1. Introduction

1.1. Overview

This Reference Architecture is focussed on OpenStack as the Virtualised Infrastructure Manager (VIM) chosen based on the criteria laid out in the Cloud Infrastructure Reference Model [1] (referred to as “Reference Model” or “RM” in the document). OpenStack [2] has the advantage of being a mature and widely accepted open-source technology; a strong ecosystem of vendors that support it, the OpenInfra Foundation for managing the community, and, most importantly, it is widely deployed by the global operator community for both internal infrastructure and external facing products and services. This means that the operators have existing staff with the right skill sets to support a Cloud Infrastructure (or Network Function Virtualisation Infrastructure, NFVI [3]) deployment into development, test and production. Another reason to choose OpenStack is that it has a large active community of vendors and operators, which means that any code or component changes needed to support the Common Telco Cloud Infrastructure requirements can be managed through the existing project communities’ processes to add and validate the required features through well-established mechanisms.

1.1.1. Vision

The OpenStack-based Reference Architecture will host NFV workloads, primarily VNFs (Virtual Network Functions), of interest to the Anuket community. The Reference Architecture document can be used by operators to deploy Anuket conformant infrastructure; hereafter, “conformant” denotes that the resource can satisfy tests conducted to verify conformance with this reference architecture.

1.2. Use Cases

Several NFV use cases are documented in OpenStack. For more examples and details refer to the OpenStack Use cases [4].

Examples include:

  • Overlay networks: The overlay functionality design includes OpenStack Networking in Open vSwitch [5] GRE tunnel mode. In this case, the layer-3 external routers pair with VRRP, and switches pair with an implementation of MLAG to ensure that you do not lose connectivity with the upstream routing infrastructure.

  • Performance tuning: Network level tuning for this workload is minimal. Quality of Service (QoS) applies to these workloads for a middle ground Class Selector depending on existing policies. It is higher than a best effort queue but lower than an Expedited Forwarding or Assured Forwarding queue. Since this type of application generates larger packets with longer-lived connections, you can optimize bandwidth utilization for long duration TCP. Normal bandwidth planning applies here with regards to benchmarking a session’s usage multiplied by the expected number of concurrent sessions with overhead.

  • Network functions: Network functions is a broad category but encompasses workloads that support the exchange of information (data, voice, multi-media) over a system’s network. Some of these workloads tend to consist of a large number of small-sized packets that are short lived, such as DNS queries or SNMP traps. These messages need to arrive quickly and, thus, do not handle packet loss. Network function workloads have requirements that may affect configurations including at the hypervisor level. For an application that generates 10 TCP sessions per user with an average bandwidth of 512 kilobytes per second per flow and expected user count of ten thousand (10,000) concurrent users, the expected bandwidth plan is approximately 4.88 gigabits per second. The supporting network for this type of configuration needs to have a low latency and evenly distributed load across the topology. These types of workload benefit from having services local to the consumers of the service. Thus, use a multi-site approach, as well as, deploying many copies of the application to handle load as close as possible to consumers. Since these applications function independently, they do not warrant running overlays to interconnect tenant networks. Overlays also have the drawback of performing poorly with rapid flow setup and may incur too much overhead with large quantities of small packets and therefore we do not recommend them. QoS is desirable for some workloads to ensure delivery. DNS has a major impact on the load times of other services and needs to be reliable and provide rapid responses. Configure rules in upstream devices to apply a higher-Class Selector to DNS to ensure faster delivery or a better spot in queuing algorithms.

1.3. OpenStack Reference Release

This Reference Architecture document conforms to the OpenStack Wallaby [6] release. While many features and capabilities are conformant with many OpenStack releases, this document will refer to features, capabilities and APIs that are part of the OpenStack Wallaby release. For ease, this Reference Architecture document version can be referred to as “RA-1 OSTK Wallaby.”

1.4. Principles

1.4.1. Architectural principles

This Reference Architecture for OpenStack based Cloud Infrastructure must obey the following set of architectural principles:

  1. Open-source preference: To ensure, by building on technology available in open-source projects, that suppliers’ and operators’ investment have a tangible pathway towards a standard and production ready Cloud Infrastructure solution portfolio.

  2. Open APIs: To enable interoperability and component substitution, and minimise integration efforts by using openly published API definitions.

  3. Separation of concerns: To promote lifecycle independence of different architectural layers and modules (e.g. disaggregation of software from hardware).

  4. Automated lifecycle management: To minimise costs of the end-to-end lifecycle, maintenance downtime (target zero downtime), avoid errors and discrepancies resulting from manual processes.

  5. Automated scalability: To minimise costs and operational impacts through automated policy-driven scaling of workloads by enabling automated horizontal scalability of workloads.

  6. Automated closed loop assurance: To minimise operational costs and simplify Cloud Infrastructure platform operations by using automated fault resolution and performance optimisation.

  7. Cloud nativeness: To optimise the utilisation of resources and enable operational efficiencies.

  8. Security compliance: To ensure the architecture follows the industry best security practices and is at all levels compliant to relevant security regulations.

  9. Resilience and Availability: To allow High Availability and Resilience for hosted VNFs, and to avoid Single Point of Failure.

1.4.2. OpenStack specific principles

OpenStack considers the following Four Opens essential for success:

  • Open Source

  • Open Design

  • Open Development

  • Open Community

This OpenStack Reference Architecture is organised around the three major Cloud Infrastructure resource types as core services of compute, storage and networking, and a set of shared services of identity management, image management, graphical user interface, orchestration engine, etc.

1.5. Document Organisation

Chapter 2 defines the Reference Architecture requirements and, when appropriate, provides references to where these requirements are addressed in this document. The intent of this document is to address all of the mandatory (“must”) requirements and the most useful of the other optional (“should”) requirements. Chapter 3 and 4 cover the Cloud Infrastructure resources and the core OpenStack services, while the APIs are covered in Chapter 5. Chapter 6 covers the implementation and enforcement of security capabilities and controls. Life Cycle Management of the Cloud Infrastructure and VIM are covered in Chapter 7 with stress on Logging, Monitoring and Analytics (LMA), configuration management and some other operational items. Please note that Chapter 7 is not a replacement for the implementation, configuration and operational documentation that accompanies the different OpenStack distributions. Chapter 8 addresses the conformance. It provides an automated validation mechanism to test the conformance of a deployed cloud infrastructure to this reference architecture. Finally, Chapter 9 identifies certain Gaps that currently exist and plans on howto address them (for example, resources autoscaling).

1.6. Terminology

Abstraction: Process of removing concrete, fine-grained or lower-level details or attributes or common properties in the study of systems to focus attention on topics of greater importance or general concepts. It can be the result of decoupling.

Anuket: A LFN open-source project developing open reference infrastructure models, architectures, tools, and programs.

Cloud Infrastructure: A generic term covering NFVI, IaaS and CaaS capabilities - essentially the infrastructure on which a Workload can be executed. NFVI, IaaS and CaaS layers can be built on top of each other. In case of CaaS some cloud infrastructure features (e.g.: HW management or multitenancy) are implemented by using an underlying IaaS layer.

Cloud Infrastructure Hardware Profile: defines the behaviour, capabilities, configuration, and metrics provided by a cloud infrastructure hardware layer resources available for the workloads.

Host Profile: is another term for a Cloud Infrastructure Hardware Profile.

Cloud Infrastructure Profile: The combination of the Cloud Infrastructure Software Profile and the Cloud Infrastructure Hardware Profile that defines the capabilities and configuration of the Cloud Infrastructure resources available for the workloads.

Cloud Infrastructure Software Profile: defines the behaviour, capabilities and metrics provided by a Cloud Infrastructure Software Layer on resources available for the workloads.

Cloud Native Network Function (CNF): A cloud native network function (CNF) is a cloud native application that implements network functionality. A CNF consists of one or more microservices. All layers of a CNF are developed using Cloud Native Principles including immutable infrastructure, declarative APIs, and a “repeatable deployment process”. This definition is derived from the Cloud Native Thinking for Telecommunications Whitepaper, which also includes further detail and examples.

Compute Node: An abstract definition of a server. A compute node can refer to a set of hardware and software that support the VMs or Containers running on it.

Container: A lightweight and portable executable image that contains software and all of its dependencies. OCI defines Container as “An environment for executing processes with configurable isolation and resource limitations. For example, namespaces, resource limits, and mounts are all part of the container environment.” A Container provides operating-system-level virtualisation by abstracting the “user space”. One big difference between Containers and VMs is that unlike VMs, where each VM is self-contained with all the operating systems components are within the VM package, containers “share” the host system’s kernel with other containers.

Container Image: Stored instance of a container that holds a set of software needed to run an application.

Core (physical): An independent computer processing unit that can independently execute CPU instructions and is integrated with other cores on a multiprocessor (chip, integrated circuit die). Please note that the multiprocessor chip is also referred to as a CPU that is placed in a socket of a computer motherboard.

CPU Type: A classification of CPUs by features needed for the execution of computer programs; for example, instruction sets, cache size, number of cores.

Decoupling, Loose Coupling: Loosely coupled system is one in which each of its components has, or makes use of, little or no knowledge of the implementation details of other separate components. Loose coupling is the opposite of tight coupling

Encapsulation: Restricting of direct access to some of an object’s components.

External Network: External networks provide network connectivity for a cloud infrastructure tenant to resources outside of the tenant space.

Fluentd: An open-source data collector for unified logging layer, which allows data collection and consumption for better use and understanding of data. Fluentd is a CNCF graduated project.

Functest: An open-source project part of Anuket LFN project. It addresses functional testing with a collection of state-of-the-art virtual infrastructure test suites, including automatic VNF testing.

Hardware resources: Compute/Storage/Network hardware resources on which the cloud infrastructure platform software, virtual machines and containers run on.

Huge pages: Physical memory is partitioned and accessed using the basic page unit (in Linux default size of 4 KB). Hugepages, typically 2 MB and 1GB size, allows large amounts of memory to be utilised with reduced overhead. In an NFV environment, huge pages are critical to support large memory pool allocation for data packet buffers. This results in fewer Translation Lookaside Buffers (TLB) lookups, which reduces the virtual to physical pages’ address translations. Without huge pages enabled high TLB miss rates would occur thereby degrading performance.

Hypervisor: a software that abstracts and isolates workloads with their own operating systems from the underlying physical resources. Also known as a virtual machine monitor (VMM).

Instance: is a virtual compute resource, in a known state such as running or suspended, that can be used like a physical server. It can be used to specify VM Instance or Container Instance.

Kibana: An open-source data visualisation system.

Kubernetes: An open-source system for automating deployment, scaling, and management of containerised applications.

Monitoring (Capability): Monitoring capabilities are used for the passive observation of workload-specific traffic traversing the Cloud Infrastructure. Note, as with all capabilities, Monitoring may be unavailable or intentionally disabled for security reasons in a given cloud infrastructure instance.

Multi-tenancy: feature where physical, virtual or service resources are allocated in such a way that multiple tenants and their computations and data are isolated from and inaccessible by each other.

Network Function (NF): functional block or application that has well-defined external interfaces and well-defined functional behaviour. Within NFV, a Network Function is implemented in a form of Virtualised NF (VNF) or a Cloud Native NF (CNF).

NFV Orchestrator (NFVO): Manages the VNF lifecycle and Cloud Infrastructure resources (supported by the VIM) to ensure an optimised allocation of the necessary resources and connectivity.

Network Function Virtualisation (NFV): The concept of separating network functions from the hardware they run on by using a virtual hardware abstraction layer.

Network Function Virtualisation Infrastructure (NFVI): The totality of all hardware and software components used to build the environment in which a set of virtual applications (VAs) are deployed; also referred to as cloud infrastructure. The NFVI can span across many locations, e.g., places where data centres or edge nodes are operated. The network providing connectivity between these locations is regarded to be part of the cloud infrastructure. NFVI and VNF are the top-level conceptual entities in the scope of Network Function Virtualisation. All other components are sub-entities of these two main entities.

Network Service (NS): composition of Network Function(s) and/or Network Service(s), defined by its functional and behavioural specification, including the service lifecycle.

Open Network Automation Platform (ONAP): A LFN project developing a comprehensive platform for orchestration, management, and automation of network and edge computing services for network operators, cloud providers, and enterprises.

ONAP OpenLab: ONAP community lab.

Open Platform for NFV (OPNFV): A collaborative project under the Linux Foundation. OPNFV is now part of the LFN Anuket project. It aims to implement, test, and deploy tools for conformance and performance of NFV infrastructure.

OPNFV Verification Program (OVP): An open-source, community-led compliance and verification program aiming to demonstrate the readiness and availability of commercial NFV products and services using OPNFV and ONAP components.

Platform: A cloud capabilities type in which the cloud service user can deploy, manage and run customer-created or customer-acquired applications using one or more programming languages and one or more execution environments supported by the cloud service provider. Adapted from ITU-T Y.3500. This includes the physical infrastructure, Operating Systems, virtualisation/containerisation software and other orchestration, security, monitoring/logging and life-cycle management software.

Prometheus: An open-source monitoring and alerting system.

Quota: An imposed upper limit on specific types of resources, usually used to prevent excessive resource consumption by a given consumer (tenant, VM, container).

Resource pool: A logical grouping of cloud infrastructure hardware and software resources. A resource pool can be based on a certain resource type (for example, compute, storage and network) or a combination of resource types. A Cloud Infrastructure resource can be part of none, one or more resource pools.

Simultaneous Multithreading (SMT): Simultaneous multithreading (SMT) is a technique for improving the overall efficiency of superscalar CPUs with hardware multithreading. SMT permits multiple independent threads of execution on a single core to better utilise the resources provided by modern processor architectures.

Shaker: A distributed data-plane testing tool built for OpenStack.

Software Defined Storage (SDS): An architecture which consists of the storage software that is independent from the underlying storage hardware. The storage access software provides data request interfaces (APIs) and the SDS controller software provides storage access services and networking.

Tenant: cloud service users sharing access to a set of physical and virtual resources, ITU-T Y.3500. Tenants represent an independently manageable logical pool of compute, storage and network resources abstracted from physical hardware.

Tenant Instance: refers to an Instance owned by or dedicated for use by a single Tenant.

Tenant (Internal) Networks: Virtual networks that are internal to Tenant Instances.

User: Natural person, or entity acting on their behalf, associated with a cloud service customer that uses cloud services. Examples of such entities include devices and applications.

Virtual CPU (vCPU): Represents a portion of the host’s computing resources allocated to a virtualised resource, for example, to a virtual machine or a container. One or more vCPUs can be assigned to a virtualised resource.

Virtualised Infrastructure Manager (VIM): Responsible for controlling and managing the Network Function Virtualisation Infrastructure (NFVI) compute, storage and network resources.

Virtual Machine (VM): virtualised computation environment that behaves like a physical computer/server. A VM consists of all of the components (processor (CPU), memory, storage, interfaces/ports, etc.) of a physical computer/server. It is created using sizing information or Compute Flavour.

Virtualised Network Function (VNF): A software implementation of a Network Function, capable of running on the Cloud Infrastructure. VNFs are built from one or more VNF Components (VNFC) and, in most cases, the VNFC is hosted on a single VM or Container.

Virtual Compute resource (a.k.a. virtualisation container): partition of a compute node that provides an isolated virtualised computation environment.

Virtual Storage resource: virtualised non-volatile storage allocated to a virtualised computation environment hosting a VNFC.

Virtual Networking resource: routes information among the network interfaces of a virtual compute resource and physical network interfaces, providing the necessary connectivity.

VMTP: A data path performance measurement tool built specifically for OpenStack clouds.

Workload: an application (for example VNF, or CNF) that performs certain task(s) for the users. In the Cloud Infrastructure, these applications run on top of compute resources such as VMs or Containers.

1.7. Abbreviations

Abbreviation/Acronym

Definition

API

Application Programming Interface

BGP VPN

Border gateway Protocol Virtual Private network

CI/CD

Continuous Integration/Continuous Deployment

CNTT

Cloud iNfrastructure Task Force

CPU

Central Processing Unit

DNS

Domain Name System

DPDK

Data Plane Development Kit

DHCP

Dynamic Host Configuration Protocol

ECMP

Equal Cost Multi-Path routing

ETSI

European Telecommunications Standards Institute

FPGA

Field Programmable Gate Array

MB/GB/TB

MegaByte/GigaByte/TeraByte

GPU

Graphics Processing Unit

GRE

Generic Routing Encapsulation

GSM

Global System for Mobile Communications (originally Groupe Spécial Mobile)

GSMA

GSM Association

GSLB

Global Service Load Balancer

GUI

Graphical User Interface

HA

High Availability

HDD

Hard Disk Drive

HTTP

HyperText Transfer Protocol

HW

Hardware

IaaC (also IaC)

Infrastructure as a Code

IaaS

Infrastructure as a Service

ICMP

Internet Control Message Protocol

IMS

IP Multimedia Sub System

IO

Input/Output

IOPS

Input/Output per Second

IPMI

Intelligent Platform Management Interface

KVM

Kernel-based Virtual Machine

LCM

LifeCycle Management

LDAP

Lightweight Directory Access Protocol

LFN

Linux Foundation Networking

LMA

Logging, Monitoring and Analytics

LVM

Logical Volume Management

MANO

Management ANd Orchestration

MLAG

Multi-chassis Link Aggregation Group

NAT

Network Address Translation

NFS

Network File System

NFV

Network Function Virtualisation

NFVI

Network Function Virtualisation Infrastructure

NIC

Network Interface Card

NPU

Numeric Processing Unit

NTP

Network Time Protocol

NUMA

Non-Uniform Memory Access

OAI

Open Air Interface

OS

Operating System

OSTK

OpenStack

OPNFV

Open Platform for NFV

OVS

Open vSwitch

OWASP

Open Web Application Security Project

PCIe

Peripheral Component Interconnect Express

PCI-PT

PCIe PassThrough

PXE

Preboot Execution Environment

QoS

Quality of Service

RA

Reference Architecture

RA-1

Reference Architecture 1 (i.e., Reference Architecture for OpenStack-based Cloud Infrastructure)

RBAC

Role-based Access Control

RBD

RADOS Block Device

REST

Representational state transfer

RI

Reference Implementation

RM

Reference Model

SAST

Static Application Security Testing

SDN

Software Defined Networking

SFC

Service Function Chaining

SG

Security Group

SLA

Service Level Agreement

SMP

Symmetric MultiProcessing

SMT

Simultaneous MultiThreading

SNAT

Source Network Address Translation

SNMP

Simple Network Management Protocol

SR-IOV

Single Root Input Output Virtualisation

SSD

Solid State Drive

SSL

Secure Sockets Layer

SUT

System Under Test

TCP

Transmission Control Protocol

TLS

Transport Layer Security

ToR

Top of Rack

TPM

Trusted Platform Module

UDP

User Data Protocol

VIM

Virtualised Infrastructure Manager

VLAN

Virtual LAN

VM

Virtual Machine

VNF

Virtual Network Function

VRRP

Virtual Router Redundancy Protocol

VTEP

VXLAN Tunnel End Point

VXLAN

Virtual Extensible LAN

WAN

Wide Area Network

ZTA

Zero Trust Architecture

1.8. Conventions

The key words “must”, “must not”, “required”, “shall”, “shall not”, “should”, “should not”, “recommended”, “may”, and “optional” in this document are to be interpreted as described in RFC 2119 [7].

1.9. References

1

Cloud Infrastructure Reference Model. GSMA PRD NG.126 v3.0, 2022.

2

OpenStack Documentation. URL: https://docs.openstack.org/.

3

Network Functions Virtualisation (NFV); Infrastructure Overview. ETSI GS NFV-INF 001 V1.1.1, January 2015. URL: https://www.etsi.org/deliver/etsi_gs/NFV-INF/001_099/001/01.01.01_60/gs_NFV-INF001v010101p.pdf.

4

OpenStack Use cases. URL: https://docs.openstack.org/arch-design/use-cases.html.

5

Open vSwitch. URL: https://www.openvswitch.org/.

6

OpenStack Community. OpenStack Wallaby projects. URL: https://docs.openstack.org/wallaby/projects.html.

7

Scott O. Bradner. Key words for use in RFCs to Indicate Requirement Levels. RFC 2119, March 1997. URL: https://www.rfc-editor.org/info/rfc2119, doi:10.17487/RFC2119.

8

H. Philip White. Center for Internet Security - Password Policy Guide. 2020. URL: https://www.cisecurity.org/insights/white-papers/cis-password-policy-guide.

9

Center for Internet Security - Controls V7.1. URL: https://www.cisecurity.org/controls/cis-controls-list.

10

OpenStack - CPU Dedicated Set. URL: https://docs.openstack.org/nova/latest/configuration/config.html#compute.cpu_dedicated_set.

11

OpenStack - CPU Topologies. URL: https://docs.openstack.org/nova/latest/admin/cpu-topologies.html.

12

OpenStack - Neutron Plugins and Drivers. URL: https://wiki.openstack.org/wiki/Neutron_Plugins_and_Drivers.

13

OpenStack - Tags. URL: https://specs.openstack.org/openstack/api-wg/guidelines/tags.html.

14

OpenStack - Configuring the stateful services. URL: https://docs.openstack.org/ha-guide/control-plane-stateful.html.

15

OpenStack - Senlin documentation. URL: https://docs.openstack.org/senlin/wallaby/.

16

OpenStack - Neutron OVS Agent Support for Baremetal with Smart NIC. URL: https://specs.openstack.org/openstack/neutron-specs/specs/stein/neutron-ovs-agent-support-baremetal-with-smart-nic.html.

17

National Telecommunications and Information Administration - Software Bill Of Materials. URL: https://www.ntia.gov/SBOM.

18

Center for Internet Security. URL: https://www.cisecurity.org/.

19

Cloud Security Alliance. URL: https://cloudsecurityalliance.org/.

20

Open Web Application Security Project - Cheat Sheet Series. URL: https://github.com/OWASP/CheatSheetSeries.

21

Open Web Application Security Project. URL: https://www.owasp.org.

22

Open Web Application Security Project - Top Ten Security Risks. URL: https://owasp.org/www-project-top-ten/.

23

Open Web Application Security Project - Software Maturity Model (SAMM). URL: https://owaspsamm.org/blog/2019/12/20/version2-community-release/.

24

Open Web Application Security Project - Web Security Testing Guide. URL: https://github.com/OWASP/wstg/tree/master/document.

25

ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission) ISO/IEC 27001:2013. 2013. URL: https://www.iso.org/obp/ui/#iso:std:iso-iec:27001:ed-2:v1:en.

26

ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission) ISO/IEC 27002:2013. 2013. URL: https://www.iso.org/obp/ui/#iso:std:iso-iec:27002:ed-2:v1:en.

27

ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission) ISO/IEC 7032:2012. 2012. URL: https://www.iso.org/obp/ui/#iso:std:iso-iec:27032:ed-1:v1:en.

28

OpenStack Storage. URL: https://docs.openstack.org/arch-design/design-storage/design-storage-concepts.html#table-openstack-storage.

29

OpenStack Cinder Driver Support Matrix. URL: https://docs.openstack.org/cinder/latest/reference/support-matrix.html.

30

Tungsten Fabric - Multicloud Multistack SDN. URL: https://tungsten.io.

31

OpenStack Glossary. URL: https://docs.openstack.org/doc-contrib-guide/common/glossary.html.

32

OpenStack Feature Support Matrix. URL: https://docs.openstack.org/nova/latest/user/support-matrix.html.

33

OpenStack Storage Architecture Design. URL: https://docs.openstack.org/arch-design/design-storage.html.

34

OpenStack Nova: KVM. URL: https://docs.openstack.org/nova/wallaby/admin/configuration/hypervisor-kvm.html.

35

OpenStack - Hardening the virtualization layers. URL: https://docs.openstack.org/security-guide/compute/hardening-the-virtualization-layers.html.

36

OpenStack Reference Architecture For 100, 300 and 500 Nodes. URL: https://fuel-ccp.readthedocs.io/en/latest/design/ref_arch_100_nodes.html.

37

(DPDK) Release Notes. URL: http://doc.dpdk.org/guides/rel_notes.

38

(DPDK) Performance Reports. URL: http://core.dpdk.org/perf-reports/.

39

Robert Moskowitz, Daniel Karrenberg, Yakov Rekhter, Eliot Lear, and Geert Jan de Groot. Address Allocation for Private Internets. RFC 1918, February 1996. URL: https://www.rfc-editor.org/info/rfc1918, doi:10.17487/RFC1918.

40

OpenStack - Introducing Octavia. URL: https://docs.openstack.org/octavia/latest/reference/introduction.html.

41

OpenStack Octavia (Load-balancer service). URL: https://governance.openstack.org/tc/reference/projects/octavia.html.

42

openstack/neutron-vpnaas. URL: https://opendev.org/openstack/neutron-vpnaas.

43

OpenStack Neutron: Plugins. URL: https://wiki.openstack.org/wiki/Neutron#Plugins.

44

OpenStack Neutron: API Extensions. URL: https://docs.openstack.org/neutron/latest/contributor/internals/api_extensions.html.

45

OpenStack Networking API v2.0: List extensions. URL: https://docs.openstack.org/api-ref/network/v2/#list-extensions.

46

OpenStack Networking API v2.0: Show extension details. URL: https://docs.openstack.org/api-ref/network/v2/#show-extension-details.

47

OpenStack Neutron/ML2. URL: https://wiki.openstack.org/wiki/Neutron/ML2.

48

OpenStack Cinder Driver Support Matrix. URL: https://docs.openstack.org/cinder/latest/reference/support-matrix.html.

49

OpenStack (Cinder) Available Drivers. URL: https://docs.openstack.org/cinder/latest/drivers.html.

50

OpenStack Cinder Service Configuration. URL: https://docs.openstack.org/cinder/latest/configuration/index.html.

51

OpenStack Cinder Administration. URL: https://docs.openstack.org/cinder/latest/admin/index.html.

52

Ceph - The Future of Storage. URL: https://ceph.io/en.

53

Keystone, the OpenStack Identity Service. URL: https://docs.openstack.org/keystone/wallaby/.

54

OpenStack - Welcome to Glance’s documentation! URL: https://docs.openstack.org/glance/wallaby/.

55

OpenStack Block Storage (Cinder) documentation. URL: https://docs.openstack.org/cinder/wallaby/.

56

OpenStack - Welcome to Swift’s documentation! URL: https://docs.openstack.org/swift/wallaby/.

57

OpenStack - Welcome to Neutron’s documentation! URL: https://docs.openstack.org/neutron/wallaby/.

58

OpenStack - Scenario: High Availability using Distributed Virtual Routing (DVR). URL: https://docs.openstack.org/liberty/networking-guide/scenario-dvr-ovs.html.

59

OpenStack Neutron: Distributed Virtual Routing with VRRP. URL: https://docs.openstack.org/neutron/wallaby/admin/config-dvr-ha-snat.html.

60

OpenStack Compute (nova). URL: https://docs.openstack.org/nova/wallaby/.

61

OpenStack - Welcome to Ironic’s documentation! URL: https://docs.openstack.org/ironic/wallaby/.

62

OpenStack Ironic API Reference: Bare Metal API. URL: https://docs.openstack.org/api-ref/baremetal/.

63

OpenStack - Welcome to the Heat documentation! URL: https://docs.openstack.org/heat/wallaby/.

64

Horizon: The OpenStack Dashboard Project. URL: https://docs.openstack.org/horizon/wallaby/.

65

OpenStack - Placement. URL: https://docs.openstack.org/placement/wallaby/index.html.

66

OpenStack - Placement: Modeling with Provider Trees. URL: https://docs.openstack.org/placement/latest/user/provider-tree.html.

67

OpenStack - Placement Usage. URL: https://docs.openstack.org/placement/latest/user/index.html.

68

OpenStack Key Manager (barbican). URL: https://docs.openstack.org/barbican/wallaby/.

69

OpenStack Accelerator (Cyborg). URL: https://docs.openstack.org/cyborg/wallaby/.

70

OpenStack Compute API Guide 2.1.0: Server concepts. URL: https://docs.openstack.org/api-guide/compute/server_concepts.html.

71

OpenStack Cyborg Support Matrix (Wallaby). URL: https://docs.openstack.org/cyborg/wallaby/reference/support-matrix.html.

72

OpenStack Cyborg Support Matrix. URL: https://docs.openstack.org/cyborg/latest/reference/support-matrix.html.

73

OpenStack Cyborg architecture. URL: https://docs.openstack.org/cyborg/latest/user/architecture.html.

74

OpenStack Nova: Flavors. URL: https://docs.openstack.org/nova/latest/user/flavors.html.

75

Open Glossary of Edge Computing. URL: https://github.com/State-of-the-Edge/glossary/blob/master/edge-glossary.md.

76

OpenStack - Edge Computing: Next Steps in Architecture, Design and Testing. URL: https://www.openstack.org/use-cases/edge-computing/edge-computing-next-steps-in-architecture-design-and-testing.

77

OpenStack Reference Architecture For 100, 300 and 500 Nodes: Services Placement Summary. URL: https://fuel-ccp.readthedocs.io/en/latest/design/ref_arch_100_nodes.html#services-placement-summary.

78

OpenStack Nova: Image pre-caching. URL: https://docs.openstack.org/nova/latest/admin/image-caching.html#image-pre-caching.

79

Airship v2. URL: https://www.airshipit.org/.

80

StarlingX - Deploy Your Edge Cloud Now. URL: https://www.starlingx.io/.

81

OpenStack TripleO. URL: http://opendev.org/openstack/tripleo-common.

82

OpenStack Compute Microversions. URL: https://docs.openstack.org/api-guide/compute/microversions.html.

83

Identity API v3. URL: https://docs.openstack.org/api-ref/identity/v3/index.html.

84

Identity API v3 extensions. URL: https://docs.openstack.org/api-ref/identity/v3-ext/.

85

Security compliance and PCI-DSS. URL: https://docs.openstack.org/keystone/wallaby/admin/configuration.html#security-compliance-and-pci-dss.

86

Image Service API. URL: https://docs.openstack.org/api-ref/image/v2/.

87

Image Service Versions. URL: https://docs.openstack.org/api-ref/image/versions/index.html#version-history.

88

Block Storage API. URL: https://docs.openstack.org/api-ref/block-storage/.

89

Cinder REST API Version History. URL: https://docs.openstack.org/cinder/latest/contributor/api_microversion_history.html.

90

Object Storage API. URL: https://docs.openstack.org/api-ref/object-store/index.html.

91

Discoverability. URL: https://docs.openstack.org/swift/latest/api/discoverability.html.

92

Networking Service APIs. URL: https://docs.openstack.org/api-ref/network/.

93

Networking API v2.0. URL: https://docs.openstack.org/api-ref/network/v2/.

94

Compute API. URL: https://docs.openstack.org/api-ref/compute/.

95

Compute REST API Version History. URL: https://docs.openstack.org/nova/latest/reference/api-microversion-history.html.

96

Placement API. URL: https://docs.openstack.org/api-ref/placement/.

97

Placement REST API Version History. URL: https://docs.openstack.org/placement/latest/placement-api-microversion-history.html.

98

Orchestration Service API. URL: https://docs.openstack.org/api-ref/orchestration/.

99

Template version history. URL: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html.

100

Heat Orchestration Template (HOT) specification. URL: https://docs.openstack.org/heat/latest/template_guide/hot_spec.html#rocky.

101

OpenStack APIs. URL: https://docs.openstack.org/api-ref/.

102

Kubernetes APIs. URL: https://kubernetes.io/docs/concepts/overview/kubernetes-api/.

103

KVM APIs. URL: https://www.kernel.org/doc/Documentation/virtual/kvm/api.txt.

104

Libvirt APIs. URL: https://libvirt.org/html/index.html.

105

Barbican API. URL: https://docs.openstack.org/barbican/latest/api/.

106

OpenStack - Security Boundaries and Threats. URL: https://docs.openstack.org/security-guide/introduction/security-boundaries-and-threats.html.

107

OpenStack Security Guide. URL: https://docs.openstack.org/security-guide/introduction/introduction-to-openstack.html.

108

Mitre - Common Vulnerabilities and Exposures. URL: https://cve.mitre.org/.

109

National Institute of Standards and Technology Vulnerabilities Metrics. URL: https://nvd.nist.gov/vuln-metrics/cvss.

110

OpenStack Security Guide - Identity. URL: https://docs.openstack.org/security-guide/identity.html.

111

OpenStack Security Guide - Authentication Methods. URL: https://docs.openstack.org/security-guide/identity/authentication-methods.html.

112

OpenStack Security Guide - Policies. URL: https://docs.openstack.org/security-guide/identity/policies.html#policy-section.

113

OpenStack KeyStone Default Roles. URL: https://docs.openstack.org/keystone/latest/admin/service-api-protection.html.

114

OpenStack - Introduction to TLS and SSL. URL: https://docs.openstack.org/security-guide/secure-communication/introduction-to-ssl-and-tls.html.

115

Center for Internet Security CIS-CAT Pro. URL: https://www.cisecurity.org/cybersecurity-tools/cis-cat-pro/.

116

Center for Internet Security Benchmarks. URL: https://www.cisecurity.org/cis-benchmarks/.

117

OpenStack Image Signature Verification. URL: https://docs.openstack.org/glance/wallaby/user/signature.html.

118

OpenStack - SR-IOV Passthrough For Networking. URL: https://wiki.openstack.org/wiki/SR-IOV-Passthrough-For-Networking.

119

OpenStack Trusted Images. URL: https://docs.openstack.org/security-guide/instance-management/security-services-for-instances.html#trusted-images.

120

Adding Signed Images. URL: https://docs.openstack.org/operations-guide/ops-user-facing-operations.html#adding-signed-images.

121

Network Functions Virtualisation (NFV) Release 4; Protocols and Data Models; VNF Package and PNFD Archive specification. ETSI GS NFV-SOL 004 V4.3.1, July 2022. URL: https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/004/04.03.01_60/gs_NFV-SOL004v040301p.pdf.

122

Network Functions Virtualisation (NFV) Release 2; Security; VNF Package Security Specification. ETSI GS NFV-SEC 021 V2.6.1, June 2019. URL: https://www.etsi.org/deliver/etsi_gs/NFV-SEC/001_099/021/02.06.01_60/gs_nfv-sec021v020601p.pdf.

123

Foreman. URL: https://www.theforeman.org/.

124

Ansible Documentation. URL: https://docs.ansible.com/.

125

OpenStack TripleO Architecture. URL: https://docs.openstack.org/tripleo-docs/latest/install/introduction/architecture.html#project-architecture.

126

OVP. URL: https://www.opnfv.org/verification.

127

jenkins. URL: https://build.opnfv.org/.

128

Test Dabase. URL: https://docs.opnfv.org/en/stable-hunter/_images/OPNFV_testing_working_group.png.

129

S3 compatible storage service. URL: http://artifacts.opnfv.org/.

130

functest-wallaby-zip. URL: https://build.opnfv.org/ci/job/functest-wallaby-zip/4/console.

131

Xtesting CI. URL: https://galaxy.ansible.com/collivier/xtesting.

132

Docker. URL: https://www.docker.com/.

133

Xtesting. URL: https://xtesting.readthedocs.io/en/latest/.

134

OPNFV Fraser. URL: https://www.sdxcentral.com/articles/news/opnfvs-6th-release-brings-testing-capabilities-that-orange-is-already-using/2018/05/.

135

Xtesting Python package. URL: https://pypi.org/project/xtesting/.

136

Test case execution description. URL: https://git.opnfv.org/functest-xtesting/tree/docker/core/testcases.yaml.

137

CI/CD toolchains in a few commands. URL: https://github.com/collivier/ansible-role-xtesting#readme.

138

CI/CD deployment models. URL: https://lists.opnfv.org/g/opnfv-tsc/message/5702.

139

Anuket Releng. URL: https://git.opnfv.org/releng/tree/jjb/functest.

140

Test Case result dump. URL: http://artifacts.opnfv.org/functest/9ID39XK47PMZ.zip.

141

Xtesting Samples. URL: https://git.opnfv.org/functest-xtesting/plain/ansible/site.yml?h=stable/wallaby.

142

OpenStack verification. URL: https://git.opnfv.org/functest/plain/ansible/site.yml?h=stable/wallaby.

143

Anuket RC1. URL: https://git.opnfv.org/functest/plain/ansible/site.cntt.yml?h=stable/wallaby.

144

Kubernetes verification. URL: https://git.opnfv.org/functest-kubernetes/plain/ansible/site.yml?h=stable/v1.22.

145

Functest. URL: https://functest.readthedocs.io/en/stable-wallaby/.

146

RefStack. URL: https://refstack.openstack.org/.

147

Networking BGPVPN. URL: https://docs.openstack.org/networking-bgpvpn/latest/.

148

Networking SFC. URL: https://docs.openstack.org/networking-sfc/latest/.

149

DevStack Gates. URL: https://docs.opendev.org/opendev/system-config/latest/devstack-gate.html.

150

Rally. URL: https://github.com/openstack/rally-openstack.

151

Temptest. URL: https://github.com/openstack/tempest.

152

Temptest. URL: https://docs.openstack.org/devstack/latest/.

153

Raspberry PI. URL: https://www.raspberrypi.org/.

154

Functest daily jobs. URL: https://build.opnfv.org/ci/view/functest/job/functest-wallaby-daily/17/.

155

OpenStack performance tools. URL: https://docs.openstack.org/developer/performance-docs/methodologies/tools.html.

156

Run Alpine Functest containers (Wallaby). URL: https://wiki.anuket.io/display/HOME/Functest+Wallaby.

157

Functest gates. URL: https://build.opnfv.org/ci/view/functest.

158

New Functest CNTT containers. URL: https://lists.opnfv.org/g/opnfv-tsc/message/5717.

159

keystone-tempest-plugin. URL: https://opendev.org/openstack/keystone-tempest-plugin.

160

Functest Smoke CNTT. URL: https://git.opnfv.org/functest/tree/docker/smoke-cntt/testcases.yaml?h=stable%2Fwallaby.

161

cinder-tempest-plugin. URL: https://opendev.org/openstack/cinder-tempest-plugin.

162

Functest review 68881. URL: https://gerrit.opnfv.org/gerrit/68881.

163

Functest review 71011. URL: https://gerrit.opnfv.org/gerrit/71011.

164

OpenStack bug 1770179. URL: https://launchpad.net/bugs/1770179.

165

OpenStack bug 1677525. URL: https://launchpad.net/bugs/1677525.

166

OpenStack bug 1317133. URL: https://launchpad.net/bugs/1317133.

167

OpenStack bug 1905432. URL: https://launchpad.net/bugs/1905432.

168

neutron-tempest-plugin. URL: https://opendev.org/openstack/neutron-tempest-plugin.

169

OpenStack bug 1863707. URL: https://launchpad.net/bugs/1863707.

170

Functest review 69105. URL: https://gerrit.opnfv.org/gerrit/69105.

171

OpenStack bug 1676207. URL: https://launchpad.net/bugs/1676207.

172

OpenStack bug 1836595. URL: https://launchpad.net/bugs/1836595.

173

OpenStack bug 1186354. URL: https://launchpad.net/bugs/1186354.

174

OpenStack bug 1014647. URL: https://launchpad.net/bugs/1014647.

175

OpenStack bug 1311500. URL: https://launchpad.net/bugs/1311500.

176

OpenStack bug 1161411. URL: https://launchpad.net/bugs/1161411.

177

OpenStack bug 1540645. URL: https://launchpad.net/bugs/1540645.

178

heat-tempest-plugin. URL: https://opendev.org/openstack/heat-tempest-plugin.

179

OpenStack story 2007804. URL: https://storyboard.openstack.org/#!/story/2007804.

180

Functest review 69926. URL: https://gerrit.opnfv.org/gerrit/69926.

181

Functest review 69931. URL: https://gerrit.opnfv.org/gerrit/69931.

182

Functest review 70004. URL: https://gerrit.opnfv.org/gerrit/70004.

183

tempest-horizon. URL: https://github.com/openstack/tempest-horizon.

184

Functest Healthcheck. URL: https://git.opnfv.org/functest/tree/docker/healthcheck/testcases.yaml?h=stable%2Fwallaby.

185

Functest Benchmarking CNTT. URL: https://git.opnfv.org/functest/tree/docker/benchmarking-cntt/testcases.yaml?h=stable%2Fwallaby.

186

rally_full_cntt. URL: http://artifacts.opnfv.org/functest/KDBNITEN317M/functest-opnfv-functest-benchmarking-cntt-wallaby-rally_full_cntt-run-5/rally_full_cntt/rally_full_cntt.html.

187

rally_jobs_cntt. URL: http://artifacts.opnfv.org/functest/KDBNITEN317M/functest-opnfv-functest-benchmarking-cntt-wallaby-rally_jobs_cntt-run-5/rally_jobs_cntt/rally_jobs_cntt.html.

188

VMTP. URL: http://vmtp.readthedocs.io/en/latest.

189

Shaker. URL: https://pyshaker.readthedocs.io/en/latest/.

190

VMTP scenarios. URL: http://artifacts.opnfv.org/functest/KDBNITEN317M/functest-opnfv-functest-benchmarking-wallaby-vmtp-run-8/vmtp/vmtp.json.

191

Functest VMTP. URL: http://artifacts.opnfv.org/functest/KDBNITEN317M/functest-opnfv-functest-benchmarking-wallaby-vmtp-run-8/vmtp/vmtp.html.

192

Shaker scenarios. URL: http://artifacts.opnfv.org/functest/KDBNITEN317M/functest-opnfv-functest-benchmarking-wallaby-shaker-run-8/shaker/report.json.

193

Functest VNF. URL: https://git.opnfv.org/functest/tree/docker/vnf/testcases.yaml?h=stable%2Fwallaby.

194

Clearwater IMS. URL: https://clearwater.readthedocs.io/en/stable/.

195

VyOS vRouter. URL: https://www.vyos.io/.

196

OpenAirInterface vEPC. URL: https://www.openairinterface.org/.

197

Cloudify. URL: https://cloudify.co.

198

Juju. URL: https://jaas.ai/.

199

clearwater-live-test. URL: https://github.com/Metaswitch/clearwater-live-test.

200

Docker HTTP/HTTPS proxy. URL: https://docs.docker.com/config/daemon/systemd/#httphttps-proxy.

201

OpenStack Autoscaling with Heat. URL: https://docs.openstack.org/senlin/latest/scenarios/autoscaling_heat.html.