Hi Srini, Your 3rd bullet describes what I have described as a requirement earlier - Ability to discover running instance of NS and then tie it as part of new deployment - which I was told to be available as part of Allotted Resource Model. I did ask whether we have this implemented in ONAP, but I never got any response for that question.
Coming to your original question, I believe there should be 2 templates ( or blueprints whichever you want to call ), one to describe a basic network service and another to describe how possibly such network services could be chained. Needless to say each such NS would again be realised as a chain as (X)NFs, but at the highest level, NS could be basic building block. When a NS is marked to be chained as part of Blueprint, Orchestrator should be prepared to find the runtime instance of NS at later part of time when chaining request arrives ( Addition of DLP scenario ). To summarise : The probability of a NS can be chained should be expressed as part of Design time. The exact chaining can happen dynamically during runtime. However it is quite difficult to chain VNFs arbitrarily during runtime without proper hints available to the system. BR, Viswa <http://www.verizon.com> Viswanath Kumar Skand Priya Senior Architect Technology, Architecture & Planning On Sat, Nov 10, 2018 at 12:41 AM Srini <[email protected]> wrote: > Thanks Chaker for detailed response. Yes, realization of that in ONAP is > one aspect of it and thanks for providing few methods to realize this. My > question was mainly on the ONAP northbound side. How does NS is expected to > be defined? Are you implying following? > > - Onboard NS with Security and SDWAN VNFs. > > - When customer signs up for basic service, instantiate this NS > using SO API. This will internally create NS instance in A&AI and > associates security VNF and SDWAN VNF to this run NS instance. And then it > creates VF (which holds dynamic information of VNF) for both VNF and SDWAN > VNFs. > > - When customer adds new function for its own existing service at > later time (no SDC involvement), modify the run time NS instance with DLP > VNF and then instantiate new VNF and realize using options you mentioned. > Is it possible today? > > > > Thanks > > Srini > > > > > > *From:* Chaker Al Hakim [mailto:[email protected]] > *Sent:* Friday, November 9, 2018 9:59 AM > *To:* [email protected]; Addepalli, Srinivasa R < > [email protected]> > *Subject:* RE: Help on realizing dynamic services/VNFs using ONAP > > > > HI Srini, > > > > Scenario 1: design your basic service with enough virtual port(standby) > to support the DLP function if/when the customer requests it. If the > customer does request the DLP feature you can then orchestrate the DLP VNF > and attach it to the standby Virtual networks (disadvantage: Not a good way > to optimize the usage f you virtual resources) > > Scenario 2: would be to orchestrate the service as an advanced service > with the DLP function deactivated (no routes configured from the security > appliance VNF to the DLP VNF). when the customer requests the advanced > feature you can modify the routes in the security VNF through the SDN > controller (Disadvantage: wasting more resources but could be seamless from > the customer perspective) > > > > Just to make sure were on the same page: IPS= Intrusion Prevention > System(VNF), DLP= Data Loss Prevention(VNF) > > > > Regards, > > Chaker > > > > > > *From:* [email protected] [mailto:[email protected] > <[email protected]>] *On Behalf Of *Srini > *Sent:* Friday, November 09, 2018 11:16 AM > *To:* [email protected] > *Subject:* [onap-discuss] Help on realizing dynamic services/VNFs using > ONAP > > > > Scenario: > > > > - Customer of operator signs up for a basic function that requires > > o Creation of set of virtual networks. > > o Instantiation of security (firewall + IPS) with appropriate routes > > o Instantiation of SDWAN (could be set of workloads) with appropriate > routes. > > - Customer after few days, also requests a DLP function, which > requires > > o Creation of additional virtual networks > > o Instantiation of DLP workload > > o Modifying the routes in security and SDWAN workloads such that > outbound traffic goes via security-to-DLP-to-SDWAN-Internet. > > > > How can this be realized in ONAP? > > > > One method is : > > - Onboarding: > > o On board Security VNF, SDWAN VNF and DLP VNF > > o Create two NSes : Basic and Advanced. > > § Basic to have two VNFs (security VNF and SDWAN VNF and associated > virtual networks). > > § Advanced to have three VNFs (Security VNF, SDWNA VNF and DLP VNF) > > - Instantiation with Basic (when customer first signs up) > > - When customer requests additional function – DLP, then > > o Bring down existing service > > o Instantiate advanced service. > > > > Few challenges with above approach : > > - Disruption in the service as existing VNFs are being brought > down. > > - Losing the configuration of existing VNFs. > > > > What are the best practices in mitigating above challenges? And how do > NSes are expected to be defined? > > Does change management functionality help in this scenario? > > Appreciate your time and thoughts. > > > > Thanks > > Srini > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#13675): https://lists.onap.org/g/onap-discuss/message/13675 Mute This Topic: https://lists.onap.org/mt/28077557/21656 Group Owner: [email protected] Unsubscribe: https://lists.onap.org/g/onap-discuss/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
