| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
|---|
| key | CPS-802 |
|---|
|
The SDN-C version is decided to upgrade from version 1.8.1 to 2.2.3.
The original result for the legacy URL using SDNC version 1.8.1 is the following:
...
...
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
|---|
| key | CPS-802 |
|---|
|
The SDN-C version is decided to upgrade from version 1.8.1 to 2.2.3.
References:
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
|---|
| key | CCSDK-3582 |
|---|
|
The original result for the legacy URL using SDNC version 1.8.1 is the following:
state0,"symbol":"0"}output11},{"label":"write separator",
input{"state":2,"symbol":"1"}, "label": "write separator",
" |
|
output30,"head-move":"left"}},{ "labelright summandinput{"state":1,"symbol":"1"} "label": "right summand",
|
|
},{"label":"finalstep",input:{"state": 3,"symbol":""}output4}},{"label":"gohome","input":{"state":3,"symbol":"1"}outputhead-move"left"}},{"label":"rightend","input":{"state":1,"symbol":""}output2head-moveleft},{"labelsummand","input":{"state":0,symbol1"left summand",
"input": {
|
|
}}]}}}
Endpoint Test Results
The following are the results of using the URLs to get nodes using the new version SDNC 2.2.3.
Endpoint Test Results
The following are the results of using the URLs to get nodes using the new version SDNC 2.2.3.
"state1,"symbol":"1" }input00},{ "label": "right end",output{"state":2,"head-move": "left" }input1symbol},{"label":"writeseparator","output":{"state":3,"head-move":"left", "label": "write separator",
|
|
"symbol":"0" },input{state21},{"label":"rightsummand","input":{"state":1,"symbol":"1" "label": "right summand",
|
|
}},{"label":"gohome","output":{"head-move":"left"},input{ state3,symbol1}, { label"final step""output":{"state": 4
"input": state3,
symbol""}},{"label":"left summand",
input{state0,"symbol":"1"}} ]}
}
}- Size = 796 B
- 76 lines in total
- Starts at specified node (turing-machine)
| http://localhost:8282/rests/data/network-topology:network-topology/topology=topology-netconf/node=PNFDemo/yang-ext:mount | 
Image Removed
- Size = 19.59 KB
- 883 lines in total
- Starts at the root node and includes all other child nodes including the node 'turing-machine'
| | http://localhost:8282/rests/data/network-topology:network-topology/topology=topology-netconf/node=PNFDemo/yang-ext:mount/ |  Image Removed
| - Size = 19.79 KB
- 883 lines in total
- Starts at the root node and includes all other child nodes including the node 'turing-machine'
|
http://localhost:8282/restconf/config/network-topology:network-topology/topology/topology-netconf/node/PNFDemo/yang-ext:mount | 
Image Removed
- Size = 5.25 KB
- 223 lines in total
- Starts at specified node (turing-machine) and rest of the nodes
| http://localhost:8282/restconf/config/network-topology:network-topology/topology/topology-netconf/node/PNFDemo/yang-ext:mount/turing-machine:turing-machine |  Image Removed
| Size = 921 B76 lines in totalStarts at specified node (turing-machine)
CSIT/CCSDK Automation Issues
...
Ticket logged:
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | 4733707d-2057-3a0f-ae5e-4fd8aff50176 |
|---|
| key | SDNC-1667 |
|---|
|
Where were we?
Our integration (and manual) testing using SDN-C v.1.8.1 worked fine. At a high level the setup followed these steps
- pre-generated (?) zip (csit/plans/cps/sdnc/certs) extract to /opt/opendaylight/current/certs
- Install SDN-C v 1.8.1
- Mount a node
- Execute /rests and /restconf requests to nodes successfully either manual and directly to SND-C or using CPS services
| Code Block |
|---|
| language | yml |
|---|
| title | Old CPS SDNC docker-compose.yml |
|---|
| linenumbers | true |
|---|
| collapse | true |
|---|
|
# ============LICENSE_START=======================================================
# Copyright (C) 2021 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
version: '3'
services:
mariadb:
image: mariadb:10.1.11
ports:
- "3306:3306"
container_name: mariadb
environment:
- MYSQL_ROOT_PASSWORD=password
hostname:
mariadb.so.testlab.onap.org
logging:
driver: "json-file"
options:
max-size: "30m"
max-file: "5"
sdnc:
image: onap/sdnc-image:1.8.1
container_name: sdnc
volumes:
- /etc/localtime:/etc/localtime:ro
- ./certs:/opt/opendaylight/current/certs
entrypoint: ["/opt/onap/sdnc/bin/startODL.sh"]
ports:
- "8282:8181"
hostname:
sdnc
depends_on:
- mariadb
environment:
- MYSQL_ROOT_PASSWORD=password
- SDNC_CONFIG_DIR=/opt/onap/sdnc/data/properties
- MYSQL_PASSWD=password
- ODL_CERT_DIR=/opt/opendaylight/current/certs
- ODL_ADMIN_USERNAME=admin
- ODL_ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
dns:
- ${DNS_IP_ADDR-10.0.100.1}
logging:
driver: "json-file"
options:
max-size: "30m"
max-file: "5"
extra_hosts:
- sdnctldb02:${LOCAL_IP}
- sdnctldb01:${LOCAL_IP}
- dbhost:${LOCAL_IP} |
Where are we now?
Installing pre-existing certs. This caused issues with SDN-C v. 2.2.3 installation, so we removed this step[ (we assume SDN-C now includes its own and/or ODL certs)Install SDN-C (output includes details on ODL certification installation)
| Code Block |
|---|
| language | yml |
|---|
| title | SDNC Certificate Success |
|---|
| collapse | true |
|---|
|
100% [========================================================================]
Karaf started in 44s. Bundle stats: 433 active, 434 total
Certificate installation in progress. Elapsed time - 60 secs. Waiting for 10 secs before checking the status..
Certificate installation in progress. Elapsed time - 70 secs. Waiting for 10 secs before checking the status..
Certificate installation in progress. Elapsed time - 80 secs. Waiting for 10 secs before checking the status..
Certificate installation in progress. Elapsed time - 90 secs. Waiting for 10 secs before checking the status..
Start cert provisioning. Log file: /opt/opendaylight/current/data/log/installCerts.log
Certificate installation script completed execution
Everything OK in Certificate Installation |
- Mount Node
- RestConf queries work fine:
We can also query SDNC to return all nodes using http://localhost:8282/restconf/config/network-topology:network-topology/topology/topology-netconf
Image Added
the nodes can also be retrieved using /restconf
Image Added
/rest based request fail
http://localhost:8282/rests/data/network-topology:network-topology/topology=topology-netconf/node=DemoNode/yang-ext:mount/turing-machine:turing-machine we receive the following error:
| Code Block |
|---|
| language | yml |
|---|
| title | Postman Response |
|---|
| linenumbers | true |
|---|
|
{
"errors": {
"error": [
{
"error-tag": "resource-denied-transport",
"error-type": "protocol",
"error-message": "Mount point does not exist."
}
]
}
} |
CPS CSIT test fail with same root cause
| Info |
|---|
|
09:49:08.028 [http-nio-8080-exec-8] ERROR o.o.c.n.d.e.DmiExceptionHandler - Exception occurred
org.springframework.web.client.HttpServerErrorException$ServiceUnavailable: 503 Service Unavailable: [{"errors":{"error":[{"error-tag":"resource-denied-transport","error-type":"protocol","error-message":"Mount point does not exist."}]}}] |
Summary
Perhaps there is a change in the way /rests behaves that we are unfamiliar with or perhaps our configuration is incorrect. To sum up: we can successfully start SDNC, mount a node, query nodes using /restconf but all /rests calls seem to fail. This could be an issue with certs or TLS.
Open Questions
| # | Question/Issue | Notes/Decision |
|---|
| 1 | Are we to generate certs for SDNC ourselves or can we rely on the certs used as part of SDNC itself? | As mentioned on https://docs.onap.org/projects/onap-sdnc-oam/en/istanbul/cert_installation.html certs folder is required as part of installing SDNC through docker-compose |
| 2 | Do we have some incorrect config in our docker-compose file? | Code Block |
|---|
| language | yml |
|---|
| title | CPS SDNC docker-compose.yml |
|---|
| linenumbers | true |
|---|
| collapse | true |
|---|
| # ============LICENSE_START=======================================================
# Copyright (C) 2022 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
version: '3'
services:
mariadb:
image: mariadb:10.5
container_name: sdnc_db_container
ports:
- "3306:3306"
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-password}
- MYSQL_ROOT_HOST=%
- MYSQL_USER=${MYSQL_USER:-sdnc}
- MYSQL_PASSWORD=${MYSQL_PASSWORD:-password}
- MYSQL_DATABASE=${MYSQL_DATABASE:-sdncdb}
logging:
driver: "json-file"
options:
max-size: "30m"
max-file: "5"
ansible:
image: onap/sdnc-ansible-server-image:2.2.2
depends_on :
- mariadb
container_name: sdnc_ansible_container
entrypoint: ["/opt/ansible-server/startAnsibleServer.sh"]
ports:
- "8000"
links:
- mariadb:dbhost
- mariadb:sdnctldb01
- mariadb:sdnctldb02
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-password}
- MYSQL_USER=${MYSQL_USER:-sdnc}
- MYSQL_PASSWORD=${MYSQL_PASSWORD:-password}
- MYSQL_DATABASE=${MYSQL_DATABASE:-sdncdb}
- ANSIBLE_TRUSTSTORE_PASSWORD=${ANSIBLE_TRUSTSTORE_PASSWORD:-changeit}
logging:
driver: "json-file"
options:
max-size: "30m"
max-file: "5"
sdnc:
image: onap/sdnc-image:${VERSION:-2.2.3}
depends_on :
- mariadb
- ansible
container_name: sdnc_controller
entrypoint: ["/opt/onap/sdnc/bin/startODL.sh"]
ports:
- "8282:8181"
links:
- mariadb:dbhost
- mariadb:sdnctldb01
- mariadb:sdnctldb02
- ansible:ansiblehost
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-password}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD-password}
- MYSQL_DATABASE=${MYSQL_DATABASE:-sdncdb}
- SDNC_CONFIG_DIR=/opt/onap/sdnc/data/properties
- SDNC_BIN=/opt/onap/sdnc/bin
- ODL_CERT_DIR=/tmp
- ODL_ADMIN_USERNAME=${ODL_USER:-admin}
- ODL_ADMIN_PASSWORD=${ODL_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U}
- ODL_USER=${ODL_USER:-admin}
- ODL_PASSWORD=${ODL_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U}
- SDNC_DB_INIT=true
- HONEYCOMB_USER=${HONEYCOMB_USER:-admin}
- HONEYCOMB_PASSWORD=${HONEYCOMB_PASSWORD:-admin}
- TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD:-changeit}
- KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD:-adminadmin}
- SO_USER=${SO_USER:-sdncaBpmn}
- SO_PASSWORD=${SO_PASSWORD:-password1$$}
- NENG_USER=${NENG_USER:-ccsdkapps}
- NENG_PASSWORD=${NENG_PASSWORD:-ccsdkapps}
- CDS_USER=${CDS_USER:-ccsdkapps}
- CDS_PASSWORD=${CDS_PASSWORD:-ccsdkapps}
- ANSIBLE_USER=${ANSIBLE_USER:-sdnc}
- ANSIBLE_PASSWORD=${ANSIBLE_PASSWORD:-sdnc}
- SQL_CRYPTKEY=${SQL_CRYPTKEY:-fakECryptKey}
- A1_TRUSTSTORE_PASSWORD=a1adapter
dns:
- ${DNS_IP_ADDR-10.0.100.1}
logging:
driver: "json-file"
options:
max-size: "30m"
max-file: "5"
extra_hosts:
aaf.osaaf.org: 10.12.6.214 |
| Need mount to specific files, see https://gerrit.onap.org/r/c/cps/+/126945/14..15/csit/plans/cps/sdnc/docker-compose.yml
Original guide used for sdnc docker-compose can be found here: Istanbul - Run. |
| 3 | CPS has certs within our repo which were generated for previous versions of SDNC. If we mount the volume as such: volumes:
- $SDNC_CERT_PATH:/opt/opendaylight/current/certs
where SDNC_CERT_PATH is the absolute path of the certs within the cps repo, we get the following error in SDNC cert logs: 18:23:42 2022-02-07 18:09:57,310 - root - ERROR - Error while extracting zip file(s). Exiting Certificate Installation.
18:23:42 2022-02-07 18:09:57,310 - root - INFO - Error details : [Errno 13] Permission denied: '/opt/opendaylight/current/certs/keys0'
18:23:42 Stoppping SDNR container due to failure in installing Certificates This is how we installed and used certs for SDNC 1.8.1 so has the process of accessing the certs changed? | This was resolved by adding separate volume mounts for the files contained with the certs folder.
Old: | Code Block |
|---|
| volumes:
- $SDNC_CERT_PATH:/opt/opendaylight/current/certs |
New: | Code Block |
|---|
| volumes:
- ./certs/certs.properties:/opt/opendaylight/certs/certs.properties
- ./certs/keys0.zip:/opt/opendaylight/certs/keys0.zip |
|