1 Integrate ONAP with Nokia VNFM
2 ==============================
4 The following section describes how to integrate the Nokia
5 Virtualized Network Function Manager (VNFM) into ONAP.
12 - The VNFM must be able to communicate with the ONAP VF-C interface, the
13 virtualized infrastructure manager (VIM) and the virtualized network
14 function (VNF), so the VNFM must have the correct network setup. The
15 VNFM uses lifecycle notifications (LCNs) to notify the VF-C about the
16 executed changes, therefore, the LCN zone of the VNFM must be configured
17 so that the VNFM is able to reach the VF-C LCN interface.
19 * Register driver in CBAM
21 - Using SSH, log in to the CloudBand Application Manager (CBAM) virtual
22 machine as cbam user and determine the Keycloak auto-generated admin
23 password with the following
28 ectl get /cbam/cluster/components/keycloak/admin_credentials/password
30 - Copy the printout of the command.
32 - Access the Keycloak login page with the following
33 URL: https://<cbamIp>/auth/admin where <cbamIp> is the FQDN or IP
34 address assigned to CBAM node during instantiation. Optionally, it may
35 contain a port, for example, cbam.mycompany.com:port or 1.2.3.4:port.
37 Result: The Keycloak Administration Console login page loads up.
39 - Log in to Keycloak with the 'admin' username and the auto-generated admin
40 password you copied to clipboard, then change the auto-generated password
41 and note the new password.
43 Result: You are logged in to the Keycloak Administration Console.
45 - Add a new client on Keycloak:
47 - From the Configure menu, select Clients.
49 - Result: The Clients pane appears.
53 - Result: The Add Client pane appears.
55 - Set the Client ID to onapClientId and click Save. Note the Client ID
56 which will be referred to as <clientId>.
58 - Result: The following notification appears: Success!
59 The client has been created. The new client's profile page appears.
61 - Customize the following settings for the newly created client:
63 - Access Type: select confidential. Keycloak will generate a client
64 secret that serves as a type of password for your client.
66 - Make sure the following settings are ON: Standard Flow Enabled,
67 Direct Access Grants Enabled, Service Accounts Enabled,
70 - Type * in the Valid Redirect URIs field.
74 - Result: The following notification appears: Success!
75 Your changes have been saved to the client.
77 - Note the Client Secret which will be referred to as <clientSecret>:
79 - Select the Credentials tab.
81 - From the Client Authenticator drop-down list, select the
82 Client ID and Secret and check the value of Secret.
84 - Add a new user on Keycloak:
86 - From the Manage menu, select Users.
88 - Result: The Users pane appears.
90 - Click Add user and define the parameters for the creation:
94 - Note the username, it will be referred to as <onapUsername>.
96 - User Enabled: make sure it is On.
100 - Result: The following notification appears: Success! The user
101 has been created. The new user's profile page appears.
103 - Create a password for the user: select the Credentials tab
104 on the user profile and set the password.
106 - Note: The user is prompted to change this password when
107 logging in to CBAM for the first time.
109 - Assign the "user" role to the created user:
111 - Select the Role Mappings tab on the user profile.
113 - Select the "user" role from the Available Roles box,
114 then click Add selected.
116 - Access the CBAM GUI login page with the following
117 URL: https://<cbamIp> where <cbamIp> is the FQDN or IP address
118 assigned to CBAM node during instantiation. Optionally, it may
119 contain a port, for example, cbam.mycompany.com:port or 1.2.3.4:port.
121 - Log in to CBAM GUI using the created user.
123 - Change and note the password which will be referred to as <onapPassword>.
125 - Using SSH, add SSL certificates for all VIM connections or disable
126 certificate verification as follows:
128 - For insecure connection (all certificates are automatically trusted)
130 - execute the below commands in the following order:
132 .. code-block:: console
135 ectl set /cbam/cluster/components/tlm/insecure_vim_connection true
136 ectl set /actions/reconfigure start
137 journalctl -fu cbam-reconfigure.service
139 - Wait for the "Started cbam-reconfigure.service." message.
141 - For secure connection : read the CBAM documentation.
143 Prepare /ets/hosts file on your laptop
144 --------------------------------------
146 Note: This is an optional step with which it is easier to copy paste URLs
148 * Using the OpenStack Horizon Dashboard, find the ONAP servers you have
149 deployed and note their IP addresses.
151 * Depending on your operating system, use the respective method to prepare
152 an /ets/hosts file to link the DNS servers to the corresponding
153 IP addresses, see the table below:
155 +-------------------+---------------------------------+
156 | IP address | DNS entry |
157 +===================+=================================+
158 | <fill IP address> | portal.api.simpledemo.onap.org |
159 +-------------------+---------------------------------+
160 | <fill IP address> | policy.api.simpledemo.onap.org |
161 +-------------------+---------------------------------+
162 | <fill IP address> | sdc.api.simpledemo.onap.org |
163 +-------------------+---------------------------------+
164 | <fill IP address> | vid.api.simpledemo.onap.org |
165 +-------------------+---------------------------------+
166 | <fill IP address> | aai.api.simpledemo.onap.org |
167 +-------------------+---------------------------------+
168 | <fill IP address> | msb.api.simpledemo.onap.org |
169 +-------------------+---------------------------------+
170 | <fill IP address> | robot.api.simpledemo.onap.org |
171 +-------------------+---------------------------------+
173 Add the VNFM driver to ONAP
174 ---------------------------
176 - Locate and note the IP address of the MSB (MSB_IP) on the OpenStack Horizon
177 Dashboard. Look at the VM instances of ONAP and find one with
178 vm1-multi-service name. This is where the MSB is located.
180 - Create VIM in A&AI Note:
182 - The VIM may already exist.
184 - Repeat this step for all VIMs planned to be used.
186 - Go to http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vim/vimView.html
188 - Result: The ONAP platform opens.
190 - On the platform, click Register.
192 - Result: The registration form opens.
194 - Fill in the fields.
196 - Note: Cloud credentials are supplied by the VNF integrator.
198 - To obtain the value of the Auth URL field and the tenant
199 id (which will be required later), follow these steps:
201 - Note: The actual steps depend on the OpenStack Dashboard
204 - Go to OpenStack Horizon Dashboard.
206 - Select the Project main tab.
208 - Select the API Access tab.
210 - Click View Credentials.
212 - Copy the value of Authentication URL and paste it in the Auth URL field.
214 - Note the value of Project ID: this is the <tenantId> which will be
215 required later (Repeat this step for all tenants planned to be used
220 - Result: The driver has been successfully added.
226 - The tenant may already exist.
228 - Repeat this step for all tenants planned to be used within the VIM.
230 - Using a REST client of your choice, send a request to the following
231 URL: https://aai.api.simpledemo.onap.org:8443/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/<cloudOwner>/<cloudRegion>/tenants/tenant/<tenantId>
233 - download the content of the request:
234 `aai.create.tenant.request.json <sample/aai.create.tenant.request.json>`
236 - In the request URL and in the content of the request,
237 substitute <tenantId>, <cloudRegion>
238 and <cloudOwner> with the respective values.
242 - Set the following values in the Header of the request:
248 - X-TransactionId: any
250 - Content-type: application/json
252 - Accept: application/json
254 - Create customer in A&AI
258 - The customer may already exists
260 - Using a REST client of your choice, send a request to the following URL: https://aai.api.simpledemo.onap.org:8443/aai/v11/business/customers/customer/123456
262 - download the content of the request:
263 `aai.create.customer.request.json <sample/aai.create.customer.request.json>`
265 - In the downloaded content of the request,
266 substitute <tenantName>, <tenantId>, <cloudRegion>
267 and <cloudOwner> with the respective values.
271 - Set the following values in the Header of the request:
277 - X-TransactionId: any
279 - Content-type: application/json
281 - Accept: application/json
283 - Register the VNFM as an external system:
285 - Access the following URL: http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vnfm/vnfmView.html
287 - Result: The ONAP platform opens
289 - The VNFM has four end points. These end points must be
290 configured in the external system configuration of the VNFM.
292 - Authentication endpoint: https://$CBAM_IP:443/auth/
294 - Life-cycle management endpoint: https://<cbamIp>:443/vnfm/lcm/v3/
296 - Life-cycle change notification endpoint: https://<cbamIp>:443/vnfm/lcn/v3/
298 - Catalog endpoint: https://<cbamIp>:443/api/catalog/adapter/
300 - On the platform, click Register.
302 - Result: The registration form opens.
304 - Fill in the fields as follows:
306 - Note: Cloud credentials are supplied by the VNF integrator.
308 +-----------------+------------------------------------------+
310 +-----------------+------------------------------------------+
312 +-----------------+------------------------------------------+
313 | type | NokiaSVNFM |
314 +-----------------+------------------------------------------+
316 +-----------------+------------------------------------------+
318 +-----------------+------------------------------------------+
319 | URL | <authUrl>_<lcmUrl>_<lcnUrl>_<catalogUrl> |
320 +-----------------+------------------------------------------+
321 | VIM | <cloudOwner>_<cloudRegion> |
322 +-----------------+------------------------------------------+
323 | certificate URL | |
324 +-----------------+------------------------------------------+
325 | Username | <onapUsername>_<clientId> |
326 +-----------------+------------------------------------------+
327 | Password | <onapPassword>_<clientSecret> |
328 +-----------------+------------------------------------------+
332 - Result: The registration has been completed.
334 - Determine the UUID of the VNFM:
336 - Using a REST client of your choice, send a request to the following URL: https://aai.api.simpledemo.onap.org:8447/aai/v11/external-system/esr-vnfm-list/esr-vnfm?depth=all
340 - Set the following values in the Header of the request:
346 - X-TransactionId: any
348 - Content-type: application/json
350 - Accept: application/json
352 - Look for the previously registered VNFM and
353 note the value of (vnfm-id) <vnfmId>.
356 Configure the SVNFM driver (generic)
357 ------------------------------------
359 - Using SSH, download the CBAM SVNFM driver by executing the following command:
360 docker pull https://nexus.onap.org/content/sites/raw/onap/vfc/nfvo/svnfm/nokiav2:1.1.0-STAGING-latest
362 - Determine the IMAGE ID:
364 - Execute the following command: docker images
366 - Find the required image and note the IMAGE ID.
370 - Fill in the required values and execute the following:
372 .. code-block:: console
374 export MULTI_NODE_IP=<multiNodeIp>
375 export VNFM_ID=<vnfmId>
376 export IMAGE_ID=<imageId>
377 docker run --name vfc_nokia -p 8089:8089 -e "MSB_IP=$MULTI_NODE_IP" -e "CONFIGURE=kuku" -e "EXTERNAL_IP=$MULTI_NODE_IP" -e "VNFM_ID=$VNFM_ID" -d --stop-timeout 300 $IMAGE_ID
379 - Determine the identifier of the container:
381 - Execute the following command: docker ps
383 - Find the required container and note the
384 CONTAINER ID (first column/first row on the list).
386 - Verify if the VNFM driver has been successfully
387 started by executing the following commands:
389 .. code-block:: console
391 execute docker exec -it <containerId> /bin/bash
392 execute tail -f service.log
394 - Result: The SVNFM integration is successful if the end of the command output contains "Started NokiaSvnfmApplication".
396 - Verify if the SVNFM is registered into MSB:
398 - Go to http://msb.api.simpledemo.onap.org/msb
400 - Check if NokiaSVNFM micro service is present in the boxes.
403 Configure the SVNFM driver (ONAP demo environment)
404 --------------------------------------------------
405 This step is executed instead of
406 the "Configure the SVNFM driver (generic)" in case of
407 an ONAP demo environment.
409 - Configure the already running instance:
411 - Execute the following command:
412 docker exec -it `docker ps | grep nokiav2 | awk '{print $1}'` /bin/bash
414 - Edit /service/application.properties:
416 - In this file, change the default values of the following
417 keys to the correct values: vnfmId
419 - Restart the VNFM service
421 - Execute the following command:
422 kill -9 `ps -ef | grep java | grep -v grep | awk '{print $2}'`