You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 22 Next »

Motivation: Having issues with MSO provisioning on Rackspace - need all REST API endpoints

Use or combine with Overall Deployment Architecture to determine what a fully functional set of VMs, processes and containers should look like for 1.0.0 and 1.1.0 - so we can be sure that the ONAP deployment is sound as much as possible before provisioning VFs.

Monitoring

We have monitoring currently in DCAE (5/11/17).  Proposed monitoring functionality is in Holmes (5/11/17) and ONAP Operations Manager / ONAP on Containers.  For the purposes of this demo, we would like to see some overall system/jvm/rest level monitoring while we exercise the demo.

One option is using New Relic agents.

Run the following (use your own account/token) on each VM (Note: JVM processes in docker containers will be visible to the host - so currently - until I run into issues - we don't need to expose extra ports on the containers)

    echo deb http://apt.newrelic.com/debian/ newrelic non-free >> /etc/apt/sources.list.d/newrelic.list

    wget -O- https://download.newrelic.com/548CIEEE16BF.gpg | apt-key add -

    apt-get update

    apt-get install newrelic-sysmond

    nrsysmond-config --set license_key=<akey>

    /etc/init.d/newrelic-sysmond start

Postman/Curl REST calls

Remember to load each server URL in chrome to accept the cert

VMNameReqRes
AAI
https://{{aai_ip}}:8443/aai/v8/business/customers/customer/Demonstration/service-subscriptions/service-subscription/vFW/service-instances/

{"service-instance": [{
"service-instance-id": "4ed1d78a-00c7-4493-89bc-a4d3e98247f7",
"service-instance-name": "DemoInstance",
"persona-model-id": "ea53cfa6-4429-41bc-8672-c36c4336aa75",
"persona-model-version": "1.0","resource-version": "1497379146",
"relationship-list": {"relationship": [{"related-to": "generic-vnf",
"related-link": "https://104.239.169.36:8443/aai/v8/network/generic-vnfs/generic-vnf/724feb61-37b0-4d40-bbbe-dc3655d27937/",
"relationship-data": [{"relationship-key": "generic-vnf.vnf-id","relationship-value": "724feb61-37b0-4d40-bbbe-dc3655d27937"}],
"related-to-property": [{"property-key": "generic-vnf.vnf-name","property-value": "DemoVNF"}]}]}}]}


DCAE
http://{{collector_ip}}:3904/events/unauthenticated.TCA_EVENT_OUTPUT/group3/sub1?timeout=30000

DCAE
http://{{collector_ip}}:3904/events/unauthenticated.SEC_MEASUREMENT_OUTPUT/group3/sub1?timeout=3000

MSO
http://{{mso_ip}}:8080/ecomp/mso/infra/orchestrationRequests/v2/?filter=serviceInstanceId%3AEQUALS%3A1cd30cb1-de2b-4ce5-9e82-2552e6bd92bc












Username / Password / Authorization Token

An aside: (I didn't realize or I forgot an aspect of base64 - dthat we could reverse engineer the password/username combination from the encoded <alphanumeric_token> in the header key:value = Authorization:Basic <alphanumeric_token>.  Again thanks Yves - use a public site like https://www.base64decode.org/  For example for MSO we take the token SW5mcmFQb3J0YWxDbGllbnQ6cGFzc3dvcmQxJA== and get InfraPortalClient:password1$ which is defined throughout the ONAP codebase in for example the VID DockerFile.

Prerequisites

If running postman https endpoints (some of our VM's run SSL like AAI - but MSO for example will still run straight HTTP) - trust the server certificate in Postman (thank you Yves): You won't be able to run an https endpoint until the certificate is trusted in Chrome - paste an https request into the browser - one time - to enable the trusted certificate in postman.

For example: postman will work against AAI after launching the following (your IP) in chrome

https://{{aai_ip}}:8443/aai/v8/cloud-infrastructure/cloud-regions/

For programmatic JAX-RS 2.0 clients add the following

// fix java.security.cert.CertificateException: No subject alternative names present
HostnameVerifier verifier = new HostnameVerifier() { public boolean verify(String hostname, SSLSession sslSession) { return true; // TODO: security breach }};

MSO VM

WIP: work in progress

An example get on a specific vFW VF from the demo.  In this case we use the cs0001 user to get the Vf Module ID from the edit page of a service instance's VF in VID


Postman

Request

Query API History for VF Module

GET /ecomp/mso/infra/orchestrationRequests/v2/?filter=vfModuleInstanceId%3AEQUALS%3A90e7cbda-053c-46fb-9df7-c8559c29299c HTTP/1.1
Host: 104.130.169.47:8080
Accept: application/json
Content-Type: application/json
X-FromAppId: AAI
X-TransactionId: get_aai_subscr
Authorization: Basic SW5mcmF›Qb3J0YWxDbGllbnQ6cGFzc3dvcmQxJA==
Cache-Control: no-cache
Postman-Token: 6afbd585-4b77-2e7a-71d0-5b99a0930a1e

http://104.130.169.47:8080/ecomp/mso/infra/orchestrationRequests/v2/?filter=vfModuleInstanceId%3AEQUALS%3A90e7cbda-053c-46fb-9df7-c8559c29299c

Postman

Response

{"requestList": [ {"request": {
"requestId": "8230aa5f-cbcf-492d-817a-37243475b46f",
"startTime": "Mon, 15 May 2017 12:25:25 GMT",
"requestScope": "vfModule",
"requestType": "createInstance",
"requestDetails": {"modelInfo": {
"modelCustomizationName": null,
"modelInvariantId": "ce3e0e4e-3189-4798-b4b2-f60f3d69e378",
"modelType": "vfModule",
"modelNameVersionId": "d55da365-52e2-47ee-8d48-011891909f4f",
"modelName": "AmdocsTestFirewall..base_vfw..module-0",
"modelVersion": "1"},......]}

curl

obrienbiometrics:onap michaelobrien$ curl -X GET -H "Authorization: Basic SW5mcmFQb3J0YWxDbGllbnQ6cGFzc3dvcmQxJA==" -H "Content-Type: application/json" -aH "Cache-Control" -d '' http://104.130.169.999:8080/ecomp/mso/infra/orchestrationRequests/v2/?filter=vfModuleInstanceId%3AEQUALS%3A90e7cbda-053c-46fb-9df7-c8559c29299c

{"requestList":[{"request":{"requestId":"8230aa5f-cbcf-492d-817a-37243475b46f","startTime":"Mon, 15 May 2017 12:25:25 GMT","requestScope":"vfModule","requestType":"createInstance","requestDetails":{"modelInfo":{"modelCustomizationName":null,"modelInvariantId":"ce3e0e4e-3189-4798-b4b2-f60f3d69e378","modelType":"vfModule","modelNameVersionId":"d55da365-52e2-47ee-8d48-011891909f4f","m......


AAI

GET /aai/v8/service-design-and-creation/services HTTP/1.1
Host: 104.239.234.999:8443
Accept: application/json
Content-Type: application/json
X-FromAppId: AAI
X-TransactionId: get_aai_subscr
Authorization: Basic QUFJOkFBSQ==
Cache-Control: no-cache
Postman-Token: 7c1b1415-e8e8-6701-dbef-f1994001e291

{"service": [{
"service-id": "c29f33c3-75d2-4210-8a71-0f805821c0cc",
"service-description": "vFW",
"resource-version": "1494850829"
},{
"service-id": "761805dd-19de-4e0b-8c72-33b77e6dbe1f",
"service-description": "vLB",
"resource-version": "1494850829"
}]}





Swagger API Endpoints

TODO: get swagger docs for all servers

This is an expanding list of API endpoints to verify your ONAP deployment - ideally we would post a postman config and environment file.

VMContainerext portURLuser:passgerrit source
SDNC

sdnc_controller_container

8282http://sdnc:8282/apidoc/explorer/index.htmladmin:Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U


Robot Healthcheck

There actually is a set of scripts already on the robot vm inside its docker container - currently attempting to get these to pass (won't check your VFs though)

root@16e8d4997655:/var/opt/OpenECOMP_ETE# ./runTags.sh -i health h -d ./html -V /share/config/robot_properties_ete.py

IDVMContainerProcessHealthcheck

AAI



MSO


Portals


Portal

SDC - http://sdnc:8843/user/listUsers

Demo VMs

ssh keys

The private key for the 3 vFW demo VM's is in /testsuite/robot/assets/keys/robot_ssh_private_key.pvt

obrienbiometrics:onap michaelobrien$ ssh -i robot_ssh_private_key.pvt root@172.99.67.148 

root@demofwl01pgn:~# history

Artifacts Required

  • log files for each VM and set of docker containers - or how to aggregate them - not necessarily at the SumoLogic level

  • VM/container or JVM health checks - ideally something like New Relic agents on the box
  • Would be nice to have something we can run on vm1-robot that would automate a healthcheck on all the containers


  • No labels