summaryrefslogtreecommitdiffstats
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/sections/services/ves-http/VES-processingFlow.pngbin44229 -> 0 bytes
-rw-r--r--docs/sections/services/ves-http/architecture.rst32
-rw-r--r--docs/sections/services/ves-http/configuration.rst135
-rw-r--r--docs/sections/services/ves-http/index.rst1
-rw-r--r--docs/sections/services/ves-http/stnd-defined-validation.rst271
-rw-r--r--docs/sections/services/ves-http/ves-processing-flow.drawio1
-rw-r--r--docs/sections/services/ves-http/ves-processing-flow.pngbin0 -> 343561 bytes
-rw-r--r--docs/sections/tls_enablement.rst7
8 files changed, 377 insertions, 70 deletions
diff --git a/docs/sections/services/ves-http/VES-processingFlow.png b/docs/sections/services/ves-http/VES-processingFlow.png
deleted file mode 100644
index 2c765937..00000000
--- a/docs/sections/services/ves-http/VES-processingFlow.png
+++ /dev/null
Binary files differ
diff --git a/docs/sections/services/ves-http/architecture.rst b/docs/sections/services/ves-http/architecture.rst
index 30145509..7a96b095 100644
--- a/docs/sections/services/ves-http/architecture.rst
+++ b/docs/sections/services/ves-http/architecture.rst
@@ -9,16 +9,22 @@ VES Architecture
VES Processing Flow
-------------------
-1) Collector supports different URI based on single or batch event to be received
-2) Post authentication – events are validated for schema. At this point – appropriate return code is sent to client (success/failure)
-3) Event Processor check against transformation rules (if enabled) and handles VES output standardization (e.g. VES 7.x input to VES5.4 output)
-4) Based on domain, events are distributed to configurable topics
-5) Post to outbound topic(s). If DMaaP publish is unsuccessful, messages will be queued per topic within VESCollector
+1. Collector supports different URI based on single or batch event to be received.
+2. Post authentication – events are validated against schema. At this point – appropriate return code is sent to client when validation fails.
+3. Event Processor checks against transformation rules (if enabled) and handles VES output standardization (e.g. VES 7.x input to VES5.4 output).
+4. Optional (activated by flag *collector.externalSchema.checkflag*) post authentication of stndDefined fields – specific fields are validated against schema. At this point – appropriate return code is sent to client when validation fails.
+5. If no problems were detected during previous steps, success HTTP code is being returned.
+6. Based on domain (or stndDefinedNamespace), events are asynchronously distributed to configurable topics.
+ 1. If topic mapping does not exist, event distribution is skipped.
+ 2. Post to outbound topic(s).
+ 3. If DMaaP publish is unsuccessful, messages will be queued per topic within VESCollector.
Note: As the collector is deployed as micro-service, all configuration parameters (including DMaaP topics) are passed to the collector dynamically. VEScollector refreshes the configuration from CBS every 5 minutes
-.. image:: ./VES-processingFlow.png
-
+.. image:: ./ves-processing-flow.png
+.. This image has been created using online editor https://app.diagrams.net/ and can be easily edited there.
+ Editable file version of this image is located in docs/sections/services/ves-http/ves-processing-flow.drawio
+ and might be imported into editor.
VES Schema Validation
---------------------
@@ -28,21 +34,22 @@ VES Collector is configured to support below VES Version; the corresponding API
=========== ================ ==================================
VES Version API version Schema Definition
=========== ================ ==================================
-VES 1.2 eventListener/v1 `CommonEventFormat_Vendors_v25.json <https://git.onap.org/dcaegen2/collectors/ves/tree/etc/CommonEventFormat_Vendors_v25.json>`_
+VES 1.2 eventListener/v1 `CommonEventFormat_Vendors_v25.json <https://git.onap.org/dcaegen2/collectors/ves/tree/etc/CommonEventFormat_Vendors_v25.json>`_
VES 4.1 eventListener/v4 `CommonEventFormat_27.2.json <https://git.onap.org/dcaegen2/collectors/ves/tree/etc/CommonEventFormat_27.2.json>`_
VES 5.4 eventListener/v5 `CommonEventFormat_28.4.1.json <https://git.onap.org/dcaegen2/collectors/ves/tree/etc/CommonEventFormat_28.4.1.json>`_
-VES 7.1.1 eventListener/v7 `CommonEventFormat_30.1.1.json <https://git.onap.org/vnfrqts/requirements/tree/docs/Chapter8/CommonEventFormat_30.1.1_ONAP.json>`_
+VES 7.2 eventListener/v7 `CommonEventFormat_30.2_ONAP.json <https://git.onap.org/dcaegen2/collectors/ves/tree/etc/CommonEventFormat_30.2_ONAP.json>`_
=========== ================ ==================================
-
-
Features Supported
------------------
+
- VES collector deployed as docker containers
- Acknowledgement to sender with appropriate response code (both successful and failure)
- Authentication of the events posted to collector (support 2 types of authentication setting)
- Support single or batch JSON events input
-- Schema validation (against standard VES definition)
+- General schema validation (against standard VES definition)
+- StndDefined fields schema validation
+- Mapping of external schemas to local schema files during stndDefined validation
- Multiple schema support and backward compatibility
- Configurable event transformation
- Configurable suppression
@@ -50,7 +57,6 @@ Features Supported
The collector can receive events via standard HTTP port (8080) or secure port (8443). Depending on the install/configuration – either one or both can be supported (ports are also modifiable).
-
Dynamic configuration fed into Collector via DCAEPlatform
---------------------------------------------------------
diff --git a/docs/sections/services/ves-http/configuration.rst b/docs/sections/services/ves-http/configuration.rst
index 7cf9831f..6f98b29e 100644
--- a/docs/sections/services/ves-http/configuration.rst
+++ b/docs/sections/services/ves-http/configuration.rst
@@ -7,61 +7,86 @@ Configuration
VES expects to be able to fetch configuration directly from consul service in following JSON format:
.. code-block:: json
-
- {
- "collector.dynamic.config.update.frequency": "5",
- "event.transform.flag": "0",
- "collector.schema.checkflag": "1",
- "collector.dmaap.streamid": "fault=ves-fault|syslog=ves-syslog|heartbeat=ves-heartbeat|measurementsForVfScaling=ves-measurement|measurement=ves-measurement|mobileFlow=ves-mobileflow|other=ves-other|stateChange=ves-statechange|thresholdCrossingAlert=ves-thresholdCrossingAlert|voiceQuality=ves-voicequality|sipSignaling=ves-sipsignaling|notification=ves-notification|pnfRegistration=ves-pnfRegistration",
- "collector.service.port": "8080",
- "collector.service.secure.port": "8443",
- "collector.schema.file": "{\"v1\":\"./etc/CommonEventFormat_27.2.json\",\"v2\":\"./etc/CommonEventFormat_27.2.json\",\"v3\":\"./etc/CommonEventFormat_27.2.json\",\"v4\":\"./etc/CommonEventFormat_27.2.json\",\"v5\":\"./etc/CommonEventFormat_28.4.1.json\",\"v7\":\"./etc/CommonEventFormat_30.1.1.json\"}",
- "streams_publishes": {
- "ves-measurement": {
- "type": "message_router",
- "dmaap_info": {
- "topic_url": "http://message-router:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/"
- }
- },
- "ves-fault": {
- "type": "message_router",
- "dmaap_info": {
- "topic_url": "http://message-router:3904/events/unauthenticated.SEC_FAULT_OUTPUT/"
- }
- },
- "ves-pnfRegistration": {
- "type": "message_router",
- "dmaap_info": {
- "topic_url": "http://message-router:3904/events/unauthenticated.VES_PNFREG_OUTPUT/"
- }
- },
- "ves-other": {
- "type": "message_router",
- "dmaap_info": {
- "topic_url": "http://message-router:3904/events/unauthenticated.SEC_OTHER_OUTPUT/"
- }
- },
- "ves-heartbeat": {
- "type": "message_router",
- "dmaap_info": {
- "topic_url": "http://message-router:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/"
- }
- },
- "ves-notification": {
- "type": "message_router",
- "dmaap_info": {
- "topic_url": "http://message-router:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/"
- }
- }
+ {
+ "collector.dynamic.config.update.frequency": "5",
+ "event.transform.flag": "0",
+ "collector.schema.checkflag": "1",
+ "collector.dmaap.streamid": "fault=ves-fault|syslog=ves-syslog|heartbeat=ves-heartbeat|measurementsForVfScaling=ves-measurement|mobileFlow=ves-mobileflow|other=ves-other|stateChange=ves-statechange|thresholdCrossingAlert=ves-thresholdCrossingAlert|voiceQuality=ves-voicequality|sipSignaling=ves-sipsignaling|notification=ves-notification|pnfRegistration=ves-pnfRegistration|3GPP-FaultSupervision=ves-3gpp-fault-supervision|3GPP-Heartbeat=ves-3gpp-heartbeat|3GPP-Provisioning=ves-3gpp-provisioning|3GPP-PerformanceAssurance=ves-3gpp-performance-assurance",
+ "collector.service.port": "8080",
+ "collector.schema.file": "{\"v1\":\"./etc/CommonEventFormat_27.2.json\",\"v2\":\"./etc/CommonEventFormat_27.2.json\",\"v3\":\"./etc/CommonEventFormat_27.2.json\",\"v4\":\"./etc/CommonEventFormat_27.2.json\",\"v5\":\"./etc/CommonEventFormat_28.4.1.json\",\"v7\":\"./etc/CommonEventFormat_30.2_ONAP.json\"}",
+ "collector.keystore.passwordfile": "/opt/app/VESCollector/etc/passwordfile",
+ "streams_publishes": {
+ "ves-measurement": {
+ "type": "message_router",
+ "dmaap_info": {
+ "topic_url": "http://message-router:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/"
+ }
+ },
+ "ves-fault": {
+ "type": "message_router",
+ "dmaap_info": {
+ "topic_url": "http://message-router:3904/events/unauthenticated.SEC_FAULT_OUTPUT/"
+ }
+ },
+ "ves-pnfRegistration": {
+ "type": "message_router",
+ "dmaap_info": {
+ "topic_url": "http://message-router:3904/events/unauthenticated.VES_PNFREG_OUTPUT/"
+ }
+ },
+ "ves-other": {
+ "type": "message_router",
+ "dmaap_info": {
+ "topic_url": "http://message-router:3904/events/unauthenticated.SEC_OTHER_OUTPUT/"
+ }
+ },
+ "ves-heartbeat": {
+ "type": "message_router",
+ "dmaap_info": {
+ "topic_url": "http://message-router:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/"
+ }
},
- "collector.service.secure.port": "8443",
- "auth.method": "certBasicAuth",
- "collector.keystore.file.location": "/opt/app/dcae-certificate/cert.jks",
- "collector.keystore.passwordfile": "/opt/app/dcae-certificate/jks.pass",
- "collector.truststore.file.location": "/opt/app/dcae-certificate/trust.jks",
- "collector.truststore.passwordfile": "/opt/app/dcae-certificate/trust.pass",
- "header.authlist": "sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6|demouser,$2a$10$1cc.COcqV/d3iT2N7BjPG.S6ZKv2jpb9a5MV.o7lMih/GpjJRX.Ce"
+ "ves-notification": {
+ "type": "message_router",
+ "dmaap_info": {
+ "topic_url": "http://message-router:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/"
+ }
+ },
+ "ves-3gpp-fault-supervision": {
+ "type": "message_router",
+ "dmaap_info": {
+ "topic_url": "http://message-router:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT/"
+ }
+ },
+ "ves-3gpp-provisioning": {
+ "type": "message_router",
+ "dmaap_info": {
+ "topic_url": "http://message-router:3904/events/unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT/"
+ }
+ },
+ "ves-3gpp-heartbeat": {
+ "type": "message_router",
+ "dmaap_info": {
+ "topic_url": "http://message-router:3904/events/unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT/"
+ }
+ },
+ "ves-3gpp-performance-assurance": {
+ "type": "message_router",
+ "dmaap_info": {
+ "topic_url": "http://message-router:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT/"
+ }
+ }
+ },
+ "collector.externalSchema.checkflag": 1,
+ "collector.externalSchema.schemasLocation": "./etc/externalRepo",
+ "collector.externalSchema.mappingFileLocation": "./etc/externalRepo/schema-map.json",
+ "event.externalSchema.schemaRefPath": "/event/stndDefinedFields/schemaReference",
+ "event.externalSchema.stndDefinedDataPath": "/event/stndDefinedFields/data",
+ "collector.service.secure.port": "8443",
+ "auth.method": "noAuth",
+ "collector.keystore.file.location": "/opt/app/VESCollector/etc/keystore",
+ "services_calls": [],
+ "header.authlist": "sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6"
}
-
-During ONAP OOM/Kubernetes deployment this configuration is created from VES cloudify blueprint.
+During ONAP OOM/Kubernetes deployment this configuration is created from VES Cloudify blueprint.
diff --git a/docs/sections/services/ves-http/index.rst b/docs/sections/services/ves-http/index.rst
index e1edb4b6..5b56d44f 100644
--- a/docs/sections/services/ves-http/index.rst
+++ b/docs/sections/services/ves-http/index.rst
@@ -24,6 +24,7 @@ VES Collector (HTTP) overview and functions
./delivery.rst
./installation.rst
./tls-authentication.rst
+ ./stnd-defined-validation.rst
API reference
^^^^^^^^^^^^^
diff --git a/docs/sections/services/ves-http/stnd-defined-validation.rst b/docs/sections/services/ves-http/stnd-defined-validation.rst
new file mode 100644
index 00000000..c4184e46
--- /dev/null
+++ b/docs/sections/services/ves-http/stnd-defined-validation.rst
@@ -0,0 +1,271 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+StndDefined Events Collection Mechanism
+=======================================
+
+Description
+-----------
+
+This mechanism can be used to validate any JSON content incoming as JsonNode using OpenAPI standardized schemas.
+During validation externally located schemas are mapped to local schema files.
+
+Validated JSON must have one field that will refer to an external schema, which will be mapped to local file and then
+validation of any chosen part of JSON is executed using local schema.
+
+StndDefined validation is integrated with the event collecting functionality available under the endpoint
+*/eventListener/v7*. Process of event collecting includes steps in the following order:
+
+1. General event validation (1st stage validation)
+2. Event transformation
+3. **StndDefined event validation** (2nd stage validation)
+4. Event routing to DMaaP
+
+Mapping file is cached on stndDefined validator creation, so it's not read every time validation is performed.
+Schemas' content couldn't be cached due to an external library restrictions (OpenAPI4j).
+
+The value of the 'stndDefinedNamespace' field in any incoming stndDefined JSON event is used to match the topic from
+property *collector.dmaap.streamid*.
+
+StndDefined properties
+----------------------
+
+There are 5 additional properties related to stndDefined validation in collector.properties file.
+
++----------------------------------------------+--------------------------------------------------------------------------------+--------------------------------------------------------------------------------+-------------------------------------------------------------------------------+
+| Name | Description | Example | Note |
++==============================================+================================================================================+================================================================================+===============================================================================+
+| collector.externalSchema.checkflag | Flag is responsible for turning on/off stndDefined data validation. | -1 or 1 | |
+| | By default this flag is set to 1, which means that the validation is enabled. | | |
+| | In case flag is set to -1, validation is disabled. | | |
++----------------------------------------------+--------------------------------------------------------------------------------+--------------------------------------------------------------------------------+-------------------------------------------------------------------------------+
+| collector.externalSchema.mappingFileLocation | This should be a local filesystem path to file with mappings of public URLs | etc/externalRepo/schema-map.json | |
+| | to local URLs. | | |
++----------------------------------------------+--------------------------------------------------------------------------------+--------------------------------------------------------------------------------+-------------------------------------------------------------------------------+
+| collector.externalSchema.schemasLocation | Schemas location is a directory under which stndDefined validator will search | ./etc/externalRepo/ and first mapping from example mappingFile below is taken, | |
+| | for local schemas. | validator will look for schema under the path: | |
+| | | ./etc/externalRepo/3gpp/rep/sa5/data-models/blob/REL-16/OpenAPI/faultMnS.yaml | |
++----------------------------------------------+--------------------------------------------------------------------------------+--------------------------------------------------------------------------------+-------------------------------------------------------------------------------+
+| event.externalSchema.schemaRefPath | This is an internal path from validated JSON. It should define which field | /event/stndDefinedFields/schemaReference | In SDK version 1.4.2 this path doesn’t use JSON path notation (with . signs). |
+| | will be taken as public schema reference, which is later mapped. | | It might change in further versions |
++----------------------------------------------+--------------------------------------------------------------------------------+--------------------------------------------------------------------------------+-------------------------------------------------------------------------------+
+| event.externalSchema.stndDefinedDataPath | This is internal path from validated JSON. | /event/stndDefinedFields/data | In SDK version 1.4.2 this path doesn’t use JSON path notation (with . signs). |
+| | It should define which field will be validated. | | It might change in further versions |
++----------------------------------------------+--------------------------------------------------------------------------------+--------------------------------------------------------------------------------+-------------------------------------------------------------------------------+
+
+Format of the schema mapping file is a JSON file with list of mappings, as shown in the example below.
+
+.. code-block:: json
+
+ [
+ {
+ "publicURL": "https://forge.3gpp.org/rep/sa5/data-models/blob/REL-16/OpenAPI/faultMnS.yaml",
+ "localURL": "3gpp/rep/sa5/data-models/blob/REL-16/OpenAPI/faultMnS.yaml"
+ },
+ {
+ "publicURL": "https://forge.3gpp.org/rep/sa5/data-models/blob/REL-16/OpenAPI/heartbeatNtf.yaml",
+ "localURL": "3gpp/rep/sa5/data-models/blob/REL-16/OpenAPI/heartbeatNtf.yaml"
+ },
+ {
+ "publicURL": "https://forge.3gpp.org/rep/sa5/data-models/blob/REL-16/OpenAPI/PerDataFileReportMnS.yaml",
+ "localURL": "3gpp/rep/sa5/data-models/blob/REL-16/OpenAPI/PerDataFileReportMnS.yaml"
+ },
+ {
+ "publicURL": "https://forge.3gpp.org/rep/sa5/data-models/blob/master/OpenAPI/provMnS.yaml",
+ "localURL": "3gpp/rep/sa5/data-models/blob/REL-16/OpenAPI/provMnS.yaml"
+ }
+ ]
+
+
+Requirements for stndDefined validation
+---------------------------------------
+
+To run stndDefined validation, both *collector.schema.checkflag* and *collector.externalSchema.checkflag* must be set to 1.
+
+Despite the flag set, the validation will not start when:
+
+- Domain of the incoming event is not 'stndDefined'.
+- General event validation (1st stage) failed.
+- Field of event referenced under the property *event.externalSchema.schemaRefPath* (by default */event/stndDefinedFields/schemaReference*):
+ - Has an empty value.
+ - Does not exist in the incoming event.
+
+Validation scenarios
+--------------------
+
+Positive scenario, which returns 202 Accepted HTTP code after successful stndDefined validation:
+
+- *collector.schema.checkflag* and *collector.externalSchema.checkflag* is set to 1
+- Mapping file has valid format
+- Schema file mapped from referenced in the event is valid
+- The incoming event is valid against schema
+
+Below are scenarios when, the stndDefined validation will end with failure and return 400 Bad Request HTTP code:
+
+- One of stndDefined data fields has wrong type or value
+- StndDefined data has an empty body or is missing required field
+- Field of event referenced under the property event.externalSchema.schemaRefPath has publicURL which is not mapped in the schemas mappings
+- Field defining public schema in event (by default */event/stndDefinedFields/schemaReference*) after "#" has non existing reference in schema file
+
+Schemas repository description
+------------------------------
+
+Schemas and mapping file location might be configured to any local directory through properties in collector.properties
+as described in 'StndDefined properties' section.
+
+By default schemas repository is located under *etc/externalSchema* directory, as well as schemas mapping file called
+*schema-map.json*. There are files stored in the project repository which are schemas from 3GPP organisation. Every
+organisation which adds or mounts external schemas should store them in folder named by organisation
+name. Further folders structure may be whatever as long as schemas are correctly referenced in the mapping file.
+
+Sample directory tree of *etc* directory:
+
+.. code-block:: text
+
+ etc
+ ├── ...
+ └── externalRepo
+ ├── schema-map.json
+ └── 3gpp
+ └── rep
+ └── sa5
+ └── data-models
+ └── blob
+ └── REL-16
+ └── OpenAPI
+ ├── faultMnS.yaml
+ ├── heartbeatNtf.yaml
+ ├── PerDataFileReportMnS.yaml
+ └── provMnS.yaml
+
+Routing of stndDefined domain events
+------------------------------------
+
+All events, expect those with 'stndDefined' domain, are routed to DMaaP topics basing on domain value. Events with
+'stndDefined' domain are sent to proper topic basing on field 'stndDefinedNamespace'.
+
+This is the only difference from standard event routing, specific for 'stndDefined' domain. As in every other event
+routing value is being mapped for specific DMaaP stream. Stream ID to DMaaP channels mappings are located in
+*etc/collector.properties* file under property *collector.dmaap.streamid*. Channels descriptions are in
+*etc/DmaapConfig.json*, where destination DMaaP topics are selected.
+
+With stndDefined domain managment 4 new mappings were added. Their routing has been described in the table below:
+
+ +---------------------------+--------------------------------+------------------------------------------------------+
+ | Stream ID | Channel | DMaaP Stream |
+ +===========================+================================+======================================================+
+ | 3GPP-FaultSupervision | ves-3gpp-fault-supervision | unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT |
+ +---------------------------+--------------------------------+------------------------------------------------------+
+ | 3GPP-Heartbeat | ves-3gpp-heartbeat | unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT |
+ +---------------------------+--------------------------------+------------------------------------------------------+
+ | 3GPP-Provisioning | ves-3gpp-provisioning | unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT |
+ +---------------------------+--------------------------------+------------------------------------------------------+
+ | 3GPP-PerformanceAssurance | ves-3gpp-performance-assurance | unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT |
+ +---------------------------+--------------------------------+------------------------------------------------------+
+
+
+Error scenarios behaviour
+-------------------------
+
+There are few error scenarios described in 'Validation scenarios' section. This section will describe user point of view
+of VES Collector behaviour when they happen. Messages returned as HTTP response contain data described below for each
+scenario.
+
+1. StndDefined fields validation related errors
+
+1.1. Schema file referred under the path from property *event.externalSchema.schemaRefPath* (by default */event/stndDefinedFields/schemaReference*) not present in the schema repository.
+
+ +---------------------+------------------------------------------------------------------+
+ | Property Name | Property Description |
+ +=====================+==================================================================+
+ | MessageId | SVC2004 |
+ +---------------------+------------------------------------------------------------------+
+ | Text | "Invalid input value for %1 %2: %3" |
+ +---------------------+------------------------------------------------------------------+
+ | Variables | %1 – “attribute” |
+ | | %2 – "event.stndDefinedFields.schemaReference" |
+ | | %3 – "Referred external schema not present in schema repository" |
+ +---------------------+------------------------------------------------------------------+
+ | HTTP status code(s) | 400 Bad request |
+ +---------------------+------------------------------------------------------------------+
+
+1.2. File referred under the path from property *event.externalSchema.schemaRefPath* (by default */event/stndDefinedFields/schemaReference*) exists, but internal reference (part of URL after #) is incorrect.
+
+ +---------------------+-----------------------------------------------------------------------------------------------------------------------------------+
+ | Property Name | Property Description |
+ +=====================+===================================================================================================================================+
+ | MessageId | SVC2000 |
+ +---------------------+-----------------------------------------------------------------------------------------------------------------------------------+
+ | Text | The following service error occurred: %1. Error code is %2 |
+ +---------------------+-----------------------------------------------------------------------------------------------------------------------------------+
+ | Variables | %1 - "event.stndDefinedFields.schemaReference value does not correspond to any external event schema file in externalSchema repo" |
+ | | %2 - "400" |
+ +---------------------+-----------------------------------------------------------------------------------------------------------------------------------+
+ | HTTP status code(s) | 400 Bad request |
+ +---------------------+-----------------------------------------------------------------------------------------------------------------------------------+
+
+1.3. StndDefined validation executed, but event contents do not validate with referenced schema.
+
+ +---------------------+---------------------------------------------------------------------------------------------+
+ | Property Name | Property Description |
+ +=====================+=============================================================================================+
+ | MessageId | SVC2000 |
+ +---------------------+---------------------------------------------------------------------------------------------+
+ | Text | The following service error occurred: %1. Error code is %2 |
+ +---------------------+---------------------------------------------------------------------------------------------+
+ | Variables | %1 - "event.stndDefinedFields.data invalid against event.stndDefinedFields.schemaReference" |
+ | | %2 - "400" |
+ +---------------------+---------------------------------------------------------------------------------------------+
+ | HTTP status code(s) | 400 Bad request |
+ +---------------------+---------------------------------------------------------------------------------------------+
+
+2. Problems with routing of stndDefined domain.
+
+2.1. StndDefinedNamespace field not received in the incoming event.
+
+ +---------------------+-----------------------------------------------------+
+ | Property Name | Property Description |
+ +=====================+=====================================================+
+ | MessageId | SVC2006 |
+ +---------------------+-----------------------------------------------------+
+ | Text | Mandatory input %1 %2 is missing from request |
+ +---------------------+-----------------------------------------------------+
+ | Variables | %1 – “attribute” |
+ | | %2 – "event.commonEventHeader.stndDefinedNamespace" |
+ +---------------------+-----------------------------------------------------+
+ | HTTP status code(s) | 400 Bad Request |
+ +---------------------+-----------------------------------------------------+
+
+2.2. StndDefinedNamespace field present, but value is empty.
+
+ +---------------------+-----------------------------------------------------+
+ | Property Name | Property Description |
+ +=====================+=====================================================+
+ | MessageId | SVC2006 |
+ +---------------------+-----------------------------------------------------+
+ | Text | Mandatory input %1 %2 is empty in request |
+ +---------------------+-----------------------------------------------------+
+ | Variables | %1 – “attribute” |
+ | | %2 – "event.commonEventHeader.stndDefinedNamespace" |
+ +---------------------+-----------------------------------------------------+
+ | HTTP status code(s) | 400 Bad Request |
+ +---------------------+-----------------------------------------------------+
+
+2.3. StndDefinedNamespace field present, but value doesn't match any stream ID mapping.
+
+ +---------------------+-------------------------------------------------------------------------------------------------------------------------------------------+
+ | Property Name | Property Description |
+ +=====================+===========================================================================================================================================+
+ | MessageId | SVC2004 |
+ +---------------------+-------------------------------------------------------------------------------------------------------------------------------------------+
+ | Text | "Invalid input value for %1 %2: %3" |
+ +---------------------+-------------------------------------------------------------------------------------------------------------------------------------------+
+ | Variables | %1 – “attribute” |
+ | | %2 – "event.commonEventHeader.stndDefinedNamespace" |
+ | | %3 – "stndDefinedNamespace received not present in VES Collector routing configuration. Unable to route event to appropriate DMaaP topic" |
+ +---------------------+-------------------------------------------------------------------------------------------------------------------------------------------+
+ | HTTP status code(s) | 400 Bad request |
+ +---------------------+-------------------------------------------------------------------------------------------------------------------------------------------+
+
+
+
diff --git a/docs/sections/services/ves-http/ves-processing-flow.drawio b/docs/sections/services/ves-http/ves-processing-flow.drawio
new file mode 100644
index 00000000..da886a9f
--- /dev/null
+++ b/docs/sections/services/ves-http/ves-processing-flow.drawio
@@ -0,0 +1 @@
+<mxfile host="app.diagrams.net" modified="2020-08-31T13:15:06.255Z" agent="5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" etag="wujBOwi6LDsRcwzydo6K" version="13.6.6" type="device"><diagram id="vMUO8L_1uB_JH7kcPZuJ" name="Page-1">7V3td5pIF/9r8rEeZhhe5mOqJn3atJunydndfupBmCi7yLiATbJ//c4ICPOiogLaRndPI8MAeu/vvt8Zr8zh/OU28RazzzQg0RU0gpcrc3QFIXYB+5cPvOYDlmHnA9MkDPIhUA08hP+SYtAoRpdhQFJhYkZplIULcdCncUz8TBjzkoQ+i9OeaCQ+deFNiTLw4HuROvpHGGSzfNS1jGr8Awmns/LJwCjOzL1ycjGQzryAPteGzPGVOUwozfJ385chiTjtSrrk191sOLv+YAmJsyYXYJuA4cOX8d188umje/v9o/Upemfmd/nhRcviCxcfNnstKZDQZRwQfhPjynz/PAsz8rDwfH72mbGcjc2yecSOAHv7ROPsxpuHEWf3BxL9IFnoe8WJgrsAFsdDGtFk9RDzafVi414UTmM2FpEn9q3ep1lC/ya1iYZhj69v+A3CKKqNXw+HwzG/sUqWglI/SJKRl9pQQaZbQuckS17ZlOKsbeVXFJAFJbOfKwA4ZjFnVmc+RMVMr0DddH3vijHsTcGbPfiENHyyo6wgpMAw+58lLU+8S1ckv2YTTLR4qU6yd1P+9/fxAzvH6Bgx4WG0LG7KPmN+33yWgglGyExkvMiomMZE4lExVPLXZ+whbPw9ZwuDSHRdnJiHQcAfo0WaiMWEZl4WUn4VNlpivW0IvLdMlfdria7zvjPOW0dzHriM8yuWS8wf/yCrO3wlPgkXWVPmV0wALSkEV1UIxuqlA4xGJRRTJZUwuh6PRrgdXEDbHQAoqgVHhQbAcKBRDFZX4DAdhTskYParOKRJNqNTGnvRuBqVhKiac0fpouDaXyTLXgvueMuMijwlL2H2J7+cfdf86FvtzOiluPPq4LU8iNn3rV3ED7/Vz1WXrY6q64JrbsbZ4SSi/t/50E0Y1QFWx9FGZqd0mfhkCzELxyTzkinJtszD+TxO6K3QSUjE1NMP0ZFo3zKYp4QAqAGggsMuCAgAqPCwEQLs6J4kISMY1wAnwkV7/C4uvafhSv2+lEpCND0mcEpdUt4kh2ZxnYSb9Qc5HEp2O6ZGsTP/S9mp62U2Y6Rnyj/jwLtpbG1mdD5Zpg0szQbt3xgIe1gDBwxcV+AW1FkD1xw4GnOArc3YOM4cuBdz0JrY44bmoPQGz8UeGCfFwCH2AOxrD9YYKIKKCgKGBgKBl87W7mrK+JmVl/uRl6ah/zgL4/JUDUrdQwe0blqOgw66uBK96JTOXQkouhJIDkA6diSw4kisXIDfWSwXsL9/hMxCFuZ/klSW3/bm3KbHk5T/uSUxSTz+rCJOlS948Gdk7q1ciZ/CZ5DcO6xzGNyBg1SHAcCuAkig+nwK3Y2C0DKV05m34G8ZWbwoIhGdJt6cEWtRky/hXE3wdjPmhZTZYA2jwMQDBGoYtSVfuCHh2AJrsSRtQMNZpMkZuZ2lBfDFD2xNZ5eyV7fmH9DoERjuX4/p53v6+uHpwf70/3fgvBzB8nPXRHuDIn1MvDh9osk8z6Ze8n2qtrY0NYBN2trurAigFmcurn3Prj2ETcNCdFbaANkX375jOwF7cu6RqJpc2Y1oz7n/QOYGxHGyfEa/3Xyk5iv99/7dcflmcArfogUg9aAxzNb9h9WlDP/ea23CggMj3Ywv00YCvoAhNhawN/ktWw0ZSyodFzM+ZHEwIk9hTPg1P33IaOOBKaaZXXgOUSNU2xEEystkvwlJFHBu3lGfR5Yb2HIJMJsFmC46dYAJdV0JG8OGBn1DgiPXQwwBDMfEROX7BATBU0u9JO66F2CtSW2VcY6hYZwJOuPc8UU+CHRFvuv0NfZnCY3pkkv6I12EPvs7Chntw8kyjyx/pu4iBZJ15HXRegREKWfq21LQYup6j9rQ81pX77h6wElcvf3SSEd4dU5Tr85s26s7Tv4dvZ9Vyutnb7Eo6vMHe0i/SApI9b6A4TZ3v5zOsrtqYq+dPo2vw7prduhdmIHQOuqNVH+pr++8CYnuaRoWSnattzcq9Lq1KPzG+cuU96QPJl4a+oMg9Kbf0zhcfE9WjeLvVz3qtgoi5rZB32fjkfQh1njcDdDAntgWvzf7BEFIJM8wwLbdTcggJwewpsrkakxIZzlL+6TtaQflLI0BBlhKGTAtflz26UzTmaV12mnG7NazW0fByjltKvwcK1ySNb2x+H/9gMMBZwUOU13Vsg5DSOXrqDbqUvjSej3AVQORjV5PZ72NDVIOGpmROFRnhChOlWxDhASz4XJ6bZNwdtBeurhc5LZL5qyGIlfjmaUx/OXYkUUJ0xX9DiSnnvLvrRQllBsBqQu6u+KGHmW69EgnKDvn4NZq6hScFwYdRiADr1+OLaoxaDFRNqqXpKmaItR00MC0q8dg8Sk9AxZdVgC1X8LdXdx3zsrhKa1826tDv4yveG7xhv07jMJa79CuMJ595nCRklos7kd0Gez2ovYvr8iFG4zN4U07vhCQ6i6avj4La/QZMLuKpi3dOuBOzJNpOqIThOy9naC6xGNzP5lvtQT/k/pUyBxgu2awpLo8tAdu/bT0gMb2zDYHiLn9zHV3IXaR/BjXGACMLGgjZLJnYrtX+2Z17JDJuT8vwIGlU0QeQcCEIqod5Ih5Itc9rEtpLXbYhILYcaZ3Env4d1PbJ99u7ybLRfw6DUZ/PpLGctI03O9HTmwgIha68DBJkCtwUK7Cdo11dd3E0VhfY9UFSMSqg/FBWD1WfNZYd7Fdw/o7Dna3R7A3TW6dG9ihgFG7jD/2BrvJCV69xNtCxxk4bq/ot3Ve7HHoP6T7dLsf47qyFLlO61JkGx4Gjk6KELweGcf5QqVv+pPh3kGyLy53PTQFviN59Vgu1G7A+b59lI68X0gvfZRlnaYmRUMaP4VTNd8ttuYYX5cRSRWJu/Tg6XvwANC1AvTahGc3yIjnpCp3LgNXW+vkTxF99mdekg0C6i/njFZwAxPzxAHPlVt78G0TdzT8NAFqK4iXMtMAabZ0Qrqa+DoV3T7n1CacC+fUUpQhc06zCKtvzrkXzjXgHJQ5p9kdpW/O6YKrPZOkUJckHX32vPvDW1vbbFk9uiWgOYsRVDZJ1LC4o2ZVfRPC2XQaNa6DQCRWQgYGWGeYOl3l1n6viNM0d2Q3TbL21EhknRI14BDUWFDIpfPECTi2Pe0NwuagoA6ZQLJsRRl5U7S564JuokBHzaX8xm7EzJQxnHlxzPdollG/Ltm9kUYnaYU/WG/L1qDLqY0NPbdl4Dtp7TYQLxHtWkJ5Bdn/xpjpBTbF+EzSlO+QfWnoPlVDtxQEQRcMoAaoOlfLgfIGkq3hVM0ytYpTzdLdC07PG6fylmOg2vvyhDjV7W9/welbxqm8ewY6C5x23NdzTJkWw3qZlhcN96+gNQoQthmaM6lC2ZZYNBV9e947jzGSO0P3rsxaUPJMO2tD0JJcLSt8oQoaz2ONdgsKYZ1ULvdl7DGPpSW/2vD0lsivrc70SX41wf+WyO9qdqjoivzaTRRV8n/TVKV/Gfqb8q6wtuqL9Er/suWtdY/5OuFL78RtgiRHWfaJV3s/eWV7AvlnGSa8QJZqNhhaRpzXwg8L7O9bn+UeUAgPyl95KVu+kIoRaGpA0soGUHqUqPH/ry2m8s9CaZYC9CumRwcMPS/h2Xe1+lbltHt9znmFDaa8gZe8QKRpaICk6NXpcO9HLQPU2OBNyb1zcvN89HKIw7ZkFRYJdbkedZ+dtRsv1DuZ3G9dKurIa+Wbr9gRFzx01cEq1x6cHbVOeb7rGNvnS+styp1sG98f7zcf7/g8m+jaVqlWj221F/BNqVSs2cyyM5Wq2+ROLbn+0gG/9OO2tqaNuVfyqwbtTcEf6H5duCUGsMPq56VzfVX9Rrc5/g8=</diagram></mxfile> \ No newline at end of file
diff --git a/docs/sections/services/ves-http/ves-processing-flow.png b/docs/sections/services/ves-http/ves-processing-flow.png
new file mode 100644
index 00000000..dc7d284a
--- /dev/null
+++ b/docs/sections/services/ves-http/ves-processing-flow.png
Binary files differ
diff --git a/docs/sections/tls_enablement.rst b/docs/sections/tls_enablement.rst
index ec23f65b..3eb23007 100644
--- a/docs/sections/tls_enablement.rst
+++ b/docs/sections/tls_enablement.rst
@@ -176,6 +176,8 @@ This external TLS support doesn't influence ONAP internal traffic which is prote
* A string (``common_name``) that indicates common name which should be present in certificate. Specific for every blueprint (e.g. dcae-ves-collector for VES).
* A string (``sans``) that indicates list of Subject Alternative Names (SANs) which should be present in certificate. Delimiter - : Should contain common_name value and other FQDNs under which given component is accessible.
+ As a final step of the plugin the generated CMPv2 truststore entries will be appended to AAF CA truststore (see certificate artifacts below).
+
Example
.. code-block:: yaml
@@ -207,6 +209,7 @@ This external TLS support doesn't influence ONAP internal traffic which is prote
* ``keystore.pass``: A text file with a single line that contains the password for the ``keystore.p12`` keystore.
* ``truststore.p12``: A truststore containing the operator certificate. (Needed by clients that access TLS-protected servers in external traffic.)
* ``truststore.pass``: A text file with a single line that contains the password for the ``truststore.p12`` keystore.
- * ``trust.jks``: The AAF CA certificate and private key packaged in Java form.
- * ``trust.pass``: A text file with a single line that contains the password for ``trust.jks`` file.
+ * ``trust.jks``: A file with the AAF CA certificate and CMPv2 certificate with private key packaged in Java form.
+ * ``trust.jks.bak``: The (original) file with the AAF CA certificate only.
+ * ``trust.pass``: A text file with a single line that contains the password for ``trust.jks`` and ``trust.jks.bak`` file.
* ``cacert.pem``: The AAF CA certificate, in PEM form.