...
STEP 1 AUTHENTICATE CONNECTION - The PNF Authenticates its connection
foo
STEP 2 PNF REGISTRATION - The PNF re-registers with ONAP
PNP-6000 [AAF] AAF shall authenticate the PNF.
PNP-6010 [AAF] AAF shall be able to inboard the security keys for vendor certificate validation.
PNP-6020 [PNF] - When the PNF sets up a HTTP or HTTPS connection, it MUST provide a username and password to the DCAE VES Collector for HTTP Basic Authentication.
Note: HTTP Basic Authentication has 4 steps: Request, Authenticate, Authorization with Username/Password Credentials, and Authentication Status as per RFC7617 and RFC 2617
PNP-6021 [PNF] - If the PNF set up a TLS connection and mutual (two-way) authentication is being used, then the PNF MUST provide its own X.509v3 Certificate to the DCAE VES Collector for authentication.
Note: This allows TLS authentication by DCAE VES Collector..
Note: The PNF got its X.509 certificate through Enrollment with an operator certificate authority or a X.509 vendor certificate from the vendor factory CA.
Note: In R3 three authentication options are supported:
(1) HTTP with Username & Password and no TLS
(2) HTTP with Username & Password & TLS with two-way certificate authentication;
(3) HTTP with Username & Password & TLS with server-side certificate authentication.
PNP-6030 [DCAE] - DCAE authenticates the HTTP/TLS connection with a certificate. Certificate is X.509v3 issued by the Service Provider CA. Note: in Dublin, no HTTP username or password is needed.
PNP-6040 [DCAE] - VES Collector authenticates the PNF using the a username and password, Certificate, and standard PKI validation.
PNP-6050 [DCAE] - VES uses integrated CADI module to request the role and permissions for the PNF from AAF.
PNP-6060 [AAF] - AAF returns the role and permissions of the PNF to DCAE.
PNP-6070 [DCAE] - DCAE compares the event to the permissions and either accepts or rejects the event.
STEP 2 pnfREGISTRATION EVENT RECIEVED BY VES LISTENER
The pnfRegistration VES Event is published onto DMaaP.
PNP-6080 [DCAE/DMaaP/DR] - When the PNF sends the pnfRegistration Event to the DCAE VES Event Listener, DCAE shall publish the VES event received from the PRH onto the DMaaP/DR. The VES event should be using the pnfRegistration domain (Casablanca)
STEP 3 pnfREGISTRATION ONTO DMaaP
PNP-6090 [DMaaP] – There shall be created a static pnfRegistration DmaaP Topic. Note: That a static as opposed to a dynamic DMaaP topic is needed because it is not known what PNF service will be needed when the PNF registers.
STEP 4 pnfREGISTRATION EVENT RETRIEVED BY PRH
The pnfRegistration VES Event is retrieved by the PRH.
PNP-6100 [PRH] - PRH shall retrieve the pnfRegistration Event off of the DMaaP Bus. PRH shall periodically check the DMaaP bus for the VES event for the PRH.
PNP-6110 [PRH] – If the PRH is unable to read from DMaaP on the pnfRegistration domain it shall return an error.
PNP-6120 [DMaaP] In DMaaP, end-points need to be configured (topic creation). And PRH needs to have these end-points configured as well. PRH needs to pick up this configuration (cloudify module). And if they are not properly configured, PRH is unable to get the pnfRegistration message off of the DMaaP bus. What would happen is that the DMaaP end-point does not exist; thus an HTTP error response is returned to the PRH. It would require an operator to deduce that this problem has occurred.
PNP-6130 [PRH] - if the PRH is unable to read the pnfRegistration VES message. In this case the schema might be incorrect which results in a mismatch with what the PNF sends and what the PRH expects. Thus, the PRH is unable to process the VES event properly. The PRH shall logs this error.foo
STEP 3 PUBLISH EVENT - The Event to DMaaP Bus.
...