The present document specifies the functional requirements, interfaces and operations to support the provision of network services across multiple administrative domains based on the interactions between NFVOs in different administrative domains (supported over the Or-Or reference point).
The present document also specifies the information elements exchanged over the specified interfaces.
The different aspects specified in the present document are derived from ETSI GR NFV-IFA 028.
The present document specifies the performance measurements that are exposed on various NFV MANO reference points (e.g. Or-Vnfm, Ve-Vnfm-em, Vi-Vnfm, Or-Vi and Os-Ma-nfvo). ETSI GS NFV-TST 008 specifies the Network Function Virtualisation Infrastructure (NFVI) performance metrics that will be reported to Virtualised Infrastructure Manager (VIM). VIM processes the performance metrics received from NFVI to generate performance measurements to be sent to NFV Orchestrator (NFVO) and VNF Manager (VNFM). VNFM and NFVO conduct further processing to generate performance measurements.
The present document defines the requirements to interface the Security Control to NFV-MANO as described in ETSI GS NFV-SEC 013 and the LI Controller in ETSI GR NFV-SEC 011. The present document identifies the extensions to the NFV-MANO architecture related to security management and monitoring. Multiple trust domains are considered.
The present document outlines the requirements for integrity and authenticity protection by signing VNF Package artifacts and verifying these artifacts during instantiation. The present document also considers the confidentiality of VNF Package artifacts and outlines a process for the service provider to provide confidentiality during onboarding. The present document expands on requirements for security and integrity of a VNF Package that is defined in ETSI GS NFV-IFA 011, clause 6.2.4 and ETSI GS NFV-SOL 004, clause 5.
VNF Package security validation check during the onboarding is a crucial factor for the successful deployment of VNFs. During the onboarding, the authenticity and integrity of the VNF Package is verified against the signature provided by the VNF provider. There are more potential ways to exploit the VNF Packages while it is in the NFV- MANO domain (i.e. while the VNF package is stored within different NFV-MANO catalogues). The existing methods do not ensure that the operator has the opportunity and means to authorize VNF Packages for deployment on their network (e.g. avoid a VNF intended for one deployment scenario with a valid VNF provider certificate being loaded by an attacker into another network operator's catalogue). Furthermore, some operators might wish to undertake additional security validation of the VNF Package during the onboarding process and operator's signing could be used to certify the VNF as authorized to onboard into the operator's network.
The present document specifies a data model for NFV descriptors, using the TOSCA Simple Profile in YAML, fulfilling the requirements specified in ETSI GS NFV-IFA 011 and ETSI GS NFV-IFA 014 for a Virtualised Network Function Descriptor (VNFD), a Network Service Descriptor (NSD) and a Physical Network Function Descriptor (PNFD). The present document also specifies requirements on the VNFM and NFVO specific to the handling of NFV descriptors based on the TOSCA Simple Profile in YAML specification.
The present document defines the protocol and data model for the following interfaces used over the Ve-Vnfm reference point, in the form of RESTful Application Programming Interfaces (APIs) specifications:
VNF Lifecycle Management interface (as produced by the VNFM towards the EM/VNF).
VNF Performance Management interface (as produced by the VNFM towards the EM).
VNF Fault Management interface (as produced by the VNFM towards the EM).
VNF Indicator interface (as produced by the EM/VNF towards the VNFM).
VNF Configuration interface (as produced by the VNF towards the VNFM). Table 4.1-1 lists the versions of the APIs defined in the present document.
The present document describes how Network Functions Virtualisation (NFV) related interfaces and abstractions are to be derived and specified. It describes the concepts associated with these interfaces and abstractions. It covers the specification process / methodology in general. It presents a cross-cutting framework which covers compute, hypervisor and infrastructure network domains, also data, control and management planes.
The present document does not specify all the interfaces and abstractions as these are covered by other documents, e.g. the NFV INF domain specific documents. Examples of interfaces and abstractions are nevertheless supplied to illustrate the methodology.
The present document does not provide any detailed specification but makes reference to specifications developed by other bodies and to potential specifications, which, in the opinion of the NFV ISG could be usefully developed by an appropriate standards development organization (SDO). Furthermore the NFV INF domain specific documents will not provide detailed specifications either.
The present document enumerates metrics for NFV infrastructure, management and orchestration service qualities that can impact the end user service qualities delivered by VNF instances hosted on NFV infrastructure. These service quality metrics cover both direct service impairments, such as IP packets lost by NFV virtual networking which impacts end user service latency or quality of experience, and indirect service quality risks, such as NFV management and orchestration failing to continuously and rigorously enforce all anti-affinity rules which increases the risk of an infrastructure failure causing unacceptable VNF user service impact. Performance relationships exist between the metrics described in this document and in other specifications such as draft-ietf-ippm-model-based-metrics-02 (work in progress) (February 2014): "Model Based Bulk Performance Metrics", M. Mathis and A. Morton.
The present document does not consider:
Units of measurement for reporting, such as whether VM premature release rates should be expressed as hourly rate (e.g. 0,0001 premature VM release events per hour), annualized rate (e.g. 0,88 premature VM release events per year), hours between events (e.g. 10 000 hour mean time between premature release events), or events per other unit of time (e.g. 100 000 FITs, meaning 100 000 premature release events in one billion hours of operation).
Methods of Measurement which stipulate exactly how metrics will be measured.
Rigorous counting and exclusion rules, like the precise details given in the TL 9000 Measurements Handbook TL 9000 Measurements Handbook, release 5.0, July 2012, QuestForum (http://www.tl9000.org/handbooks/measurements_handbook.html)
Metrics that do not directly or indirectly impact VNF user service quality, like power efficiency.
The present document describes the management and orchestration framework required for the provisioning of virtualised network functions (VNF), and the related operations, such as the configuration of the virtualised network functions and the infrastructure these functions run on. The objectives are to define this framework, provide requirements for management and orchestration, identify topics that may serve in later gap analysis against current standards, identify best practices and provide guidance on how to address identified new topics. The focus of the present document is on aspects of management and orchestration that are specific to NFV.
The present document addresses the following topics of management and orchestration: architecture framework for management and orchestration of NFV, information elements, interfaces, provisioning, configuration, and operational management, including interworking with existing operations and management systems.
The present document objective is to identify the most common and relevant software architectural patterns present when virtualising network functions and therefore to identify and specify functional requirements necessary to enable such patterns. The information consolidated is reflecting the experience from vendors and operators going through virtualisation of a number of network functions, with a focus on the use case list provided by the NFV Use Cases GS document ETSI GS NFV 001 (V1.1.1): "Network Functions Virtualisation (NFV); Use Cases”.
The present document describes the Network Function Virtualisation abstract software architecture comprising of the following topics:
Defining the functions, and interfaces of software architecture relative to the NFV overall architecture.
Supporting Management and Orchestration Functional requirements.
Supporting Infrastructure requirements.
Describing best practices for NFV Design.
Functional Decomposition types and use cases.
The present document does not provide any detailed specification. However, the present document makes reference to specifications developed by other bodies, gap, and to potential specifications.
The present document provides an overview of NFV acceleration techniques and suggests a common architecture and abstraction layer, which allows deployment of various accelerators within the NFVI and facilitates interoperability between VNFs and accelerators. The present document also describes a set of use cases illustrating the usage of acceleration techniques in an NFV environment.
The present document defines a framework for use within ETSI NFV ISG to coordinate and promote public demonstrations of Proofs of Concept (PoC) illustrating key aspects of NFV.
The objective for the PoCs is to build commercial awareness and confidence and encourage development of an open ecosystem by integrating components from different players.
This framework outlines:
