Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | CPS-802 |
---|
|
The SDN-C version is decided to upgrade from version 2.2.3 to 1.8.1.
Endpoint Test Results
...
...
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | CPS-802 |
---|
|
The SDN-C version is decided to upgrade from version 1.8.1 to 2.2.3.
References:
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | CCSDK-3582 |
---|
|
The original result for the legacy URL using SDNC version 1.8.1 is the following:
symbol"0"}output11},{"label":"writeseparator","input":{"state":2,"symbol":"1" }output30,"head-move":"left"}}, {labelright summandinput{"state":1,"symbol":"1"} "label": "right summand",
|
|
},{"label":"finalstep",input:{"state":3,"symbol":""},"output4}},{"label":"gohome","input":{"state":3,"symbol":"1"}outputhead-move"left"}},{"label":"rightend","input":{"state":1,"symbol":""}output2head-moveleft},{labelsummand","input":{"state":0,symbol1left summand",
"input": {
|
|
}}]}}}URL | Result | Notes |
---|
http://localhost:8282/rests/data/network-topology:network-topology/topology=topology-netconf/node=PNFDemo/yang-ext:mount/turing-machine:turing-machine | Code Block |
---|
|
{ turing-machine:turing-machine": {"transition-function":{"delta":[{"label":"separator", "output": {
Endpoint Test Results
The following are the results of using the URLs to get nodes using the new version SDNC 2.2.3.
state1,"symbol":"1" }input00}, { label"right end""output":{"state": 2,"head-move":"left"},"input1symbol},{"label": "write separator", output{ "state":3,"head-move":"left",symbol0},input{state21},{"label":"rightsummand","input":{"state":1,"symbol":"1" "label": "right summand",
|
|
}},{"label":"gohome","output":{"head-move":"left"},input{ state3,symbol1},{"label":"finalstep","output": {"state":4},input{
state3,symbol""},{labelleftsummand","input":{"state":0,symbol1"left summand",
"input": {
|
|
}}]}
}
}http://localhost:8282/rests/data/network-topology:network-topology/topology=topology-netconf/node=PNFDemo/yang-ext:mount | Image Removed
http://localhost:8282/rests/data/network-topology:network-topology/topology=topology-netconf/node=PNFDemo/yang-ext:mount/ | Image Removed | http://localhost:8282/restconf/config/network-topology:network-topology/topology/topology-netconf/node/PNFDemo/yang-ext:mount | Image Removed
http://localhost:8282/restconf/config/network-topology:network-topology/topology/topology-netconf/node/PNFDemo/yang-ext:mount/turing-machine:turing-machine | Image Removed
CSIT/CCSDK Automation Issues
...
Ticket logged:
Jira Legacy |
---|
server | System Jira |
---|
serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
---|
key | SDNC-1667 |
---|
|
Where were we?
Our integration (and manual) testing using SDN-C v.1.8.1 worked fine. At a high level the setup followed these steps
- pre-generated (?) zip (csit/plans/cps/sdnc/certs) extract to /opt/opendaylight/current/certs
- Install SDN-C v 1.8.1
- Mount a node
- Execute /rests and /restconf requests to nodes successfully either manual and directly to SND-C or using CPS services
Code Block |
---|
language | yml |
---|
title | Old CPS SDNC docker-compose.yml |
---|
linenumbers | true |
---|
collapse | true |
---|
|
# ============LICENSE_START=======================================================
# Copyright (C) 2021 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
version: '3'
services:
mariadb:
image: mariadb:10.1.11
ports:
- "3306:3306"
container_name: mariadb
environment:
- MYSQL_ROOT_PASSWORD=password
hostname:
mariadb.so.testlab.onap.org
logging:
driver: "json-file"
options:
max-size: "30m"
max-file: "5"
sdnc:
image: onap/sdnc-image:1.8.1
container_name: sdnc
volumes:
- /etc/localtime:/etc/localtime:ro
- ./certs:/opt/opendaylight/current/certs
entrypoint: ["/opt/onap/sdnc/bin/startODL.sh"]
ports:
- "8282:8181"
hostname:
sdnc
depends_on:
- mariadb
environment:
- MYSQL_ROOT_PASSWORD=password
- SDNC_CONFIG_DIR=/opt/onap/sdnc/data/properties
- MYSQL_PASSWD=password
- ODL_CERT_DIR=/opt/opendaylight/current/certs
- ODL_ADMIN_USERNAME=admin
- ODL_ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
dns:
- ${DNS_IP_ADDR-10.0.100.1}
logging:
driver: "json-file"
options:
max-size: "30m"
max-file: "5"
extra_hosts:
- sdnctldb02:${LOCAL_IP}
- sdnctldb01:${LOCAL_IP}
- dbhost:${LOCAL_IP} |
Where are we now?
Installing pre-existing certs. This caused issues with SDN-C v. 2.2.3 installation, so we removed this step[ (we assume SDN-C now includes its own and/or ODL certs)Install SDN-C (output includes details on ODL certification installation)
Code Block |
---|
language | yml |
---|
title | SDNC Certificate Success |
---|
collapse | true |
---|
|
100% [========================================================================]
Karaf started in 44s. Bundle stats: 433 active, 434 total
Certificate installation in progress. Elapsed time - 60 secs. Waiting for 10 secs before checking the status..
Certificate installation in progress. Elapsed time - 70 secs. Waiting for 10 secs before checking the status..
Certificate installation in progress. Elapsed time - 80 secs. Waiting for 10 secs before checking the status..
Certificate installation in progress. Elapsed time - 90 secs. Waiting for 10 secs before checking the status..
Start cert provisioning. Log file: /opt/opendaylight/current/data/log/installCerts.log
Certificate installation script completed execution
Everything OK in Certificate Installation |
- Mount Node
- RestConf queries work fine:
We can also query SDNC to return all nodes using http://localhost:8282/restconf/config/network-topology:network-topology/topology/topology-netconf
Image Added
the nodes can also be retrieved using /restconf
Image Added
/rest based request fail
http://localhost:8282/rests/data/network-topology:network-topology/topology=topology-netconf/node=DemoNode/yang-ext:mount/turing-machine:turing-machine we receive the following error:
Code Block |
---|
language | yml |
---|
title | Postman Response |
---|
linenumbers | true |
---|
|
{
"errors": {
"error": [
{
"error-tag": "resource-denied-transport",
"error-type": "protocol",
"error-message": "Mount point does not exist."
}
]
}
} |
CPS CSIT test fail with same root cause
Info |
---|
|
09:49:08.028 [http-nio-8080-exec-8] ERROR o.o.c.n.d.e.DmiExceptionHandler - Exception occurred org.springframework.web.client.HttpServerErrorException$ServiceUnavailable: 503 Service Unavailable: [{"errors":{"error":[{"error-tag":"resource-denied-transport","error-type":"protocol","error-message":"Mount point does not exist."}]}}] |
Summary
Perhaps there is a change in the way /rests behaves that we are unfamiliar with or perhaps our configuration is incorrect. To sum up: we can successfully start SDNC, mount a node, query nodes using /restconf but all /rests calls seem to fail. This could be an issue with certs or TLS.
Open Questions
# | Question/Issue | Notes/Decision |
---|
1 | Are we to generate certs for SDNC ourselves or can we rely on the certs used as part of SDNC itself? | As mentioned on https://docs.onap.org/projects/onap-sdnc-oam/en/istanbul/cert_installation.html certs folder is required as part of installing SDNC through docker-compose |
2 | Do we have some incorrect config in our docker-compose file? Code Block |
---|
language | yml |
---|
title | CPS SDNC docker-compose.yml |
---|
linenumbers | true |
---|
collapse | true |
---|
| # ============LICENSE_START=======================================================
# Copyright (C) 2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
version: '3'
services:
mariadb:
image: mariadb:10.5
container_name: sdnc_db_container
ports:
- "3306:3306"
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-password}
- MYSQL_ROOT_HOST=%
- MYSQL_USER=${MYSQL_USER:-sdnc}
- MYSQL_PASSWORD=${MYSQL_PASSWORD:-password}
- MYSQL_DATABASE=${MYSQL_DATABASE:-sdncdb}
logging:
driver: "json-file"
options:
max-size: "30m"
max-file: "5"
ansible:
image: onap/sdnc-ansible-server-image:2.2.2
depends_on :
- mariadb
container_name: sdnc_ansible_container
entrypoint: ["/opt/ansible-server/startAnsibleServer.sh"]
ports:
- "8000"
links:
- mariadb:dbhost
- mariadb:sdnctldb01
- mariadb:sdnctldb02
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-password}
- MYSQL_USER=${MYSQL_USER:-sdnc}
- MYSQL_PASSWORD=${MYSQL_PASSWORD:-password}
- MYSQL_DATABASE=${MYSQL_DATABASE:-sdncdb}
- ANSIBLE_TRUSTSTORE_PASSWORD=${ANSIBLE_TRUSTSTORE_PASSWORD:-changeit}
logging:
driver: "json-file"
options:
max-size: "30m"
max-file: "5"
sdnc:
image: onap/sdnc-image:${VERSION:-2.2.3}
depends_on :
- mariadb
- ansible
container_name: sdnc_controller
entrypoint: ["/opt/onap/sdnc/bin/startODL.sh"]
ports:
- "8282:8181"
links:
- mariadb:dbhost
- mariadb:sdnctldb01
- mariadb:sdnctldb02
- ansible:ansiblehost
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-password}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD-password}
- MYSQL_DATABASE=${MYSQL_DATABASE:-sdncdb}
- SDNC_CONFIG_DIR=/opt/onap/sdnc/data/properties
- SDNC_BIN=/opt/onap/sdnc/bin
- ODL_CERT_DIR=/tmp
- ODL_ADMIN_USERNAME=${ODL_USER:-admin}
- ODL_ADMIN_PASSWORD=${ODL_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U}
- ODL_USER=${ODL_USER:-admin}
- ODL_PASSWORD=${ODL_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U}
- SDNC_DB_INIT=true
- HONEYCOMB_USER=${HONEYCOMB_USER:-admin}
- HONEYCOMB_PASSWORD=${HONEYCOMB_PASSWORD:-admin}
- TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD:-changeit}
- KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD:-adminadmin}
- SO_USER=${SO_USER:-sdncaBpmn}
- SO_PASSWORD=${SO_PASSWORD:-password1$$}
- NENG_USER=${NENG_USER:-ccsdkapps}
- NENG_PASSWORD=${NENG_PASSWORD:-ccsdkapps}
- CDS_USER=${CDS_USER:-ccsdkapps}
- CDS_PASSWORD=${CDS_PASSWORD:-ccsdkapps}
- ANSIBLE_USER=${ANSIBLE_USER:-sdnc}
- ANSIBLE_PASSWORD=${ANSIBLE_PASSWORD:-sdnc}
- SQL_CRYPTKEY=${SQL_CRYPTKEY:-fakECryptKey}
- A1_TRUSTSTORE_PASSWORD=a1adapter
dns:
- ${DNS_IP_ADDR-10.0.100.1}
logging:
driver: "json-file"
options:
max-size: "30m"
max-file: "5"
extra_hosts:
aaf.osaaf.org: 10.12.6.214 |
| Need mount to specific files, see https://gerrit.onap.org/r/c/cps/+/126945/14..15/csit/plans/cps/sdnc/docker-compose.yml
Original guide used for sdnc docker-compose can be found here: Istanbul - Run. |
3 | CPS has certs within our repo which were generated for previous versions of SDNC. If we mount the volume as such: volumes: - $SDNC_CERT_PATH:/opt/opendaylight/current/certs
where SDNC_CERT_PATH is the absolute path of the certs within the cps repo, we get the following error in SDNC cert logs: 18:23:42 2022-02-07 18:09:57,310 - root - ERROR - Error while extracting zip file(s). Exiting Certificate Installation. 18:23:42 2022-02-07 18:09:57,310 - root - INFO - Error details : [Errno 13] Permission denied: '/opt/opendaylight/current/certs/keys0' 18:23:42 Stoppping SDNR container due to failure in installing Certificates This is how we installed and used certs for SDNC 1.8.1 so has the process of accessing the certs changed? | This was resolved by adding separate volume mounts for the files contained with the certs folder.
Old: Code Block |
---|
| volumes:
- $SDNC_CERT_PATH:/opt/opendaylight/current/certs |
New: Code Block |
---|
| volumes:
- ./certs/certs.properties:/opt/opendaylight/certs/certs.properties
- ./certs/keys0.zip:/opt/opendaylight/certs/keys0.zip |
|