Versions Compared

Old Version 2

changes.mady.by.user Marco Platania

Saved on

compared with

New Version Current

changes.mady.by.user Marco Platania

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Material for running vFW closed loop

  • ONAP.postman_collection.json: REST operations against ONAP component's endpoints;
  • Powder lab ONAP.postman_environment.json: Environment file for Postman collection;
  • vFWSNK.zip: Package that contains the Heat template and environment file for the vFirewall and vSink VNF components;
  • vPKG.zip: Package that contains the Heat template and environment file for the vPacketGen VNF;
  • vFWSNK_SDNC_preload.json: JSON file to upload to SDNC that overrides values in the environment file for the vFirewall and vSink VNF components;
  • vPKG_SDNC_preload.json: JSON file to upload to SDNC that overrides values in the environment file for the vPacketGen VNF;
  • VNF preload.xml: description of the VNF preload for SDNC

View file
namePowder lab.postman_environment.json
height250
View file
namevFWSNK_SDNC_preload.json
height250
View file
namevFWSNK.zip
height250
View file
namevPKG_SDNC_preload.json
height250
View file
namevPKG.zip
height250
View file
nameVNF preload.xlsx
height250


Setup the Environment

Modify /etc/hosts (UNIX) or C:\Windows\System32\Drivers\etc\hosts (Windows) by adding the following FQDNs:

155.98.37.45 portal.api.simpledemo.onap.org

155.98.37.35 policy.api.simpledemo.onap.org

155.98.37.34 sdc.api.simpledemo.onap.org

155.98.37.36 vid.api.simpledemo.onap.org

155.98.37.46 aai.api.simpledemo.onap.org

Create a Vendor Software Product

...

  • Browse SDC model
  • Deploy service

 

Preload A&AI (https://

...

lf-onap.

...

atlassian.

...

net/wiki/display/DW/Tutorial_vIMS%3A+Create+AAI+cloud+account

AAI Postman headers

  • Basic Authentication: AAI/AAI
  • Accept: application/json
  • Content-Type: application/json
  • X-FromAppId: AAI
  • X-TransactionId: get_aai_subscr

...

Check: GET  (https) {{aai_ip}}:8443/aai/v11/business/customers

Create service instance and then VNF instance in VID (https://

...

lf-onap.

...

atlassian.

...

net/wiki/display/DW/Tutorial+vIMS%3A+VID+Instantiate+the+VNF)

Preload VID

VID Postman headers

...

  "options": ["Test-Business"]

}


Preload SDNC (https://

...

lf-onap.

...

atlassian.

...

net/wiki/display/DW/Tutorial_vIMS+%3A+SDNC+Updates)

  • Create username and password: {{sdnc_ip}}:8843/signup
  • Login: {{sdnc_ip}}:8843/login
  • Preload topology information: {{sdnc_ip}}:8282/apidoc/explorer/index.html
    • Username/password: admin/Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
    • POST /VNF-API/operations/VNF-API/preload-vnf-topology-operation

Instantiate VF Module via VID (https://

...

lf-onap.

...

atlassian.

...

net/wiki/display/DW/Tutorial+vIMS%3A+VID+Instantiate+the+VNF)

Run heatbridge from Robot VM

  • bash /opt/demo heatbridge <OPENSTACK_vFW_STACK_NAME> <Service_Instance_ID> <Service Type>
    • <OPENSTACK_vFW_STACK_NAME>: it's the base VF module name (and also the vFW VM name)
    • <Service_Instance_ID>: it's the service instance ID in the VID GUI
    • <Service Type>: vFW 

Create Mount Point in APPC (https://lf-onap.atlassian.net/wiki/display/DW/Automatically+Creating+a+Netconf+Mount+in+APPC+from+SDNC)

PUT  {{appc_ip}}:8282/restconf/config/network-topology:network-topology/topology/topology-netconf/node/${vpg_id}

  • Username/password: admin/Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
  • Header: Content-type: application/xml
  • ${prop.vpg_hostname} in the XML body is the VNF ID in the VID GUI (vPacketGen VNF Instance information button). Example of XML body:

<node xmlns="urn:TBD:params:xml:ns:yang:network-topology">

<node-id>${prop.vpg_hostname}</node-id>

<host xmlns="urn:opendaylight:netconf-node-topology">${prop.vpg_ipaddress}</host>

<port xmlns="urn:opendaylight:netconf-node-topology">2831</port>

<username xmlns="urn:opendaylight:netconf-node-topology">admin</username>

<password xmlns="urn:opendaylight:netconf-node-topology">admin</password>

<tcp-only xmlns="urn:opendaylight:netconf-node-topology">false</tcp-only>

<!-- non-mandatory fields with default values, you can safely remove these if you do not wish to override any of these values-->

<reconnect-on-changed-schema xmlns="urn:opendaylight:netconf-node-topology">false</reconnect-on-changed-schema>

<connection-timeout-millis xmlns="urn:opendaylight:netconf-node-topology">20000</connection-timeout-millis>

<max-connection-attempts xmlns="urn:opendaylight:netconf-node-topology">0</max-connection-attempts>

<between-attempts-timeout-millis xmlns="urn:opendaylight:netconf-node-topology">2000</between-attempts-timeout-millis>

<sleep-factor xmlns="urn:opendaylight:netconf-node-topology">1.5</sleep-factor>

<!-- keepalive-delay set to 0 turns off keepalives-->

<keepalive-delay xmlns="urn:opendaylight:netconf-node-topology">120</keepalive-delay>

</node> 

Check from APPC if the vPacketGen is mounted correctly

Connect to: {{appc_ip}}:8282/apidoc/explorer/index.html

  • Username/password: admin/Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
  • Mounted Resources/PacketGen-vnf-id/sample-plugin(date)
    • The get operation should return the running streams: GET yang-ext:mount/sample-plugin:sample-plugin/pg-streams
  • Logs in APPC VM:
    • /var/log/onap/appc/karaf.log
  • Logs in Policy VM:
    • /var/log/onap/policy/pdpd/network.log
    • /var/log/onap/policy/pdpd/error.log
    • kubectl exec -it dev-drools-0 -n onap -- bash -c "tail -f /var/log/onap/policy/pdpd/network.log"

Update the Operational Policy

The Operational Policy needs to know the invariant UUID of the vPacketGen.

  • Download the CSAR file of the vFW service from SDC
  • Get the vPacketGen invariant UUID from {CSAR_HOME}/Definitions/service-VfirewallTest1106-template.yml or as model-invariant-id in the Generic VNF in AAI
    • VfirewallTest1106 is the name of the service in the SDC catalog
  • Run the update-vfw-op-policy.sh script by providing:
    • IP of the Policy VM
    • vPacketGen invariant UUID
    • Path to the private key of the Policy VM


For OOM Beijing, policies must be loaded first (https://lf-onap.atlassian.net/wiki/display/DW/Policy+on+OOM):

  • Login to PAP
  • Copy push-policy.sh to a non read-only directory
    • cp /tmp/policy-install/config/push-policies.sh /tmp/policy-install
  • Change vFW policy resourceID in /tmp/policy-install/push-policies.sh to reflect the real vPacketGen model-invariant-id, e.g.:
    • sed -i "s/Eace933104d443b496b8.nodes.heat.vpg/02c953b7-e626-4e16-9874-6191572949a0/g" push-policies.sh
  • From Rancher VM, run: kubectl exec -it dev-pap-7ff989696d-s86wj -c pap -n onap -- bash -c "export PRELOAD_POLICIES=true; /tmp/policy-install/push-policies.sh"

Event monitoring

VES reporting: {{mr_ip}}:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/mygroup/myid?timeout=5000

ONSET events to Policy: {{mr_ip}}:3904/events/unauthenticated.DCAE_CL_OUTPUT/mygroup/myid?timeout=5000

In OOM, the port number is 30227