1 Integrate ONAP with Nokia VNFM
2 ==============================
4 The following section describes how to integrate the Nokia Virtualized Network Function Manager (VNFM) into ONAP.
11 - The VNFM must be able to communicate with the ONAP VF-C interface, the virtualized infrastructure manager (VIM) and the virtualized network function (VNF), so the VNFM must
12 have the correct network setup. The VNFM uses lifecycle notifications (LCNs) to notify the VF-C about the executed changes, therefore, the LCN zone of the
13 VNFM must be configured so that the VNFM is able to reach the VF-C LCN interface.
15 * Register driver in CBAM
17 - Using SSH, log in to the CloudBand Application Manager (CBAM) virtual machine as cbam user and determine the Keycloak
18 auto-generated admin password with the following command: ectl get /cbam/cluster/components/keycloak/admin_credentials/password
20 - Copy the printout of the command.
22 - Access the Keycloak login page with the following URL: https://<cbamIp>/auth/admin where <cbamIp> is the FQDN or IP
23 address assigned to CBAM node during instantiation. Optionally, it may contain a port, for example, cbam.mycompany.com:port or 1.2.3.4:port.
25 Result: The Keycloak Administration Console login page loads up.
27 - Log in to Keycloak with the 'admin' username and the auto-generated admin password you copied to clipboard, then change the auto-generated password and note the new password.
29 Result: You are logged in to the Keycloak Administration Console.
31 - Add a new client on Keycloak:
33 - From the Configure menu, select Clients.
35 - Result: The Clients pane appears.
39 - Result: The Add Client pane appears.
41 - Set the Client ID to onapClientId and click Save. Note the Client ID which will be referred to as <clientId>.
43 - Result: The following notification appears: Success! The client has been created. The new client's profile page appears.
45 - Customize the following settings for the newly created client:
47 - Access Type: select confidential. Keycloak will generate a client secret that serves as a type of password for your client.
49 - Make sure the following settings are ON: Standard Flow Enabled, Direct Access Grants Enabled, Service Accounts Enabled, Authorization Enabled
51 - Type * in the Valid Redirect URIs field.
55 - Result: The following notification appears: Success! Your changes have been saved to the client.
57 - Note the Client Secret which will be referred to as <clientSecret>:
59 - Select the Credentials tab.
61 - From the Client Authenticator drop-down list, select the Client ID and Secret and check the value of Secret.
63 - Add a new user on Keycloak:
65 - From the Manage menu, select Users.
67 - Result: The Users pane appears.
69 - Click Add user and define the parameters for the creation:
73 - Note the username, it will be referred to as <onapUsername>.
75 - User Enabled: make sure it is On.
79 - Result: The following notification appears: Success! The user has been created. The new user's profile page appears.
81 - Create a password for the user: select the Credentials tab on the user profile and set the password.
83 - Note: The user is prompted to change this password when logging in to CBAM for the first time.
85 - Assign the "user" role to the created user:
87 - Select the Role Mappings tab on the user profile.
89 - Select the "user" role from the Available Roles box, then click Add selected.
91 - Access the CBAM GUI login page with the following URL: https://<cbamIp> where <cbamIp> is the FQDN or IP address assigned to CBAM node during instantiation. Optionally, it may contain a port, for example, cbam.mycompany.com:port or 1.2.3.4:port.
93 - Log in to CBAM GUI using the created user.
95 - Change and note the password which will be referred to as <onapPassword>.
97 - Using SSH, add SSL certificates for all VIM connections or disable certificate verification as follows:
99 - For insecure connection (all certificates are automatically trusted)
101 - execute the below commands in the following order:
103 .. code-block:: console
106 ectl set /cbam/cluster/components/tlm/insecure_vim_connection true
107 ectl set /actions/reconfigure start
108 journalctl -fu cbam-reconfigure.service
110 - Wait for the "Started cbam-reconfigure.service." message.
112 - For secure connection : read the CBAM documentation.
114 Prepare /ets/hosts file on your laptop
115 --------------------------------------
117 Note: This is an optional step with which it is easier to copy paste URLs
119 * Using the OpenStack Horizon Dashboard, find the ONAP servers you have deployed and note their IP addresses.
121 * Depending on your operating system, use the respective method to prepare an /ets/hosts file to link the DNS servers to the corresponding IP addresses, see the table below:
123 +-------------------+---------------------------------+
124 | IP address | DNS entry |
125 +===================+=================================+
126 | <fill IP address> | portal.api.simpledemo.onap.org |
127 +-------------------+---------------------------------+
128 | <fill IP address> | policy.api.simpledemo.onap.org |
129 +-------------------+---------------------------------+
130 | <fill IP address> | sdc.api.simpledemo.onap.org |
131 +-------------------+---------------------------------+
132 | <fill IP address> | vid.api.simpledemo.onap.org |
133 +-------------------+---------------------------------+
134 | <fill IP address> | aai.api.simpledemo.onap.org |
135 +-------------------+---------------------------------+
136 | <fill IP address> | msb.api.simpledemo.onap.org |
137 +-------------------+---------------------------------+
138 | <fill IP address> | robot.api.simpledemo.onap.org |
139 +-------------------+---------------------------------+
141 Add the VNFM driver to ONAP
142 ---------------------------
144 - Locate and note the IP address of the MSB (MSB_IP) on the OpenStack Horizon Dashboard. Look at the VM instances of ONAP and find one with vm1-multi-service name. This is where the MSB is located.
146 - Create VIM in A&AI Note:
148 - The VIM may already exist.
150 - Repeat this step for all VIMs planned to be used.
152 - Go to http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vim/vimView.html
154 - Result: The ONAP platform opens.
156 - On the platform, click Register.
158 - Result: The registration form opens.
160 - Fill in the fields.
162 - Note: Cloud credentials are supplied by the VNF integrator.
164 - To obtain the value of the Auth URL field and the tenant id (which will be required later), follow these steps:
166 - Note: The actual steps depend on the OpenStack Dashboard version and vendor.
168 - Go to OpenStack Horizon Dashboard.
170 - Select the Project main tab.
172 - Select the API Access tab.
174 - Click View Credentials.
176 - Copy the value of Authentication URL and paste it in the Auth URL field.
178 - Note the value of Project ID: this is the <tenantId> which will be required later (Repeat this step for all tenants planned to be used within the VIM.)
182 - Result: The driver has been successfully added.
188 - The tenant may already exist.
190 - Repeat this step for all tenants planned to be used within the VIM.
192 - Using a REST client of your choice, send a request to the following URL: https://aai.api.simpledemo.onap.org:8443/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/<cloudOwner>/<cloudRegion>/tenants/tenant/<tenantId>
194 - download the content of the request: `aai.create.tenant.request.json <sample/aai.create.tenant.request.json>`
196 - In the request URL and in the content of the request, substitute <tenantId>, <cloudRegion> and <cloudOwner> with the respective values.
200 - Set the following values in the Header of the request:
206 - X-TransactionId: any
208 - Content-type: application/json
210 - Accept: application/json
212 - Create customer in A&AI
216 - The customer may already exists
218 - Using a REST client of your choice, send a request to the following URL: https://aai.api.simpledemo.onap.org:8443/aai/v11/business/customers/customer/123456
220 - download the content of the request: `aai.create.customer.request.json <sample/aai.create.customer.request.json>`
222 - In the downloaded content of the request, substitute <tenantName>, <tenantId>, <cloudRegion> and <cloudOwner> with the respective values.
226 - Set the following values in the Header of the request:
232 - X-TransactionId: any
234 - Content-type: application/json
236 - Accept: application/json
238 - Register the VNFM as an external system:
240 - Access the following URL: http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vnfm/vnfmView.html
242 - Result: The ONAP platform opens
244 - The VNFM has four end points. These end points must be configured in the external system configuration of the VNFM.
246 - Authentication endpoint: https://$CBAM_IP:443/auth/
248 - Life-cycle management endpoint: https://<cbamIp>:443/vnfm/lcm/v3/
250 - Life-cycle change notification endpoint: https://<cbamIp>:443/vnfm/lcn/v3/
252 - Catalog endpoint: https://<cbamIp>:443/api/catalog/adapter/
254 - On the platform, click Register.
256 - Result: The registration form opens.
258 - Fill in the fields as follows:
260 - Note: Cloud credentials are supplied by the VNF integrator.
262 +-----------------+------------------------------------------+
264 +-----------------+------------------------------------------+
266 +-----------------+------------------------------------------+
267 | type | NokiaSVNFM |
268 +-----------------+------------------------------------------+
270 +-----------------+------------------------------------------+
272 +-----------------+------------------------------------------+
273 | URL | <authUrl>_<lcmUrl>_<lcnUrl>_<catalogUrl> |
274 +-----------------+------------------------------------------+
275 | VIM | <cloudOwner>_<cloudRegion> |
276 +-----------------+------------------------------------------+
277 | certificate URL | |
278 +-----------------+------------------------------------------+
279 | Username | <onapUsername>_<clientId> |
280 +-----------------+------------------------------------------+
281 | Password | <onapPassword>_<clientSecret> |
282 +-----------------+------------------------------------------+
286 - Result: The registration has been completed.
288 - Determine the UUID of the VNFM:
290 - Using a REST client of your choice, send a request to the following URL: https://aai.api.simpledemo.onap.org:8447/aai/v11/external-system/esr-vnfm-list/esr-vnfm?depth=all
294 - Set the following values in the Header of the request:
300 - X-TransactionId: any
302 - Content-type: application/json
304 - Accept: application/json
306 - Look for the previously registered VNFM and note the value of (vnfm-id) <vnfmId>.
309 Configure the SVNFM driver (generic)
310 ------------------------------------
312 - Using SSH, download the CBAM SVNFM driver by executing the following command:
313 docker pull https://nexus.onap.org/content/sites/raw/onap/vfc/nfvo/svnfm/nokiav2:1.1.0-STAGING-latest
315 - Determine the IMAGE ID:
317 - Execute the following command: docker images
319 - Find the required image and note the IMAGE ID.
323 - Fill in the required values and execute the following:
325 .. code-block:: console
327 export MULTI_NODE_IP=<multiNodeIp>
328 export VNFM_ID=<vnfmId>
329 export IMAGE_ID=<imageId>
330 docker run --name vfc_nokia -p 8089:8089 -e "MSB_IP=$MULTI_NODE_IP" -e "CONFIGURE=kuku" -e "EXTERNAL_IP=$MULTI_NODE_IP" -e "VNFM_ID=$VNFM_ID" -d --stop-timeout 300 $IMAGE_ID
332 - Determine the identifier of the container:
334 - Execute the following command: docker ps
336 - Find the required container and note the CONTAINER ID (first column/first row on the list).
338 - Verify if the VNFM driver has been successfully started by executing the following commands:
340 .. code-block:: console
342 execute docker exec -it <containerId> /bin/bash
343 execute tail -f service.log
345 - Result: The SVNFM integration is successful if the end of the command output contains "Started NokiaSvnfmApplication".
347 - Verify if the SVNFM is registered into MSB:
349 - Go to http://msb.api.simpledemo.onap.org/msb
351 - Check if NokiaSVNFM micro service is present in the boxes.
354 Configure the SVNFM driver (ONAP demo environment)
355 --------------------------------------------------
356 This step is executed instead of the "Configure the SVNFM driver (generic)" in case of an ONAP demo environment.
358 - Configure the already running instance:
360 - Execute the following command: docker exec -it `docker ps | grep nokiav2 | awk '{print $1}'` /bin/bash
362 - Edit /service/application.properties:
364 - In this file, change the default values of the following keys to the correct values: vnfmId
366 - Restart the VNFM service
368 - Execute the following command: kill -9 `ps -ef | grep java | grep -v grep | awk '{print $2}'`