aboutsummaryrefslogtreecommitdiffstats
path: root/docs/drools/pdpdApps.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/drools/pdpdApps.rst')
-rw-r--r--docs/drools/pdpdApps.rst879
1 files changed, 879 insertions, 0 deletions
diff --git a/docs/drools/pdpdApps.rst b/docs/drools/pdpdApps.rst
new file mode 100644
index 00000000..331f3ac6
--- /dev/null
+++ b/docs/drools/pdpdApps.rst
@@ -0,0 +1,879 @@
+
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+.. _pdpd-apps-label:
+
+PDP-D Applications
+##################
+
+.. contents::
+ :depth: 2
+
+Overview
+========
+
+PDP-D applications uses the PDP-D Engine middleware to provide domain specific services.
+See :ref:`pdpd-engine-label` for the description of the PDP-D infrastructure.
+
+At this time *Control Loops* are the only type of applications supported.
+
+*Control Loop* applications must support at least one of the following *Policy Types*:
+
+- **onap.policies.controlloop.Operational** (Operational Policies for Legacy Control Loops)
+- **onap.policies.controlloop.operational.common.Drools** (Tosca Compliant Operational Policies)
+
+Software
+========
+
+Source Code repositories
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+The PDP-D Applications software resides on the `policy/drools-applications <https://git.onap.org/policy/drools-applications>`__ repository. The actor libraries introduced in the *frankfurt* release reside in
+the `policy/models repository <https://git.onap.org/policy/models>`__.
+
+At this time, the *control loop* application is the only application supported in ONAP.
+All the application projects reside under the
+`controlloop directory <https://git.onap.org/policy/drools-applications/tree/controlloop>`__.
+
+Docker Image
+~~~~~~~~~~~~
+
+See the *drools-applications*
+`released versions <https://wiki.onap.org/display/DW/Policy+Framework+Project%3A+Component+Versions>`__
+for the latest images:
+
+.. code-block:: bash
+
+ docker pull onap/policy-pdpd-cl:1.6.4
+
+At the time of this writing *1.6.4* is the latest version.
+
+The *onap/policy-pdpd-cl* image extends the *onap/policy-drools* image with
+the *frankfurt* controller that realizes the *control loop* application.
+
+Frankfurt Controller
+====================
+
+The `frankfurt <https://git.onap.org/policy/drools-applications/tree/controlloop/common/controller-frankfurt>`__
+controller is the *control loop* application in ONAP.
+
+There are three parts in this controller:
+
+* The `drl rules <https://git.onap.org/policy/drools-applications/tree/controlloop/common/controller-frankfurt/src/main/resources/frankfurt.drl>`__.
+* The `kmodule.xml <https://git.onap.org/policy/drools-applications/tree/controlloop/common/controller-frankfurt/src/main/resources/META-INF/kmodule.xml>`__.
+* The `dependencies <https://git.onap.org/policy/drools-applications/tree/controlloop/common/controller-frankfurt/pom.xml>`__.
+
+The `kmodule.xml` specifies only one session, and declares in the *kbase* section the two operational policy types that
+it supports.
+
+The Frankfurt controller relies on the new Actor framework to interact with remote
+components, part of a control loop transaction. The reader is referred to the
+*Policy Platform Actor Development Guidelines* in the documentation for further information.
+
+Operational Policy Types
+========================
+
+The *frankfurt* controller supports the two Operational policy types:
+
+- *onap.policies.controlloop.Operational*.
+- *onap.policies.controlloop.operational.common.Drools*.
+
+The *onap.policies.controlloop.Operational* is the legacy operational type, used before
+the *frankfurt* release. The *onap.policies.controlloop.operational.common.Drools*
+is the Tosca compliant policy type introduced in *frankfurt*.
+
+The legacy operational policy type is defined at the
+`onap.policies.controlloop.Operational.yaml <https://git.onap.org/policy/models/tree/models-examples/src/main/resources/policytypes/onap.policies.controlloop.Operational.yaml>`__.
+
+The Tosca Compliant Operational Policy Type is defined at the
+`onap.policies.controlloop.operational.common.Drools <https://git.onap.org/policy/models/tree/models-examples/src/main/resources/policytypes/onap.policies.controlloop.operational.common.Drools.yaml>`__.
+
+An example of a Legacy Operational Policy can be found
+`here <https://git.onap.org/policy/models/tree/models-examples/src/main/resources/policies/vDNS.policy.operational.legacy.input.json>`__.
+
+An example of a Tosca Compliant Operational Policy can be found
+`here <https://git.onap.org/policy/models/tree/models-examples/src/main/resources/policies/vDNS.policy.operational.input.tosca.json>`__.
+
+Features
+========
+
+Since the PDP-D Control Loop Application image was created from the PDP-D Engine one (*onap/policy-drools*),
+it inherits all features and functionality.
+
+The enabled features in the *onap/policy-pdpd-cl* image are:
+
+- **distributed locking**: distributed resource locking.
+- **healthcheck**: healthcheck.
+- **lifecycle**: enables the lifecycle APIs.
+- **controlloop-trans**: control loop transaction tracking.
+- **controlloop-management**: generic controller capabilities.
+- **controlloop-frankfurt**: new *controller* introduced in the frankfurt release to realize the ONAP use cases.
+
+The following features are installed but disabled:
+
+- **controlloop-usecases**: *controller* used pre-frankfurt releases.
+- **controlloop-utils**: *actor* simulators.
+
+Control Loops Transaction (controlloop-trans)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+It tracks Control Loop Transactions and Operations. These are recorded in
+the *$POLICY_LOGS/audit.log* and *$POLICY_LOGS/metrics.log*, and accessible
+through the telemetry APIs.
+
+Control Loops Management (controlloop-management)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+It installs common control loop application resources, and provides
+telemetry API extensions. *Actor* configurations are packaged in this
+feature.
+
+Frankfurt Controller (controlloop-frankfurt)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+It is the *frankfurt* release implementation of the ONAP use cases.
+It relies on the new *Actor* model framework to carry out a policy's
+execution.
+
+Usecases Controller (controlloop-usecases)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+This is the deprecated pre-frankfurt controller.
+
+Utilities (controlloop-utils)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Enables *actor simulators* for testing purposes.
+
+Offline Mode
+============
+
+The default ONAP installation in *onap/policy-pdpd-cl:1.6.4* is *OFFLINE*.
+In this configuration, the *rules* artifact and the *dependencies* are all in the local
+maven repository. This requires that the maven dependencies are preloaded in the local
+repository.
+
+An offline configuration requires two configuration items:
+
+- *OFFLINE* environment variable set to true (see `values.yaml <https://git.onap.org/oom/tree/kubernetes/policy/values.yaml>`__.
+- override of the default *settings.xml* (see
+ `settings.xml <https://git.onap.org/oom/tree/kubernetes/policy/charts/drools/resources/configmaps/settings.xml>`__) override.
+
+Running the PDP-D Control Loop Application in a single container
+================================================================
+
+Environment File
+~~~~~~~~~~~~~~~~
+
+First create an environment file (in this example *env.conf*) to configure the PDP-D.
+
+.. code-block:: bash
+
+ # SYSTEM software configuration
+
+ POLICY_HOME=/opt/app/policy
+ POLICY_LOGS=/var/log/onap/policy/pdpd
+ KEYSTORE_PASSWD=Pol1cy_0nap
+ TRUSTSTORE_PASSWD=Pol1cy_0nap
+
+ # Telemetry credentials
+
+ TELEMETRY_PORT=9696
+ TELEMETRY_HOST=0.0.0.0
+ TELEMETRY_USER=demo@people.osaaf.org
+ TELEMETRY_PASSWORD=demo123456!
+
+ # nexus repository
+
+ SNAPSHOT_REPOSITORY_ID=
+ SNAPSHOT_REPOSITORY_URL=
+ RELEASE_REPOSITORY_ID=
+ RELEASE_REPOSITORY_URL=
+ REPOSITORY_USERNAME=
+ REPOSITORY_PASSWORD=
+ REPOSITORY_OFFLINE=true
+
+ MVN_SNAPSHOT_REPO_URL=
+ MVN_RELEASE_REPO_URL=
+
+ # Relational (SQL) DB access
+
+ SQL_HOST=
+ SQL_USER=
+ SQL_PASSWORD=
+
+ # AAF
+
+ AAF=false
+ AAF_NAMESPACE=org.onap.policy
+ AAF_HOST=aaf.api.simpledemo.onap.org
+
+ # PDP-D DMaaP configuration channel
+
+ PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION
+ PDPD_CONFIGURATION_API_KEY=
+ PDPD_CONFIGURATION_API_SECRET=
+ PDPD_CONFIGURATION_CONSUMER_GROUP=
+ PDPD_CONFIGURATION_CONSUMER_INSTANCE=
+ PDPD_CONFIGURATION_PARTITION_KEY=
+
+ # PAP-PDP configuration channel
+
+ POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP
+ POLICY_PDP_PAP_GROUP=defaultGroup
+
+ # Symmetric Key for encoded sensitive data
+
+ SYMM_KEY=
+
+ # Healthcheck Feature
+
+ HEALTHCHECK_USER=demo@people.osaaf.org
+ HEALTHCHECK_PASSWORD=demo123456!
+
+ # Pooling Feature
+
+ POOLING_TOPIC=POOLING
+
+ # PAP
+
+ PAP_HOST=
+ PAP_USERNAME=
+ PAP_PASSWORD=
+
+ # PAP legacy
+
+ PAP_LEGACY_USERNAME=
+ PAP_LEGACY_PASSWORD=
+
+ # PDP-X
+
+ PDP_HOST=localhost
+ PDP_PORT=6669
+ PDP_CONTEXT_URI=pdp/api/getDecision
+ PDP_USERNAME=policy
+ PDP_PASSWORD=password
+ GUARD_DISABLED=true
+
+ # DCAE DMaaP
+
+ DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT
+ DCAE_SERVERS=localhost
+ DCAE_CONSUMER_GROUP=dcae.policy.shared
+
+ # Open DMaaP
+
+ DMAAP_SERVERS=localhost
+
+ # AAI
+
+ AAI_HOST=localhost
+ AAI_PORT=6666
+ AAI_CONTEXT_URI=
+ AAI_USERNAME=policy
+ AAI_PASSWORD=policy
+
+ # SO
+
+ SO_HOST=localhost
+ SO_PORT=6667
+ SO_CONTEXT_URI=
+ SO_URL=https://localhost:6667/
+ SO_USERNAME=policy
+ SO_PASSWORD=policy
+
+ # VFC
+
+ VFC_HOST=localhost
+ VFC_PORT=6668
+ VFC_CONTEXT_URI=api/nslcm/v1/
+ VFC_USERNAME=policy
+ VFC_PASSWORD=policy
+
+ # SDNC
+
+ SDNC_HOST=localhost
+ SDNC_PORT=6670
+ SDNC_CONTEXT_URI=restconf/operations/
+
+Configuration
+~~~~~~~~~~~~~
+
+noop.pre.sh
+"""""""""""
+
+In order to avoid the noise in the logs that relate to dmaap configuration, a startup script (*noop.pre.sh*) is added
+to convert *dmaap* endpoints to *noop* in the host directory to be mounted.
+
+.. code-block:: bash
+
+ #!/bin/bash -x
+
+ sed -i "s/^dmaap/noop/g" $POLICY_HOME/config/*.properties
+
+features.pre.sh
+"""""""""""""""
+
+We can enable the *controlloop-utils* and disable the *distributed-locking* feature to avoid using the database.
+
+.. code-block:: bash
+
+ #!/bin/bash -x
+
+ bash -c "/opt/app/policy/bin/features disable distributed-locking"
+ bash -c "/opt/app/policy/bin/features enable controlloop-utils"
+
+active.post.sh
+""""""""""""""
+
+The *active.post.sh* script makes the PDP-D active.
+
+.. code-block:: bash
+
+ #!/bin/bash -x
+
+ bash -c "http --verify=no -a ${TELEMETRY_USER}:${TELEMETRY_PASSWORD} PUT https://localhost:9696/policy/pdp/engine/lifecycle/state/ACTIVE"
+
+Actor Properties
+""""""""""""""""
+
+In the *frankfurt* release, some *actors* configurations need to be overridden to support *http* for compatibility
+with the *controlloop-utils* feature.
+
+AAI-http-client.properties
+""""""""""""""""""""""""""
+
+.. code-block:: bash
+
+ http.client.services=AAI
+
+ http.client.services.AAI.managed=true
+ http.client.services.AAI.https=false
+ http.client.services.AAI.host=${envd:AAI_HOST}
+ http.client.services.AAI.port=${envd:AAI_PORT}
+ http.client.services.AAI.userName=${envd:AAI_USERNAME}
+ http.client.services.AAI.password=${envd:AAI_PASSWORD}
+ http.client.services.AAI.contextUriPath=${envd:AAI_CONTEXT_URI}
+
+SDNC-http-client.properties
+"""""""""""""""""""""""""""
+
+.. code-block:: bash
+
+ http.client.services=SDNC
+
+ http.client.services.SDNC.managed=true
+ http.client.services.SDNC.https=false
+ http.client.services.SDNC.host=${envd:SDNC_HOST}
+ http.client.services.SDNC.port=${envd:SDNC_PORT}
+ http.client.services.SDNC.userName=${envd:SDNC_USERNAME}
+ http.client.services.SDNC.password=${envd:SDNC_PASSWORD}
+ http.client.services.SDNC.contextUriPath=${envd:SDNC_CONTEXT_URI}
+
+VFC-http-client.properties
+""""""""""""""""""""""""""
+
+.. code-block:: bash
+
+ http.client.services=VFC
+
+ http.client.services.VFC.managed=true
+ http.client.services.VFC.https=false
+ http.client.services.VFC.host=${envd:VFC_HOST}
+ http.client.services.VFC.port=${envd:VFC_PORT}
+ http.client.services.VFC.userName=${envd:VFC_USERNAME}
+ http.client.services.VFC.password=${envd:VFC_PASSWORD}
+ http.client.services.VFC.contextUriPath=${envd:VFC_CONTEXT_URI:api/nslcm/v1/}
+
+settings.xml
+""""""""""""
+
+The *standalone-settings.xml* file is the default maven settings override in the container.
+
+.. code-block:: bash
+
+ <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
+
+ <offline>true</offline>
+
+ <profiles>
+ <profile>
+ <id>policy-local</id>
+ <repositories>
+ <repository>
+ <id>file-repository</id>
+ <url>file:${user.home}/.m2/file-repository</url>
+ <releases>
+ <enabled>true</enabled>
+ <updatePolicy>always</updatePolicy>
+ </releases>
+ <snapshots>
+ <enabled>true</enabled>
+ <updatePolicy>always</updatePolicy>
+ </snapshots>
+ </repository>
+ </repositories>
+ </profile>
+ </profiles>
+
+ <activeProfiles>
+ <activeProfile>policy-local</activeProfile>
+ </activeProfiles>
+
+ </settings>
+
+Bring up the PDP-D Control Loop Application
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. code-block:: bash
+
+ docker run --rm -p 9696:9696 -v ${PWD}/config:/tmp/policy-install/config --env-file ${PWD}/env/env.conf -it --name PDPD -h pdpd nexus3.onap.org:10001/onap/policy-pdpd-cl:1.6.4
+
+To run the container in detached mode, add the *-d* flag.
+
+Note that we are opening the *9696* telemetry API port to the outside world, mounting the *config* host directory,
+and setting environment variables.
+
+To open a shell into the PDP-D:
+
+.. code-block:: bash
+
+ docker exec -it pdp-d bash
+
+Once in the container, run tools such as *telemetry*, *db-migrator*, *policy* to look at the system state:
+
+.. code-block:: bash
+
+ docker exec -it PDPD bash -c "/opt/app/policy/bin/telemetry"
+ docker exec -it PDPD bash -c "/opt/app/policy/bin/policy status"
+ docker exec -it PDPD bash -c "/opt/app/policy/bin/db-migrator -s ALL -o report"
+
+Controlled instantiation of the PDP-D Control Loop Appplication
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Sometimes a developer may want to start and stop the PDP-D manually:
+
+.. code-block:: bash
+
+ # start a bash
+
+ docker run --rm -p 9696:9696 -v ${PWD}/config:/tmp/policy-install/config --env-file ${PWD}/env/env.conf -it --name PDPD -h pdpd nexus3.onap.org:10001/onap/policy-pdpd-cl:1.6.4 bash
+
+ # use this command to start policy applying host customizations from /tmp/policy-install/config
+
+ pdpd-cl-entrypoint.sh vmboot
+
+ # or use this command to start policy without host customization
+
+ policy start
+
+ # at any time use the following command to stop the PDP-D
+
+ policy stop
+
+ # and this command to start the PDP-D back again
+
+ policy start
+
+Scale-out use case testing
+==========================
+
+First step is to create the *operational.scaleout* policy.
+
+policy.vdns.json
+~~~~~~~~~~~~~~~~
+
+.. code-block:: bash
+
+ {
+ "type": "onap.policies.controlloop.operational.common.Drools",
+ "type_version": "1.0.0",
+ "name": "operational.scaleout",
+ "version": "1.0.0",
+ "metadata": {
+ "policy-id": "operational.scaleout"
+ },
+ "properties": {
+ "id": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3",
+ "timeout": 60,
+ "abatement": false,
+ "trigger": "unique-policy-id-1-scale-up",
+ "operations": [
+ {
+ "id": "unique-policy-id-1-scale-up",
+ "description": "Create a new VF Module",
+ "operation": {
+ "actor": "SO",
+ "operation": "VF Module Create",
+ "target": {
+ "targetType": "VFMODULE",
+ "entityIds": {
+ "modelInvariantId": "e6130d03-56f1-4b0a-9a1d-e1b2ebc30e0e",
+ "modelVersionId": "94b18b1d-cc91-4f43-911a-e6348665f292",
+ "modelName": "VfwclVfwsnkBbefb8ce2bde..base_vfw..module-0",
+ "modelVersion": 1,
+ "modelCustomizationId": "47958575-138f-452a-8c8d-d89b595f8164"
+ }
+ },
+ "payload": {
+ "requestParameters": "{\"usePreload\":true,\"userParams\":[]}",
+ "configurationParameters": "[{\"ip-addr\":\"$.vf-module-topology.vf-module-parameters.param[9]\",\"oam-ip-addr\":\"$.vf-module-topology.vf-module-parameters.param[16]\",\"enabled\":\"$.vf-module-topology.vf-module-parameters.param[23]\"}]"
+ }
+ },
+ "timeout": 20,
+ "retries": 0,
+ "success": "final_success",
+ "failure": "final_failure",
+ "failure_timeout": "final_failure_timeout",
+ "failure_retries": "final_failure_retries",
+ "failure_exception": "final_failure_exception",
+ "failure_guard": "final_failure_guard"
+ }
+ ]
+ }
+ }
+
+To provision the *scale-out policy*, issue the following command:
+
+.. code-block:: bash
+
+ http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" https://localhost:9696/policy/pdp/engine/lifecycle/policies @usecases/policy.vdns.json
+
+Verify that the policy shows with the telemetry tools:
+
+.. code-block:: bash
+
+ docker exec -it PDPD bash -c "/opt/app/policy/bin/telemetry"
+ > get /policy/pdp/engine/lifecycle/policies
+ > get /policy/pdp/engine/controllers/frankfurt/drools/facts/frankfurt/controlloops
+
+
+dcae.vdns.onset.json
+~~~~~~~~~~~~~~~~~~~~
+
+.. code-block:: bash
+
+ {
+ "closedLoopControlName": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3",
+ "closedLoopAlarmStart": 1463679805324,
+ "closedLoopEventClient": "microservice.stringmatcher",
+ "closedLoopEventStatus": "ONSET",
+ "requestID": "c7c6a4aa-bb61-4a15-b831-ba1472dd4a65",
+ "target_type": "VNF",
+ "target": "vserver.vserver-name",
+ "AAI": {
+ "vserver.is-closed-loop-disabled": "false",
+ "vserver.prov-status": "ACTIVE",
+ "vserver.vserver-name": "OzVServer"
+ },
+ "from": "DCAE",
+ "version": "1.0.2"
+ }
+
+To initiate a control loop transaction, simulate a DCAE ONSET to Policy:
+
+.. code-block:: bash
+
+ http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/DCAE_TOPIC/events @dcae.vdns.onset.json Content-Type:'text/plain'
+
+This will trigger the scale out control loop transaction that will interact with the *SO*
+simulator to complete the transaction.
+
+Verify in *$POLICY_LOGS/network.log* that a *FINAL: SUCCESS* notification is sent over the POLICY-CL-MGT channel.
+An entry in the *$POLICY_LOGS/audit.log* should indicate successful completion as well.
+
+vCPE use case testing
+=====================
+
+First step is to create the *operational.restart* policy.
+
+policy.vcpe.json
+~~~~~~~~~~~~~~~~
+
+.. code-block:: bash
+
+ {
+ "type": "onap.policies.controlloop.operational.common.Drools",
+ "type_version": "1.0.0",
+ "name": "operational.restart",
+ "version": "1.0.0",
+ "metadata": {
+ "policy-id": "operational.restart"
+ },
+ "properties": {
+ "id": "ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e",
+ "timeout": 300,
+ "abatement": false,
+ "trigger": "unique-policy-id-1-restart",
+ "operations": [
+ {
+ "id": "unique-policy-id-1-restart",
+ "description": "Restart the VM",
+ "operation": {
+ "actor": "APPC",
+ "operation": "Restart",
+ "target": {
+ "targetType": "VNF"
+ }
+ },
+ "timeout": 240,
+ "retries": 0,
+ "success": "final_success",
+ "failure": "final_failure",
+ "failure_timeout": "final_failure_timeout",
+ "failure_retries": "final_failure_retries",
+ "failure_exception": "final_failure_exception",
+ "failure_guard": "final_failure_guard"
+ }
+ ]
+ }
+ }
+
+To provision the *operational.restart policy* issue the following command:
+
+.. code-block:: bash
+
+ http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" https://localhost:9696/policy/pdp/engine/lifecycle/policies @usecases/policy.vcpe.json
+
+Verify that the policy shows with the telemetry tools:
+
+.. code-block:: bash
+
+ docker exec -it PDPD bash -c "/opt/app/policy/bin/telemetry"
+ > get /policy/pdp/engine/lifecycle/policies
+ > get /policy/pdp/engine/controllers/frankfurt/drools/facts/frankfurt/controlloops
+
+
+dcae.vcpe.onset.json
+~~~~~~~~~~~~~~~~~~~~
+
+.. code-block:: bash
+
+ {
+ "closedLoopControlName": "ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e",
+ "closedLoopAlarmStart": 1463679805324,
+ "closedLoopEventClient": "DCAE_INSTANCE_ID.dcae-tca",
+ "closedLoopEventStatus": "ONSET",
+ "requestID": "664be3d2-6c12-4f4b-a3e7-c349acced200",
+ "target_type": "VNF",
+ "target": "generic-vnf.vnf-id",
+ "AAI": {
+ "vserver.is-closed-loop-disabled": "false",
+ "vserver.prov-status": "ACTIVE",
+ "generic-vnf.vnf-id": "vCPE_Infrastructure_vGMUX_demo_app"
+ },
+ "from": "DCAE",
+ "version": "1.0.2"
+ }
+
+To initiate a control loop transaction, simulate a DCAE ONSET to Policy:
+
+.. code-block:: bash
+
+ http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/DCAE_TOPIC/events @dcae.vcpe.onset.json Content-Type:'text/plain'
+
+This will spawn a vCPE control loop transaction in the PDP-D. Policy will send a *restart* message over the
+*APPC-LCM-READ* channel to APPC and wait for a response.
+
+Verify that you see this message in the network.log by looking for *APPC-LCM-READ* messages.
+
+Note the *sub-request-id* value from the restart message in the *APPC-LCM-READ* channel.
+
+Replace *REPLACEME* in the *appc.vcpe.success.json* with this sub-request-id.
+
+appc.vcpe.success.json
+~~~~~~~~~~~~~~~~~~~~~~
+
+.. code-block:: bash
+
+ {
+ "body": {
+ "output": {
+ "common-header": {
+ "timestamp": "2017-08-25T21:06:23.037Z",
+ "api-ver": "5.00",
+ "originator-id": "664be3d2-6c12-4f4b-a3e7-c349acced200",
+ "request-id": "664be3d2-6c12-4f4b-a3e7-c349acced200",
+ "sub-request-id": "REPLACEME",
+ "flags": {}
+ },
+ "status": {
+ "code": 400,
+ "message": "Restart Successful"
+ }
+ }
+ },
+ "version": "2.0",
+ "rpc-name": "restart",
+ "correlation-id": "664be3d2-6c12-4f4b-a3e7-c349acced200-1",
+ "type": "response"
+ }
+
+
+Send a simulated APPC response back to the PDP-D over the *APPC-LCM-WRITE* channel.
+
+.. code-block:: bash
+
+ http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/APPC-LCM-WRITE/events @appc.vcpe.success.json Content-Type:'text/plain'
+
+Verify in *$POLICY_LOGS/network.log* that a *FINAL: SUCCESS* notification is sent over the *POLICY-CL-MGT* channel,
+and an entry is added to the *$POLICY_LOGS/audit.log* indicating successful completion.
+
+vFirewall use case testing
+===========================
+
+First step is to create the *operational.modifyconfig* policy.
+
+policy.vfw.json
+~~~~~~~~~~~~~~~
+
+.. code-block:: bash
+
+ {
+ "type": "onap.policies.controlloop.operational.common.Drools",
+ "type_version": "1.0.0",
+ "name": "operational.modifyconfig",
+ "version": "1.0.0",
+ "metadata": {
+ "policy-id": "operational.modifyconfig"
+ },
+ "properties": {
+ "id": "ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a",
+ "timeout": 300,
+ "abatement": false,
+ "trigger": "unique-policy-id-1-modifyConfig",
+ "operations": [
+ {
+ "id": "unique-policy-id-1-modifyConfig",
+ "description": "Modify the packet generator",
+ "operation": {
+ "actor": "APPC",
+ "operation": "ModifyConfig",
+ "target": {
+ "targetType": "VNF",
+ "entityIds": {
+ "resourceID": "bbb3cefd-01c8-413c-9bdd-2b92f9ca3d38"
+ }
+ },
+ "payload": {
+ "streams": "{\"active-streams\": 5 }"
+ }
+ },
+ "timeout": 240,
+ "retries": 0,
+ "success": "final_success",
+ "failure": "final_failure",
+ "failure_timeout": "final_failure_timeout",
+ "failure_retries": "final_failure_retries",
+ "failure_exception": "final_failure_exception",
+ "failure_guard": "final_failure_guard"
+ }
+ ]
+ }
+ }
+
+
+To provision the *operational.modifyconfig policy*, issue the following command:
+
+.. code-block:: bash
+
+ http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" https://localhost:9696/policy/pdp/engine/lifecycle/policies @usecases/policy.vfw.json
+
+Verify that the policy shows with the telemetry tools:
+
+.. code-block:: bash
+
+ docker exec -it PDPD bash -c "/opt/app/policy/bin/telemetry"
+ > get /policy/pdp/engine/lifecycle/policies
+ > get /policy/pdp/engine/controllers/frankfurt/drools/facts/frankfurt/controlloops
+
+
+dcae.vfw.onset.json
+~~~~~~~~~~~~~~~~~~~~
+
+.. code-block:: bash
+
+ {
+ "closedLoopControlName": "ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a",
+ "closedLoopAlarmStart": 1463679805324,
+ "closedLoopEventClient": "microservice.stringmatcher",
+ "closedLoopEventStatus": "ONSET",
+ "requestID": "c7c6a4aa-bb61-4a15-b831-ba1472dd4a65",
+ "target_type": "VNF",
+ "target": "generic-vnf.vnf-name",
+ "AAI": {
+ "vserver.is-closed-loop-disabled": "false",
+ "vserver.prov-status": "ACTIVE",
+ "generic-vnf.vnf-name": "fw0002vm002fw002",
+ "vserver.vserver-name": "OzVServer"
+ },
+ "from": "DCAE",
+ "version": "1.0.2"
+ }
+
+
+To initiate a control loop transaction, simulate a DCAE ONSET to Policy:
+
+.. code-block:: bash
+
+ http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/DCAE_TOPIC/events @dcae.vfw.onset.json Content-Type:'text/plain'
+
+This will spawn a vFW control loop transaction in the PDP-D. Policy will send a *ModifyConfig* message over the
+*APPC-CL* channel to APPC and wait for a response. This can be seen by searching the network.log for *APPC-CL*.
+
+Note the *SubRequestId* field in the *ModifyConfig* message in the *APPC-CL* topic in the network.log
+
+Send a simulated APPC response back to the PDP-D over the *APPC-CL* channel.
+To do this, change the *REPLACEME* text in the *appc.vcpe.success.json* with this *SubRequestId*.
+
+appc.vcpe.success.json
+~~~~~~~~~~~~~~~~~~~~~~
+
+.. code-block:: bash
+
+ {
+ "CommonHeader": {
+ "TimeStamp": 1506051879001,
+ "APIver": "1.01",
+ "RequestID": "c7c6a4aa-bb61-4a15-b831-ba1472dd4a65",
+ "SubRequestID": "REPLACEME",
+ "RequestTrack": [],
+ "Flags": []
+ },
+ "Status": {
+ "Code": 400,
+ "Value": "SUCCESS"
+ },
+ "Payload": {
+ "generic-vnf.vnf-id": "f17face5-69cb-4c88-9e0b-7426db7edddd"
+ }
+ }
+
+.. code-block:: bash
+
+ http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/APPC-CL/events @appc.vcpe.success.json Content-Type:'text/plain'
+
+Verify in *$POLICY_LOGS/network.log* that a *FINAL: SUCCESS* notification is sent over the POLICY-CL-MGT channel,
+and an entry is added to the *$POLICY_LOGS/audit.log* indicating successful completion.
+
+
+Running PDP-D Control Loop Application with other components
+============================================================
+
+The reader can also look at the `integration/csit repository <https://git.onap.org/integration/csit>`__.
+More specifically, these directories have examples of other PDP-D Control Loop configurations:
+
+* `plans <https://git.onap.org/integration/csit/tree/plans/policy/drools-applications>`__: startup scripts.
+* `scripts <https://git.onap.org/integration/csit/tree/scripts/policy/drools-apps/docker-compose-drools-apps.yml>`__: docker-compose and related files.
+* `plans <https://git.onap.org/integration/csit/tree/tests/policy/drools-applications>`__: test plan.
+
+Additional information
+======================
+
+For additional information, please see the
+`Drools PDP Development and Testing (In Depth) <https://wiki.onap.org/display/DW/2020+Frankfurt+Tutorials>`__ page.
+
+