15 files changed, 495 insertions, 0 deletions
diff --git a/docs/sections/services/dfc/administration.rst b/docs/sections/services/dfc/administration.rst
new file mode 100644
index 00000000..43845a0e
--- /dev/null
+++ b/docs/sections/services/dfc/administration.rst
@@ -0,0 +1,15 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Administration
+==============
+DFC has a healthcheck functionality. The service can then be started and stopped through an API. One can also check the liveliness of the service.
+
+Main API Endpoints
+""""""""""""""""""
+Running with dev-mode of DFC
+    - Heartbeat: **http://<container_address>:8100/heartbeat** or **https://<container_address>:8433/heartbeat**
+    - Start DFC: **http://<container_address>:8100/start** or **https://<container_address>:8433/start**
+    - Stop DFC: **http://<container_address>:8100/stopDatafile** or **https://<container_address>:8433/stopDatafile**
+
+The external port allocated for 8100 (http) is 30245.
diff --git a/docs/sections/services/dfc/architecture.rst b/docs/sections/services/dfc/architecture.rst
new file mode 100644
index 00000000..1ee922af
--- /dev/null
+++ b/docs/sections/services/dfc/architecture.rst
@@ -0,0 +1,31 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Architecture
+============
+
+Introduction
+""""""""""""
+DataFile Collector (DFC) is a part of DCAEGEN2. Some information about DFC and the reasons of its implementation can be found here: `5G bulk PM wiki page`_.
+
+.. _5G bulk PM wiki page: https://wiki.onap.org/display/DW/5G+-+Bulk+PM
+
+DFC will handle the collection of bulk PM data flow:
+    1. Subscribes to fileReady DMaaP topic
+    2. Collects the file from the xNF
+    3. Sends new event to DataRouter with file.
+
+
+DFC is delivered as one **Docker container** which hosts application server and can be started by `docker-compose`.
+See `Delivery`_ for more information about the docker container.
+
+.. _Delivery: ./delivery.html
+
+Functionality
+"""""""""""""
+.. image:: ../../images/DFC.png
+
+Interaction
+"""""""""""
+DFC will interact with the DMaaP Message Router and with the Data Router via secured protocol, using json files.
+So far, the implemented protocols are sftp and ftp(e)s.
diff --git a/docs/sections/services/dfc/configuration.rst b/docs/sections/services/dfc/configuration.rst
new file mode 100644
index 00000000..d57a85f1
--- /dev/null
+++ b/docs/sections/services/dfc/configuration.rst
@@ -0,0 +1,98 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Configuration
+=============
+
+**datafile** configuration is controlled via a single JSON file called datafile_endpoints.json.
+This is located under datafile-app-server/config.
+
+JSON CONFIGURATION EXPLAINED
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Variables of interest (e.g. variables that should be inspected/modifed for a specific runtime environment) are listed below for convenience.  The entire file is provided later in this page for reference.
+
+dmaapConsumerConfiguration
+""""""""""""""""""""""""""
+
+.. code-block:: json
+
+  "dmaapHostName": <name of DMaaP/MR host>
+  "dmaapPortNumber": <DMaaP/MR host port>
+  "dmaapTopicName": "/events/unauthenticated.VES_NOTIFICATION_OUTPUT"
+  "dmaapProtocol": "http"
+  "dmaapUserName": ""
+  "dmaapUserPassword": ""
+  "dmaapContentType": "application/json"
+  "consumerId": "C12"
+  "consumerGroup": "OpenDcae-c12"
+  "timeoutMS": -1
+  "messageLimit": 1
+
+dmaapProducerConfiguration
+""""""""""""""""""""""""""
+
+.. code-block:: json
+
+  "dmaapHostName": <name of DMaaP/DR host>
+  "dmaapPortNumber": <DMaaP/DR host port>
+  "dmaapTopicName": "publish"
+  "dmaapProtocol": "httpa"
+  "dmaapUserName": "dradmin"
+  "dmaapUserPassword": "dradmin"
+  "dmaapContentType": "application/octet-stream"
+
+ftpesConfiguration
+""""""""""""""""""
+
+.. code-block:: json
+
+  "keyCert": <path to DFC certificate>
+  "keyPassword": <pssword for DFC certificate>
+  "trustedCA": <path to xNF certificate>
+  "trustedCAPassword": <password for xNF certificate>
+
+
+Sample JSON configuration
+"""""""""""""""""""""""""
+
+The format of the JSON configuration that drives all behavior of DFC is probably best described using an example:
+
+.. code-block:: json
+
+  {
+    "configs": {
+      "dmaap": {
+        "dmaapConsumerConfiguration": {
+          "dmaapHostName": "localhost",
+          "dmaapPortNumber": 2222,
+          "dmaapTopicName": "/events/unauthenticated.VES_NOTIFICATION_OUTPUT",
+          "dmaapProtocol": "http",
+          "dmaapUserName": "",
+          "dmaapUserPassword": "",
+          "dmaapContentType": "application/json",
+          "consumerId": "C12",
+          "consumerGroup": "OpenDcae-c12",
+          "timeoutMS": -1,
+          "messageLimit": 1
+        },
+        "dmaapProducerConfiguration": {
+          "dmaapHostName": "localhost",
+          "dmaapPortNumber": 3907,
+          "dmaapTopicName": "publish",
+          "dmaapProtocol": "https",
+          "dmaapUserName": "dradmin",
+          "dmaapUserPassword": "dradmin",
+          "dmaapContentType": "application/octet-stream"
+        }
+      },
+      "ftp": {
+        "ftpesConfiguration": {
+          "keyCert": "config/ftpKey.jks",
+          "keyPassword": "secret",
+          "trustedCA": "config/cacerts",
+          "trustedCAPassword": "secret"
+        }
+      }
+    }
+  }
diff --git a/docs/sections/services/dfc/delivery.rst b/docs/sections/services/dfc/delivery.rst
new file mode 100644
index 00000000..233e2543
--- /dev/null
+++ b/docs/sections/services/dfc/delivery.rst
@@ -0,0 +1,12 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Delivery
+========
+
+Docker Container
+----------------
+
+**datafile** is delivered as a docker container that can be downloaded from onap:
+
+    ``docker run -d -p 8100:8100 -p 8433:8433  nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.datafile``
diff --git a/docs/sections/services/dfc/index.rst b/docs/sections/services/dfc/index.rst
new file mode 100644
index 00000000..176c403c
--- /dev/null
+++ b/docs/sections/services/dfc/index.rst
@@ -0,0 +1,19 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+
+DATAFILE COLLECTOR MS (DFC)
+=============================
+
+.. Add or remove sections below as appropriate for the platform component.
+
+.. toctree::
+   :maxdepth: 1
+
+   ./architecture.rst
+   ./delivery.rst
+   ./logging.rst
+   ./installation.rst
+   ./configuration.rst
+   ./administration.rst
+   ./release-notes.rst
diff --git a/docs/sections/services/dfc/installation.rst b/docs/sections/services/dfc/installation.rst
new file mode 100644
index 00000000..ffaa580e
--- /dev/null
+++ b/docs/sections/services/dfc/installation.rst
@@ -0,0 +1,25 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Installation
+============
+
+An environment suitable for running docker containers is recommended.
+
+As a docker container
+---------------------
+
+**datafile** is delivered as a docker container based on openjdk:8-jre-alpine.  The
+host or VM that will run this container must have the docker application
+loaded and available to the userID that will be running the DFC container.
+
+Also required is a working DMAAP/MR and DMAAP/DR environment.  datafile
+subscribes to DMAAP/MR fileReady event as JSON messages and publishes the downloaded files to the DMAAP/DR.
+
+Installation
+^^^^^^^^^^^^
+
+The following command will download the latest datafile container from
+nexus and launch it in the container named "datafile":
+
+    ``docker run -d -p 8100:8100 -p 8433:8433  nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.datafile``
diff --git a/docs/sections/services/dfc/logging.rst b/docs/sections/services/dfc/logging.rst
new file mode 100644
index 00000000..b6ac7930
--- /dev/null
+++ b/docs/sections/services/dfc/logging.rst
@@ -0,0 +1,13 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Logging
+=======
+
+Logging is controlled by the configuration provided to **datafile** in the application.yaml
+file located in datafile-app-server/config folder.
+
+
+**Where is the log file?**
+
+The log file is located under /opt/log and called application.log.
diff --git a/docs/sections/services/dfc/release-notes.rst b/docs/sections/services/dfc/release-notes.rst
new file mode 100644
index 00000000..fb66ebb6
--- /dev/null
+++ b/docs/sections/services/dfc/release-notes.rst
@@ -0,0 +1,41 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Release Notes
+=============
+
+Version: 1.0.4
+--------------
+
+:Release Date: 2018-11-08 (Casablanca)
+
+
+**New Features**
+
+All DFC features from v1.0.4 are new.
+
+
+**Bug Fixes**
+
+This is the initial release.
+
+
+**Known Issues**
+
+No known issues.
+
+
+**Known limitations**
+
+ - DFC has only be tested successfully with one node.
+ - The certificates are distributed hand to hand, no automated process.
+
+
+**Security Issues**
+
+No known security issues.
+
+
+**Upgrade Notes**
+
+This is the initial release.
diff --git a/docs/sections/services/prh/architecture.rst b/docs/sections/services/prh/architecture.rst
new file mode 100644
index 00000000..090c405e
--- /dev/null
+++ b/docs/sections/services/prh/architecture.rst
@@ -0,0 +1,15 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+PRH Architecture
+================
+
+**PRH** is a new DCAE micro-service which participates in the Physical Network Function Plug and Play (PNF PnP)
+procedure. PNF PnP is used to register PNF when it comes online.
+
+PRH Processing Flow
+-------------------
+
+.. image:: ../../images/prhAlgo.png
+
+
diff --git a/docs/sections/services/prh/authorization.rst b/docs/sections/services/prh/authorization.rst
new file mode 100644
index 00000000..fe5ed40b
--- /dev/null
+++ b/docs/sections/services/prh/authorization.rst
@@ -0,0 +1,60 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+.. _authorization:
+
+SSL/TLS Authentication & Authorization
+======================================
+
+| PRH does not perform any authorization in AAF, as the only endpoint which is provided by the service is the healthcheck, which is unsecured.
+| For authentication settings there is a possibility to change from default behavior to certificate-based solution independently for DMaaP and AAI communication.
+
+AAI authentication
+^^^^^^^^^^^^^^^^^^
+
+Default
+"""""""
+| By default basic authentication is being used with following credentials:
+| user=AAI
+| password=AAI
+
+Certificate-based
+"""""""""""""""""
+| There is an option to enable certificate-based authentication for PRH towards AAI service calls.
+| To achieve this secure flag needs to be turned on in PRH :ref:`configuration<prh_configuration>` :
+
+.. code-block:: json
+  security.enableAaiCertAuth=true
+
+DMaaP BC authentication
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Default
+"""""""
+| By default basic authentication is being used with following credentials (for both DMaaP consumer and DMaaP publisher endpoints):
+| user=admin
+| password=admin
+
+Certificate-based
+""""""""""""""""""
+| There is an option to enable certificate-based authentication for PRH towards DMaaP Bus Controller service calls.
+| To achieve this secure flag needs to be turned on in PRH :ref:`configuration<prh_configuration>` :
+
+.. code-block:: json
+  --security.enableDmaapCertAuth=true
+
+PRH identity and certificate data
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+| PRH is using ``dcae`` identity when certificate-based authentication is turned on.
+| It's the DCAEGEN2 responsibility to generate certificate for dcae identity and provide it to the collector.
+|
+| PRH by default expects that the volume ``tls-info`` is being mounted under path ``/opt/app/prh/etc/cert``.
+| It's the component/collector responsibility to provide necessary inputs in Cloudify blueprint to get the volume mounted.
+| See :doc:`../../tls_enablement` for detailed information.
+|
+| PRH is using four files from ``tls-info`` DCAE volume (``cert.jks, jks.pass, trust.jks, trust.pass``).
+| Refer :ref:`configuration<prh_configuration>` for proper security attributes settings.
+|
+| **IMPORTANT** Even when certificate-based authentication security features are disabled,
+| still all security settings needs to be provided in configuration to make PRH service start smoothly.
+| Security attributes values are not validated in this case, and can point to non-existent data.
diff --git a/docs/sections/services/prh/configuration.rst b/docs/sections/services/prh/configuration.rst
new file mode 100644
index 00000000..0e4109cf
--- /dev/null
+++ b/docs/sections/services/prh/configuration.rst
@@ -0,0 +1,60 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+.. _prh_configuration:
+
+Configuration
+=============
+
+PRH expects to be able to fetch configuration directly from consul service in following JSON format:
+
+.. code-block:: json
+
+  {
+    "aai": {
+      "aaiClientConfiguration": {
+        "aaiHost": "aai.onap.svc.cluster.local",
+        "aaiHostPortNumber": 8443,
+        "aaiIgnoreSslCertificateErrors": true,
+        "aaiProtocol": "https",
+        "aaiUserName": "AAI",
+        "aaiUserPassword": "AAI",
+        "aaiBasePath": "/aai/v12",
+        "aaiPnfPath": "/network/pnfs/pnf",
+      }
+    },
+    "dmaap": {
+      "dmaapConsumerConfiguration": {
+        "consumerGroup": "OpenDCAE-c12",
+        "consumerId": "c12",
+        "dmaapContentType": "application/json",
+        "dmaapHostName": "message-router.onap.svc.cluster.local",
+        "dmaapPortNumber": 3904,
+        "dmaapProtocol": "http",
+        "dmaapTopicName": "/events/unauthenticated.VES_PNFREG_OUTPUT",
+        "dmaapUserName": "admin",
+        "dmaapUserPassword": "admin",
+        "messageLimit": -1,
+        "timeoutMs": -1
+      },
+      "dmaapProducerConfiguration": {
+        "dmaapContentType": "application/json",
+        "dmaapHostName": "message-router.onap.svc.cluster.local",
+        "dmaapPortNumber": 3904,
+        "dmaapProtocol": "http",
+        "dmaapTopicName": "/events/unauthenticated.PNF_READY",
+        "dmaapUserName": "admin",
+        "dmaapUserPassword": "admin"
+      }
+    },
+    "security": {
+      "trustStorePath": "/opt/app/prh/etc/cert/trust.jks",
+      "trustStorePasswordPath": "/opt/app/prh/etc/cert/trust.pass",
+      "keyStorePath": "/opt/app/prh/etc/cert/cert.jks",
+      "keyStorePasswordPath": "/opt/app/prh/etc/cert/jks.pass",
+      "enableAaiCertAuth": "false",
+      "enableDmaapCertAuth": "false"
+    }
+  }
+
+The configuration is created from PRH Cloudify blueprint by specifying **application_config** node during ONAP OOM/Kubernetes deployment.
diff --git a/docs/sections/services/prh/delivery.rst b/docs/sections/services/prh/delivery.rst
new file mode 100644
index 00000000..3369376e
--- /dev/null
+++ b/docs/sections/services/prh/delivery.rst
@@ -0,0 +1,9 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Delivery
+========
+
+**PRH** is delivered as a docker container and published in ONAP Nexus repository in the following image naming convention.
+
+Full image name is `onap/org.onap.dcaegen2.services.prh.prh-app-server`.
+\ No newline at end of file
diff --git a/docs/sections/services/prh/index.rst b/docs/sections/services/prh/index.rst
new file mode 100644
index 00000000..e3ba5bd9
--- /dev/null
+++ b/docs/sections/services/prh/index.rst
@@ -0,0 +1,29 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+
+PNF Registration Handler (PRH)
+==============================
+
+.. Add or remove sections below as appropriate for the platform component.
+
+**PNF Registration Handler** is a micro-service in DCAE used during Physical Network Function (PNF) Plug-n-Play to process
+the PNF Registration event.
+
+
+PRH overview and functions
+--------------------------
+
+.. toctree::
+   :maxdepth: 1
+
+   ./architecture
+   ./configuration
+   ./delivery
+   ./installation
+   ./authorization
+
+API reference
+^^^^^^^^^^^^^
+
+Refer to :doc:`PRH offered APIs<../../apis/PRH>` for detailed PRH api information.
diff --git a/docs/sections/services/prh/installation.rst b/docs/sections/services/prh/installation.rst
new file mode 100644
index 00000000..22dab33e
--- /dev/null
+++ b/docs/sections/services/prh/installation.rst
@@ -0,0 +1,66 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Installation
+============
+
+Following docker-compose-yaml file shows default configuration and can be run using `docker compose up` command:
+
+.. code-block:: yaml
+
+  version: '3'
+  services:
+    prh:
+      image: nexus3.onap.org:10003/onap/org.onap.dcaegen2.services.prh.prh-app-server
+      command: >
+        --dmaap.dmaapConsumerConfiguration.dmaapHostName=10.42.111.36
+        --dmaap.dmaapConsumerConfiguration.dmaapPortNumber=8904
+        --dmaap.dmaapConsumerConfiguration.dmaapTopicName=/events/unauthenticated.SEC_OTHER_OUTPUT
+        --dmaap.dmaapConsumerConfiguration.dmaapProtocol=http
+        --dmaap.dmaapConsumerConfiguration.dmaapUserName=admin
+        --dmaap.dmaapConsumerConfiguration.dmaapUserPassword=admin
+        --dmaap.dmaapConsumerConfiguration.dmaapContentType=application/json
+        --dmaap.dmaapConsumerConfiguration.consumerId=c12
+        --dmaap.dmaapConsumerConfiguration.consumerGroup=OpenDCAE-c12
+        --dmaap.dmaapConsumerConfiguration.timeoutMS=-1
+        --dmaap.dmaapConsumerConfiguration.message-limit=-1
+        --dmaap.dmaapProducerConfiguration.dmaapHostName=10.42.111.36
+        --dmaap.dmaapProducerConfiguration.dmaapPortNumber=8904
+        --dmaap.dmaapProducerConfiguration.dmaapTopicName=/events/unauthenticated.PNF_READY
+        --dmaap.dmaapProducerConfiguration.dmaapProtocol=http
+        --dmaap.dmaapProducerConfiguration.dmaapUserName=admin
+        --dmaap.dmaapProducerConfiguration.dmaapUserPassword=admin
+        --dmaap.dmaapProducerConfiguration.dmaapContentType=application/json
+        --aai.aaiClientConfiguration.aaiHostPortNumber=30233
+        --aai.aaiClientConfiguration.aaiHost=10.42.111.45
+        --aai.aaiClientConfiguration.aaiProtocol=https
+        --aai.aaiClientConfiguration.aaiUserName=admin
+        --aai.aaiClientConfiguration.aaiUserPassword=admin
+        --aai.aaiClientConfiguration.aaiIgnoreSSLCertificateErrors=true
+        --aai.aaiClientConfiguration.aaiBasePath=/aai/v11
+        --aai.aaiClientConfiguration.aaiPnfPath=/network/pnfs/pnf
+        --security.enableAaiCertAuth=false
+        --security.enableDmaapCertAuth=false
+        --security.keyStorePath=/opt/app/prh/etc/cert/cert.jks
+        --security.keyStorePasswordPath=/opt/app/prh/etc/cert/jks.pass
+        --security.trustStorePath=/opt/app/prh/etc/cert/trust.jks
+        --security.trustStorePasswordPath=/opt/app/prh/etc/cert/trust.pass
+      entrypoint:
+        - java
+        - -Dspring.profiles.active=dev
+        - -jar
+        - /opt/prh-app-server.jar
+      ports:
+        - "8100:8100"
+        - "8433:8433"
+      restart: always
+
+
+Running with dev-mode of PRH
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Heartbeat: http://<container_address>:8100/heartbeat or https://<container_address>:8443/heartbeat
+
+Start prh: http://<container_address>:8100/start or https://<container_address>:8433/start
+
+Stop prh: http://<container_address>:8100/stopPrh or https://<container_address>:8433/stopPrh
+\ No newline at end of file
diff --git a/docs/sections/services/serviceindex.rst b/docs/sections/services/serviceindex.rst
index ff6e9516..c500a051 100644
--- a/docs/sections/services/serviceindex.rst
+++ b/docs/sections/services/serviceindex.rst
@@ -14,3 +14,5 @@ Service components under DCAE
    ./ves-http/index.rst
    ./ves-hv/index.rst
    ./mapper/index.rst
+   ./prh/index.rst
+   ./dfc/index.rst