Service Mesh PoC plan
- Sylvain Desbureaux
- Byung-Woo Jun
- William Reehil
Recording of introduction
Phase 1
Used Components
This PoC will use at least the following ONAP components:
AAI
Schema Service
Traversal (data queries)
Search Data (only needed if using the UI)
Resources (CRUD interaction)
GraphAdmin (needed to set up the backend)
others?
SDC
BE
FE
Onboarding BE
VID
SO
BPMN infra
Catalog DB Adapter
Monitoring
Openstack Adapter
Request DB Adapter
SDNC Adapter
SDC Controller
API Handler (SO "base" c
DMaaP:
Message Router
SDNC:
DMaaP listener
SDNC Portal
UEB listener
Integrating the other sub components of AAI, DMaaP, SDC, SDNC and SO will be done if possible
client → https → Ingress → http → svc → http → pod
Ingress → http → sidecar → mtls → sidecar pod → http → pod
Validation Scenarios
The Validation Scenario will be to onboard and then deploy "basicUbuntu" VNF from gating system using GR API.
The validation scenario will be performed at each steps
Phase 2 (if time allows)
If "Step 1" of phase one is validated, we may move in parallel to step 2 → 4 of phase 1 to Phase 2
Used Components
On top of Phase 1 component, we'll add:
CDS
Multicloud k8s
Validation Scenario
The validation scenario will be to onboard and then deploy a CNF with values processed thanks to CDS
Flow Matrix
We have two possibilities to perform the Authoritypolicy with service mesh:
Simple apiVersion: security.istio.io/v1beta1
| Complex apiVersion: "security.istio.io/v1beta1"
|
|---|
Exemple of complex matrix (for simple, remove the 2 last columns):
Name of Source POD | Name of Target POD | Port Number | name of Methods |
|---|---|---|---|
so-vnfm-adapter | aaf-cert-service | 27017 | GET, POST |
so | aaf-locate.onap | 8095 |
|
| logstash | 4544 |
|
| 8095 |
|
|
| , mariadb 3306, |
|
|
| sdncOamPort: 8282, |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This flows are an information but due to the complexity and the heterogeneous of configuration, Could be miss some flow.
This information were find into values.yaml or overrides.yml, depend on the component.
aai | aai | cassandra |
|---|---|---|
aai-babel | No value | |
aai-data-router | No value | |
aai-elasticsearch | No value | |
aai-graphadmin | No value | |
aai-graphadmin-job | No value | |
aai-modelloader | No value | |
aai-resources | No value | |
aai-schema-service | No value | |
aai-search-data | No value | |
aai-sparky-be | aai, aai-elasticsearch, aai-gizmo, aai-search-data | |
aai-traversal | No value | |
aai-traversal-job | No directory | |
SDC | sdc | cassandra, logstashPort "5044" |
sdc-be | No value | |
sdc-be-job | No directory | |
sdc-cs | cassandra | |
sdc-cs-job | sdc-be:8443 | |
sdc-dcae-be | sdc-dcae-be-8082, sdc-dcae-be-8444 | |
sdc-dcae-be-job | No directory | |
sdc-dcae-dt | No value | |
sdc-dcae-fe | No value | |
sdc-dcae-tosca-lab | sdc-dcae-tosca-lab-8085 sdc-dcae-tosca-lab-8445 | |
sdc-fe | sdc-dcae-fe:9444, sdc.dcae.plugin.simpledemo.onap.org:30264, https://sdc.dcae.plugin.simpledemo.onap.org:30266, sdc-wfd-fe:8443, sdc.workflow.plugin.simpledemo.onap.org:30256 | |
sdc-onboarding-be | cassandra | |
sdc-onboarding-be-job | No directory | |
sdc-wfd-be | cassandraClientPort: 9042, sdc-be:8443 | |
sdc-wfd-be-job | No directory | |
sdc-wfd-fe | /sdc-wfd-be:8443 | |
vid | vid | mariadb, asdcclient 8443, so vidaai 8443, msoport "8080" |
vid-galera | no directory | |
vid-job | no firectory | |
so | so | aaf-locate.onap:8095 logstashPort: 5044, mariadb 3306, sdncOamPort: 8282, mso, sdc, dmaap, nbi.onap:8080/nbi/api/v3, dmaap-bc, aai |
so-appc-orchestrator | appc, aaf, so-bpmn-infra (Deprecated in the Guilin release) | |
so-bpmn-infra | cds-blueprints-processor-grpc, aai, mso, aaf, sdnc; sniro, mso-adapter-db, mso-adapter-po, aaf , oof-osdf, so-vnfm-adapter, camanda so-openstack-adapter, | |
so-catalog-db-adapter | aaf , Maria DB (Gallera) | |
so-mariadb | Gallera (cluster deployment) | |
so-monitoring | No value | |
so-nssmf-adapter | aaf, aai,so-request-request-db-adapter | |
so-openstack-adapter | aaf, aai, so-request-db-adapter, so-bpmn-infra, so-catalog-db-adapter | |
so-request-db-adapter | aaf, Maria DB (Gallera) | |
so-sdc-controller | aai, aaf, asdc, so-catalog-db-adapter, request-db-adapter, asdc-connections, sdc-wfd-be, Maria DB (Gallera) | |
so-sdnc-adapter | aaf, sndc, so-catalog-db-adapter | |
so-ve-vnfm-adapter | msb-iag, aai, message-router (Deprecated in the Guilin release) | |
so-vfc-adapter | aaf, so-request-db-adapter | |
so-vnfm-adapter - Renamed as Sol003-adapter in Guilin | aaf, sdc-be, msb-iag, modeling-etsicatalog, aai | |
so-etsi-nfvo - introduced in Guilin | aaf, sdc-be, msb-iag, modeling-etsicatalog, aai | |
so-cnf-adapter -Introduced in Guilin | so-bpmn-infra | |
so-oof-adater - Introduced in Guilin | oof, bpmn-infa | |
Dmaap | dmaap | aaf |
dmaap-bc | ||
dmaap-dr-node | aaf | |
dmaap-dr-prov | mariadb 3306 | |
message-router | message-router-kafka, message-router-zookeeper | |
message-router-kafka | no directory | |
message-router-zookeeper | no directory | |
sdnc | sdnc | aaf sdnc-cert-initializer, netbox, aai, modeling, restconf, scaleout, ansible |
sdnc-ansible-server | mariadbGalera | |
sdnc-db | mariadbGalera | |
sdnc-dgbuilder | mariadbGalera | |
sdnc-dmaap-listener | dmaap , mariadbGalera | |
sdnc-portal | mariadbGalera – Sdnc portal is disabled in Frankfurt and removed in Guilin | |
sdnc-ueb-listener | mariadbGalera logging sdc-be | |
ccsdk/cds | cds | mariadbGalera |
cds-blueprints-processor | mariadb-galera, cds-db, dmaap | |
cds-command-executor | No value | |
cds-db | No Directory | |
cds-py-executor | No value | |
cds-sdc-listener | No value | |
cds-ui | cds-blueprints-processor | |
Multicloud | multicloud | msb-iag, log-ls, aai |
multicloud-azure | msb-iag, aai | |
multicloud-fcaps | msb-iag, aai | |
multicloud-k8s | No value | |
multicloud-k8s-mongo | no directory | |
multicloud-promotheus | logging | |
multicloud-pike | msb-iag, aai | |
multicloud-starlingx | msb-iag, aai | |
multicloud-vio | msb-iag, aai | |
multicloud-windriver | msb-iag, aai |