...
Assumption | Notes | Sign-off | |
---|---|---|---|
1 | Scope:
| This does not affect (bulk/batch) Read |
|
2 | Conflict Management Interface uses FDN | Conflict Management can support ANY format the Alternate ID can support (FDNs and/or URI-FDNs) |
|
3 | Request per second is per the existing numbers on NCMP |
|
Issues & Decisions
Issue | Notes | Decision | |
---|---|---|---|
1 | Uplift Ericsson source code (need permission) | CPS not allowed to lift // proprietary codes, we need to use pseudo code Gergely/team to support CPS with these codes | |
2 | Implement in REST or Service Layer ? | This is currently implemented as an in the Service |
layer in // | |
3 | Publish public |
To be discussed during proposal;
AP Toine Siebelink to create a page & collaborate with Gergely/Brian ( on initial proposal)
NCMP shall own and document. | |||
4 | Could we make this more generic to suit non-conflict-management use i.e. tbac... | Agreed to make it more generic to suit ALL the use cases | |
5 | Private properties are used to get FDN at the moment. | Will // provide us with registered Alternatid? Opensource does not support private property Peter Turcsanyi to revert TBC . // Confirmed they will implement all https://eteamproject.internal.ericsson.com/browse/IDUN-105467 |
|
6 | CPS-1992 - NCMP to Support New 3GPP sync single FDN request to support Conflict mgt | CPS-1992 - When delivered, this should also support conflict management | |
7 | Legacy and ongoing bulk/batch interface (dataJobs CPS-1964) are not in scope | Bulk/batch operation
| |
8 | Name for more generic interface | Suggestion: External Validation AP Kolawole Adebisi-Adeolokun to inform other stakeholders | New Interface name shall be PolicyExecution as agreed with stakeholders Kolawole Adebisi-Adeolokun kieran mccarthy Gergely Molnar |
9 | External Validation Request format | POST operation, all parameters in body, URL ? AP Toine Siebelink to create a page & collaborate with Gergely/Brian ( on initial proposal) | |
10 | Enable/service name discovery | config parameter with service name/address. AP Toine Siebelink to create a page & collaborate with Gergely/Brian ( on initial proposal) | |
11 | case sensitivity of parameters (payloadType, decision etc.) | following existing conventions in CPS/NCMP all parameter values are case sensitive and use lower snake e.g. |
cm_create, deny |
12 | Delivery Artefact | The new OpenAPI Interface definition wil be published on CPS Public Documentation Page. and through ONAP Gerrit. |
Requirements
Functional: new generic 'PolicyExecution' REST interface
This interface will NOT be implemented by CPS team except a stub for testing purposes
...
Documentation
...
NCMP own and clearly document interface using OpenAPI and RTD
...
...
Input Parameters:
- Bearer Token (header information?)
- Payloadtype
- Decisiontype
- Payload
- resourceIdentifier
- targetFdn
- changeRequest
...
Payloadtype can only be 'CM_Write' for now
Payloadtype can only be 'Allow' for now
Exact Payload to be defined during study but should be well defined and cannot depend on Java interface (even if it is the same now)
...
...
Output Parameters;
- Decision (enum: "allow", "deny")
- Message - Should return a 409. Standard HTTP response
- Decision id (String)
...
This is a New Generic interface that can support 'conflict handling'.
...
Functional: CPS Impacts
...
Brian Folan, Toine Siebelink agreed to use same as DMI ie. just 'deliver' to Doc and Repo | ||||||||||||
13 | Specify cmChangeRequest in more detail |
Toine Siebelink I am concerned this wil reduce the flexibility of this interface. Also, NCMP itself is NOT interested in eth actual change details so why enforce them in this interface... Csaba Kocsis 'id' and 'attributes' are a 3GPP conventions only | Zoltán Szabó Toine Siebelink Validation need on Impl. side but for flexibility this is not required in CPS/NCMP so we agreed to pass it as 'an object' | |||||||||
14 | How to feed back result of CM change to Policy Execution/Executor? | Consider the following scenario (from Brian Folan). There is an active policy for time based lock against an attribute on a specific cmHandle. A change is made to the attribute, triggering the time-based lock for x minutes, but the CM change fails after letting it through to the DMI due to any reason and it's not actually rolled out to the network. The policy engine would apply the lock and no subsequent changes are allowed for the duration of the lock, however no changes were made to the network. Should we feed back the result of a CM change to the Policy Engine? | Brian Folan Toine Siebelink agreed this is out of scope for this epic but can be considered later. Interface propsosal is flexible enough to extend for something like this in the future | |||||||||
15 | Choose URL format | Gergely Molnar prefers alternative a (with an 'action'): | Zoltán Szabó Toine Siebelink agreed on Alt.a. a simple URL, all data in body | |||||||||
16 | Optional cmHandleId and resourceIdentifier | Brian Folan: Cm Handle ID wil mean nothing for Ericsson Impl but can be logged. Resource Identifier can be 'convention' but they don't depend on it if the target fdn contains the 'complete' fdn | Brian Folan, Zoltán Lajos Kis Toine Siebelink CM Handle Id and Resource Identifier are optional. CPS/NCMP will add them when provided in the incoming interface | |||||||||
17 | request accepted content type | not defined (and wrong value copied in original proposal). Now suggested: application/json | Gergely Molnar Agreed (per email) | |||||||||
18 | definition 'enum' values | defined as strings in OpenAPI to allow for flexibility and allow impl updates without having to update (and release) the OpenAPI | Gergely Molnar Agreed (per email) | |||||||||
19 | enum value description examples | although not specified in the OPenAPI definition (as enums) The convention in CPS/NCMP so far is that all 'enum' values are in lower (snake) case (and treated case-sensitive) | Gergely Molnar Agreed (per email) | |||||||||
20 | authorization header compulsory | As per the proposal the OpenAPI now defined the 'Authorization' header as 'required'. This mean omission of this header will lead to a 400 Bad Request (and NOT 401 Unauthorized) as per Swagger/Spring generated Interface. See https://gerrit.onap.org/r/c/cps/+/138401/2/docs/api/swagger/policy-executor/openapi.yaml Lines #214-219 | Gergely Molnar , Toine Siebelink Agreed (per email) making the 'Authorization' header optional for more flexibility. | |||||||||
21 | cm_write shoudl be split? | possible options "cm_create" "cm_update" "cm_patch" "cm_delete" kieran mccarthy to decide |
Requirements
Functional: new generic 'PolicyExecution' REST interface
This interface will NOT be implemented by CPS team except a stub for testing purposes
Interface | Requirement | Additional Information | Signoff | |
---|---|---|---|---|
1 | PolicyExecution | Documentation | NCMP own and clearly document interface using OpenAPI and RTD | |
2 | PolicyExecution | Input Parameters:
| Payloadtype can only be 'CM_Write' for now Payloadtype can only be 'Allow' for now Exact Payload to be defined during study but should be well defined and cannot depend on Java interface (even if it is the same now) | |
3 | PolicyExecution | Output Parameters;
| This is a New Generic interface that can support 'conflict handling'. |
Excerpt | ||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Functional: CPS Impacts Policy Executor
Error Handling
Characteristics
|
Out of Scope
- Batch (bulk) interface methods and Execute a data operation for group of cm handle ids
- Data jobs (write) operations
Suggested User Stories
Description | Jira | ||||||||
---|---|---|---|---|---|---|---|---|---|
Agree, Define (and Publish) Open Source Interface for Policy Execution |
| ||||||||
Feature toggle and addressing configuration parameters (use logging instead of actual call to new interface) |
| ||||||||
Dummy Stub implementation (to allow for integration testing) |
| ||||||||
Use new interface in NCMP (use Stub to allow/disallow predefined names/patterns) |
| ||||||||
Handle non-responding policy executor (using watchdog?) TBC | |||||||||
Metrics | |||||||||
Update official documentation (when feature completed from OpenSource point-of-view) |
Solution Proposal
Policy Executor REST Interface
Alternative a. No Parameters in URL (all data in body)
URI: <server-address>/policy-executor/api/v1
Alternative b-2. Payload and decision Type in URL
remaining data in request body, no need for 'payload' object because the body = payload
URI: <server-address>/policy-executor/api/v1/<payload-type>/<decision-type>
e.g. myhost:1234//policy-executor/api/v1/CM_Write/Allow
Alternative b-2. Payload and decision Type in URL with variable names
remaining data in request body, no need for 'payload' object because the body = payload
URI: <server-address>/policy-executor/api/v1/payload/<payload-type>/decision/<decision-type>
e.g. myhost:1234//policy-executor/api/v1/payload/CM_Write/decision/Allow
...
...
...
NCMP to provide metrics on external validation
...
Error Handling
...
configurable default answer
...
This needs further investigation AP Gergely Molnar
Possible proposal:
- Implement watchdog similar to DMI health check
...
(Low prio)
No default behavior covered yet in //,
If not reachable - default accept/reject with specific message
...
Characteristics
...
- External Validation Response time depends on various response time at the moment
Out of Scope
- Batch (bulk) interface methods and Execute a data operation for group of cm handle ids
- Data jobs (write) operations
Suggested User Stories
- Agree, Define (and Publish) Open Source Interface for Policy Execution
- Feature toggle and addressing configuration parameters
- use logging instead of actual call to new intreface
- Dummy Stub implementation (to allow for integration testing)
- Use new interface in NCMP
- use Stub to allow/disallow predefined names/patterns
- Publish artefact as part of snapshot and release builds (TBC)
- Update official documentation (when feature completed from OpenSource point-of-view)
Solution Proposal
External Validation REST Interface
URI
TBC - Gergely Molnar /Brian ( To provide initial proposal)
Input Parameters
Name | Parent | Type | Example Value | Optional/Compulsory | Notes | ||||
---|---|---|---|---|---|---|---|---|---|
1 | action | url path | String | execute | Required | The policy action. Currently supported value: | |||
2 | Authorization | request (authorization header) | Authorization: Bearer | header | String | Bearer edaa8e7ce30f8904 | Required | required for tracking/ (future) authentication and to identify the source source (rApp) of the request | |
23 | payloadTyperequestType | body | String | CMcm_ Writecreate | Required | 'CM_Write' currently, the only support value | currently supported values: cm_create, cm_delete, cm_update, cm_patch | ||
43 |
| body | String | Allowpermit | Required | 'Allow' currently , the only supported value: permit | |||
45 |
| body | Object Array | Required | Object Array | Required | No needed if payload and decision are in URL | ||
6 | 5 |
| payload | String | F811AF64F5146DFC545EC60B73DE948E | Optional | Can be sent while cmHandle is used instead of alternateId NCMP will populate when available | ||
76 |
| payload | String | ericsson-enm-gnbdu:GNBDUFunctionManagedElement=Kista/GNBDUFunction=1/UECC=1 | RequiredOptional | Remainder of FDN ? NCMP will populate when available | |||
8 |
| 7 | targetFdn | payload | StringMEContext | =RadioNode-0001,ManagedElement=RadioNode-0001/Subnetwork=22/MeContext=Kista/ManagedElement=Kista/GNBDUFunction=1/UECC=1 | Required | Complete FDN representing the cm handle and the resource identifier ie point to the target of the change to 'CM-Handle' ?! | |
89 |
| payload | Object | {"Cell":[{"id":"Cell-id","attributes":{"administrativeState":"UNLOCKED"}}]} | Required | CM Change Request |
...
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
{ "payloadType": "CM_Write", "decisionType": "Allow", "payload": [ { "cmHandleId": "F811AF64F5146DFC545EC60B73DE948E", "resourceIdentifier": "some-resource-idGNBDUFunction=1/UECC=1", "targetFdn": "MEContext=RadioNode-K6_0001,ManagedElement=RadioNode-K6_0001/Subnetwork=22/MeContext=Kista/ManagedElement=Kista/GNBDUFunction=1/UECC=1", "cmChangeRequest": { "Cell": [ { "id": "Cell-id", "attributes": { "administrativeState": "UNLOCKED" } } ] } } ] } |
...
Name | Parent | Type | Example | Optional/Compulsory | Notes | |
---|---|---|---|---|---|---|
1 | decisionId | body | String | 550e8400-e29b-41d4-a716-446655440000 | Required | UUID |
2 | decision | body | String | Denydeny | Required | currently only 'Allow' and 'Deny' are supported (case sensitive ?!)supported values: permit, deny |
3 | message | body | String | to many updates | Optional |
How to use the Interface in NCMP
...