipes invoked for a VNF or PNF action.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-38001", "text": "The VNF **MUST** support ONAP Controller's **Rebuild** command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-38236", "text": "The VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n**MUST** be declared type ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-384337", "text": "The VNF Documentation Package **MUST** contain a list of the files within the VNF\npackage that are static during the VNF's runtime.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-38474", "text": "A VNF's Base Module **MUST** have a corresponding Environment File.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-39067", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_name`` parameter **MUST** be\ndeclared as ``vf_module_name`` and the parameter **MUST**\nbe defined as type: ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-39349", "text": "A VNF Heat Orchestration Template **MUST NOT** be designed to utilize the\nOpenStack ``heat stack-update`` command for scaling (growth/de-growth).", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-39402", "text": "A VNF's Heat Orchestration Template **MUST** contain the\nsection ``description:``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-39562", "text": "The VNF **MUST** disable unnecessary or vulnerable cgi-bin programs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-39604", "text": "The VNF **MUST** provide the capability of testing the\nvalidity of a digital certificate by checking the Certificate Revocation\nList (CRL) for the certificates of that type to ensure that the\ncertificate has not been revoked.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-39650", "text": "The VNF **SHOULD** provide the ability to test incremental\ngrowth of the VNF.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-39841", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_{network-role}_ip_{index}``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-40293", "text": "The VNF or PNF **MUST** make available playbooks that conform\nto the ONAP requirement.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-40499", "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``flavor`` even if more than one ``{vm-type}`` shares the same flavor.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-40518", "text": "A VNF's Heat Orchestration Template's parameter defined\nin a non-nested YAML file as type\n``string`` **MAY** have a parameter constraint defined.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-40551", "text": "A VNF's Heat Orchestration Template's Nested YAML files **MAY**\n(or **MAY NOT**) contain the section ``resources:``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-40813", "text": "The VNF **SHOULD** support the use of virtual trusted platform\nmodule.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-40820", "text": "The VNF or PNF TOSCA PACKAGE **MUST** enumerate all of the open source\nlicenses their VNF(s) incorporate. CSAR License directory as per ETSI\nSOL004.\n\nfor example ROOT\\\\Licenses\\\\ **License_term.txt**", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-40827", "text": "The VNF or PNF provider **MUST** enumerate all of the open\nsource licenses their VNF or PNF(s) incorporate.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-408813", "text": "The VNF, when publishing events, **MUST** pass all information it is\nable to collect even if the information field is identified as optional.\nHowever, if the data cannot be collected, then optional fields can be\nomitted.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-40971", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-41159", "text": "The VNF **MUST** deliver any and all functionality from any\nVNFC in the pool (where pooling is the most suitable solution). The\nVNFC pool member should be transparent to the client. Upstream and\ndownstream clients should only recognize the function being performed,\nnot the member performing it.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-41215", "text": "The VNF **MAY** have zero to many \"incremental\" modules.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-41252", "text": "The VNF **MUST** support the capability of online storage of\nsecurity audit logs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-41430", "text": "The VNF or PNF **MUST** support APPC/SDN-C ``HealthCheck`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-41492", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::Neutron::Port`` is attaching to an external network\n(per the ONAP definition, see Requirement R-57424),\nand the IPv4 VIP is required to be supported by the ONAP data model,\nthe property ``allowed_address_pairs`` map property ``ip_address``\nparameter name **MUST** follow the naming convention\n\n* ``{vm-type}_{network-role}_floating_ip``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n\nAnd the parameter **MUST** be declared as type ``string``.\n\nAs noted in the introduction to this section, the ONAP data model\ncan only support one IPv4 VIP address.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-41493", "text": "When the VNF's Heat Orchestration Template's resource\n``OS::Neutron::Port`` is attaching to an external network\n(per the ONAP definition, see Requirement R-57424),\nand the IPv4 VIP address and/or IPv6 VIP address\nis **not** supported by the ONAP data model,\nthe property ``allowed_address_pairs`` map property ``ip_address``\n\n* Parameter name **MAY** use any naming convention. That is, there is no\n ONAP mandatory parameter naming convention.\n* Parameter **MAY** be declared as type ``string`` or type\n``comma_delimited_list``.\n\nAnd the ``OS::Neutron::Port`` resource **MUST** contain\nresource-level ``metadata`` (not property-level).\n\nAnd the ``metadata`` format **MUST** must contain the\nkey value ``aap_exempt`` with a list of all\n``allowed_address_pairs`` map property ``ip_address`` parameters\n**not** supported by the ONAP data model.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-41825", "text": "The VNF **MUST** activate security alarms automatically when\na configurable number of consecutive unsuccessful login attempts\nis reached.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-41829", "text": "The VNF or PNF **MUST** be able to specify the granularity of the\nlock via a restricted or full XPath expression.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-41888", "text": "A VNF's Heat Orchestration Template intrinsic function\n``get_file`` **MUST NOT** utilize URL-based file retrieval.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-41994", "text": "The VNF **MUST** support the use of X.509 certificates issued from any\nCertificate Authority (CA) that is compliant with RFC5280, e.g., a public\nCA such as DigiCert or Let's Encrypt, or an RFC5280 compliant Operator\nCA.\n\nNote: The VNF provider cannot require the use of self-signed certificates\nin an Operator's run time environment.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-42018", "text": "The VNF or PNF Package **MUST** include documentation which must include\nall events (fault, measurement for VNF or PNF Scaling, Syslogs, State Change\nand Mobile Flow), that need to be collected at each VM, VNFC (defined in `VNF Guidelines `__ ) and for the overall VNF or PNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-42140", "text": "The VNF or PNF **MUST** respond to data requests from ONAP as soon\nas those requests are received, as a synchronous response.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-42207", "text": "The VNF **MUST** design resiliency into a VNF such that the\nresiliency deployment model (e.g., active-active) can be chosen at\nrun-time.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-42366", "text": "The VNF or PNF **MUST** support secure connections and transports such as\nTransport Layer Security (TLS) protocol\n[`RFC5246 `_] and should adhere to\nthe best current practices outlined in\n`RFC7525 `_.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-42685", "text": "A VNF's Heat Orchestration template's Environment File's\n**MAY** contain the ``parameter_merge_strategies:`` section.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-42874", "text": "The VNF **MUST** allow the Operator to restrict access based on\nthe assigned permissions associated with an ID in order to support\nLeast Privilege (no more privilege than required to perform job\nfunctions).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-43253", "text": "The VNF or PNF **MUST** use playbooks designed to allow Ansible\nServer to infer failure or success based on the \"PLAY_RECAP\" capability.\n\n**Note**: There are cases where playbooks need to interpret results\nof a task and then determine success or failure and return result\naccordingly (failure for failed tasks).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-43327", "text": "The VNF or PNF **SHOULD** use `Modeling JSON text with YANG\n`_, If YANG models need to be\ntranslated to and from JSON{RFC7951]. YANG configuration and content can\nbe represented via JSON, consistent with Avro, as described in \"Encoding\nand Serialization\" section.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-43332", "text": "The VNF **MUST** activate security alarms automatically when\nit detects the successful modification of a critical system or\napplication file.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-43353", "text": "The VNF or PNF **MUST** return control from Ansible Playbooks only after\nall tasks performed by playbook are fully complete, signaling that the\nplaybook completed all tasks. When starting services, return control\nonly after all services are up. This is critical for workflows where\nthe next steps are dependent on prior tasks being fully completed.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-43387", "text": "If the VNF or PNF is using Certificate Authentication, the\nVNF or PNF **MUST** support mutual TLS authentication and the Subject\nName in the end-entity certificate MUST be used according to\n`RFC5280 `_.\n\nNote: In mutual TLS authentication, the client (VNF or PNF) must\nauthenticate the server (DCAE) certificate and must provide its own\nX.509v3 end-entity certificate to the server for authentication.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-43413", "text": "A VNF **MUST** utilize a modular Heat Orchestration Template design to\nsupport scaling (growth/de-growth).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-43740", "text": "VNF's Heat Orchestration Template's Resource **MAY** declare the\nattribute ``deletion_policy:``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-43884", "text": "The VNF **SHOULD** integrate with the Operator's authentication and\nauthorization services (e.g., IDAM).", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-43958", "text": "The VNF Documentation Package **MUST** describe\nthe tests that were conducted by the VNF provider and the test results.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-44001", "text": "A VNF's Heat Orchestration Template parameter declaration **MUST**\ncontain the attribute ``description``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-44013", "text": "The VNF or PNF **MUST** populate an attribute, defined as node\n['PushJobOutput'] with the desired output on all nodes in the push job\nthat execute chef-client run if the VNF or PNF action requires the output\nof a chef-client run be made available (e.g., get running configuration).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-440220", "text": "The VNF or PNF **SHOULD** support File transferring protocol, such as FTPES or SFTP,\nwhen supporting the event-driven bulk transfer of monitoring data.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-44125", "text": "The VNF or PNF provider **MUST** agree to the process that can\nbe met by Service Provider reporting infrastructure. The Contract\nshall define the reporting process and the available reporting tools.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-44271", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``name`` parameter value **SHOULD NOT** contain special characters\nsince the Contrail GUI has a limitation displaying special characters.\n\nHowever, if special characters must be used, the only special characters\nsupported are: --- \\\" ! $ ' (\\ \\ ) = ~ ^ | @ ` { } [ ] > , . _", "keyword": "SHOULD NOT", "result": "PASS", "errors": [] }, { "id": "R-44281", "text": "The VNF or PNF **MUST** implement the protocol operation:\n``edit-config(target, default-operation, test-option, error-option,\nconfig)`` - Edit the target configuration data store by merging,\nreplacing, creating, or deleting new config elements.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-44290", "text": "The VNF or PNF **MUST** control access to ONAP and to VNFs or PNFs, and creation\nof connections, through secure credentials, log-on and exchange mechanisms.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-44318", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vnf_name``\nparameter ``vnf_name`` **MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-44569", "text": "The VNF or PNF provider **MUST NOT** require additional\ninfrastructure such as a VNF or PNF provider license server for VNF or PNF provider\nfunctions and metrics.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-44723", "text": "The VNF **MUST** use symmetric keys of at least 112 bits in length.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-44896", "text": "The VNF Package **MUST** include VM requirements via a Heat\ntemplate that provides the necessary data for high availability\nredundancy model.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-45188", "text": "The VNF's Heat Orchestration Template's Resource 'OS::Nova::Server' property\n``flavor`` parameter name **MUST** follow the naming convention\n``{vm-type}_flavor_name``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-45197", "text": "The VNF or PNF **MUST** define the \"from=\" clause to provide the list of IP\naddresses of the Ansible Servers in the Cluster, separated by coma, to\nrestrict use of the SSH key pair to elements that are part of the Ansible\nCluster owner of the issued and assigned mechanized user ID.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-45602", "text": "If a VNF's Port is attached to a network (internal or external)\nand the port's IP addresses are cloud assigned by OpenStack's DHCP\nService, the ``OS::Neutron::Port`` Resource's\n\n* property ``fixed_ips`` map property ``ip_address`` **MUST NOT** be used\n* property ``fixed_ips`` map property ``subnet``\n **MAY** be used", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-45719", "text": "The VNF **MUST**, if not integrated with the Operator's Identity and Access\nManagement system, or enforce a configurable \"terminate idle sessions\"\npolicy by terminating the session after a configurable period of inactivity.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-45856", "text": "The VNF or PNF **MUST** support APPC/SDN-C ``UpgradePostCheck`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-46096", "text": "A VNF's Heat Orchestration template's Environment File's\n**MAY** contain the ``encrypted_parameters:`` section.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-46119", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Cinder::Volume``\n**MAY** be defined in a Base Module.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-46128", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` Resource ID\nthat is configuring an IPv6 Address on a virtual machine interface\n(i.e., OS::ContrailV2::VirtualMachineInterface)\nattached to an external network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}_v6_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.\n* ``v6_IP`` signifies that an IPv6 address is being configured\n* ``{index}`` references the instance of the IPv6 address configured\n on the virtual machine interface. The ``{index}`` is a numeric value\n that **MUST** start at zero on an\n instance of a virtual machine interface and **MUST** increment by one\n each time a new IPv6 address is configured on the\n virtual machine interface.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-46290", "text": "The VNF or PNF **MUST** respond to an ONAP request to deliver granular\ndata on device or subsystem status or performance, referencing the YANG\nconfiguration model for the VNF or PNF by returning the requested data elements.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-46461", "text": "A VNF's port connected to an internal network **MUST NOT** use the port\nfor the purpose of reaching VMs in another VNF and/or an\nexternal gateway and/or\nexternal router.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-465236", "text": "The VNF **SHOULD** provide the capability of maintaining the integrity of\nits static files using a cryptographic method.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-46527", "text": "A VNFD is a deployment template which describes a VNF in terms of\ndeployment and operational behavior requirements. It contains\nvirtualized resources (nodes) requirements as well as connectivity\nand interfaces requirements and **MUST** comply with info elements\nspecified in ETSI GS NFV-IFA 011. The main parts of the VNFD are\nthe following:\n\n - VNF topology: it is modeled in a cloud agnostic way using virtualized\n containers and their connectivity. Virtual Deployment Units (VDU)\n describe the capabilities of the virtualized containers, such as\n virtual CPU, RAM, disks; their connectivity is modeled with VDU\n Connection Point Descriptors (VduCpd), Virtual Link Descriptors\n (VnfVld) and VNF External Connection Point Descriptors\n (VnfExternalCpd);\n\n - VNF deployment aspects: they are described in one or more\n deployment flavours, including configurable parameters, instantiation\n levels, placement constraints (affinity / antiaffinity), minimum and\n maximum VDU instance numbers. Horizontal scaling is modeled with\n scaling aspects and the respective scaling levels in the deployment\n flavours;\n\n**Note**: The deployment aspects (deployment flavour etc.) are postponed\nfor future ONAP releases.\n\n - VNF lifecycle management (LCM) operations: describes the LCM operations\n supported per deployment flavour, and their input parameters;\n Note, thatthe actual LCM implementation resides in a different layer,\n namely referring to additional template artifacts.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-46567", "text": "The VNF or PNF Package **MUST** include configuration scripts\nfor boot sequence and configuration.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-46839", "text": "A VNF's Heat Orchestration Template's use of ``{vm-type}``\nin all Resource IDs **MUST** be the same case.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-46851", "text": "The VNF **MUST** support ONAP Controller's Evacuate command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-46908", "text": "The VNF **MUST**, if not integrated with the Operator's Identity and\nAccess Management system, comply with \"password complexity\" policy. When\npasswords are used, they shall be complex and shall at least meet the\nfollowing password construction requirements: (1) be a minimum configurable\nnumber of characters in length, (2) include 3 of the 4 following types of\ncharacters: upper-case alphabetic, lower-case alphabetic, numeric, and\nspecial, (3) not be the same as the UserID with which they are associated\nor other common strings as specified by the environment, (4) not contain\nrepeating or sequential characters or numbers, (5) not to use special\ncharacters that may have command functions, and (6) new passwords must\nnot contain sequences of three or more characters from the previous\npassword.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-46960", "text": "NCSPs **MAY** operate a limited set of Guest OS and CPU\narchitectures and families, virtual machines, etc.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-46968", "text": "VNF's Heat Orchestration Template's Resource **MAY** declare the\nattribute ``depends_on:``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-46986", "text": "The VNF **SHOULD** have source code scanned using scanning\ntools (e.g., Fortify) and provide reports.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-47061", "text": "A VNF's Heat Orchestration Template's OS::Nova::Server\nResource **SHOULD** contain the metadata map value parameter\n'workload_context'.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-47068", "text": "The VNF or PNF **MAY** expose a single endpoint that is\nresponsible for all functionality.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-470963", "text": "The VNF, when publishing events, **MUST** leverage camel case to separate\nwords and acronyms used as keys that will be sent through extensible fields.\nWhen an acronym is used as the key, then only the first letter shall be\ncapitalized.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-47204", "text": "The VNF **MUST** be capable of protecting the confidentiality and integrity\nof data at rest and in transit from unauthorized access and modification.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-47597", "text": "The VNF or PNF **MUST** carry data in motion only over secure connections.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-47849", "text": "The VNF or PNF provider **MUST** support the metadata about\nlicenses (and their applicable entitlements) as defined in this\nspecification for VNF or PNF software, and any license keys required to authorize\nuse of the VNF or PNF software. This metadata will be used to facilitate\nonboarding the VNF or PNF into the ONAP environment and automating processes\nfor putting the licenses into use and managing the full lifecycle of\nthe licenses. The details of this license model are described in\nTables C1 to C8 in the Appendix.\n\nNote: License metadata support in ONAP is not currently available\nand planned for 1Q 2018.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-47874", "text": "A VNF **MAY** have\n * Only an IPv4 OAM Management IP Address\n * Only an IPv6 OAM Management IP Address\n * Both a IPv4 and IPv6 OAM Management IP Addresses", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-479386", "text": "The VNF **MUST NOT** display \"Welcome\" notices or messages that could\nbe misinterpreted as extending an invitation to unauthorized users.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-48067", "text": "A VNF's Heat Orchestration Template's ``{vm-type}`` **MUST NOT** be a\nsubstring\nof ``{network-role}``.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-48080", "text": "The VNF **SHOULD** support an automated certificate management protocol\nsuch as CMPv2, Simple Certificate Enrollment Protocol (SCEP) or\nAutomated Certificate Management Environment (ACME).", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-481670", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``flavor`` value **MUST** be be obtained via a ``get_param``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-48247", "text": "The VNF or PNF **MUST** support APPC ``ConfigRestore`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-48356", "text": "The VNF **MUST** fully exploit exception handling to the extent\nthat resources (e.g., threads and memory) are released when no longer\nneeded regardless of programming language.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-48470", "text": "The VNF **MUST** support Real-time detection and\nnotification of security events.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-484843", "text": "The PNFD provided by a PNF vendor\u00a0**MUST**\u00a0comply with the following Data\nTypes as specified in ETSI NFV-SOL001 standard:\n\n - tosca.datatypes.nfv.CpProtocolData\n\n - tosca.datatypes.nfv.AddressData\n\n - tosca.datatypes.nfv.L2AddressData\n\n - tosca.datatypes.nfv.L3AddressData\n\n - tosca.datatypes.nfv.LocationInfo\n\n - tosca.datatypes.nfv.CivicAddressElement", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-48596", "text": "The VNF or PNF Documentation Package **MUST** describe\nthe characteristics for the VNF or PNF reliability and high availability.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-48698", "text": "The VNF or PNF **MUST** utilize information from key value pairs that will\nbe provided by the Ansible Server as \"extra-vars\" during invocation to\nexecute the desired VNF or PNF action. The \"extra-vars\" attribute-value\npairs are passed to the Ansible Server by an APPC/SDN-C as part of the\nRest API request. If the playbook requires files, they must also be\nsupplied using the methodology detailed in the Ansible Server API, unless\nthey are bundled with playbooks, example, generic templates. Any files\ncontaining instance specific info (attribute-value pairs), not obtainable\nfrom any ONAP inventory databases or other sources, referenced and used an\ninput by playbooks, shall be provisioned (and distributed) in advance of\nuse, e.g., VNF or PNF instantiation. Recommendation is to avoid these\ninstance specific, manually created in advance of instantiation, files.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-48761", "text": "The VNF **MUST** support ONAP Controller's Snapshot command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-48880", "text": "If a VNF's Port is attached to an external network and the port's\nIP addresses are assigned by ONAP's SDN-Controller,\nthe ``OS::Neutron::Port`` Resource's\n\n* property ``fixed_ips`` map property ``ip_address`` **MUST** be used\n* property ``fixed_ips`` map property ``subnet``\n **MUST NOT** be used", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-48917", "text": "The VNF **MUST** monitor for and alert on (both sender and\nreceiver) errant, running longer than expected and missing file transfers,\nso as to minimize the impact due to file transfer errors.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-48987", "text": "If the VNF's OAM Management IP Address is cloud assigned and\nand the OAM IP Address is required to be inventoried in ONAP A&AI,\nthen the parameter **MUST** be obtained by the\nresource ``OS::Neutron::Port``\nattribute ``ip_address``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-49036", "text": "The VNF or PNF **SHOULD** conform its YANG model to RFC 7277,\n\"A YANG Data Model for IP Management\".", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-49109", "text": "The VNF or PNF **MUST** support HTTPS using TLS v1.2 or higher\nwith strong cryptographic ciphers.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-49145", "text": "The VNF or PNF **MUST** implement ``:confirmed-commit`` If\n``:candidate`` is supported.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-49224", "text": "The VNF **MUST** provide unique traceability of a transaction\nthrough its life cycle to ensure quick and efficient troubleshooting.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-49308", "text": "The VNF **SHOULD** test for adherence to the defined resiliency\nrating recommendation at each layer, during each delivery cycle with\ndelivered results, so that the resiliency rating is measured and the\ncode is adjusted to meet software resiliency requirements.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-49396", "text": "The VNF or PNF **MUST** support each APPC/SDN-C VNF or PNF action\nby invocation of **one** playbook [#7.3.4]_. The playbook will be\nresponsible for executing all necessary tasks (as well as calling other\nplaybooks) to complete the request.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-49466", "text": "The VNF or PNF **MUST** support APPC/SDN-C ``UpgradeSoftware`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-49751", "text": "The VNF or PNF **MUST** support Ansible playbooks that are compatible with\nAnsible version 2.6 or later.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-49911", "text": "The VNF or PNF provider **MUST** assign a new point release to the updated\nplaybook set. The functionality of a new playbook set must be tested before\nit is deployed to the production.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-50011", "text": "A VNF's Heat Orchestration Template's ``OS::Heat::ResourceGroup``\nproperty ``count`` **MUST** be enumerated in the VNF's\nHeat Orchestration Template's Environment File and **MUST** be\nassigned a value.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-50252", "text": "The VNF or PNF **MUST** write to a response file in JSON format that will\nbe retrieved and made available by the Ansible Server if, as part of a VNF\nor PNF action (e.g., audit), a playbook is required to return any VNF or\nPNF information/response. The text files must be written in the main\nplaybook home directory, in JSON format. The JSON file must be created for\nthe VNF or PNF with the name '_results.txt'. All playbook\noutput results, for all VNF or PNF VMs, to be provided as a response to the\nrequest, must be written to this response file.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-50436", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``flavor`` parameter **MUST** be declared as type: ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-50468", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` Resource ID\nthat is attaching to an internal network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port (i.e. virtual machine interface) is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-506221", "text": "The VNF or PNF TOSCA CSAR file **MUST** be a zip file with .csar extension.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-50816", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property ``metadata``\nkey/value pair ``vf_module_index``\nvalue **MUST** be obtained via a ``get_param``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-511776", "text": "When a VNF's Heat Orchestration Template is ready\nto be on-boarded to ONAP,\nall files composing the VNF Heat Orchestration Template\n**MUST** be placed in a flat (i.e., non-hierarchical) directory and\narchived using ZIP. The resulting ZIP file is uploaded into ONAP.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-51347", "text": "The VNF or PNF CSAR package **MUST** be arranged as a CSAR archive as\nspecified in TOSCA Simple Profile in YAML 1.2.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-51430", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``name`` parameter **MUST** be declared as either type ``string``\nor type ``comma_delimited_list``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-51442", "text": "The VNF or PNF **SHOULD** use playbooks that are designed to\nautomatically 'rollback' to the original state in case of any errors\nfor actions that change state of the VNF or PNF (e.g., configure).\n\n**Note**: In case rollback at the playbook level is not supported or\npossible, the VNF or PNF provider shall provide alternative rollback\nmechanism (e.g., for a small VNF or PNF the rollback mechanism may rely\non workflow to terminate and re-instantiate VNF VMs and then re-run\nplaybook(s)). Backing up updated files is also recommended to support\nrollback when soft rollback is feasible.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-52060", "text": "The VNF **MUST** provide the capability to configure encryption\nalgorithms or devices so that they comply with the laws of the jurisdiction\nin which there are plans to use data encryption.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-520802", "text": "The VNF or PNF provider **MUST** provide a YAML file formatted in adherence with\nthe :ref:`VES Event Registration specification `\nthat defines the following information for each event produced by the VNF:\n\n* ``eventName``\n* Required fields\n* Optional fields\n* Any special handling to be performed for that event", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-52425", "text": "A VNF's port connected to an internal network **MUST**\nuse the port for the purpose of reaching VMs in the same VNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-52499", "text": "The VNF **MUST** meet their own resiliency goals and not rely\non the Network Cloud.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-52753", "text": "VNF's Heat Orchestration Template's Base Module's output parameter's\nname and type **MUST** match the VNF's Heat Orchestration Template's\nincremental Module's name and type.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-52870", "text": "The VNF **MUST** provide a method of metrics gathering\nand analysis to evaluate the resiliency of the software from both\na granular as well as a holistic standpoint. This includes, but is\nnot limited to thread utilization, errors, timeouts, and retries.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-528866", "text": "The VNF **MUST** produce VES events that include the following mandatory\nfields in the common event header.\n\n * ``domain`` - the event domain enumeration\n * ``eventId`` - the event key unique to the event source\n * ``eventName`` - the unique event name\n * ``lastEpochMicrosec`` - the latest unix time (aka epoch time) associated\n with the event\n * ``priority`` - the processing priority enumeration\n * ``reportingEntityName`` - name of the entity reporting the event or\n detecting a problem in another VNF or PNF\n * ``sequence`` - the ordering of events communicated by an event source\n * ``sourceName`` - name of the entity experiencing the event issue, which\n may be detected and reported by a separate reporting entity\n * ``startEpochMicrosec`` - the earliest unix time (aka epoch time)\n associated with the event\n * ``version`` - the version of the event header\n * ``vesEventListenerVersion`` - Version of the VES event listener API spec\n that this event is compliant with", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-53015", "text": "The VNF or PNF **MUST** apply locking based on the sequence of\nNETCONF operations, with the first configuration operation locking\nout all others until completed.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-53310", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` Resource ID\nthat is configuring an IPv4 Address on a virtual machine interface\n(i.e., OS::ContrailV2::VirtualMachineInterface)\nattached to an external network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network that the\n virtual machine interface is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.\n* ``IP`` signifies that an IPv4 address is being configured\n* ``{index}`` references the instance of the IPv4 address configured\n on the virtual machine interface. The ``{index}`` is a numeric value\n that **MUST** start at zero on an\n instance of a virtual machine interface and **MUST** increment by one\n each time a new IPv4 address is configured on the\n virtual machine interface.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-53317", "text": "The VNF or PNF **MUST** conform its YANG model to RFC 6087,\n\"Guidelines for Authors and Reviewers of YANG Data Model specification\".", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-53433", "text": "A VNF's Cinder Volume Module **MUST** have a corresponding environment file", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-535009", "text": "The PNFD provided by a PNF vendor\u00a0**MUST**\u00a0comply with the following Node\nTypes as specified in ETSI NFV-SOL001 standard:\n\n - tosca.nodes.nfv.PNF\n\n - tosca.nodes.nfv.PnfExtCp\n\n - tosca.nodes.nfv.Cp", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-53598", "text": "The VNF or PNF Documentation Package **MUST**, when relevant,\nprovide a threshold crossing alert point for each KPI and describe the\nsignificance of the threshold crossing.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-53952", "text": "A VNF's Heat Orchestration Template's Resource\n**MUST NOT** reference a HTTP-based resource definitions.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-54171", "text": "When the VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` parameter is defined as a ``string``,\nthe parameter name **MUST** follow the naming convention\n\n* ``{vm-type}_name_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at\nzero in a VNF's Heat Orchestration Template and **MUST** increment by one.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-54190", "text": "The VNF or PNF **MUST** release locks to prevent permanent lock-outs\nwhen/if a session applying the lock is terminated (e.g., SSH session\nis terminated).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-54340", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty\n``metadata`` key/value pair ``vf_module_index`` parameter **MUST**\nbe declared as ``vf_module_index`` and the parameter **MUST** be\ndefined as type: ``number``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-54356", "text": "The below table includes the data types used by NFV node and is based\non TOSCA/YAML constructs specified in draft GS NFV-SOL 001. The node\ndata definitions/attributes used in VNFD **MUST** comply with the below\ntable.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-54373", "text": "The VNF or PNF **MUST** have Python >= 2.6 on the endpoint VM(s)\nof a VNF or PNF on which an Ansible playbook will be executed.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-54430", "text": "The VNF **MUST** use the NCSP's supported library and compute\nflavor that supports DPDK to optimize network efficiency if using DPDK. [#4.1.1]_", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-54517", "text": "When a VNF's Heat Orchestration Template's resource is associated with\na single ``{vm-type}``, the Resource ID **MUST** contain the\n``{vm-type}``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-54520", "text": "The VNF **MUST** log successful and unsuccessful authentication\nattempts, e.g., authentication associated with a transaction,\nauthentication to create a session, authentication to assume elevated\nprivilege.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-54816", "text": "The VNF **MUST** support the storage of security audit logs for a\nconfigurable period of time.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-54876", "text": "The below table describes the data types used for LCM configuration\nand is based on TOSCA constructs specified in draft GS NFV-SOL 001.\nThe LCM configuration data elements used in VNFD **MUST** comply\nwith the below table.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-54930", "text": "The VNF **MUST** implement the following input validation controls:\nDo not permit input that contains content or characters inappropriate\nto the input expected by the design. Inappropriate input, such as\nSQL expressions, may cause the system to execute undesirable and\nunauthorized transactions against the database or allow other\ninappropriate access to the internal network (injection attacks).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-55218", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vnf_id`` parameter ``vnf_id`` **MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-55306", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vf_module_index`` **MUST NOT**\nbe used in a ``OS::Cinder::Volume`` resource and **MUST NOT** be\nused in VNF's Volume template;\nit is not supported.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-55345", "text": "The VNF **SHOULD** use techniques such as \"lazy loading\" when\ninitialization includes loading catalogues and/or lists which can grow\nover time, so that the VNF startup time does not grow at a rate\nproportional to that of the list.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-55478", "text": "The VNF **MUST** log logoffs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-55634", "text": "If VNF or PNF is using Basic Authentication, then the VNF or PNF\n**MUST** be in compliance with\n`RFC7617 `_ for authenticating HTTPS\nconnections to the DCAE VES Event Listener.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-55802", "text": "The VNF Package **MUST** include VM requirements via a Heat\ntemplate that provides the necessary data for scaling/growth VM\nspecifications.\n\nNote: Must comply with the *Heat requirements in 5.b*.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-56183", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata``key/value pair ``environment_context``\nparameter ``environment_context`` **MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT", "result": "SKIP", "errors": [] }, { "id": "R-56218", "text": "The VNF **MUST** support ONAP Controller's Migrate command that\nmoves container (VM) from a live Physical Server / Compute Node to\nanother live Physical Server / Compute Node.\n\n Note: Container migrations MUST be transparent to the VNF and no more intrusive than a stop,\n followed by some down time for the migration to be performed from one Compute Node / Physical\n Server to another, followed by a start of the same VM with same configuration on the new\n Compute Node / Physical Server.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-56287", "text": "If the VNF's OAM Management IP Address is assigned by ONAP SDN-C and\nassigned in the VNF's Heat Orchestration Template's via a heat resource\n``OS::Neutron::Port`` property ``fixed_ips`` map property\n``ip_adress`` parameter (e.g., ``{vm-type}_{network-role}_ip_{index}``,\n``{vm-type}_{network-role}_v6_ip_{index}``)\nand the OAM IP Address is required to be inventoried in ONAP A&AI,\nthen the parameter **MUST** be echoed in an output statement.\n\n.. code-block:: yaml\n\n outputs:\n oam_management_v4_address:\n value: {get_param: {vm-type}_{network-role}_ip_{index} }\n oam_management_v6_address:\n value: {get_param: {vm-type}_{network-role}_v6_ip_{index} }", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-56385", "text": "The VNF or PNF **MUST** support APPC ``Audit`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-56438", "text": "A VNF's Heat Orchestration Template's Nested YAML file extension **MUST**\nbe in the lower case format ``.yaml`` or ``.yml``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-56718", "text": "The PNF Vendor **MAY** provide software version(s) to be supported by PNF\nfor SDC Design Studio PNF Model. This is set in the PNF Model property\nsoftware_versions.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-56721", "text": "A VNF's Incremental Module **MAY** utilize nested heat.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-56793", "text": "The VNF **MUST** test for adherence to the defined performance\nbudgets at each layer, during each delivery cycle with delivered\nresults, so that the performance budget is measured and the code\nis adjusted to meet performance budget.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-56815", "text": "The VNF or PNF Documentation Package **MUST** describe\nsupported VNF or PNF scaling capabilities and capacity limits (e.g., number\nof users, bandwidth, throughput, concurrent calls).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-56904", "text": "The VNF **MUST** interoperate with the ONAP (SDN) Controller so that\nit can dynamically modify the firewall rules, ACL rules, QoS rules, virtual\nrouting and forwarding rules.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-56920", "text": "The VNF **MUST** protect all security audit logs (including\nAPI, OS and application-generated logs), security audit software, data,\nand associated documentation from modification, or unauthorized viewing,\nby standard OS access control mechanisms, by sending to a remote system,\nor by encryption.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-570134", "text": "The events produced by the VNF or PNF **MUST** must be compliant with the common\nevent format defined in the\n:ref:`VES Event Listener`\nspecification.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-57019", "text": "The PNF TOSCA CSAR PACKAGE Manifest file **MUST** start with the PNF\npackage metadata in the form of a name-value pairs. Each pair shall appear\non a different line. The name is specified as following:\n\n - pnfd_provider\n\n - pnfd_name\n\n - pnfd_release_date_time\n\n - pnfd_archive_version", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-57282", "text": "Each VNF's Heat Orchestration Template's ``{vm-type}`` **MUST**\nhave a unique parameter name for the ``OS::Nova::Server`` property\n``image`` even if more than one ``{vm-type}`` shares the same image.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-57424", "text": "A VNF's port connected to an external network **MUST**\nuse the port for the purpose of reaching\nVMs in another VNF and/or an external gateway and/or external router.\nA VNF's port connected to an external network **MAY**\nuse the port for the purpose of reaching VMs in the same VNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-57617", "text": "The VNF **MUST** include the field \"success/failure\" in the\nSecurity alarms (where applicable and technically feasible).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-57855", "text": "The VNF **MUST** support hitless staggered/rolling deployments\nbetween its redundant instances to allow \"soak-time/burn in/slow roll\"\nwhich can enable the support of low traffic loads to validate the\ndeployment prior to supporting full traffic loads.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-581188", "text": "A failed authentication attempt **MUST NOT** identify the reason for the\nfailure to the user, only that the authentication failed.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-58301", "text": "The VNF or PNF **SHOULD NOT** use playbooks that make requests to\nCloud resources e.g. Openstack (nova, neutron, glance, heat, etc.);\ntherefore, there is no use for Cloud specific variables like Openstack\nUUIDs in Ansible Playbook related artifacts.\n\n**Rationale**: Flows that require interactions with Cloud services e.g.\nOpenstack shall rely on workflows run by an Orchestrator\n(Change Management) or other capability (such as a control loop or\nOperations GUI) outside Ansible Server which can be executed by a\nAPPC/SDN-C. There are policies, as part of Control Loop\nmodels, that send remediation action requests to an APPC/SDN-C; these\nare triggered as a response to an event or correlated events published\nto Event Bus.", "keyword": "SHOULD NOT", "result": "PASS", "errors": [] }, { "id": "R-58358", "text": "The VNF or PNF **MUST** implement the ``:with-defaults`` capability\n[RFC6243].", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-58370", "text": "The VNF **SHOULD** operate with anti-virus software which produces alarms\nevery time a virus is detected.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-58421", "text": "The VNF **SHOULD** be decomposed into granular re-usable VNFCs.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-58424", "text": "A VNF's Heat Orchestration Template's use of ``{network-role}``\nin all Resource property parameter names **MUST** be the same case.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-58670", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter name **MUST** follow the naming convention\n``{vm-type}_image_name``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-58775", "text": "The VNF provider **MUST** provide software components that\ncan be packaged with/near the VNF, if needed, to simulate any functions\nor systems that connect to the VNF system under test. This component is\nnecessary only if the existing testing environment does not have the\nnecessary simulators.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-589037", "text": "A VNF Heat Orchestration Template's Cinder Volume Module ``resources:``\nsection\n**MUST** only be defined using one of the following:\n\n* one of more ``OS::Cinder::Volume`` resources\n* one or more ``OS::Heat::ResourceGroup`` resources that call a nested YAML\n file that contains only ``OS::Cinder::Volume`` resources\n* a resource that calls a nested YAML file (static nesting) that contains\n only ``OS::Cinder::Volume`` resources", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-58964", "text": "The VNF **MUST** provide the capability to restrict read\nand write access to data handled by the VNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-59391", "text": "The VNF **MUST NOT** allow the assumption of the permissions of another\naccount to mask individual accountability. For example, use SUDO when a\nuser requires elevated permissions such as root or admin.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-59434", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Subnet``\nResource ID **SHOULD** use the naming convention\n\n* ``int_{network-role}_subnet_{index}``\n\nwhere\n\n* ``{network-role}`` is the network-role\n* ``{index}`` is the ``{index}`` of the subnet of the network.\n The ``{index}`` starts at zero and increments by one\n (as described in R-11690).", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-59482", "text": "A VNF's Heat Orchestration Template **MUST NOT** be VNF instance\nspecific or cloud site specific.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-59568", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``availability_zone`` parameter **MUST NOT** be enumerated in the Heat\nOrchestration\nTemplate's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-596064", "text": "The PNFD provided by a PNF vendor **MUST** comply with the following Policy\nTypes as specified in ETSI NFV-SOL001 standard:\n\n - tosca.datatypes.nfv.SecurityGroupRule", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-59610", "text": "The VNF or PNF **MUST** implement the data model discovery and\ndownload as defined in [RFC6022].", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-59930", "text": "A VNF's Heat Orchestration template's Environment File's\n**MAY** contain the ``parameter_defaults:`` section.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-599443", "text": "A parameter enumerated in a\nVNF's Heat Orchestration Template's environment file **MUST** be declared\nin the\ncorresponding VNF's Heat Orchestration Template's YAML file's\n``parameters:`` section.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-60011", "text": "A VNF's Heat Orchestration Template **MUST** have no more than two\nlevels of nesting.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-60106", "text": "The VNF or PNF **MUST** implement the protocol operation:\n``get(filter)`` - Retrieve (a filtered subset of) the running\nconfiguration and device state information. This should include\nthe list of VNF or PNF supported schemas.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-60656", "text": "The VNF or PNF **MUST** support sub tree filtering.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-61001", "text": "A shared Heat Orchestration Template resource is a resource that **MUST**\nbe defined in the base module and will be referenced by one or\nmore resources in one or more incremental modules.\n\nThe UUID of the shared resource (created in the base module) **MUST** be\nexposed by declaring a parameter in the\n``outputs`` section of the base module.\n\nFor ONAP to provided the UUID value of the shared resource to the\nincremental module, the parameter name defined in the ``outputs``\nsection of the base module **MUST** be defined as a parameter\nin the ``parameters`` section of the incremental module.\n\nONAP will capture the output parameter name and value in the base module\nand provide the value to the corresponding parameter(s) in the\nincremental module(s).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-610010", "text": "A VNF's Heat Orchestration Template's Base Module **MAY** declare zero, one,\nor more than one ``OS::Nova::Server`` resource. A ``OS::Nova::Server``\n**MAY** be created in the base module or a nested yaml file invoked by the\nbase module.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-610020", "text": "If a VNF's Heat Orchestration Template's Base Module contains two or more\n``OS::Nova::Server`` resources (created in the base module itself and/or\nin a nested yaml file invoked by the base module), the ``OS::Nova::Server``\nresources **MAY**\ndefine the same ``{vm-type}`` (as defined in R-01455) or **MAY**\ndefine different ``{vm-type}``.\n\nNote that\n\n- there is no constraint on the number of unique ``{vm-type}`` defined in\n the base module.\n- there is no constraint on the number of ``OS::Nova::Server`` resources\n that define the same ``{vm-type}`` in the base module.\n- if an ``OS::Nova::Server`` is created in a nested yaml file invoked by\n the base module, the nested yaml file **MUST NOT** contain more than one\n ``OS::Nova::Server`` resource (as defined in R-17528).", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-610030", "text": "A VNF's Heat Orchestration Template's Incremental Module **MUST**\ndeclare one or more ``OS::Nova::Server`` resources. A ``OS::Nova::Server``\n**MAY** be created in the incremental module or a nested yaml file invoked\nby the incremental module.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-610040", "text": "If a VNF's Heat Orchestration Template's Incremental Module contains two or\nmore ``OS::Nova::Server`` resources, the ``OS::Nova::Server`` resources\n**MAY** define the same ``{vm-type}`` (as defined in R-01455) or **MAY**\ndefine different ``{vm-type}``.\n\nNote that\n\n- there is no constraint on the number of unique ``{vm-type}`` defined in\n the incremental module.\n- there is no constraint on the number of ``OS::Nova::Server`` resources\n that define the same ``{vm-type}`` in the incremental module.\n- if an ``OS::Nova::Server`` is created in a nested yaml file invoked by\n the incremental module, the nested yaml file **MUST NOT** contain more\n than one ``OS::Nova::Server`` resource (as defined in R-17528).", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-610050", "text": "The same ``{vm-type}`` for a VNF's Heat Orchestration Template's\n``OS::Nova::Server`` resource (as defined in R-01455) **MAY** exist in\nthe VNF's Heat Orchestration Template's Base Module (or invoked nested yaml\nfile) and/or one or more of the VNF's Heat Orchestration Template's\nIncremental Modules (or invoked nested yaml file).", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-61354", "text": "The VNF **MUST** provide a mechanism (e.g., access control list) to\npermit and/or restrict access to services on the VNF by source,\ndestination, protocol, and/or port.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-62170", "text": "The VNF or PNF **MUST** over-ride any default values for\nconfigurable parameters that can be set by ONAP in the roles,\ncookbooks and recipes.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-62187", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` Resource ID\nthat is configuring an IPv4 Address on a virtual machine interface\n(i.e., OS::ContrailV2::VirtualMachineInterface)\nattached to an internal network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.\n* ``IP`` signifies that an IPv4 address is being configured\n* ``{index}`` references the instance of the IPv4 address configured\n on the virtual machine interface. The ``{index}`` is a numeric value\n that **MUST** start at zero on an\n instance of a virtual machine interface and **MUST** increment by one\n each time a new IPv4 address is configured on the\n virtual machine interface.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-62428", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vnf_name`` parameter **MUST**\nbe declared as ``vnf_name`` and the parameter **MUST** be defined as\ntype: ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-62468", "text": "The VNF or PNF **MUST** allow all configuration data to be\nedited through a NETCONF operation. Proprietary\nNETCONF RPCs that make configuration changes are not sufficient.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-62498", "text": "The VNF **MUST** support encrypted access protocols, e.g., TLS,\nSSH, SFTP.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-62590", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``fixed_ips``\nmap property ``ip_address``\nparameter associated with an external network, i.e.,\n\n * ``{vm-type}_{network-role}_ip_{index}``\n * ``{vm-type}_{network-role}_v6_ip_{index}``\n * ``{vm-type}_{network-role}_ips``\n * ``{vm-type}_{network-role}_v6_ips``\n\n\n**MUST NOT** be enumerated in the Heat Orchestration\nTemplate's Environment File. ONAP provides the IP address\nassignments at orchestration time.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-62802", "text": "When the VNF's Heat Orchestration Template's\nresource ``OS::Neutron::Port`` is attaching\nto an external network (per the ONAP definition, see\nRequirement R-57424),\nand an IPv4 address is being cloud assigned by OpenStack's DHCP Service\nand the external network IPv4 subnet is to be specified\nusing the property ``fixed_ips``\nmap property ``subnet``, the parameter\n**MUST** follow the naming convention\n\n * ``{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the network.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-629534", "text": "The VNF **MUST** be capable of automatically synchronizing the system clock\ndaily with the Operator's trusted time source, to assure accurate time\nreporting in log files. It is recommended that Coordinated Universal Time\n(UTC) be used where possible, so as to eliminate ambiguity owing to daylight\nsavings time.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-62983", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424), the\n``network`` parameter name **MUST**\n\n * follow the naming convention ``{network-role}_net_id`` if the Neutron\n network UUID value is used to reference the network\n * follow the naming convention ``{network-role}_net_name`` if the\n OpenStack network name is used to reference the network.\n\nwhere ``{network-role}`` is the network-role of the external network\nand a ``get_param`` **MUST** be used as the intrinsic function.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-63137", "text": "VNF's Heat Orchestration Template's Resource **MAY** declare the\nattribute ``update_policy:``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-63229", "text": "The VNF or PNF **MAY** use another option which is expected to include REST\nfor synchronous data, using RESTCONF (e.g., for VNF or PNF state polling).", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-63330", "text": "The VNF **MUST** detect when its security audit log storage\nmedium is approaching capacity (configurable) and issue an alarm.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-63473", "text": "The VNF **MUST** automatically advertise newly scaled\ncomponents so there is no manual intervention required.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-638216", "text": "(Error Case) - The PNF **MUST** support a configurable timer to stop the\nperiodicity sending of the pnfRegistration VES event. If this timer expires\nduring a Service Configuration exchange between the PNF and ONAP, it\nMAY log a time-out error and notify an operator.\n\nNote: It is expected that each vendor will enforce and define a PNF\nservice configuration timeout period. This is because the PNF cannot\nwait indefinitely as there may also be a technician on-site trying to\ncomplete installation & commissioning. The management of the VES event\nexchange is also a requirement on the PNF to be developed by the PNF\nvendor.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-638682", "text": "The VNF **MUST** log any security event required by the VNF Requirements to\nSyslog using LOG_AUTHPRIV for any event that would contain sensitive\ninformation and LOG_AUTH for all other relevant events.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-63935", "text": "The VNF or PNF **MUST** release locks to prevent permanent lock-outs\nwhen a user configured timer has expired forcing the NETCONF SSH Session\ntermination (i.e., product must expose a configuration knob for a user\nsetting of a lock expiration timer).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-63953", "text": "The VNF or PNF **MUST** have the echo command return a zero value\notherwise the validation has failed.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-63956", "text": "If the VNF's ports connected to a unique external network\nand the port's IP addresses are ONAP SDN-C assigned IP addresses,\nthe IPv4 addresses **MAY** be from different subnets and the IPv6\naddresses **MAY** be from different subnets.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-64064", "text": "The PNFD provided by a PNF vendor **MUST** comply with the following\nRelationship Types as specified in ETSI NFV-SOL001 standard:\n\n - tosca.datatypes.nfv.VirtualLinksTo", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-64445", "text": "The VNF **MUST** support the ability of a requestor of the\nservice to determine the version (and therefore capabilities) of the\nservice so that Network Cloud Service Provider can understand the\ncapabilities of the service.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-64713", "text": "The VNF **SHOULD** support a software promotion methodology\nfrom dev/test -> pre-prod -> production in software, development &\ntesting and operations.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-64768", "text": "The VNF **MUST** limit the size of application data packets\nto no larger than 9000 bytes for SDN network-based tunneling when\nguest data packets are transported between tunnel endpoints that\nsupport guest logical networks.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-65134", "text": "The VNF **SHOULD** maintain state in a geographically\nredundant datastore that may, in fact, be its own VNFC.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-65486", "text": "The VNFD **MUST** comply with ETSI GS NFV-SOL001 specification endorsing\nthe above mentioned NFV Profile and maintaining the gaps with the\nrequirements specified in ETSI GS NFV-IFA011 standard.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-65515", "text": "The VNF **MUST** provide a mechanism and tool to start VNF\ncontainers (VMs) without impacting service or service quality assuming\nanother VNF in same or other geographical location is processing service\nrequests.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-65516", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Nova::Keypair`` applies to\nall Virtual Machines in the VNF, the Resource ID **SHOULD** use the naming\nconvention\n\n* ``{vnf-type}_keypair``\n\nwhere\n\n* ``{vnf-type}`` describes the VNF", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-65618", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::ServiceHealthCheck`` Resource ID **MAY** use the naming convention\n\n* ``{vm-type}_RSHC_{LEFT|RIGHT}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RSHC`` signifies that it is the Resource Service Health Check\n* ``LEFT`` is used if the Service Health Check is on the left interface\n* ``RIGHT`` is used if the Service Health Check is on the right interface", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-65641", "text": "The VNF or PNF **MUST** support APPC/SDN-C ``UpgradeBackOut`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-65755", "text": "The VNF or PNF **SHOULD** support callback URLs to return information\nto ONAP upon completion of the chef-client run for any chef-client run\nassociated with a VNF or PNF action.\n\n- As part of the push job, ONAP will provide two parameters in the\n environment of the push job JSON object:\n\n - \"RequestId\" a unique Id to be used to identify the request,\n - \"CallbackUrl\", the URL to post response back.\n\n- If the CallbackUrl field is empty or missing in the push job, then\n the chef-client run need not post the results back via callback.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-659655", "text": "The VNF or PNF **SHOULD** leverage the JSON-driven model, as depicted in Figure 2,\nfor data delivery unless there are specific performance or operational\nconcerns agreed upon by the Service Provider that would warrant using an\nalternate model.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-66070", "text": "For HEAT package, the VNF Package **MUST** include VNF Identification Data to\nuniquely identify the resource for a given VNF provider. The identification\ndata must include: an identifier for the VNF, the name of the VNF as was\ngiven by the VNF provider, VNF description, VNF provider, and version.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-663631", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` value **MUST** be be obtained via a ``get_param``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-66793", "text": "The VNF or PNF **MUST** guarantee the VNF or PNF configuration integrity\nfor all simultaneous configuration operations (e.g., if a change is\nattempted to the BUM filter rate from multiple interfaces on the same\nEVC, then they need to be sequenced in the VNF or PNF without locking either\nconfiguration method out).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-67114", "text": "The VNF or PNF **MUST** be installed with Chef-Client >= 12.0 and Chef\npush jobs client >= 2.0.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-67124", "text": "The VNF or PNF **MUST** provide Ansible playbooks that are designed to run\nusing an inventory hosts file in a supported format; with group names\nmatching VNFC 3-character string adding \"vip\" for groups with virtual IP\naddresses shared by multiple VMs as seen in examples provided in Appendix.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-67231", "text": "A VNF's Heat Orchestration template's Environment File's\n**MUST NOT** contain the ``resource_registry:`` section.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-67386", "text": "A VNF's Heat Orchestration Template's Resource **MAY** declare the\nattribute ``metadata``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-67597", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vm_role`` parameter ``vm_role``\n**MUST NOT** have parameter constraints defined.", "keyword": "MUST NOT", "result": "SKIP", "errors": [] }, { "id": "R-67709", "text": "The VNF **MUST** be designed, built and packaged to enable\ndeployment across multiple fault zones (e.g., VNFCs deployed in\ndifferent servers, racks, OpenStack regions, geographies) so that\nin the event of a planned/unplanned downtime of a fault zone, the\noverall operation/throughput of the VNF is maintained.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-67793", "text": "When a VNF's Heat Orchestration Template's resource is associated\nwith more than one ``{vm-type}`` and/or more than one internal and/or\nexternal network, the Resource ID **MUST NOT** contain the ``{vm-type}``\nand/or ``{network-role}``/``int_{network-role}``. It also should contain the\nterm ``shared`` and/or contain text that identifies the VNF.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-67895", "text": "The VNFD provided by VNF vendor may use the below described TOSCA\ncapabilities. An on-boarding entity (ONAP SDC) **MUST** support them.\n\n **tosca.capabilities.nfv.VirtualBindable**\n\n A node type that includes the VirtualBindable capability indicates\n that it can be pointed by **tosca.relationships.nfv.VirtualBindsTo**\n relationship type.\n\n **tosca.capabilities.nfv.VirtualLinkable**\n\n A node type that includes the VirtualLinkable capability indicates\n that it can be pointed by **tosca.relationships.nfv.VirtualLinksTo**\n relationship.\n\n **tosca.capabilities.nfv.ExtVirtualLinkable**\n\n A node type that includes the ExtVirtualLinkable capability\n indicates that it can be pointed by\n **tosca.relationships.nfv.VirtualLinksTo** relationship.\n\n **Note**: This capability type is used in Casablanca how it does\n not exist in the last SOL001 draft\n\n **tosca.capabilities.nfv.VirtualCompute** and\n **tosca.capabilities.nfv.VirtualStorage** includes flavours of VDU", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-67918", "text": "The VNF **MUST** handle replication race conditions both locally\nand geo-located in the event of a data base instance failure to maintain\nservice continuity.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-68023", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vf_module_name``\nvalue **MUST**\nbe obtained via a ``get_param``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-68122", "text": "A VNF's incremental module **MAY** be deployed more than once,\neither during initial VNF deployment and/or scale out.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-68165", "text": "The VNF or PNF **MUST** encrypt any content containing Sensitive Personal\nInformation (SPI) or certain proprietary data, in addition to applying the\nregular procedures for securing access and delivery.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-681859", "text": "A VNF's Heat Orchestration Template's ``OS::Neutron::Port`` resource's\n\n* Resource ID (defined in R-20453)\n* property ``network`` parameter name (defined in R-62983 and\n R-86182)\n* property ``fixed_ips``, map property ``ip_address`` parameter name\n (defined in R-40971, R-04697, R-71577, R-23503, R-78380, R-85235,\n R-27818, and R-29765)\n* property ``fixed_ips``, map property ``subnet`` parameter name\n (defined in R-62802, R-15287, R-84123, R-76160)\n* property ``allowed_address_pairs`` parameter name (defined in\n R-41492 and R-83418)\n\n**MUST** contain the identical ``{network-role}``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-68198", "text": "A VNF's Heat Orchestration template's Environment File's\n``parameters:`` section **MAY** (or **MAY NOT**) enumerate parameters.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-68200", "text": "The VNF or PNF **MUST** support the ``:url`` value to specify\nprotocol operation source and target parameters. The capability URI\nfor this feature will indicate which schemes (e.g., file, https, sftp)\nthat the server supports within a particular URL value. The 'file'\nscheme allows for editable local configuration databases. The other\nschemes allow for remote storage of configuration databases.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-68520", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nthat is creating a *Reserve Port* with an IPv6 address Resource ID\n**SHOULD** use the naming convention\n\n* ``reserve_port_{vm-type}_{network-role}_floating_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{index}`` is the instance of the IPv6 *Reserve Port*\n for the vm-type attached to the network of ``{network-role}``.\n The ``{index}`` starts at zero and increments by one\n (as described in R-11690).", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-686466", "text": "The PNF **MUST** support sending a pnfRegistration VES event.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-68990", "text": "The VNF or PNF **MUST** support the ``:startup`` capability. It\nwill allow the running configuration to be copied to this special\ndatabase. It can also be locked and unlocked.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-69014", "text": "When a VNF's port connects to an internal network or external network,\na network role, referred to\nas the ``{network-role}`` **MUST** be assigned to the network for\nuse in the VNF's Heat Orchestration Template. The ``{network-role}``\nis used in the VNF's Heat Orchestration Template resource IDs\nand resource property parameter names.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-69431", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``flavor`` parameter **MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and a value **MUST** be assigned.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-69565", "text": "The VNF or PNF Documentation Package **MUST** describe the VNF or PNF\nManagement APIs, which must include information and tools for ONAP to\ndeploy and configure (initially and ongoing) the VNF or PNF application(s)\n(e.g., NETCONF APIs) which includes a description of configurable\nparameters for the VNF or PNF and whether the parameters can be configured\nafter VNF or PNF instantiation.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-69588", "text": "When a VNF's Heat Orchestration Template's Virtual Machine\n(i.e., ``OS::Nova::Server`` Resource) boots from Cinder Volume, the\n``OS::Nova::Server`` resource property\n``block_device_mapping`` or ``block_device_mapping_v2``\n**MUST** be used.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-69610", "text": "The VNF **MUST** provide the capability of using X.509 certificates\nissued by an external Certificate Authority.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-69634", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n``int_{network-role}_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-69649", "text": "The VNF Provider **MUST** have patches available for vulnerabilities\nin the VNF as soon as possible. Patching shall be controlled via change\ncontrol process with vulnerabilities disclosed along with\nmitigation recommendations.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-69663", "text": "A VNF **MAY** be composed from one or more Heat Orchestration\nTemplates, each of which represents a subset of the overall VNF.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-697654", "text": "The VNF or PNF **MAY** leverage the Google Protocol Buffers (GPB) delivery model\ndepicted in Figure 3 to support real-time performance management (PM) data.\nIn this model the VES events are streamed as binary-encoded GBPs over via\nTCP sockets.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-69877", "text": "The VNF or PNF Package **MUST** include documentation for each KPI,\nidentify the suggested actions that need to be performed when a\nthreshold crossing alert event is recorded.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-70013", "text": "The VNF **MUST NOT** require any manual steps to get it ready for\nservice after a container rebuild.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-70266", "text": "The VNF or PNF **MUST** respond to an ONAP request to deliver the\ncurrent data for any of the record types defined in\n`Event Records - Data Structure Description`_ by returning the requested\nrecord, populated with the current field values. (Currently the defined\nrecord types include fault fields, mobile flow fields, measurements for\nVNF or PNF scaling fields, and syslog fields. Other record types will be added\nin the future as they become standardized and are made available.)", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-70276", "text": "A VNF HEAT's Orchestration Nested Template's YAML file name **MUST NOT**\nbe in the format ``{vm-type}.y[a]ml`` where ``{vm-type}`` is defined\nin the Heat Orchestration Template.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-703767", "text": "The VNF **MUST** have the capability to securely transmit the security logs\nand security events to a remote system before they are purged from the\nsystem.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-70496", "text": "The VNF or PNF **MUST** implement the protocol operation:\n``commit(confirmed, confirm-timeout)`` - Commit candidate\nconfiguration data store to the running configuration.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-707977", "text": "When the PNF receives a Service configuration from ONAP, the PNF **MUST**\ncease sending the pnfRegistration VES Event.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-708564", "text": "If a VNF's Heat Orchestration Template's resource invokes a nested\nYAML file, either statically or dynamically\n(via ``OS::Heat::ResourceGroup``),\nthe names of the parameters associated with the following resource\nproperties **MUST NOT** change.\n\n* ``OS::Nova::Server`` property ``flavor``\n* ``OS::Nova::Server`` property ``image``\n* ``OS::Nova::Server`` property ``name``\n* ``OS::Nova::Server`` property metadata key value ``vnf_id``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_id``\n* ``OS::Nova::Server`` property metadata key value ``vnf_name``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_name``\n* ``OS::Nova::Server`` property metadata key value ``vm_role``\n* ``OS::Nova::Server`` property metadata key value ``vf_module_index``\n* ``OS::Nova::Server`` property metadata key value ``workload_context``\n* ``OS::Nova::Server`` property metadata key value ``environment_context``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``ip_address``\n* ``OS::Neutron::Port`` property ``fixed_ips``, map property ``subnet``\n* ``OS::Neutron::Port`` property ``allowed_address_pairs``, map property\n ``ip_address``\n* ``OS::Neutron::Port`` property ``network``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_network_refs``\n* ``OS::ContrailV2::VirtualMachineInterface`` property\n ``virtual_machine_interface_allowed_address_pairs``, map property\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair``,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip``\n ,\n ``virtual_machine_interface_allowed_address_pairs_allowed_address_pair_ip_ip_prefix``\n* ``OS::ContrailV2::InstanceIP`` property ``instance_ip_address``\n* ``OS::ContrailV2::InstanceIP`` property ``subnet_uuid``", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-70933", "text": "The VNF **MUST** provide the ability to migrate to newer\nversions of cryptographic algorithms and protocols with minimal impact.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-70964", "text": "If a VNF's Port is attached to an internal network and the port's\nIP addresses are statically assigned by the VNF's Heat Orchestration\\\nTemplate (i.e., enumerated in the Heat Orchestration Template's\nenvironment file), the ``OS::Neutron::Port`` Resource's\n\n* property ``fixed_ips`` map property ``ip_address`` **MUST** be used\n* property ``fixed_ips`` map property ``subnet``\n **MUST NOT** be used", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-71152", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter **MUST** be declared as type: ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-71493", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` **MUST**\ncontain the key/value pair ``vf_module_id``\nand the value MUST be obtained via a ``get_param``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-71577", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424),\nand an IPv6 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a string,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_{network-role}_v6_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the external network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-71699", "text": "A VNF's Heat Orchestration Template's Resource\n**MUST NOT** reference a HTTP-based Nested YAML file.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-717227", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 Virtual IP (VIP)\naddress is assigned using the property ``allowed_address_pairs``\nmap property ``ip_address``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file.\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-71787", "text": "Each architectural layer of the VNF (eg. operating system, network,\napplication) **MUST** support access restriction independently of all\nother layers so that Segregation of Duties can be implemented.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-71842", "text": "The VNF **MUST** include the field \"service or program used for\naccess\" in the Security alarms (where applicable and technically feasible).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-72184", "text": "The VNF or PNF **MUST** have routable FQDNs for all the endpoints\n(VMs) of a VNF or PNF that contain chef-clients which are used to register\nwith the Chef Server. As part of invoking VNF or PNF actions, ONAP will\ntrigger push jobs against FQDNs of endpoints for a VNF or PNF, if required.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-72483", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` **MUST** contain the key/value pair ``vnf_name`` and the\nvalue **MUST** be obtained via a ``get_param``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-72871", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` key/value pair ``vf_module_id`` parameter ``vf_module_id``\n**MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-73067", "text": "The VNF **MUST** use NIST and industry standard cryptographic\nalgorithms and standard modes of operations when implementing\ncryptography.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-73213", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Neutron::SecurityGroup`` that\nis applicable to more than one ``{vm-type}`` and one internal network Resource ID\n**SHOULD** use the naming convention\n\n* ``int_{network-role}_security_group``\n\nwhere\n\n* ``{network-role}`` is the network-role", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-73223", "text": "The VNF **MUST** support proactive monitoring to detect and\nreport the attacks on resources so that the VNFs and associated VMs can\nbe isolated, such as detection techniques for resource exhaustion, namely\nOS resource attacks, CPU attacks, consumption of kernel memory, local\nstorage attacks.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-73285", "text": "The VNF or PNF **MUST** must encode, address and deliver the data\nas described in the previous paragraphs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-73364", "text": "The VNF **MUST** support at least two major versions of the\nVNF software and/or sub-components to co-exist within production\nenvironments at any time so that upgrades can be applied across\nmultiple systems in a staggered manner.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-73459", "text": "The VNF or PNF **MUST** provide the ability to include a \"from=\" clause in\nSSH public keys associated with mechanized user IDs created for an Ansible\nServer cluster to use for VNF or PNF VM authentication.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-73468", "text": "The VNF or PNF **MUST** allow the NETCONF server connection\nparameters to be configurable during virtual machine instantiation\nthrough Heat templates where SSH keys, usernames, passwords, SSH\nservice and SSH port numbers are Heat template parameters.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-73560", "text": "The VNF or PNF Package **MUST** include documentation about monitoring\nparameters/counters exposed for virtual resource management and VNF or PNF\napplication management.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-73583", "text": "The VNF **MUST** allow changes of configuration parameters\nto be consumed by the VNF without requiring the VNF or its sub-components\nto be bounced so that the VNF availability is not effected.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-74304", "text": "A VNF's Heat Orchestration Template's Environment file extension **MUST**\nbe in the lower case format ``.env``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-74481", "text": "The VNF **MUST NOT** require the use of a dynamic routing\nprotocol unless necessary to meet functional requirements.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-74712", "text": "The VNF **MUST** utilize FQDNs (and not IP address) for\nboth Service Chaining and scaling.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-74958", "text": "The VNF **MUST** activate security alarms automatically when\nit detects an unsuccessful attempt to gain permissions\nor assume the identity of another user.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-74978", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``workload_context``\nparameter **MUST**\nbe declared as ``workload_context`` and the parameter **MUST**\nbe defined as type: ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-75041", "text": "The VNF **MUST**, if not integrated with the Operator's Identity and\nAccess Management system, support configurable password expiration.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-75141", "text": "A VNF's Heat Orchestration Template's resource name\n(i.e., ) **MUST** only contain alphanumeric\ncharacters and underscores ('_').", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-75343", "text": "The VNF **MUST** provide the capability of testing the\nvalidity of a digital certificate by recognizing the identity represented\nby the certificate - the \"distinguished name\".", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-75608", "text": "The VNF or PNF provider **MUST** provide playbooks to be loaded\non the appropriate Ansible Server.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-756950", "text": "The VNF **MUST** be operable without the use of Network File System (NFS).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-75850", "text": "The VNF **SHOULD** decouple persistent data from the VNFC\nand keep it in its own datastore that can be reached by all instances\nof the VNFC requiring the data.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-75943", "text": "The VNF or PNF **SHOULD** support the data schema defined in 3GPP TS 32.435, when\nsupporting the event-driven bulk transfer of monitoring data.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-76014", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::ServiceHealthCheck``\nResource ID\n**MUST**\ncontain the ``{vm-type}``.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-76057", "text": "VNF Heat Orchestration Template's Nested YAML file name **MUST** contain\nonly alphanumeric characters and underscores '_' and\n**MUST NOT** contain the case insensitive string ``base``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-76160", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see Requirements\n R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv6 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv6 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n``int_{network-role}_v6_subnet_id``,\nwhere ``{network-role}`` is the network role of the internal network.\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-763774", "text": "The VNF or PNF **MUST** support a HTTPS connection to the DCAE\nVES Event Listener.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-76449", "text": "A VNF's Heat Orchestration Template's **MUST NOT**\ncontain the Resource ``OS::Neutron::FloatingIPAssociation``.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-76682", "text": "If a VNF's Heat Orchestration Template\n``OS::ContrailV2::InterfaceRouteTable`` resource\n``interface_route_table_routes`` property\n``interface_route_table_routes_route`` map property parameter\n``{vm-type}_{network-role}_route_prefixes``\n**MUST NOT** be enumerated in the VNF's Heat Orchestration Template's\nEnvironment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-76718", "text": "If a VNF's Heat Orchestration Template uses the intrinsic function\n``get_file``, the ``get_file`` target **MUST** be referenced in\nthe Heat Orchestration Template by file name.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-76901", "text": "The VNF **MUST** support a container rebuild mechanism based on existing\nimage (e.g. Glance image in Openstack environment) or a snapshot.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-77334", "text": "The VNF **MUST** allow configurations and configuration parameters\nto be managed under version control to ensure consistent configuration\ndeployment, traceability and rollback.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-77667", "text": "The VNF **MUST** test for adherence to the defined performance\nbudget at each layer, during each delivery cycle so that the performance\nbudget is measured and feedback is provided where the performance budget\nis not met.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-78010", "text": "The VNF **MUST** integrate with standard identity and access management\nprotocols such as LDAP, TACACS+, Windows Integrated Authentication\n(Kerberos), SAML federation, or OAuth 2.0.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-78116", "text": "The VNF or PNF **MUST** update status on the Chef Server\nappropriately (e.g., via a fail or raise an exception) if the\nchef-client run encounters any critical errors/failures when\nexecuting a VNF or PNF action.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-78282", "text": "The VNF or PNF **MUST** conform to the NETCONF RFC 6242,\n\"Using the Network Configuration Protocol over Secure Shell\".", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-78380", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is\ndefined as a ``string``,\nthe parameter name **MUST** follow the\nnaming convention\n\n* ``{vm-type}_int_{network-role}_ip_{index}``\n\nwhere\n\n* ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n* ``{network-role}`` is the {network-role} of the internal network\n* ``{index}`` is a numeric value that **MUST** start at zero in a\n VNF's Heat Orchestration Template and **MUST** increment by one", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-78569", "text": "VNF's Heat Orchestration Template's Resource **MAY** declare the\nattribute ``external_id:``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-787965", "text": "If the VNF or PNF CSAR Package utilizes Option 2 for package security, then\nthe complete CSAR file **MUST** be digitally signed with the VNF or PNF\nprovider private key. The VNF or PNF provider delivers one zip file\nconsisting of the CSAR file, a signature file and a certificate file that\nincludes the VNF or PNF provider public key. The certificate may also be\nincluded in the signature container, if the signature format allows that.\nThe VNF or PNF provider creates a zip file consisting of the CSAR file with\n.csar extension, signature and certificate files. The signature and\ncertificate files must be siblings of the CSAR file with extensions .cms\nand .cert respectively.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-79107", "text": "The VNF **MUST**, if not integrated with the Operator's Identity\nand Access Management system, support the ability to disable the\nuserID after a configurable number of consecutive unsuccessful\nauthentication attempts using the same userID.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-79224", "text": "The VNF or PNF **MUST** have the chef-client be preloaded with\nvalidator keys and configuration to register with the designated\nChef Server as part of the installation process.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-793716", "text": "The PNF **MUST** have \"ONAP Aware\" software which is capable of performing\nPNF PnP registration with ONAP. The \"ONAP Aware\" software is capable of\nperforming the PNF PnP Registration with ONAP MUST either be loaded\nseparately or integrated into the PNF software upon physical delivery\nand installation of the PNF.\n\nNote: It is up to the specific vendor to design the software management\nfunctions.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-79412", "text": "The VNF or PNF **MAY** use another option which is expected to include TCP\nfor high volume streaming asynchronous data sets and for other high volume\ndata sets. TCP delivery can be used for either JSON or binary encoded data\nsets.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-795126", "text": "The VNF TOSCA CSAR package Manifest file **MUST** start with the VNF\npackage metadata in the form of a name-value pairs. Each pair shall appear\non a different line. The name is specified as following:\n\n - vnf_provider_id\n\n - vnf_product_name\n\n - vnf_release_date_time\n\n - vnf_package_version", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-79817", "text": "A VNF's Heat Orchestration Template's parameter defined\nin a non-nested YAML file as\ntype ``comma_delimited_list`` **MAY** have a parameter constraint defined.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-798933", "text": "The VNF or PNF **SHOULD** deliver event records that fall into the event domains\nsupported by VES.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-79952", "text": "The VNF **SHOULD** support container snapshots if not for rebuild\nand evacuate for rollback or back out mechanism.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-80070", "text": "The VNF **MUST** handle errors and exceptions so that they do\nnot interrupt processing of incoming VNF requests to maintain service\ncontinuity (where the error is not directly impacting the software\nhandling the incoming request).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-80335", "text": "For all GUI and command-line interfaces, the VNF **MUST** provide the\nability to present a warning notice that is set by the Operator. A warning\nnotice is a formal statement of resource intent presented to everyone\nwho accesses the system.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-80374", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vf_module_name``\nparameter ``vf_module_name`` **MUST NOT**\nbe enumerated in the Heat Orchestration Template's environment file.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-805572", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv6 Virtual IP (VIP)\naddress is assigned\nusing the property ``allowed_address_pairs``\nmap property ``ip_address``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ip``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: string``\nand **MUST** be enumerated in the environment file\n\nOR\n\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_floating_v6_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n OS::Nova::Server\n * ``{network-role}`` is the {network-role} of the external\n network\n\nAnd the parameter **MUST** be declared as ``type: comma_delimited_list``\nand **MUST** be enumerated in the environment file.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-807129", "text": "The VNF or PNF **SHOULD** report the files in FileReady for as long as they are\navailable at VNF or PNF.\n\nNote: Recommended period is at least 24 hours.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-80829", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n``{network-role}_v6_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-80898", "text": "TThe VNF or PNF **MUST** support heartbeat via a with null filter.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-809261", "text": "The PNF **MUST** use a IP address to contact ONAP.\n\nNote: it is expected that an ONAP operator can ascertain the ONAP IP\naddress or the security gateway to reach ONAP on the VID or ONAP portal\nGUI.\n\nNote: The ONAP contact IP address has been previously configured and\nprovisioned prior to this step.\n\nNote: The ONAP IP address could be provisioned or resolved through\nFQDN & DNS.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-81147", "text": "The VNF **MUST** support strong authentication, also known as\nmultifactor authentication, on all protected interfaces exposed by the\nVNF for use by human users. Strong authentication uses at least two of the\nthree different types of authentication factors in order to prove the\nclaimed identity of a user.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-81214", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InterfaceRouteTable``\nResource ID\n**MUST**\ncontain the ``{network-role}``.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-81339", "text": "A VNF Heat Orchestration Template's Base Module file name **MUST** include\ncase insensitive 'base' in the filename and\n**MUST** match one of the following four\nformats:\n\n 1.) ``base_.y[a]ml``\n\n 2.) ``_base.y[a]ml``\n\n 3.) ``base.y[a]ml``\n\n 4.) ``_base_``.y[a]ml\n\nwhere ```` **MUST** contain only alphanumeric characters and\nunderscores '_' and **MUST NOT** contain the case insensitive string\n``base`` or ``volume``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-814377", "text": "The VNF **MUST** have the capability of allowing the Operator to create,\nmanage, and automatically provision user accounts using an Operator\napproved identity lifecycle management tool using a standard protocol,\ne.g., NETCONF API.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-816745", "text": "The VNF or PNF PROVIDER *MUST* provide the Service Provider with\nPM Meta Data (PM Dictionary) to support the analysis of PM events delivered\nto DCAE. The PM Dictionary is to be provided as a separate YAML artifact at\nonboarding and must follow the VES Event Listener Specification and VES\nEvent Registration Specification which contain the format and content\nrequired.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-81725", "text": "A VNF's Incremental Module **MUST** have a corresponding Environment File", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-81777", "text": "The VNF or PNF **MUST** be configured with initial address(es) to use\nat deployment time. Subsequently, address(es) may be changed through\nONAP-defined policies delivered from ONAP to the VNF or PNF using PUTs to a\nRESTful API, in the same manner that other controls over data reporting\nwill be controlled by policy.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-81979", "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::NetworkIpam``\nResource ID **MAY** use the naming convention\n\n* ``{network-role}_RNI``\n\nwhere\n\n* ``{network-role}`` is the network-role\n* ``RNI`` signifies that it is the Resource Network IPAM", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-82018", "text": "The VNF or PNF **MUST** load the Ansible Server SSH public key onto VNF or\nPNF VM(s) /root/.ssh/authorized_keys as part of instantiation. Alternative,\nis for Ansible Server SSH public key to be loaded onto VNF or PNF VM(s)\nunder /home//.ssh/authorized_keys as part of\ninstantiation, when a Mechanized user ID is created during instantiation,\nand Configure and all playbooks are designed to use a mechanized user ID\nonly for authentication (never using root authentication during Configure\nplaybook run). This will allow the Ansible Server to authenticate to\nperform post-instantiation configuration without manual intervention and\nwithout requiring specific VNF or PNF login IDs and passwords.\n\n*CAUTION*: For VNFs or PNFs configured using Ansible, to eliminate the need\nfor manual steps, post-instantiation and pre-configuration, to\nupload of SSH public keys, SSH public keys loaded during (heat)\ninstantiation shall be preserved and not removed by (heat) embedded\n(userdata) scripts.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-82115", "text": "When a VNF's Heat Orchestration Template's resource is associated with a\nsingle ``{vm-type}``\nand a single external network, the Resource ID text **MUST** contain both\nthe ``{vm-type}``\nand the ``{network-role}``\n\n- the ``{vm-type}`` **MUST** appear before the ``{network-role}`` and\n **MUST** be separated by an underscore '_'\n\n\n - e.g., ``{vm-type}_{network-role}``, ``{vm-type}_{index}_{network-role}``\n\n\n- note that an ``{index}`` value **MAY** separate the ``{vm-type}`` and the\n ``{network-role}`` and when this occurs underscores **MUST** separate the\n three values. (e.g., ``{vm-type}_{index}_{network-role}``).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-82134", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` key/value pair ``vf_module_id`` parameter **MUST**\nbe declared as ``vf_module_id`` and the parameter **MUST**\nbe defined as type: ``string``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-821473", "text": "The VNF or PNF MUST produce heartbeat indicators consisting of events containing\nthe common event header only per the VES Listener Specification.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-821839", "text": "The VNF or PNF **MUST** deliver event records to ONAP using the common\ntransport mechanisms and protocols defined in this specification.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-82223", "text": "The VNF **MUST** be decomposed if the functions have\nsignificantly different scaling characteristics (e.g., signaling\nversus media functions, control versus data plane functions).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-82551", "text": "When a VNF's Heat Orchestration Template's resource is associated with a\nsingle ``{vm-type}`` and a single internal network, the Resource ID **MUST**\ncontain both the ``{vm-type}`` and the ``int_{network-role}`` and\n\n- the ``{vm-type}`` **MUST** appear before the ``int_{network-role}`` and\n **MUST** be separated by an underscore '_'\n\n - (e.g., ``{vm-type}_int_{network-role}``,\n ``{vm-type}_{index}_int_{network-role}``)\n\n- note that an ``{index}`` value **MAY** separate the\n ``{vm-type}`` and the ``int_{network-role}`` and when this occurs\n underscores **MUST** separate the three values.\n (e.g., ``{vm-type}_{index}_int_{network-role}``).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-82732", "text": "A VNF Heat Orchestration Template's Cinder Volume Module **MUST**\nbe named identical to the base or incremental module it is supporting with\n``_volume`` appended.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-82811", "text": "The VNF or PNF **MUST** support APPC ``StartApplication`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-83146", "text": "The VNF or PNF **MUST** support APPC ``StopApplication`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-83227", "text": "The VNF **MUST** Provide the capability to encrypt data in\ntransit on a physical or virtual network.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-83412", "text": "If a VNF's Heat Orchestration Template's resource\n``OS::Neutron::Port`` is attaching to an external network (per the\nONAP definition, see Requirement R-57424), the\nproperty ``allowed_address_pairs``\nmap property ``ip_address`` parameter(s)\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-83500", "text": "The VNF **MUST** provide the capability of allowing certificate\nrenewal and revocation.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-83677", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``subnet`` parameter\n``{network-role}_subnet_id``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-83706", "text": "When a VNF's Heat Orchestration Template's Virtual Machine\n(i.e., ``OS::Nova::Server`` resource) boots from an image, the\n``OS::Nova::Server`` resource property ``image`` **MUST** be used.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-83790", "text": "The VNF or PNF **MUST** implement the ``:validate`` capability.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-83873", "text": "The VNF or PNF **MUST** support ``:rollback-on-error`` value for\nthe parameter to the operation. If any\nerror occurs during the requested edit operation, then the target\ndatabase (usually the running configuration) will be left unaffected.\nThis provides an 'all-or-nothing' edit mode for a single \nrequest.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-84123", "text": "When\n\n * the VNF's Heat Orchestration Template's\n resource ``OS::Neutron::Port`` in an Incremental Module is attaching\n to an internal network (per the ONAP definition, see\n Requirements R-52425 and R-46461)\n that is created in the Base Module, AND\n * an IPv4 address is being cloud assigned by OpenStack's DHCP Service AND\n * the internal network IPv4 subnet is to be specified\n using the property ``fixed_ips`` map property ``subnet``,\n\nthe parameter **MUST** follow the naming convention\n\n * ``int_{network-role}_subnet_id``\n\nwhere\n\n * ``{network-role}`` is the network role of the internal network\n\nNote that the parameter **MUST** be defined as an ``output`` parameter in\nthe base module.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-84160", "text": "The VNF **MUST** have security logging for VNFs and their\nOSs be active from initialization. Audit logging includes automatic\nroutines to maintain activity records and cleanup programs to ensure\nthe integrity of the audit/logging systems.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-841740", "text": "The VNF or PNF **SHOULD** support FileReady VES event for event-driven bulk transfer\nof monitoring data.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-842258", "text": "The VNF **MUST** include a configuration, e.g., a heat template or CSAR\npackage, that specifies the targetted parameters, e.g. a limited set of\nports, over which the VNF will communicate (including internal, external\nand management communication).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-84322", "text": "A VNF's Heat Orchestration Template's Resource property parameter that\nis associated with an internal network **MUST** include\n``int_{network-role}`` as part of the parameter name,\nwhere ``int_`` is a hard coded string.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-84366", "text": "The VNF or PNF Documentation Package **MUST** describe the\nVNF or PNF Functional APIs that are utilized to build network and\napplication services. This document describes the externally exposed\nfunctional inputs and outputs for the VNF or PNF, including interface\nformat and protocols supported.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-844011", "text": "The VNF MUST not store authentication credentials to itself in clear\ntext or any reversible form and must use salting.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-84457", "text": "A VNF's Heat Orchestration Template's Resource ``OS::ContrailV2::PortTuple``\nResource ID **MAY** use the naming convention\n\n* ``{vm-type}_RPT``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``RPT`` signifies that it is the Resource Port Tuple", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-84473", "text": "The VNF **MUST** enable DPDK in the guest OS for VNF's requiring\nhigh packets/sec performance. High packet throughput is defined as greater\nthan 500K packets/sec.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-84517", "text": "The Contrail GUI has a limitation displaying special characters.\nThe issue is documented in\nhttps://bugs.launchpad.net/juniperopenstack/+bug/1590710.\nIt is recommended that special **SHOULD** characters be avoided.\nHowever, if special characters must be used, note that for\nthe following resources:\n\n* Virtual Machine\n* Virtual Network\n* Port\n* Security Group\n* Policies\n* IPAM Creation\n\nthe only special characters supported\nare - \\\" ! $\\ \\ ' ( ) = ~ ^ | @ ` { } [ ] > , . _\"", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-84879", "text": "The VNF or PNF **MUST** have the capability of maintaining a primary\nand backup DNS name (URL) for connecting to ONAP collectors, with the\nability to switch between addresses based on conditions defined by policy\nsuch as time-outs, and buffering to store messages until they can be\ndelivered. At its discretion, the service provider may choose to populate\nonly one collector address for a VNF or PNF. In this case, the network will\npromptly resolve connectivity problems caused by a collector or network\nfailure transparently to the VNF or PNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-85235", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` is attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nand an IPv4 address is assigned\nusing the property ``fixed_ips``\nmap property ``ip_address`` and the parameter type is defined as a\n``comma_delimited_list``,\nthe parameter name **MUST** follow the\nnaming convention\n\n * ``{vm-type}_int_{network-role}_ips``\n\nwhere\n\n * ``{vm-type}`` is the {vm-type} associated with the\n ``OS::Nova::Server``\n * ``{network-role}`` is the {network-role} of the internal\n network", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-85328", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` **MAY**\ncontain the key/value pair ``vm_role`` and the value **MUST** be\nobtained either via\n\n- ``get_param``\n- hard coded in the key/value pair ``vm_role``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-85419", "text": "The VNF **SHOULD** support OAuth 2.0 authorization using an external\nAuthorization Server.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-85653", "text": "The VNF or PNF **MUST** provide metrics (e.g., number of sessions,\nnumber of subscribers, number of seats, etc.) to ONAP for tracking\nevery license.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-85734", "text": "If a VNF's Heat Orchestration Template contains the property ``name``\nfor a non ``OS::Nova::Server`` resource, the intrinsic function\n``str_replace`` **MUST** be used in conjunction with the ONAP\nsupplied metadata parameter ``vnf_name`` to generate a unique value.\nAdditional data **MAY** be used in the ``str_replace`` construct\nto generate a unique value.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-859208", "text": "The VNF **MUST** log automated remote activities performed with\nelevated privileges.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-85959", "text": "The VNF **SHOULD** automatically enable/disable added/removed\nsub-components or component so there is no manual intervention required.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-85991", "text": "The VNF or PNF provider **MUST** provide a universal license key\nper VNF or PNF to be used as needed by services (i.e., not tied to a VM\ninstance) as the recommended solution. The VNF or PNF provider may provide\npools of Unique VNF or PNF License Keys, where there is a unique key for\neach VNF or PNF instance as an alternate solution. Licensing issues should\nbe resolved without interrupting in-service VNFs or PNFs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-86182", "text": "When the VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port``\nis in an incremental module and\nis attaching to an internal network (per the\nONAP definition, see Requirements R-52425 and R-46461),\nthe ``network`` parameter name **MUST**\n\n * follow the naming convention ``int_{network-role}_net_id`` if the\n network UUID value is used to reference the network\n * follow the naming convention ``int_{network-role}_net_name`` if the\n network name in is used to reference the network.\n\nwhere ``{network-role}`` is the network-role of the internal network and\na ``get_param`` **MUST** be used as the intrinsic function.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-86235", "text": "The VNF or PNF Package **MUST** include documentation about the monitoring\nparameters that must include latencies, success rates, retry rates, load\nand quality (e.g., DPM) for the key transactions/functions supported by\nthe VNF or PNF and those that must be exercised by the VNF or PNF in order to perform\nits function.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-86261", "text": "The VNF **MUST** support the ability to prohibit remote access to the VNF\nvia a host based security mechanism.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-86285", "text": "A VNF's Heat Orchestration template **MUST** have a\ncorresponding environment file.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-86476", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource\nproperty ``metadata`` key/value pair ``vm_role`` value **MUST**\nonly contain alphanumeric characters and underscores (i.e., '_').", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-86497", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::Cinder::VolumeAttachment``\nResource ID\n**SHOULD**\nuse the naming convention\n\n* ``{vm-type}_volume_attachment_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{index}`` starts at zero and increments by one (as described in R-11690)", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-86585", "text": "The VNFC **SHOULD** minimize the use of state within\na VNFC to facilitate the movement of traffic from one instance\nto another.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-86586", "text": "The VNF or PNF **MUST** use the YANG configuration models and RESTCONF\n[RFC8040] (https://tools.ietf.org/html/rfc8040).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-86588", "text": "A VNF's Heat Orchestration Template's ``{network-role}`` case in Resource\nproperty parameter names **SHOULD** match the case of ``{network-role}``\nin Resource IDs and vice versa.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-86758", "text": "The VNF **SHOULD** provide an automated test suite to validate\nevery new version of the software on the target environment(s). The tests\nshould be of sufficient granularity to independently test various\nrepresentative VNF use cases throughout its lifecycle. Operations might\nchoose to invoke these tests either on a scheduled basis or on demand to\nsupport various operations functions including test, turn-up and\ntroubleshooting.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-86835", "text": "The VNF **MUST** set the default settings for user access\nto deny authorization, except for a super user type of account.\nWhen a VNF is added to the network, nothing should be able to use\nit until the super user configures the VNF to allow other users\n(human and application) have access.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-86926", "text": "A VNF's incremental module **MAY** be used for scale out only.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-86972", "text": "A VNF **SHOULD** create the internal network in the VNF's Heat\nOrchestration Template Base Module.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-87004", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::Cinder::Volume``\nResource ID\n**SHOULD**\nuse the naming convention\n\n* ``{vm-type}_volume_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{index}`` starts at zero and increments by one (as described in R-11690)", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-87096", "text": "A VNF **MAY** contain zero, one or more than one internal network.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-87123", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_{network-role}_v6_ip_{index}``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-87234", "text": "The VNF or PNF package provided by a VNF or PNF vendor **MUST** be with\nTOSCA-Metadata directory (CSAR Option 1) as specified in\nETSI GS NFV-SOL004.\n\n**Note:** SDC supports only the CSAR Option 1 in Dublin. The Option 2\nwill be considered in future ONAP releases.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-87247", "text": "VNF Heat Orchestration Template's Incremental Module file name\n**MUST** contain only alphanumeric characters and underscores\n'_' and **MUST NOT** contain the case insensitive string ``base``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-872986", "text": "The VNF **MUST** store Authentication Credentials used to authenticate to\nother systems encrypted except where there is a technical need to store\nthe password unencrypted in which case it must be protected using other\nsecurity techniques that include the use of file and directory permissions.\nIdeally, credentials SHOULD rely on a HW Root of Trust, such as a\nTPM or HSM.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-87352", "text": "The VNF **SHOULD** utilize Cloud health checks, when available\nfrom the Network Cloud, from inside the application through APIs to check\nthe network connectivity, dropped packets rate, injection, and auto failover\nto alternate sites if needed.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-87485", "text": "A VNF's Heat Orchestration Template's file extension **MUST**\nbe in the lower case format ``.yaml`` or ``.yml``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-87563", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::InstanceIp`` Resource ID\nthat is configuring an IPv6 Address on a virtual machine interface\n(i.e., OS::ContrailV2::VirtualMachineInterface)\nattached to an internal network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_int_{network-role}_vmi_{vmi_index}_v6_IP_{index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.\n* ``v6_IP`` signifies that an IPv6 address is being configured\n* ``{index}`` references the instance of the IPv6 address configured\n on the virtual machine interface. The ``{index}`` is a numeric value\n that **MUST** start at zero on an\n instance of a virtual machine interface and **MUST** increment by one\n each time a new IPv6 address is configured on the\n virtual machine interface.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-87564", "text": "The VNF or PNF **SHOULD** conform its YANG model to RFC 7317,\n\"A YANG Data Model for System Management\".", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-87817", "text": "When the VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``name`` parameter is defined as a ``comma_delimited_list``,\nthe parameter name **MUST** follow the naming convention\n``{vm-type}_names``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-88026", "text": "The VNF or PNF **MUST** include a NETCONF server enabling\nruntime configuration and lifecycle management capabilities.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-88031", "text": "The VNF or PNF **SHOULD** implement the protocol operation:\n``delete-config(target)`` - Delete the named configuration\ndata store target.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-88199", "text": "The VNF **MUST** utilize a persistent datastore service that\ncan meet the data performance/latency requirements. (For example:\nDatastore service could be a VNFC in VNF or a DBaaS in the Cloud\nexecution environment)", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-88482", "text": "The VNF or PNF **SHOULD** use REST using HTTPS delivery of plain\ntext JSON for moderate sized asynchronous data sets, and for high\nvolume data sets when feasible.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-88524", "text": "A VNF's Heat Orchestration Template's Volume Template\nOutput Parameter names\n**MUST** contain ``{vm-type}`` when appropriate.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-88536", "text": "A VNF's Heat Orchestration Template's OS::Nova::Server\nResource **SHOULD** contain the metadata map value parameter\n'environment_context'.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-88863", "text": "A VNF's Heat Orchestration Template's parameter defined\nin a non-nested YAML file as type\n``number`` **MAY** have a parameter constraint defined.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-88899", "text": "The VNF or PNF **MUST** support simultaneous operations\nwithin the context of this locking requirements framework.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-89010", "text": "The VNF **MUST** survive any single points of software failure\ninternal to the VNF (e.g., in memory structures, JMS message queues).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-894004", "text": "If the VNF or PNF is using Basic Authentication, then when the VNF\nor PNF sets up a HTTPS connection to the DCAE VES Event Listener,\nthe VNF or PNF **MUST** provide a username and password to the\nDCAE VES Event Listener in the Authorization header and the VNF\nor PNF MUST support one-way TLS authentication.\n\nNote: In one-way TLS authentication, the client (VNF or PNF)\nmust authentication the server (DCAE) certificate.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-89474", "text": "The VNF **MUST** log the field \"Login ID\" in the security audit logs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-89571", "text": "The VNF or PNF **MUST** support and provide artifacts for configuration\nmanagement using at least one of the following technologies;\na) Netconf/YANG, b) Chef, or c) Ansible.\n\nNote: The requirements for Netconf/YANG, Chef, and Ansible protocols\nare provided separately and must be supported only if the corresponding\nprotocol option is provided by the VNF or PNF providor.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-89800", "text": "The VNF **MUST NOT** require Hypervisor-level customization\nfrom the cloud provider.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-89913", "text": "A VNF's Heat Orchestration Template's Cinder Volume Module Output\nParameter(s)\n**MUST** include the\nUUID(s) of the Cinder Volumes created in template.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-90007", "text": "The VNF or PNF **MUST** implement the protocol operation:\n``close-session()`` - Gracefully close the current session.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-90022", "text": "A VNF's Nested YAML file **MAY** be invoked more than once by\na VNF's Heat Orchestration Template.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-901331", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty ``image`` value **MUST** be be obtained via a ``get_param``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-90152", "text": "A VNF's Heat Orchestration Template's\n``resources:`` section **MUST** contain the declaration of at\nleast one resource.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-90206", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_int_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-90279", "text": "A VNF Heat Orchestration's template's parameter **MUST** be used\nin a resource with the exception of the parameters for the\n``OS::Nova::Server`` resource property ``availability_zone``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-90526", "text": "A VNF Heat Orchestration Template parameter declaration **MUST NOT**\ncontain the ``default`` attribute.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-90632", "text": "The VNF Package **MUST** include documentation about KPIs and\nmetrics that need to be collected at each VM for capacity planning\nand performance management purposes.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-90748", "text": "A VNF's Heat Orchestration Template's Resource ``OS::Cinder::Volume``\n**MAY** be defined in an Incremental Module.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-908291", "text": "The VNF or PNF **MAY** leverage bulk VNF or PNF telemetry transmission mechanism, as\ndepicted in Figure 4, in instances where other transmission methods are not\npractical or advisable.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-91125", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Nova::Server``\nproperty\n``image`` parameter **MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and a value **MUST** be assigned.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-91273", "text": "A VNF Heat Orchestration's template's parameter for the\n``OS::Nova::Server`` resource property ``availability_zone``\n**MAY NOT** be used in any ``OS::Nova::Server``.", "keyword": "MAY NOT", "result": "PASS", "errors": [] }, { "id": "R-91342", "text": "A VNF Heat Orchestration Template's Base Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nBase Module with ``.y[a]ml`` replaced with ``.env``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-91497", "text": "A VNF's incremental module **MAY** be used for both deployment and\nscale out.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-91745", "text": "The VNF or PNF **MUST** update the Ansible Server and other entities\nstoring and using the SSH keys for authentication when the SSH\nkeys used by Ansible are regenerated/updated.\n\n**Note**: Ansible Server itself may be used to upload new SSH public\nkeys onto supported VNFs or PNFs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-92193", "text": "A VNF's Heat Orchestration Template's parameter\n``{network-role}_net_fqdn``\n**MUST NOT** be enumerated in the VNF's Heat Orchestration Template's\nEnvironment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-92207", "text": "The VNF **SHOULD** provide a mechanism that enables the operators to\nperform automated system configuration auditing at configurable time\nintervals.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-92571", "text": "The VNF **MUST** provide operational instrumentation such as\nlogging, so as to facilitate quick resolution of issues with the VNF to\nprovide service continuity.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-92635", "text": "A VNF's Heat Orchestration Template **MUST** be compliant with the\nOpenStack Template Guide.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-92866", "text": "The VNF or PNF **MUST** include as part of post-instantiation configuration\ndone by Ansible Playbooks the removal/update of the SSH public key from\n/root/.ssh/authorized_keys, and update of SSH keys loaded through\ninstantiation to support Ansible. This may include creating Mechanized user\nID(s) used by the Ansible Server(s) on VNF VM(s) and uploading and\ninstalling new SSH keys used by the mechanized use ID(s).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-92935", "text": "The VNF **SHOULD** minimize the propagation of state information\nacross multiple data centers to avoid cross data center traffic.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-93030", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_{network-role}_v6_ips``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-931076", "text": "The VNF **MUST** support account names that contain at least A-Z, a-z,\n0-9 character sets and be at least 6 characters in length.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-932071", "text": "The VNF or PNF provider **MUST** reach agreement with the Service Provider on\nthe selected methods for encoding, serialization and data delivery\nprior to the on-boarding of the VNF or PNF into ONAP SDC Design Studio.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-93443", "text": "The VNF or PNF **MUST** define all data models in YANG 1.0 [RFC6020] or\nYANG 1.1 [RFC7950]. A combination of YANG 1.0 and YANG 1.1 modules is\nallowed subject to the rules in [RFC7950] section 12. The mapping to\nNETCONF shall follow the rules defined in this RFC.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-93496", "text": "The VNF's Heat Orchestration Template's Resource ``OS::Neutron::Port``\nproperty ``fixed_ips``\nmap property ``ip_address``\nparameter associated with an internal network, i.e.,\n\n * ``{vm-type}_int_{network-role}_ip_{index}``\n * ``{vm-type}_int_{network-role}_v6_ip_{index}``\n * ``{vm-type}_int_{network-role}_ips``\n * ``{vm-type}_int_{network-role}_v6_ips``\n\n\n**MUST** be enumerated in the Heat Orchestration\nTemplate's Environment File and IP addresses **MUST** be\nassigned.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-93860", "text": "The VNF **SHOULD** provide the capability to integrate with an\nexternal encryption service.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-94084", "text": "The VNF or PNF **MUST** support APPC/SDN-C ``ConfigScaleOut`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-94509", "text": "A VNF Heat Orchestration Template's Incremental Module's Environment File\n**MUST** be named identical to the VNF Heat Orchestration Template's\nIncremental Module with ``.y[a]ml`` replaced with ``.env``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-94525", "text": "The VNF **MUST** log connections to the network listeners of the\nresource.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-94567", "text": "The VNF or PNF **MUST** provide Ansible playbooks that are designed to run\nusing an inventory hosts file in a supported format with only IP addresses\nor IP addresses and VM/VNF or PNF names.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-94669", "text": "If a VNF has one IPv6 OAM Management IP Address and the\nIP Address needs to be inventoried in ONAP's A&AI\ndatabase, an output parameter **MUST** be declared in only one of the\nVNF's Heat Orchestration Templates and the parameter **MUST** be named\n``oam_management_v6_address``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-94978", "text": "The VNF **MUST** provide a mechanism and tool to perform a graceful\nshutdown of all the containers (VMs) in the VNF without impacting service\nor service quality assuming another VNF in same or other geographical\nlocation can take over traffic and process service requests.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-952314", "text": "If the PNF set up a TLS connection and mutual (two-way) authentication is\nbeing used, then the PNF **MUST** provide its own X.509v3 Certificate to\nthe DCAE VES Collector for authentication.\n\nNote: This allows TLS authentication by DCAE VES Collector.\n\nNote: The PNF got its X.509 certificate through Enrollment with an\noperator certificate authority or a X.509 vendor certificate from the\nvendor factory CA.\n\nNote: In R3 three authentication options are supported:\n\n(1) HTTP with Username & Password and no TLS.\n\n(2) HTTP with Username & Password & TLS with two-way certificate\n authentication.\n\n(3) HTTP with Username & Password & TLS with server-side\n certificate authentication.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-95303", "text": "A VNF's Heat Orchestration Template **MUST** be defined using valid YAML.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-95321", "text": "The VNFD provided by VNF vendor may use the below described TOSCA\nrelationships. An on-boarding entity (ONAP SDC) **MUST** support them.\n\n **tosca.relationships.nfv.VirtualBindsTo**\n\n This relationship type represents an association relationship between\n VDU and CP node types.\n\n **tosca.relationships.nfv.VirtualLinksTo**\n\n This relationship type represents an association relationship between\n the VduCpd's and VirtualLinkDesc node types.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-95430", "text": "If a VNF's Heat Orchestration Template's ``OS::Nova::Server``\nresource property\n``metadata`` key/value pair ``vm_role`` value is obtained via\n``get_param``, the parameter **MAY** be declared as\n\n* ``vm_role`` and the parameter defined as ``type: string``.\n* ``vm_roles`` and the parameter defined as ``type: comma_delimited_list``.\n* ``{vm-type}_vm_role`` and the parameter defined as ``type: string``.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-95864", "text": "The VNF **MUST** support digital certificates that comply with X.509\nstandards.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-95950", "text": "The VNF or PNF **MUST** provide a NETCONF interface fully defined\nby supplied YANG models for the embedded NETCONF server.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-96227", "text": "A VNF's Heat Orchestration Template's parameter defined\nin a non-nested YAML file as type\n``json`` **MAY** have a parameter constraint defined.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-96253", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualMachineInterface`` Resource ID\nthat is attaching to an external network\n**MUST** use the naming convention\n\n* ``{vm-type}_{vm-type_index}_{network-role}_vmi_{vmi_index}``\n\nwhere\n\n* ``{vm-type}`` is the vm-type\n* ``{vm-type_index}`` references the instance of the ``{vm-type}`` in\n the VNF. The\n ``{vm-type_index}`` is a numeric value that **MUST** start at zero\n in the VNF and\n **MUST** increment by one each time a new instance of a ``{vm-type}``\n is referenced.\n* ``{network-role}`` is the network-role of the network\n that the port (i.e. virtual machine interface) is attached to\n* ``{vmi_index}`` references the instance of the virtual machine interface\n on the ``{vm-type}`` attached to ``{network-role}`` network. The\n ``{vmi_index}`` is a numeric value that **MUST** start at zero on an\n instance of a ``{vm-type}`` and **MUST** increment by one each time a\n new virtual machine interface is defined on the instance of the\n ``{vm-type}`` attached to ``{network-role}`` network.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-96482", "text": "When a VNF's Heat Orchestration Template's resource is associated\nwith a single external network, the Resource ID **MUST** contain the text\n``{network-role}``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-96554", "text": "The VNF or PNF **MUST** implement the protocol operation:\n``unlock(target)`` - Unlock the configuration data store target.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-96634", "text": "The VNF or PNF Provider\u00a0**MUST**\u00a0provide human readable documentation\n(not in the on-boarding package) to describe scaling capabilities to manage\nscaling characteristics of the VNF or PNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-96983", "text": "A VNF's Heat Orchestration Template's Resource ID that is associated\nwith an internal network **MUST** include ``int_{network-role}`` as part\nof the Resource ID, where ``int_`` is a hard coded string.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-97102", "text": "The VNF Package **MUST** include VM requirements via a Heat\ntemplate that provides the necessary data for VM specifications\nfor all VNF components - for hypervisor, CPU, memory, storage.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-97201", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_v6_ip_{index}``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-97293", "text": "The VNF or PNF provider **MUST NOT** require audits\nof Service Provider's business.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-97343", "text": "The VNF or PNF **MUST** support APPC/SDN-C ``UpgradeBackup`` command.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-97345", "text": "The VNF or PNF **MUST** permit authentication, using root account, only\nright after instantiation and until post-instantiation configuration is\ncompleted.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-97445", "text": "The VNF **MUST** log the field \"date/time\" in the security audit\nlogs.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-97451", "text": "The VNF or PNF **MUST** provide the ability to remove root access once\npost-instantiation configuration (Configure) is completed.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-97529", "text": "The VNF or PNF **SHOULD** implement the protocol operation:\n``get-schema(identifier, version, format)`` - Retrieve the YANG schema.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-97726", "text": "A VNF's Heat Orchestration Template's Base Module Output Parameter names\n**MUST** contain ``{vm-type}`` and/or ``{network-role}`` when appropriate.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-978752", "text": "The VNF or PNF providers **MUST** provide the Service Provider the following\nartifacts to support the delivery of high-volume VNF or PNF telemetry to\nDCAE via GPB over TLS/TCP:\n\n * A valid VES Event .proto definition file, to be used validate and\n decode an event\n * A valid high volume measurement .proto definition file, to be used for\n processing high volume events\n * A supporting PM content metadata file to be used by analytics\n applications to process high volume measurement events", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-980039", "text": "The PNF **MUST** send the pnfRegistration VES event periodically.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-98138", "text": "When a VNF's Heat Orchestration Template's resource is associated with a\nsingle internal network, the Resource ID **MUST** contain the text\n``int_{network-role}``.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-981585", "text": "The pnfRegistration VES event periodicity **MUST** be configurable.\n\nNote: The PNF uses the service configuration request as a semaphore to\nstop sending the pnfRegistration sent. See the requirement PNP-5360\nrequirement.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-98191", "text": "The VNF or PNF **MUST** vary the frequency that asynchronous data\nis delivered based on the content and how data may be aggregated or\ngrouped together.\n\n Note:\n\n - For example, alarms and alerts are expected to be delivered as\n soon as they appear. In contrast, other content, such as performance\n measurements, KPIs or reported network signaling may have various\n ways of packaging and delivering content. Some content should be\n streamed immediately; or content may be monitored over a time\n interval, then packaged as collection of records and delivered\n as block; or data may be collected until a package of a certain\n size has been collected; or content may be summarized statistically\n over a time interval, or computed as a KPI, with the summary or KPI\n being delivered.\n - We expect the reporting frequency to be configurable depending on\n the virtual network functions needs for management. For example,\n Service Provider may choose to vary the frequency of collection\n between normal and trouble-shooting scenarios.\n - Decisions about the frequency of data reporting will affect\n the size of delivered data sets, recommended delivery method,\n and how the data will be interpreted by ONAP. These considerations\n should not affect deserialization and decoding of the data, which\n will be guided by the accompanying JSON schema or GPB definition\n files.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-98374", "text": "A VNF's Heat Orchestration Template's ``OS::Nova::Server`` resource property\n``metadata`` key/value pair ``vf_module_id`` parameter ``vf_module_id``\n**MUST NOT**\nhave parameter constraints defined.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-98407", "text": "A VNF's Heat Orchestration Template's ``{vm-type}`` **MUST** contain only\nalphanumeric characters and/or underscores '_' and **MUST NOT**\ncontain any of the following strings:\n``_int`` or ``int_`` or ``_int_``.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-98450", "text": "A VNF's Heat Orchestration Template's base module or incremental module\nresource ``OS::Nova::Server``\nproperty ``availability_zone`` parameter\n**MUST** follow the naming convention\n\n* ``availability_zone_{index}``\n\nwhere ``{index}`` is a numeric value that **MUST** start at zero\nin a VNF's Heat Orchestration Templates and **MUST**\nincrement by one.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-98569", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_int_{network-role}_v6_ips``\n**MUST** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-98617", "text": "The VNF Provider **MUST** provide documentation regarding any dependency\n(e.g. affinity, anti-affinity) the VNF has on other VNFs and resources.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-98905", "text": "The VNF's Heat Orchestration Template's Resource\n``OS::Neutron::Port`` property ``fixed_ips``\nmap property ``ip_address`` parameter\n``{vm-type}_{network-role}_ips``\n**MUST NOT** be enumerated in the\nVNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-98911", "text": "The VNF or PNF **MUST NOT** use any instance specific parameters\nfor the VNF or PNF in roles/cookbooks/recipes invoked for a VNF or PNF\naction.", "keyword": "MUST NOT", "result": "PASS", "errors": [] }, { "id": "R-98989", "text": "The VNF **SHOULD** utilize resource pooling (threads,\nconnections, etc.) within the VNF application so that resources\nare not being created and destroyed resulting in resource management\noverhead.", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-99110", "text": "A VNF's Heat Orchestration Template's Resource\n``OS::ContrailV2::VirtualNetwork`` Resource ID **MUST** use the naming\nconvention\n\n* ``int_{network-role}_network``\n\nVNF Heat Orchestration Templates can only create internal networks.\nThere is no ``{index}`` after ``{network-role}`` because ``{network-role}``\n**MUST** be unique in the scope of the VNF's\nHeat Orchestration Template.", "keyword": "MUST", "result": "SKIP", "errors": [] }, { "id": "R-99174", "text": "The VNF **MUST**, if not integrated with the Operator's Identity and\nAccess Management system, support the creation of multiple IDs so that\nindividual accountability can be supported.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-99646", "text": "A VNF's YAML files (i.e, Heat Orchestration Template files and\nNested files) **MUST** have a unique name in the scope of the VNF.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-99656", "text": "The VNF **MUST** NOT terminate stable sessions if a VNFC\ninstance fails.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-99730", "text": "The VNF **MUST** include the field \"Login ID\" in the Security\nalarms (where applicable and technically feasible).", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-99766", "text": "The VNF **MUST** allow configurations and configuration parameters\nto be managed under version control to ensure the ability to rollback to\na known valid configuration.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-99771", "text": "The VNF **MUST** have all code (e.g., QCOW2) and configuration files\n(e.g., HEAT template, Ansible playbook, script) hardened, or with\ndocumented recommended configurations for hardening and interfaces that\nallow the Operator to harden the VNF. Actions taken to harden a system\ninclude disabling all unnecessary services, and changing default values\nsuch as default credentials and community strings.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-997907", "text": "The VNF or PNF **SHOULD** support TLS as secure transport for the NETCONF\nprotocol according to [RFC7589].", "keyword": "SHOULD", "result": "PASS", "errors": [] }, { "id": "R-99794", "text": "An external network **MUST** have one subnet. An external network\n**MAY** have more than one subnet.", "keyword": "MUST", "result": "PASS", "errors": [] }, { "id": "R-99798", "text": "A VNF's Heat Orchestration Template's Virtual Machine\n(i.e., ``OS::Nova::Server`` resource) **MAY** boot from an image or\n**MAY** boot from a Cinder Volume.", "keyword": "MAY", "result": "PASS", "errors": [] }, { "id": "R-99812", "text": "A value for VNF's Heat Orchestration Template's property ``name``\nfor a non ``OS::Nova::Server`` resource **MUST NOT** be declared\nin the VNF's Heat Orchestration Template's Environment File.", "keyword": "MUST NOT", "result": "PASS", "errors": [] } ] }