aboutsummaryrefslogtreecommitdiffstats
path: root/readme.md
blob: a705effb0ef70ded6bb9ce152097724d8a2b2a69 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

# OpenECOMP AAI Traversal

---
---

# Introduction

OpenECOMP AAI Traversal is delivered with multiple docker containers with hbase, and gremlin docker container preinstalled and also have a aai-haproxy container installed for routing requests properly between resources and graph query docker containers

For demo app use case you can install all three of the containers in one machine. Configuration and deployment of hbase for any other use cases should be evaluated and updated accordingly.

# Compiling AAI Traversal

AAI can be compiled easily with a `mvn clean install -DskipTests`. Integration tests are started by omitting the skipTests flag `mvn clean install`

# Starting AAI

In a developer local environment using the following: mvn -N -P runAjsc

# Accessing AAI APIs

Most of the AAI features within OpenECOMP are triggered by using **RESTful interfaces**. AAI  is configured on this release with HTTPS only using Basic Authentication. Two way SSL using client certificates should be considered and used for non demo use case deployments.

The MSO APIs are configured to accept requests having a **basic auth. header** set with various **username and password** depending on which client is triggering the request. The realm.properties contains the credentials for the OpenECOMP components and these should be changed as appropriate.

All API endpoints are exposed on port **8443**.

##### Example API endpoints in the first open source release 

http://aai.api.simpledemo.openecomp.org:8443/aai/v10/query

The easy way to trigger these endpoints is to use a RESTful client or automation framework. HTTP GET/PUT/DELETE are supported for most resource endpoints. More information on the REST interface can be found in the AAI Service REST API specification.

# Configuring AAI

The Docker containers use a Chef based configuration file (JSON) in order to provision AAI basic configuration for the demo app use case set up. 
 
# Logging

EELF framework is used for **specific logs** (audit, metric and error logs). They are tracking inter component logs (request and response) and allow to follow a complete flow through the AAI subsystem
 
EELF logs are located at the following location on the AAI Service container:

- /opt/app/aai-traversal/logs (each module has its own folder)

AJSC Jetty logs can be found under /opt/app/aai-traversal/logs/ajsc-jetty.
The REST interface logs can be found under /opt/app/aai-traversal/logs/rest.

# Testing AAI Functionalities
Any RESTful client such as SoapUI may be configured and setup to use for testing AAI requests.
color: #0000DD; font-weight: bold } /* Literal.Number.Integer */ .highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */ .highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */ .highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */ .highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */ .highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */ .highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */ .highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */ .highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */ .highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */ .highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */ .highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */ .highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */ .highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */ .highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */ .highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */ .highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */ .highlight .vc { color: #336699 } /* Name.Variable.Class */ .highlight .vg { color: #dd7700 } /* Name.Variable.Global */ .highlight .vi { color: #3333bb } /* Name.Variable.Instance */ .highlight .vm { color: #336699 } /* Name.Variable.Magic */ .highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T, ZTE
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

#################################################################
# Global configuration defaults.
#################################################################
global:
  nodePortPrefix: 302
  aafEnabled: true
  persistence: {}
  cassandra:
    #This flag allows SDC to instantiate its own cluster, serviceName
    #should be sdc-cs if this flag is enabled
    localCluster: false
    #The cassandra service name to connect to (default: shared cassandra service)
    serviceName: cassandra
    #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
    #to match with its own cluster replica
    replicaCount: 3
    clusterName: cassandra
    dataCenter: Pod

#################################################################
# AAF Part
#################################################################
certInitializer:
  nameOverride: sdc-onboarding-be-cert-init
  aafDeployFqi: deployer@people.osaaf.org
  aafDeployPass: demo123456!
  fqdn: sdc
  fqi: sdc@sdc.onap.org
  public_fqdn: sdc.onap.org
  cadi_longitude: "0.0"
  cadi_latitude: "0.0"
  app_ns: org.osaaf.aaf
  credsPath: /opt/app/osaaf/local
  addconfig: true
  keystoreFile: "org.onap.sdc.p12"
  truststoreFile: "org.onap.sdc.trust.jks"
  permission_user: 352070
  permission_group: 35953
  aaf_add_config: |
    echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop
    echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop

#################################################################
# Application configuration defaults.
#################################################################
# application image
image: onap/sdc-onboard-backend:1.9.3
onboardingInitImage: onap/sdc-onboard-cassandra-init:1.9.3
pullPolicy: Always

# flag to enable debugging - application support required
debugEnabled: false

config:
  javaOptions: "-Xmx1g -Xms1g"
  cassandraSslEnabled: "false"

#environment file
env:
  name: AUTO

# default number of instances
replicaCount: 1

nodeSelector: {}

affinity: {}

# probe configuration parameters
liveness:
  initialDelaySeconds: 1
  periodSeconds: 10
  timeoutSeconds: 15
  successThreshold: 1
  failureThreshold: 3
  # necessary to disable liveness probe when setting breakpoints
  # in debugger so K8s doesn't restart unresponsive container
  enabled: true

readiness:
  initialDelaySeconds: 1
  periodSeconds: 10
  timeoutSeconds: 15
  successThreshold: 1
  failureThreshold: 3

startup:
  initialDelaySeconds: 10
  periodSeconds: 10
  timeoutSeconds: 15
  successThreshold: 1
  failureThreshold: 60

service:
  type: ClusterIP
  name: sdc-onboarding-be
  portName: sdc-onboarding-be
  internalPort: 8445
  externalPort: 8445
  internalPort2: 8081
  externalPort2: 8081

## Persist data to a persitent volume
persistence:
  enabled: true

  ## A manually managed Persistent Volume and Claim
  ## Requires persistence.enabled: true
  ## If defined, PVC must be created manually before volume will be bound
  # existingClaim:
  volumeReclaimPolicy: Retain

  ## database data Persistent Volume Storage Class
  ## If defined, storageClassName: <storageClass>
  ## If set to "-", storageClassName: "", which disables dynamic provisioning
  ## If undefined (the default) or set to null, no storageClassName spec is
  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
  ##   GKE, AWS & OpenStack)
  ##
  # storageClass: "-"
  accessMode: ReadWriteOnce
  size: 2Gi
  mountPath: /dockerdata-nfs
  mountSubPath: /sdc/sdc-cs/CS

##Certificate storage persistence
##This is temporary solution for SDC-1980
cert:
  certDir: /app/jetty/cert
  persistence:
    enabled: true
    size: 10Mi
    accessMode: ReadWriteOnce
    volumeReclaimPolicy: Retain
    mountSubPath: /sdc/onbaording/cert

securityContext:
  fsGroup: 35953
  runAsUser: 352070

ingress:
  enabled: false

# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
resources:
  small:
    limits:
      cpu: 500m
      memory: 2Gi
    requests:
      cpu: 40m
      memory: 1Gi
  large:
    limits:
      cpu: 1
      memory: 4Gi
    requests:
      cpu: 80m
      memory: 2Gi
  unlimited: {}

#Pods Service Account
serviceAccount:
  nameOverride: sdc-onboarding-be
  roles:
    - read