Release docker o-ran-sc/nonrtric-plt-a1policymanagementservice:2.8.1

J-Release - Bug fix version
Roll version 2.8.1 -> 2.8.2

Issue-ID: NONRTRIC-972
Change-Id: I57800fc0e23cb046c336ab8b011a996d3bc9d7cf
Signed-off-by: JohnKeeney <john.keeney@est.tech>
4 files changed
tree: e30340364d86c61db085100ddd5eacdd1e14507d
  1. .releases/
  2. add-src/
  3. api/
  4. config/
  5. docs/
  6. onap/
  7. .gitignore
  8. .gitmodules
  9. .gitreview
  10. .readthedocs.yaml
  11. Dockerfile
  12. INFO.yaml
  13. LICENSE.txt
  14. pom.xml
  15. README.md
  16. tox.ini
README.md

O-RAN-SC Non-RT RIC A1 Policy Management Service

The O-RAN-SC A1 Policy Management Service provides a REST API for the management of policies within the O-RAN architecture. This README provides details on the features, configuration, and running instructions for the A1 Policy Management Service. For detailed API documentation and further information, refer to the NONRTRIC documentation at NONRTRIC Wiki. For additional detailed documentation, also refer to the NONRTRIC documentation at A1 Policy Management Service Documentation site.

The A1 Policy Management Service is homed in ONAP. For additional documentation see ONAP CCSDK documentation. and wiki.

Features

The A1 Policy Management Service is a microservice which maintains a transient repository of:

  • All A1 policies instances in the network. Each policy is targeted to a near-RT-RIC instance and is owned by a 'service' (e.g., rApps or the NONRTRIC Dashboard).
  • All near-RT-RICs in the network.
  • All Policy types supported by each near-RT-RIC.

The service provides :

  • Unified REST API for managing A1 Policies in all near-RT-RICs.
  • Compliant with O-RAN R1 specification for A1-Policy Management (R1-AP v5.0, with additional features & fixes)
  • Synchronized view of A1 Policy instances for each rAPP
  • Synchronized view of A1 Policy instances in each near-RT-RIC
  • Synchronized view of A1 Policy types supported by each near-RT-RIC
  • Lookup service to find the near-RT-RIC to control resources in the RAN as defined in O1 (e.g. which near-RT-RIC should be accessed to control a certain CU or DU, which in turn controls a certain cell).
  • Monitors all near-RT-RICs and maintains data consistency, e.g. recovery from near-RT-RIC restarts
  • Support for different Southbound APIs to the near-RT-RICs (different versions of the A1-P and other similar APIs).
  • HTTPS can be configured to use a supplied certificate/private key and to validate peers towards a list of trusted CAs/certs.
  • HTTP proxy support for tunneling HTTP/HTTPS connections.
  • Fine-grained access-control - with new optional callouts to an external auth function
  • Fine-grained monitoring metrics, logging & call tracing can be configured

Configuration

The A1 Policy Management Service uses default keystore and truststore files included in the container. The paths and passwords for these stores are specified in a YAML configuration file located at:

Default Truststore Certificates

The default truststore includes the following trusted certificates:

  • A1 Simulator Certificate: a1simulator cert
  • A1 Policy Management Service's Own Certificate: Used for mocking and unit-testing purposes (ApplicationTest.java).

Overriding Default Configuration

You can override the default keystore, truststore, and application.yaml files by mounting new files using the volumes field in Docker Compose or the docker run command.

Assuming the new keystore, truststore, and application.yaml files are located in the same directory as your Docker Compose file, the volumes field should include these entries:

volumes:
  - ./new_keystore.jks:/opt/app/policy-agent/etc/cert/keystore.jks:ro
  - ./new_truststore.jks:/opt/app/policy-agent/etc/cert/truststore.jks:ro
  - ./new_application.yaml:/opt/app/policy-agent/config/application.yaml:ro

The target paths in the container should remain unchanged.

Example Docker Run Command To run the Policy Agent container and mount the new configuration files, use the following docker run command:

docker run -p 8081:8081 -p 8433:8433 --name=policy-agent-container --network=nonrtric-docker-net \
  --volume "$PWD/new_keystore.jks:/opt/app/policy-agent/etc/cert/keystore.jks" \
  --volume "$PWD/new_truststore.jks:/opt/app/policy-agent/etc/cert/truststore.jks" \
  --volume "$PWD/new_application.yaml:/opt/app/policy-agent/config/application.yaml" \
  nexus3.o-ran-sc.org:10002/o-ran-sc/nonrtric-plt-a1policymanagementservice:2.8.1

Running Policy Agent Locally

To run the Policy Agent locally in a simulated test mode, follow these steps:

  1. In the folder /opt/app/policy-agent/config/, create a soft link to your test configuration file:
ln -s <path to test_application_configuration.json> application_configuration.json
  1. Start the Policy Agent with the following Maven command:
mvn -Dtest=MockPolicyAgent test

This will start the agent in a simulated mode, where it mimics the behavior of RICs. The REST API will be available on port 8081.

API Documentation

The backend server publishes live API documentation, which can be accessed at:

http://your-host-name-here:8081/swagger-ui.html

License

Copyright (C) 2019-2023 Nordix Foundation. All rights reserved. Copyright (C) 2024: OpenInfra Foundation Europe. All rights reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

 http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.