commit | 6d6fde75df5837c67a0e098eda59a60bc6923041 | [log] [tgz] |
---|---|---|
author | waqas.ikram <waqas.ikram@est.tech> | Tue Jun 29 13:33:51 2021 +0100 |
committer | waqas.ikram <waqas.ikram@est.tech> | Tue Jun 29 16:26:53 2021 +0100 |
tree | fa29a2f5b71f434790319b02c91e40b905a7b460 | |
parent | d71ffa01c4ca340494717ec43dbc17b43ca8706a [diff] |
Fixing XML parsers security bug Change-Id: I8a4f156196af47272a2732b1fbddafb6f0eb1f4d Issue-ID: SO-3668 Signed-off-by: waqas.ikram <waqas.ikram@est.tech>
SO (Service Orchestrator) project is mostly composed of java & groovy code along with camunda BPMN code flow.
SO consists of following sub-components:
SO can be compiled with mvn clean install
. By default it executes:
Integration tests are started with the following profile -P with-integration-tests
You can disable the integration tests by executing: mvn clean install -DskipTests=true -Dmaven.test.skip=true
You can disable the javadoc or doclint creation by executing mvn clean install -Dmaven.javadoc.skip=true -Dadditionalparam=-Xdoclint:none
Your build may fail if you don't follow Code Guidelines. In order to format files run mvn process-sources -P format
You can build docker images by executing profile "docker": mvn clean install -P docker
If you want to build docker images with out executing test and javadoc, then run the below command mvn clean install -U -DskipTests=true -Dmaven.test.skip=true -Dmaven.javadoc.skip=true -Dadditionalparam=-Xdoclint:none -P docker
ONAP SO containers are stored on here for the releases, and here for the snapshots
The following Docker images are the actual deployment images used for running SO
Name | Tag | Description |
---|---|---|
onap/so/api-handler-infra | 1.4.4 | MSO Api handler for SO REST service entry point |
onap/so/bpmn-infra | 1.4.4 | BPMN-Infra contains business logic of execution flow |
onap/so/catalog-db-adapter | 1.4.4 | CatalogDB to interact with mariaDB catalogdb schema |
onap/so/openstack-adapter | 1.4.4 | Adapter to interact with Openstack as a VIM |
onap/so/request-db-adapter | 1.4.4 | RequestDB to interact with mariaDB requestdb schema |
onap/so/sdc-controller | 1.4.4 | SDC-controller to interact with SDC module |
onap/so/sdnc-adapter | 1.4.4 | SDNC Adapter to interacts with SDNC module |
onap/so/so-monitoring | 1.4.4 | SO Monitoring for monitoring the SO workflows |
onap/so/vfc-adapter | 1.4.4 | Adapter to interact with VFC module |
onap/so/vnfm-adapter | 1.4.4 | Adapter to interact with external VNFMs through SOL003 interface |
library/mariadb | 10.1.11 | MariaDB image from Docker.io, this image hosts the database and is preloaded with SO schema and configuration at startup |
You can use docker-compose to start SO. For running docker-compose, you need to checkout docker-config project.
docker-config code is located in a single git repository named so/docker-config
To start SO:
cd docker-config
export DOCKER_HOST=tcp://127.0.0.1:2375
./deploy.sh
(OR docker-compose up -d
)You can also run / restart independent docker, like to run bpmn-infra docker, use command docker-compose up -d bpmn-infra
NOTE: container onap/so/vnfm-adapter is not started via docker-compose script
A heat template that can be used on RackSpace to spin up the SO Host VM and run docker-compose is currently being built by the Demo Team.
SO UIs are not really used for operating SO, but they provide information on what is currently happening and get an insight on the components.
Some of SO components (Api Handler, SO monitoring) use Embedded Tomcat from Spring boot to run application. To monitor the app, Actuator endpoint can be used:
SO orchestration processes can be monitored with the Camunda Engine cockpit UI. It gives an insight about the available processes, allows to trigger them manually and provides monitoring of the currently running processes
IMPORTANT NOTE : since ONAP SO only uses Camunda Community version, which don't show history of running processes - SO-Monitoring component was developed for that purpose.
The cockpit is available at the following address : http://containerHostname:8080/cockpit
When the container is started it will create a default admin user (admin) with the password placeholder
for UI
The cockpit gives an overview of the available BPMN (orchestration) processes (with a visual representation). It is also possible to trigger them from the UI if you know the parameters that are needed.
screenshots to be uploaded when rrelease
Most of the SO features within ONAP SO are triggered by using RESTful interfaces. SO supports both HTTP and HTTPS, but is configured on this release with HTTP only using Basic Authentification.
The SO APIs are configured to accept requests having a basic auth. header set with various username and password depending on which API is being triggered.
All API endpoints are exposed on port 8080, it is possible to reach all SO subsystems directly with the proper query (see more information below on how to test SO functions)
VID endpoint : http://vm1.mso.simpledemo.onap.org:8080/ecomp/mso/infra/serviceInstances/v2
The typical easy way to trigger these endpoints is to use a RESTful client or automation framework.
It is important to understand that the Docker containers are using a configuration file (JSON) in order to provision SO basic configuration, in the above Jenkins Job, Jenkins pulls that JSON file from the SO repository, any other mean to provide that JSON file (for specific environments) would also work.
Once the deployment of the docker images is done, you will need to configure your installation to be able to interact with all the components that SO needs.
Change the environment file located here : /shared/mso-docker.json then run the following command chef-solo -c /var/berks-cookbooks/chef-repo/solo.rb -o recipe[mso-config::apih],recipe[mso-config::bpmn],recipe[mso-config::jra]
Important note: The host SO is mapped automatically to c1.vm1.mso.simpledemo.onap.org in /etc/host of the docker image so you can keep mso:8080 when you want to mention the APIH, JRA or Camunda host.
Here are the main parameters you could change:
The credentials are defined in 2 places:
You can find default users there for specific so component. Note that these default users should be changed.
You can replace the authentication in the environment by the value returned by the following API GET on http://c1.vm1.mso.simpledemo.onap.org:8080/asdc/properties/encrypt/{value}/{cryptKey}
where {value} is the string login:password and cryptKey (also defined in the environment) is the key to use to encrypt the credentials
EELF framework is used for specific logs (audit, metric and error logs). They are tracking inter component logs (request and response) and allow to follow a complete flow through the SO subsystem
Logs are located at the following locations in SO containers :
The DEBUG mode is enabled by module and has to be re-enabled if the application restart.
It can be enabled with a GET on the following APIs:
For this first release of SO, the queries to start the various VNFs should come first through API Handler.
To help with the testing we are providing here a sample SoapUI project [file](add link when rrealease) with the main queries that VID should send to SO
The MariaDB container can load up special SQL scripts that simulates the loading of ASDC components (as if they were received through the ASDC client)
Simply use the load ability embedded to run the 'preload SQL' script for vFirewall or vDNS
It is also possible to simulate queries to the PO (platform orchestrator) adapter of SO (thus bypassing BPMN flows and API handler) to verify SO interaction with Rackspace and verify the behavior of the Adapter (so that it loads HEAT and connect to Rackspace and instantiate elements)
Below is a query used from FireFox RESTClient plugin to trigger SO adapter directly (replace values accordingly)
POST http://<containername>:8080/vnfs/rest/v1/vnfs/5259ba4a-cf0d-4791-9c60-9117faa5cdea/vf-modules Header: content-type: application/json +Authorization login/password BPELClient/password1$F {"createVfModuleRequest":{"messageId":"ec9537bb-c837-477f-86a5-21c717be96f1-1479156376597","skipAAI":true,"notificationUrl":"http://bpmnhost:8080/mso/vnfAdapterRestNotify","cloudSiteId":"RACKSPACE","tenantId":"1015548","vnfId":"5259ba4a-cf0d-4791-9c60-9117faa5cdea","vnfType":"vfw-service/VFWResource-1","vnfVersion":"1.0","vfModuleId":"7d8412bb-b288-44ff-92ef-723018f940fc","vfModuleName":"MSO_VFW_TEST","vfModuleType":"VF_RI1_VFW::module-1","volumeGroupId":"","volumeGroupStackId":"","baseVfModuleId":"","baseVfModuleStackId":"","requestType":"","failIfExists":true,"backout":true,"vfModuleParams":{"vf_module_name":"MSO_VFW_TEST","vnf_name":"vfw-service/VFWResource-1","vnf_id":"5259ba4a-cf0d-4791-9c60-9117faa5cdea","vf_module_id":"7d8412bb-b288-44ff-92ef-723018f940fc"},"msoRequest":{"requestId":"ec9537bb-c837-477f-86a5-21c717be96f1","serviceInstanceId":"369cdf85-1b61-41ff-b637-c6b7dd020326"},"synchronous":false}}
Subscribe and post messages with SO tag in onap-discuss group at https://lists.onap.org/g/onap-discuss