Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Instantiation Rules

POMBA audit reports are generated based on the rules that applied in the rules engine generating the violations. The following is an initial capture of rules

port-mirroring-port-mirroring-

RuleData SourcesAttributesDescriptionCategorySeverityStoryRelease
1Attribute ComparisonA&AI, SDN-C, Network DiscoveryAll

This rule compares all attributes by the same name from different Context Builders and returns a violation if the fields do no match. This includes the case where the name is present by the value is null in one of the cases.  It does not produce a violation if one of the Context Builders is missing an attribute.

Note in Casablanca, this will be implemented in a non-generic way, and made more generic as a future work item

Attribute MismatchMAJOR?ERROR

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyLOG-434

Casablanca
2vnfc-type
  • aai-instance
  • tosca-csar (SDC)

Validate that each VNFC instance in AAI conforms VNFC type defined in SDC model??VNFC ConsistencyERROR

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyLOG-571

Casablanca
3vnfc-count
  • aai-instance
  • tosca-csar (SDC)

Validate that for each VNFC node defined in SDC model there is at least one VNFC instance in AAI??WARNVNFC ConsistencyWARN

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyLOG-571

Casablanca
4vf-module-type
  • aai-instance
  •  tosca-csar (SDC)

Validate that each VF module instance in AAI conforms VF Module defined in SDC service model??VF ConsistencyCRITICAL

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyLOG-571

Casablanca
5nfc-naming-code
  • aai-instance
nfc-naming-codeValidate that nfc-naming-code exists and is populated in AAI VNFC instance??CRITICALExpected Field PopulatedCRITICAL

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyLOG-571

Casablanca
6data-dictionary-valid-value
  • data dictionary
All (assuming we can tell if not defined in dictionary)Validates for a particular field that its value aligns to what is in the data dictionaryInvalid ValueERROR

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyLOG-404


7vserver-vfmodule
  • aai-instance

If vfModule is present, I expect vserver/VMs to be present within this structure.

Coming soon to release near youFuture
8dataQuality*
When there is a problem with the data provided to the validation engine (data missing due to system issues, etc), this rule shall raise violations. Longer term the plan is to report this in a separate dataQuality field.  Attributes only

Casablanca, not done as a rule

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyLOG-454

Future
9nf-roleaai-instancenf-roleEnsure nf-role was populated in VNF


Future
10SDNC
  • sdnc-instance
  • network discover
  • aai-instance

Compare SDNC reported data against same fields in other data sources

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyLOG-779

Dublin
11data dictionary

Validate attributes of resources contain valid values, when present in data dictionary and data source

Jira Legacy
serverSystem Jira
serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
keyLOG-563



Note that Attribute Comparison in particular needs to check against the following, but should check everything it can

  • Network Discovered attributes
  • Existing AA&I and SDNC Comparisons for
    • vnf-type
    • vnf-name
    • nf-naming-code
  • Newly supported A&AI and SDNC attributes that align with those that have been network discovered
    • VNFInstance.vf-module[x].List of vservers
      VNFInstance.vf-module[x].vserver[x].id
      VNFInstance.vf-module[x].vserver[x].name
      VNFInstance.vf-module[x].vserver[x].inMaint
      VNFInstance.vf-module[x].vserver[x].pserver.hostname
      VNFInstance.vf-module[x].vserver[x].image.image-name
      VNFInstance.vf-module[x].vserver[x].prov-status


      and

      Service.List of networks
      Network.id
      Network.name
      Network.isShared
      Network.uuid
      Network.invariantUUID

Deletion Rules

In the future, we will add additional rules to be able to audit that a service has been completely deleted.  POMBA will likely require an input parameter on the audit initiation request to indicate whether someone wishes to run the instantiation rule set or the deletion rule sets.

Adding New Rules

The rules that POMBA runs are extensible and anyone can add new rules. Note this is in code currently,  but can be done outside of the development cycle and manually applied if desired.  Ideas for rules probably fall into two categories

  • Validating design intent
    • When designing ONAP features, you may wish to add rules to verify that the system is in the state you expect
  • Automation of detecting errors found manually
    • When using or testing the system, you may manually find a data integrity issue and wish to automate its detection in case it happens again