Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

eStatus: DRAFT

Policy Framework:

1. High Level Component Definition and Architectural Relationships 

Drawio
bordertrue
viewerToolbartrue
fitWindowfalse
diagramNameSDC System Context View
simpleViewerfalse
width
diagramWidth9871007
revision26

2. API Definitions

2a. Exposed APIs

API KeyAPI NameDescriptionPOE-1aPolicy Model InputPolicy Creation model input interface (manual interface through GUI
Interface NameDefinitionCapabilitiesVersionStatusPayload Model(s)
POE-
1b
1Policy
Creation & ManagementAPI for the creation and management of policiesPOE-2aPDP Query API (SDN-CP)Policy Decision Point query API for SDN-CPPOE-2bPDP Query API (SO)Policy Decision Point query API for SOPOE_3aPolicy Distribution (DCAE)Policy Distribution interface for DCAEPOE-3bPolicy Distribution (SNIRO)Policy Distribution interface for SNIROPOE-5Policy TriggerTrigger policies

2b. Consumed APIs

...

3. Component Description

Image Removed

4. Known System Limitations

5. Used Models

6. System Deployment Architecture

7. New Release Capabilities

...

Type DesignAllows applications to create, update, delete, and query PolicyType entities so that they become available for use in ONAP by applications such as CLAMP.1.0.0production

tosca.policies.root

TOSCA

POE-2Policy DesignAllows applications (such as CLAMP and Integration) to create, update, delete, and query Policy entities.1.0.0production

tosca.policies.root

TOSCA

POE-3Policy AdministrationSupport CRUD of PDP groups and subgroups and to support the deployment and life cycles of PolicyImpl entities (TOSCA Policy and PolicyTypeImpl entities) on PDP sub groups and PDPs.1.0.0productionEmbedded
POE-4Data IngressListen on a DMaaP topic. 
production

Messages of interest are described in the policy logic

DMaaP

POE-5Decision QueryPolicy decisions are required by ONAP components to support the policy-driven ONAP architecture. Policy Decisions are implemented using the XACML and Apex PDPs. The calling application (which may be another policy – e.g. invocation of a guard policy from PDP-D) must provide attributes in order for the PDP to return a correct decision.NAproductionDefined by policy

2b. Consumed APIs

Interface NameConsumed byDescription
AAFPolicy FrameworkAuthentication and authorization
DMaaP

Policy Framework

Policies

Policy framework uses DMaaP for SDC subscriptions and internal communication.

Policies use DMaaP as a transport for contextual information from various sources

SDCPolicy FrameworkNotification of CSAR; Retrieval of CSAR
AAIPoliciesEnrich ingress data with topology information
SOPoliciesTrigger orchestration actions (policy driven)

SDNC

APPC

PoliciesTrigger control actions (policy driven)
OtherPoliciesTrigger any interface defined in a policy, for example, trouble ticketing


3. Component Description

The ONAP Policy Framework is a comprehensive policy design, deployment, and execution environment. The Policy Framework is the decision making component in an ONAP system. It allows you to specify, deploy, and execute the governance of the features and functions in your ONAP system, be they closed loop, orchestration, or more traditional open loop use case implementations. The Policy Framework is the component that is the source of truth for all policy decisions

Please see the TOSCA Policy Primer page for an introduction to TOSCA policy concepts. See the Policy Design and API flow page for a description of the component interactions.

TOSCA defines a PolicyType, the definition of a type of policy that can be applied to a service. It also defines a Policy, the definition of an instance of a PolicyType. In the Policy Framework, we must handle and manage these TOSCA definitions and tie them to real implementations of policies that can run on PDPs.

Each TOSCA PolicyType must have a corresponding PolicyTypeImpl in the Policy Framework. The TOSCA PolicyType definition can be used to create a TOSCA Policydefinition, either directly by the Policy Framework, by CLAMP, or by some other system. Once the Policy artifact exists, it can be used together with the PolicyTypeImpl artifact to create a PolicyImpl artifact. A PolicyImpl artifact is an executable policy implementation that can run on a PDP.

The TOSCA PolicyType artifact defines the external characteristics of the policy; defining its properties, the types of entities it acts on, and its triggers.  A PolicyTypeImpl artifact is an XACML, Drools, or APEX implementation of that policy definition. PolicyType and PolicyTypeImpl artifacts may be preloaded, may be loaded manually, or may be created using the Lifecycle API. Alternatively, PolicyType definitions may be loaded over the Lifecycle API for preloaded PolicyTypeImpl artifacts. A TOSCA PolicyType artifact can be used by clients (such as CLAMP or CLI tools) to create, parse, serialize, and/or deserialize an actual Policy.

The TOSCA Policy artifact is used internally by the Policy Framework, or is input by CLAMP or other systems. This artifact specifies the values of the properties for the policy and specifies the specific entities the policy acts on. Policy Design uses the TOSCA Policy artifact and the PolicyTypeImpl artifact to create an executable PolicyImpl artifact. 

Internally, Policy has three main functional areas: Policy Development; Policy Administration; Policy Decision Execution.

Policy Development abstracts persistence and supports the creation of policies/policy types.

Policy Administration also abstracts persistence (from a different user roles). It's main purposes are to ensure that policies are allocated correctly and to manage the life-cycle of policies.

Policy Decision Execution is where policy decisions are made, i.e. where the policy logic executes. Three languages are used to describe policies in ONAP: XACML; Drools; APEX. Policy designers may select the language that is most appropriate to their use case. The policies are interpreted and executed by a language specific PDP. Where necessary additional PDP may be added, thus allowing for new policy languages.

Policy Enforcement is in general not handled by the Policy Framework. Enforcement is handled by either the originator of a decision query (PDP-D does enforce guard policy decisions made in the XACML PDP), or by a reaction to a policy output (trigger). 

4. Known System Limitations

https://docs.onap.org/en/dublin/submodules/policy/parent.git/docs/release-notes.html

5. System Deployment Architecture

https://docs.onap.org/en/dublin/submodules/policy/parent.git/docs/installation/docker.html#

6. New Release Capabilities

Support for Control Loop
CCVPN support
5G OOF PCI suport
Scale out support
Security hardening
ONAP maturity Performance (S3P)
ONAP maturity Securtiy (S3P)
CLC Coordination directives
Code refactoring

7. References

  1. Casablanca architecture description https://onap.readthedocs.io/en/casablanca/submodules/policy/engine.git/docs/platform/architecture.html
  2. TO BE DELETED - refer to Dublin Documentation#Draft-3.PublicAPIs