This proposal is for a performance improvement of list APIs of Tacker
for considering actual usecases in which a lot of entries, for
example thousands or more. From our simple evaluation, it takes 10
seconds or more for the usecases and it must be too long for users.
So, we'll reduce the time of querying, especially for typical
usecases.
Implements: blueprint perf-improve-list-apis
Change-Id: I164a55f349d71fe732127675c0851f8f48911095
Proposal for implementing OpenTelemetry plugin for introducing
observability feature in Tacker. OpenTelemetry is the one of the most
popular framework for providing observability and covering comperensive
usecases not only for VNF/CNF but also infra features [1].
[1] https://opentelemetry.io/
Implements: blueprint otel-monitoring
Change-Id: If35a064a966bdd5e59dab66367ca3218e7c12637
Signed-off-by: Yasufumi Ogawa <yasufum.o@gmail.com>
The purpose of this spec is to introduce a usecase example of Cilium
CNI [1] for high-performance network connectivity.
[1] https://cilium.io/
Implements: blueprint intro-cilium
Change-Id: I8713f7ecc39147ad15b4eeeb5905778ee8f4ed80
Signed-off-by: Yasufumi Ogawa <yasufum.o@gmail.com>
This specification proposes to update Tacker horizon with the latest
NFV Orchestration API v2.0. The current Tacker-horizon cannot call the
latest NFV Orchestration API v2.0, although it can call the legacy
APIs. As the Tacker community has announced the deprecation of the
legacy API included in NFV Orchestration API v1.0, we should update
them to the views to use the v2.0 API. In addition, new users who do
not know the background of Tacker development might perceive them as
the main features of Tacker. Such misunderstanding may ruin Tacker's
reputation.
Implements: blueprint v2-api-horizon
Change-Id: I40c1f394edbdd91f93be6eee60f2c98400cc6c03
This patch adds processing equivalent to the promote-openstack-specs
job to the tacker-spec's Zuul job and fixes the display problem of
2023.2 Specs[1].
Also, change the sphinx extension "sphinxcontrib.plantuml" to
"sphinxcontrib.mermaid" to eliminate the dependency on Java
in the build environment.
[1] https://specs.openstack.org/openstack/tacker-specs/
Closes-Bug: #2037035
Change-Id: I82a1e549b51669e82d10daaad4378f7a049cf95a
This specification describes the encryption and decryption methods
for authentication credentials in Tacker by using an external key
manager service such as OpenStack Key Manager (barbican).
Implements: blueprint support-external-keymanager
Change-Id: I384891eb1f967d7ab21639a18899a75e995e767b
This specification describes the enhancement of Kubernetes infra-driver
in Tacker to support LCM operation of Kubernetes Custom Resources (CR)
as CNF, using Kubernetes Cluster API (CAPI) as an example CR. The scope
of the present document includes instantiation, termination, scale and
update of CNFs including CRs for CAPI.
Implements: blueprint support-k8s-cr
Change-Id: Idddaa1f3c95f057736c8d2da24d292e8be1f1150
This specification describes Terraform Infra-driver in Tacker. The
scope of the present document includes VNF instantiation and
termination with this new infra-driver, using AWS as an example NFVI.
Implements: blueprint terraform-infra-driver
Change-Id: I4df1f8f241742b07784751b507466509693c7a8a
The spec of "Enhancement of Tacker API Resource Access Control"
will be updated for the following items.
* The attribute of "namespace" and the special roles of "NAMESPACE" are
changed to "tenant" and "TENANT" in Antelope
* Add tenant control for VNF will be supported in Bobcat
(Remove the expression of "CNF only".)
This patch fixes these changes in the current spec.
Implements: blueprint enhance-api-policy
Change-Id: I71571607804b5ac1d2cd7a77cf34e89b1ec4af03
This patch enables the sphinx PlantUML extension. As PlantUML is often
used in Tacker documents, authors of specs can re-use diagrams when
they write user guides with small revising.
To build plantUML with a sphinx PlantUML extension:
- Updated conf.py
- Updated requirements
- Added plantuml.jar
To use the sphinx PlantUML extension in Zuul jobs:
- Added bindep [1][2] to install graphviz
- Added pre.yaml to install java [3]
- Updated setup.cfg (this is necessary to place more than two
directories at the project root)
Others:
- Added examples to 2023.2/placeholder.rst and template.rst
[1] https://github.com/openstack/cinder-specs/blob/master/bindep.txt
[2] https://docs.opendev.org/opendev/bindep/latest/readme.html
[3] https://opendev.org/zuul/zuul-jobs/src/branch/master/roles/ensure-java
Change-Id: I72c2c7887ceba4734b367f7e5bc78921eb0ab0a1
"Enhance Placement Process" has the following spec changes in Bobcat.
* In AZ reselection, select AZ considering Anti-Affinity of
PlacementConstraint
* Change Heat-API to get an error message when "stack create/update"
fails from "Show stack details" to "List resource events"
considering the use of rollback option
This patch fixes these changes.
Implements: blueprint enhance-placement
Change-Id: Iaa082354cdcefe01f9ae6a3cc22207c3b28eafab
Add data model impact for `downloading` field to count
the num of conductors downloading VNF packages.
Implements: blueprint support-multi-conductors-onboarding
Change-Id: I62d225bc74dde9c15267898f72893d4f11b8f6a0
This specification proposes two improvements about mgmt driver.
First is defining the interface of error handling
between Tacker and Mgmt Driver.
Second is improving the message of exception
raised when Ansible playbook fails.
Implements: blueprint improving-mgmt-driver-log
Change-Id: Iaa3a4f58f8fb8341eb49dd2a2b5248bf76612bf7
In the OpenStack Zed cycle, the Technical committee proposed
introducing the project scope reader and member role [1].
A project-reader persona will operate within its project
resource, and have read-only access within the project.
A project-member is denoted by someone with a member role
on a project. It is intended to be used by end users who
consume resources within a project. It inherits all the
permissions of a project-reader.
In order to implement the project-member and project-reader role
we need to depreciate the existing "owner" rule which allows
any role to behave as the owner of the project.
This specification discusses the implementation of the project
personas (project-reader and project-member) in Tacker.
[1] https://review.opendev.org/c/openstack/governance/+/847418
Implements: bp implement-project-personas
Change-Id: I12b8168f14d1e0286df34a06c4f0020365e66308
This specification describes implements of fine-grained
access control based on user and VNF information for API resources.
It will extend user information to include role, VIM information, VNF
instance information,
and implement the policy enforcer that uses not only roles, but also
user and VNF information.
The following items will be supported.
1. Add additional attributes to resources when be created.
2. Change the API process to support Tacker policy checker.
3. Add the Tacker policy filter to the list API processes.
4. Convert special roles to API attributes in context.
5. Add a configuration option and policy samples.
Implements: blueprint enhance-api-policy
Change-Id: Ib8f1c83be1bec3644f0fbead46ccd6ab7c2d4e83
This spec provides some implementations for supporting receiving alerts
from External Monitoring Tools and VNFM(tacker)-driven AutoHeal and
AutoScale without NFVO. This implementation only supports VNF and CNF
instantiated through Tacker's v2 API.
Implements: blueprint support-auto-lcm
Change-Id: I5ef4428f722d4da288469a4636020e2f0eb0ef5b
This specification proposes tacker-db-manage improvements to
support Multi-DB backends, especially PostgreSQL as Tacker DB backend.
The following items will be supported.
1. Add PostgreSQL migration functions to tacker-db-manage.
2. Add PostgreSQL migration functions to Tacker.
3. Add PostgreSQL install manuals to Tacker Installation Guide.
Implements: blueprint support-multidb-backend
Change-Id: Iac23778091d00d26724b07a9571ff16c7a699dee
This specification provides implementations of "Thresholds"
resource for supporting Performance Management interface
with external monitoring tools such as Prometheus.
Tacker Zed release has supported ETSI NFV-SOL
based Fault Management and Performance Management interfaces,
but Thresholds resource is not implemented.
The following items will be supported.
1. Add support Thresholds resource for PM interface.
2. Enhance notification to Client.
3. Add support of RESTful API for communications between
Tacker and External Monitoring Tool.
4. Add new unit and functional tests.
Implements: blueprint support-auto-lcm
Change-Id: I7bc8af96e3e2a3290891f42821597184d5f77a25
This specification proposes a sample coordinateVNF script
for rolling update with external management systems
(e.g., Operations Support Systems (OSS)/Element Manager (EM)).
This specification focuses on only VNF update
by the ChangeCurrentVNFPackage API.
Change-Id: I612b96bd993a1e5e52e142f84c57cc11de92cf68
Implements: blueprint add-sample-coordinate-script
"Enhance Placement Process" has the following spec changes in Antelope.
* In AZ reselection, randomly select from unselected AZs without
considering Affinity/Anti-Affinity
* Only StandardUserData is the target of reselection processing
(Delete the description of AutoScalingGroup)
* Delete the configuration value for whether to reselect AZ
This patch fixes these changes and moves spec of
"Enhance Placement Process" to the directory for 2023.1.
Implements: blueprint enhance-placement
Change-Id: I3629f17e8df17a2947100215e4ad7556fa812124
An enhancement of the multi-tenant policy in the VNF lifecycle
management.
* Discussion to enable a non-admin role user to instantiate VNF.
* Add design for negative functional test cases for VNF LCM
operations and validate notification is received by the tenant
specified in the subscription sequence.
Implements: bp enhance-multi-tenant-policy
Change-Id: Idf398ea9bf083afdecb99a0cea3c539a34ec17d3
The DB migration tool migrates DB from v1 API to v2 API
without service outage of the VNF, which would be implemented by
adding the functionality to the tacker-db-manage command.
Implements: blueprint db-migration-tool
Change-Id: I8cb4e925bd937d79bebaa346dd7dcc634355c97d
