Introduction
Policy - CDS integration for VNF is tested with vFirewall use case. Drools-pdp is used for deploying operational policy & Xacml-pdp is used for deploying monitoring policy.
Brief Test flow:
- Drools-PDP reads the ONSET event from unauthenticated.DCAE_CL_OUTPUT DMaaP topic
- Based out of the event, a request is made to CDS using the CDS Actor by Drools-PDP, where the action is "modify-config"
- Upon receiving the request, CDS fetches the VNF details from AAI and performs the modify config operation in VNF.
- Drools-PDP receives corresponding response from CDS, the results are logged and also posted to POLICY-CL-MGT topic.
Setting up the test environment
ONAP Setup
ONAP Integration SB00 lab is used for the testing.
CDS Blueprint setup
CDS blueprint used for the testing - vFW-CDS-Blueprint.zip
For CDS API to load the blueprint - vFW CDS.postman_collection.json
SDC Service creation & distribution
For service creation & distribution from SDC please refer to this guide - E2E Automation vFW w/ CDS Use Case - ONAP-02-Design Time
vFW software package - vFW.zip
DCAE Blueprint - dcae_blueprint.yaml
Policy creation & deployment
For policy creation, deployment and testing refer - vFW Policy.postman_collection.json
Use the below command to verify the configuration change in VNF
curl -X GET http://10.0.101.34:8183/restconf/config/stream-count:stream-count/streams -H 'Accept: application/json' -H 'Authorization: Basic YWRtaW46YWRtaW4=' -H 'Content-Type: application/json'
Test result
The testing for vFW use case is successfully completed using the details mentioned above. The "active streams" was changed from 1 to 7 in the device.
BEFORE root@sb01-nfs:~# curl -X GET http://10.0.101.34:8183/restconf/config/stream-count:stream-count/streams -H 'Accept: application/json' -H 'Authorization: Basic YWRtaW46YWRtaW4=' -H 'Content-Type: application/json' {"streams":{"active-streams":1}} root@sb01-nfs:~# AFTER root@sb01-nfs:~# curl -X GET http://10.0.101.34:8183/restconf/config/stream-count:stream-count/streams -H 'Accept: application/json' -H 'Authorization: Basic YWRtaW46YWRtaW4=' -H 'Content-Type: application/json' {"streams":{"active-streams":7}} root@sb01-nfs:~#