diff options
-rw-r--r-- | docs/sections/apis/DFC.rst | 24 | ||||
-rw-r--r-- | docs/sections/apis/PRH.rst | 4 | ||||
-rw-r--r-- | docs/sections/apis/ves-hv/index.rst | 48 | ||||
-rw-r--r-- | docs/sections/apis/ves-hv/supported-domains.rst | 82 | ||||
-rw-r--r-- | docs/sections/services/dfc/administration.rst | 15 | ||||
-rw-r--r-- | docs/sections/services/dfc/architecture.rst | 31 | ||||
-rw-r--r-- | docs/sections/services/dfc/configuration.rst | 98 | ||||
-rw-r--r-- | docs/sections/services/dfc/delivery.rst | 12 | ||||
-rw-r--r-- | docs/sections/services/dfc/index.rst | 19 | ||||
-rw-r--r-- | docs/sections/services/dfc/installation.rst | 25 | ||||
-rw-r--r-- | docs/sections/services/dfc/logging.rst | 13 | ||||
-rw-r--r-- | docs/sections/services/dfc/release-notes.rst | 41 | ||||
-rw-r--r-- | docs/sections/services/prh/architecture.rst | 15 | ||||
-rw-r--r-- | docs/sections/services/prh/authorization.rst | 60 | ||||
-rw-r--r-- | docs/sections/services/prh/configuration.rst | 60 | ||||
-rw-r--r-- | docs/sections/services/prh/delivery.rst | 9 | ||||
-rw-r--r-- | docs/sections/services/prh/index.rst | 29 | ||||
-rw-r--r-- | docs/sections/services/prh/installation.rst | 66 | ||||
-rw-r--r-- | docs/sections/services/serviceindex.rst | 2 |
19 files changed, 596 insertions, 57 deletions
diff --git a/docs/sections/apis/DFC.rst b/docs/sections/apis/DFC.rst index 68326b5d..c8540187 100644 --- a/docs/sections/apis/DFC.rst +++ b/docs/sections/apis/DFC.rst @@ -11,19 +11,9 @@ DFC (DataFile Collector) Overview ======== -DFC will orchestrate the collection of bulk PM data flow: - 1. Subscribes to fileReady DMaaP topic - 2. Collects the file from the xNF - 3. Sends new event to DataRouter with file. +Component description can be found under `DFC`_. -Introduction -============ - -DFC is delivered as one **Docker container** which hosts application server and can be started by `docker-compose`. - -Functionality -============= -.. image:: ../images/DFC.png +.. _DFC: ../../sections/services/dfc/index.html Paths @@ -79,16 +69,6 @@ Whole project (top level of DFC directory) and each module (sub module directory Configuration file: Config/datafile_endpoints.json -Main API Endpoints -================== - -Running with dev-mode of DFC - - Heartbeat: **http://<container_address>:8100/heartbeat** or **https://<container_address>:8433/heartbeat** - - Start DFC: **http://<container_address>:8100/start** or **https://<container_address>:8433/start** - - Stop DFC: **http://<container_address>:8100/stopDatafile** or **https://<container_address>:8433/stopDatafile** - -The external port allocated for 8100 (http) is 30245. - Maven GroupId: ============== diff --git a/docs/sections/apis/PRH.rst b/docs/sections/apis/PRH.rst index f693ef76..2a7d0eae 100644 --- a/docs/sections/apis/PRH.rst +++ b/docs/sections/apis/PRH.rst @@ -1,3 +1,5 @@ +.. _prh_api: + ============================== PRH (PNF Registration Handler) ============================== @@ -28,7 +30,7 @@ Paths ===== GET /events/unauthenticated.VES_PNFREG_OUTPUT ------------------------------------------------ +--------------------------------------------- Description ~~~~~~~~~~~ diff --git a/docs/sections/apis/ves-hv/index.rst b/docs/sections/apis/ves-hv/index.rst index b707d9fd..b477ba14 100644 --- a/docs/sections/apis/ves-hv/index.rst +++ b/docs/sections/apis/ves-hv/index.rst @@ -9,6 +9,7 @@ HV-VES (High Volume VES) .. contents:: :depth: 4 + .. Overview @@ -43,40 +44,6 @@ HV-VES makes routing decisions based mostly on the content of the **Domain** par The PROTO file, which contains the VES CommonEventHeader, comes with a binary-type Payload (eventFields) parameter, where domain-specific data should be placed. Domain-specific data are encoded as well with GPB. A domain-specific PROTO file is required to decode the data. -Domain **perf3gpp** -=================== - -The purpose of the **perf3gpp** domain is to deliver performance measurements from a network function (NF) to ONAP in 3GPP format. -The first application of this domain is frequent periodic delivery of structured RAN PM data commonly referred to as Real Time PM (RTPM). -The equipment sends an event right after collecting the PM data for a granularity period. - -The characteristics of each event in the **perf3gpp** domain: - -- Single measured entity, for example, BTS -- Single granularity period (collection *begin time* and *duration*) -- Optional top-level grouping in one or more PM groups -- Grouping in one or more measured objects, for example, cells -- One or more reported PM values for each measured object - -Due to the single granularity period per event, single equipment supporting multiple concurrent granularity periods might send more than one event at a given reporting time. - -The **perf3gpp** domain is based on 3GPP specifications: - -- `3GPP TS 28.550 <http://www.3gpp.org/ftp//Specs/archive/28_series/28.550/>`_ -- `3GPP TS 32.431 <http://www.3gpp.org/ftp//Specs/archive/32_series/32.431/>`_ -- `3GPP TS 32.436 <http://www.3gpp.org/ftp//Specs/archive/32_series/32.436/>`_ - -The event structure is changed in comparison to the one presented in 3GPP technical specifications. The 3GPP structure is enhanced to provide support for efficient transport. - -Definitions for the **perf3gpp** domain are stored in Perf3gppFields.proto and MeasDataCollection.proto, listed below: - -.. literalinclude:: Perf3gppFields.proto - :language: protobuf - -.. literalinclude:: MeasDataCollection.proto - :language: protobuf - - API towards DMaaP ================= @@ -87,6 +54,18 @@ HV-VES Collector forwards incoming messages to a particular DMaaP Kafka topic ba In both cases raw bytes might be extracted using ``org.apache.kafka.common.serialization.ByteArrayDeserializer``. The resulting bytes might be further passed to ``parseFrom`` methods included in classes generated from GPB definitions. WTP is not used here - it is only used in communication between PNF/VNF and the collector. +By default, **HV-VES** will use routing defined in **k8s-hv-ves.yaml-template** in **dcaegen2/platform/blueprints project**. Currently defined domain->topic mapping looks as follows: + +- perf3gpp -> HV_VES_PERF3GPP + +Supported domains +================= + +Domains supported by **HV-VES**: + +- perf3gpp + +For domains descriptions, see :ref:`supported_domains` .. _hv_ves_behaviors: @@ -113,3 +92,4 @@ Messages handling: .. note:: xNF (VNF/PNF) can split messages bigger than 1 MiB and set `sequence` field in CommonEventHeader accordingly. It is advised to use smaller than 1 MiB messages for GPBs encoding/decoding efficiency. - Skipped messages (for any of the above reasons) might not leave any trace in HV-VES logs. + diff --git a/docs/sections/apis/ves-hv/supported-domains.rst b/docs/sections/apis/ves-hv/supported-domains.rst new file mode 100644 index 00000000..980b9f22 --- /dev/null +++ b/docs/sections/apis/ves-hv/supported-domains.rst @@ -0,0 +1,82 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 + +.. _supported_domains: + +Domains supported by HV-VES +=========================== + +.. _perf3gpp: + +perf3gpp domain - delivery of equipment Performance Monitoring (PM) data, based on 3GPP specifications +------------------------------------------------------------------------------------------------------ +The purpose of the **perf3gpp** domain is frequent periodic delivery of structured RAN PM data commonly referred to as Real Time PM (RTPM). The equipment sends an event right after collecting the PM data for a granularity period. + +The characteristics of each event in the **perf3gpp** domain: + +- Single measured entity, for example, BTS +- Single granularity period (collection *begin time* and *duration*) +- Optional top-level grouping in one or more PM groups +- Grouping in one or more measured objects, for example, cells +- One or more reported PM values for each measured object + +Due to the single granularity period per event, single equipment supporting multiple concurrent granularity periods might send more than one event at a given reporting time. + +The **perf3gpp** domain is based on 3GPP specifications: + + +- `3GPP TS 28.550 <http://www.3gpp.org/ftp//Specs/archive/28_series/28.550/>`_ + +- `3GPP TS 32.431 <http://www.3gpp.org/ftp//Specs/archive/32_series/32.431/>`_ + +- `3GPP TS 32.436 <http://www.3gpp.org/ftp//Specs/archive/32_series/32.436/>`_ + +The event structure is changed in comparison to the one presented in 3GPP technical specifications. The 3GPP structure is enhanced to provide support for efficient transport. + +Selecting Complimentary fields for population of **perf3gpp** event +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Context: at the upper level, *VesEvent.eventFields* is an opaque bytes field, and in the case of the **perf3gpp** domain (that is VesEvent.commonEventHeader.domain=="Perf3gpp"), *eventFields* maps to a structure defined by *Perf3gppFields*. + +*Perf3gppFields* contains two main sub-structures: + + - *eventAddlFlds*: the usual optional VES per-event data (*HashMap*, name/value pairs) + - *measDataCollection*: the actual payload, based on 3GPP specifications, but modified in order to optionaly reduce the size of the event + +Usage of *measDataCollection*: + + The *measDataCollection* structure offers flexibility in the way an equipment provides the Performance Monitoring (PM) data. + The following table gives an outline of the two main options: + +- Following 3GPP standard as closely as possible +- Reducing the message size + +Each row of the table corresponds to one field where a choice is to be made. For each main option it describes whether an optional field is relevant or not, or which subfield to provide for a "oneof" GPB field. + + +----------------------------+----------+-----------------------------+-----------------------------+----------+ + | | | Focus 1: 3GPP compatibility | Focus 2: Minimum event size | | + | *MeasDataCollection* field | Type | (send textual IDs) | (send numerical IDs) | Notes | + +============================+==========+=============================+=============================+==========+ + | MeasData.measObjInstIdList | optional | <not provided> | <mandatory> | [1]_ | + +----------------------------+----------+-----------------------------+-----------------------------+----------+ + | MeasValue.MeasObjInstId | oneof | sMeasObjInstId | measObjInstIdListIdx | [1]_ | + +----------------------------+----------+-----------------------------+-----------------------------+----------+ + | MeasInfo.MeasInfoId | oneof | sMeasInfoId | iMeasInfoId | [2]_ | + +----------------------------+----------+-----------------------------+-----------------------------+----------+ + | MeasInfo.MeasTypes | oneof | sMeasTypes | iMeasTypes | [2]_ | + +----------------------------+----------+-----------------------------+-----------------------------+----------+ + | Notes: | + | .. [1] *MeasData.measObjInstIdList* and *MeasValue.MeasObjInstId.measObjInstIdListIdx* are interdependent | + | .. [2] Numerical IDs normally require the mapping to textual IDs to be provided offline in a PM dictionary | + | | + +----------------------------+----------+-----------------------------+-----------------------------+----------+ + +.. note:: The division between focus 1 and focus 2 above is illustrative, and a mix of choices from both options is possible. + +.. note:: *MeasResult.p* can be used to reduce the event size when more than half of the values in the event are zero values, and these values are not sent to ONAP. Only non-zero values are sent, together with their *MeasInfo.MeasTypes* index (*MeasResult.p*). + + + + + + diff --git a/docs/sections/services/dfc/administration.rst b/docs/sections/services/dfc/administration.rst new file mode 100644 index 00000000..43845a0e --- /dev/null +++ b/docs/sections/services/dfc/administration.rst @@ -0,0 +1,15 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 + +Administration +============== +DFC has a healthcheck functionality. The service can then be started and stopped through an API. One can also check the liveliness of the service. + +Main API Endpoints +"""""""""""""""""" +Running with dev-mode of DFC + - Heartbeat: **http://<container_address>:8100/heartbeat** or **https://<container_address>:8433/heartbeat** + - Start DFC: **http://<container_address>:8100/start** or **https://<container_address>:8433/start** + - Stop DFC: **http://<container_address>:8100/stopDatafile** or **https://<container_address>:8433/stopDatafile** + +The external port allocated for 8100 (http) is 30245. diff --git a/docs/sections/services/dfc/architecture.rst b/docs/sections/services/dfc/architecture.rst new file mode 100644 index 00000000..1ee922af --- /dev/null +++ b/docs/sections/services/dfc/architecture.rst @@ -0,0 +1,31 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 + +Architecture +============ + +Introduction +"""""""""""" +DataFile Collector (DFC) is a part of DCAEGEN2. Some information about DFC and the reasons of its implementation can be found here: `5G bulk PM wiki page`_. + +.. _5G bulk PM wiki page: https://wiki.onap.org/display/DW/5G+-+Bulk+PM + +DFC will handle the collection of bulk PM data flow: + 1. Subscribes to fileReady DMaaP topic + 2. Collects the file from the xNF + 3. Sends new event to DataRouter with file. + + +DFC is delivered as one **Docker container** which hosts application server and can be started by `docker-compose`. +See `Delivery`_ for more information about the docker container. + +.. _Delivery: ./delivery.html + +Functionality +""""""""""""" +.. image:: ../../images/DFC.png + +Interaction +""""""""""" +DFC will interact with the DMaaP Message Router and with the Data Router via secured protocol, using json files. +So far, the implemented protocols are sftp and ftp(e)s. diff --git a/docs/sections/services/dfc/configuration.rst b/docs/sections/services/dfc/configuration.rst new file mode 100644 index 00000000..d57a85f1 --- /dev/null +++ b/docs/sections/services/dfc/configuration.rst @@ -0,0 +1,98 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Configuration
+=============
+
+**datafile** configuration is controlled via a single JSON file called datafile_endpoints.json.
+This is located under datafile-app-server/config.
+
+JSON CONFIGURATION EXPLAINED
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Variables of interest (e.g. variables that should be inspected/modifed for a specific runtime environment) are listed below for convenience. The entire file is provided later in this page for reference.
+
+dmaapConsumerConfiguration
+""""""""""""""""""""""""""
+
+.. code-block:: json
+
+ "dmaapHostName": <name of DMaaP/MR host>
+ "dmaapPortNumber": <DMaaP/MR host port>
+ "dmaapTopicName": "/events/unauthenticated.VES_NOTIFICATION_OUTPUT"
+ "dmaapProtocol": "http"
+ "dmaapUserName": ""
+ "dmaapUserPassword": ""
+ "dmaapContentType": "application/json"
+ "consumerId": "C12"
+ "consumerGroup": "OpenDcae-c12"
+ "timeoutMS": -1
+ "messageLimit": 1
+
+dmaapProducerConfiguration
+""""""""""""""""""""""""""
+
+.. code-block:: json
+
+ "dmaapHostName": <name of DMaaP/DR host>
+ "dmaapPortNumber": <DMaaP/DR host port>
+ "dmaapTopicName": "publish"
+ "dmaapProtocol": "httpa"
+ "dmaapUserName": "dradmin"
+ "dmaapUserPassword": "dradmin"
+ "dmaapContentType": "application/octet-stream"
+
+ftpesConfiguration
+""""""""""""""""""
+
+.. code-block:: json
+
+ "keyCert": <path to DFC certificate>
+ "keyPassword": <pssword for DFC certificate>
+ "trustedCA": <path to xNF certificate>
+ "trustedCAPassword": <password for xNF certificate>
+
+
+Sample JSON configuration
+"""""""""""""""""""""""""
+
+The format of the JSON configuration that drives all behavior of DFC is probably best described using an example:
+
+.. code-block:: json
+
+ {
+ "configs": {
+ "dmaap": {
+ "dmaapConsumerConfiguration": {
+ "dmaapHostName": "localhost",
+ "dmaapPortNumber": 2222,
+ "dmaapTopicName": "/events/unauthenticated.VES_NOTIFICATION_OUTPUT",
+ "dmaapProtocol": "http",
+ "dmaapUserName": "",
+ "dmaapUserPassword": "",
+ "dmaapContentType": "application/json",
+ "consumerId": "C12",
+ "consumerGroup": "OpenDcae-c12",
+ "timeoutMS": -1,
+ "messageLimit": 1
+ },
+ "dmaapProducerConfiguration": {
+ "dmaapHostName": "localhost",
+ "dmaapPortNumber": 3907,
+ "dmaapTopicName": "publish",
+ "dmaapProtocol": "https",
+ "dmaapUserName": "dradmin",
+ "dmaapUserPassword": "dradmin",
+ "dmaapContentType": "application/octet-stream"
+ }
+ },
+ "ftp": {
+ "ftpesConfiguration": {
+ "keyCert": "config/ftpKey.jks",
+ "keyPassword": "secret",
+ "trustedCA": "config/cacerts",
+ "trustedCAPassword": "secret"
+ }
+ }
+ }
+ }
diff --git a/docs/sections/services/dfc/delivery.rst b/docs/sections/services/dfc/delivery.rst new file mode 100644 index 00000000..233e2543 --- /dev/null +++ b/docs/sections/services/dfc/delivery.rst @@ -0,0 +1,12 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Delivery
+========
+
+Docker Container
+----------------
+
+**datafile** is delivered as a docker container that can be downloaded from onap:
+
+ ``docker run -d -p 8100:8100 -p 8433:8433 nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.datafile``
diff --git a/docs/sections/services/dfc/index.rst b/docs/sections/services/dfc/index.rst new file mode 100644 index 00000000..176c403c --- /dev/null +++ b/docs/sections/services/dfc/index.rst @@ -0,0 +1,19 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+
+DATAFILE COLLECTOR MS (DFC)
+=============================
+
+.. Add or remove sections below as appropriate for the platform component.
+
+.. toctree::
+ :maxdepth: 1
+
+ ./architecture.rst
+ ./delivery.rst
+ ./logging.rst
+ ./installation.rst
+ ./configuration.rst
+ ./administration.rst
+ ./release-notes.rst
diff --git a/docs/sections/services/dfc/installation.rst b/docs/sections/services/dfc/installation.rst new file mode 100644 index 00000000..ffaa580e --- /dev/null +++ b/docs/sections/services/dfc/installation.rst @@ -0,0 +1,25 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Installation
+============
+
+An environment suitable for running docker containers is recommended.
+
+As a docker container
+---------------------
+
+**datafile** is delivered as a docker container based on openjdk:8-jre-alpine. The
+host or VM that will run this container must have the docker application
+loaded and available to the userID that will be running the DFC container.
+
+Also required is a working DMAAP/MR and DMAAP/DR environment. datafile
+subscribes to DMAAP/MR fileReady event as JSON messages and publishes the downloaded files to the DMAAP/DR.
+
+Installation
+^^^^^^^^^^^^
+
+The following command will download the latest datafile container from
+nexus and launch it in the container named "datafile":
+
+ ``docker run -d -p 8100:8100 -p 8433:8433 nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.datafile``
diff --git a/docs/sections/services/dfc/logging.rst b/docs/sections/services/dfc/logging.rst new file mode 100644 index 00000000..b6ac7930 --- /dev/null +++ b/docs/sections/services/dfc/logging.rst @@ -0,0 +1,13 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Logging
+=======
+
+Logging is controlled by the configuration provided to **datafile** in the application.yaml
+file located in datafile-app-server/config folder.
+
+
+**Where is the log file?**
+
+The log file is located under /opt/log and called application.log.
diff --git a/docs/sections/services/dfc/release-notes.rst b/docs/sections/services/dfc/release-notes.rst new file mode 100644 index 00000000..fb66ebb6 --- /dev/null +++ b/docs/sections/services/dfc/release-notes.rst @@ -0,0 +1,41 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 + +Release Notes +============= + +Version: 1.0.4 +-------------- + +:Release Date: 2018-11-08 (Casablanca) + + +**New Features** + +All DFC features from v1.0.4 are new. + + +**Bug Fixes** + +This is the initial release. + + +**Known Issues** + +No known issues. + + +**Known limitations** + + - DFC has only be tested successfully with one node. + - The certificates are distributed hand to hand, no automated process. + + +**Security Issues** + +No known security issues. + + +**Upgrade Notes** + +This is the initial release. diff --git a/docs/sections/services/prh/architecture.rst b/docs/sections/services/prh/architecture.rst new file mode 100644 index 00000000..090c405e --- /dev/null +++ b/docs/sections/services/prh/architecture.rst @@ -0,0 +1,15 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 + +PRH Architecture +================ + +**PRH** is a new DCAE micro-service which participates in the Physical Network Function Plug and Play (PNF PnP) +procedure. PNF PnP is used to register PNF when it comes online. + +PRH Processing Flow +------------------- + +.. image:: ../../images/prhAlgo.png + + diff --git a/docs/sections/services/prh/authorization.rst b/docs/sections/services/prh/authorization.rst new file mode 100644 index 00000000..fe5ed40b --- /dev/null +++ b/docs/sections/services/prh/authorization.rst @@ -0,0 +1,60 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 + +.. _authorization: + +SSL/TLS Authentication & Authorization +====================================== + +| PRH does not perform any authorization in AAF, as the only endpoint which is provided by the service is the healthcheck, which is unsecured. +| For authentication settings there is a possibility to change from default behavior to certificate-based solution independently for DMaaP and AAI communication. + +AAI authentication +^^^^^^^^^^^^^^^^^^ + +Default +""""""" +| By default basic authentication is being used with following credentials: +| user=AAI +| password=AAI + +Certificate-based +""""""""""""""""" +| There is an option to enable certificate-based authentication for PRH towards AAI service calls. +| To achieve this secure flag needs to be turned on in PRH :ref:`configuration<prh_configuration>` : + +.. code-block:: json + security.enableAaiCertAuth=true + +DMaaP BC authentication +^^^^^^^^^^^^^^^^^^^^^^^ + +Default +""""""" +| By default basic authentication is being used with following credentials (for both DMaaP consumer and DMaaP publisher endpoints): +| user=admin +| password=admin + +Certificate-based +"""""""""""""""""" +| There is an option to enable certificate-based authentication for PRH towards DMaaP Bus Controller service calls. +| To achieve this secure flag needs to be turned on in PRH :ref:`configuration<prh_configuration>` : + +.. code-block:: json + --security.enableDmaapCertAuth=true + +PRH identity and certificate data +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +| PRH is using ``dcae`` identity when certificate-based authentication is turned on. +| It's the DCAEGEN2 responsibility to generate certificate for dcae identity and provide it to the collector. +| +| PRH by default expects that the volume ``tls-info`` is being mounted under path ``/opt/app/prh/etc/cert``. +| It's the component/collector responsibility to provide necessary inputs in Cloudify blueprint to get the volume mounted. +| See :doc:`../../tls_enablement` for detailed information. +| +| PRH is using four files from ``tls-info`` DCAE volume (``cert.jks, jks.pass, trust.jks, trust.pass``). +| Refer :ref:`configuration<prh_configuration>` for proper security attributes settings. +| +| **IMPORTANT** Even when certificate-based authentication security features are disabled, +| still all security settings needs to be provided in configuration to make PRH service start smoothly. +| Security attributes values are not validated in this case, and can point to non-existent data. diff --git a/docs/sections/services/prh/configuration.rst b/docs/sections/services/prh/configuration.rst new file mode 100644 index 00000000..0e4109cf --- /dev/null +++ b/docs/sections/services/prh/configuration.rst @@ -0,0 +1,60 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 + +.. _prh_configuration: + +Configuration +============= + +PRH expects to be able to fetch configuration directly from consul service in following JSON format: + +.. code-block:: json + + { + "aai": { + "aaiClientConfiguration": { + "aaiHost": "aai.onap.svc.cluster.local", + "aaiHostPortNumber": 8443, + "aaiIgnoreSslCertificateErrors": true, + "aaiProtocol": "https", + "aaiUserName": "AAI", + "aaiUserPassword": "AAI", + "aaiBasePath": "/aai/v12", + "aaiPnfPath": "/network/pnfs/pnf", + } + }, + "dmaap": { + "dmaapConsumerConfiguration": { + "consumerGroup": "OpenDCAE-c12", + "consumerId": "c12", + "dmaapContentType": "application/json", + "dmaapHostName": "message-router.onap.svc.cluster.local", + "dmaapPortNumber": 3904, + "dmaapProtocol": "http", + "dmaapTopicName": "/events/unauthenticated.VES_PNFREG_OUTPUT", + "dmaapUserName": "admin", + "dmaapUserPassword": "admin", + "messageLimit": -1, + "timeoutMs": -1 + }, + "dmaapProducerConfiguration": { + "dmaapContentType": "application/json", + "dmaapHostName": "message-router.onap.svc.cluster.local", + "dmaapPortNumber": 3904, + "dmaapProtocol": "http", + "dmaapTopicName": "/events/unauthenticated.PNF_READY", + "dmaapUserName": "admin", + "dmaapUserPassword": "admin" + } + }, + "security": { + "trustStorePath": "/opt/app/prh/etc/cert/trust.jks", + "trustStorePasswordPath": "/opt/app/prh/etc/cert/trust.pass", + "keyStorePath": "/opt/app/prh/etc/cert/cert.jks", + "keyStorePasswordPath": "/opt/app/prh/etc/cert/jks.pass", + "enableAaiCertAuth": "false", + "enableDmaapCertAuth": "false" + } + } + +The configuration is created from PRH Cloudify blueprint by specifying **application_config** node during ONAP OOM/Kubernetes deployment. diff --git a/docs/sections/services/prh/delivery.rst b/docs/sections/services/prh/delivery.rst new file mode 100644 index 00000000..3369376e --- /dev/null +++ b/docs/sections/services/prh/delivery.rst @@ -0,0 +1,9 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 + +Delivery +======== + +**PRH** is delivered as a docker container and published in ONAP Nexus repository in the following image naming convention. + +Full image name is `onap/org.onap.dcaegen2.services.prh.prh-app-server`.
\ No newline at end of file diff --git a/docs/sections/services/prh/index.rst b/docs/sections/services/prh/index.rst new file mode 100644 index 00000000..e3ba5bd9 --- /dev/null +++ b/docs/sections/services/prh/index.rst @@ -0,0 +1,29 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 + + +PNF Registration Handler (PRH) +============================== + +.. Add or remove sections below as appropriate for the platform component. + +**PNF Registration Handler** is a micro-service in DCAE used during Physical Network Function (PNF) Plug-n-Play to process +the PNF Registration event. + + +PRH overview and functions +-------------------------- + +.. toctree:: + :maxdepth: 1 + + ./architecture + ./configuration + ./delivery + ./installation + ./authorization + +API reference +^^^^^^^^^^^^^ + +Refer to :doc:`PRH offered APIs<../../apis/PRH>` for detailed PRH api information. diff --git a/docs/sections/services/prh/installation.rst b/docs/sections/services/prh/installation.rst new file mode 100644 index 00000000..22dab33e --- /dev/null +++ b/docs/sections/services/prh/installation.rst @@ -0,0 +1,66 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 + +Installation +============ + +Following docker-compose-yaml file shows default configuration and can be run using `docker compose up` command: + +.. code-block:: yaml + + version: '3' + services: + prh: + image: nexus3.onap.org:10003/onap/org.onap.dcaegen2.services.prh.prh-app-server + command: > + --dmaap.dmaapConsumerConfiguration.dmaapHostName=10.42.111.36 + --dmaap.dmaapConsumerConfiguration.dmaapPortNumber=8904 + --dmaap.dmaapConsumerConfiguration.dmaapTopicName=/events/unauthenticated.SEC_OTHER_OUTPUT + --dmaap.dmaapConsumerConfiguration.dmaapProtocol=http + --dmaap.dmaapConsumerConfiguration.dmaapUserName=admin + --dmaap.dmaapConsumerConfiguration.dmaapUserPassword=admin + --dmaap.dmaapConsumerConfiguration.dmaapContentType=application/json + --dmaap.dmaapConsumerConfiguration.consumerId=c12 + --dmaap.dmaapConsumerConfiguration.consumerGroup=OpenDCAE-c12 + --dmaap.dmaapConsumerConfiguration.timeoutMS=-1 + --dmaap.dmaapConsumerConfiguration.message-limit=-1 + --dmaap.dmaapProducerConfiguration.dmaapHostName=10.42.111.36 + --dmaap.dmaapProducerConfiguration.dmaapPortNumber=8904 + --dmaap.dmaapProducerConfiguration.dmaapTopicName=/events/unauthenticated.PNF_READY + --dmaap.dmaapProducerConfiguration.dmaapProtocol=http + --dmaap.dmaapProducerConfiguration.dmaapUserName=admin + --dmaap.dmaapProducerConfiguration.dmaapUserPassword=admin + --dmaap.dmaapProducerConfiguration.dmaapContentType=application/json + --aai.aaiClientConfiguration.aaiHostPortNumber=30233 + --aai.aaiClientConfiguration.aaiHost=10.42.111.45 + --aai.aaiClientConfiguration.aaiProtocol=https + --aai.aaiClientConfiguration.aaiUserName=admin + --aai.aaiClientConfiguration.aaiUserPassword=admin + --aai.aaiClientConfiguration.aaiIgnoreSSLCertificateErrors=true + --aai.aaiClientConfiguration.aaiBasePath=/aai/v11 + --aai.aaiClientConfiguration.aaiPnfPath=/network/pnfs/pnf + --security.enableAaiCertAuth=false + --security.enableDmaapCertAuth=false + --security.keyStorePath=/opt/app/prh/etc/cert/cert.jks + --security.keyStorePasswordPath=/opt/app/prh/etc/cert/jks.pass + --security.trustStorePath=/opt/app/prh/etc/cert/trust.jks + --security.trustStorePasswordPath=/opt/app/prh/etc/cert/trust.pass + entrypoint: + - java + - -Dspring.profiles.active=dev + - -jar + - /opt/prh-app-server.jar + ports: + - "8100:8100" + - "8433:8433" + restart: always + + +Running with dev-mode of PRH +^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Heartbeat: http://<container_address>:8100/heartbeat or https://<container_address>:8443/heartbeat + +Start prh: http://<container_address>:8100/start or https://<container_address>:8433/start + +Stop prh: http://<container_address>:8100/stopPrh or https://<container_address>:8433/stopPrh
\ No newline at end of file diff --git a/docs/sections/services/serviceindex.rst b/docs/sections/services/serviceindex.rst index ff6e9516..c500a051 100644 --- a/docs/sections/services/serviceindex.rst +++ b/docs/sections/services/serviceindex.rst @@ -14,3 +14,5 @@ Service components under DCAE ./ves-http/index.rst ./ves-hv/index.rst ./mapper/index.rst + ./prh/index.rst + ./dfc/index.rst |