New component capabilities for Frankfurt, i.e. the functional enhancements.
Frankfurt release targets the completion of the work started in Dublin to re-build the Policy Framework infrastructure. The new capabilities were to complete missing functionality that was previously in the legacy components, or was targeted to be part of the platform and was not able to be finished in Dublin:
...
Consolidation of Policy Health Check - China Ericsson Team
Jira Legacy |
---|
server | System Jira | columns | key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | REQPOLICY-252025 |
---|
|
-
When policies are deployed/undeployed (eg new version or removal), then some ONAP components need more immediate notification. Notably, DCAE microservices need to respond quickly to policy changes. James Hahn Jira Legacy |
---|
server | System Jira |
---|
columns | key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | REQ-9 |
---|
|
- Enhances the validation of TOSCA Policy Types and provides tools to Policy Designers. Liam FallonBetter support for TOSCA Data Types, Policy Types and Policies. Currently (Dublin/El Alto), policies are validated by PDPs at load time, and the Policy Framework checks that the policy type of a policy is valid and exists when it is stored over the API
In Frankfurt, we will:
- Validate that the parent policy types, and referenced data types in policy types and data types exist
- Return fully dereferenced policy types and data types on get requests
- Vaidate consistent create and update on policy types and data types
- Validate references to policy tpyes and data types prior to deletion of policy types and data types
- Validate versions of policy types and policies
- Validation of policies against their policy types on create and update of policies (Stretch)
See R6 Data Type, Policy Type, and Policy Referencing and Versioning for more information.
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | POLICY-1845 |
---|
|
- Some support for this in the legacy components, this work greatly enhances the ability to load PDP native policies that either execute alone or in conjunction with TOSCA Policy Types. Adds in Apex Native Policy Types in addition to XACML, Drools.- Designed TOSCA-compliant solution to create/read/update/delete(CRUD), deploy/undeploy and store native PDP policies and their artifacts
- Designed native PDP policy types off which native policies executable in different PDP engines (i.e. Drools, XACML, APEX) can be created and deployed
- Build a validator for the API payload provided to create native PDP policies to avoid unnecessary inconsistency between policy artifacts in the nexus and TOSCA policies in the database
- Build Drools PDP (PDP-D) support for native Drools policy execution
- Build XACML PDP (PDP-X) support for native XACML policy enforcement
- Build APEX PDP (PDP-A) support for native APEX policy execution
Optimization and Naming Policies - Better Use of the Decision API Pamela Dragosh
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | REQ-162 |
---|
|
In working with the OOF team, we are moving some of the decision making that the legacy engine could not support into the new xacml PDP engine which supports a Decision API. Previously, OOF had to make 2 separate API calls.
The addition of "matchable" attributes in the Optimization and Naming policies allow the XACML PDP to dynamically translate TOSCA policies to XACML for more fine-grained policy Decisions.
The OOF optimize uses a "best matches" algorithm on top of the XACML engine fine-grained decision in order to further refine the decision to return only the "best matching" policy given the attributes in the Decision API call.
...
language | js |
---|
title | Base Optimization Policies - including "matchable" |
---|
linenumbers | true |
---|
...
Per Integration team, one single health check requested that gives status for the whole of Policy Framework components.
- New API implemented in PAP : /policy/pap/v1/pdps/healthcheck
Example API result:
Code Block |
---|
{
"pdps": {
"xacml": [
{
"instanceId": "CN-00000994",
"pdpState": "ACTIVE",
"healthy": "HEALTHY"
}
],
"drools": [
{
"instanceId": "CN-00000994",
"pdpState": "ACTIVE",
"healthy": "HEALTHY"
}
],
"apex": [
{
"instanceId": "CN-00000994",
"pdpState": "ACTIVE",
"healthy": "HEALTHY"
}
]
},
"healthy": true,
"api": {
"name": "Policy API",
"url": "http://policy-api:6969/policy/api/v1/healthcheck",
"healthy": true,
"code": 200,
scope"message": "alive"
},
description"distribution": Scope{
for the policy - could be for a specific release.
"name": "Policy SSD",
type: list"url": "http://policy-distribution:6969/healthcheck",
"healthy": true,
metadata: "code": 200,
matchable"message": true"alive"
},
"pap": {
required: true "name": "Policy PAP",
entry_schema: "url": "http://policy-pap:6969/policy/pap/v1/healthcheck",
type"healthy": stringtrue,
geography"code": 200,
description"message": One"alive"
or more geographic regions type: list
metadata:
matchable: true
required: true
entry_schema:
type: string
constraints:
- valid_values:
- US
- International
identity:
description: Used internally for identification
type: string
required: true |
The OOF optimization Decision includes the ability to ask the decision to take in "context" when returning policy decisions. Eliminates one less call the OOF project had to make to the Policy Decision API to retrieve policies during runtime.
Code Block |
---|
language | js |
---|
title | Example Decision API call Payload |
---|
linenumbers | true |
---|
|
{
"ONAPName": "OOF",
"ONAPComponent": "OOF-component",
"ONAPInstance": "OOF-component-instance",
"context" : {
"subscriberName": []
},
"action": "optimize",
"resource": {
"scope": [],
"services": [],
"resources": [],
"geography": []
}
}
|
...
PDP Statistics - China Ericsson Team
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | POLICY-2025 |
---|
|
- The same epic also covers the work for collecting various statistics of registered PDP engines and storing them in the Policy DB.- Policy models and related provider classes created for storing PDP Statistics in DB.
- REST API created in PAP to fetch the PDP Statistics saved in Policy DB.
- PdpStatus heartbeat messages from apex-pdp has been updated to include current statistics in every interval. Xacml-pdp & drools-pdp will be updated shortly.
- PAP handlers has been updated to collect & store the statistics coming in heartbeat messages to Policy DB.
PDP Monitoring GUI - China Ericsson Team
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | POLICY-1751 |
---|
|
- This epic covers the work to create a GUI that polls the PDP statistics from PAP for monitoring PDP engines. This is currently work in progress.A new UI is being developed to show
- the list of PDP engines registered with PAP
- the statistics of an individual PDP engine.
- the cumulative statistics of a group of PDP engines.
- the cumulative statistics of all PDP engines for a particular domain.
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key |
---|
|
...
...
Finishing the work started in Dublin to fully move ALL the Control Loop Policy Types into TOSCA compliance with CLAMP team. Previously our operational and guard policies used a YAML format defined a few years ago. In this effort we are translating it to be fully compliant with TOSCA and cleaning up some of the syntax.
...
language | js |
---|
title | Operational Policy Type |
---|
linenumbers | true |
---|
...
- Started in Dublin as dark code, finishing the support for this new actor to be fully available for Control Loop Operational Policies- CDS is added as an actor in Policy to take actions
- Integration is done by implementing a gRPC call to CDS
- Validation is done against vFirewall use case
- Sample Operational Policy YAML for vFirewall usecase:
Code Block |
---|
|
controlLoop:
version: 2.0.0
controlLoopName: ControlLoop-vFirewall-7e4fbe9c-d612-4ec5-bbf8-605aeabdb677
trigger_policy: unique-policy-id-1-modifyConfig
timeout: 60
abatement: false
policies:
- id: unique-policy-id-1-modifyConfig
name: modifyconfig-cds-actor
description: Operational
Policy for Control Loop executionactor: CDS
propertiesrecipe: modify-config
target:
idresourceID: 7e4fbe9c-d612-4ec5-bbf8-605aeabdb677
type: VNF
typepayload:
String artifact_name: vFW-CDS
description: The unique control loop id.artifact_version: 1.0.0
data: '{"active-streams":"7"}'
requiredretry: true
0
timeout: 30
success: final_success
typefailure: Integerfinal_failure
failure_timeout: final_failure_timeout
failure_retries: final_failure_retries
descriptionfailure_exception: |final_failure_exception
Overall timeout for executing all the operations. This timeout should equal or exceed the total
failure_guard: final_failure_guard |
- REST equivalent of the gRPC request from Policy to CDS to execute a CBA:
Code Block |
---|
|
curl -X POST \
'http://{{ip}}:{{port}}/api/v1/execution-service/process' \
-H 'Authorization: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==' \
-H 'Content-Type: application/json' \
-H 'cache-control: no-cache' \
-d '{
"commonHeader":{
"subRequestId":"14384b21-8224-4055-bb9b-0469397db801",
timeout for each operation listed.
"requestId":"d57709fb-bbec-491d-a2a6-8a25c8097ee8",
"originatorId":"POLICY"
},
required: true "actionIdentifiers":{
abatement:"mode":"sync",
type: Boolean"blueprintName":"vFW-CDS",
description: Whether an abatement event message will be expected for the control loop from DCAE."blueprintVersion":"1.0.0",
"actionName":"config-deploy"
},
"payload":{
required: true"config-deploy-request":{
default: false"resolution-key":"6128eb53-0eac-4c79-855c-ff56a7b81141",
trigger:"config-deploy-properties":{
type: String"service-instance.service-instance-id":"40004db6-c51f-45b0-abab-ea4156bae422",
description: Initial operation to execute upon receiving an Onset event message for the Control Loop."generic-vnf.vnf-id":"8d09e3bd-ae1d-4765-b26e-4a45f568a092",
"data":{
required: true operations:"active-streams":"7"
type:}
List }
description: List of operations to}
be performed when Control Loop is triggered.
required: true
entry_schema:
type: onap.datatype.controlloop.Operation
onap.policies.controlloop.operational.common.Apex:
derived_from: onap.policies.controlloop.operational.Common}
}' |
Policy Update Notifications James Hahn
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | POLICY-1840 |
---|
|
- When policies are deployed/undeployed (eg new version or removal), then some ONAP components need more immediate notification. Notably, DCAE microservices need to respond quickly to policy changes. James HahnWhen a policy has been pushed (or "unpushed") to all relevant PDPs, a notification is published to the DMaaP topic, POLICY-NOTIFICATION, a sample of which is shown below:
Code Block |
---|
{
"deployed-policies": [
{
type_version: 1.0.0 version: 1.0.0"policy-type": "onap.policies.monitoring.cdap.tca.hi.lo.app",
description: Operational policies for Apex PDP "policy-type-version": "1.0.0",
properties: "policy-id": "onap.policies.controlloop.operational.common.Drools:
scaleout.tca",
derived_from: onap.policies.controlloop.operational.Common type_"policy-version": 1"2.0.0",
version: 1.0.0 description"success-count": Operational3,
policies for Drools PDP properties"failure-count": 0
}
controllerName: ],
"undeployed-policies": [
type:{
String "policy-type": "onap.policies.firewall",
description: Drools controller properties "policy-type-version": "1.0.0",
required: false data_types:
"policy-id": "onap.firewall.tca",
# TBD if this is needed onap.datatype.controlloop.operation.Failure:"policy-version": "6.0.0",
derived_from: tosca.datatypes.Root
description: Captures information of an operational failure performed for control loop
properties:
"success-count": 3,
"failure-count": 0
}
messages: type: String
description: error message
required: true
category:
type: String
description: |
The category the error occurred in. Whether this is a general error from the actor, or the operation
timed out, retries were exhausted in trying to execute the operation, a guard policy prevented the
operation from occuring, or an exception in the system caused the failure.
constraints:
]
} |
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | POLICY-2027 |
---|
|
- Enhances the validation of TOSCA Policy Types and provides tools to Policy Designers. Liam FallonBetter support for TOSCA Data Types, Policy Types and Policies. Currently (Dublin/El Alto), policies are validated by PDPs at load time, and the Policy Framework checks that the policy type of a policy is valid and exists when it is stored over the API
In Frankfurt, we will:
- Validate that the parent policy types, and referenced data types in policy types and data types exist
- Return fully dereferenced policy types and data types on get requests
- Vaidate consistent create and update on policy types and data types
- Validate references to policy tpyes and data types prior to deletion of policy types and data types
- Validate versions of policy types and policies
- Validation of policies against their policy types on create and update of policies (Stretch)
See R6 Data Type, Policy Type, and Policy Referencing and Versioning for more information.
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | POLICY-1845 |
---|
|
- Some support for this in the legacy components, this work greatly enhances the ability to load PDP native policies that either execute alone or in conjunction with TOSCA Policy Types. Adds in Apex Native Policy Types in addition to XACML, Drools.- Designed TOSCA-compliant solution to create/read/update/delete(CRUD), deploy/undeploy and store native PDP policies and their artifacts
- Designed native PDP policy types off which native policies executable in different PDP engines (i.e. Drools, XACML, APEX) can be created and deployed
- Build a validator for the API payload provided to create native PDP policies to avoid unnecessary inconsistency between policy artifacts in the nexus and TOSCA policies in the database
- Build Drools PDP (PDP-D) support for native Drools policy execution
- Build XACML PDP (PDP-X) support for native XACML policy enforcement
- Build APEX PDP (PDP-A) support for native APEX policy execution
Code Block |
---|
title | Native XACML policy type |
---|
linenumbers | true |
---|
collapse | true |
---|
|
tosca_definitions_version: tosca_simple_yaml_1_0_0
policy_types:
onap.policies.Native:
derived_from: tosca.policies.Root
- valid_valuesdescription: [error, timeout, retries, guard, exception]
a base policy type for all native PDP policies
version: 1.0.0
onap.datatypepolicies.controlloopnative.TargetXacml:
derived_from: toscaonap.datatypespolicies.RootNative
description: a policy Definitiontype for native axacml policies
entity in A&AI to perform a control loop operation onversion: 1.0.0
properties:
targetTypepolicy:
type: String
descriptionrequired: Categorytrue
for the target type description: The XML XACML 3.0 required:PolicySet trueor Policy
constraints metadata:
- valid_values: [VNF, VM, VFMODULE, PNF]
encoding: URL |
Code Block |
---|
title | Native Drools policy type |
---|
linenumbers | true |
---|
collapse | true |
---|
|
tosca_definitions_version: tosca_simple_yaml_1_0_0
policy_types:
onap.policies.Native:
entityIds: derived_from: tosca.policies.Root
description: a base policy type: Mapfor all native PDP policies
descriptionversion: |1.0.0
onap.policies.native.Drools:
derived_from: onap.policies.Native
Map of values that identifydescription: thea resource.policy Iftype nonefor arenative provided,drools itpolicies
is assumed that the version: 1.0.0
properties:
entity that generated the ONSET event will berule_artifact:
the target. type: required: falseonap.datatypes.native.rule_artifact
onap.datatype.controlloop.Actor: derived_fromrequired: tosca.datatypes.Roottrue
description: An actor/operation/target definition description: the GAV information of the maven properties:artifact
actorcontroller:
type: Stringonap.datatypes.drools.controller.relation
descriptionrequired: Thetrue
actor performing the operation. description: the drools controller required:to truewhich the current native policy is assigned
data_types:
operationonap.datatypes.native.rule_artifact:
derived_from: tosca.datatypes.Root
type: String properties:
groupId:
description: The operation the actor is performing. type: string
required: true required: true
target: description: the groupId of the maven artifact
type: String artifactId:
description: The resource the operation should be performedtype: on.string
required: true
metadatadescription: the artifactId of the maven artifact
clamp_possible_valuesversion:
<string:see clamp project for syntax> type: payload:string
typerequired: Maptrue
description: Name/valuethe pairsversion of payloadthe informationmaven passedartifact
by Policy to the actor onap.datatypes.drools.controller.relation:
derived_from: tosca.datatypes.Root
required: false properties:
entry_schemacontrollerPolicyName:
type: Stringstring
onap.datatype.controlloop.Operation: derived_from: tosca.datatypes.Root required: true
description: An operation supported by an actor propertiesdescription: the name of drools controller policy
id: typecontrollerPolicyVersion:
String descriptiontype: Unique identifierstring
for the operation required: true
description: description: the version of drools controller policy |
Code Block |
---|
title | Native APEX policy type |
---|
linenumbers | true |
---|
collapse | true |
---|
|
tosca_definitions_version: tosca_simple_yaml_1_0_0,
policy_types:
typeonap.policies.Native:
String derived_from: tosca.policies.Root
description: Aa user-friendlybase descriptionpolicy oftype the intent for theall operationnative PDP policies
version: 1.0.0
requiredonap.policies.native.Apex:
false derived_from: onap.policies.Native
operation: description: a policy type for native apex policies
type: onap.datatype.controlloop.Actor version: 1.0.0
descriptionproperties:
The definition of the operation to be performed. engine_service:
required: true type: onap.datatypes.native.apex.EngineService
metadata: description: APEX Engine Service Parameters
clamp_possible_values: <string:see clamp project for syntax> inputs:
timeouttype: map
type description: IntegerInputs for handling events coming into the APEX engine
description: The amount of time for the actorentry_schema:
to perform the operation. requiredtype: trueonap.datatypes.native.apex.EventHandler
retriesoutputs:
type: Integermap
description: TheOutputs for numberhandling ofevents retriesgoing theout actorof shouldthe attemptAPEX toengine
perform the operation. entry_schema:
required: true defaulttype: 0onap.datatypes.native.apex.EventHandler
successenvironment:
type: Stringlist
description: Envioronmental Pointsparameters tofor the operationAPEX toengine
invoke on success. A value of "final_success" indicates and end to the operation. entry_schema:
required: falsetype: onap.datatypes.native.apex.Environment
data_types:
onap.datatypes.native.apex.EngineService:
derived_from: tosca.datatypes.Root
defaultproperties: final_success
failurename:
type: Stringstring
description: Points toSpecifies the operationengine toname
invoke on Actor operation failure.
required: false
default: final_failure"ApexEngineService"
failure_timeoutversion:
type: Stringstring
description: Points toSpecifies the operationengine toversion invokein whendouble thedotted timeformat
out for the operation occurs.
required: false
default: final_failure_timeout"1.0.0"
failure_retriesid:
type: Stringint
description: Points to the operation to invoke when the current operation has exceeded its max retries.
Specifies the engine id
required: true
requiredinstance_count:
false defaulttype: final_failure_retriesint
failure_exception: description: Specifies the number of engine threads that should be run
type: String required: true
description: Points to the operation to invoke when the current operationdeployment_port:
causes an exception. requiredtype: falseint
defaultdescription: final_failure_exceptionSpecifies the port to connect to for engine administration
failure_guard: typerequired: Stringfalse
descriptiondefault: Points1
to the operation to invoke when the current operation is blocked due to guard policy enforcement.policy_model_file_name:
requiredtype: falsestring
defaultdescription: final_failure_guard
|
Much discussion for this was done in the Control Loop sub committee meetings. As captured here: Control Loop Policy Type Design Proposal#1: Simple upgrade of legacy policy types to TOSCA
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | POLICY-2087 |
---|
|
- Started in Dublin as dark code, finishing the support for this new actor to be fully available for Control Loop Operational PoliciesPDP Statistics - China Ericsson Team
PDP Monitoring GUI - China Ericsson Team
Consolidation of Policy Health Check - China Ericsson Team
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | POLICY-2025 |
---|
|
...
The name of the file from which to read the APEX policy model
required: false
default: ""
policy_type_impl:
type: string
description: The policy type implementation from which to read the APEX policy model
required: false
default: ""
periodic_event_period:
type: string
description: The time interval in milliseconds for the periodic scanning event, 0 means don't scan
required: false
default: 0
engine:
type: onap.datatypes.native.apex.engineservice.Engine
description: The parameters for all engines in the APEX engine service
required: true
onap.datatypes.native.apex.EventHandler:
derived_from: tosca.datatypes.Root
properties:
name:
type: string
description: Specifies the event handler name, if not specified this is set to the key name
required: false
carrier_technology:
type: onap.datatypes.native.apex.CarrierTechnology
description: Specifies the carrier technology of the event handler (such as REST/Web Socket/Kafka)
required: true
event_protocol:
type: onap.datatypes.native.apex.EventProtocol
description: Specifies the event protocol of events for the event handler (such as Yaml/JSON/XML/POJO)
required: true
event_name:
type: string
description: Specifies the event name for events on this event handler, if not specified, the event name is read from or written to the event being received or sent
required: false
event_name_filter:
type: string
description: Specifies a filter as a regular expression, events that do not match the filter are dropped, the default is to let all events through
required: false
synchronous_mode:
type: bool
description: Specifies the event handler is syncronous (receive event and send response)
required: false
default: false
synchronous_peer:
type: string
description: The peer event handler (output for input or input for output) of this event handler in synchronous mode, this parameter is mandatory if the event handler is in synchronous mode
required: false
default: ""
synchronous_timeout:
type: int
description: The timeout in milliseconds for responses to be issued by APEX torequests, this parameter is mandatory if the event handler is in synchronous mode
required: false
default: ""
requestor_mode:
type: bool
description: Specifies the event handler is in requestor mode (send event and wait for response mode)
required: false
default: false
requestor_peer:
type: string
description: The peer event handler (output for input or input for output) of this event handler in requestor mode, this parameter is mandatory if the event handler is in requestor mode
required: false
default: ""
requestor_timeout:
type: int
description: The timeout in milliseconds for wait for responses to requests, this parameter is mandatory if the event handler is in requestor mode
required: false
default: ""
onap.datatypes.native.apex.CarrierTechnology:
derived_from: tosca.datatypes.Root
properties:
label:
type: string
description: The label (name) of the carrier technology (such as REST, Kafka, WebSocket)
required: true
plugin_parameter_class_name:
type: string
description: The class name of the class that overrides default handling of event input or output for this carrier technology, defaults to the supplied input or output class
required: false
onap.datatypes.native.apex.EventProtocol:
derived_from: tosca.datatypes.Root
properties:
label:
type: string
description: The label (name) of the event protocol (such as Yaml, JSON, XML, or POJO)
required: true
event_protocol_plugin_class:
type: string
description: The class name of the class that overrides default handling of the event protocol for this carrier technology, defaults to the supplied event protocol class
required: false
onap.datatypes.native.apex.Environmental:
derived_from: tosca.datatypes.Root
properties:
name:
type: string
description: The name of the environment variable
required: true
value:
type: string
description: The value of the environment variable
required: true
onap.datatypes.native.apex.engineservice.Engine:
derived_from: tosca.datatypes.Root
properties:
context:
type: onap.datatypes.native.apex.engineservice.engine.Context
description: The properties for handling context in APEX engines, defaults to using Java maps for context
required: false
executors:
type: map
description: The plugins for policy executors used in engines such as javascript, MVEL, Jython
required: true
entry_schema:
description: The plugin class path for this policy executor
type: string
onap.datatypes.native.apex.engineservice.engine.Context:
derived_from: tosca.datatypes.Root
properties:
distributor:
type: onap.datatypes.native.apex.Plugin
description: The plugin to be used for distributing context between APEX PDPs at runtime
required: false
schemas:
type: map
description: The plugins for context schemas available in APEX PDPs such as Java and Avro
required: false
entry_schema:
type: onap.datatypes.native.apex.Plugin
locking:
type: onap.datatypes.native.apex.plugin
description: The plugin to be used for locking context in and between APEX PDPs at runtime
required: false
persistence:
type: onap.datatypes.native.apex.Plugin
description: The plugin to be used for persisting context for APEX PDPs at runtime
required: false
onap.datatypes.native.apex.Plugin:
derived_from: tosca.datatypes.Root
properties:
name:
type: string
description: The name of the executor such as Javascript, Jython or MVEL
required: true
plugin_class_name:
type: string
description: The class path of the plugin class for this executor |
Optimization and Naming Policies - Better Use of the Decision API Pamela Dragosh
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | POLICY-2067 |
---|
|
- In working with the OOF team, we are moving some of the decision making that the legacy engine could not support into the new xacml PDP engine which supports a Decision API. Previously, OOF had to make 2 separate API calls. The addition of "matchable" attributes in the Optimization and Naming policies allow the XACML PDP to dynamically translate TOSCA policies to XACML for more fine-grained policy Decisions.The OOF optimize uses a "best matches" algorithm on top of the XACML engine fine-grained decision in order to further refine the decision to return only the "best matching" policy given the attributes in the Decision API call.
Code Block |
---|
language | js |
---|
title | Base Optimization Policies - including "matchable" |
---|
linenumbers | true |
---|
|
tosca_definitions_version: tosca_simple_yaml_1_0_0
policy_types:
onap.policies.Optimization:
derived_from: tosca.policies.Root
version: 1.0.0
description: The base policy type for all policies that govern optimization
properties:
scope:
description: Scope for the policy - could be for a specific release.
type: list
metadata:
matchable: true
required: true
entry_schema:
type: string
geography:
description: One or more geographic regions
type: list
metadata:
matchable: true
required: true
entry_schema:
type: string
constraints:
- valid_values:
- US
- International
identity:
description: Used internally for identification
type: string
required: true |
The OOF optimization Decision includes the ability to ask the decision to take in "context" when returning policy decisions. Eliminates one less call the OOF project had to make to the Policy Decision API to retrieve policies during runtime.
Code Block |
---|
language | js |
---|
title | Example Decision API call Payload |
---|
linenumbers | true |
---|
|
{
"ONAPName": "OOF",
"ONAPComponent": "OOF-component",
"ONAPInstance": "OOF-component-instance",
"context" : {
"subscriberName": []
},
"action": "optimize",
"resource": {
"scope": [],
"services": [],
"resources": [],
"geography": []
}
}
|
TOSCA Compliant Operational and Guard Policies Pamela Dragosh
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | POLICY-2118 |
---|
|
- Finishing the work started in Dublin to fully move ALL the Control Loop Policy Types into TOSCA compliance with CLAMP team. Previously our operational and guard policies used a YAML format defined a few years ago. In this effort we are translating it to be fully compliant with TOSCA and cleaning up some of the syntax. Code Block |
---|
language | js |
---|
title | Operational Policy Type |
---|
linenumbers | true |
---|
|
tosca_definitions_version: tosca_simple_yaml_1_0_0
policy_types:
onap.policies.controlloop.operational.Common:
derived_from: tosca.policies.Root
version: 1.0.0
description: Operational Policy for Control Loop execution
properties:
id:
type: String
description: The unique control loop id.
required: true
timeout:
type: Integer
description: |
Overall timeout for executing all the operations. This timeout should equal or exceed the total
timeout for each operation listed.
required: true
abatement:
type: Boolean
description: Whether an abatement event message will be expected for the control loop from DCAE.
required: true
default: false
trigger:
type: String
description: Initial operation to execute upon receiving an Onset event message for the Control Loop.
required: true
operations:
type: List
description: List of operations to be performed when Control Loop is triggered.
required: true
entry_schema:
type: onap.datatype.controlloop.Operation
onap.policies.controlloop.operational.common.Apex:
derived_from: onap.policies.controlloop.operational.Common
type_version: 1.0.0
version: 1.0.0
description: Operational policies for Apex PDP
properties:
onap.policies.controlloop.operational.common.Drools:
derived_from: onap.policies.controlloop.operational.Common
type_version: 1.0.0
version: 1.0.0
description: Operational policies for Drools PDP
properties:
controllerName:
type: String
description: Drools controller properties
required: false
data_types:
# TBD if this is needed
onap.datatype.controlloop.operation.Failure:
derived_from: tosca.datatypes.Root
description: Captures information of an operational failure performed for control loop
properties:
messages:
type: String
description: error message
required: true
category:
type: String
description: |
The category the error occurred in. Whether this is a general error from the actor, or the operation
timed out, retries were exhausted in trying to execute the operation, a guard policy prevented the
operation from occuring, or an exception in the system caused the failure.
constraints:
- valid_values: [error, timeout, retries, guard, exception]
onap.datatype.controlloop.Target:
derived_from: tosca.datatypes.Root
description: Definition for a entity in A&AI to perform a control loop operation on
properties:
targetType:
type: String
description: Category for the target type
required: true
constraints:
- valid_values: [VNF, VM, VFMODULE, PNF]
entityIds:
type: Map
description: |
Map of values that identify the resource. If none are provided, it is assumed that the
entity that generated the ONSET event will be the target.
required: false
onap.datatype.controlloop.Actor:
derived_from: tosca.datatypes.Root
description: An actor/operation/target definition
properties:
actor:
type: String
description: The actor performing the operation.
required: true
operation:
type: String
description: The operation the actor is performing.
required: true
target:
type: String
description: The resource the operation should be performed on.
required: true
metadata:
clamp_possible_values: <string:see clamp project for syntax>
payload:
type: Map
description: Name/value pairs of payload information passed by Policy to the actor
required: false
entry_schema:
type: String
onap.datatype.controlloop.Operation:
derived_from: tosca.datatypes.Root
description: An operation supported by an actor
properties:
id:
type: String
description: Unique identifier for the operation
required: true
description:
type: String
description: A user-friendly description of the intent for the operation
required: false
operation:
type: onap.datatype.controlloop.Actor
description: The definition of the operation to be performed.
required: true
metadata:
clamp_possible_values: <string:see clamp project for syntax>
timeout:
type: Integer
description: The amount of time for the actor to perform the operation.
required: true
retries:
type: Integer
description: The number of retries the actor should attempt to perform the operation.
required: true
default: 0
success:
type: String
description: Points to the operation to invoke on success. A value of "final_success" indicates and end to the operation.
required: false
default: final_success
failure:
type: String
description: Points to the operation to invoke on Actor operation failure.
required: false
default: final_failure
failure_timeout:
type: String
description: Points to the operation to invoke when the time out for the operation occurs.
required: false
default: final_failure_timeout
failure_retries:
type: String
description: Points to the operation to invoke when the current operation has exceeded its max retries.
required: false
default: final_failure_retries
failure_exception:
type: String
description: Points to the operation to invoke when the current operation causes an exception.
required: false
default: final_failure_exception
failure_guard:
type: String
description: Points to the operation to invoke when the current operation is blocked due to guard policy enforcement.
required: false
default: final_failure_guard
|
Much discussion for this was done in the Control Loop sub committee meetings. As captured here: Control Loop Policy Type Design Proposal#1: Simple upgrade of legacy policy types to TOSCA
Policy API Enhancements Chenfei Gao
...
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | POLICY-2026 |
---|
|
- Clarified PAP ↔ communication of Policy Types, Health Status, PDP Group Details, Passive vs Active modes.
Ram Krishna Verma- Mapping of kubernetes deployment to PDP Subgroup
- Re-synch of PAP and PDP when the supported policy type changes
- Change the PAP Group Deploy/Undeploy API to only create/update PdpGroups
- Create new API to deploy/undeploy policies into PdpGroups
- Handle derivation in PDP supported types
RECORDING
Recording