...
In the ONAP Policy Framework, the interfaces to the PDP are designed to be as streamlined as possible. Because the PDP is the main unit of scalability in the Policy Framework, the PF is designed to allow PDPs in a PDP group to arbitrarily appear and disappear and for policy consistency across all PDPs in a PDP group to be easily maintained. Therefore, PDPs have just two interfaces; an interface that users can use to execute policies and interface to the PAP for administration, life cycle management and monitoring. The PAP is responsible for controlling the state across the PDPs in a PDP group. The PAP interacts with the Policy database and transfers policy sets to PDPs, and may cache the policy sets for PDP groups.
See also Sectino 2 of the Policy Design and API Flow for Model Driven Control Loop - Draft page, where the mechanisms for PDP Deployment and Registration with PAP are explained.
2.3.1 Policy Framework Services
...
If, for example, a service called policy-pdpd-control-loop is defined that runs 5 PDP-D instances. The service has the end point https://policy-pdpd-control-loop.onap/<service-specific-path>. When the service is started, Kubernetes spins up 5 PDP-Ds. Calls to the end point https://policy-pdpd-control-loop.onap/<service-specific-path> are distributed across the 5 PDP-D instances. Note that the .onap part of the service endpoint is the namespace being used ans and is specified for the full ONAP Kuberentes installation.
...
| Service | Endpoint | Description |
|---|---|---|
| PAP | https://policy-pap | The PAP service, used for policy administration and deployment. See Section 3.2 Policy Design and API Flow for Model Driven Control Loop - Draft for details of the API for this service |
| PDP-X-domain | https://policy-pdpx-domain | A PDP service is defined for each PDP group. A PDP group is identified by the domain on which it operates. For example, there could be two PDP-X domains, one for admission policies for ONAP proper and another for admission policies for VNFs of operator Supacom. Two PDP-X services are defined: https://policy-pdpx-onap |
| PDP-D-domain | https://policy-pdpd-domain | |
| PDP-A-domain | https://policy-pdpa-domain |
...
The following diagram captures the relationship between Policy Framework concepts at run time.
There is a one to one relationship between a policy service a PDP SubGroup, a Kubernetes PDP service, and the policies for a certain domainset of policies assigned to run in the PDP subgroup. Each PDP service is used for a particular policy domain, runs a single PDP group subgroup with multiple PDPs, which executes a specific Policy Set containing a number of policies that have been assigned to that PDP subgroup. Having and maintaining this principle makes policy deployment and administration much more straightforward than it would be if complex relationships between PDP services, groupsPDP subgroups, and policy sets.
The topology of the PDPs and their policy sets is held in the Policy Framework database and is administered by the PAP service.
The diagram above outlines the gives an indicative structure of the run time topology information in the Policy Framework database. Note that theĀ PDP_GROUPSUBGROUP_STATE andĀ PDP_STATE fields hold state information for life cycle management of PDP groups and PDPs. The POLICY_MAVEN_ARTIFACT field holds a reference that a PAP can use to fetch the policy artifact from Maven.
2.3.3 Startup, Shutdown and Restart
...