1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
|
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
.. Copyright (C) 2021 Nordix Foundation.
.. _developer_guide:
Developer Guide
===============
This document provides a quickstart for developers of the CCSDK functions for O-RAN A1 Policies.
Source tree
+++++++++++
This provides CCSDK with "A1 Policy Management Service" and "A1 Adapter" functions.
Each resource is implemented independently in a package corresponding to its name.
A1 Policy Management Service
++++++++++++++++++++++++++++
The ONAP CCSDK A1 Policy Management Service is a Java 11 web application built using the Spring Framework.
Using Spring Boot dependencies, it runs as a standalone application.
A1 Policy Management Service provides a REST API for management of policies. It provides support for:
* Supervision of clients (R-APPs) to eliminate stray policies in case of failure
* Consistency monitoring of the SMO view of policies and the actual situation in the RICs
* Consistency monitoring of RIC capabilities (policy types)
* Policy configuration. This includes:
* One REST API towards all RICs in the network
* Query functions that can find all policies in a RIC, all policies owned by a service (R-APP), all policies of a type etc.
* Maps O1 resources (ManagedElement) as defined in O1 to the controlling RIC.
The Policy Management Service can be accessed over the REST API, and with an equivalent interface using DMaaP. See :ref:`pms_api` for more information about the API.
The configured A1 policies are stored presistently to survive a service restart.
Dependencies
------------
This project uses various frameworks which are managed with Maven
dependency management tool (see *pom.xml* file at root level) :
- Swagger annotations
- `Spring Framework <https://github.com/spring-projects/spring-boot>`_
- `Springfox <https://github.com/springfox/springfox>`_ Automated JSON API documentation for API's built with Spring
- `Immutable <https://immutables.github.io/>`_ to generate simple, safe and consistent value objects
- `JSON in Java <https://github.com/stleary/JSON-java>`_ to parse JSON documents into Java objects
- `Apache Commons Net <https://github.com/apache/commons-net>`_ for network utilities and protocol implementations
- `DCAE SDK <https://github.com/onap/dcaegen2-services-sdk>`_ to get configuration from CBS
- `Lombok <https://github.com/rzwitserloot/lombok>`_ to generate code, such as getters and setters
- `Awaitility <https://github.com/awaitility/awaitility>`_ to test asynchronous functionality
Configuration
-------------
There are two configuration files for A1 Policy Management Service, *config/application_configuration.json* and *config/application.yaml*
The first one contains configuration of data needed by the application, such as which Near-RT RICs
that are available. The second contains logging and security configurations.
For more information about these configuration files can be found as comments in the sample files provided with the source code, or on the `ONAP wiki <https://wiki.onap.org/display/DW/O-RAN+A1+Policies+in+ONAP+Honolulu>`_
Static configuration (application.yaml)
---------------------------------------
The file *./config/application.yaml* is read by the application at startup. It provides the following configurable features:
* server; configuration for the WEB server
* used port for HTTP/HTTPS, this is however not the port numbers visible outside the container
* SSL parameters for setting up using of key store and trust store databases.
* webclient; configuration parameters for a web client used by the component
* SSL parameters for setting up using of key store and trust store databases.
* Usage of HTTP(S) Proxy; if configured, the proxy will be used for southbound access to the NearRT-RICs
* logging; setting of of which information that is logged.
* filepath; the local path to a file used for dynamic configuration (if used). See next chapter.
For details about the parameters in this file, see documentation in the file.
Dynamic configuration
---------------------
The component has configuration that can be updated in runtime. This configuration can either be loaded from a file (accessible from the container) or from a CBS/Consul database (Cloudify). The configuration is re-read and refreshed at regular intervals. This file based configuration can be updated or read via the REST API, See :ref:`pms_api`.
The configuration includes:
* Controller configuration, which includes information on how to access the a1-adapter
* One entry for each NearRT-RIC, which includes:
* The base URL of the NearRT RIC
* A list of O1 identifiers that the NearRT RIC is controlling. An application can query this service which NearRT RIC should be addressed for controlling (for instance) a given Cell.
* An optional reference to the controller to use, or excluded if the NearRT-RIC can be accessed directly from this component.
* Optional configuration for using of DMAAP. There can be one stream for requests to the component and an other stream for responses.
For details about the syntax of the file, there is an example in source code repository */config/application_configuration.json*. This file is also included in the docker container */opt/app/policy-agent/data/application_configuration.json_example*.
Using CBS/Consul database for dynamic configuration
---------------------------------------------------
The access of CBS is setup by means of environment variables. There is currently no support for setting these at on boarding.
The following variables are required by the CBS:
* CONSUL_HOST
* CONSUL_PORT
* CONFIG_BINDING_SERVICE
* SERVICE_NAME
The CBS/Consul overrides the configuration file. So when CBS/Consul is used, the configuration file is ignored.
Configuration of certs
----------------------
The Policy Management Service uses the default keystore and truststore that are built into the container. The paths and
passwords for these stores are located in a yaml file: ::
oran/a1-policy-management/config/application.yaml
There is also Policy Management Service's own cert in the default truststore for mocking purposes and unit-testing
(ApplicationTest.java).
The default keystore, truststore, and application.yaml files can be overridden by mounting new files using the "volumes"
field of docker-compose or docker run command.
Assuming that the keystore, truststore, and application.yaml files are located in the same directory as docker-compose,
the volumes field should have these entries: ::
`volumes:`
`- ./new_keystore.jks:/opt/app/policy-agent/etc/cert/keystore.jks:ro`
`- ./new_truststore.jks:/opt/app/policy-agent/etc/cert/truststore.jks:ro`
`- ./new_application.yaml:/opt/app/policy-agent/config/application.yaml:ro`
The target paths in the container should not be modified.
Example docker run command for mounting new files (assuming they are located in the current directory): ::
docker run -p 8081:8081 -p 8433:8433 --name=policy-agent-container --network=nonrtric-docker-net --volume "$PWD/new_keystore.jks:/opt/app/policy-agent/etc/cert/keystore.jks" --volume "$PWD/new_truststore.jks:/opt/app/policy-agent/etc/cert/truststore.jks" --volume "$PWD/new_application.yaml:/opt/app/policy-agent/config/application.yaml" onap/ccsdk-oran-a1policymanagementservice:1.2.0-SNAPSHOT
A1 Adapter (Internal)
+++++++++++++++++++++
The O-RAN A1 Adapter provides an **internal** RESTCONF API that is used by the A1 Policy Management System when accessing the A1 Interface. This API is useful for test and verification but should not used otherwise.
See :ref:`a1_adapter_api` for details of this internal API.
Configuration of HTTP Proxy
---------------------------
In order to configure a HTTP Proxy for southbound connections:
* Modify file: odlsli/src/main/properties/a1-adapter-api-dg.properties in CCSDK/distribution
* Variable a1Mediator.proxy.url must contain Proxy URL
|