Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »


Analysis

vFirewall Demo Sequence of Events

All the events during a VF creation so we can understand all the orchestration steps at a granular REST level.

Prerequisites 

SeqNameSourceTargetActorREST calls


















Config

SeqNameSourceTargetActorREST calls

create customerrobotaai./demo.sh init

create service modelrobotaai./demo.sh init







Service Deployment

SeqNameSourceTargetActorREST calls

deploy service modelvid
demo user

create service instancevid
demo user






VNF Creation

SeqNameSourceTargetActorREST calls


robot
./demo.sh init












VFModule Preload

SeqNameSourceTargetActorREST calls

preload vnfrobot
./demo.sh preload <DemoVNF> <DemoModule>












VFModule Creation

SeqNameSourceTargetActorREST calls

create vf module <DemoModule>vid
demo user












Closed Loop

SeqNameSourceTargetActorREST calls

appcrobot
./demo.sh appc <DemoModule>












see also

Design Issues

DI 1: 20170719: AAI Cert required for HTTPS REST calls

Calls to AAI such as the following require both the authentication header and an imported certificate.  When running Postman - because it is a Chrome app - this is a simple case of loading a REST url in the browser and importing the certificate after an authentication challenge (AAI:AAI).  However for a java client like a JAX-RS 2.0 client we need the certificate in a keystore (the default or a specially defined one).

Below we import the cert into the default keystore.  Where did I get the cert? by extracting it from Firefox - however it is in the code base - looking it up

obrienbiometrics:onap michaelobrien$ ls $JAVA_HOME/jre/lib/security/cacerts

/Library/Java/JavaVirtualMachines/jdk1.8.0_121.jdk/Contents/Home/jre/lib/security/cacerts

sudo keytool -import -trustcacerts -alias aai -file /Users/michaelobrien/Dropbox/_amdocs/config/certs/aai/aaiapisimpledemoopenecomporg.cer -keystore $JAVA_HOME/jre/lib/security/cacerts

Running an https rest target using this certificate - if the cert is in a default keystore - you dont need to define it.

public String run(boolean isSSL, String url, String port, String path) {

String record = null;
 Client client = null;
 WebTarget latestTarget = null;
 WebTarget rootTarget = null;
 if(isSSL) {
 SslConfigurator sslConfig = SslConfigurator.newInstance();
SSLContext sslContext = sslConfig.createSSLContext();
HostnameVerifier verifier = new HostnameVerifier() {
 public boolean verify(String hostname, SSLSession sslSession) {
 return true; // TODO: security breach
}};
 client = ClientBuilder.newBuilder().sslContext(sslContext).hostnameVerifier(verifier).build();
 } else {
 client = ClientBuilder.newClient();
 }
rootTarget = client.target(url);
 latestTarget = rootTarget.path(path);
 try {
 try { Thread.sleep(1); } catch (InterruptedException ie) { Thread.currentThread().interrupt(); }
 record = latestTarget.request().get(String.class);



  • No labels