From: Saryu Shah <ss3917@att.com>
Date: Thu, 9 Nov 2017 22:42:29 +0000 (+0000)
Subject: Documentation for Tutorial: vFW flow
X-Git-Tag: v1.1.1~9
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=policy%2Fengine.git;a=commitdiff_plain;h=f8732acc618b1772040704fc881da360979953db

Documentation for Tutorial: vFW flow

Tutorial: Testing the vFW flow in a standalone PDP-D
-------------------------------------------------------------

Change-Id: I91c9f31712f130f52dddfb8175ce28e6612cf20f
Issue-Id: POLICY-335
Signed-off-by: Saryu Shah <ss3917@att.com>
---

diff --git a/docs/platform/Tut_vFW_aai_get.JPG b/docs/platform/Tut_vFW_aai_get.JPG
new file mode 100755
index 000000000..8bbe26b24
Binary files /dev/null and b/docs/platform/Tut_vFW_aai_get.JPG differ
diff --git a/docs/platform/Tut_vFW_aai_named_query_request.JPG b/docs/platform/Tut_vFW_aai_named_query_request.JPG
new file mode 100755
index 000000000..0aff2fdd6
Binary files /dev/null and b/docs/platform/Tut_vFW_aai_named_query_request.JPG differ
diff --git a/docs/platform/Tut_vFW_aai_named_query_response.JPG b/docs/platform/Tut_vFW_aai_named_query_response.JPG
new file mode 100755
index 000000000..b2f40fac4
Binary files /dev/null and b/docs/platform/Tut_vFW_aai_named_query_response.JPG differ
diff --git a/docs/platform/Tut_vFW_appc_request.JPG b/docs/platform/Tut_vFW_appc_request.JPG
new file mode 100755
index 000000000..5cc5aa6b2
Binary files /dev/null and b/docs/platform/Tut_vFW_appc_request.JPG differ
diff --git a/docs/platform/Tut_vFW_final_memory.JPG b/docs/platform/Tut_vFW_final_memory.JPG
new file mode 100755
index 000000000..ea4c72a6a
Binary files /dev/null and b/docs/platform/Tut_vFW_final_memory.JPG differ
diff --git a/docs/platform/Tut_vFW_get_facts.JPG b/docs/platform/Tut_vFW_get_facts.JPG
new file mode 100755
index 000000000..bf24eb3c1
Binary files /dev/null and b/docs/platform/Tut_vFW_get_facts.JPG differ
diff --git a/docs/platform/Tut_vFW_get_facts_2.JPG b/docs/platform/Tut_vFW_get_facts_2.JPG
new file mode 100755
index 000000000..497c7ab13
Binary files /dev/null and b/docs/platform/Tut_vFW_get_facts_2.JPG differ
diff --git a/docs/platform/Tut_vFW_insert_appc_response.JPG b/docs/platform/Tut_vFW_insert_appc_response.JPG
new file mode 100755
index 000000000..c92ef86a2
Binary files /dev/null and b/docs/platform/Tut_vFW_insert_appc_response.JPG differ
diff --git a/docs/platform/Tut_vFW_onset_injected.JPG b/docs/platform/Tut_vFW_onset_injected.JPG
new file mode 100755
index 000000000..d34cb9343
Binary files /dev/null and b/docs/platform/Tut_vFW_onset_injected.JPG differ
diff --git a/docs/platform/Tut_vFW_policy_active.JPG b/docs/platform/Tut_vFW_policy_active.JPG
new file mode 100755
index 000000000..e38aaad88
Binary files /dev/null and b/docs/platform/Tut_vFW_policy_active.JPG differ
diff --git a/docs/platform/Tut_vFW_policy_final_success.JPG b/docs/platform/Tut_vFW_policy_final_success.JPG
new file mode 100755
index 000000000..ef8a091d3
Binary files /dev/null and b/docs/platform/Tut_vFW_policy_final_success.JPG differ
diff --git a/docs/platform/Tut_vFW_policy_guard_result.JPG b/docs/platform/Tut_vFW_policy_guard_result.JPG
new file mode 100755
index 000000000..054a81735
Binary files /dev/null and b/docs/platform/Tut_vFW_policy_guard_result.JPG differ
diff --git a/docs/platform/Tut_vFW_policy_guard_start.JPG b/docs/platform/Tut_vFW_policy_guard_start.JPG
new file mode 100755
index 000000000..00c61ec82
Binary files /dev/null and b/docs/platform/Tut_vFW_policy_guard_start.JPG differ
diff --git a/docs/platform/Tut_vFW_policy_operation_start.JPG b/docs/platform/Tut_vFW_policy_operation_start.JPG
new file mode 100755
index 000000000..d8e2c27f7
Binary files /dev/null and b/docs/platform/Tut_vFW_policy_operation_start.JPG differ
diff --git a/docs/platform/Tut_vFW_policy_operation_success.JPG b/docs/platform/Tut_vFW_policy_operation_success.JPG
new file mode 100755
index 000000000..2dbb7843c
Binary files /dev/null and b/docs/platform/Tut_vFW_policy_operation_success.JPG differ
diff --git a/docs/platform/Tut_vFW_policy_start.JPG b/docs/platform/Tut_vFW_policy_start.JPG
new file mode 100755
index 000000000..6f457d5cc
Binary files /dev/null and b/docs/platform/Tut_vFW_policy_start.JPG differ
diff --git a/docs/platform/Tut_vFW_simulated_appc_response.JPG b/docs/platform/Tut_vFW_simulated_appc_response.JPG
new file mode 100755
index 000000000..ca543a43c
Binary files /dev/null and b/docs/platform/Tut_vFW_simulated_appc_response.JPG differ
diff --git a/docs/platform/Tut_vFW_simulated_onset.JPG b/docs/platform/Tut_vFW_simulated_onset.JPG
new file mode 100755
index 000000000..1a34fc3b6
Binary files /dev/null and b/docs/platform/Tut_vFW_simulated_onset.JPG differ
diff --git a/docs/platform/Tut_vFW_simulators_enabled.JPG b/docs/platform/Tut_vFW_simulators_enabled.JPG
new file mode 100755
index 000000000..1234bc90c
Binary files /dev/null and b/docs/platform/Tut_vFW_simulators_enabled.JPG differ
diff --git a/docs/platform/index.rst b/docs/platform/index.rst
index 5a1530167..fdaf5c656 100644
--- a/docs/platform/index.rst
+++ b/docs/platform/index.rst
@@ -15,6 +15,7 @@ Policy Engine Platform
    guardpdp.rst
    tutorial_vDNS.rst
    tutorial_VOLTE.rst
+   tutorial_vFW.rst
    feature_testtransaction.rst
    feature_healthcheck.rst
    feature_eelf.rst
diff --git a/docs/platform/tutorial_vFW.rst b/docs/platform/tutorial_vFW.rst
new file mode 100644
index 000000000..639b632ca
--- /dev/null
+++ b/docs/platform/tutorial_vFW.rst
@@ -0,0 +1,123 @@
+
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+****************************************************
+Tutorial: Testing the vFW flow in a standalone PDP-D 
+****************************************************
+
+.. contents::
+    :depth: 3
+
+
+High Level Architecture
+^^^^^^^^^^^^^^^^^^^^^^^ 
+The vFW flow begins with an onset message that is sent from DCAE notifying the PDP-D that an action needs to be taken on a VNF. Once the PDP-D has inserted the onset into drools memory, rules begin to fire to start processing the onset for the vFW policy that exists in drools memory. If the onset is not enriched with A&AI data, Policy will query A&AI for the VNF data otherwise the PDP-D will get the A&AI data needed directly from the onset. Then an A&AI named query is executed on the source VNF entity from the onset to find the target VNF entity that the PDP-D will take action on. Once the target entity is retrieved from A&AI, a Guard query is executed to determine if the action to be taken is allowed. If Guard returns a permit, the PDP-D will then send an APPC ModifyConfig recipe request to modify pg-streams as specified in the request payload. If APPC is successful then the PDP-D will send a final success notification on the POLICY-CL-MGT topic and gracefully end processing the event.
+
+Initial Setup
+^^^^^^^^^^^^^ 
+
+For this tutorial, a feature for simulating components involved in the flow outside of Policy will be turned on. Run "features enable controlloop-utils".
+
+
+The first step is to access the docker container of name *drools*.
+
+    .. image:: Tut_vFW_simulators_enabled.JPG
+
+Now start the PDP-D using the command "policy start"
+
+    .. image:: Tut_vFW_policy_start.JPG
+
+Running the Flow
+^^^^^^^^^^^^^^^^ 
+
+The telemetry API is used to see what is in memory. There should only be 1 fact, the Params object which is created at initialization time and contains the vFW policy that was created.
+
+    .. code-block:: bash
+
+        curl --silent --user @1b3rt:31nst31n -X GET http://localhost:9696/policy/pdp/engine/controllers/amsterdam/drools/facts/amsterdam | python -m json.tool
+
+    .. image:: Tut_vFW_get_facts.JPG
+
+Using the telemetry API, a simulated onset can be injected by the user. For demo purposes, this is the simulated onset that will be used:
+
+    .. image:: Tut_vFW_simulated_onset.JPG
+
+**NOTE:** The onset that gets injected has to have a closedLoopControlName that matches the pushed policy's closedLoopControlName.
+
+Inject the onset using the Telemetry API.
+
+    .. code-block:: bash
+
+        curl --silent --user @1b3rt:31nst31n --header "Content-Type: text/plain" --data @dcae.vfw.onset.json -X PUT http://localhost:9696/policy/pdp/engine/topics/sources/ueb/unauthenticated.DCAE_EVENT_OUTPUT/events | python -m json.tool
+
+    .. image:: Tut_vFW_onset_injected.JPG
+
+Now check the facts in memory, there should be 7 objects present. Two timers exist to put a time limit on the operation and on the overall control loop (in the case of retries or policy chaining). The event and it's assciated manager and operation manager are also present in memory. A lock on the target entity is inserted to ensure no other events try to take action on the VNF that is currently processing.
+
+    .. image:: Tut_vFW_get_facts_2.JPG
+
+The network log will be used to monitor the activity coming in and out of the PDP-D. This log is located at $POLICY_HOME/logs/network.log. This will show the notifications that the PDP-D sends out at different stages of processing. The order of successful processing begins with an ACTIVE notification to show that the onset was acknowledged and the operation is beginning transit.
+ 
+    .. image:: Tut_vFW_policy_active.JPG
+
+Next a query will be sent to A&AI to get information on the VNF specified from the onset. The picture below shows the query going OUT of the PDP-D and the response coming IN.
+
+**NOTE:** Policy does A&AI queries for VNF information when the onset is not enriched with A&AI data. In this example only the generic-vnf.vnf-name was provided so a query to A&AI is necessary to retrieve data that is needed in the APPC request.
+
+    .. image:: Tut_vFW_aai_get.JPG
+
+For the vFW use case, the source entity reported in the onset message may not be the target entity that the APPC operation takes action on. To determine the true target entity, an A&AI named query is performed. The request is shown in the network log.
+
+    .. image:: Tut_vFW_aai_named_query_request.JPG
+
+The response is also displayed in the network log.
+
+    .. image:: Tut_vFW_aai_named_query_response.JPG
+
+Once the target entity is found, the PDP-D consults Guard to determine if this operation should be allowed, a series of operation notifications are sent for starting the Guard query, obtaining a PERMIT or DENY, and beginning the operation.
+
+    .. image:: Tut_vFW_policy_guard_start.JPG
+
+    .. image:: Tut_vFW_policy_guard_result.JPG
+
+    .. image:: Tut_vFW_policy_operation_start.JPG
+
+Once the operation starts an APPC request is sent out.
+
+    .. image:: Tut_vFW_appc_request.JPG
+
+A simulated APPC response will be injected to the APPC-CL topic, this is the example response used:
+
+    .. image:: Tut_vFW_simulated_appc_response.JPG
+
+Inject the response using the Telemetry API.
+
+    .. code-block:: bash
+
+        curl --silent --user @1b3rt:31nst31n --header "Content-Type: text/plain" --data @appc.legacy.success.json -X PUT http://localhost:9696/policy/pdp/engine/topics/sources/ueb/APPC-CL/events | python -m json.tool
+
+    .. image:: Tut_vFW_insert_appc_response.JPG
+
+The network log will show the PDP-D sent an operation success notification.
+
+    .. image:: Tut_vFW_policy_operation_success.JPG
+
+Then a final success notification is sent.
+
+    .. image:: Tut_vFW_policy_final_success.JPG
+
+After processing there should only be 1 fact left in memory.
+
+    .. image:: Tut_vFW_final_memory.JPG
+
+
+
+
+End of Document
+
+
+
+
+.. SSNote: Wiki page ref. https://wiki.onap.org/display/DW/Tutorial%3A+Testing+the+vFW+flow+in+a+standalone+PDP-D
+