Integrate ONAP with Nokia VNFM
==============================
-Prepare CBAM
-------------
+The following section describes how to integrate the Nokia Virtualized Network Function Manager (VNFM) into ONAP.
-* Start CBAM in ONAP network
+Prepare the VNFM
+----------------
- - via image: (read the CBAM installation guide)
+* Start the VNFM.
+
+ - The VNFM must be able to communicate with the ONAP VF-C interface, the virtualized infrastructure manager (VIM) and the virtualized network function (VNF), so the VNFM must
+ have the correct network setup. The VNFM uses lifecycle notifications (LCNs) to notify the VF-C about the executed changes, therefore, the LCN zone of the
+ VNFM must be configured so that the VNFM is able to reach the VF-C LCN interface.
* Register driver in CBAM
- - Log into CBAM via SSH and get keycloak admin password
+ - Using SSH, log in to the CloudBand Application Manager (CBAM) virtual machine as cbam user and determine the Keycloak
+ auto-generated admin password with the following command: ectl get /cbam/cluster/components/keycloak/admin_credentials/password
+
+ - Copy the printout of the command.
+
+ - Access the Keycloak login page with the following URL: https://<cbamIp>/auth/admin where <cbamIp> is the FQDN or IP
+ address assigned to CBAM node during instantiation. Optionally, it may contain a port, for example, cbam.mycompany.com:port or 1.2.3.4:port.
+
+ Result: The Keycloak Administration Console login page loads up.
+
+ - Log in to Keycloak with the 'admin' username and the auto-generated admin password you copied to clipboard, then change the auto-generated password and note the new password.
+
+ Result: You are logged in to the Keycloak Administration Console.
+
+ - Add a new client on Keycloak:
+
+ - From the Configure menu, select Clients.
+
+ - Result: The Clients pane appears.
+
+ - Click Create.
+
+ - Result: The Add Client pane appears.
+
+ - Set the Client ID to onapClientId and click Save. Note the Client ID which will be referred to as <clientId>.
+
+ - Result: The following notification appears: Success! The client has been created. The new client's profile page appears.
+
+ - Customize the following settings for the newly created client:
+
+ - Access Type: select confidential. Keycloak will generate a client secret that serves as a type of password for your client.
- - ectl get /cbam/cluster/components/keycloak/admin_credentials/password
+ - Make sure the following settings are ON: Standard Flow Enabled, Direct Access Grants Enabled, Service Accounts Enabled, Authorization Enabled
- - Log into keycloak https://<cbamIp>/auth/admin with admin username and password from previous step and change password (save the changed password)
- - Add a new client
+ - Type * in the Valid Redirect URIs field.
- - set client id to onapClient
- - change credential type to confidental
- - enable Standard Flow Enabled, Direct Access Grants Enabled, Service Accounts Enabled
- - add * for redirect URL
- - save
- - note the client id <clientId>
- - add new credential
- - note the client secret <clientSecret>
+ - Click Save.
- - Add a new user
+ - Result: The following notification appears: Success! Your changes have been saved to the client.
- - note the username <onapUsername>
- - reset password
- - assign the "user" role to the created user
+ - Note the Client Secret which will be referred to as <clientSecret>:
- - Log into CBAM GUI usin the created user
+ - Select the Credentials tab.
- - change and note the password <onapPassword>
+ - From the Client Authenticator drop-down list, select the Client ID and Secret and check the value of Secret.
- - Add SSL certificates for all VIM connection or disable certificate verification
+ - Add a new user on Keycloak:
- - For insecure
+ - From the Manage menu, select Users.
- - sudo su -
- - ectl set /cbam/cluster/components/tlm/insecure_vim_connection true
- - ectl set /actions/reconfigure start
- - journalctl -fu cbam-reconfigure.service
- - (wait for "Started cbam-reconfigure.service.")
+ - Result: The Users pane appears.
- - For secure: (read CBAM documentation)
+ - Click Add user and define the parameters for the creation:
-Prepare /ets/hosts file on your machine (optional easier to copy paste URLs)
-----------------------------------------------------------------------------
+ - Username: onap
-+--------------+---------------------------------+
-| IP address | DNS entry |
-+==============+=================================+
-| 1.2.3.4 | portal.api.simpledemo.onap.org |
-+--------------+---------------------------------+
-| 1.2.3.4 | policy.api.simpledemo.onap.org |
-+--------------+---------------------------------+
-| 1.2.3.4 | sdc.api.simpledemo.onap.org |
-+--------------+---------------------------------+
-| 1.2.3.4 | vid.api.simpledemo.onap.org |
-+--------------+---------------------------------+
-| 1.2.3.4 | aai.api.simpledemo.onap.org |
-+--------------+---------------------------------+
-| 1.2.3.4 | msb.api.simpledemo.onap.org |
-+--------------+---------------------------------+
-| 1.2.3.4 | robot.api.simpledemo.onap.org |
-+--------------+---------------------------------+
+ - Note the username, it will be referred to as <onapUsername>.
+ - User Enabled: make sure it is On.
+
+ - Click Save.
+
+ - Result: The following notification appears: Success! The user has been created. The new user's profile page appears.
+
+ - Create a password for the user: select the Credentials tab on the user profile and set the password.
+
+ - Note: The user is prompted to change this password when logging in to CBAM for the first time.
+
+ - Assign the "user" role to the created user:
+
+ - Select the Role Mappings tab on the user profile.
+
+ - Select the "user" role from the Available Roles box, then click Add selected.
+
+ - Access the CBAM GUI login page with the following URL: https://<cbamIp> where <cbamIp> is the FQDN or IP address assigned to CBAM node during instantiation. Optionally, it may contain a port, for example, cbam.mycompany.com:port or 1.2.3.4:port.
+
+ - Log in to CBAM GUI using the created user.
+
+ - Change and note the password which will be referred to as <onapPassword>.
+
+ - Using SSH, add SSL certificates for all VIM connections or disable certificate verification as follows:
+
+ - For insecure connection (all certificates are automatically trusted)
+
+ - execute the below commands in the following order:
+
+.. code-block:: console
+
+ sudo su -
+ ectl set /cbam/cluster/components/tlm/insecure_vim_connection true
+ ectl set /actions/reconfigure start
+ journalctl -fu cbam-reconfigure.service
+
+ - Wait for the "Started cbam-reconfigure.service." message.
+
+ - For secure connection : read the CBAM documentation.
+
+Prepare /ets/hosts file on your laptop
+--------------------------------------
+
+Note: This is an optional step with which it is easier to copy paste URLs
+
+* Using the OpenStack Horizon Dashboard, find the ONAP servers you have deployed and note their IP addresses.
+
+* Depending on your operating system, use the respective method to prepare an /ets/hosts file to link the DNS servers to the corresponding IP addresses, see the table below:
+
++-------------------+---------------------------------+
+| IP address | DNS entry |
++===================+=================================+
+| <fill IP address> | portal.api.simpledemo.onap.org |
++-------------------+---------------------------------+
+| <fill IP address> | policy.api.simpledemo.onap.org |
++-------------------+---------------------------------+
+| <fill IP address> | sdc.api.simpledemo.onap.org |
++-------------------+---------------------------------+
+| <fill IP address> | vid.api.simpledemo.onap.org |
++-------------------+---------------------------------+
+| <fill IP address> | aai.api.simpledemo.onap.org |
++-------------------+---------------------------------+
+| <fill IP address> | msb.api.simpledemo.onap.org |
++-------------------+---------------------------------+
+| <fill IP address> | robot.api.simpledemo.onap.org |
++-------------------+---------------------------------+
Add the VNFM driver to ONAP
---------------------------
-- Locate the IP address of the MSB (MSB_IP). Look at the VM instances of ONAP and search one with vm1-multi-service name. This is where the MSB is located
-- Create VIM in A&AI (may already exist) (repeat for all clouds planed to be used)
+- Locate and note the IP address of the MSB (MSB_IP) on the OpenStack Horizon Dashboard. Look at the VM instances of ONAP and find one with vm1-multi-service name. This is where the MSB is located.
- - http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vim/vimView.html
+- Create VIM in A&AI Note:
-- Determine the tenant id to be used (log into the cloud) (repeat for all tenants planed to be used within the cloud)
+ - The VIM may already exist.
- - http://<horizonUrl>/project/access_and_security/ Intentity / Projects
+ - Repeat this step for all VIMs planned to be used.
-- Create tenant (may already exist) (repeat for all tenants planed to be used within the cloud)
+ - Go to http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vim/vimView.html
- + tool: Postman
- + change tenant id, region id owner id
- + method: PUT
- + url: https://aai.api.simpledemo.onap.org:8443/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/<cloudOwner>/<cloudRegion>/tenants/tenant/<tenantId>
- + Headers
+ - Result: The ONAP platform opens.
- - basic auth AAI:AAI
- - X-FromAppId : any
- - Content-type: application/json
- - Accept: application/json
+ - On the platform, click Register.
- - Content: :download:`aai.create.tenant.request.json <sample/aai.create.tenant.request.json>`
+ - Result: The registration form opens.
- - change tenant id, region id owner id and tenant name
+ - Fill in the fields.
-- Register the VNFM as external system (repeat for all cloud planed to be used)
+ - Note: Cloud credentials are supplied by the VNF integrator.
- - Visit MSB http://msb.api.simpledemo.onap.org:9518/api/aai-esr-server/v1/vims
+ - To obtain the value of the Auth URL field and the tenant id (which will be required later), follow these steps:
- - note the cloud owner field <cloudOwner>
- - note the region id field <cloudRegionId>
+ - Note: The actual steps depend on the OpenStack Dashboard version and vendor.
- - Visit MSB http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vnfm/vnfmView.html and click on register button
+ - Go to OpenStack Horizon Dashboard.
-+-----------------+-----------------------------------+
-| key | Value |
-+-----------------+-----------------------------------+
-| Name | CbamVnfm |
-+-----------------+-----------------------------------+
-| type | NokiaSVNFM |
-+-----------------+-----------------------------------+
-| Vendor | Nokia |
-+-----------------+-----------------------------------+
-| version | v1 |
-+-----------------+-----------------------------------+
-| URL | https://<cbamIp>:443/vnfm/lcm/v3 |
-+-----------------+-----------------------------------+
-| VIM | <cloudOwner>_<cloudRegionId> |
-+-----------------+-----------------------------------+
-| certificate URL | |
-+-----------------+-----------------------------------+
-| Username | <clientId> |
-+-----------------+-----------------------------------+
-| Password | <clientSecret> |
-+-----------------+-----------------------------------+
+ - Select the Project main tab.
- - Determine the UUID of the VNFM (if the VNFM was registered multiple times select one at random)
+ - Select the API Access tab.
- - visit http://msb.api.simpledemo.onap.org:9518/api/aai-esr-server/v1/vnfms and search for the previously registered VNFM
- - note the id field <vnfmId>
+ - Click View Credentials.
- - Download the cbam driver into ONAP multi service node
- - Load the image into docker and note the image identifier <imageId>
+ - Copy the value of Authentication URL and paste it in the Auth URL field.
-.. code-block:: console
+ - Note the value of Project ID: this is the <tenantId> which will be required later (Repeat this step for all tenants planned to be used within the VIM.)
+
+ - Click Save.
+
+ - Result: The driver has been successfully added.
+
+- Create tenant
+
+ - Note:
+
+ - The tenant may already exist.
+
+ - Repeat this step for all tenants planned to be used within the VIM.
+
+ - Using a REST client of your choice, send a request to the following URL: https://aai.api.simpledemo.onap.org:8443/aai/v11/cloud-infrastructure/cloud-regions/cloud-region/<cloudOwner>/<cloudRegion>/tenants/tenant/<tenantId>
+
+ - download the content of the request: `aai.create.tenant.request.json <sample/aai.create.tenant.request.json>`
+
+ - In the request URL and in the content of the request, substitute <tenantId>, <cloudRegion> and <cloudOwner> with the respective values.
+
+ - HTTP method: PUT
+
+ - Set the following values in the Header of the request:
+
+ - basic auth AAI:AAI
+
+ - X-FromAppId : any
+
+ - X-TransactionId: any
+
+ - Content-type: application/json
+
+ - Accept: application/json
+
+- Create customer in A&AI
+
+ - Note:
+
+ - The customer may already exists
+
+ - Using a REST client of your choice, send a request to the following URL: https://aai.api.simpledemo.onap.org:8443/aai/v11/business/customers/customer/123456
- docker load -i /tmp/nokia.img
+ - download the content of the request: `aai.create.customer.request.json <sample/aai.create.customer.request.json>`
-Start the driver (fill in values)
+ - In the downloaded content of the request, substitute <tenantName>, <tenantId>, <cloudRegion> and <cloudOwner> with the respective values.
+
+ - HTTP method: PUT
+
+ - Set the following values in the Header of the request:
+
+ - basic auth AAI:AAI
+
+ - X-FromAppId : any
+
+ - X-TransactionId: any
+
+ - Content-type: application/json
+
+ - Accept: application/json
+
+- Register the VNFM as an external system:
+
+ - Access the following URL: http://msb.api.simpledemo.onap.org/iui/aai-esr-gui/extsys/vnfm/vnfmView.html
+
+ - Result: The ONAP platform opens
+
+ - The VNFM has four end points. These end points must be configured in the external system configuration of the VNFM.
+
+ - Authentication endpoint: https://$CBAM_IP:443/auth/
+
+ - Life-cycle management endpoint: https://<cbamIp>:443/vnfm/lcm/v3/
+
+ - Life-cycle change notification endpoint: https://<cbamIp>:443/vnfm/lcn/v3/
+
+ - Catalog endpoint: https://<cbamIp>:443/api/catalog/adapter/
+
+ - On the platform, click Register.
+
+ - Result: The registration form opens.
+
+ - Fill in the fields as follows:
+
+ - Note: Cloud credentials are supplied by the VNF integrator.
+
++-----------------+------------------------------------------+
+| key | Value |
++-----------------+------------------------------------------+
+| Name | CbamVnfm |
++-----------------+------------------------------------------+
+| type | NokiaSVNFM |
++-----------------+------------------------------------------+
+| Vendor | Nokia |
++-----------------+------------------------------------------+
+| version | v1 |
++-----------------+------------------------------------------+
+| URL | <authUrl>_<lcmUrl>_<lcnUrl>_<catalogUrl> |
++-----------------+------------------------------------------+
+| VIM | <cloudOwner>_<cloudRegion> |
++-----------------+------------------------------------------+
+| certificate URL | |
++-----------------+------------------------------------------+
+| Username | <onapUsername>_<clientId> |
++-----------------+------------------------------------------+
+| Password | <onapPassword>_<clientSecret> |
++-----------------+------------------------------------------+
+
+ - Click Save.
+
+ - Result: The registration has been completed.
+
+ - Determine the UUID of the VNFM:
+
+ - Using a REST client of your choice, send a request to the following URL: https://aai.api.simpledemo.onap.org:8447/aai/v11/external-system/esr-vnfm-list/esr-vnfm?depth=all
+
+ - HTTP method: GET
+
+ - Set the following values in the Header of the request:
+
+ - basic auth AAI:AAI
+
+ - X-FromAppId : any
+
+ - X-TransactionId: any
+
+ - Content-type: application/json
+
+ - Accept: application/json
+
+ - Look for the previously registered VNFM and note the value of (vnfm-id) <vnfmId>.
+
+
+Configure the SVNFM driver (generic)
+------------------------------------
+
+- Using SSH, download the CBAM SVNFM driver by executing the following command:
+ docker pull https://nexus.onap.org/content/sites/raw/onap/vfc/nfvo/svnfm/nokiav2:1.1.0-STAGING-latest
+
+- Determine the IMAGE ID:
+
+ - Execute the following command: docker images
+
+ - Find the required image and note the IMAGE ID.
+
+- Start the driver:
+
+ - Fill in the required values and execute the following:
.. code-block:: console
- export CBAM_IP=<cbamIp>
export MULTI_NODE_IP=<multiNodeIp>
export VNFM_ID=<vnfmId>
export IMAGE_ID=<imageId>
- export CBAM_PASSWORD=<onapPassword>
- export CBAM_USERNAME=<onapUsername>
- docker run --name vfc_nokia -p 8089:8089 -e "MSB_IP=$MULTI_NODE_IP" -e "CONFIGURE=kuku" -e "EXTERNAL_IP=$MULTI_NODE_IP" -e "CBAM_CATALOG_URL=https://$CBAM_IP:443/api/catalog/adapter" -e "CBAM_LCN_URL=https://$CBAM_IP:443/vnfm/lcn/v3" -e "CBAM_KEYCLOAK_URL=https://$CBAM_IP:443/auth" -e "CBAM_USERNAME=$CBAM_USERNAME" -e "CBAM_PASSWORD=$CBAM_PASSWORD" -e "VNFM_ID=$VNFM_ID" -d --stop-timeout 300 $IMAGE_ID
+ docker run --name vfc_nokia -p 8089:8089 -e "MSB_IP=$MULTI_NODE_IP" -e "CONFIGURE=kuku" -e "EXTERNAL_IP=$MULTI_NODE_IP" -e "VNFM_ID=$VNFM_ID" -d --stop-timeout 300 $IMAGE_ID
+
+- Determine the identifier of the container:
+
+ - Execute the following command: docker ps
+
+ - Find the required container and note the CONTAINER ID (first column/first row on the list).
+
+- Verify if the VNFM driver has been successfully started by executing the following commands:
+
+.. code-block:: console
+
+ execute docker exec -it <containerId> /bin/bash
+ execute tail -f service.log
+
+ - Result: The SVNFM integration is successful if the end of the command output contains "Started NokiaSvnfmApplication".
+
+- Verify if the SVNFM is registered into MSB:
+
+ - Go to http://msb.api.simpledemo.onap.org/msb
+
+ - Check if NokiaSVNFM micro service is present in the boxes.
+
+
+Configure the SVNFM driver (ONAP demo environment)
+--------------------------------------------------
+This step is executed instead of the "Configure the SVNFM driver (generic)" in case of an ONAP demo environment.
+
+- Configure the already running instance:
+
+ - Execute the following command: docker exec -it `docker ps | grep nokiav2 | awk '{print $1}'` /bin/bash
+
+ - Edit /service/application.properties:
+
+ - In this file, change the default values of the following keys to the correct values: vnfmId
+
+ - Restart the VNFM service
+ - Execute the following command: kill -9 `ps -ef | grep java | grep -v grep | awk '{print $2}'`
\ No newline at end of file
Code Review / vfc / nfvo / driver / vnfm / svnfm.git / blobdiff