[DOC] vFWCL design tutorial

This describes step by step instructions for vfwcl design

Change-Id: Ie6f88703e1923c06dec7ad45db78ef847cb68607
Issue-ID: DOC-708
Signed-off-by: ramagp <ramakrishnagp@aarnanetworks.com>
(cherry picked from commit e47c7f67b3afeccad18e170c021fea6d36c054a8)

26 files changed, 252 insertions, 0 deletions

diff --git a/docs/guides/onap-user/index.rst b/docs/guides/onap-user/index.rst
index c3369bf0d..6ffccaeaf 100644
--- a/docs/guides/onap-user/index.rst
+++ b/docs/guides/onap-user/index.rst
@@ -42,6 +42,7 @@ Tutorials
 
    vFW Design Tutorial <./vfw-design-tutorial/index.rst>
    vFW Deployment Tutorial <./vfw-deployment-tutorial/index.rst>
+   vFWCL Design Tutorial <./vfwcl-design-tutorial/index.rst>
 
 Verified Use Cases
 ------------------
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/index.rst b/docs/guides/onap-user/vfwcl-design-tutorial/index.rst
new file mode 100644
index 000000000..db68382e0
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/index.rst
@@ -0,0 +1,251 @@
+.. This work is licensed under a Creative Commons Attribution 4.0
+.. International License. http://creativecommons.org/licenses/by/4.0
+.. Copyright © 2017-2020 Aarna Networks, Inc.
+
+vFWCL Design Tutorial
+#####################
+
+The instructions in this section will enable you to design the vFW Control Loop. The prerequisite for this tutorial is that the
+vFW_service design/deployment/instantiation should be completed.
+
+Control Loop Flow
+=================
+
+This section describes the vFW control loop flow and the modules involved. Following is the list of modules
+that are involved in designing and deploying the vFW CL
+
+ 1) SDC: The first step of the procedure is to distribute the DCAE (TCA microservice) blueprint. That is done through ONAP SDC.
+ 2) CLAMP: This is a tool for designing the policy and configuring the TCA threshold. CLAMP, along with DCAE, can also be used
+    to manage the lifecycle of CLs
+ 3) DCAE (platform and micro services): Multiple components of the DCAE module get involved in the overall lifecycle of the CL.
+ 4) TCA: The CDAP threshold controlling application is a DCAE microservice.
+ 5) ONAP Policy engine: The output of DCAE is sent to the Policy engine as an input event. We will use the DROOLS Policy engine.
+ 6) APPC : The last hop in the CL, which takes the config action on the vPG on the output of the Policy engine.
+
+Distribute DCAE blueprints
+==========================
+
+In order to distribute the DCAE microservice blueprints we need to create a dummy service. The DCAE blueprint will be added as an artifact
+to the VF inside the service during service composition time.
+
+Follow the below steps to upload the blueprint for the TCA (Threshold Checking Application) DCAE microservice and Distribute the service to the CLAMP
+
+The following screenshot of the setup shows where “dcae_service” has been created and is in the composition phase.
+
+.. note::
+  The service name should not contain any spaces. The DCAE policy fails to fetch the service from PDP if the name has a space.
+  For example ‘dcae1’ will work and ‘dcae 1’ will not.
+
+1. Login as DESIGNER (cs0008) and create the service, checkin and certify
+
+|image16|
+
+2. Add any VNF (ex: vfw_pg) that was already created during the SDC design phase
+
+In the composition canvas drag and drop a resource of type VF from the abstract section in the Elements section (left hand side panel)
+
+|image15|
+
+3. Download the required DCAE MS blueprint to be attached to the service
+
+Use the sample TCA blueprint located here:
+https://git.onap.org/dcaegen2/platform/blueprints/tree/blueprints/k8s-tcagen2-clampnode.yaml
+
+.. note::
+  * Check if the version of the plugin used in the blueprint is different from existing, then update the blueprint import to match
+  * To check the version run this: `cfy plugins list | grep k8splugin`
+
+4. Now upload the Control Loop Artifact. The procedure to upload the artifact is
+
+ * Click on the VF, as in the picture above the ‘vsp_pg 0’ is selected
+ * Click on ‘DEPLOYMENT ARTIFACTS’  and then click on “Add Artifact”
+
+ |image5|
+
+ * Fill the details and in the type select DCAE_INVENTORY_BLUEPRINT, then click on Done as in the picture shown below
+
+ |image13|
+
+5. After uploading the DCAE artifact to the SDC Service, attach the policy model to the Service. From the left drop down,
+select TCA policy under Policies, and click on the Add policy
+
+|image1|
+
+6. Click on Checkin on top right corner then click OK
+
+|image12|
+
+7. Search and select the same service from CATALOG and click on Certify on top right corner
+
+|image14|
+
+8. Click Distribute to distribute the service, then click on Distribution in the left hand side panel and monitor until
+the distribution is complete. We should see artifacts deployed in CLAMP and Policy engine, as can be seen in the picture below
+
+|image19|
+
+At this point we can open the CLAMP GUI and verify that the DCAE microservice design template is in place
+
+DCAE MS design in CLAMP
+=======================
+
+CLAMP is a GUI tool which enables the users to design the policies, distribute them to the DROOLS engine and eventually deploy
+the DCAE microservices. In this section we are going to design, distribute and deploy the BRMS (DROOLS) and TCA policy.
+
+Clamp uses AAF to authenticate the user and get the different permissions. In order to access the CLAMP GUI we will need to add the certificate.
+
+1. Add the necessary certificates in the browser
+
+The default certificate can be found here: https://gerrit.onap.org/r/gitweb?p=clamp.git;a=blob;f=src/main/resources/clds/aaf/org.onap.clamp.p12;h=268aa1a3ce56e01448f8043cc0b05b5fceb5a47d;hb=HEAD
+
+The password is:  "China in the Spring"
+The certificate must be loaded into your favorite browser before trying to load the CLAMP UI.
+
+Ex: In case of Firefox browser, below is the procedure on how to add the certificate
+
+Open firefox browser and go to Preferences and search for Certificate Manager and Select “View Certificates“ button.
+This will open the following dialog to import certificate files from Your certificates menu.
+
+You need to go in options->Privacy & Security-> Scroll down to Certificates options a View Certificates Button
+and then Your certificates Tab -> Then Import button
+
+|image6|
+
+2. After the certificate is added, the CLAMP GUI can be accessed at:
+`https://<host_IP>:30258` (host_IP is the node IP where CLAMP is running)
+
+3. Before designing the policy we need to undeploy the default tca policy.
+To undeploy default policy execute the below commands on control node
+
+.. code-block::
+
+  > kubectl get deployments -n onap | grep "dep-dcae-tca-analytics\|dcaegen2-analytics-tca" | awk '{print $1}' |
+    xargs kubectl delete deployments -n onap
+  > kubectl get svc -n onap | grep "dcae-tca-analytics\|dcaegen2-analytics-tca" | awk '{print $1}' |
+    xargs kubectl delete svc -n onap
+    To Verify there are no dcae-analytics POD, run the below command
+  > kubectl get pods -n onap | grep 'analytics'
+
+4. If the service has been distributed correctly, following is how the service design templates
+listed in the Loop Templates as below
+
+|image7|
+
+Available Policy Models
+
+|image10|
+
+5. Create the loop from the templates distributed by SDC
+
+|image4|
+
+|image20|
+
+6. Add the Operational Policy
+Click on Loop Instance drop down and select Modify then click, select the policy model type then click Add
+
+|image9|
+
+|image3|
+
+7. Click on the MS application box and configure
+Fill the details in the pop up window and click on the save changes button.
+
+ A. Click on app and Edit the Policy details, fill the below details
+
+  * eventName: vFirewallBroadcastPackets
+  * policyScope: DCAE
+  * policyVersion: v0.0.1
+  * Select controlLoopSchemaType as VM
+  * policyName: DCAE.Config_tca-hi-lo
+  * Select Pdp Group Info from the drop down as defaultGroup & xacm
+
+ |image17|
+
+ B. Click on the Add monitoring threshold1 button and fill the below details
+
+  * version : 1.0.2
+  * closedLoopControlName : name of the CL (ex: LOOP_TEMPLATE_mytest_srv_v1_0_vsp_pg0_k8s-tca)
+  * select the direction from dropdown (ex: LESS)
+
+ |image11|
+
+ C. Click on the Add monitoring threshold2 button and fill the details same as above then click on Save Changes button
+
+ |image24|
+
+8. Click on the Operational policy box and configure
+Fill the details in the pop window then click on save changes
+
+|image22|
+
+|image18|
+
+9. Submit the control loop to the policy
+From Loop Operations drop down select SUBMIT and click
+
+|image23|
+
+10. Deploy the control loop to DCAE
+From Loop Operations drop down select DEPLOY and click, verify the details and click Deploy
+
+|image2|
+
+|image8|
+
+Status Logs
+
+|image21|
+
+A successful deployment will make the service as DEPLOYED
+
+11. You can login into the control node and verify whether your new analytics application got deployed using below command
+
+.. code-block::
+
+  > kubectl get pods -n onap | grep analytics
+  Sample output
+  dep-dcae-tca-analytics-7fccbf459-xkxlq             2/2     Running      0          6m15s
+
+  > cfy deployment  list | grep CLAMP
+  Sample output
+  | CLAMP_615bb47a-ea3e-4a02-8928-0564df900826 | CLAMP_615bb47a-ea3e-4a02-8928-0564df900826 | 2020-11-10 19:23:22.286  |
+  2020-11-10 19:23:22.286  |   tenant   |   default_tenant |   admin    |
+
+
+.. |image16| image:: media/image16.png
+.. |image15| image:: media/image15.png
+.. |image5| image:: media/image5.png
+.. |image13| image:: media/image13.png
+.. |image1| image:: media/image1.png
+.. |image12| image:: media/image12.png
+.. |image14| image:: media/image14.png
+.. |image19| image:: media/image19.png
+.. |image6| image:: media/image6.png
+.. |image7| image:: media/image7.png
+.. |image10| image:: media/image10.png
+.. |image4| image:: media/image4.png
+.. |image20| image:: media/image20.png
+.. |image9| image:: media/image9.png
+.. |image3| image:: media/image3.png
+.. |image17| image:: media/image17.png
+.. |image11| image:: media/image11.png
+.. |image24| image:: media/image24.png
+.. |image22| image:: media/image22.png
+.. |image18| image:: media/image18.png
+.. |image23| image:: media/image23.png
+.. |image2| image:: media/image2.png
+.. |image8| image:: media/image8.png
+.. |image21| image:: media/image21.png
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image1.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image1.png
new file mode 100644
index 000000000..c0b5dc668
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image1.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image10.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image10.png
new file mode 100644
index 000000000..952b3e0f0
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image10.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image11.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image11.png
new file mode 100644
index 000000000..9618c3a3a
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image11.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image12.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image12.png
new file mode 100644
index 000000000..9cc9373d2
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image12.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image13.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image13.png
new file mode 100644
index 000000000..797b961e0
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image13.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image14.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image14.png
new file mode 100644
index 000000000..5f974d776
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image14.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image15.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image15.png
new file mode 100644
index 000000000..58827b12c
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image15.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image16.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image16.png
new file mode 100644
index 000000000..e2c0595d9
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image16.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image17.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image17.png
new file mode 100644
index 000000000..fdeb56f8d
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image17.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image18.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image18.png
new file mode 100644
index 000000000..e29b3cf96
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image18.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image19.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image19.png
new file mode 100644
index 000000000..bb314752b
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image19.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image2.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image2.png
new file mode 100644
index 000000000..10a034744
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image2.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image20.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image20.png
new file mode 100644
index 000000000..675fa1cdc
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image20.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image21.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image21.png
new file mode 100644
index 000000000..1e6f052c7
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image21.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image22.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image22.png
new file mode 100644
index 000000000..3844ef458
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image22.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image23.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image23.png
new file mode 100644
index 000000000..7f8869ec2
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image23.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image24.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image24.png
new file mode 100644
index 000000000..dea4d33cb
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image24.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image3.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image3.png
new file mode 100644
index 000000000..54f7c48a4
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image3.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image4.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image4.png
new file mode 100644
index 000000000..aeb403cce
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image4.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image5.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image5.png
new file mode 100644
index 000000000..76d3147a8
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image5.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image6.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image6.png
new file mode 100644
index 000000000..5c57abe17
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image6.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image7.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image7.png
new file mode 100644
index 000000000..f42969be1
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image7.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image8.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image8.png
new file mode 100644
index 000000000..552d69c64
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image8.png
diff --git a/docs/guides/onap-user/vfwcl-design-tutorial/media/image9.png b/docs/guides/onap-user/vfwcl-design-tutorial/media/image9.png
new file mode 100644
index 000000000..25bffb498
--- /dev/null
+++ b/docs/guides/onap-user/vfwcl-design-tutorial/media/image9.png