In Frankfurt Authorization and Authentication are implemented. Accounting is not considered.
Related to:
| Jira | ||||||
|---|---|---|---|---|---|---|
|
| Jira | ||||||
|---|---|---|---|---|---|---|
|
Components referring Refering to disaggregated Frankurt SDNR architecture
- Affected containers are:SDNC/OAM/SDNR
- SDNRDB
- SDNRWEBArchitecture
Authentication of SDNC/OAM/SDNR client with
- SDNR → DMaaP/DCAE
- SDNR → SDNRDB
Authorization between containers
- password only or
- certificated base for client side authentication
Questions are
- How to provide password/certs?
- Using: Kubernetes Secrets?
- How to handle passwords inside container
- Hand over Kubernetes into container
- Hand over inside containter container to karaf/odl
- File or environment variable?
| Server/Component | supported auth method | comments |
|---|---|---|
| SDNC(Opendaylight) | basic auth (username,password) | |
| SDNC-Web (nginx) | basic auth ssl client cert | |
| SDNC-database (elasticsearch+nginx) | basic auth ssl client cert | |
| DMaaP Message Router | basic auth (HTTP) auth key (HTTP_AUTHKEY) | |
| AAI | ||
| DCAE | not important for us, only for devices |