This is based on an ONAP instance that has the required components to run the vFirewall Closed Loop Demo, on a Kubernetes cluster using OOM Beijing release.
Onboarding process flow of a VNF in ONAP
The following ONAP components are the required ones to execute the vFirewall Closed Loop demo successfully:
- Portal
- Robot
- SDC
- APPC
- DCAE
- AAI
- Policy
- VID
- DMaaP
This is the composition of the vFirewall VNF package used as part of its closed loop demo:
- vFirewall component
- vSINK component
- vPacketGen (packet generator) component
The following items are required to be able to run the vFirewall Closed Loop demo:
- vFW-vSINK preload file to use in SDNC’s ODL: https://wiki.onap.org/download/attachments/1015891/vfw_preload_beijing.txt?version=1&modificationDate=1537300585000&api=v2
- vPacketGen preload file to use in SDNC’s ODL: https://wiki.onap.org/download/attachments/1015891/vpacketgen_preload_beijing.txt?version=1&modificationDate=1537300585000&api=v2
- vFW-vSINK HEAT template to use as part of uploading it into Portal’s SDC’s Widget:
- HEAT template (Beijing – stable release): https://gerrit.onap.org/r/gitweb?p=demo.git;a=blob;f=heat/vFWCL/vFWSNK/base_vfw.yaml;h=fe7f8dc64bfc7fb289318de74e6b8dce49d485c0;hb=refs/heads/beijing
- ENV file (Beijing – stable release): https://gerrit.onap.org/r/gitweb?p=demo.git;a=blob;f=heat/vFWCL/vFWSNK/base_vfw.env;h=a6c4c73862592f262ba2e533ea0a4e4f9786d5e2;hb=refs/heads/beijing
- vPacketgen HEAT template to use as part of uploading it into Portal’s SDC’s Widget:
- HEAT template (Beijing – stable release): https://gerrit.onap.org/r/gitweb?p=demo.git;a=blob;f=heat/vFWCL/vPKG/base_vpkg.yaml;h=160331bf807b95d6f86b20118a15b26abfeb7153;hb=refs/heads/beijing
- ENV template (Beijing – stable release): https://gerrit.onap.org/r/gitweb?p=demo.git;a=blob;f=heat/vFWCL/vPKG/base_vpkg.env;h=317fde9eedda848598061ca5f07580ac0b6edf91;hb=refs/heads/beijing
- File to mount the VNF in APPC’s ODL: https://wiki.onap.org/download/attachments/16009371/appc_mountpoint.txt?version=1&modificationDate=1511893778000&api=v2
Set up the HEAT Templates
In this part, we need to grab the HEAT templates above and do the following steps to popoulate the HEAT ENV file parameter values to prepare to upload them in the SDC Widget later on in this document.
First, populate the HEAT ENV file with the values that are specific to your Openstack environment:
vFW-vSINK (vFirewall & vSINK components)
parameters: image_name: PUT THE VM IMAGE NAME HERE ( Suggested: UBUNTU 14.04 LTS - QCOW2 Format ) flavor_name: PUT THE VM FLAVOR NAME HERE ( Suggested: OpenStack-standard m1.medium ) public_net_id: PUT THE PUBLIC NETWORK ID HERE ( Provider-Type Network only - NO Floating IP Network ) unprotected_private_net_id: zdfw1fwl01_unprotected ( Leave as is ) unprotected_private_subnet_id: zdfw1fwl01_unprotected_sub ( Leave as is ) unprotected_private_net_cidr: 192.168.10.0/24 ( Leave as is ) protected_private_net_id: zdfw1fwl01_protected ( Leave as is ) protected_private_subnet_id: zdfw1fwl01_protected_sub ( Leave as is ) protected_private_net_cidr: 192.168.20.0/24 ( Leave as is ) onap_private_net_id: PUT THE ONAP PRIVATE NETWORK NAME / ID HERE onap_private_subnet_id: PUT THE ONAP PRIVATE NETWORK NAME / ID HERE onap_private_net_cidr: 10.0.0.0/16 ( Leave as is ) vfw_private_ip_0: 192.168.10.100 ( Leave as is ) vfw_private_ip_1: 192.168.20.100 ( Leave as is ) vfw_private_ip_2: 10.0.100.1 ( Leave as is ) vpg_private_ip_0: 192.168.10.200 ( Leave as is ) vsn_private_ip_0: 192.168.20.250 ( Leave as is ) vsn_private_ip_1: 10.0.100.3 ( Leave as is ) vfw_name_0: zdfw1fwl01fwl01 ( Leave as is - dummy value to be changed by SO in demo ) vsn_name_0: zdfw1fwl01snk01 ( Leave as is - dummy value to be changed by SO in demo ) vnf_id: vFirewall_demo_app ( Leave as is - dummy value to be changed by SO in demo ) vf_module_id: vFirewallCL ( Leave as is - dummy value to be changed by SO in demo ) dcae_collector_ip: PUT THE EXTERNAL IP OF A K8S VM NODE WHERE THE DCAE COLLECTOR IS AT dcae_collector_port: PUT THE K8S NODEPORT THAT EXPOSES THE DCAE COLLECTOR ( Default: 30235 ) repo_url_blob: https://nexus.onap.org/content/sites/raw ( Leave as is ) repo_url_artifacts: https://nexus.onap.org/content/repositories/releases ( Leave as is ) demo_artifacts_version: 1.2.1 install_script_version: 1.2.1 key_name: PUT THE KEYSTONE SSH NAME TO BE MAPPED TO THE VMs pub_key: PUT THE PUBLIC SSH KEY PORTION OF THE KEYSTONE SSH NAME TO BE MAPPED TO THE VMs cloud_env: PUT openstack OR rackspace HERE
vPacketGen (Packet Generator)
parameters: image_name: PUT THE VM IMAGE NAME HERE ( Suggested: UBUNTU 14.04 LTS - QCOW2 Format ) flavor_name: PUT THE VM FLAVOR NAME HERE ( Suggested: OpenStack-standard m1.medium ) public_net_id: PUT THE PUBLIC NETWORK ID HERE ( Provider-Type Network only - NO Floating IP Network ) unprotected_private_net_id: zdfw1fwl01_unprotected ( Leave as is ) unprotected_private_subnet_id: zdfw1fwl01_unprotected_sub ( Leave as is ) unprotected_private_net_cidr: 192.168.10.0/24 ( Leave as is ) onap_private_net_id: PUT THE ONAP PRIVATE NETWORK NAME / ID HERE onap_private_subnet_id: PUT THE ONAP PRIVATE NETWORK NAME / ID HERE onap_private_net_cidr: 10.0.0.0/16 protected_private_net_cidr: 192.168.20.0/24 vfw_private_ip_0: 192.168.10.100 vpg_private_ip_0: 192.168.10.200 vpg_private_ip_1: 10.0.100.2 vsn_private_ip_0: 192.168.20.250 vpg_name_0: zdfw1fwl01pgn01 ( Leave as is - dummy value to be changed by SO in demo ) vnf_id: vPNG_Firewall_demo_app ( Leave as is - dummy value to be changed by SO in demo ) vf_module_id: vTrafficPNG ( Leave as is - dummy value to be changed by SO in demo ) repo_url_blob: https://nexus.onap.org/content/sites/raw ( Leave as is ) repo_url_artifacts: https://nexus.onap.org/content/repositories/releases ( Leave as is ) demo_artifacts_version: 1.2.1 install_script_version: 1.2.1 key_name: PUT THE KEYSTONE SSH NAME TO BE MAPPED TO THE VMs pub_key: PUT THE PUBLIC SSH KEY PORTION OF THE KEYSTONE SSH NAME TO BE MAPPED TO THE VMs cloud_env: PUT openstack OR rackspace HERE