Split SMO network from telecom network
The communication between simulated network and
SMO components uses FQDN only.
SMO NBI networks are separated from SMO SBIs.
Issue-ID: OAM-336
Change-Id: Ie36ac8451d9186e61c93908bbcd653a631c3efc7
Signed-off-by: Martin Skorupski <martin.skorupski@highstreet-technologies.com>
diff --git a/solution/README-O-RU-Controller.md b/solution/README-O-RU-Controller.md
index 8d81611..c652f1e 100644
--- a/solution/README-O-RU-Controller.md
+++ b/solution/README-O-RU-Controller.md
@@ -83,9 +83,11 @@
<deployment-system-ipv4> gateway.smo.o-ran-sc.org
<deployment-system-ipv4> identity.smo.o-ran-sc.org
<deployment-system-ipv4> messages.smo.o-ran-sc.org
-<deployment-system-ipv4> ves-collector.oam.smo.o-ran-sc.org
<deployment-system-ipv4> odlux.oam.smo.o-ran-sc.org
-<deployment-system-ipv4> controller.oam.smo.o-ran-sc.org
+<deployment-system-ipv4> flows.oam.smo.o-ran-sc.org
+<deployment-system-ipv4> tests.oam.smo.o-ran-sc.org
+<deployment-system-ipv4> ves-collector.dcn.smo.o-ran-sc.org
+<deployment-system-ipv4> controller.dcn.smo.o-ran-sc.org
```
diff --git a/solution/README.md b/solution/README.md
index d01e664..20f38d6 100644
--- a/solution/README.md
+++ b/solution/README.md
@@ -118,9 +118,11 @@
<deployment-system-ipv4> gateway.smo.o-ran-sc.org
<deployment-system-ipv4> identity.smo.o-ran-sc.org
<deployment-system-ipv4> messages.smo.o-ran-sc.org
-<deployment-system-ipv4> ves-collector.oam.smo.o-ran-sc.org
<deployment-system-ipv4> odlux.oam.smo.o-ran-sc.org
-<deployment-system-ipv4> controller.oam.smo.o-ran-sc.org
+<deployment-system-ipv4> flows.oam.smo.o-ran-sc.org
+<deployment-system-ipv4> tests.oam.smo.o-ran-sc.org
+<deployment-system-ipv4> controller.dcn.smo.o-ran-sc.org
+<deployment-system-ipv4> ves-collector.dcn.smo.o-ran-sc.org
```
diff --git a/solution/network/.env b/solution/network/.env
index 56d92e2..5a10558 100644
--- a/solution/network/.env
+++ b/solution/network/.env
@@ -14,29 +14,29 @@
# limitations under the License.
#
-COMPOSE_PROJECT_NAME=o-ran-sc-h-release
HOST_IP=aaa.bbb.ccc.ddd
+# NETWORK_SUBNET_DCN_IPv4=172.60.0.0/24
+NETWORK_SUBNET_DCN_IPv6=2001:db8:1:60::/96
# Credentials
ADMIN_USERNAME=admin
ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+# gateway network implemented by traefik
+GATEWAY_DOMAIN=smo.o-ran-sc.org
+
# SDN Controller
-SDNC_REST_PORT=8181
-SDNC_OAM_IPv4=172.50.0.23
-SDNC_OAM_IPv6=2001:db8:1:50::23
-SDNC_OAM_HOST=controller.oam.smo.o-ran-sc.org
SDN_CONTROLLER_PROTOCOL=https
+SDNC_DCN_HOST=controller.dcn.smo.o-ran-sc.org
+SDNC_REST_PORT=443
SDN_CONTROLLER_CALLHOME_SSH_PORT=4334
SDN_CONTROLLER_CALLHOME_TLS_PORT=4335
# VES Collector
-VES_COLLECTOR_OAM_IPv4=172.50.0.27
-VES_COLLECTOR_OAM_IPv6=2001:db8:1:50::27
-VES_COLLECTOR_OAM_HOST=ves-collector.oam.smo.o-ran-sc.org
-VES_COMMON_HEADER_VERSION=7.2.1
VES_ENDPOINT_PROTOCOL=https
+VES_COLLECTOR_DCN_HOST=ves-collector.dcn.smo.o-ran-sc.org
VES_ENDPOINT_PORT=443
+VES_COMMON_HEADER_VERSION=7.2.1
VES_ENDPOINT_AUTH_METHOD=basic-auth
VES_ENDPOINT_USERNAME=sample1
VES_ENDPOINT_PASSWORD=sample1
@@ -45,7 +45,7 @@
NEXUS3_DOCKER_REPO=nexus3.o-ran-sc.org:10004/o-ran-sc/
LOCAL_DOCKER_REPO=o-ran-sc/
NTS_MANAGER_PORT=8300
-NTS_BUILD_VERSION=1.6.2
+NTS_BUILD_VERSION=1.8.0
IPv6_ENABLED=true
SSH_CONNECTIONS=1
diff --git a/solution/network/config.py b/solution/network/config.py
index a717dbb..c89cb1e 100644
--- a/solution/network/config.py
+++ b/solution/network/config.py
@@ -36,9 +36,9 @@
containers = dockerFilter.splitlines()
mapping = dict({"ntsim-ng-o-ru": "O-RU", "ntsim-ng-o-du": "O-DU"})
-base = get_environment_variable('SDN_CONTROLLER_PROTOCOL') + '://' + get_environment_variable('SDNC_OAM_HOST')
-username = 'admin'
-password = 'Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U'
+base = get_environment_variable('SDN_CONTROLLER_PROTOCOL') + '://' + get_environment_variable('SDNC_DCN_HOST')
+username = get_environment_variable('ADMIN_USERNAME')
+password = get_environment_variable('ADMIN_PASSWORD')
# REST to set event settings
def configEventSettings(nfName, nfType):
diff --git a/solution/network/docker-compose.yml b/solution/network/docker-compose.yml
index 9fd388e..d8e2ed9 100755
--- a/solution/network/docker-compose.yml
+++ b/solution/network/docker-compose.yml
@@ -29,13 +29,14 @@
NTS_HOST_TRANSFER_SFTP_BASE_PORT: ${NTS_HOST_TRANSFER_SFTP_BASE_PORT}
SDN_CONTROLLER_PROTOCOL: ${SDN_CONTROLLER_PROTOCOL}
- SDN_CONTROLLER_IP: ${SDNC_OAM_HOST}
+ SDN_CONTROLLER_IP: ${SDNC_DCN_HOST}
+ SDN_CONTROLLER_CALLHOME_IP: ${SDNC_DCN_HOST}
SDN_CONTROLLER_USERNAME: ${ADMIN_USERNAME}
SDN_CONTROLLER_PASSWORD: ${ADMIN_PASSWORD}
VES_COMMON_HEADER_VERSION: ${VES_COMMON_HEADER_VERSION}
VES_ENDPOINT_PROTOCOL: ${VES_ENDPOINT_PROTOCOL}
- VES_ENDPOINT_IP: ${VES_COLLECTOR_OAM_HOST}
+ VES_ENDPOINT_IP: ${VES_COLLECTOR_DCN_HOST}
VES_ENDPOINT_PORT: ${VES_ENDPOINT_PORT}
VES_ENDPOINT_AUTH_METHOD: ${VES_ENDPOINT_AUTH_METHOD}
VES_ENDPOINT_USERNAME: ${VES_ENDPOINT_USERNAME}
@@ -54,9 +55,8 @@
x-nf: &common_nf
stop_grace_period: 5m
extra_hosts:
- - "identity.smo.o-ran-sc.org:${HOST_IP}"
- - "controller.oam.smo.o-ran-sc.org:${HOST_IP}"
- - "ves-collector.oam.smo.o-ran-sc.org:${HOST_IP}"
+ - "controller.dcn.${GATEWAY_DOMAIN}:${HOST_IP}"
+ - "ves-collector.dcn.${GATEWAY_DOMAIN}:${HOST_IP}"
cap_add:
- SYS_ADMIN
- SYS_PTRACE
@@ -98,7 +98,6 @@
- ./ntsim-ng-o-ru/o-ru-11221/ietf-interfaces-operational.xml:/opt/dev/deploy/data/ietf-interfaces-operational.xml
- ./ntsim-ng-o-ru/o-ru-11221/ietf-interfaces-running.xml:/opt/dev/deploy/data/ietf-interfaces-running.xml
environment:
- SDN_CONTROLLER_CALLHOME_IP: ${SDNC_OAM_IPv4}
SDN_CONTROLLER_CALLHOME_PORT: ${SDN_CONTROLLER_CALLHOME_SSH_PORT}
<<: [*common_env, *ru_env]
@@ -114,7 +113,6 @@
- ./ntsim-ng-o-ru/o-ru-11222/ietf-interfaces-operational.xml:/opt/dev/deploy/data/ietf-interfaces-operational.xml
- ./ntsim-ng-o-ru/o-ru-11222/ietf-interfaces-running.xml:/opt/dev/deploy/data/ietf-interfaces-running.xml
environment:
- SDN_CONTROLLER_CALLHOME_IP: ${SDNC_OAM_IPv6}
SDN_CONTROLLER_CALLHOME_PORT: ${SDN_CONTROLLER_CALLHOME_SSH_PORT}
<<: [*common_env, *ru_env]
@@ -130,7 +128,6 @@
- ./ntsim-ng-o-ru/o-ru-11223/ietf-interfaces-operational.xml:/opt/dev/deploy/data/ietf-interfaces-operational.xml
- ./ntsim-ng-o-ru/o-ru-11223/ietf-interfaces-running.xml:/opt/dev/deploy/data/ietf-interfaces-running.xml
environment:
- SDN_CONTROLLER_CALLHOME_IP: ${SDNC_OAM_IPv4}
SDN_CONTROLLER_CALLHOME_PORT: ${SDN_CONTROLLER_CALLHOME_TLS_PORT}
<<: [*common_env, *ru_env]
@@ -146,11 +143,15 @@
- ./ntsim-ng-o-ru/o-ru-11223/ietf-interfaces-operational.xml:/opt/dev/deploy/data/ietf-interfaces-operational.xml
- ./ntsim-ng-o-ru/o-ru-11223/ietf-interfaces-running.xml:/opt/dev/deploy/data/ietf-interfaces-running.xml
environment:
- SDN_CONTROLLER_CALLHOME_IP: ${SDNC_OAM_IPv6}
SDN_CONTROLLER_CALLHOME_PORT: ${SDN_CONTROLLER_CALLHOME_TLS_PORT}
<<: [*common_env, *ru_env]
networks:
default:
- name: oam
- external: true
+ driver: bridge
+ name: network
+ enable_ipv6: true
+ ipam:
+ driver: default
+ config:
+ - subnet: ${NETWORK_SUBNET_DCN_IPv6}
diff --git a/solution/smo/apps/docker-compose.yml b/solution/smo/apps/docker-compose.yml
index e3a60e3..7820854 100644
--- a/solution/smo/apps/docker-compose.yml
+++ b/solution/smo/apps/docker-compose.yml
@@ -14,12 +14,12 @@
APP_SOURCE: ${APP_SOURCE}
APP_NETWORK_FUNCTION_ID: ${APP_NETWORK_FUNCTION_ID}
SDN_CONTROLLER_PROTOCOL: https
- SDN_CONTROLLER_HOST: controller.oam.${SOLUTION_DOMAIN}
+ SDN_CONTROLLER_HOST: controller.dcn.${SOLUTION_DOMAIN}
SDN_CONTROLLER_PORT: 443
SDN_CONTROLLER_USERNAME: ${ADMIN_USERNAME}
SDN_CONTROLLER_PASSWORD: ${ADMIN_PASSWORD}
VES_ENDPOINT_PROTOCOL: https
- VES_ENDPOINT_HOST: ves-collector.oam.${SOLUTION_DOMAIN}
+ VES_ENDPOINT_HOST: ves-collector.dcn.${SOLUTION_DOMAIN}
VES_ENDPOINT_PORT: 443
VES_ENDPOINT_AUTH_METHOD: ${VES_ENDPOINT_AUTH_METHOD}
VES_ENDPOINT_USERNAME: ${VES_ENDPOINT_USERNAME}
@@ -37,8 +37,8 @@
volumes:
- ./flows/data:/data
networks:
- smo:
+ dmz:
networks:
- smo:
+ dmz:
external: true
\ No newline at end of file
diff --git a/solution/smo/apps/flows/data/.sessions.json b/solution/smo/apps/flows/data/.sessions.json
index 2ab160f..7465973 100644
--- a/solution/smo/apps/flows/data/.sessions.json
+++ b/solution/smo/apps/flows/data/.sessions.json
@@ -1 +1 @@
-{"wMn2YBLgm/twWOxiqN476VqJQSp3lnisGyhE3N6eCNr/iiyyrMZaoB4x3YZJrfMln2h5jjryg3QWphRbqVvfWexsxsl/QEDLST/gbksuklDRRCjdU4Mpb2x84wP3XB6lt7yfaSJyahX0itEcYAJBxjidxx6puieqzEmREjfxIZE=":{"user":"admin","client":"node-red-editor","scope":"*","accessToken":"wMn2YBLgm/twWOxiqN476VqJQSp3lnisGyhE3N6eCNr/iiyyrMZaoB4x3YZJrfMln2h5jjryg3QWphRbqVvfWexsxsl/QEDLST/gbksuklDRRCjdU4Mpb2x84wP3XB6lt7yfaSJyahX0itEcYAJBxjidxx6puieqzEmREjfxIZE=","expires":1683209440148}}
\ No newline at end of file
+{"u2HZpR5BJG6q05WE7ojMTSvrINjM0QJq2OgJci7B55HWTVVUvUERXtqfEapC5PX3Kw2Qcgxqfz/Qgrg3WhiygX72HCB1xNXptE01s+CPA/jt1g3iqN0ZNY1k7wJt4GgtN0d6IIZRzSpe8ZL5x8Opx38DChex8gn+cK0dYURU398=":{"user":"admin","client":"node-red-editor","scope":"*","accessToken":"u2HZpR5BJG6q05WE7ojMTSvrINjM0QJq2OgJci7B55HWTVVUvUERXtqfEapC5PX3Kw2Qcgxqfz/Qgrg3WhiygX72HCB1xNXptE01s+CPA/jt1g3iqN0ZNY1k7wJt4GgtN0d6IIZRzSpe8ZL5x8Opx38DChex8gn+cK0dYURU398=","expires":1684318736958},"bogJaMH12Ns6tIkYVXcnpEr29RFgftKQ0y7H4bWFI4VHP++LTHcOc4EsUU9Z/XFaTJR6t2TPG55PZhzDk8v4WunJ38AFDIToq8KRdfJDAMQqSCMJMTmgHupLS5iECJvS8YJQgRW3CHe+2qsQWtWuZmlJUcBu0fwYdTKtz0+ShVw=":{"user":"admin","client":"node-red-editor","scope":"*","accessToken":"bogJaMH12Ns6tIkYVXcnpEr29RFgftKQ0y7H4bWFI4VHP++LTHcOc4EsUU9Z/XFaTJR6t2TPG55PZhzDk8v4WunJ38AFDIToq8KRdfJDAMQqSCMJMTmgHupLS5iECJvS8YJQgRW3CHe+2qsQWtWuZmlJUcBu0fwYdTKtz0+ShVw=","expires":1684659878559},"WNTOBijmJOK5hvKQVxq41zeBhRKx7BHw8piBsFQfrri1y66NPbs6GrB0xRjsEaRAOe3q3ZapY79zosrc3DYlCV6U3nY5JbHRGJbJYOhxyBiIP1iY8OjcFmkrK0u49vQYNR530gSjCENx5WSMqBGth0+mxYp8GdY/Lig4u9prOBw=":{"user":"admin","client":"node-red-editor","scope":"*","accessToken":"WNTOBijmJOK5hvKQVxq41zeBhRKx7BHw8piBsFQfrri1y66NPbs6GrB0xRjsEaRAOe3q3ZapY79zosrc3DYlCV6U3nY5JbHRGJbJYOhxyBiIP1iY8OjcFmkrK0u49vQYNR530gSjCENx5WSMqBGth0+mxYp8GdY/Lig4u9prOBw=","expires":1684664566860}}
\ No newline at end of file
diff --git a/solution/smo/apps/flows/data/flows.json b/solution/smo/apps/flows/data/flows.json
index e16c5e6..2ffd02a 100644
--- a/solution/smo/apps/flows/data/flows.json
+++ b/solution/smo/apps/flows/data/flows.json
@@ -250,13 +250,13 @@
"name": "ves-message-data",
"active": true,
"tosidebar": false,
- "console": false,
+ "console": true,
"tostatus": true,
"complete": "payload",
"targetType": "msg",
"statusVal": "payload.event.commonEventHeader.stndDefinedNamespace",
"statusType": "msg",
- "x": 1050,
+ "x": 1060,
"y": 220,
"wires": []
},
@@ -473,7 +473,7 @@
"type": "function",
"z": "51e83a0892da060e",
"name": "vesStndDefindBody",
- "func": "const eventTime = new Date(msg.payload).toISOString();\nmsg.payload = {\n schemaReference: 'https://gerrit.o-ran-sc.org/r/gitweb?p=scp/oam/modeling.git;a=blob_plain;f=data-model/yang/published/o-ran/ru-fh/o-ran-file-management.yang#components/schemas/ofhm-event-stream',\n stndDefinedFieldsVersion: '1.0',\n data: {\n 'ietf:notification': {\n 'eventTime': eventTime,\n 'o-ran-file-management:file-download-event': {\n 'local-logical-file-path': 'o-ran/log',\n 'remote-file-path': 'ftpes://username@ftpes.oam.smo.o-ran-sc/downloads',\n 'status': 'FAILURE',\n 'reject-reason': 'FTPes Server not reachable.'\n }\n }\n }\n};\nmsg.topic = 'stndDefinedFields';\nreturn msg;",
+ "func": "const eventTime = new Date(msg.payload).toISOString();\nmsg.payload = {\n schemaReference: 'https://gerrit.o-ran-sc.org/r/gitweb?p=scp/oam/modeling.git;a=blob_plain;f=data-model/yang/published/o-ran/ru-fh/o-ran-file-management.yang#components/schemas/ofhm-event-stream',\n stndDefinedFieldsVersion: '1.0',\n data: {\n 'ietf:notification': {\n 'eventTime': eventTime,\n 'o-ran-file-management:file-download-event': {\n 'local-logical-file-path': 'o-ran/log',\n 'remote-file-path': 'ftpes://username@ftpes.dcn.smo.o-ran-sc/downloads',\n 'status': 'FAILURE',\n 'reject-reason': 'FTPes Server not reachable.'\n }\n }\n }\n};\nmsg.topic = 'stndDefinedFields';\nreturn msg;",
"outputs": 1,
"noerr": 0,
"initialize": "",
@@ -522,7 +522,7 @@
"type": "function",
"z": "51e83a0892da060e",
"name": "vesStndDefindBody",
- "func": "const eventTime = new Date(msg.payload).toISOString();\nmsg.payload = {\n schemaReference: 'https://gerrit.o-ran-sc.org/r/gitweb?p=scp/oam/modeling.git;a=blob_plain;f=data-model/yang/published/o-ran/ru-fh/o-ran-file-management.yang#components/schemas/ofhm-event-stream',\n stndDefinedFieldsVersion: '1.0',\n data: {\n 'ietf:notification': {\n 'eventTime': eventTime,\n 'o-ran-file-management:file-upload-notification': {\n 'local-logical-file-path': 'o-ran/log',\n 'remote-file-path': 'ftpes://username@ftpes.oam.smo.o-ran-sc/downloads',\n 'status': 'FAILURE',\n 'reject-reason': 'FTPes Server not reachable.'\n }\n }\n }\n};\nmsg.topic = 'stndDefinedFields';\nreturn msg;",
+ "func": "const eventTime = new Date(msg.payload).toISOString();\nmsg.payload = {\n schemaReference: 'https://gerrit.o-ran-sc.org/r/gitweb?p=scp/oam/modeling.git;a=blob_plain;f=data-model/yang/published/o-ran/ru-fh/o-ran-file-management.yang#components/schemas/ofhm-event-stream',\n stndDefinedFieldsVersion: '1.0',\n data: {\n 'ietf:notification': {\n 'eventTime': eventTime,\n 'o-ran-file-management:file-upload-notification': {\n 'local-logical-file-path': 'o-ran/log',\n 'remote-file-path': 'ftpes://username@ftpes.dcn.smo.o-ran-sc/downloads',\n 'status': 'FAILURE',\n 'reject-reason': 'FTPes Server not reachable.'\n }\n }\n }\n};\nmsg.topic = 'stndDefinedFields';\nreturn msg;",
"outputs": 1,
"noerr": 0,
"initialize": "",
diff --git a/solution/smo/common/.env b/solution/smo/common/.env
index 7d5e497..2fa5580 100644
--- a/solution/smo/common/.env
+++ b/solution/smo/common/.env
@@ -21,19 +21,13 @@
# Network settings
# Please update /etc/docker/daemon.json accordingly
# https://docs.docker.com/config/daemon/ipv6/
-NETWORK_SUBNET_SMO=2001:db8:1:40::/96
-NETWORK_GATEWAY_SMO=2001:db8:1:40::1
+NETWORK_SUBNET_DCN_IPv6=2001:db8:1:50::/96
-# traefik network
+# gateway network implemented by traefik
SOLUTION_DOMAIN=smo.o-ran-sc.org
TRAEFIK_IMAGE=traefik:v2.9
TRAEFIK_LOG_LEVEL=DEBUG
-TRAEFIK_NETWORK_NAME=smo
-TRAEFIK_SUBNET=172.30.0.0/16
-TRAEFIK_SUBNET_IPv6=2001:db8:1:30::/64
-TRAEFIK_SUBNET_IPv6_PRE_STRING=2001:db8:1:30
-TRAEFIK_GATEWAY_IP=172.30.0.1
-TRAEFIK_GATEWAY_IPv6=${TRAEFIK_SUBNET_IPv6_PRE_STRING}:172:30:0:1
+TRAEFIK_NETWORK_NAME=dmz
# Identity server
IDENTITY_IMAGE=bitnami/keycloak:18.0.2
diff --git a/solution/smo/common/docker-compose.yml b/solution/smo/common/docker-compose.yml
index e89ab91..cbdcb9c 100755
--- a/solution/smo/common/docker-compose.yml
+++ b/solution/smo/common/docker-compose.yml
@@ -1,3 +1,18 @@
+################################################################################
+# Copyright 2023 highstreet technologies GmbH
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
# no more versions needed! Compose spec supports all features w/o a version
services:
@@ -18,6 +33,8 @@
ports:
- 80:80
- 443:443
+ - 4334:4334
+ - 4335:4335
command:
- --serverstransport.insecureskipverify=true
- --log.level=${TRAEFIK_LOG_LEVEL}
@@ -34,6 +51,8 @@
- --entrypoints.websecure.address=:443
- --entrypoints.websecure.http.tls.domains[0].main=gateway.${SOLUTION_DOMAIN}
- --entrypoints.websecure.http.tls.domains[0].sans=*.${SOLUTION_DOMAIN}
+ - --entrypoints.ssh-netconf-callhome.address=:4334
+ - --entrypoints.tls-netconf-callhome.address=:4335
- --providers.docker.endpoint=unix:///var/run/docker.sock
- --providers.docker.network=${TRAEFIK_NETWORK_NAME}
- --providers.docker.exposedByDefault=false
@@ -55,7 +74,7 @@
traefik.http.services.gateway.loadbalancer.server.port: 8080
networks:
- dmz
- - default
+ - dcn
identitydb:
image: ${IDENTITYDB_IMAGE}
@@ -105,6 +124,9 @@
condition: service_started
gateway:
condition: service_healthy
+ networks:
+ - dmz
+ - default
persistence:
image: ${PERSISTENCE_IMAGE}
@@ -115,8 +137,6 @@
zookeeper:
image: ${ZOOKEEPER_IMAGE}
container_name: zookeeper
- # ports:
- # - 2181:2181
environment:
ZOOKEEPER_REPLICAS: 1
ZOOKEEPER_TICK_TIME: 2000
@@ -176,18 +196,24 @@
condition: service_started
gateway:
condition: service_healthy
+ networks:
+ - dmz
+ - default
networks:
dmz:
name: dmz
driver: bridge
enable_ipv6: false
+ default:
+ name: smo
+ driver: bridge
+ enable_ipv6: false
+ dcn:
+ driver: bridge
+ name: dcn
+ enable_ipv6: true
ipam:
driver: default
config:
- - subnet: ${TRAEFIK_SUBNET}
- gateway: ${TRAEFIK_GATEWAY_IP}
- - subnet: ${TRAEFIK_SUBNET_IPv6}
- gateway: ${TRAEFIK_GATEWAY_IPv6}
- default:
- name: ${TRAEFIK_NETWORK_NAME}
+ - subnet: ${NETWORK_SUBNET_DCN_IPv6}
diff --git a/solution/smo/oam/.env b/solution/smo/oam/.env
index 21b4380..f6cdb58 100644
--- a/solution/smo/oam/.env
+++ b/solution/smo/oam/.env
@@ -21,18 +21,10 @@
ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
# Network settings
-
HOST_IP=aaa.bbb.ccc.ddd
-# Please update /etc/docker/daemon.json accordingly
-# https://docs.docker.com/config/daemon/ipv6/
-NETWORK_SUBNET_OAM_IPv4=172.50.0.0/24
-NETWORK_GATEWAY_OAM_IPv4=172.50.0.1
-NETWORK_SUBNET_OAM_IPv6=2001:db8:1:50::/96
-NETWORK_GATEWAY_OAM_IPv6=2001:db8:1:50::1
# traefik network
SOLUTION_DOMAIN=smo.o-ran-sc.org
-TRAEFIK_NETWORK_NAME=dmz
# Identity server
IDENTITY_PROVIDER_URL=https://identity.smo.o-ran-sc.org
@@ -40,8 +32,6 @@
# SDN Controller
SDNC_IMAGE=nexus3.onap.org:10001/onap/sdnc-image:2.4.2
SDNC_REST_PORT=8181
-SDNC_OAM_IPv4=172.50.0.23
-SDNC_OAM_IPv6=2001:db8:1:50::23
SDNC_CERT_DIR=/opt/opendaylight/current/certs
# SDN Controller Web
@@ -50,8 +40,6 @@
## VES Collector
VES_COLLECTOR_IMAGE=nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1
-VES_COLLECTOR_OAM_IPv4=172.50.0.27
-VES_COLLECTOR_OAM_IPv6=2001:db8:1:50::27
VES_COMMON_HEADER_VERSION=7.2.1
VES_ENDPOINT_PROTOCOL=http
VES_ENDPOINT_PORT=8080
diff --git a/solution/smo/oam/docker-compose.yml b/solution/smo/oam/docker-compose.yml
index b778170..84e5e50 100755
--- a/solution/smo/oam/docker-compose.yml
+++ b/solution/smo/oam/docker-compose.yml
@@ -1,3 +1,19 @@
+################################################################################
+# Copyright 2023 highstreet technologies GmbH
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
# no more versions needed! Compose spec supports all features w/o a version
services:
@@ -22,6 +38,7 @@
controller:
condition: service_healthy
networks:
+ dmz:
smo:
controller:
@@ -36,9 +53,9 @@
interval: 10s
timeout: 5s
retries: 5
- ports:
- - 4334:4334
- - 4335:4335
+ # ports:
+ # - 4334:4334
+ # - 4335:4335
environment:
ENABLE_ODL_CLUSTER: false
ENABLE_OAUTH: true
@@ -78,14 +95,24 @@
labels:
traefik.enable: true
traefik.http.routers.controller.entrypoints: websecure
- traefik.http.routers.controller.rule: Host(`controller.oam.${SOLUTION_DOMAIN}`)
+ traefik.http.routers.controller.rule: Host(`controller.dcn.${SOLUTION_DOMAIN}`)
traefik.http.routers.controller.tls: true
traefik.http.services.controller.loadbalancer.server.port: ${SDNC_REST_PORT}
+
+ traefik.tcp.routers.controller-ssh.entrypoints: ssh-netconf-callhome
+ traefik.tcp.routers.controller-ssh.rule: HostSNI(`*`)
+ traefik.tcp.routers.controller-ssh.tls: false
+ traefik.tcp.routers.controller-ssh.service: controller-ssh
+ traefik.tcp.services.controller-ssh.loadbalancer.server.port: 4334
+
+ traefik.tcp.routers.controller-tls.entrypoints: tls-netconf-callhome
+ traefik.tcp.routers.controller-tls.rule: HostSNI(`*`)
+ traefik.tcp.routers.controller-tls.tls: false
+ traefik.tcp.routers.controller-tls.service: controller-tls
+ traefik.tcp.services.controller-tls.loadbalancer.server.port: 4335
networks:
smo:
- default:
- ipv4_address: ${SDNC_OAM_IPv4}
- ipv6_address: ${SDNC_OAM_IPv6}
+ dcn:
ves-collector:
image: ${VES_COLLECTOR_IMAGE}-configured
@@ -109,26 +136,17 @@
labels:
traefik.enable: true
traefik.http.routers.ves.entrypoints: websecure
- traefik.http.routers.ves.rule: Host(`ves-collector.oam.${SOLUTION_DOMAIN}`)
+ traefik.http.routers.ves.rule: Host(`ves-collector.dcn.${SOLUTION_DOMAIN}`)
traefik.http.routers.ves.tls: true
traefik.http.services.ves.loadbalancer.server.port: ${VES_ENDPOINT_PORT}
networks:
smo:
- default:
- ipv4_address: ${VES_COLLECTOR_OAM_IPv4}
- ipv6_address: ${VES_COLLECTOR_OAM_IPv6}
+ dcn:
networks:
+ dmz:
+ external: true
smo:
external: true
- default:
- driver: bridge
- name: oam
- enable_ipv6: true
- ipam:
- driver: default
- config:
- - subnet: ${NETWORK_SUBNET_OAM_IPv4}
- gateway: ${NETWORK_GATEWAY_OAM_IPv4}
- - subnet: ${NETWORK_SUBNET_OAM_IPv6}
- gateway: ${NETWORK_GATEWAY_OAM_IPv6}
+ dcn:
+ external: true