From e76731f77035a13565e91ddb845a19af3190c11e Mon Sep 17 00:00:00 2001 From: jhh Date: Mon, 24 Jun 2019 19:38:33 -0500 Subject: adapt vFW, vDNS, and VOLTE to new framework Issue-ID: POLICY-1851 Signed-off-by: jhh Change-Id: I03ce5357386a465db52739aad9a3ce8f315291e0 (cherry picked from commit 50bc6ab902bb0d55d59955f787f1d4a957f8a748) --- docs/drools/Tut_vFW_appc_request.JPG | Bin 64608 -> 0 bytes docs/drools/Tut_vFW_get_facts.JPG | Bin 23109 -> 0 bytes docs/drools/Tut_vFW_get_facts_2.JPG | Bin 49524 -> 0 bytes docs/drools/Tut_vFW_policy_start.JPG | Bin 12438 -> 0 bytes docs/drools/Tut_vFW_simulated_onset.JPG | Bin 38781 -> 0 bytes docs/drools/Tut_vFW_simulators_enabled.JPG | Bin 23142 -> 0 bytes docs/drools/tutorial_VOLTE.rst | 116 ++++++++-------------- docs/drools/tutorial_VOLTE_1.png | Bin 33482 -> 0 bytes docs/drools/tutorial_VOLTE_2.png | Bin 26091 -> 0 bytes docs/drools/tutorial_cl.rst | 4 +- docs/drools/tutorial_vDNS.rst | 141 +++++++++++++------------- docs/drools/tutorial_vDNS_1.png | Bin 10737 -> 0 bytes docs/drools/tutorial_vDNS_2.png | Bin 7657 -> 0 bytes docs/drools/tutorial_vFW.rst | 153 +++++++++++++++++++---------- 14 files changed, 216 insertions(+), 198 deletions(-) delete mode 100755 docs/drools/Tut_vFW_appc_request.JPG delete mode 100755 docs/drools/Tut_vFW_get_facts.JPG delete mode 100755 docs/drools/Tut_vFW_get_facts_2.JPG delete mode 100755 docs/drools/Tut_vFW_policy_start.JPG delete mode 100755 docs/drools/Tut_vFW_simulated_onset.JPG delete mode 100755 docs/drools/Tut_vFW_simulators_enabled.JPG delete mode 100755 docs/drools/tutorial_VOLTE_1.png delete mode 100755 docs/drools/tutorial_VOLTE_2.png delete mode 100644 docs/drools/tutorial_vDNS_1.png delete mode 100644 docs/drools/tutorial_vDNS_2.png diff --git a/docs/drools/Tut_vFW_appc_request.JPG b/docs/drools/Tut_vFW_appc_request.JPG deleted file mode 100755 index 737719f7..00000000 Binary files a/docs/drools/Tut_vFW_appc_request.JPG and /dev/null differ diff --git a/docs/drools/Tut_vFW_get_facts.JPG b/docs/drools/Tut_vFW_get_facts.JPG deleted file mode 100755 index 27637257..00000000 Binary files a/docs/drools/Tut_vFW_get_facts.JPG and /dev/null differ diff --git a/docs/drools/Tut_vFW_get_facts_2.JPG b/docs/drools/Tut_vFW_get_facts_2.JPG deleted file mode 100755 index 4bf8e9f3..00000000 Binary files a/docs/drools/Tut_vFW_get_facts_2.JPG and /dev/null differ diff --git a/docs/drools/Tut_vFW_policy_start.JPG b/docs/drools/Tut_vFW_policy_start.JPG deleted file mode 100755 index 91be90e6..00000000 Binary files a/docs/drools/Tut_vFW_policy_start.JPG and /dev/null differ diff --git a/docs/drools/Tut_vFW_simulated_onset.JPG b/docs/drools/Tut_vFW_simulated_onset.JPG deleted file mode 100755 index b6d40113..00000000 Binary files a/docs/drools/Tut_vFW_simulated_onset.JPG and /dev/null differ diff --git a/docs/drools/Tut_vFW_simulators_enabled.JPG b/docs/drools/Tut_vFW_simulators_enabled.JPG deleted file mode 100755 index 8cd9902d..00000000 Binary files a/docs/drools/Tut_vFW_simulators_enabled.JPG and /dev/null differ diff --git a/docs/drools/tutorial_VOLTE.rst b/docs/drools/tutorial_VOLTE.rst index 2dc84628..b3be5269 100644 --- a/docs/drools/tutorial_VOLTE.rst +++ b/docs/drools/tutorial_VOLTE.rst @@ -3,62 +3,60 @@ .. http://creativecommons.org/licenses/by/4.0 ********************************************************** -Tutorial: Testing the VOLTE Use Case in a standalone PDP-D +Tutorial: Testing the VOLTE Use Case in a standalone PDP-D ********************************************************** .. contents:: :depth: 3 -In this tutorial we will go over how to access and start up the PDP-D, setup the prerequisites for the VOLTE flow, enable/disable the VFC Simulator that will be used in the VOLTE flow, and inject messages to trigger the VOLTE flow. +In this tutorial we will test the vDNS flow in a standalone PDP-D docker container. -Accessing and starting the PDP-D -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +Initial Setup +^^^^^^^^^^^^^ -The first step is to access the docker container of name *drools*. +It is assumed that the set up steps from section +*Using the Control Loop PDP-D docker image for standalone testing* has been followed for +this tutorial. - .. code-block:: bash - - docker exec -it -u 0 drools su - policy - -The PDP-D software is installed under the *policy* account, the policy root directory is under *${POLICY_HOME}* environment variable and it may be changed on a per installation basis. It is typically set up under the */opt/app/policy* directory but can be changed during installation. All PDP-D software runs with non-root privileges as *policy* is a regular user account. - -Once within the drools container, the running status can be observed by using the *policy* command: +Running the Flow +^^^^^^^^^^^^^^^^ - .. code-block:: bash - - policy [--debug] status|start|stop - -The running status of the PDP-D can be observed with *policy status* +**Step 1:** Deploy the vDNS Operational Policy. .. code-block:: bash - - policy@drools:~$ policy status [drools-pdp-controllers] L []: Policy Management (pid 1500) is running 1 cron jobs installed. - - -Prerequisites for the VOLTE flow -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -In order to trigger the VOLTE flow we will need to inject an ONSET message via curl command. We're going to create a temporary *util* directory to store a file that contains the VOLTE ONSET message. -Navigate to */tmp* and create directory *util*. *util* is just a temporary folder we've created to use as our 'workspace'. + cat pdp-update-volte.json + { + "policies": [ + { + "type": "onap.policies.controlloop.Operational", + "type_version": "1.0.0", + "properties": { + "content": "controlLoop%3A%0A%20%20version%3A%202.0.0%0A%20%20controlLoopName%3A%20ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b%0A%20%20trigger_policy%3A%20unique-policy-id-1-restart%0A%20%20timeout%3A%203600%0A%20%20abatement%3A%20false%0A%0Apolicies%3A%0A%20%20-%20id%3A%20unique-policy-id-1-restart%0A%20%20%20%20name%3A%20Restart%20the%20VM%0A%20%20%20%20description%3A%0A%20%20%20%20actor%3A%20VFC%0A%20%20%20%20recipe%3A%20Restart%0A%20%20%20%20target%3A%0A%20%20%20%20%20%20type%3A%20VM%0A%20%20%20%20retry%3A%203%0A%20%20%20%20timeout%3A%201200%0A%20%20%20%20success%3A%20final_success%0A%20%20%20%20failure%3A%20final_failure%0A%20%20%20%20failure_timeout%3A%20final_failure_timeout%0A%20%20%20%20failure_retries%3A%20final_failure_retries%0A%20%20%20%20failure_exception%3A%20final_failure_exception%0A%20%20%20%20failure_guard%3A%20final_failure_guard%0A" + }, + "name": "operational.volte", + "version": "1.0.0" + } + ], + "messageName": "PDP_UPDATE", + "requestId": "a7a32d3b-37b4-4fb7-9322-b90c6a6fe365", + "timestampMs": 1556125347251, + "name": "PDPDcl", + "pdpGroup": "controlloop", + "pdpSubgroup": "drools" + } - .. code-block:: bash - - cd /tmp - mkdir util + http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/POLICY-PDP-PAP/events @pdp-update-volte.json Content-Type:'text/plain' + telemetry + > get controllers/usecases/drools/facts/usecases/controlloops + > get controllers/usecases/drools/facts/usecases/controlloops/ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b -Next, we're going to create a file named *dcae.volte.onset.json* and edit it to paste the VOLTE ONSET message contents. +**Step 2:** Inject a simulated *ONSET* message. .. code-block:: bash - - touch dcae.volte.onset.json - vi dcae.volte.onset.json - -Here are the contents of the VOLTE ONSET message. Copy/paste this into dcae.volte.onset.json: - - .. code-block:: json + cat dcae.volte.onset.json { "closedLoopControlName": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b", "closedLoopAlarmStart": 1484677482204798, @@ -78,44 +76,12 @@ Here are the contents of the VOLTE ONSET message. Copy/paste this into dcae.volt "from": "DCAE", "version": "1.0.2" } - - -Enabling the VFC Simulator -^^^^^^^^^^^^^^^^^^^^^^^^^^ -Enabling the *controlloop-utils* feature will enable the simulators. To do this, simply stop the drools pdp, enable the feature, and restart the drools pdp like so: - - .. code-block:: bash - - policy stop - features enable controlloop-utils - policy start - -Now, in */opt/app/policy/config/* directory, you should see a new properties file named *simulators.properties.environment*. In here you will find the credentials for the VFC simulator. - -Injecting an ONSET to trigger the VOLTE Flow -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -We are now ready to inject an ONSET message to trigger the VOLTE flow. Simply navigate back to the directory *dcae.volte.onset.json* file is saved (i.e. cd /tmp/util) and run this curl command: - - .. code-block:: bash - - http --verify=no --default-scheme=https -a @1b3rt:31nst31n PUT :9696/policy/pdp/engine/topics/sources/ueb/unauthenticated.DCAE_CL_OUTPUT/events @dcae.volte.onset.json Content-Type:"text/plain" - -You should see some output similar to this: - -.. image:: tutorial_VOLTE_1.png - -You can view the logs to see the network activity or find any errors that may have occurred. Logs are located in */opt/app/policy/logs*. - -Reading the logs -^^^^^^^^^^^^^^^^ - -Once you've injected the onset message, this should appear in the network.log: - -.. image:: tutorial_VOLTE_2.png + http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/POLICY-PDP-PAP/events @dcae.volte.onset.json Content-Type:'text/plain' +The network log can be used to monitor the PDP-D network input/output operations. +This log is located at *$POLICY_LOGS/network.log*. +The log file will show interactions with the AAI and SO simulator to fulfill the flow. +Once the transaction has completed, a final success notification will be recorded in this file. End of Document - -.. SSNote: Wiki page ref. https://wiki.onap.org/display/DW/Tutorial%3A+Testing+the+VOLTE+Use+Case+in+a+standalone+PDP-D diff --git a/docs/drools/tutorial_VOLTE_1.png b/docs/drools/tutorial_VOLTE_1.png deleted file mode 100755 index 938604df..00000000 Binary files a/docs/drools/tutorial_VOLTE_1.png and /dev/null differ diff --git a/docs/drools/tutorial_VOLTE_2.png b/docs/drools/tutorial_VOLTE_2.png deleted file mode 100755 index 53ee7802..00000000 Binary files a/docs/drools/tutorial_VOLTE_2.png and /dev/null differ diff --git a/docs/drools/tutorial_cl.rst b/docs/drools/tutorial_cl.rst index 936bf28f..10af500c 100644 --- a/docs/drools/tutorial_cl.rst +++ b/docs/drools/tutorial_cl.rst @@ -63,7 +63,8 @@ without companion components. cd $POLICY_HOME/config sed -i "s/^guard.disabled=*$/guard.disabled=true/g" $POLICY_HOME/config/controlloop.properties.environment - + sed -i "s/^aai.customQuery=*$/aai.customQuery=false/g" $POLICY_HOME/config/controlloop.properties.environment + **Step 5:** Start the CL PDP-D. .. code-block:: bash @@ -99,7 +100,6 @@ Proceed with testing your new policy as described in the specific tutorials: • vFW - `Tutorial: Testing the vFW flow in a standalone PDP-D `_ • VoLTE - `Tutorial: Testing the VOLTE Use Case in a standalone PDP-D `_ - .. seealso:: To deploy a control loop in Eclipse from the control loop archetype template, refer to `Modifying the Release Template `_. diff --git a/docs/drools/tutorial_vDNS.rst b/docs/drools/tutorial_vDNS.rst index 330bb64e..dc1823d8 100644 --- a/docs/drools/tutorial_vDNS.rst +++ b/docs/drools/tutorial_vDNS.rst @@ -9,56 +9,54 @@ Tutorial: Testing the vDNS Use Case in a standalone PDP-D .. contents:: :depth: 3 -In this tutorial we will go over how to access and start up the PDP-D, setup the prerequisites for the vDNS flow, enable/disable the AAI and SO Simulators that will be used in the vDNS flow, and inject messages to trigger the vDNS flow. +In this tutorial we will test the vDNS flow in a standalone PDP-D docker container. -Accessing and starting the PDP-D -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +Initial Setup +^^^^^^^^^^^^^ -The first step is to access the docker container of name *drools*. +It is assumed that the set up steps from section +*Using the Control Loop PDP-D docker image for standalone testing* has been followed for +this tutorial. - .. code-block:: bash - - docker exec -it -u 0 drools su - policy - -The PDP-D software is installed under the *policy* account, the policy root directory is under *${POLICY_HOME}* environment variable and it may be changed on a per installation basis. It is typically set up under the */opt/app/policy* directory but can be changed during installation. All PDP-D software runs with non-root privileges as *policy* is a regular user account. +Running the Flow +^^^^^^^^^^^^^^^^ -Once within the drools container, the running status can be observed by using the *policy* command: +**Step 1:** Deploy the vDNS Operational Policy. .. code-block:: bash - - policy [--debug] status|start|stop - -The running status of the PDP-D can be observed with *policy status* - .. code-block:: bash - - policy@drools:~$ policy status [drools-pdp-controllers] L []: Policy Management (pid 1500) is running 1 cron jobs installed. - - -Prerequisites for the vDNS flow -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -In order to trigger the vDNS flow we will need to inject an ONSET message via curl command. We're going to create a temporary *util* directory to store a file that contains the vDNS ONSET message. - -Navigate to */tmp* and create directory *util*. *util* is just a temporary folder we've created to use as our 'workspace'. + cat pdp-update-vdns.json + { + "policies": [ + { + "type": "onap.policies.controlloop.Operational", + "type_version": "1.0.0", + "properties": { + "content": "controlLoop%3A%0A%20%20version%3A%202.0.0%0A%20%20controlLoopName%3A%20ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3%0A%20%20services%3A%0A%20%20%20%20-%20serviceName%3A%20d4738992-6497-4dca-9db9%0A%20%20%20%20%20%20serviceInvariantUUID%3A%20dc112d6e-7e73-4777-9c6f-1a7fb5fd1b6f%0A%20%20%20%20%20%20serviceUUID%3A%202eea06c6-e1d3-4c3a-b9c4-478c506eeedf%0A%20%20trigger_policy%3A%20unique-policy-id-1-scale-up%0A%20%20timeout%3A%2060%0A%20%0Apolicies%3A%0A%20%20-%20id%3A%20unique-policy-id-1-scale-up%0A%20%20%20%20name%3A%20Create%20a%20new%20VF%20Module%0A%20%20%20%20description%3A%0A%20%20%20%20actor%3A%20SO%0A%20%20%20%20recipe%3A%20VF%20Module%20Create%0A%20%20%20%20target%3A%0A%20%20%20%20%20%20type%3A%20VFMODULE%0A%20%20%20%20%20%20modelInvariantId%3A%2090b793b5-b8ae-4c36-b10b-4b6372859d3a%0A%20%20%20%20%20%20modelVersionId%3A%202210154d-e61a-4d7f-8fb9-0face1aee3f8%0A%20%20%20%20%20%20modelName%3A%20SproutScalingVf..scaling_sprout..module-1%0A%20%20%20%20%20%20modelVersion%3A%201%0A%20%20%20%20%20%20modelCustomizationId%3A%203e2d67ad-3495-4732-82f6-b0b872791fff%0A%20%20%20%20payload%3A%0A%20%20%20%20%20%20requestParameters%3A%20%27%7B%22usePreload%22%3Atrue%2C%22userParams%22%3A%5B%5D%7D%27%0A%20%20%20%20%20%20configurationParameters%3A%20%27%5B%7B%22ip-addr%22%3A%22%24.vf-module-topology.vf-module-parameters.param%5B9%5D%22%2C%22oam-ip-addr%22%3A%22%24.vf-module-topology.vf-module-parameters.param%5B16%5D%22%2C%22enabled%22%3A%22%24.vf-module-topology.vf-module-parameters.param%5B23%5D%22%7D%5D%27%0A%20%20%20%20retry%3A%200%0A%20%20%20%20timeout%3A%2030%0A%20%20%20%20success%3A%20final_success%0A%20%20%20%20failure%3A%20final_failure%0A%20%20%20%20failure_timeout%3A%20final_failure_timeout%0A%20%20%20%20failure_retries%3A%20final_failure_retries%0A%20%20%20%20failure_exception%3A%20final_failure_exception%0A%20%20%20%20failure_guard%3A%20final_failure_guard%0A" + }, + "name": "operational.scaleout", + "version": "1.0.0" + } + ], + "messageName": "PDP_UPDATE", + "requestId": "a7a32d3b-37b4-4fb7-9322-b90c6a6fe365", + "timestampMs": 1556125347251, + "name": "PDPDcl", + "pdpGroup": "controlloop", + "pdpSubgroup": "drools" + } - .. code-block:: bash - - cd /tmp - mkdir util + http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/POLICY-PDP-PAP/events @pdp-update-vdns.json Content-Type:'text/plain' + telemetry + > get controllers/usecases/drools/facts/usecases/controlloops + > get controllers/usecases/drools/facts/usecases/controlloops/ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3 -Next, we're going to create a file named *dcae.vdns.onset.json* and edit it to paste the vDNS ONSET message contents. +**Step 2:** Inject a simulated *ONSET* message. .. code-block:: bash - - touch dcae.vdns.onset.json - vi dcae.vdns.onset.json - -Here are the contents of the vDNS ONSET message. Copy/paste this into dcae.vdns.onset.json: - .. code-block:: json - + cat dcae.vdns.onset.json { "closedLoopControlName": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3", "closedLoopAlarmStart": 1484677482204798, @@ -75,45 +73,46 @@ Here are the contents of the vDNS ONSET message. Copy/paste this into dcae.vdns. "from": "DCAE", "version": "1.0.2" } - + http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/DCAE_TOPIC/switches/activation # activate noop source -Enabling the AAI and SO Simulators -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/DCAE_TOPIC/events @dcae.vdns.onset.json Content-Type:'text/plain' # send onset -Enabling the *controlloop-utils* feature will enable the simulators. To do this, simply stop the drools pdp, enable the feature, and restart the drools pdp like so: +The network log can be used to monitor the PDP-D network input/output operations. This log is located at *$POLICY_LOGS/network.log*. The log file will show interactions with the AAI and SO simulator to fulfill the flow. Once the transaction has completed, a final success notification will be recorded in this file. .. code-block:: bash - - policy stop - features enable controlloop-utils - policy start - -Now, in */opt/app/policy/config/* directory, you should see a new properties file named *simulators.properties.environment*. In here you will find the credentials for the AAI and SO simulators. - -Injecting an ONSET to trigger the vDNS Flow -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -We are now ready to inject an ONSET message to trigger the vDNS flow. Simply navigate back to the directory *dcae.vdns.onset.json* file is saved (i.e. cd /tmp/util) and run this curl command: - - .. code-block:: bash - - http --verify=no --default-scheme=https -a @1b3rt:31nst31n PUT :9696/policy/pdp/engine/topics/sources/ueb/unauthenticated.DCAE_CL_OUTPUT/events @dcae.vdns.onset.json Content-Type:"text/plain" - -You should see some output similar to this: - - .. image:: tutorial_vDNS_1.png - -You can view the logs to see the network activity or find any errors that may have occurred. Logs are located in */opt/app/policy/logs*. - -Reading the logs -^^^^^^^^^^^^^^^^ - -Once you've injected the onset message, this should appear in the network.log: - - .. image:: tutorial_vDNS_2.png + { + "AAI": { + "vserver.prov-status": "ACTIVE", + "vserver.is-closed-loop-disabled": "false", + "vserver.vserver-name": "dfw1lb01lb01" + }, + "closedLoopAlarmStart": 1484677482204798, + "closedLoopControlName": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3", + "version": "1.0.2", + "requestId": "e4f95e0c-a013-4530-8e59-c5c5f9e539b6", + "closedLoopEventClient": "DCAE_INSTANCE_ID.dcae-tca", + "targetType": "VNF", + "target": "vserver.vserver-name", + "from": "policy:usecases", + "policyScope": "onap.policies.controlloop.Operational:1.0.0", + "policyName": "operational.scaleout.EVENT.MANAGER", + "policyVersion": "1.0.0", + "notification": "FINAL: SUCCESS", + "notificationTime": "2019-06-24 20:52:16.370000+00:00", + "history": [ + { + "actor": "SO", + "operation": "VF Module Create", + "target": "Target [type=VFMODULE, resourceId=null]", + "start": 1561409536125, + "end": 1561409536368, + "subRequestId": "1", + "outcome": "Success", + "message": "200 Success" + } + ] + } End of Document - -.. SSNote: Wiki page ref. https://wiki.onap.org/display/DW/Tutorial%3A+Testing+the+vDNS+Use+Case+in+a+standalone+PDP-D diff --git a/docs/drools/tutorial_vDNS_1.png b/docs/drools/tutorial_vDNS_1.png deleted file mode 100644 index ed2cb36f..00000000 Binary files a/docs/drools/tutorial_vDNS_1.png and /dev/null differ diff --git a/docs/drools/tutorial_vDNS_2.png b/docs/drools/tutorial_vDNS_2.png deleted file mode 100644 index bbfb8206..00000000 Binary files a/docs/drools/tutorial_vDNS_2.png and /dev/null differ diff --git a/docs/drools/tutorial_vFW.rst b/docs/drools/tutorial_vFW.rst index 72288f33..5162cf33 100644 --- a/docs/drools/tutorial_vFW.rst +++ b/docs/drools/tutorial_vFW.rst @@ -3,7 +3,7 @@ .. http://creativecommons.org/licenses/by/4.0 **************************************************** -Tutorial: Testing the vFW flow in a standalone PDP-D +Tutorial: Testing the vFW flow in a standalone PDP-D **************************************************** .. contents:: @@ -11,51 +11,99 @@ Tutorial: Testing the vFW flow in a standalone PDP-D High Level Architecture -^^^^^^^^^^^^^^^^^^^^^^^ +^^^^^^^^^^^^^^^^^^^^^^^ The vFW flow begins with an onset message that is sent from DCAE notifying the PDP-D that an action needs to be taken on a VNF. Once the PDP-D has inserted the onset into drools memory, rules begin to fire to start processing the onset for the vFW policy that exists in drools memory. If the onset is not enriched with A&AI data, Policy will query A&AI for the VNF data otherwise the PDP-D will get the A&AI data needed directly from the onset. Then an A&AI named query is executed on the source VNF entity from the onset to find the target VNF entity that the PDP-D will take action on. Once the target entity is retrieved from A&AI, a Guard query is executed to determine if the action to be taken is allowed. If Guard returns a permit, the PDP-D will then send an APPC ModifyConfig recipe request to modify pg-streams as specified in the request payload. If APPC is successful then the PDP-D will send a final success notification on the POLICY-CL-MGT topic and gracefully end processing the event. Initial Setup -^^^^^^^^^^^^^ +^^^^^^^^^^^^^ -For this tutorial, a feature for simulating components involved in the flow outside of Policy will be turned on. Run "*features enable controlloop-utils*". - - .. image:: Tut_vFW_simulators_enabled.JPG - -Now start the PDP-D using the command "policy start" - - .. image:: Tut_vFW_policy_start.JPG +For this tutorial, it is assumed that the set up steps from section +*Using the Control Loop PDP-D docker image for standalone testing* has been followed. Running the Flow -^^^^^^^^^^^^^^^^ - -The telemetry API is used to see what is in memory. There should only be 1 fact, the Params object which is created at initialization time and contains the vFW policy that was created. +^^^^^^^^^^^^^^^^ + +**Step 1:** Deploy the vFW Operational Policy. + + .. code-block:: bash + + cat pdp-update-vfw.json + { + "policies": [ + { + "type": "onap.policies.controlloop.Operational", + "type_version": "1.0.0", + "properties": { + "content": "controlLoop%3A%0A++++version%3A+2.0.0%0A++++controlLoopName%3A+ControlLoop-vFirewall-135835e3-eed7-497a-83ab-8c315f37fa4a%0A++++trigger_policy%3A+unique-policy-id-1-modifyConfig%0A++++timeout%3A+1200%0A++++abatement%3A+false%0Apolicies%3A%0A++++-+id%3A+unique-policy-id-1-modifyConfig%0A++++++name%3A+modify_packet_gen_config%0A++++++description%3A%0A++++++actor%3A+APPC%0A++++++recipe%3A+ModifyConfig%0A++++++target%3A%0A++++++++++resourceID%3A+Eace933104d443b496b8.nodes.heat.vpg%0A++++++++++type%3A+VNF%0A++++++payload%3A%0A++++++++++streams%3A+%27%7B%22active-streams%22%3A5%7D%27%0A++++++retry%3A+0%0A++++++timeout%3A+300%0A++++++success%3A+final_success%0A++++++failure%3A+final_failure%0A++++++failure_timeout%3A+final_failure_timeout%0A++++++failure_retries%3A+final_failure_retries%0A++++++failure_exception%3A+final_failure_exception%0A++++++failure_guard%3A+final_failure_guard%0A" + }, + "name": "operational.modifyconfig", + "version": "1.0.0" + } + ], + "messageName": "PDP_UPDATE", + "requestId": "a7a32d3b-37b4-4fb7-9322-b90c6a6fe365", + "timestampMs": 1556125347251, + "name": "PDPDcl", + "pdpGroup": "controlloop", + "pdpSubgroup": "drools" + } + + http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/POLICY-PDP-PAP/events @pdp-update-vfw.json Content-Type:'text/plain' + + telemetry + > get controllers/usecases/drools/facts/usecases/controlloops + > get controllers/usecases/drools/facts/usecases/controlloops/ControlLoop-vFirewall-135835e3-eed7-497a-83ab-8c315f37fa4a + +**Step 2:** Inject a simulated *ONSET* message. .. code-block:: bash - curl -k --silent --user @1b3rt:31nst31n -X GET https://localhost:9696/policy/pdp/engine/controllers/amsterdam/drools/facts/amsterdam | python -m json.tool + cat dcae.vfw.onset.json + { + "closedLoopControlName": "ControlLoop-vFirewall-135835e3-eed7-497a-83ab-8c315f37fa4a", + "closedLoopAlarmStart": 1463679805324, + "closedLoopEventClient": "microservice.stringmatcher", + "closedLoopEventStatus": "ONSET", + "requestID": "c7c6a4aa-bb61-4a15-b831-ba1472dd4a65", + "target_type": "VNF", + "target": "generic-vnf.vnf-id", + "AAI": { + "generic-vnf.is-closed-loop-disabled": "false", + "generic-vnf.prov-status": "ACTIVE", + "generic-vnf.vnf-id": "fw0002vm002fw002" + }, + "from": "DCAE", + "version": "1.0.2" + } - .. image:: Tut_vFW_get_facts.JPG + # activate NOOP sources -Using the telemetry API, a simulated onset can be injected by the user. For demo purposes, this is the simulated onset that will be used: + http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/DCAE_TOPIC/switches/activation - .. image:: Tut_vFW_simulated_onset.JPG + http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/APPC-CL/switches/activation -**NOTE:** The onset that gets injected has to have a closedLoopControlName that matches the pushed policy's closedLoopControlName. + http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/DCAE_TOPIC/events @dcae.vfw.onset.json Content-Type:'text/plain' # send onset -Inject the onset using the Telemetry API. +Using the telemetry API, a simulated onset can be injected by the user. +For demo purposes, this is the simulated onset that will be used: - .. code-block:: bash - - curl -k --silent --user @1b3rt:31nst31n --header "Content-Type: text/plain" --data @dcae.vfw.onset.json -X PUT https://localhost:9696/policy/pdp/engine/topics/sources/ueb/unauthenticated.DCAE_EVENT_OUTPUT/events | python -m json.tool + .. image:: Tut_vFW_simulated_onset.JPG - .. image:: Tut_vFW_onset_injected.JPG +**NOTE:** The onset that gets injected has to have a closedLoopControlName that matches +the pushed policy's closedLoopControlName. -Now check the facts in memory, there should be 7 objects present. Two timers exist to put a time limit on the operation and on the overall control loop (in the case of retries or policy chaining). The event and it's associated manager and operation manager are also present in memory. A lock on the target entity is inserted to ensure no other events try to take action on the VNF that is currently processing. +There should be 8 objects present. Two timers exist to put a time limit on the operation and on +the overall control loop (in the case of retries or policy chaining). +The event and it's associated manager and operation manager are also present in memory. +A lock on the target entity is inserted to ensure no other events try to take action on +the VNF that is currently processing. - .. image:: Tut_vFW_get_facts_2.JPG +The network log will be used to monitor the activity coming in and out of the PDP-D. +This log is located at *$POLICY_HOME/logs/network.log*. +This will show the notifications that the PDP-D sends out at different stages of processing. +The order of successful processing begins with an ACTIVE notification to show that the onset +was acknowledged and the operation is beginning transit. -The network log will be used to monitor the activity coming in and out of the PDP-D. This log is located at *$POLICY_HOME/logs/network.log*. This will show the notifications that the PDP-D sends out at different stages of processing. The order of successful processing begins with an ACTIVE notification to show that the onset was acknowledged and the operation is beginning transit. - .. image:: Tut_vFW_policy_active.JPG Next a query will be sent to A&AI to get information on the VNF specified from the onset. The picture below shows the query going OUT of the PDP-D and the response coming IN. @@ -84,21 +132,37 @@ Once the target entity is found, the PDP-D consults Guard to determine if this o .. image:: Tut_vFW_policy_operation_start.JPG -Once the operation starts an APPC request is sent out. - - .. image:: Tut_vFW_appc_request.JPG - -A simulated APPC response will be injected to the APPC-CL topic, this is the example response used: - - .. image:: Tut_vFW_simulated_appc_response.JPG +**Step 3:** Inject an APPC response in the APPC-CL topic -Inject the response using the Telemetry API. +A simulated APPC response will be injected to the APPC-CL topic. .. code-block:: bash - curl -k --silent --user @1b3rt:31nst31n --header "Content-Type: text/plain" --data @appc.legacy.success.json -X PUT https://localhost:9696/policy/pdp/engine/topics/sources/ueb/APPC-CL/events | python -m json.tool - - .. image:: Tut_vFW_insert_appc_response.JPG + cat appc.legacy.success.json + { + "CommonHeader": { + "TimeStamp": 1506051879001, + "APIver": "1.01", + "RequestID": "c7c6a4aa-bb61-4a15-b831-ba1472dd4a65", + "SubRequestID": "1", + "RequestTrack": [], + "Flags": [] + }, + "Status": { + "Code": 400, + "Value": "SUCCESS" + }, + "Payload": { + "streams": { + "active-streams": 5.0 + }, + "generic-vnf.vnf-id": "7da01f3d-1e1f-374f-b049-f6385fe8d067" + } + } + + http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/APPC-CL/switches/activation # activate noop source + + http --verify=no -a "${TELEMETRY_USER}:${TELEMETRY_PASSWORD}" PUT https://localhost:9696/policy/pdp/engine/topics/sources/noop/APPC-CL/events @appc.legacy.success.json Content-Type:'text/plain' The network log will show the PDP-D sent an operation success notification. @@ -108,17 +172,6 @@ Then a final success notification is sent. .. image:: Tut_vFW_policy_final_success.JPG -After processing there should only be 1 fact left in memory. - - .. image:: Tut_vFW_final_memory.JPG - - - +After processing there should only be 2 facts left in memory. End of Document - - - - -.. SSNote: Wiki page ref. https://wiki.onap.org/display/DW/Tutorial%3A+Testing+the+vFW+flow+in+a+standalone+PDP-D - -- cgit 1.2.3-korg