Integrate ONAP with Nokia VNFM
==============================
The following section describes how to integrate the Nokia Virtualized Network Function Manager (VNFM) into ONAP.
Prepare the VNFM
----------------
* Start the VNFM.
- The VNFM must be able to communicate with the ONAP VF-C interface, the virtualized infrastructure manager (VIM) and the virtualized network function (VNF), so the VNFM must
have the correct network setup. The VNFM uses lifecycle notifications (LCNs) to notify the VF-C about the executed changes, therefore, the LCN zone of the
VNFM must be configured so that the VNFM is able to reach the VF-C LCN interface.
* Register driver in CBAM
- Using SSH, log in to the CloudBand Application Manager (CBAM) virtual machine as cbam user and determine the Keycloak
auto-generated admin password with the following command: ectl get /cbam/cluster/components/keycloak/admin_credentials/password
- Copy the printout of the command.
- Access the Keycloak login page with the following URL: https://<cbamIp>/auth/admin where <cbamIp> is the FQDN or IP
address assigned to CBAM node during instantiation. Optionally, it may contain a port, for example, cbam.mycompany.com:port or 1.2.3.4:port.
Result: The Keycloak Administration Console login page loads up.
- Log in to Keycloak with the 'admin' username and the auto-generated admin password you copied to clipboard, then change the auto-generated password and note the new password.
Result: You are logged in to the Keycloak Administration Console.
- Add a new client on Keycloak:
- From the Configure menu, select Clients.
- Result: The Clients pane appears.
- Click Create.
- Result: The Add Client pane appears.
- Set the Client ID to onapClientId and click Save. Note the Client ID which will be referred to as <clientId>.
- Result: The following notification appears: Success! The client has been created. The new client's profile page appears.
- Customize the following settings for the newly created client:
- Access Type: select confidential. Keycloak will generate a client secret that serves as a type of password for your client.
- Make sure the following settings are ON: Standard Flow Enabled, Direct Access Grants Enabled, Service Accounts Enabled, Authorization Enabled
- Type * in the Valid Redirect URIs field.
- Click Save.
- Result: The following notification appears: Success! Your changes have been saved to the client.
- Note the Client Secret which will be referred to as <clientSecret>:
- Select the Credentials tab.
- From the Client Authenticator drop-down list, select the Client ID and Secret and check the value of Secret.
- Add a new user on Keycloak:
- From the Manage menu, select Users.
- Result: The Users pane appears.
- Click Add user and define the parameters for the creation:
- Username: onap
- Note the username, it will be referred to as <onapUsername>.
- User Enabled: make sure it is On.
- Click Save.
- Result: The following notification appears: Success! The user has been created. The new user's profile page appears.
- Create a password for the user: select the Credentials tab on the user profile and set the password.
- Note: The user is prompted to change this password when logging in to CBAM for the first time.
- Assign the "user" role to the created user:
- Select the Role Mappings tab on the user profile.
- Select the "user" role from the Available Roles box, then click Add selected.
- Access the CBAM GUI login page with the following URL: https://<cbamIp> where <cbamIp> is the FQDN or IP address assigned to CBAM node during instantiation. Optionally, it may contain a port, for example, cbam.mycompany.com:port or 1.2.3.4:port.
- Log in to CBAM GUI using the created user.
- Change and note the password which will be referred to as <onapPassword>.
- Using SSH, add SSL certificates for all VIM connections or disable certificate verification as follows:
- For insecure connection (all certificates are automatically trusted)
- execute the below commands in the following order:
.. code-block:: console
sudo su -
ectl set /cbam/cluster/components/tlm/insecure_vim_connection true
ectl set /actions/reconfigure start
journalctl -fu cbam-reconfigure.service
- Wait for the "Started cbam-reconfigure.service." message.
- For secure connection : read the CBAM documentation.
Prepare /ets/hosts file on your laptop
--------------------------------------
Note: This is an optional step with which it is easier to copy paste URLs
* Using the OpenStack Horizon Dashboard, find the ONAP servers you have deployed and note their IP addresses.
* Depending on your operating system, use the respective method to prepare an /ets/hosts file to link the DNS servers to the corresponding IP addresses, see the table below:
+-------------------+---------------------------------+
| IP address | DNS entry |
+===================+=================================+
| <fill IP address> | portal.api.simpledemo.onap.org |
+-------------------+---------------------------------+
| <fill IP address> | policy.api.simpledemo.onap.org |
+-------------------+---------------------------------+
| <fill IP address> | sdc.api.simpledemo.onap.org |
+-------------------+---------------------------------+
| <fill IP address> | vid.api.simpledemo.onap.org |
+-------------------+---------------------------------+
| <fill IP address> | aai.api.simpledemo.onap.org |
+-------------------+---------------------------------+
| <fill IP address> | msb.api.simpledemo.onap.org |
+-------------------+---------------------------------+
| <fill IP address> | robot.api.simpledemo.onap.org |
+-------------------+---------------------------------+
Add the VNFM driver to ONAP
---------------------------
- Locate and note the IP address of the MSB (MSB_IP) on the OpenStack Horizon Dashboard. Look at the VM instances of ONAP and find one with vm1-multi-service name. This is where the MSB is located.
- Create VIM in A&AI Note:
- The VIM may already exist.
- Repeat this step for all VIMs planned to be used.
- Go to http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vim/vimView.html
- Result: The ONAP platform opens.
- On the platform, click Register.
- Result: The registration form opens.
- Fill in the fields.
- Note: Cloud credentials are supplied by the VNF integrator.
- To obtain the value of the Auth URL field and the tenant id (which will be required later), follow these steps:
- Note: The actual steps depend on the OpenStack Dashboard version and vendor.
- Go to OpenStack Horizon Dashboard.
- Select the Project main tab.
- Select the API Access tab.
- Click View Credentials.
- Copy the value of Authentication URL and paste it in the Auth URL field.
- Note the value of Project ID: this is the <tenantId> which will be required later (Repeat this step for all tenants planned to be used within the VIM.)
- Click Save.
- Result: The driver has been successfully added.
- Create tenant
- Note:
- The tenant may already exist.
- Repeat this step for all tenants planned to be used within the VIM.
- Using a REST client of your choice, send a request to the following URL: https://aai.api.simpledemo.onap.org:8443/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/<cloudOwner>/<cloudRegion>/tenants/tenant/<tenantId>
- download the content of the request: `aai.create.tenant.request.json <sample/aai.create.tenant.request.json>`
- In the request URL and in the content of the request, substitute <tenantId>, <cloudRegion> and <cloudOwner> with the respective values.
- HTTP method: PUT
- Set the following values in the Header of the request:
- basic auth AAI:AAI
- X-FromAppId : any
- X-TransactionId: any
- Content-type: application/json
- Accept: application/json
- Create customer in A&AI
- Note:
- The customer may already exists
- Using a REST client of your choice, send a request to the following URL: https://aai.api.simpledemo.onap.org:8443/aai/v11/business/customers/customer/123456
- download the content of the request: `aai.create.customer.request.json <sample/aai.create.customer.request.json>`
- In the downloaded content of the request, substitute <tenantName>, <tenantId>, <cloudRegion> and <cloudOwner> with the respective values.
- HTTP method: PUT
- Set the following values in the Header of the request:
- basic auth AAI:AAI
- X-FromAppId : any
- X-TransactionId: any
- Content-type: application/json
- Accept: application/json
- Register the VNFM as an external system:
- Access the following URL: http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vnfm/vnfmView.html
- Result: The ONAP platform opens
- The VNFM has four end points. These end points must be configured in the external system configuration of the VNFM.
- Authentication endpoint: https://$CBAM_IP:443/auth/
- Life-cycle management endpoint: https://<cbamIp>:443/vnfm/lcm/v3/
- Life-cycle change notification endpoint: https://<cbamIp>:443/vnfm/lcn/v3/
- Catalog endpoint: https://<cbamIp>:443/api/catalog/adapter/
- On the platform, click Register.
- Result: The registration form opens.
- Fill in the fields as follows:
- Note: Cloud credentials are supplied by the VNF integrator.
+-----------------+------------------------------------------+
| key | Value |
+-----------------+------------------------------------------+
| Name | CbamVnfm |
+-----------------+------------------------------------------+
| type | NokiaSVNFM |
+-----------------+------------------------------------------+
| Vendor | Nokia |
+-----------------+------------------------------------------+
| version | v1 |
+-----------------+------------------------------------------+
| URL | <authUrl>_<lcmUrl>_<lcnUrl>_<catalogUrl> |
+-----------------+------------------------------------------+
| VIM | <cloudOwner>_<cloudRegion> |
+-----------------+------------------------------------------+
| certificate URL | |
+-----------------+------------------------------------------+
| Username | <onapUsername>_<clientId> |
+-----------------+------------------------------------------+
| Password | <onapPassword>_<clientSecret> |
+-----------------+------------------------------------------+
- Click Save.
- Result: The registration has been completed.
- Determine the UUID of the VNFM:
- Using a REST client of your choice, send a request to the following URL: https://aai.api.simpledemo.onap.org:8447/aai/v11/external-system/esr-vnfm-list/esr-vnfm?depth=all
- HTTP method: GET
- Set the following values in the Header of the request:
- basic auth AAI:AAI
- X-FromAppId : any
- X-TransactionId: any
- Content-type: application/json
- Accept: application/json
- Look for the previously registered VNFM and note the value of (vnfm-id) <vnfmId>.
Configure the SVNFM driver (generic)
------------------------------------
- Using SSH, download the CBAM SVNFM driver by executing the following command:
docker pull https://nexus.onap.org/content/sites/raw/onap/vfc/nfvo/svnfm/nokiav2:1.1.0-STAGING-latest
- Determine the IMAGE ID:
- Execute the following command: docker images
- Find the required image and note the IMAGE ID.
- Start the driver:
- Fill in the required values and execute the following:
.. code-block:: console
export MULTI_NODE_IP=<multiNodeIp>
export VNFM_ID=<vnfmId>
export IMAGE_ID=<imageId>
docker run --name vfc_nokia -p 8089:8089 -e "MSB_IP=$MULTI_NODE_IP" -e "CONFIGURE=kuku" -e "EXTERNAL_IP=$MULTI_NODE_IP" -e "VNFM_ID=$VNFM_ID" -d --stop-timeout 300 $IMAGE_ID
- Determine the identifier of the container:
- Execute the following command: docker ps
- Find the required container and note the CONTAINER ID (first column/first row on the list).
- Verify if the VNFM driver has been successfully started by executing the following commands:
.. code-block:: console
execute docker exec -it <containerId> /bin/bash
execute tail -f service.log
- Result: The SVNFM integration is successful if the end of the command output contains "Started NokiaSvnfmApplication".
- Verify if the SVNFM is registered into MSB:
- Go to http://msb.api.simpledemo.onap.org/msb
- Check if NokiaSVNFM micro service is present in the boxes.
Configure the SVNFM driver (ONAP demo environment)
--------------------------------------------------
This step is executed instead of the "Configure the SVNFM driver (generic)" in case of an ONAP demo environment.
- Configure the already running instance:
- Execute the following command: docker exec -it `docker ps | grep nokiav2 | awk '{print $1}'` /bin/bash
- Edit /service/application.properties:
- In this file, change the default values of the following keys to the correct values: vnfmId
- Restart the VNFM service
- Execute the following command: kill -9 `ps -ef | grep java | grep -v grep | awk '{print $2}'`