Gitiles
Code Review Sign In
gerrit.nordix.org / onap / policy / parent / 8fbfe378608d9a68e511af0c76d49260cfc8b794 / . / docs / development / pdp / pdp-pap-interaction.rst
blob: 14a92517e15c38238e1e28a15d5c5751a4e4b516 [file] [log] [blame]
a.sreekumarb94b8d42021-10-06 18:09:06 +0100[diff] [blame]1.. This work is licensed under a
2.. Creative Commons Attribution 4.0 International License.
3.. http://creativecommons.org/licenses/by/4.0
4
5.. _pdp-pap-interaction-label:
6
7Guidelines for PDP-PAP interaction
8###################################
9
10.. contents::
11 :depth: 3
12
13A PDP (Policy Decision Point) is where the policy execution happens. The administrative actions such as
14managing the PDPs, deploying or undeploying policies to these PDPs etc. are handled by PAP
15(Policy Administration Point). Any PDP should follow certain behavior to be registered and functional in
16the Policy Framework. All the communications between PAP and PDP happen over DMaaP on topic *POLICY-PDP-PAP*.
17The below diagram shows how a PDP interacts with PAP.
18
19.. image:: images/PDP_PAP.svg
20
21**1. Start PDP**
22
23A PDP should be configured to start with the below information in its startup configuration file.
24
25- *pdpGroup* to which the PDP should belong to.
26- *DMaaP topic* 'POLICY-PDP-PAP' which should be the source and sink for communicating with PAP.
27
28**2. PDP sends PDP_STATUS (registration message)**
29
30As soon as a PDP is up, it sends a registration message to POLICY-PDP-PAP topic.
31Some of the information included in the message are:
32
33- *pdpType* the type of the PDP (apex/drools/xacml etc.).
34- *pdpGroup* to which the PDP should belong to.
35- *state* the initial state of the PDP which is PASSIVE.
36- *healthy* whether the PDP is "HEALTHY" or not.
37- *name* a name that is unique to the PDP instance.
38
39
liamfallon40f09542021-10-11 11:57:31 +0100[diff] [blame]40.. code-block::
a.sreekumarb94b8d42021-10-06 18:09:06 +0100[diff] [blame]41 :caption: Sample PDP_STATUS Registration message (from APEX-PDP)
42 :linenos:
43
44 {
45 "pdpType": "apex",
46 "state": "PASSIVE",
47 "healthy": "HEALTHY",
48 "description": "Pdp Heartbeat",
49 "statistics": {
50 ..... Omitted for brevity
51 },
52 "messageName": "PDP_STATUS",
53 "requestId": "54926ad0-440f-4b40-9237-40ca754ad00d",
54 "timestampMs": 1632325024286,
55 "name": "apex-45c6b266-a5fa-4534-b22c-33c2f9a45d02",
56 "pdpGroup": "defaultGroup"
57 }
58
59**3. PAP sends PDP_UPDATE message**
60
61On receiving the registration message from a PDP, PAP checks and assigns it to a subgroup under the group.
62If there are policies that were already deployed (for e.g. previously deployed, and the PDP is restarted)
63under the subgroup, then the *policiesToBeDeployed* are also sent along with the *subgroup* it is assigned to.
64PAP also sends the *pdpHeartbeatIntervalMs* which is the time interval in which PDPs should send heartbeats to PAP.
65
66.. code-block:: json
67 :caption: Sample PDP_UPDATE message (for APEX-PDP)
68 :linenos:
69
70 {
71 "source": "pap-56c8531d-5376-4e53-a820-6973c62bfb9a",
72 "pdpHeartbeatIntervalMs": 120000,
73 "policiesToBeDeployed": [],
74 "messageName": "PDP_UPDATE",
75 "requestId": "3534e54f-4432-4c68-81c8-a6af07e59fb2",
76 "timestampMs": 1632325037040,
77 "name": "apex-45c6b266-a5fa-4534-b22c-33c2f9a45d02",
78 "pdpGroup": "defaultGroup",
79 "pdpSubgroup": "apex"
80 }
81
82**4. PDP sends PDP_STATUS response to PDP_UPDATE**
83
84PDP on receiving the PDP_UPDATE message from the DMaaP topic, it first checks if the message is intended for the PDP.
85If so, it updates itself with the information in PDP_UPDATE message from PAP such as *pdpSubgroup*,
86*pdpHeartbeatIntervalMs* and *policiesToBeDeployed* (if any). After handling the PDP_UPDATE message, the PDP sends
87a response message back to PAP with the current status of the PDP along with the result of the PDP_UPDATE operation.
88
liamfallon40f09542021-10-11 11:57:31 +0100[diff] [blame]89.. code-block::
a.sreekumarb94b8d42021-10-06 18:09:06 +0100[diff] [blame]90 :caption: Sample PDP_STATUS response message (from APEX-PDP)
91 :linenos:
92
93 {
94 "pdpType": "apex",
95 "state": "PASSIVE",
96 "healthy": "HEALTHY",
97 "description": "Pdp status response message for PdpUpdate",
98 "policies": [],
99 "statistics": {
100 ..... Omitted for brevity
101 },
102 "response": {
103 "responseTo": "3534e54f-4432-4c68-81c8-a6af07e59fb2",
104 "responseStatus": "SUCCESS",
105 "responseMessage": "Pdp update successful."
106 },
107 "messageName": "PDP_STATUS",
108 "requestId": "e3c72783-4e91-4cb5-8140-e4ac0630706d",
109 "timestampMs": 1632325038075,
110 "name": "apex-45c6b266-a5fa-4534-b22c-33c2f9a45d02",
111 "pdpGroup": "defaultGroup",
112 "pdpSubgroup": "apex"
113 }
114
115
116**5. PAP sends PDP_STATE_CHANGE message**
117
118PAP sends PDP_STATE_CHANGE message to PDPs to change the state from PASSIVE to active
119or ACTIVE to PASSIVE. When a PDP is in PASSIVE state, the policy execution will not happen.
120All PDPs start up in PASSIVE state, and they can be changed to ACTIVE/PASSIVE using PAP.
121After registration is complete, PAP makes a PDP ACTIVE by default.
122
123.. code-block:: json
124 :caption: Sample PDP_STATE_CHANGE message
125 :linenos:
126
127 {
128 "source": "pap-56c8531d-5376-4e53-a820-6973c62bfb9a",
129 "state": "ACTIVE",
130 "messageName": "PDP_STATE_CHANGE",
131 "requestId": "90eada6d-bb98-4750-a4e1-b439cb5e041d",
132 "timestampMs": 1632325037040,
133 "name": "apex-45c6b266-a5fa-4534-b22c-33c2f9a45d02",
134 "pdpGroup": "defaultGroup",
135 "pdpSubgroup": "apex"
136 }
137
138**6. PDP sends PDP_STATUS response to PDP_STATE_CHANGE**
139
140PDP updates its state as per the PDP_STATE_CHANGE received from PAP. When a PDP is changed
141to ACTIVE, any policies that are already pushed to the PDP start execution
142and start processing events as per the policies deployed. If no policies are running in a PDP,
143then it waits in ACTIVE state, ready to execute any policies as and when they are pushed
144to them from PAP. After handling the PDP_STATE_CHANGE message, the PDP sends a response message
145back to PAP with the current status of the PDP along with the result of the PDP_STATE_CHANGE operation.
146
liamfallon40f09542021-10-11 11:57:31 +0100[diff] [blame]147.. code-block::
a.sreekumarb94b8d42021-10-06 18:09:06 +0100[diff] [blame]148 :caption: Sample PDP_STATUS response message (from APEX-PDP)
149 :linenos:
150
151 {
152 "pdpType": "apex",
153 "state": "ACTIVE",
154 "healthy": "HEALTHY",
155 "description": "Pdp status response message for PdpStateChange",
156 "policies": [],
157 "statistics": {
158 ..... Omitted for brevity
159 },
160 "response": {
161 "responseTo": "90eada6d-bb98-4750-a4e1-b439cb5e041d",
162 "responseStatus": "SUCCESS",
163 "responseMessage": "State changed to active. No policies are running."
164 },
165 "messageName": "PDP_STATUS",
166 "requestId": "8a88806c-4d3e-4c80-8048-dc85d4bb75dd",
167 "timestampMs": 1632325043068,
168 "name": "apex-45c6b266-a5fa-4534-b22c-33c2f9a45d02",
169 "pdpGroup": "defaultGroup",
170 "pdpSubgroup": "apex"
171 }
172
173**7. PDP sends PDP_STATUS Heartbeat messages**
174
175A PDP has to send Heartbeat messages to PAP periodically with the current status information
176of the PDP. PAP receives this information and makes sure they are updated. In case of any mismatch
177with the data in the database, PAP sends out a PDP_UPDATE message to update the PDP.
178PAP considers a PDP as expired if three consecutive heartbeats are missing from the PDP,
179and removes the PDP instance details from the database.
180
liamfallon40f09542021-10-11 11:57:31 +0100[diff] [blame]181.. code-block::
a.sreekumarb94b8d42021-10-06 18:09:06 +0100[diff] [blame]182 :caption: Sample PDP_STATUS response message (from APEX-PDP)
183 :linenos:
184
185 {
186 "pdpType": "apex",
187 "state": "ACTIVE",
188 "healthy": "HEALTHY",
189 "description": "Pdp Heartbeat",
190 "policies": [],
191 "statistics": {
192 ..... Omitted for brevity
193 },
194 "messageName": "PDP_STATUS",
195 "requestId": "e3c72783-4e91-4cb5-8140-e4ac0630706d",
196 "timestampMs": 1632325038075,
197 "name": "apex-45c6b266-a5fa-4534-b22c-33c2f9a45d02",
198 "pdpGroup": "defaultGroup",
199 "pdpSubgroup": "apex"
200 }
201
202**8. Deploy/Undeploy Policy using PAP**
203
204Policies can be deployed or undeployed using PAP APIs. PAP fetches the policies to be deployed
205from the database, and send the whole policies' list under *policiesToBeDeployed* field.
206In case of undeployment, PAP sends the list of policies with their name and version under
207*policiesToBeUndeployed* in the PDP_UPDATE message.
208
209**9. PAP sends PDP_UPDATE message with policiesToBeDeployed/Undeployed**
210
211PAP sends a PDP_UPDATE message with information about policies to be deployed and
212undeployed. If there are some policies that are already deployed, then only the new ones
213are sent under the *policiesToBeDeployed* field.
214
liamfallon40f09542021-10-11 11:57:31 +0100[diff] [blame]215.. code-block::
a.sreekumarb94b8d42021-10-06 18:09:06 +0100[diff] [blame]216 :caption: Sample PDP_STATUS response message (from APEX-PDP)
217 :linenos:
218
219 {
220 "source": "pap-56c8531d-5376-4e53-a820-6973c62bfb9a",
221 "pdpHeartbeatIntervalMs": 120000,
222 "policiesToBeDeployed": [
223 {
224 "type": "onap.policies.native.Apex",
225 "type_version": "1.0.0",
226 "properties": {
227 ..... Omitted for brevity
228 },
229 "name": "onap.policies.apex.Simplecontrolloop",
230 "version": "1.0.0",
231 "metadata": {
232 "policy-id": "onap.policies.apex.Simplecontrolloop",
233 "policy-version": "1.0.0"
234 }
235 }
236 ],
237 "policiesToBeUndeployed":[],
238 "messageName": "PDP_UPDATE",
239 "requestId": "3534e54f-4432-4c68-81c8-a6af07e59fb2",
240 "timestampMs": 1632325037040,
241 "name": "apex-45c6b266-a5fa-4534-b22c-33c2f9a45d02",
242 "pdpGroup": "defaultGroup",
243 "pdpSubgroup": "apex"
244 }
245
246**10. PDP sends PDP_STATUS response to PDP_UPDATE**
247
248All policies to be deployed/undeployed are updated in the PDP engine.
249Policies that are part of policiesToBeDeployed are updated to the engine, and
250all policies under policiesToBeUndeployed are removed from the PDP engine.
251Once the processing of PDP_UPDATE message is complete, PDP sends back a PDP_STATUS
252message with the updated status, the current list of policies that are in the
253engine, and the result of the PDP_UPDATE operation.
254
255.. code-block:: json
256 :caption: Sample PDP_STATUS response message (from APEX-PDP)
257 :linenos:
258
259 {
260 "pdpType": "apex",
261 "state": "ACTIVE",
262 "healthy": "HEALTHY",
263 "description": "Pdp status response message for PdpUpdate",
264 "policies": [
265 {
266 "name": "onap.policies.apex.Simplecontrolloop",
267 "version": "1.0.0"
268 }
269 ],
270 "statistics": {
271 "pdpInstanceId": "apex-45c6b266-a5fa-4534-b22c-33c2f9a45d02",
272 "timeStamp": "2021-09-22T15:37:18.075436Z",
273 "pdpGroupName": "defaultGroup",
274 "pdpSubGroupName": "apex",
275 "policyExecutedCount": 0,
276 "policyExecutedSuccessCount": 0,
277 "policyExecutedFailCount": 0,
278 "policyDeployCount": 1,
279 "policyDeploySuccessCount": 1,
280 "policyDeployFailCount": 0,
281 "policyUndeployCount": 0,
282 "policyUndeploySuccessCount": 0,
283 "policyUndeployFailCount": 0
284 },
285 "response": {
286 "responseTo": "4534e54f-4432-4c68-81c8-a6af07e59fb2",
287 "responseStatus": "SUCCESS",
288 "responseMessage": "Apex engine started. Deployed policies are: onap.policies.apex.Simplecontrolloop:1.0.0"
289 },
290 "messageName": "PDP_STATUS",
291 "requestId": "e3c72783-4e91-4cb5-8140-e4ac0630706d",
292 "timestampMs": 1632325038075,
293 "name": "apex-45c6b266-a5fa-4534-b22c-33c2f9a45d02",
294 "pdpGroup": "defaultGroup",
295 "pdpSubgroup": "apex"
296 }
297
298More details about the messages used for PDP-PAP internal communication and their structure can be found here
299:ref:`The Internal Policy Framework PAP-PDP API <pap-pdp-label>`.