Glossary

This page contains terms that are specific to RIFT.ware or are common to Network Function Virtualization.

A
• ACL
  Access Control List (ACL) is a table that tells a computer operating system which access rights each user has to a particular system object.
• Active/active configuration
  In a high-availability configuration, active/active represents several systems sharing the load. If one system fails, the load is distributed to the remaining (failover) systems.
• Address resolution protocol
  The protocol by which layer-3 IP addresses are resolved into layer-2 link local addresses.
• anyxml
  A data node that can contain an unknown chunk of XML data.
• Application project
  Tenant in which compute resources are deployed, such as VNFs.
• ARP
  An abbreviation for Address Resolution Protocol, ARP is the protocol by which layer-3 IP addresses are resolved into layer-2 link local addresses.
• Artifacts
  Optional scripts, charms, icons, or files referenced in a descriptor that determine the personality of each virtual machine virtual network function component (VM).
• Augment
  Adds new schema nodes to a previously-defined schema node. Augment is useful for adding vendor-specific parameters to standard data models.
• Authentication
  The process of confirming the identity of a user. Users authenticate by providing a username and password or token.
• Authorization
  Verification that a connection attempt by a user, process, or client is allowed and has permission to assess data or perform an action. Authorization occurs after successful authentication.
B
• Bandwidth
  The capacity for data transfer used by communication resources, such as the Internet.
• Base type
  The YANG data type from which a derived type was derived, which may be either a built-in type or another derived type.
• Brocade NOS
  Brocade Network OS (NOS) is a scalable network operating system available for the Brocade data center switching portfolio products. The NOS simplifies network management and provides high resiliency and improved network utilization and server virtualization.
• Built-in type
  A YANG data type defined in the YANG language, such as uint32 or string.
C
• Cardinality
  Refers to the number of cardinal (basic) elements in a set or other grouping, as a property of that grouping.
• CAT
  Intel® Cache Allocation Technology (CAT) helps address shared resource concerns by providing software control of where data is allocated into the last-level cache (LLC), enabling isolation and prioritization of key applications.
• CDN
  Content delivery/distribution networks (CDN) use globally-distributed servers to quickly serve web content with high availability and performance. A CDN provides substantial benefits to end-users (faster page loads), content owners (web security), and network service providers (streaming).
• Charms
  See Juju Charms.
• Choice
  A schema node where only one of a number of identified alternatives is valid.
• CIDR
  Classless Inter-Domain Routing (CIDR) is a method for defining networks with any bit-length subnet prefix length. CIDR is used in allocating Internet Protocol (IP) addresses and routing IP packets. CIDR notation is a compact specification of an IP address and its associated routing prefix. For instance, 198.51.100/24 represents a given IPv4 address and its associated routing prefix 198.51.100.0 or equivalently, its subnet mask 255.255.255.0. The IPv4 block 198.51.100.0/22 represents the 1024 IPv4 addresses from 198.51.100.0 to 198.51.103.255.
• Classifier
  A network function that performs matching of traffic flows against policy for subsequent application of the required set of network service functions.
• CLI
  Command Line Interface (CLI) is a means of interacting with a computer program where the user or client issues commands to the program in the form of successive lines of text (command lines).
• CMP
  Cloud Management Platform (CMP) provides integrated products to help you manage public, private and hybrid cloud environments in a virtualized network environment. See also VIM.
• CMT
  Intel® Cache Monitoring Technology CMT allows an operating system or hypervisor/virtual machine monitor to determine the usage of cache by applications running on the platform. CAT currently monitors the Layer 3 cache, which is the last-level cache in most server platforms.
• Collections
  Network services, such as VMs, VNFs, hosts, interfaces.
• Compute node
  Server on which virtual machines are deployed.
• Configuration data
  The set of writable data that is required to transform a system from its initial default state into its current state [RFC4741].
• Conformance
  A measure of how accurately a device follows a data model.
• Connection
  A transport layer virtual circuit established between two programs for communication purposes.
• Connection point
  An information element that represents the virtual or physical interface. A connection point offers the network connections between instances of NS, VNF, VNFC (based on the VDU information element), PNF and a VL. Examples of virtual/physical interfaces include a virtual or physical port or NIC address, or the endpoint of an IP VPN.
• Container
  Self-contained execution environments that contain their own CPU, memory, I/O, and network resources – anything you can install on a server. Containers share the kernel of the host operating system, which makes them feel like a virtual machine without the added overhead of a guest operating system.
• CRUD
  Create, read, update, and delete operations in a database. CRUD operations map to the following HTTP methods: Create: POST, Read: GET, Update: PUT, DELETE: Delete.
• CRUDX
  Create, Read, Update, Delete, and eXecute operations. See also CRUD.
D
• Data definition statement
  Defines new data nodes. One of container, leaf, leaf-list, list, choice, case, augment, uses, and anyxml.
• Data model
  An abstract model that describes how data is represented and accessed. A data model organizes data elements and standardizes how they relate to one another and to properties of the real-world entities. RIFT.io uses the YANG data model, which defines data sent over the NETCONF network configuration protocol.
• Data node
  A node in the YANG schema tree that can be instantiated in a data tree. One of container, leaf, leaf-list, list, and anyxml.
• Data tree
  The instantiated tree of configuration and state data on a device.
• Derived type
  A type that is derived from a built-in type (such as uint32), or another derived type.
• Descriptor
  Deployment template that contains the attributes required to onboard, instantiate, and start a VNF or NS. For example, configuration, startup script, and optional artifacts, such as charms, icons, or files that determine the personality of each VDU.
• Device deviation
  A failure of the device to implement the module faithfully.
• DHCP
  Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of addresses configured for a given network. DHCP assigns an IP address whenever requested, typically when a system is started. DHCP can assign other network information, such as DNS servers. Using DHCP to dynamically assign IP addresses ensures that each computer is assigned a unique IP address within the network or networks over which it has control.
• DNS
  Domain Name System (DNS) is a hierarchical, distributed naming system that associates information from domain names with entities connected to the Internet or a private network. A DNS server translates user-friendly domain names to the numerical IP addresses needed for locating computer services and devices worldwide.
• Domain
  The intent of domain is to define the administrative boundaries for management of Keystone entities. A domain can represent an individual, company, or operator owned space.
• DPI
  Deep packet inspection (DPI) is a type of packet-analysis filtering in the computer network. DPI evaluates the data part of packets (as opposed to only its outermost headers), searching for anomalies, such as spam, viruses, protocol non-compliance (such as HTTP), intrusions, or other defined criteria. DPI then decides whether to pass the packet of route it to another destination.
E
• E-LAN
  Ethernet Virtual Private LAN (E-LAN) is a multipoint carrier Ethernet service that connects a set of endpoints, giving the appearance that a bridged Ethernet network is connecting the sites.
• E-Line
  Ethernet Virtual Private Line (E-Line) is a carrier Ethernet service that connects two Ethernet ports over a Wide Area Network (WAN).
• E-Tree
  Ethernet Virtual Private Tree (E-Tree) is a multipoint carrier Ethernet service that connects one or more roots and a set of leaves. E-Tree prevents inter-leaf communication.
• Element
  An XML element is everything from (including) the element's start tag to (including) the element's end tag. An element can contain text, attributes, other elements, or a mix of all.
• Endpoint
  A network-accessible address, typically a URL string, that specifies the address to the requested service. A REST endpoint contains the HTTP methods GET, PUT, POST, PATCH, or DELETE.
• Entity
  The information transferred as the payload of an HTTP request or response. An entity consists of meta information in the form of entity header fields (such as the Accept header of the HTTPS request) and content in the form of an entity body (such as the canonical form).
• Epoch
  A logical unit of time in which a single change is made to data in the system.
• ETSI
  The European Telecommunications Standards Institute (ETSI) is an independent, nonprofit, standardization organization in the telecommunications industry. Its Industry Specification Group for Network Functions Virtualization (ETSI ISG NFV) has developed the requirements and architecture for virtualizing various functions within telecoms networks, called Network Functions Virtualization (NFV).
• Event
  An occurrence of note, such as a configuration change, a fault, a change in status, crossing a threshold, or an external input to the system. An asynchronous message, sometimes referred to as a notification or event notification, is sent to interested parties to notify them that the event has occurred.
• Extension
  Attaches non-YANG semantics to statements. The extension statement defines new statements to express these semantics.
F
• FCAPS
  Fault, Configuration, Accounting, Performance, Security (FCAPS) represents the management categories into which the ISO Telecommunications Management Network model defines network management tasks.
• File storage
  A type of storage that retains data in a hierarchical structure. The data, which is saved in files and folders, is presented to both the system storing it and the system retrieving it in the same way. You access the data by using the Common Internet File System (CIFS), Network File System (NFS), or Server Message Block (SMB) protocols. Also called file-level storage or file-based storage.
• Filter
  In event notifications, a filter is a parameter that indicates which subset of all possible events are of interest. A filter is defined as one or more filter elements [NETCONF], each of which identifies a portion of the overall filter.
• FTP
  A standard Internet protocol for transmitting files between computers on the Internet. Like the Hypertext Transfer Protocol (HTTP), which transfers displayable Web pages and related files, and the Simple Mail Transfer Protocol (SMTP), which transfers e-mail, FTP is an application protocol that uses the Internet's TCP/IP protocols. FTP is commonly used to transfer Web page files from their creator to the computer that acts as their server for everyone on the Internet. It's also commonly used to download programs and other files to your computer from other servers.
G
• Gateway
  A server that acts as an intermediary for another server. Unlike a proxy, a gateway receives requests as if it were the origin server for the requested resource. The requesting client might not be aware that it is communicating with a gateway.
• Grouping
  A reusable set of YANG schema nodes, which may be used locally in the module, in modules that include it, and by other modules that import from it. The grouping statement is not a data definition statement and, as such, does not define any nodes in the schema tree.
H
• High Availability
  Represents a system or component that is continuously operational for a long time. Availability can be measured relative to "100% operational" or "never failing." A widely-held but difficult-to-achieve standard of availability for a system or product is known as "five 9s" (99.999 percent) availability.
• Horizontal
  Scaling operation that adds VMs to or removes VMs from a running VNF. Or adds VNFs to or removes VNFs from a running network service instance.
• Hybrid cloud
  A model that places workloads simultaneously over a public (third party) and private (on premises) cloud infrastructure, with orchestration between the two platforms.
I
• IaaS
  An abbreviation for Infrastructure as a Service, IaaS is one of the service models of cloud computing. IaaS provides access to computing resource in a virtualized environment in which you outsource equipment to support the following types of operations: Storage/hardware, servers (virtual machines), cloud hosting (networking components).
• Identifier
  Used to identify different kinds of YANG items by name.
• Identity management
  In computer security, IdM enables the right individuals to access the right resources at the right times and for the right reasons. IdM manages identities, authentication, and authorization across systems and organizations.
• Identity tasklet
  A RIFT.ware Tasklet responsible for user definition, role Instance definition, and user-to-role Instance assignment. Identity Tasklets are not directly involved in RBAC enforcement.
• Instance identifier
  A mechanism for identifying a particular YANG node in a data tree.
• Interior node
  Nodes within a YANG hierarchy that are not leaf nodes.
J
• JSON
  JavaScript Object Notation (JSON) is a language-independent syntax that stores and exchanges text information between a server and web application using key–value pairs. JSON is a smaller and faster alternative to XML.
• Juju Charms
  Provide the VNF abstraction and configuration for the VNFs. The Service Orchestrator interfaces with the Juju charm to configure the VNF.
K
• Key-value pair
  In API calls, key-value pairs are present in objects in the JSON document.
• KPI
  Key Performance Indicators (KPIs) are a type of performance metric that let you monitor the health of a network service.
L
• Launchpad
  Launchpad is the user interface to the RIFT.ware resource orchestrator. From a browser, manage the catalog, compose the NS/VNF descriptors, and manage the lifecycle of network services. You can also execute the NS/VNF level configuration primitives.
• Layer 2
  The data link layer (L2) is the protocol layer that transfers data between adjacent network nodes in a wide area network or between nodes on the same local area network segment.
• Layer 3
  The networking layer (L3) is is responsible for packet forwarding, including routing through intermediate routers. L3 is concerned with knowing the address of the neighboring nodes in the network, selecting routes and quality of service, and recognizing and forwarding to the Transport layer incoming messages for local host domains.
• Leaf
  A data node that exists in at most one instance in the data tree. A leaf has a value but no child nodes.
• Leaf-list
  Like the leaf node but defines a set of uniquely identifiable nodes rather than a single node. Each node has a value but no child nodes.
• Leaf node
  Contains simple data like an integer or a string. It has exactly one value of a particular type and no child nodes.
• Lifecycle management
  Primary lifecycle management (LCM) operations include onboarding descriptor packages and instantiating and terminating network services.
• List
  An interior data node that may exist in multiple instances in the data tree. A list has no value, but rather a set of child nodes.
• Load balancing
  The process of dividing the amount of work that a computer has to do between two or more computers so that more work gets done in the same amount of time. In this model, users generally experience faster service. Load balancing can be implemented with hardware, software, or a combination of both. Typically, load balancing is the main reason for computer server clustering.
• LSS
  Lead/Standby/Standby is three VMs hosting centralized coordination functions, often referred to as the "LSS" complex. Normally, the VNF management functions and other single-VM centralized functions are hosted on the lead VM in the LSS. Either standby VM can take over for the lead for failover safety,
M
• Management Agent
  The RIFT.ware Management Agent (RW.MgmtAgent) functions as a configuration, monitoring, and alarming server. RW.MgmtAgent provides: - A standards-based, flexible, and scalable FCAPS (Fault, Configuration, Accounting, Performance and Security) server functionality - Services to RIFT.ware applications and RIFT.ware platform components - Security to the RIFT.ware platform
• Management project
  Tenant in which the resource orchestrator (RIFT.ware Launchpad) is deployed.
• MANO
  MANagement Orchestration (MANO) is made up of the NFV Orchestrator (onboarding new NS and VNF packages, NS lifecycle management), VNF Manager (lifecycle management of VNF instances), and Virtualized Infrastructure Manager (manages the NFVI compute, storage, and network resources).
• Module
  A YANG module defines a hierarchy of nodes that can be used for NETCONF-based operations. With its definitions and the definitions it imports or includes from elsewhere, a module is self-contained and "compilable".
• Multi-tenant
  An architecture in which a single instance of a software application serves multiple customers, called tenants. Tenants might have the option to customize parts of an application, such as changing the skin on the UI skin, but tenants cannot customize the application's code.
• Multi-tenant cloud
  A cloud computing architecture lets customers (called tenants) share computing resources in a public or private cloud. Each tenant's data is isolated and remains invisible to other tenants.
N
• NACM
  An abbreviation for Network Configuration Protocol (NETCONF) Access Control Mode (RFC 6536).
• NETCONF
  Network Configuration (NETCONF) is an IETF configuration management protocol, and YANG is its data modeling language. NETCONF provides mechanisms to install, manipulate, and delete the configuration of network devices. The NETCONF protocol operations are realized as remote procedure calls (RPCs) to query and edit network device configuration.
• Network service
  An application that runs at the network application layer and above. Defined by its descriptor file and orchestrated by the NFVO, the NS provides data storage, manipulation, presentation, communication or other capability that is often implemented using a client-server or peer-to-peer architecture based on application layer network protocols. The NS may cover one or more VNF graphs, VNFs and PNFs.
• Network virtualizatio
  Network Functions Virtualization (NFV) is an initiative to decouple hardware from software. As a subset of software defined networking (SDN), NFV moves functions from specialized applications that run on COTS equipment (servers, storage, switches) to a virtual cloud environment. The NFV framework is loosely defined by ETSI.
• NFV
  Network Functions Virtualization (NFV) is an initiative to decouple hardware from software. As a subset of software defined networking (SDN), NFV moves functions from specialized applications that run on COTS equipment (servers, storage, switches) to a virtual cloud environment. The NFV framework is loosely defined by ETSI.
• NFVI
  Network Function Virtualization Infrastructure. In the NFVI, hardware and software components (servers, storage, switches, networks and other components on which the NFV runs) constitute the environment in which VNFs are deployed, managed, and executed. The NFVI includes resources for computation, networking, and storage.
• NFVO
  Network Function Virtualization Orchestrator (NFVO) is a function that deploys, operates, manages, and coordinates VNFs and the respective NFVI. The Orchestrator has control and visibility of all VNF running inside the NFVI. The NFVO is the process of creating virtual function instances to meet service requirements.
• NIC
  Network Interface Controller (NIC) is a device installed in a computer so that it can connect to and communicate over a network.
• NS
  Network Service (NS) is an application that runs at the network application layer and above. Defined by its descriptor file and orchestrated by the NFVO, the NS provides data storage, manipulation, presentation, communication or other capability that is often implemented using a client-server or peer-to-peer architecture based on application layer network protocols. The NS may cover one or more VNF graphs, VNFs and PNFs.
• NSD
  Network Service Descriptor (NSD) is a deployment template for the network service (NS). The NSD references other desciptors that describe the components of the NS and is used by the orchestrator to instantiate the NS (including constituent VNF and VNFFG).
O
• OpenStack Horizon
  Horizon is the canonical implementation of Openstack’s Dashboard, which provides a web-based user interface to OpenStack services.
• Orchestration
  NVF orchestration is used to coordinate networks and resources needed to set up virtual (cloud-based) services and applications. Using a combination of virtualization software and industry-standard hardware, orchestration provides lifecycle management, instantiation, scaling, access control, resource and policy management to virtualized networks. When working with SDN, NFV sits on the northbound API between the application and control layers.
• OVS
  Open Virtual Switch (Open vSwitch) is a a software switch that runs on Linux hosts and enables SDN.
P
• Packet
  The unit of data that is routed between an origin and a destination on the Internet or any other packet-switched network. When any file (email message, HTML file, URL request, and so on) is sent from one place to another on the Internet, the TCP layer of TCP/IP divides the file into chunks of an efficient size for routing. Each of these packets is separately numbered and includes the Internet address of the destination. The individual packets for a given file might travel different routes through the Internet. When all packets have arrived, they are reassembled into the original file by the TCP layer at the receiving end.
• Platform
  Core RIFT.ware, independent of any specific application or product.
• Plug-in
  A software component that adds a specific feature or service to an existing program. The new component “plugs in” to the host application by registering itself with the host and using a protocol to exchange data between the plug-in and host. Plug-ins enable third-party developers to extends the existing host application without modifying the host.
• PNFD
  Physical Network Function Descriptor (PNFC) is a deployment template that defines connectivity, KPI, and interface requirements of a virtual link to an attached physical network function.
• Policy-based routing
  In computer networking, policy-based routing (PBR) is a technique used to make routing decisions based on policies set by the network administrator.
• Primitive
  Tell the service to perform some action.
• Private cloud
  A cloud computing model that provides services to users behind a firewall.
• Project
  The primary multi-tenancy abstraction for MANO. A project may contain a catalog, network services, cloud accounts, and other components. Projects are segregated from each other. In RBAC, users are granted roles within projects as the primary method of authorization to a running instance of RIFT.ware.
• Public cloud
  A cloud computing model in which a service provider makes resources, such as applications and storage, available to users over the Internet. Public cloud services may be free or offered on a pay-per-usage model.
Q
• QoS
  Quality of service (QoS) is the overall performance of a network as ovserved by network users.
R
• RBAC
  Role-based access control (RBAC), also called role-based security, is an approach to restricting access to authorized users based on their role with respect to the resources.
• Record
  Dynamic, run-time data for a VNF or NS instance. A record's data is maintained throughout the lifetime of the instance.
• Rendered service path
  A specific sequence of service function forwarders (SFFs) and service functions (SFs) traversed by packets in the network service.
• Replay
  The ability to send/re-send previously logged notifications upon request. Notifications are sent asynchronously.
• Resource orchestrator
  Resource Orchestrator (RO) is responsible for the creation and placement of compute and networking resources. It is also responsible for interfacing with the SDN controller. The RIFT.ware Launchpad is a resource orchestrator.
• Role
  A job role with a defined set of permissions to access various parts of the RIFT.ware schema. Authorization for users to a running instance of RIFT.ware occurs on the basis of roles.
• Role instance
  A role that is qualified by specific role-key values. A fully-qualified context for the role.
• Role key
  An attribute that provides context to a role. Each role can have many role instances. The role key provides the context to distinguish the instances from each other.
• Role key value
  A literal value for a role key. Role key is the concept, whereas role key value is the instantiation.
• Router
  A device or computer software that determines the next network point to which a packet should be forwarded toward its destination. The router is connected to at least two networks and determines which way to send each information packet based on the state of the networks it is connected to. A router is located at any gateway and is often included as part of a network switch.
• RPC
  Remote Procedure Call (RPC) is a protocol that a program uses to request a service from a program located in another computer in a network, without having to understand network details. RPC is sometimes called a function call or a subroutine call. RPC is used within the NETCONF protocol.
• RPC operation
  A specific Remote Procedure Call, as used within the NETCONF protocol. It is also called a protocol operation.
• RPM
  A package manager used to build, install, query, verify, update, and erase individual software packages. A package consists of an archive of files and metadata used to install and erase the archive files. The metadata includes helper scripts, file attributes, and descriptive information about the package. Packages come in two varieties: binary packages, used to encapsulate software to be installed, and source packages, containing the source code and recipe necessary to produce binary packages.
• RSP
  Rendered service path is a specific sequence of service function forwarders (SFFs) and service functions (SFs) traversed by packets in the network service.
• RW.MgmtAgent
  The RIFT.ware Management Agent is responsible for enforcing RBAC in a running instance of RIFT.ware.
S
• Scalability
  The ability of a computer hardware or software to continue to function well when changes to volume or size occur to meet user needs.
• Schema node
  A node in the schema tree. One of container, leaf, leaf-list, list, choice, case, rpc, input, output, notification, and anyxml.
• Schema node identifier
  A mechanism for identifying a particular node in the schema tree.
• Schema tree
  The definition hierarchy specified within a YANG module.
• SDN
  Software defined networking is a computer networking approach that lets network administrators manage network services through abstraction of lower-level functionality. SDN addresses the challenge that the static architecture of traditional networks does not support the scalable, dynamic computing and storage needs of data center environments. SDN decouples the control plane (system that decides where traffic is sent) from the data plane (underlying systems that forward traffic to the selected destination).
• Secure Shell
  A set of standards and an associated network protocol that establishes a secure TCP/IP data transmission channel between a local and a remote computer. Secure Shell (SSH) utilizes strong encryption and authentication to ensure confidentiality, integrity, and authenticity of the transferred data. SSH is typically used to log in to a remote machine and run commands. Use SSH only between two devices that are both under your own administration, when both devices are trustworthy.
• Server
  An application program that accepts connections in order to service requests by sending back responses. Any given program can be both a client and a server.
• Server virtualization
  The abstraction (masking) of server resources, including the number and identity of individual physical servers, processors, and operating systems, from server users. The server administrator uses a software application to divide one physical server into multiple isolated virtual environments. The virtual environments are sometimes called virtual private servers, but they are also known as guests, instances, containers or emulations.
• Service function
  A network function that is responsible for specific treatment of received packets, such as firewall, WAN acceleration, DPI, NAT44.
• Service function forwarder
  Responsible for forwarding traffic to one or more connected service functions according to information carried in the service function chain (SFC) encapsulation, as well as handling traffic coming back from the service function. SFF is also responsible for delivering traffic to a classifier, when needed and supported, transporting traffic to another SFF (in the same or different type of overlay), and terminating the service function path.
• Service function path
  A constrained specification of where packets assigned to a certain service function path must go.
• Service orchestrator
  Service orchestrator (SO) is responsible for end-to-end service orchestration. The SO instantiates the network service and starts configuration plugins, such as Juju Charms.
• SF
  Service function (SF) is a network function that is responsible for specific treatment of received packets, such as firewall, WAN acceleration, DPI, NAT44.
• SFC
  Service Function Chaining is a method of routing traffic and network services (load balancers, firewalls) between VMs, overriding the routing tables that are typical of IP networks. These services are then stitched together in a service chain.
• SFC proxy
  Removes and inserts service function chain (SFC) encapsulation on behalf of an SFC-unaware service function. SFC proxies are logical elements.
• SFF
  Service function forwarder (SFF) is responsible for forwarding traffic to one or more connected service functions according to information carried in the service function chain (SFC) encapsulation, as well as handling traffic coming back from the service function. SFF is also responsible for delivering traffic to a classifier, when needed and supported, transporting traffic to another SFF (in the same or different type of overlay), and terminating the service function path
• SFP
  Service function path (SFP) is a constrained specification of where packets assigned to a certain service function path must go.
• SHA-256
  Secure Hash Algorithm (SHA) is one of several cryptographic hash functions. A cryptographic hash is like a signature for a text or a data file. SHA-256 algorithm generates an almost-unique, fixed size 256-bit (32-byte) hash.
• Simple VNFD
  A VNF descriptor that contain the minimum set of required parameters for onboarding to the resource orchestrator. For example, a simple VNFD does not use the full VFND model. It allows creating VNFDs that use a single VDU (no multi-VM VNFDs). It does not support specifying EPA attributes or other CPU parameters for the VDU and supports a single image (no multi-disk). A simple VNFD also permits only additional external interfaces of type VIRTIO or E1000 (not SR-IOV or PCI-passthrough). A simple VNFD is also simple for the NSD, which does not support composing an NSD from multiple VNFDs.
• SSH
  An abbreviation for Secure Shell, SSH is a set of standards and an associated network protocol that establishes a secure TCP/IP data transmission channel between a local and a remote computer. Secure Shell (SSH) utilizes strong encryption and authentication to ensure confidentiality, integrity, and authenticity of the transferred data. SSH is typically used to log in to a remote machine and run commands. Use SSH only between two devices that are both under your own administration, when both devices are trustworthy.
• SSL
  Secure Sockets Layer (SSL) is a cryptographic protocol designed to provide communications security over a computer network. SSL is deprecated in favor of Transport Layer Security (TLS).
• State data
  Additional data on a system that is not configuration data, such as read-only status information and collected statistics [RFC4741].
• State machine
  A device that can be in one of a set number of stable conditions depending on its previous condition and on the present value of its inputs.
• Storage virtualization
  The pooling of physical storage from multiple network storage devices into what appears to be a single storage device that is managed from a central console. Storage virtualization is commonly used in storage area networks (SANs).
• Stream
  An event stream is a set of event notifications that match some forwarding criteria made available to NETCONF clients for subscription.
• Submodule
  A partial module definition that contributes derived types, groupings, data nodes, RPCs, and notifications to a module. A YANG module can be constructed from a number of submodules.
• Subscription
  An agreement and method to receive event notifications over a NETCONF session. A concept related to the delivery of notifications (if there are any to send) involving destination and selection of notifications. A subscription is bound to the lifetime of a session.
T
• TLS
  Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that third parties cannot eavesdrop or tamper with any message. TLS is the successor to Secure Sockets Layer (SSL).
• Token
  An alpha-numeric text string that allows access to RIFT.ware resources and APIs. Tokens are valid for a finite duration and may be revoked at any time.
• Top-level data node
  A YANG data node where there is no other data node between it and a module or submodule statement.
• TOSCA
  Topology and Orchestration Specification for Cloud Applications (TOSCA) is an OASIS standard language that describes a topology of cloud-based web services, their components, relationships, and the processes that manage them. The TOSCA standard includes specifications to describe processes that create or modify web services.
U
• Unified Modeling Language
  UML is a standardized modeling language widely used in software engineering. It lets developers analyze, define, design, and implement software-based systems and other business processes.
• URI
  Uniform Resource Identifier (URI) is a formatted string that identifies a domain resource, through name, location, or other characteristic. For example: /vnf. Use HTTP operations GET, POST, PUT, and DELETE in the URI to invoke a resource.
• User
  Digital representation of a person or entity (system or service) that uses RIFT.ware services. The user has to provide authentication in order to log in to the system. Users can be directly assigned to roles and projects to enable authorization to parts of the system.
• User domain
  The source of users/identity. Many services can contain user databases, and RIFT.ware may support multiple domains simultaneously. Domains include confd, LDAP, PAM, or OpenId.
• uses statement
  Used to instantiate the set of YANG schema nodes defined in a grouping statement. The instantiated nodes may be refined and augmented to tailor them to any specific needs.
• UUID
  Universally Unique Identifier (UUID). In the context of the distributed computing environment, unique means practically unique. It is not guaranteed to be unique because identifiers have a finite size (16-octet number). UUID is also known as Globally Unique Identifier (GUID).
V
• VCA
  VNF Configuration and Abstraction (VCA) layer, used in the Launchpad, lets you customize the configuration of VNFs or VIMs (or both) after you have instantiated the VNFs in the VIM.
• VCPU
  Virtual Central Processing Unit. The terms VCPU, VPU, CPU, processors, and cores are used interchangeably in RIFT.ware and refer to the number of virtual processing units included in the virtual machine.
• VDU
  Virtual Deployment Unit descriptor defines the deployment and operational behavior of a subset of a VNF, or the entire VNF if it was not segmented in subsets. For example, specification, computation resources, storage requirements, initiation and termination scripts, high availability redundancy model, scale out/scale in limits. A VDU is deployed as a VM in the VNF.
• Vertical
  Adding or removing resources (such as VCPU, memory) in a running VM instance
• VIM
  Virtualized Infrastructure Manager (VIM) manages the NFV Infrastructure (NFVI) resources in one domain. Resources in the NFV environment include virtual (VMs), physical (storage, servers, etc.), and software (hypervisors). There may be multiple VIMs in an NFV architecture, each managing its respective NFVI domain. The VIM also provides a northbound API, exposing physical and virtual resources to other management systems.
• Virtual machine
  A software implementation of a computing environment in which an operating system or program can be installed and run. The virtual machine typically emulates a physical computing environment, but requests for CPU, memory, hard disk, network and other hardware resources are managed by a virtualization layer that translates these requests to the underlying physical hardware. VMs are created within a virtualization layer, such as a hypervisor or a virtualization platform that runs on top of a client or server operating system. This operating system is known as the host operating system. The virtualization layer can be used to create many individual, isolated VM environments. Typically, guest operating systems and programs are not aware that they are running on a virtual platform. As long as the VM's virtual platform is supported, this software can be installed in the same way it would be deployed to physical server hardware. For example, the guest OS might appear to have a physical hard disk attached to it, but actual I/O requests are translated by the virtualization layer so they actually occur against a file that is accessible by the host OS.
• Virtual network function
  In a Network Functions Virtualization architecture, a virtual network function (VNF) is an executable software program that handles specific network functions that run in one or more virtual machines on top of the hardware networking infrastructure. Defined by its descriptor file and instantiated by the VNF Manager, the VNF covers VNF components (VNFC), each mapped to a VM that is defined by the Virtual Deployment Unit descriptor (VDUD).
• Virtual network function component
  VNFC is the implementation view of a software architecture, generally packaged as one or more images (virtual machine) or a container.
• Virtual private network
  VPN is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organization's network.
• Virtualization
  The creation of a virtual version of something, such as an operating system, a server, a storage device, or network resources.
• VLAN
  Virtual Local Area Network (VLAN) is a network of computers in which the computers behaves as if they are connected to the same wire. In actuality, the computers might be physically located on different segments of a LAN.
• VLD
  Virtual Link Descriptor (VLD) is a deployment template that describes resource requirements needed for links between VNFs, PNFs, and endpoint of the NS.
• VNF
  Virtual Network Function (VNF) is an implementation of an executable software program that constitutes the whole or a part of a network function. VNFs can be deployed in a virtualized environment (cloud). Defined by its descriptor file and instantiated by the VNF Manager, the VNF covers VNF components (VNFC), each mapped to a VM that is defined by the Virtual Deployment Unit descriptor (VDUD).
• VNF forwarding graph
  Abbreviated as VNFFG, the Virtual Network Function Forwarding Graph is a deployment template that defines the network service topology. It is defined by its descriptor file and orchestrated by the NFVO. The VNFFG may cover VNFFGs, VNFs, and NFs
• VNFC
  Virtual Network Function Component is the implementation view of a software architecture, generally packaged as one or more images (virtual machine) or a container.
• VNFD
  Virtual Network Function Descriptor (VNFD) is a configuration template that specifies VNF deployment and operational behavior. It contains information such as connectivity, interface, and KPI requirements. VNFDs are used by the Virtual Network Function Manager (the process of lifecycle management of the components and services) to process VNF onboarding and instantiation. The deployment behavior describes the NFV Infrastructure resources that a VNF instance requires, whereas the operational behavior describes the VNF instance topology and VNF instance lifecycle operations.
• VNFFG
  Virtual Network Function Forwarding Graph (VNFFG) is a deployment template that defines the network service topology. It is defined by its descriptor file and orchestrated by the NFVO. The VNFFG may cover VNFFGs, VNFs, and NFs.
• VNFM
  Virtual Network Function Manager (VNFM) is the process of VNF lifecycle management of the components and service, such as VNF and NS onboarding and instantiation. The VNFM is also responsible for updating, querying, scaling, and terminating conponents.
X
• XPath
  XML Path Language (XPath) is a query language that uses path-like syntax to identify and navigate nodes in an XML document. XPath may be used to compute values, such as strings, numbers, or Boolean values, from the content of an XML document.
Y
• YAML
  An abbreviation for YAML Ain't Markup Language, YAML is a reader-friendly data serialization standard for all programming languages. RIFT.ware uses YAML to display descriptors in the Launchpad UI to make it easier to identify and understand the parameter details of the selected descriptor.
• YANG
  A data modeling language designed to write data models for the NETCONF protocol. YANG provides human-readable hierarchical configuration data models with reusable types and groupings (structured types). YANG supports the definition of operations via remote procedure calls (RPCs).
Z
• zsh
  Z shell (zsh) is a Unix shell that can be used as an interactive login shell and as a command interpreter for shell scripting. zsh is is backward compatible with bash.