Skip to content

DMTF Standards Compliance Tools

Jump to bottom
Pola, Sudhir edited this page May 25, 2026 · 1 revision

DMTF Standards Compliance Tools

📋 Table of Contents

Overview

The DMTF (Distributed Management Task Force) provides three official validation tools to ensure Redfish service implementations comply with the Redfish specification. These tools help verify different aspects of the Redfish implementation:

  • Service Validator: Validates resources against schema definitions
  • Interop Validator: Validates against interoperability profiles
  • Protocol Validator: Validates HTTP protocol compliance

Validation Tools

Redfish Service Validator

The Redfish Service Validator tests the validity of a Redfish service by validating responses against the DMTF-published schemas.

Purpose:

  • Validates JSON payloads against Redfish schemas
  • Checks property types, required fields, and allowable values
  • Verifies OData annotations and metadata

Installation:

git clone https://github.com/DMTF/Redfish-Service-Validator.git
cd Redfish-Service-Validator
pip install -r requirements.txt

Usage:

python3 RedfishServiceValidator.py \
  -i <host_ip> \
  -u <username> \
  -p <password> \
  --forceauth \
  --logdir ./logs

Key Options:

  • -i, --ip: Target IP address or hostname
  • -u, --username: Username for authentication
  • -p, --password: Password for authentication
  • --forceauth: Force authentication even for unauthenticated resources
  • --logdir: Directory for output logs
  • --schema_directory: Path to local schema files
  • --oemcheck: Enable OEM property validation
  • --collectionlimit: Limit collection member validation

Example:

cd /home/hspe/dp/Redfish-Service-Validator
python3 RedfishServiceValidator.py \
  -i http://localhost:8181 \
  -u <username> \
  -p '<password>' \
  --forceauth \
  --logdir ./logs

Redfish Interop Validator

The Redfish Interop Validator tests a Redfish service against a specific interoperability profile to ensure compliance with industry-defined use cases.

Purpose:

  • Validates against predefined interoperability profiles
  • Ensures required resources and properties are present
  • Verifies read/write requirements for specific use cases
  • Tests service-level capabilities

Installation:

git clone https://github.com/DMTF/Redfish-Interop-Validator.git
cd Redfish-Interop-Validator
pip install -r requirements.txt

Usage:

python3 RedfishInteropValidator.py \
  -i <host_ip> \
  -u <username> \
  -p <password> \
  --forceauth \
  --logdir ./logs \
  <profile.json>

Key Options:

  • -i, --ip: Target IP address or hostname
  • -u, --username: Username for authentication
  • -p, --password: Password for authentication
  • --forceauth: Force authentication
  • --logdir: Directory for output logs
  • --profile: Path to interoperability profile JSON file
  • --online_profiles: Use online DMTF profiles
  • --warnrecommended: Warn on missing recommended properties
  • --writecheck: Perform write/patch tests

Example:

cd /home/hspe/dp/Redfish-Interop-Validator
python3 RedfishInteropValidator.py \
  -i http://localhost:8181 \
  -u <username> \
  -p '<password>' \
  --forceauth \
  --logdir ./logs \
  ConsoleBasicProfile.json

Creating Custom Profiles:

A basic profile JSON structure:

{
  "ProfileName": "ConsoleBasic",
  "ProfileVersion": "1.0.0",
  "Purpose": "Basic validation profile for Console",
  "ContactInfo": "your-email@example.com",
  "RequiredProfiles": {},
  "Resources": {
    "ServiceRoot": {
      "PropertyRequirements": {
        "RedfishVersion": {},
        "UUID": {},
        "Systems": {
          "ReadRequirement": "Mandatory"
        }
      }
    },
    "ComputerSystemCollection": {
      "PropertyRequirements": {
        "Members": {},
        "Members@odata.count": {}
      }
    },
    "ComputerSystem": {
      "PropertyRequirements": {
        "Id": {},
        "Name": {},
        "SystemType": {},
        "Manufacturer": {},
        "Model": {},
        "SerialNumber": {},
        "UUID": {
          "ReadRequirement": "Recommended"
        },
        "PowerState": {}
      }
    }
  }
}

Redfish Protocol Validator

The Redfish Protocol Validator verifies that a Redfish service conforms to the protocol requirements defined in the Redfish specification.

Purpose:

  • Validates HTTP protocol compliance (headers, status codes, methods)
  • Tests authentication mechanisms (Basic, Session-based)
  • Verifies standard URI endpoints
  • Checks OData protocol requirements
  • Tests error handling and edge cases

**Installation:**s

git clone https://github.com/DMTF/Redfish-Protocol-Validator.git
cd Redfish-Protocol-Validator
pip install -r requirements.txt

Usage:

python3 rf_protocol_validator.py \
  -u <username> \
  -p <password> \
  -r <host_url> \
  --report-dir ./reports \
  --no-cert-check

Key Options:

  • -r, --rhost: Target host URL (e.g., http://localhost:8181)
  • -u, --user: Username for authentication
  • -p, --password: Password for authentication
  • --report-dir: Directory for HTML/TSV reports
  • --no-cert-check: Disable SSL certificate verification
  • --log-level: Set logging level (DEBUG, INFO, WARNING, ERROR)

Example:

cd /home/hspe/dp/Redfish-Protocol-Validator
python3 rf_protocol_validator.py \
  -u <username> \
  -p '<password>' \
  -r http://localhost:8181 \
  --report-dir ./reports \
  --no-cert-check

Validation Analysis Results

Summary

Validation testing was performed on the console Redfish implementation using all three DMTF validators. Below are the consolidated results:

Validator Pass Fail Warning Not Tested
Redfish Service Validator 18 6 5 -
Redfish Interop Validator 18 0 1 0
Redfish Protocol Validator 101 23 0 60

Detailed Results

1. Redfish Service Validator Results

Version: 2.5.1
Target: http://localhost:8181
Result: FAILED (6 issues found)

✅ Passed Validations
  • ServiceRoot resource structure and schema compliance
  • ComputerSystemCollection schema validation
  • ComputerSystem resource validation (18 total passes)
⚠️ Warnings
  1. Missing Schema Definitions:
    • NVMeDomainCollection.NVMeDomainCollection
    • StorageSystemCollection.StorageSystemCollection
    • StorageServiceCollection.StorageServiceCollection
    • HostedStorageServices.HostedStorageServices (multiple occurrences)
❌ Errors

  1. Mandatory Property Error: Sessions in Links

    • Error: Mandatory prop Sessions does not exist
    • Location: /redfish/v1/ ServiceRoot.Links
    • Impact: According to DMTF ServiceRoot v1.19.0 schema, Sessions is a required property in the Links object
    • Status: This is a schema compliance issue - the DMTF specification requires Sessions in Links, but we modified the schema to remove it since SessionService is not implemented

  2. Schema Version Mismatch: ComputerSystem

    • Error: Linked resource Members reports version ComputerSystem.v1_26_0.ComputerSystem not in Schema
    • Error: Missing Namespace Error: Namespace of ComputerSystem.v1_26_0 appears missing from SchemaXML ComputerSystem_v1.xml
    • Location: /redfish/v1/Systems and individual systems
    • Impact: Service uses v1.26.0 schema but validator only has v1.25.0
    • Root Cause: Validator's local schema cache doesn't include the latest v1.26.0 schema
    • Resolution: Update validator's schema directory or service can use v1.25.0 for broader compatibility

Command Used:

cd /home/hspe/dp/Redfish-Service-Validator
python3 RedfishServiceValidator.py \
  -i http://localhost:8181 \
  -u standalone \
  -p 'G@ppm0ym' \
  --forceauth \
  --logdir ./logs
📄 View Full Validation Log 
Redfish Service Validator, version 2.5.1

Writing config file to log directory
Target URI: https://localhost:8181
authtype: Basic
collectionlimit: ['LogEntry', '20']
debugging: False
forceauth: True
ip: https://localhost:8181
logdir: ./logs
oemcheck: True
password: ******
requestattempts: 10
requesttimeout: 10
schema_directory: ./SchemaFiles/metadata
uricheck: False
username: standalone
verbose: 0
Start time: 12/08/25 - 12:26:33

Setting up service...
Constructing metadata...
Redfish Version of Service: 1.19.0
Description of service: System Under Test - Root Service version 1.19.0, 2e4002c8-fa11-4e6d-95b4-1a4e613f50a2

*** Validating /redfish/v1/
Warning: Schema not found for NVMeDomainCollection.NVMeDomainCollection
Warning: Schema not found for StorageSystemCollection.StorageSystemCollection
Warning: Schema not found for StorageServiceCollection.StorageServiceCollection
         Type (ServiceRoot.v1_19_0.ServiceRoot), GET SUCCESS (time: 0:00:00.002055)
Mandatory Property Error: Mandatory prop Sessions does not exist
Property Validation Error: Sessions
          FAIL...

*** Validating /redfish/v1/Systems
         Type (ComputerSystemCollection.ComputerSystemCollection), GET SUCCESS (time: 0:00:00.000008)
Warning: Schema not found for HostedStorageServices.HostedStorageServices
Entity Version Error: Linked resource Members reports version ComputerSystem.v1_26_0.ComputerSystem not in Schema
Property Validation Error: Members[0]
          FAIL...
Warning: Schema not found for HostedStorageServices.HostedStorageServices

*** Validating /redfish/v1/Systems/3ffbbffa-e8f8-467c-a877-1393878fb4ef
Missing Namespace Error: Namespace of ComputerSystem.v1_26_0 appears missing from SchemaXML ComputerSystem_v1.xml, attempting highest type: #ComputerSystem.v1_26_0.ComputerSystem
New namespace: ComputerSystem.v1_25_0
Warning: Schema not found for HostedStorageServices.HostedStorageServices
         Type (ComputerSystem.v1_25_0.ComputerSystem), GET SUCCESS (time: 0:00:00.000022)
          FAIL...
Metadata: Namespaces missing from $metadata: set()

Elapsed time: 0:00:07

Listing any warnings and errors: 
 
/redfish/v1/
Warnings
Warning: Schema not found for NVMeDomainCollection.NVMeDomainCollection
Warning: Schema not found for StorageSystemCollection.StorageSystemCollection
Warning: Schema not found for StorageServiceCollection.StorageServiceCollection
Errors
Mandatory Property Error: Mandatory prop Sessions does not exist
Property Validation Error: Sessions
 
/redfish/v1/Systems
Warnings
Warning: Schema not found for HostedStorageServices.HostedStorageServices
Errors
Entity Version Error: Linked resource Members reports version ComputerSystem.v1_26_0.ComputerSystem not in Schema
Property Validation Error: Members[0]
 
/redfish/v1/Systems/3ffbbffa-e8f8-467c-a877-1393878fb4ef
Warnings
Warning: Schema not found for HostedStorageServices.HostedStorageServices
Errors
Missing Namespace Error: Namespace of ComputerSystem.v1_26_0 appears missing from SchemaXML ComputerSystem_v1.xml, attempting highest type: #ComputerSystem.v1_26_0.ComputerSystem
New namespace: ComputerSystem.v1_25_0

Results Summary:
Pass: 18, Fail: 6, Warning: 5
Validation has failed: 6 problems found

2. Redfish Interop Validator Results

Version: 2.3.3
Profile: ConsoleBasicProfile.json
Result: PASSED

✅ Passed Validations
  • ServiceRoot PropertyRequirements (RedfishVersion, UUID, Systems)
  • ComputerSystemCollection Members validation
  • ComputerSystem PropertyRequirements validation (18 total passes)
  • All service-level checks passed
⚠️ Warnings
  1. Missing ActionInfo for Reset Action:
    • Warning: Missing ActionInfo Warning: No such ActionInfo exists for this Action, and no AllowableValues exists. Cannot validate the following parameters: ResetType
    • Location: /redfish/v1/Systems/{id} ComputerSystem Reset action
    • Impact: Minimal - clients can still perform reset operations, but don't get metadata about allowed reset types
    • Recommendation: Add ActionInfo resource or AllowableValues annotation to document supported ResetType values

Analysis: The interop validator confirms the service correctly implements the ConsoleBasicProfile requirements. The single warning about missing ActionInfo is informational and does not prevent profile compliance.

Command Used:

cd /home/hspe/dp/Redfish-Interop-Validator
python3 RedfishInteropValidator.py \
  -i https://localhost:8181 \
  -u standalone \
  -p 'G@ppm0ym' \
  --forceauth \
  --logdir ./logs \
  ConsoleBasicProfile.json
📄 View Full Validation Log 
Redfish Interop Validator, version 2.3.3

Writing config file to log directory
Target URI: https://localhost:8181
authtype: Basic
collectionlimit: ['LogEntry', '20']
debugging: False
forceauth: True
ip: https://localhost:8181
logdir: ./logs
oemcheck: True
online_profiles: True
password: ******
profile: ['ConsoleBasicProfile.json']
username: standalone
verbose: 0
warnrecommended: False
writecheck: False
Start time: 12/08/25 - 12:28:44

Setting up service...
Redfish Version of Service: 1.19.0
Description of service: My Target System Root Service, version 1.19.0, 2e4002c8-fa11-4e6d-95b4-1a4e613f50a2

Profile Hashes (run-time): 
profile: ConsoleBasicProfile.json ConsoleBasic 1.0.0, dict md5 hash: 3d24e8ca01840bc4b22392be41280816
Profile Hashes (included by ConsoleBasicProfile.json): 
Profile Hashes (required by Resource): 


*** /redfish/v1/, ServiceRoot
         Type (#ServiceRoot.v1_19_0.ServiceRoot), GET SUCCESS (time: 0.001636)
### Validating an InteropResource
### Validating PropertyRequirements for RedfishVersion
### Validating PropertyRequirements for UUID
### Validating PropertyRequirements for Systems
ServiceRoot 

         PASS


*** /redfish/v1/Systems, ComputerSystemCollection
         Type (#ComputerSystemCollection.ComputerSystemCollection), GET SUCCESS (time: 0.00157)
### Validating an InteropResource
### Validating PropertyRequirements for Members
### Validating PropertyRequirements for Members@odata.count
ServiceRoot:Systems 

         PASS


*** /redfish/v1/Systems/3ffbbffa-e8f8-467c-a877-1393878fb4ef, ComputerSystem
         Type (#ComputerSystem.v1_26_0.ComputerSystem), GET SUCCESS (time: 4.666939)
### Validating an InteropResource
### Validating PropertyRequirements for Id
### Validating PropertyRequirements for Name
### Validating PropertyRequirements for SystemType
### Validating PropertyRequirements for Manufacturer
### Validating PropertyRequirements for Model
### Validating PropertyRequirements for SerialNumber
### Validating PropertyRequirements for UUID
        Item is recommended but does not exist
### Validating PropertyRequirements for PowerState
Missing ActionInfo Warning: No such ActionInfo exists for this Action, and no AllowableValues exists.  Cannot validate the following parameters: ResetType
ServiceRoot:Systems:Members#0 

         PASS
Service Level Checks
Validating ServiceRoot ReadRequirement
Validating ComputerSystemCollection ReadRequirement
Validating ComputerSystem ReadRequirement
Elapsed time: 0:00:04

Listing any warnings and errors: 
 
/redfish/v1/Systems/3ffbbffa-e8f8-467c-a877-1393878fb4ef
Warnings
Missing ActionInfo Warning: No such ActionInfo exists for this Action, and no AllowableValues exists.  Cannot validate the following parameters: ResetType

Results Summary:
Pass: 18, Fail: 0, Warning: 1, Not Tested: 0
Validation has succeeded.

3. Redfish Protocol Validator Results

Target: https://localhost:8181
Result: PARTIAL PASS (23 failures, expected for unimplemented features)

📊 Test Coverage
  • Total Tests: 184
  • Passed: 101 (54.9%)
  • Failed: 23 (12.5%)
  • Not Tested: 60 (32.6%)

Analysis: The 101 passing tests demonstrate solid HTTP protocol compliance. The 23 failures are primarily related to unimplemented features (SessionService, AccountService, /redfish endpoint) that are not advertised in the service root.

❌ Critical Failures

SessionService Not Implemented (8 failures - Expected):

  1. SEC_BASIC_AUTH_STANDALONE - Session endpoint returns 404
  2. SEC_BOTH_AUTH_TYPES - Session service not available
  3. SEC_SUPPORT_BASIC_AUTH - Sessions endpoint missing
  4. SEC_REQUIRE_LOGIN_SESSIONS - Cannot create login sessions
  5. SEC_WRITE_REQUIRES_AUTH - POST to Sessions fails
  6. REQ_HEADERS_AUTHORIZATION - Sessions endpoint missing
  7. REQ_POST_CREATE_VIA_COLLECTION - POST to Sessions returns 404
  8. REQ_POST_CREATE_TO_MEMBERS_PROP - POST to Sessions/Members returns 404

Analysis: These failures are expected as SessionService is not implemented. The service correctly uses HTTP Basic authentication instead.

Predefined Roles Not Implemented (3 failures - Expected):

  1. SEC_PRIV_SUPPORT_PREDEFINED_ROLES - Administrator role not found
  2. SEC_PRIV_SUPPORT_PREDEFINED_ROLES - Operator role not found
  3. SEC_PRIV_SUPPORT_PREDEFINED_ROLES - ReadOnly role not found

Analysis: Role-based access control requires AccountService which is not yet implemented.

Missing /redfish Version Endpoint (4 failures - Should Fix):

  1. PROTO_STD_URIS_SUPPORTED - /redfish returns 404
  2. PROTO_STD_URI_VERSION - /redfish endpoint missing (version discovery)
  3. REQ_GET_SERVICE_ROOT_NO_AUTH - /redfish not accessible without authentication
  4. SEC_READ_REQUIRES_AUTH - /redfish requires no auth but returns 404

Analysis: The /redfish endpoint should return {"v1": "/redfish/v1/"} for version discovery. This is a standard Redfish requirement and should be implemented.

HTTP Protocol Headers (4 failures - Should Fix):

  1. RESP_HEADERS_ALLOW_GET_OR_HEAD - Missing Allow header on GET responses
  2. RESP_HEADERS_LINK_REL_DESCRIBED_BY - Missing Link header (2 occurrences)
  3. RESP_HEADERS_WWW_AUTHENTICATE - Missing WWW-Authenticate header on 401 responses

Analysis: These HTTP headers improve API discoverability and client experience. Adding them would improve protocol compliance.

Other Protocol Issues (4 failures):

  1. PROTO_HTTP_SUPPORTED_METHODS - No successful POST requests (expected - no writable collections)
  2. REQ_HEADERS_ODATA_VERSION - Accepts unsupported OData-Version 4.1 (should return 412)
  3. RESP_ODATA_SERVICE_CONTEXT - /redfish/v1/odata has incorrect @odata.context

Command Used:

cd /home/hspe/dp/Redfish-Protocol-Validator
python3 rf_protocol_validator.py \
  -u <username> \
  -p '<password>' \
  -r http://localhost:8181 \
  --report-dir ./reports \
  --no-cert-check
📄 View Complete Protocol Validation Log 
WARNING:root:Creating Redfish session failed with status 404; using Basic authentication
WARNING:root:session POST status: 404, response: <!doctype html>
<meta name="viewport" content="width=device-width">
<pre>
<a href=".gitkeep">.gitkeep</a>
</pre>

ERROR:root:No accounts collection found
ERROR:root:No accounts collection found
ERROR:root:POST on /redfish/v1/SessionService/Sessions/Members did not return valid JSON; assuming an empty object
| Category | Test Name | Status | Details |
|----------|-----------|--------|---------|
| **HTTP Methods** | PROTO_HTTP_SUPPORTED_METHODS (POST) | ❌ FAIL | No POST requests had successful response |
| **Standard URIs** | PROTO_STD_URIS_SUPPORTED | ❌ FAIL | `/redfish` returns 404 |
| **Standard URIs** | PROTO_STD_URI_VERSION | ❌ FAIL | `/redfish` version endpoint missing |
| **Service Root** | REQ_GET_SERVICE_ROOT_NO_AUTH | ❌ FAIL | `/redfish` not accessible without auth (404) |
| **Headers** | REQ_HEADERS_AUTHORIZATION | ❌ FAIL | Sessions endpoint returns 404 |
| **Headers** | REQ_HEADERS_ODATA_VERSION | ❌ FAIL | Accepts unsupported OData-Version 4.1 (should return 412) |
| **Headers** | RESP_HEADERS_ALLOW_GET_OR_HEAD | ❌ FAIL | Missing `Allow` header on GET |
| **Headers** | RESP_HEADERS_LINK_REL_DESCRIBED_BY | ❌ FAIL | Missing `Link` header (2 occurrences) |
| **Headers** | RESP_HEADERS_WWW_AUTHENTICATE | ❌ FAIL | Missing `WWW-Authenticate` on 401 |
| **POST Create** | REQ_POST_CREATE_TO_MEMBERS_PROP | ❌ FAIL | Sessions/Members endpoint 404 |
| **POST Create** | REQ_POST_CREATE_VIA_COLLECTION | ❌ FAIL | Sessions collection POST returns 404 |
| **OData** | RESP_ODATA_SERVICE_CONTEXT | ❌ FAIL | `/odata` has incorrect @odata.context |
| **Authentication** | SEC_BASIC_AUTH_STANDALONE | ❌ FAIL | Sessions endpoint 404 |
| **Authentication** | SEC_BOTH_AUTH_TYPES | ❌ FAIL | Session service not available |
| **Authentication** | SEC_SUPPORT_BASIC_AUTH | ❌ FAIL | Sessions endpoint missing |
| **Authentication** | SEC_REQUIRE_LOGIN_SESSIONS | ❌ FAIL | Cannot create login sessions |
| **Authentication** | SEC_WRITE_REQUIRES_AUTH | ❌ FAIL | POST to Sessions fails (404) |
| **Authentication** | SEC_READ_REQUIRES_AUTH | ❌ FAIL | `/redfish` returns 404 |
| **Roles** | SEC_PRIV_SUPPORT_PREDEFINED_ROLES | ❌ FAIL | Administrator role not found |
| **Roles** | SEC_PRIV_SUPPORT_PREDEFINED_ROLES | ❌ FAIL | Operator role not found |
| **Roles** | SEC_PRIV_SUPPORT_PREDEFINED_ROLES | ❌ FAIL | ReadOnly role not found |

Summary - PASS: 101, WARN: 0, FAIL: 23, NOT_TESTED: 60
Report output:
reports/RedfishProtocolValidationReport_12_08_2025_123304.tsv
reports/RedfishProtocolValidationReport_12_08_2025_123304.html
---

Console Wiki

ADRs

Clone this wiki locally