Page tree
Skip to end of metadata
Go to start of metadata

Virtualized Infrastructure Deployment Policies:

  • Proposed name for the project: Virtualized Infrastructure Deployment Policies
  • Proposed name for the repository: copper
  • Project Categories: (Requirements)

Project description:

The overall goal of this project is to support the ability to ensure virtualized infrastructure complies with policies related to how that infrastructure is deployed, e.g. affinity and partitioning (e.g. per regulation, control/user plane separation, cost…).

The initial goal is to assess “off the shelf” basic OPNFV platform support for policy management, using existing open source projects such as OpenStack Congress and OpenDaylight Group-Based Policy (GBP).

In the process, the project will assess what policy-related features are currently supported through research into the related projects in OpenStack and ODL, and testing of integrated vanilla distributions of those and other dependent open source projects in the OPNFV’s NFVI platform scope.

Based upon the analysis and testing, prioritized gaps will be identified and a feasible set selected for development in OPNFV Release 1 or subsequent release, as time permits.

Scope:

Describe the problem being solved by project:

Policy management seeks to ensure compliance with constraints. For NFVI deployment, it can direct and validate the provisioning of resources by infrastructure managers, per the needs of an application / VNF. Such validation is necessary to enable reliable, programmatic deployment of NFVI resources, a fundamental enabler of the service deployment agility promised by NFV. “Deployment” as used here refers primarily to initial resource provisioning for VNF instantiation, but also to provisioning in response to events in the lifecycle of a VNF.
Deployment-focused policies appear to be somewhat addressed by existing open source projects, although the degree of support is unclear at this time. Further analysis and testing is required to assess supported approaches to policy monitoring and enforcement, e.g.:

  • What methods are supported by the data source (e.g. OpenStack component, ODL controller)
  • The necessary scalability of the compliance-checking system for particular use cases
  • The performance needed in detecting and responding to violations
  • The complexity of policies, e.g. cross-component

Specify any interface/API specification proposed:

Policies and their processing may affect the Nf-Vi, Vi-Vnfm, and Or-Vi interfaces, and functions of the VIM and NFVI. Details are TBD.

Specify testing and integration:

Initially, a use case driver application will be built to execute policy-related actions via the published interfaces of VIM components, in a sandbox test environment. This will be used to assess operational capabilities of the VIM components.
As upstream-focused development activities are initiated:

  • Unit tests will be developed for all code submissions.
  • Manual tests will be updated to exercise the new features.

The project will be integrated with the CI infrastructure/process that OPNFV has developed by that time.
This project intends to serve as a driver for the Macro Test Plan and Micro Test Plan developed by the VNF Deployment Test Cases project proposal.

Identity a list of features and functionality will be developed:

VIM (e.g. OpenStack) shall be able to configure resources (compute, network, storage) per defined policies for initial usage.
VIM (e.g. OpenStack) northbound interfaces (Or-Vi, Vi-Vnfm) shall be able to receive and respond to such policy-constrained configuration requests for NFVI. In this regard, the following interfaces shall be implemented taking GS NFV-MAN 001 V0.6.4 (2014-10) into account:

  • Virtualised resources policy management (GS NFV-MAN 001: Chapter 4.5.2, 5.4.1, )
  • Policy administration interface (GS NFV-MAN 001: Chapter 7.4)
  • NFVI Hypervisor management interface operations (GS NFV-MAN 001: Chapter 7.6.2)
  • NFV Orchestrator pre-allocation processing (GS NFV-MAN 001: Chapter B.3.1.6)
  • Network Service instantiation flows (GS NFV-MAN 001: Chapter B.3.1.6 C.3)
  • Policy-related elements of Network Service Descriptor (GS NFV-MAN 001: Chapter 6.2.1.1)
    • VNF Forwarding Graph policy-driving elements (GS NFV-MAN 001: Chapter 6.5.1.2, 6.5.2.2)
    • Affinity attribute (GS NFV-MAN 001: Chapter 6.2.1.3.2)
    • CPU-related attributes (GS NFV-MAN 001: 6.3.1.2.2)
    • Memory-related attributes (GS NFV-MAN 001: 6.3.1.2.3)

Identify what is in or out of scope. So during the development phase, it helps reduce discussion:

In scope:

  • Interfaces to other policy engines
  • Event-based policy monitoring (meaning pub/sub events, not polling)
  • Delegated policy enforcement: Create, Modify, Activate, Delete operations on component subpolicies
  • Reporting violations
  • Proactive enforcement
  • Policy violation correction
  • Auditing compliance
  • These basic features seem to be somewhat supported and will be the initial focus of our Congress testing in OPNFV:
    • Automation via northbound interfaces enabling policies to be orchestrated by a higher-layer policy engine
    • Event-driven using simple table-based policies for static or contextual response to events
    • Note currently “events” are only poll-based events.
    • Deployment focused policies e.g. affinity and partitioning
    • Poll-based policy monitoring

Out of scope: this project intends to avoid overlap with other proposed projects, e.g.

  • Resource Reservation
  • Fault Management

Policy is a complex, multi-faceted concept, with many purposes and related methods. It is highly likely that OPNFV Release 1 will be able to deliver only the most basic of deployment policy support, and that future releases will be needed to help drive broader policy support goals.

Testability: (optional, Project Categories: Integration & Testing)

Continuous integration test support where feasible, will be developed for all high-priority use cases. Additional automated and manual testing will be developed where necessary. The project will leverage the basic OPNFV test tools and platform distribution, and customize it as needed to enable special focus testing e.g. OpenStack / ODL integrated policy tests. Policy management performance tests will be a key objective, as will the reliability of the policy management system in HA environments and fault scenarios.

Documentation: (optional, Project Categories: Documention)

This project intends to produce the following documentation supporting Deployment Policy as a capability of the OPNFV platform:

  • Installation Guide
  • User Guide
  • Developer Guide

Dependencies:

The project will depend upon the Get Started project for establishing the basic OPNFV platform that will be used for gap analysis testing.

Some underlying platform capabilities of this project (e.g. pub/sub interfaces for event-driven policy enforcement) may be common with other proposed policy-related projects, e.g. Resource Reservation (Promise) and Fault Management (Doctor). These common capabilities may be factored out into new dependent projects, in order to optimize the scope of this project.

Upstream project dependencies may include:

Open source upstream projects and release timeline include:

  • OpenStack Juno Release, 10-16-2014
  • Open Daylight Helium Release, 09-30-2014

Specific development staged with respect to upstream projects and releases is TBD.

External fora or standard development organization dependencies:

  • ETSI GS NFV001 “Network Function Virtualization – Use Cases”
  • ETSI GS NFV002 “Network Function Virtualization – Architectural Framework”
  • ETSI GS NFV004 “Network Function Virtualization – Virtualization Requirements”
  • ETSI GS NFV INF001 “Network Function Virtualization – Infrastructure Architecture Overview”
  • ETSI GS NFV INF003 “Network Function Virtualization – Infrastructure Architecture; Architecture of Compute Domain”
  • ETSI GS NFV INF004 “Network Function Virtualization – Infrastructure Architecture; Architecture of Hypervisor Domain”
  • ETSI GS NFV INF005 “Network Function Virtualization – Infrastructure Architecture; Architecture of Infrastructure Network Domain”

Committers and Contributors:

  • Contributors
    • Bryan Sullivan, AT&T
    • Staffan Blau (staffan.blau@ericsson.com)
    • Dave Lenrow, HP (david.lenrow@hp.com)
    • Ryota Mibu, NEC (r-mibu@cq.jp.nec.com)
    • Michael K Bugenhagen, Century Link (Michael.K.Bugenhagen@centurylink.com)
    • Tang Delong, ZTE (tang.delong@zte.com.cn)
    • Zhipeng Huang, Huawei (huangzhipeng@huawei.com)
    • ...
  • Names and affiliations of the committers
    • Bryan Sullivan, AT&T (documentation)
    • Dave Lenrow, HP (david.lenrow@hp.com)
    • Staffan Blau (staffan.blau@ericsson.com)
    • Zhipeng Huang, Huawei (huangzhipeng@huawei.com)

Planned deliverables

In the first release, the goal will be to:

  1. assess the capabilities of the OPNFV platform as it develops, per prioritized use cases
  2. document these capabilities and gaps in a document
  3. as needed based upon the test results, initiate blueprint/project proposals in the upstream projects for closure of the gaps

Proposed Release Schedule:

This project is planned for the first release of OPNFV platform.
Alignment with upstream release cadences is TBD pending identified and prioritized gaps.

  • No labels