Versions Compared

Version Old Version 39 New Version 40
Changes made by

Chenfei Gao

Chenfei Gao

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Each PDP will need to be able to support native policies being deploy/undeployed to it as done today.

4.1 Drools PDP

Drools PDP will need to be able to instantiate a new controller instance and then ingest native DRL to that controller. First change needed is to expose telemetry API to external users, particularly the one being used to create a new controller. One example is shown as below

curl -k --user "demo@people.osaaf.org:demo123456!" -X POST --data @example-controller.rest.json --header "Content-Type: application/json" https://{ip or hostname}:9696/policy/pdp/engine/controllers

Code Block
languagejs
titleexample-controller.rest.json
collapsetrue
{
    "controller.name": "example-controller",
    
    "ueb.source.topics": "EXAMPLE-SOURCE-TOPIC",
    "ueb.source.topics.EXAMPLE-SOURCE-TOPIC.servers": "example-dmaap-server",
    "ueb.source.topics.EXAMPLE-SOURCE-TOPIC.events": "example-source-event-class",
    
    "ueb.sink.topics": "EXAMPLE-SINK-TOPIC",
    "ueb.sink.topics.EXAMPLE-SINK-TOPIC.servers": "example-dmaap-server",
    "ueb.sink.topics.EXAMPLE-SINK-TOPIC.events": "example-sink-event-class",
    
    "rules.groupId": "org.onap.policy.controlloop",
    "rules.artifactId": "policy-ran-optimization",
    "rules.version": "1.0.0-SNAPSHOT"
}

In addition, when drools PDP receives native policy deployed from PAP, given the deployment contains groupId, artifactId and version, drools PDP will need to pull the java artifact that contains drl rules as well as corresponding dependency artifacts then place them in local m2 repo. When a new controller shown above is created, it will scan local m2, search for the artifact with specified "rules.groupId", "rules.artifactId" and "rules.version" and load its contained drl rules into drools memory.

On the other hand, if drools PDP receives a request from PAP to undeploy a native policy, it will need to disable/delete the corresponding controller and remove the corresponding artifact from local m2 repo. Deleting a controller can be realized by calling exposed telemetry API. For example:

curl -k --user "demo@people.osaaf.org:demo123456!" -X DELETE https://{ip or hostname}:9696/policy/pdp/engine/controllers/example-controller


4.2 XACML PDP

XACML PDP will need to be able to ingest a XACML XML Policy directly. One suggestion is to create an application specifically for the XACML natives rules by default. The opportunity exists where a policy designer could create a specific application that supports native XACML policies (with or without TOSCA Policy Types as an option) and uses the grouping of PDPs to differentiate itself from the default XACML native rule application. The XACML PDP should also be enhanced to support configuring of applications in order to provide flexibility to the policy designers as to where all of its possible policy types and content types are deployed.

With regards to the Decision API supported by XACML, that api can be enhanced to support XACML XML requests/responses directly.

...

5.1 Drools native policies supported by the PDP-D engine

Create native DRL

...


Update native DRL

...


Deploy native DRL

Image Removed


Undeploy native DRL

Image Removed


Delele native DRL

...


5.2 XACML native policies supported by the PDP-X engine

...