release vfc-nfvo-driver-vnfm-svnfm-huawei version 1.4.0

[vfc/nfvo/driver/vnfm/svnfm.git] / nokiav2 / docs / integration.rst

Integrate ONAP with Nokia VNFM
==============================

The following section describes how to integrate the Nokia
Virtualized Network Function Manager (VNFM) into ONAP.

Prepare the VNFM
----------------

* Start the VNFM.

 - The VNFM must be able to communicate with the ONAP VF-C interface, the
   virtualized infrastructure manager (VIM) and the virtualized network
   function (VNF), so the VNFM must have the correct network setup. The
   VNFM uses lifecycle notifications (LCNs) to notify the VF-C about the
   executed changes, therefore, the LCN zone of the VNFM must be configured
   so that the VNFM is able to reach the VF-C LCN interface.

* Register driver in CBAM

 - Using SSH, log in to the CloudBand Application Manager (CBAM) virtual
   machine as cbam user and determine the Keycloak auto-generated admin
   password with the following
   command:

.. code-block:: bash

   ectl get /cbam/cluster/components/keycloak/admin_credentials/password

 - Copy the printout of the command.

 - Access the Keycloak login page with the following
   URL: https://<cbamIp>/auth/admin where <cbamIp> is the FQDN or IP
   address assigned to CBAM node during instantiation. Optionally, it may
   contain a port, for example, cbam.mycompany.com:port or 1.2.3.4:port.

   Result: The Keycloak Administration Console login page loads up.

 - Log in to Keycloak with the 'admin' username and the auto-generated admin
   password you copied to clipboard, then change the auto-generated password
   and note the new password.

   Result: You are logged in to the Keycloak Administration Console.

 - Add a new client on Keycloak:

  - From the Configure menu, select Clients.

    - Result: The Clients pane appears.

  - Click Create.

    - Result: The Add Client pane appears.

  - Set the Client ID to onapClientId and click Save. Note the Client ID
    which will be referred to as <clientId>.

    - Result: The following notification appears: Success!
      The client has been created. The new client's profile page appears.

  - Customize the following settings for the newly created client:

    - Access Type: select confidential. Keycloak will generate a client
      secret that serves as a type of password for your client.

    - Make sure the following settings are ON: Standard Flow Enabled,
      Direct Access Grants Enabled, Service Accounts Enabled,
      Authorization Enabled

    - Type * in the Valid Redirect URIs field.

    - Click Save.

      - Result: The following notification appears: Success!
        Your changes have been saved to the client.

  - Note the Client Secret which will be referred to as <clientSecret>:

    - Select the Credentials tab.

    - From the Client Authenticator drop-down list, select the
      Client ID and Secret and check the value of Secret.

 - Add a new user on Keycloak:

  - From the Manage menu, select Users.

    - Result: The Users pane appears.

  - Click Add user and define the parameters for the creation:

    - Username: onap

      - Note the username, it will be referred to as <onapUsername>.

    - User Enabled: make sure it is On.

  - Click Save.

    - Result: The following notification appears: Success! The user
      has been created. The new user's profile page appears.

  - Create a password for the user: select the Credentials tab
    on the user profile and set the password.

    - Note: The user is prompted to change this password when
      logging in to CBAM for the first time.

  - Assign the "user" role to the created user:

    - Select the Role Mappings tab on the user profile.

    - Select the "user" role from the Available Roles box,
      then click Add selected.

 - Access the CBAM GUI login page with the following
   URL: https://<cbamIp> where <cbamIp> is the FQDN or IP address
   assigned to CBAM node during instantiation. Optionally, it may
   contain a port, for example, cbam.mycompany.com:port or 1.2.3.4:port.

 - Log in to CBAM GUI using the created user.

  - Change and note the password which will be referred to as <onapPassword>.

 - Using SSH, add SSL certificates for all VIM connections or disable
   certificate verification as follows:

  - For insecure connection (all certificates are automatically trusted)

   - execute the below commands in the following order:

.. code-block:: console

   sudo su -
   ectl set /cbam/cluster/components/tlm/insecure_vim_connection true
   ectl set /actions/reconfigure start
   journalctl -fu cbam-reconfigure.service

   - Wait for the "Started cbam-reconfigure.service." message.

  - For secure connection : read the CBAM documentation.

Prepare /ets/hosts file on your laptop
--------------------------------------

Note: This is an optional step with which it is easier to copy paste URLs

* Using the OpenStack Horizon Dashboard, find the ONAP servers you have
  deployed and note their IP addresses.

* Depending on your operating system, use the respective method to prepare
  an /ets/hosts file to link the DNS servers to the corresponding
  IP addresses, see the table below:

+-------------------+---------------------------------+
| IP address        | DNS entry                       |
+===================+=================================+
| <fill IP address> | portal.api.simpledemo.onap.org  |
+-------------------+---------------------------------+
| <fill IP address> | policy.api.simpledemo.onap.org  |
+-------------------+---------------------------------+
| <fill IP address> | sdc.api.simpledemo.onap.org     |
+-------------------+---------------------------------+
| <fill IP address> | vid.api.simpledemo.onap.org     |
+-------------------+---------------------------------+
| <fill IP address> | aai.api.simpledemo.onap.org     |
+-------------------+---------------------------------+
| <fill IP address> | msb.api.simpledemo.onap.org     |
+-------------------+---------------------------------+
| <fill IP address> | robot.api.simpledemo.onap.org   |
+-------------------+---------------------------------+

Add the VNFM driver to ONAP
---------------------------

- Locate and note the IP address of the MSB (MSB_IP) on the OpenStack Horizon
  Dashboard. Look at the VM instances of ONAP and find one with
  vm1-multi-service name. This is where the MSB is located.

- Create VIM in A&AI Note:

  - The VIM may already exist.

  - Repeat this step for all VIMs planned to be used.

 - Go to http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vim/vimView.html

   - Result: The ONAP platform opens.

 - On the platform, click Register.

   - Result: The registration form opens.

 - Fill in the fields.

   - Note: Cloud credentials are supplied by the VNF integrator.

   - To obtain the value of the Auth URL field and the tenant
     id (which will be required later), follow these steps:

     - Note: The actual steps depend on the OpenStack Dashboard
       version and vendor.

     - Go to OpenStack Horizon Dashboard.

     - Select the Project main tab.

     - Select the API Access tab.

     - Click View Credentials.

     - Copy the value of Authentication URL and paste it in the Auth URL field.

     - Note the value of Project ID: this is the <tenantId> which will be
       required later (Repeat this step for all tenants planned to be used
       within the VIM.)

 - Click Save.

   - Result: The driver has been successfully added.

- Create tenant

  - Note:

    - The tenant may already exist.

    - Repeat this step for all tenants planned to be used within the VIM.

 - Using a REST client of your choice, send a request to the following
   URL: https://aai.api.simpledemo.onap.org:8443/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/<cloudOwner>/<cloudRegion>/tenants/tenant/<tenantId>

   - download the content of the request:
     `aai.create.tenant.request.json <sample/aai.create.tenant.request.json>`

   - In the request URL and in the content of the request,
     substitute <tenantId>, <cloudRegion>
     and <cloudOwner> with the respective values.

   - HTTP method: PUT

   - Set the following values in the Header of the request:

     - basic auth AAI:AAI

     - X-FromAppId : any

     - X-TransactionId: any

     - Content-type: application/json

     - Accept: application/json

- Create customer in A&AI

 - Note:

   - The customer may already exists

 - Using a REST client of your choice, send a request to the following URL:  https://aai.api.simpledemo.onap.org:8443/aai/v11/business/customers/customer/123456

   - download the content of the request:
     `aai.create.customer.request.json <sample/aai.create.customer.request.json>`

   - In the downloaded content of the request,
     substitute <tenantName>, <tenantId>, <cloudRegion>
     and <cloudOwner> with the respective values.

   - HTTP method: PUT

   - Set the following values in the Header of the request:

     - basic auth AAI:AAI

     - X-FromAppId : any

     - X-TransactionId: any

     - Content-type: application/json

     - Accept: application/json

- Register the VNFM as an external system:

 - Access the following URL: http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vnfm/vnfmView.html

   - Result: The ONAP platform opens

 - The VNFM has four end points. These end points must be
   configured in the external system configuration of the VNFM.

  - Authentication endpoint: https://$CBAM_IP:443/auth/

  - Life-cycle management endpoint: https://<cbamIp>:443/vnfm/lcm/v3/

  - Life-cycle change notification endpoint: https://<cbamIp>:443/vnfm/lcn/v3/

  - Catalog endpoint: https://<cbamIp>:443/api/catalog/adapter/

 - On the platform, click Register.

   - Result: The registration form opens.

 - Fill in the fields as follows:

   - Note: Cloud credentials are supplied by the VNF integrator.

+-----------------+------------------------------------------+
| key             | Value                                    |
+-----------------+------------------------------------------+
| Name            | CbamVnfm                                 |
+-----------------+------------------------------------------+
| type            | NokiaSVNFM                               |
+-----------------+------------------------------------------+
| Vendor          | Nokia                                    |
+-----------------+------------------------------------------+
| version         | v1                                       |
+-----------------+------------------------------------------+
| URL             | <authUrl>_<lcmUrl>_<lcnUrl>_<catalogUrl> |
+-----------------+------------------------------------------+
| VIM             | <cloudOwner>_<cloudRegion>               |
+-----------------+------------------------------------------+
| certificate URL |                                          |
+-----------------+------------------------------------------+
| Username        | <onapUsername>_<clientId>                |
+-----------------+------------------------------------------+
| Password        | <onapPassword>_<clientSecret>            |
+-----------------+------------------------------------------+

 - Click Save.

   - Result: The registration has been completed.

 - Determine the UUID of the VNFM:

   - Using a REST client of your choice, send a request to the following URL:  https://aai.api.simpledemo.onap.org:8447/aai/v11/external-system/esr-vnfm-list/esr-vnfm?depth=all

   - HTTP method: GET

   - Set the following values in the Header of the request:

     - basic auth AAI:AAI

     - X-FromAppId : any

     - X-TransactionId: any

     - Content-type: application/json

     - Accept: application/json

   - Look for the previously registered VNFM and
     note the value of (vnfm-id) <vnfmId>.


Configure the SVNFM driver (generic)
------------------------------------

- Using SSH, download the CBAM SVNFM driver by executing the following command:
  docker pull https://nexus.onap.org/content/sites/raw/onap/vfc/nfvo/svnfm/nokiav2:1.1.0-STAGING-latest

- Determine the IMAGE ID:

 - Execute the following command: docker images

 - Find the required image and note the IMAGE ID.

- Start the driver:

 - Fill in the required values and execute the following:

.. code-block:: console

   export MULTI_NODE_IP=<multiNodeIp>
   export VNFM_ID=<vnfmId>
   export IMAGE_ID=<imageId>
   docker run --name vfc_nokia -p 8089:8089 -e "MSB_IP=$MULTI_NODE_IP" -e "CONFIGURE=kuku" -e "EXTERNAL_IP=$MULTI_NODE_IP" -e "VNFM_ID=$VNFM_ID" -d --stop-timeout 300 $IMAGE_ID

- Determine the identifier of the container:

 - Execute the following command: docker ps

 - Find the required container and note the
   CONTAINER ID (first column/first row on the list).

- Verify if the VNFM driver has been successfully
  started by executing the following commands:

.. code-block:: console

  execute docker exec -it <containerId> /bin/bash
  execute tail -f service.log

  - Result: The SVNFM integration is successful if the end of the command output contains "Started NokiaSvnfmApplication".

- Verify if the SVNFM is registered into MSB:

 - Go to http://msb.api.simpledemo.onap.org/msb

 - Check if NokiaSVNFM micro service is present in the boxes.


Configure the SVNFM driver (ONAP demo environment)
--------------------------------------------------
This step is executed instead of
the "Configure the SVNFM driver (generic)" in case of
an ONAP demo environment.

- Configure the already running instance:

 - Execute the following command:
   docker exec -it `docker ps | grep nokiav2 | awk '{print $1}'` /bin/bash

 - Edit /service/application.properties:

   - In this file, change the default values of the following
     keys to the correct values: vnfmId

 - Restart the VNFM service

   - Execute the following command:
     kill -9 `ps -ef | grep java | grep -v grep | awk '{print $2}'`