+ONAP Installation in OpenStack Clouds via HEAT Template
+---
+
+The ONAP HEAT template spins up the entire ONAP platform in OpenStack-based clouds. The template, onap\_openstack.yaml, comes with an environment file, onap\_openstack.env, in which all the default values are defined.
+
+The HEAT template is composed of two sections: (i) parameters, and (ii) resources.
+
+ - The "parameters" section contains the declarations and descriptions of the parameters that will be used to spin up ONAP, such as public network identifier, URLs of code and artifacts repositories, etc. The default values of these parameters can be found in the environment file.
+
+ - The "resources" section contains the definitions of:
+ - ONAP Private Management Network, which is used by ONAP components to communicate with each other and with VNFs
+ - ONAP Virtual Machines (VMs)
+ - Public/private key pair used to access ONAP VMs
+ - Virtual interfaces towards the ONAP Private Management Network
+ - Disk volumes.
+
+Each VM specification includes Operating System image name, VM size (i.e. flavor), VM name, etc. Each VM has a virtual network interface with a private IP address in the ONAP Private Management network and a floating IP that OpenStack assigns based on availability.
+Furthermore, each VM runs an install.sh script that downloads and installs software dependencies (e.g. Java JDK, gcc, make, Python, ...). install.sh finally calls vm_init.sh that downloads docker containers from remote repositories and runs them.
+
+When the HEAT template is executed, the OpenStack HEAT engine creates the resources defined in the HEAT template, based on the parameter values defined in the environment file.
+
+Before running HEAT, it is necessary to customize the environment file. Indeed, some parameters, namely public\_net\_id, pub\_key, openstack\_tenant\_id, openstack\_username, and openstack\_api\_key, need to be set depending on the user's environment:
+
+ public_net_id: PUT YOUR NETWORK ID/NAME HERE
+ pub_key: PUT YOUR PUBLIC KEY HERE
+ openstack_tenant_id: PUT YOUR OPENSTACK PROJECT ID HERE
+ openstack_username: PUT YOUR OPENSTACK USERNAME HERE
+ openstack_api_key: PUT YOUR OPENSTACK PASSWORD HERE
+ horizon_url: PUT THE HORIZON URL HERE
+ keystone_url: PUT THE KEYSTONE URL HERE (do not include version number)
+
+
+openstack\_region parameter is set to RegionOne (OpenStack default). If your OpenStack is using another Region, please modify this parameter.
+
+public\_net\_id is the unique identifier (UUID) or name of the public network of the cloud provider. To get the public\_net\_id, use the following OpenStack CLI command (ext is the name of the external network, change it with the name of the external network of your installation)
+
+ openstack network list | grep ext | awk '{print $2}'
+
+pub\_key is the string value of the public key that will be installed in each ONAP VM. To create a public/private key pair in Linux, please execute the following instruction:
+
+ user@ubuntu:~$ ssh-keygen -t rsa
+
+The following operations to create the public/private key pair occur:
+
+ Generating public/private rsa key pair.
+ Enter file in which to save the key (/home/user/.ssh/id_rsa):
+ Created directory '/home/user/.ssh'.
+ Enter passphrase (empty for no passphrase):
+ Enter same passphrase again:
+ Your identification has been saved in /home/user/.ssh/id_rsa.
+ Your public key has been saved in /home/user/.ssh/id_rsa.pub.
+
+openstack\_username, openstack\_tenant\_id (password), and openstack\_api\_key are the user's credentials to access the OpenStack-based cloud.
+
+Some global parameters used for all components are also required:
+
+ ubuntu_1404_image: PUT THE UBUNTU 14.04 IMAGE NAME HERE
+ ubuntu_1604_image: PUT THE UBUNTU 16.04 IMAGE NAME HERE
+ flavor_small: PUT THE SMALL FLAVOR NAME HERE
+ flavor_medium: PUT THE MEDIUM FLAVOR NAME HERE
+ flavor_large: PUT THE LARGE FLAVOR NAME HERE
+ flavor_xlarge: PUT THE XLARGE FLAVOR NAME HERE
+
+To get the images in your OpenStack environment, use the following OpenStack CLI command:
+
+ openstack image list | grep 'ubuntu'
+
+To get the flavor names used in your OpenStack environment, use the following OpenStack CLI command:
+
+ openstack flavor list
+
+Some network parameters must be configured:
+
+ dns_list: PUT THE ADDRESS OF THE EXTERNAL DNS HERE (e.g. a comma-separated list of IP addresses in your /etc/resolv.conf in UNIX-based Operating Systems).
+ external_dns: PUT THE FIRST ADDRESS OF THE EXTERNAL DNS LIST HERE (THIS WILL BE DEPRECATED SOON)
+ dns_forwarder: PUT THE IP OF DNS FORWARDER FOR ONAP DEPLOYMENT'S OWN DNS SERVER
+ oam_network_cidr: 10.0.0.0/16
+
+ONAP installs a DNS server used to resolve IP addresses in the ONAP OAM private network. Originally, dns\_list and external\_dns were both used to circumvent some limitations of older OpenStack versions.
+
+DCAE requires a parameter called dcae\_deployment\_profile. It accepts one of the following values:
+ - R3MVP: Installs only the basic DCAE functionalities that will support the vFW/vDNS, vCPE and vVoLTE use cases;
+ - R3: Full DCAE installation;
+ - R3PLUS: This profile deploys the DCAE R3 stretch goal service components.
+
+The recommended DCAE profile for Casablanca Release is R3. For more information about DCAE deployment with HEAT, please refer to the ONAP documentation: https://onap.readthedocs.io/en/latest/submodules/dcaegen2.git/docs/sections/installation_heat.html
+
+The ONAP platform can be instantiated via Horizon (OpenStack dashboard) or Command Line.
+
+Instantiation via Horizon:
+
+ - Login to Horizon URL with your personal credentials
+ - Click "Stacks" from the "Orchestration" menu
+ - Click "Launch Stack"
+ - Paste or manually upload the HEAT template file (onap\_openstack.yaml) in the "Template Source" form
+ - Paste or manually upload the HEAT environment file (onap\_openstack.env) in the "Environment Source" form
+ - Click "Next"
+ - Specify a name in the "Stack Name" form
+ - Provide the password in the "Password" form
+ - Click "Launch"
+
+Instantiation via Command Line:
+
+ - Install the HEAT client on your machine, e.g. in Ubuntu (ref. http://docs.openstack.org/user-guide/common/cli-install-openstack-command-line-clients.html):
+
+ apt-get install python-dev python-pip
+ pip install python-heatclient # Install heat client
+ pip install python-openstackclient # Install the Openstack client to support multiple services
+
+ - Create a file (named i.e. ~/openstack/openrc) that sets all the environmental variables required to access the OpenStack platform:
+
+ export OS_AUTH_URL=INSERT THE AUTH URL HERE
+ export OS_USERNAME=INSERT YOUR USERNAME HERE
+ export OS_TENANT_ID=INSERT YOUR TENANT ID HERE
+ export OS_REGION_NAME=INSERT THE REGION HERE
+ export OS_PASSWORD=INSERT YOUR PASSWORD HERE
+
+ Alternatively, you can download the OpenStack RC file from the dashboard: Compute -> Access & Security -> API Access -> Download RC File
+
+ - Source the script or RC file from command line:
+
+ source ~/openstack/openrc
+
+ - In order to install the ONAP platform, type:
+
+ openstack stack create -t PATH_TO_HEAT_TEMPLATE(YAML FILE) -e PATH_TO_ENV_FILE STACK_NAME # New Openstack client, OR
+ heat stack-create STACK_NAME -f PATH_TO_HEAT_TEMPLATE(YAML FILE) -e PATH_TO_ENV_FILE # Old HEAT client
+
+
+vFirewall Use Case
+---
+
+The use case is composed of three virtual functions (VFs): packet generator, firewall, and traffic sink. These VFs run in three separate VMs. The packet generator sends packets to the packet sink through the firewall. The firewall reports the volume of traffic passing though to the ONAP DCAE collector. To check the traffic volume that lands at the sink VM, you can access the link http://sink\_ip\_address:667 through your browser and enable automatic page refresh by clicking the "Off" button. You can see the traffic volume in the charts.
+
+The packet generator includes a script that periodically generates different volumes of traffic. The closed-loop policy has been configured to re-adjust the traffic volume when high-water or low-water marks are crossed.
+
+__Closed-Loop for vFirewall demo:__
+
+Through the ONAP Portal's Policy Portal, we can find the configuration and operation policies that are currently enabled for the vFirewall use case.
+
+- The configuration policy sets the thresholds for generating an onset event from DCAE to the Policy engine. Currently, the high-water mark is set to 700 packets while the low-water mark is set to 300 packets. The measurement interval is set to 10 seconds.
+- When a threshold is crossed (i.e. the number of received packets is below 300 packets or above 700 packets per 10 seconds), the Policy engine executes the operational policy to request APPC to adjust the traffic volume to 500 packets per 10 seconds.
+- APPC sends a request to the packet generator to adjust the traffic volume.
+- Changes to the traffic volume can be observed through the link http://sink\_ip\_address:667.
+
+__Adjust packet generator:__
+
+The packet generator contains 10 streams: fw\_udp1, fw\_udp2, fw\_udp3, . . . , fw\_udp10. Each stream generates 100 packets per 10 seconds. A script in /opt/run\_traffic\_fw\_demo.sh on the packet generator VM starts automatically and alternates high traffic (i.e. 10 active streams at the same time) and low traffic (1 active stream) every 5 minutes.
+
+To enable a stream, include *{"id":"fw_udp1", "is-enabled":"true"}* in the *pg-stream* bracket.
+
+To adjust the traffic volume produced by the packet generator, run the following command in a shell, replacing PacketGen_IP in the HTTP argument with localhost (if you run it in the packet generator VM) or the packet generator IP address:
+
+
+ curl -X PUT -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -H "Cache-Control: no-cache" -d '{"pg-streams":{"pg-stream": [{"id":"fw_udp1", "is-enabled":"true"},{"id":"fw_udp2", "is-enabled":"true"},{"id":"fw_udp3", "is-enabled":"true"},{"id":"fw_udp4", "is-enabled":"true"},{"id":"fw_udp5", "is-enabled":"true"}]}}' "http://PacketGen_IP:8183/restconf/config/sample-plugin:sample-plugin/pg-streams"
+
+The command above enables 5 streams.
+
+
+vLoadBalancer/vDNS Use Case (old scale out use case)
+---
+
+The use case is composed of three VFs: packet generator, load balancer, and DNS server. These VFs run in three separate VMs. The packet generator issues DNS lookup queries that reach the DNS server via the load balancer. DNS replies reach the packet generator via the load balancer as well. The load balancer reports the average amount of traffic per DNS over a time interval to the DCAE collector. When the average amount of traffic per DNS server crosses a predefined threshold, the closed-loop is triggered and a new DNS server is instantiated.
+
+To test the application, you can run a DNS query from the packet generator VM:
+
+ dig @vLoadBalancer_IP host1.dnsdemo.onap.org