Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

New Idea ONE: Context based filtering

We want to be able to include the context in the filtering process for different instances/purposes. Here's providing the subscriber as a sample.

Code Block
titleSample subscriber policy for vCPE service
Subscriber Poilcy sample for vCPE service:

...


{

...


"service": "subscriberPolicy",

...


"policyName": "OSDF_CASABLANCA.SubscriberPolicy_v1",

...


"description": "Subscriber Policy for vCPE",

...


"templateVersion": "OpenSource.version.1",

...


"version": "test1",

...


"priority": "1",

...


"riskType": "test",

...


"riskLevel": "3",

...


"guard": "False",

...


"content": {

...


"identity": "subscriber_vCPE",

...


"policyScope": ["vCPE", "subscriberPolicy"],

...


"properties": {

...


"subscriberName": ["subscriber_test_1", "subscriber_test_2"],

...


"subscriberRole": ["test user"],

...


"provStatus": ["CAPPED"]

...


},

...


{

...


"subscriberName": ["subscriber_prod_1", "subscriber_prod_2"],

...


"subscriberRole": ["prod user"],

...


"provStatus": ["PROV"]

...


},

...


"policyType": "subscriberPolicy",

...


"serviceName": "vCPE"

...


}
}

From the subscriber policy, we could find the mapping between the 'subscriberName' and 'subscriberRole'. And in the next step, we 'd like to fetch all the policies that refer to a specific subscriberRole. 

Suppose that currently there're several affinity policies available in the xacml-pdp service.

Section

Sample Affinity policies

Column
width50%

Existing Affinity policy sample 1 for vCPE service:

{
"service": "affinityPolicy",
"policyName": "OSDF_CASABLANCA.Affinity_vCPE_1",
"description": "Zone policy for vCPE",
"templateVersion": "OpenSource.version.1",
"version": "test1",
"priority": "3",
"riskType": "test",
"riskLevel": "2",
"guard": "False",
"content": {
"identity": "affinity_vCPE",
"policyScope": ["vCPE", "US", "ip", "vG", "test user"],
"affinityProperty": {
"qualifier": "same",
"category": "complex"
},
"policyType": "zone",
"resources": ["vGMuxInfra", "vG"]
}
}


Column
width50%

Existing Affinity policy sample 2 for vCPE service:

{
"service": "affinityPolicy",
"policyName": "OSDF_CASABLANCA.Affinity_vCPE_2",
"description": "Zone policy for vCPE",
"templateVersion": "OpenSource.version.1",
"version": "test1",
"priority": "3",
"riskType": "test",
"riskLevel": "2",
"guard": "False",
"content": {
"identity": "affinity_vCPE",
"policyScope": ["vCPE", "INTERNATIONAL", "ip", "vG", "prod user"],
"affinityProperty": {
"qualifier": "same",
"category": "complex"
},
"policyType": "zone",
"resources": ["vGMuxInfra", "vG"]
}
}


Current situation:

First In order to fulfill our need, we need the FIRST call to policy to fetch subscriberPolicy for a particular service/scope.

We may do it like this way:{

Code Block
# The legacy way
{
"policyName": "OSDF_CASABLANCA.*",

...


"configAttributes": {"policyScope": "["vCPE", "subscriberPolicy"]"}
}
# Maybe the new decision like this:
{
  "ONAPName": "OOF",
  "ONAPComponent": "OOF-component",
  "ONAPInstance": "OOF-component-instance",
  "action": "optimize",
  "resource": {
      "services": ["vCPE"],
      "policyType": "subscriberPolicy" }

...

}

Now, say if subscriberName = "subscriber_test_1" which is an instance/request specific data and based on which the corresponding subscriberRole is evaluated. i.e "test user" in this case.
Then, we need a second SECOND call to policy to fetch the affinityPolicy based on subscriberRole evaluated as above.{

Code Block
# The legacy way
{
"policyName": "OSDF_CASABLANCA.*",

...


"configAttributes": {"policyScope": "["vCPE", "US", "ip", "vG", "test user"]"}
}
# Maybe the new decision like this:
{
  "ONAPName": "OOF",
  "ONAPComponent": "OOF-component",
  "ONAPInstance": "OOF-component-instance",
  "action": "optimize",
  "resource": {
      "services": ["vCPE"],
      "geography": ["US", "ip"],
      "resources": ["vG"],
      "subscriberRole"

...

: ["test user"] #This is just an assumption here.
}}

Similarly, for subscriberName = "subscriber_prod_1" or "subscriber_prod_2", subscriberRole will be = "prod user", and the second call to policy would be like as:

Code Block

...

# The legacy way
{
"policyName": "OSDF_CASABLANCA.*",

...


"configAttributes": {"policyScope": "["vCPE", "INTERNATIONAL", "ip", "vG", "prod user"]"}

...


}
# Maybe the new decision like this:
{
  "ONAPName": "OOF",
  "ONAPComponent": "OOF-component",
  "ONAPInstance": "OOF-component-instance",
  "action": "optimize",
  "resource": {
      "services": ["vCPE"],
      "geography": ["INTERNATIONAL", "ip"],
      "resources": ["vG"],
      "subscriberRole": ["prod user"] #This is just an assumption here.
}}

Question:

- is there any possible way out to push the decision making to policy engine, specifically on "which policies apply to a given instance", instead of the two-step fetch and filter process
e.g.POST ? Which means the Policy engine would help us find out the first mapping relevant to the context and fetch the policies based on the attribute it bind to. 

Section

Example 1:

Column
width50%

# The original input OOF gives:

Code Block
POST /pdpx/v1/decision/

...


{

...


  "ONAPName": "OOF",

...


  "ONAPComponent": "OOF-component",

...


  "ONAPInstance": "OOF-component-instance",

...


  "action": "optimize",

...


  "resource":

...

 {
      "services": ["vCPE"],

...


      "geography": ["US"],
      "resources": ["vG"],
      "context": "subscriber_test_1",  #This is just an assumption here.
      "policyType": "subscriberPolicy" #This is just an assumption here.
}}



Column
width50%

Policy will help us transfer to a request like this:

Code Block
POST /pdpx/v1/decision/
{
  "ONAPName": "OOF",
  "ONAPComponent": "OOF-component",
  "ONAPInstance": "OOF-component-instance",
  "action": "optimize",
  "resource": {
      "services": ["vCPE"],
      "geography": ["US"]

...

,
      "resources": ["vG"],
      "subscriberRole": ["test user"]

...

 #This is just an assumption here.
}}




Section

Example 2:

Column
width50%

# The original input OOF gives:

Code Block
POST /pdpx/v1/decision/

...


{

...


  "ONAPName": "OOF",

...


  "ONAPComponent": "OOF-component",

...


  "ONAPInstance": "OOF-component-instance",

...


  "action": "optimize",

...


  "resource":

...

 {
      "services": ["vCPE"],

...


      "geography": ["INTERNATIONAL"],
      "resources": ["vG"],
      "context": "subscriber_prod_1",  #This is just an assumption here.
      "policyType": "subscriberPolicy" #This is just an assumption here.
}}



Column
width50%

Policy will help us transfer to a request like this:

Code Block
POST /pdpx/v1/decision/
{
  "ONAPName": "OOF",
  "ONAPComponent": "OOF-component",
  "ONAPInstance": "OOF-component-instance",
  "action": "optimize",
  "resource": {
      "services": ["vCPE"],
      "geography": ["INTERNATIONAL"]

...

,
      "resources": ["vG"],
      "subscriberRole": ["prod user"]

...

 #This is just an assumption here.
}}