Skip to end of metadata
Go to start of metadata

This demonstration uses ONAP platform components on a Rackspace cloud as illustrated in Figure 1.  You must have a Rackspace account, stack creation can occur on either the IAD or DFW DCs..

This demo configuration should not be taken as a how to use ONAP in a production setting - it currently does not attend to the following issues: Password management, API securing, Disaster recovery, High availability

ONAP Deployment Environments

ReleaseArtifactsReferencesStateDescription
1.0.0

Rackspace ONAP Heat Template

openecomp_rackspace.env

openecomp_rackspace.yaml



stable branch

replace variables in the env template

supports default public IPs for DCAE

1.1.0/R1 masterRackspace ONAP Heat Template

https://gerrit.onap.org/r/gitweb?p=demo.git;a=tree;f=heat/ONAP;h=97afff660ea2b483badb59aaaec6360bc2637e07;hb=refs/heads/master

supports default public IPs for DCAE

20170812 build looks stable - running vFW to verify

pending
(dcae vms coming up)

replace variables in the env template

1.1.0


Vanilla Openstack Heat Template

use https://gerrit.onap.org/r/gitweb?p=demo.git;a=tree;f=heat/ONAP;hb=master

(don't use after 20170804) https://gerrit.onap.org/r/gitweb?p=demo.git;a=tree;f=heat/OpenECOMP;h=440dbbee20f631e18208368f41e967ef4cc64c30;hb=HEAD


Supports floating IPs for DCAE

ONAP VF Templates

ReleaseArtifactReferencesDescription
1.0.0

vFirewall VF Heat Template

 vFW_100_20170608.zip 

Example zip on reference page

or build your own zip with a manifest.json
https://nexus.onap.org/content/sites/raw/org.openecomp.demo/heat/vFW/1.0.0/base_vfw.env

https://nexus.onap.org/content/sites/raw/org.openecomp.demo/heat/vFW/1.0.0/base_vfw.env

containing the repo

https://nexus.onap.org/content/sites/raw/org.openecomp.demo/vnfs/vfw/1.0.0-SNAPSHOT

vFirewall heat template zips
1.0.0

vFirewall SSH key

/testsuite/robot/assets/keys/robot_ssh_private_key.pvtssh key for the demo instances (fwl, sink, traffic generator)
1.0.0vLB/vDNS Heat Template

Build your own zip with a manifest.json (see here for instructions on how to generate manifest.json)

Use base_vlb.env, base_vlb.yaml, dnsscaling.env, dnsscaling.yaml from: https://nexus.onap.org/content/sites/raw/org.openecomp.demo/heat/vLB/1.0.0-SNAPSHOT/

Note: DO NOT use packet_gen_vlb.env and packet_gen_vlb.yaml for version 1.0.0 as packet_gen is not part of the VNF in this version. Please see the README.md for demo VNFs for instructions on how to use a separate packet generator VM to generate DNS queries https://gerrit.onap.org/r/gitweb?p=demo.git;a=blob;f=README.md;h=88f723eaec6c908e373c2a544ec6f28d823774c3;hb=refs/heads/master

vLoadBalancer and vDNS heat template zips
1.1.0vFW, vLB

ONAP Deployment Videos

ONAP VersionDescriptionVideo
1.0.01 - 2.2G 23min 16:33-16:57 (bootstrap rackspace ONAP VMs - before 5 DCAE boot up)

2 - 1.2G 10min 17:00-17:10 (Observe 5 DCAE VMs come up - wait for ONAP to be stable) - only for timing - does not show much!

DCAE 1.0.0 takes up to 26 min to get the dcae-controller docker container up and another 7 min to start orchestration of the cdap cluster

check progress by watching the dcae-controller "docker ps" - the collector instance is first to come up,

pstg may take up to 24 min after container start and 48 min after VM start, cdap02 is last



3 - 1.6G 32min 17:11-17:43 (Run vFirewall demo including closed-loop DMaaP TCA/Measurement stats)

(there is a swap of the vLB during onboarding that only affects the service icon - both vLB and vFW are layer 4)

1.1.020170812 looks promising


Known Issues

UCA-17 - Getting issue details... STATUS  

https://lists.onap.org/pipermail/onap-discuss/2017-June/001936.html

UCA-19 - Getting issue details... STATUS

APPC-76 - Getting issue details... STATUS

20170815

Hello ONAP Community Members,

 

We’v set a group of people in order to stabilized the ONAP master branch and will send a daily mail regarding its status.

Also we will run the scenarios below as a “health-check” after ONAP deployment:

-        Deployment of all the components is done.

-        SDC Modeling of vDNS and vFW.

-        VDNS distribution.

-        VFirewall  distribution.

 

Currently Issues we have on ONAP:

  1. VID-38 - R1.1.0 VID Service Model "Deploy" button not working in RS ORD.
  2. VID-21 - AAI was showing wrong port numbers.
  1. SDC-184 - TOSCA CSAR missing mandatory parameter of type under node_templates. – under retest
  2. SDC-237 - R1.1.0 - CONF_INVALID_ASDC_FQDN SDC-CLIENT.
  3. DCAEGEN2-69 - DCAE initialisation failure.
  4. OOM-59 - 403 Forbidden from readiness check on Kubernetes with RBAC enabled.
  5. Unable to see SDC models in VID application. – discussion inside ONAP confluence

 

BR,

Ran Pollak

Prerequisites

I keep forgetting about this page - Release Notes 1.0.0 draft also read the demo project readme

Duration: ~60-90 min to bring up the 17 VMs and wait for all 5 docker containers on the last CDAP02 VM - The 5 DCAE VMs starting with coll00 - will take 5-30 min to start depending on pull/build times.  5 min to do all the GUI prep prior to robot init/preload scripts - 10 min total.

Figure 1. ONAP Platform Demo Configuration


The demonstration configuration includes two Services: a Domain Name Service with load balancing, and a firewall with a traffic adjuster as illustrated below.

vFirewall Closed Loop

ONAP Demo Services

  • vFirewall - Spin up a vFirewall and virtual traffic generators.
                      Based on the load of the vFirewall, traffic volume is adjusted as to not overload the vFirewall with low priority traffic.



    Figure 2. ONAP vFirewall Demo

     vLB_demo.mp4

  • vLB - TODO: describe the Load Balancer demo
  • vDNS - Spin up an authoritative vDNS on Rackspace, connected to a network facing the public Internet.
                 The number of vDNS is dynamically adjusted based on load and policy?

Figure 3. ONAP vLoadBalancer/vDNS Demo


   vFW_demo.mp4

See also Tutorials

Additional detail on the configuration of platform components may be found in the Release notes.  Preparing virtual functions is covered in the design process and instructions for running the demo platform and services are provided by the following tutorial pages.

Rackspace/Openstack tenant

yaml + env files

Rackspace/Openstack demo

vFW yaml + env files

replace configuration options in the env file

onap_private_net_id: PUT THE ONAP PRIVATE NETWORK NAME HERE
onap_private_subnet_id: PUT THE ONAP PRIVATE NETWORK NAME HERE

Quickstart Instructions

(The following are a short form of the full demo instructions)

User workflow

Duration: 5 min until robot init/preload - 10 min after that.

Tutorial: Verifying and Observing a deployed Service Instance#vFirewallFlow

License Model

as cs on SDC onboard | new license model | license key groups (network wide / Universal) | Entitlement pools (network wide / absolute 100 / CPU / 000001 / Other tbd / Month) | Feature Groups (123456) | Available Entitlement Pools (push right) | License Agreements | Add license agreement (unlimited) - push right / save / check-in / submit | Onboard breadcrumb 

VF

Onboard | new Vendor (not Virtual) Software Product (FWL App L4+) | select LA (Lversion 1, LA, then FG) save | upload zip | checkin | submit

Onboard home | drop vendor software prod repo | select, import vsp | create | icon | submit for testing

Distributing

as jm | start testing | accept 

as cs | sdc home | see firewall | add service | cat=l4, 123456 create | icon | composition, expand left app L4 - drag | submit for testing 

as jm | start testing | accept 

as gv | approve 

as op | distribute

VSP

ssh to vm1-robot, cd /opt

./demo.sh init (takes around 90 sec) - verify customer is on AA&I by doing a https://aai:8443/aai/v8/business/customers (auth AAI:AAI)

as demo | vid | service models | deploy (service - the one you created - not demoVFW or demoVLB - these 2 are leftover pre-population artifacts of the init script and will be removed) | create service instance "DemoInstance" | add VNF "DemoVNF" | passed | (view add volume and VF-Module dropdowns) 

./demo.sh preload DemoVNF DemoModule

as demo | Create VF Module (DemoModule) OR POST to http://{{mso_ip}}:8080/ecomp/mso/infra/serviceInstances/v2/<id>/vnfs/<id>/vfModules - see UCA-20 OSS JAX-RS 2 Client

./demo.sh appc DemoModule


References

Use base_vlb.env, base_vlb.yaml, dnsscaling.env, dnsscaling.yaml from

Images

Images may still contain OpenECOMP

Use Case: Use Case: vFW/vDNS (Approved)



  • No labels

5 Comments

  1. Notes: 20170804 Rackspace install of 1.1.0 - nexus repo not resolved - investigating

    Cloud-init v. 0.7.9 running 'modules:config' at Fri, 04 Aug 2017 16:30:08 +0000. Up 14.31 seconds.

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

      0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0curl: (6) Could not resolve host: nexus.onap.org

    chmod: cannot access 'mso_install.sh': No such file or directory

    /var/lib/cloud/instance/scripts/part-001: line 23: ./mso_install.sh: No such file or directory

    Cloud-init v. 0.7.9 running 'modules:final' at Fri, 04 Aug 2017 16:30:11 +0000. Up 16.58 seconds.

    2017-08-04 16:30:11,249 - util.py[WARNING]: Failed running /var/lib/cloud/instance/scripts/part-001 [127]

    2017-08-04 16:30:11,252 - cc_scripts_user.py[WARNING]: Failed to run module scripts-user (scripts in /var/lib/cloud/instance/scripts)

    2017-08-04 16:30:11,253 - util.py[WARNING]: Running module scripts-user (<module 'cloudinit.config.cc_scripts_user' from '/usr/lib/python3/dist-packages/cloudinit/config/cc_scripts_user.py'>) failed

    Cloud-init v. 0.7.9 finished at Fri, 04 Aug 2017 16:30:11 +0000. Datasource DataSourceConfigDrive [net,ver=2][source=/dev/xvdd].  Up 16.84 seconds

    root@vm1-mso:/var/log# cat cloud-init-output.log

    could be a proxy issue

    root@vm1-mso:/var/log# ping nexus.onap.org

    PING cloud.onap.org (199.204.45.137) 56(84) bytes of data.

    64 bytes from compute-199-204-45-137.ca-ymq-1.vexxhost.net (199.204.45.137): icmp_seq=1 ttl=51 time=20.1 ms


    2nd time around we are looking OK

    Processing triggers for ureadahead (0.100.0-19) ...

      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                     Dload  Upload   Total   Spent    Left  Speed

    100   617    0   617    0     0   2919      0 --:--:-- --:--:-- --:--:--  2924

    100 7857k  100 7857k    0     0  16.9M      0 --:--:-- --:--:-- --:--:-- 16.9M

    Cloning into 'test_lab'...

    Already up-to-date.

    docker command: local docker using unix socket

    tName": "AUTO" } }, "mso-po-adapter-config": { "cloud_sites": [ { "id": "Dallas", "aic_version": "2.5", "lcp_clli": "DFW", "region_id": "DFW", "identity_service_id": "RAX_KEYSTONE" }, { "id": "Northern Virg

    root@vm1-mso:~# docker ps

    CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                                                              NAMES

    06cf1d40c875        openecomp/mso       "/opt/mso/scripts/..."   4 minutes ago       Up 4 minutes        0.0.0.0:3904-3905->3904-3905/tcp, 0.0.0.0:8080->8080/tcp, 0.0.0.0:9990->9990/tcp   testlab_mso_1

    685df48e1e66        mariadb:10.1.11     "/docker-entrypoin..."   4 minutes ago       Up 4 minutes        0.0.0.0:32768->3306/tcp                                                            testlab_mariadb_1


    nexus is experiencing periodic DNS issues - perhaps due to the redirect to cloud.onap.org

    obrienbiometrics:onap michaelobrien$ dig nexus.onap.org


    ; <<>> DiG 9.8.3-P1 <<>> nexus.onap.org

    ;; global options: +cmd

    ;; Got answer:

    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21803

    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0


    ;; QUESTION SECTION:

    ;nexus.onap.org. IN A


    ;; ANSWER SECTION:

    nexus.onap.org. 3599 IN CNAME cloud.onap.org.

    cloud.onap.org. 10799 IN A 199.204.45.137


    ;; Query time: 60 msec

    ;; SERVER: 8.8.8.8#53(8.8.8.8)

    ;; WHEN: Sat Aug  5 00:00:59 2017

    ;; MSG SIZE  rcvd: 68


    Was the fact AAI in 1.1 needs a master gerrit_branch not the 1.0.0-RELEASE branch in the env templates (aai/test-config) was introduced post 1.0.0 on May 3

    AAI-136 - Getting issue details... STATUS

    Checked history - was fixed on June 30 by Marco.  My branch is from Aug 3rd though - so for some reason I was still seeing the openecomp folder instead of the renamed onap

    docker moves from 1.0 to 1.1, dcae moves to 1.1, gerritt moves to master from 1.0

    a pull fixed it

    obrienbiometrics:demo michaelobrien$ git pull

    Warning: Permanently added '[gerrit.openecomp.org]:29418,[198.145.29.92]:29418' (RSA) to the list of known hosts.

    First, rewinding head to replay your work on top of it...

    Fast-forwarded master to a94e309943d51a2d56e9aa19a582ac9eb40966e6.


    This tree was removed after 20170804 - it is now onap not openecomp

    https://gerrit.onap.org/r/gitweb?p=demo.git;a=tree;f=heat/OpenECOMP;hb=HEAD

    use

    https://gerrit.onap.org/r/gitweb?p=demo.git;a=tree;f=heat/ONAP;hb=master


    20170812

    obrienbiometrics:onap_11_20170812_ok michaelobrien$ ./health.sh 

    Warning: Permanently added 'aai1,' (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE                                                 COMMAND                  CREATED             STATUS              PORTS                                                NAMES

    a0b610740d68        nexus3.onap.org:10001/openecomp/data-router           "/opt/app/data-rou..."   7 days ago          Up 7 days           0.0.0.0:9502->9502/tcp                               testconfig_datarouter_1

    90b36b769927        nexus3.onap.org:10001/openecomp/search-data-service   "/opt/app/search-d..."   7 days ago          Up 7 days           0.0.0.0:9509->9509/tcp                               testconfig_aai.searchservice.simpledemo.openecomp.org_1

    b347cb91e6c2        nexus3.onap.org:10001/openecomp/model-loader          "/opt/app/model-lo..."   7 days ago          Up 7 days                                                                testconfig_model-loader_1

    0dca1d420750        aaionap/haproxy                                       "/docker-entrypoin..."   7 days ago          Up 7 days           0.0.0.0:8443->8443/tcp                               testconfig_aai.api.simpledemo.openecomp.org_1

    cf82f991a05b        nexus3.onap.org:10001/openecomp/aai-traversal         "/bin/sh -c ./dock..."   7 days ago          Up 7 days           0.0.0.0:8446->8446/tcp                               testconfig_aai-traversal.api.simpledemo.openecomp.org_1

    b3284622c0aa        nexus3.onap.org:10001/openecomp/aai-resources         "/bin/sh -c ./dock..."   7 days ago          Up 7 days           0.0.0.0:8447->8447/tcp                               testconfig_aai-resources.api.simpledemo.openecomp.org_1

    245da2cf6bb8        nexus3.onap.org:10001/openecomp/sparky-be             "/bin/sh -c /opt/a..."   7 days ago          Up 7 days           8000/tcp, 0.0.0.0:9517->9517/tcp                     testconfig_sparky-be_1

    ca140c25bb91        attos/dmaap                                           "/bin/sh -c ./star..."   7 days ago          Up 7 days           0.0.0.0:3904-3905->3904-3905/tcp                     dockerfiles_dmaap_1

    d3dcbe8b3dd6        dockerfiles_kafka                                     "start-kafka.sh"         7 days ago          Up 7 days           0.0.0.0:9092->9092/tcp                               dockerfiles_kafka_1

    52f929f6aa06        wurstmeister/zookeeper                                "/bin/sh -c '/usr/..."   7 days ago          Up 7 days           22/tcp, 2888/tcp, 3888/tcp, 0.0.0.0:2181->2181/tcp   dockerfiles_zookeeper_1

    Warning: Permanently added 'aai2,' (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE                    COMMAND                   CREATED             STATUS              PORTS                                                                                                                                                                                               NAMES

    158262473b57        elasticsearch:2.4.1      "/docker-entrypoin..."    7 days ago          Up 7 days           0.0.0.0:9200->9200/tcp, 9300/tcp                                                                                                                                                                    elasticsearch

    b0efd7ad0c86        aaionap/gremlin-server   "/bin/sh -c \"/dock..."   7 days ago          Up 7 days           0.0.0.0:8182->8182/tcp                                                                                                                                                                              testconfig_aai.gremlinserver.simpledemo.openecomp.org_1

    b1e6a3def89d        harisekhon/hbase         "/bin/sh -c \"/entr..."   7 days ago          Up 7 days           0.0.0.0:2181->2181/tcp, 0.0.0.0:8080->8080/tcp, 0.0.0.0:8085->8085/tcp, 0.0.0.0:9090->9090/tcp, 0.0.0.0:16000->16000/tcp, 0.0.0.0:16010->16010/tcp, 9095/tcp, 0.0.0.0:16201->16201/tcp, 16301/tcp   testconfig_aai.hbase.simpledemo.openecomp.org_1

    Warning: Permanently added 'appc,' (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE                                   COMMAND                  CREATED             STATUS                PORTS                                            NAMES

    d6ec49f09d3c        openecomp/dgbuilder-sdnc-image:latest   "/bin/bash -c 'cd ..."   7 days ago          Up 7 days             0.0.0.0:3000->3100/tcp                           sdnc_dgbuilder_container

    4a3731106cad        openecomp/appc-image:latest             "/opt/openecomp/ap..."   7 days ago          Up 7 days             0.0.0.0:1830->1830/tcp, 0.0.0.0:8282->8181/tcp   appc_controller_container

    9726435af1aa        mysql/mysql-server:5.6                  "/entrypoint.sh my..."   7 days ago          Up 7 days (healthy)   0.0.0.0:32768->3306/tcp                          sdnc_db_container

    Warning: Permanently added 'dcae,104.239.174.241' (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE                                                   COMMAND                  CREATED             STATUS              PORTS                    NAMES

    185e25941192        nexus3.onap.org:10001/openecomp/dcae-controller:1.1.0   "/bin/bash -c /opt..."   7 days ago          Up 7 days           0.0.0.0:9998->9998/tcp   dcaestartupvmcontroller_dcae-controller_1

    Warning: Permanently added 'mr,' (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE                    COMMAND                  CREATED             STATUS              PORTS                                                NAMES

    0ba85cee20f3        attos/dmaap              "/bin/sh -c ./star..."   7 days ago          Up 7 days           0.0.0.0:3904-3905->3904-3905/tcp                     dockerfiles_dmaap_1

    ada3ae042516        dockerfiles_kafka        "start-kafka.sh"         7 days ago          Up 7 days           0.0.0.0:9092->9092/tcp                               dockerfiles_kafka_1

    f04cf77cb5ab        wurstmeister/zookeeper   "/bin/sh -c '/usr/..."   7 days ago          Up 7 days           22/tcp, 2888/tcp, 3888/tcp, 0.0.0.0:2181->2181/tcp   dockerfiles_zookeeper_1

    Warning: Permanently added 'mso,1 (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                                                              NAMES

    5e513c6a22a3        openecomp/mso       "/opt/mso/scripts/..."   7 days ago          Up 7 days           0.0.0.0:3904-3905->3904-3905/tcp, 0.0.0.0:8080->8080/tcp, 0.0.0.0:9990->9990/tcp   testlab_mso_1

    4e7f4703b1c6        mariadb:10.1.11     "/docker-entrypoin..."   7 days ago          Up 7 days           0.0.0.0:32768->3306/tcp                                                            testlab_mariadb_1

    Warning: Permanently added 'policy,' (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE                       COMMAND                  CREATED             STATUS              PORTS                                            NAMES

    a2e16df2aad9        onap/policy/policy-pe       "bash ./do-start.s..."   7 days ago          Up 7 days                                                            brmsgw

    cdc12bdb3ac8        onap/policy/policy-pe       "bash ./do-start.s..."   7 days ago          Up 7 days           0.0.0.0:8081->8081/tcp                           pdp

    15e876083d63        onap/policy/policy-drools   "/bin/sh -c ./do-s..."   7 days ago          Up 7 days           0.0.0.0:6969->6969/tcp                           drools

    757a686eaab7        onap/policy/policy-pe       "bash ./do-start.s..."   7 days ago          Up 7 days           0.0.0.0:8443->8443/tcp, 0.0.0.0:9091->9091/tcp   pap

    194a056c1190        onap/policy/policy-db       "/bin/sh -c 'exec ..."   7 days ago          Up 7 days           0.0.0.0:3306->3306/tcp                           mariadb

    20870545ae44        onap/policy/policy-nexus    "/bin/sh -c 'bash ..."   7 days ago          Up 7 days                                                            nexus

    Warning: Permanently added 'portal,' (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                                                    NAMES

    2962f5ecaeca        widget-ms           "sh -c 'java $JAVA..."   7 days ago          Up 7 days           0.0.0.0:8082->8082/tcp                                                   ecomp-portal-widget-ms

    f567af48a284        ep:latest           "/configure-and-ru..."   7 days ago          Up 7 days           0.0.0.0:8006->8005/tcp, 0.0.0.0:8010->8009/tcp, 0.0.0.0:8989->8080/tcp   onap_portal

    d4c28b3faf08        ecompdb:portal      "docker-entrypoint..."   7 days ago          Up 7 days                                                                                    ecompdb_portal

    933111a734c4        mariadb             "docker-entrypoint..."   7 days ago          Created                                                                                      data_vol_portal

    Warning: Permanently added 'robot,' (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE                                                          COMMAND                  CREATED             STATUS              PORTS                NAMES

    f19733137f58        nexus3.onap.org:10001/openecomp/testsuite:1.1-STAGING-latest   "lighttpd -D -f /e..."   7 days ago          Up 7 days           0.0.0.0:88->88/tcp   openecompete_container

    Warning: Permanently added 'sdc,' (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE                                                                  COMMAND              CREATED             STATUS              PORTS                                                                     NAMES

    33201c38d2f3        nexus3.onap.org:10001/openecomp/sdc-frontend:1.1-STAGING-latest        "/root/startup.sh"   7 days ago          Up 7 days           0.0.0.0:8181->8181/tcp, 8080/tcp, 0.0.0.0:9443->9443/tcp                  sdc-FE

    2379ac054269        nexus3.onap.org:10001/openecomp/sdc-backend:1.1-STAGING-latest         "/root/startup.sh"   7 days ago          Up 7 days           0.0.0.0:8080->8080/tcp, 0.0.0.0:8443->8443/tcp                            sdc-BE

    840cd1bbc14c        nexus3.onap.org:10001/openecomp/sdc-kibana:1.1-STAGING-latest          "/root/startup.sh"   7 days ago          Up 7 days           0.0.0.0:5601->5601/tcp                                                    sdc-kbn

    25fa5977494c        nexus3.onap.org:10001/openecomp/sdc-cassandra:1.1-STAGING-latest       "/root/startup.sh"   7 days ago          Up 7 days           7000-7001/tcp, 0.0.0.0:9042->9042/tcp, 7199/tcp, 0.0.0.0:9160->9160/tcp   sdc-cs

    fcb53da41194        nexus3.onap.org:10001/openecomp/sdc-elasticsearch:1.1-STAGING-latest   "/root/startup.sh"   7 days ago          Up 7 days           0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp                            sdc-es

    Warning: Permanently added 'sdnc,162.242.221.143' (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE                                   COMMAND                  CREATED             STATUS                PORTS                     NAMES

    0e8e45dcc151        openecomp/admportal-sdnc-image:latest   "/bin/bash -c 'cd ..."   7 days ago          Up 7 days             0.0.0.0:8843->8843/tcp    sdnc_portal_container

    1f1dead1ca95        openecomp/dgbuilder-sdnc-image:latest   "/bin/bash -c 'cd ..."   7 days ago          Up 7 days             0.0.0.0:3000->3100/tcp    sdnc_dgbuilder_container

    98f92a985fbc        openecomp/sdnc-image:latest             "/opt/openecomp/sd..."   7 days ago          Up 7 days             0.0.0.0:8282->8181/tcp    sdnc_controller_container

    36411c892190        mysql/mysql-server:5.6                  "/entrypoint.sh my..."   7 days ago          Up 7 days (healthy)   0.0.0.0:32768->3306/tcp   sdnc_db_container

    Warning: Permanently added 'vid,' (ECDSA) to the list of known hosts.

    CONTAINER ID        IMAGE                                                    COMMAND                  CREATED             STATUS              PORTS                    NAMES

    bbf138630fa7        nexus3.onap.org:10001/openecomp/vid:1.1-STAGING-latest   "/tmp/vid/localize.sh"   7 days ago          Up 7 days           0.0.0.0:8080->8080/tcp   vid-server

    a92450c0a1f6        mariadb:10                                               "docker-entrypoint..."   7 days ago          Up 7 days           3306/tcp                 vid-mariadb


  2. Michael OBrienDaniel RoseRich BennettMarco PlataniaAvi ChapnickBorislav GlozmanLuke Parker

    Hi All,

    I have a couple of questions regarding message-router initial data - topics, topic ACLs and DMaaP keys.

    Right now I see that the demo uses zookeeper and kafka binary dump files with pre-populated initial data. DMaaP consumer configuration files have the DMaaP keys matching the data in the dump files.

    So the questions are:

    1. How the zookeeper and kafka dump files are created?
    2. Are there already plans to change this approach? If yes, is there story for it?
      1. I see that there is also script for creating the initial DMaaP configuration, but looks like it is not in use because it will create new DMaaP keys and then the keys must be distributed to the clients.


    Thanks,

    Yury.

    1. Lusheng Ji, can you please shed light on this?

      1. In long term, authentication should be done through a framework such as the AAF.  But before that really happens, there are components still use legacy mechanisms for topic access authentication such as API keys.  So what you see is a work-around for supporting preconfigured API keys for authentication.  The way it was done was pretty hacky, driven by the deadlines and the lack of proper API support on the Message Router for this use model.  Basically I took a snapshot of the running container's directories.  I never had the time to get back to this to do it properly, and secretly I also hope that the problem will go away after everybody comes onto the same page of using an authentication framework such as AAF.

        Now DMaaP is its own project, I am no longer involved.  Perhaps Varun Gudisena from the DMaaP team can comment on the plan?

  3. DMaaP Message Router currently supports both APIKEY and AAF Authentication. If clients have migrated  to start using AAF authentication, they can start disregarding API keys.I recommend using AAF for Authentication

    1) The zookeeper and kafka “data log” directories are created under the directories that are specified in kafka’s server.properties and zookeeper’s zoo.cfg  (“log”) configuration file.

    That are done by zookeeper and kafka service itself when the topic is created or accessed.

    I believe they reuse those directories (where the topics, ACL etc are stored in zookeeper / kafka directories) so they don’t have to recreate the topics and ACLs again in the new environment (cluster) from scratch.

    API keys are specific to cluster so we cannot create the same values/credentials by extracting outside and use it for another env/cluster.

    The application team can choose to recreate the topics in new env and add new keys for those topics, if they are not willing to create dump the binaries/data directories from previous clusters. It is being done for quick activity.


    2) We don't have plans for now to change this approach.