tree: 937e96e760e725a6cf369bbab3efaf998bc90c46 [path history] [tgz]
  1. api/
  2. certificate/
  3. src/
  4. test/
  5. tests/
  6. .gitattributes
  7. .gitignore
  8. container-tag.yaml
  9. Dockerfile
  10. LICENSES.txt
  11. nginx.conf
  12. README.md
near-rt-ric-simulator/README.md

O-RAN-SC Near-RealTime RIC Simulator

The O-RAN SC Near-RealTime RIC simulates the A1 as an generic REST API which can receive and send northbound messages. The simulator validates the payload and applies policy.

The simulator supports multiple A1 interface versions (version of the open API yaml file): | Yaml file version | Version id| | --------------------- | ------------------- | | OSC 2.1.0, | OSC_2.1.0 | | A1 Standard 1.1.3, | STD_1.1.3 | | A1 Standard 2.0.0, | STD_2.0.0 |

All versions are supported by the same container, see section 'Configuring the simulator' below for details about how to the start the simulator with the intended version id.

The overall folder structure is (relative to the location of this README file): | Dir | Description | | ---------------- | ----------- | |. |Dockerfile and README | |api |The open api yaml for each supported version | |src |Python source code for each supported version | |test |Basic test using script| |tests |Basic test using pytest unit test| |certificate |A self-signed certificate and a key

The simulator handles the requests that are defined in the A1 open API yaml file. All these requests are implemented in the a1.py file in the source folder. In addition, a number of administrative functions are also supported and implemented by the main.py in the source folder.

The section below outlines the supported open api REST operations as well as the adminstrative REST operations. For the documentation of the common parts in the admin API, see Common Functions.

Ports and certificates

The simulator normally opens the port 8085 for http. If a certificate and a key are provided the simulator will open port 8185 for https instead. The port 8185 is only opened if a valid certificate and key is found. The certificate and key shall be placed in the same dir and the dir shall be mounted to /usr/src/app/cert in the container.

PortProtocol
8085http
8185https

The dir certificate contains a self-signed cert. Use the script generate_cert_and_key.sh to generate a new certificate and key. The password of the certificate must be set 'test'. The same urls are availables on both the http port 8085 and the https port 8185. If using curl and https, the flag -k shall be given to make curl ignore checking the certificate.

Supported operations in simulator OSC 2.1.0

For the complete yaml specification, see openapi.yaml.

URIs for A1: | Function | Path and parameters | | --------------------- | ------------------- | | GET, do a healthcheck | http://localhost:8085/a1-p/healthcheck | | GET, get all policy type ids | http://localhost:8085/a1-p/policytypes | | DELETE, delete a policy type | http://localhost:8085/a1-p/policytypes/{policy_type_id} | | GET, get a policy type | http://localhost:8085/a1-p/policytypes/{policy_type_id} | | PUT, create/update a policy type | http://localhost:8085/a1-p/policytypes/{policy_type_id} | | GET, get all policy ids for a type | http://localhost:8085/a1-p/policytypes/{policy_type_id}/policies | | DELETE, delete a policy | http://localhost:8085/a1-p/policytypes/{policy_type_id}/policies/{policy_instance_id} | | GET, get a policy | http://localhost:8085/a1-p/policytypes/{policy_type_id}/policies/{policy_instance_id} | | PUT, create/update a policy | http://localhost:8085/a1-p/policytypes/{policy_type_id}/policies/{policy_instance_id} | | GET, get policy status | http://localhost:8085/a1-p/policytypes/{policy_type_id}/policies/{policy_instance_id}/status |

Swagger UI at: http://localhost:8085/ui/

For the documentation of the admin API, see OSC_2.1.0.

URIs for admin operations: | Function | Path and parameters | | --------------------- | ------------------- | | GET, a basic healthcheck | http://localhost:8085/ | | GET, a list of all supported interfaces | http://localhost:8085/container_interfaces | | POST, delete all policy instances | http://localhost:8085/deleteinstances | | POST, full reset | http://localhost:8085/deleteall | | PUT, create/update a policy type | http://localhost:8085/policytype?id=<policytypeid> | | DELETE, delete a policy type | http://localhost:8085/policytype?id=<policytypeid> | | GET, list of policy type id | http://localhost:8085/policytypes | | POST, force a specific response code for an A1 operation | http://localhost:8085/forceresponse?code=<http-code> | | POST, force delayed response of all A1 operations | http://localhost:8085/forcedelay?delay=<seconds> | | PUT, set status and optional reason, delete and timestamp | http://localhost:8085/status?status=<status>&reason=<reason>[&deleted=<boolean>][&created_at=<timestamp>] | | GET a counter
(counter-name: 'num_instances', 'num_types', 'interface' or 'remote_hosts') | http://localhost:8085/counter/<counter-name> | | Turn on http header and payload logging | http://localhost:8085payload_logging/on | | Turn off http header and payload logging | http://localhost:8085payload_logging/off |

Supported operations in simulator A1 Standard 1.1.3

For the complete yaml specification, see STD_A1.yaml.

URIs for A1: | Function | Path and parameters | | --------------------- | ------------------- | | GET all policy identities | http://localhost:8085/A1-P/v1/policies | | PUT a policy instance(create or update it) | http://localhost:8085/A1-P/v1/policies/{policyId} | | GET a policy | http://localhost:8085/A1-P/v1/policies/{policyId} | | DELETE a policy instance | http://localhost:8085/A1-P/v1/policies/{policyId} | | GET a policy status | http://localhost:8085/A1-P/v1/policies/{policyid}/status | Swagger UI at: http://localhost:8085/A1-P/v1/ui/

For the documentation of the admin API, see A1 Standard 1.1.3.

URIs for admin operations: | Function | Path and parameters | | --------------------- | ------------------- | | GET, a basic healthcheck | http://localhost:8085/ | | GET, a list of all supported interfaces | http://localhost:8085/container_interfaces | | POST, delete all policy instances | http://localhost:8085/deleteinstances | | POST, full reset | http://localhost:8085/deleteall | | POST, force a specific response code for an A1 operation | http://localhost:8085/forceresponse?code=<http-code> | | POST, force delayed response of all A1 operations | http://localhost:8085/forcedelay?delay=<seconds> | | PUT, set status and optional reason | http://localhost:8085/status?status=<status>[&reason=<reason>] | | POST, send status for policy | http://localhost:8085/sendstatus?policyid=<policyid> | | GET a counter
(counter-name: 'num_instances', 'num_types'(always 0), 'interface' or 'remote_hosts') | http://localhost:8085/counter/<counter-name> | | Turn on http header and payload logging | http://localhost:8085payload_logging/on | | Turn off http header and payload logging | http://localhost:8085payload_logging/off |

Supported operations in simulator A1 Standard 2.0.0

For the complete yaml specification, see ORAN_A1-p_V2.0.0_api.yaml.

URIs for A1: | Function | Path and parameters | | --------------------- | ------------------- | | GET all policy type identities | http://localhost:8085/A1-P/v2/policytypes | | GET a policy type | http://localhost:8085/A1-P/v2/policytypes/{policyTypeId} | | GET all policy identities | http://localhost:8085/A1-P/v2/policytypes/{policyTypeId}/policies | | PUT a policy instance(create or update it) | http://localhost:8085/A1-P/v2/policytypes/{policyTypeId}/policies/{policyId} | | GET a policy | http://localhost:8085/A1-P/v2/policytypes/{policyTypeId}/policies/{policyId} | | DELETE a policy instance | http://localhost:8085/A1-P/v2/policytypes/{policyTypeId}/policies/{policyId} | | GET a policy status | http://localhost:8085/A1-P/v2/policytypes/{policyTypeId}/policies/{policyid}/status | Swagger UI at: http://localhost:8085/A1-P/v2/ui/

For the documentation of the admin API, see A1 Standard 2.0.0.

URIs for admin operations: | Function | Path and parameters | | --------------------- | ------------------- | | GET, a basic healthcheck | http://localhost:8085/ | | GET, a list of all supported interfaces | http://localhost:8085/container_interfaces | | POST, delete all policy instances | http://localhost:8085/deleteinstances | | POST, full reset | http://localhost:8085/deleteall | | PUT, create/update a policy type | http://localhost:8085/policytype?id=<policytypeid> | | DELETE, delete a policy type | http://localhost:8085/policytype?id=<policytypeid> | | GET, list of policy type id | http://localhost:8085/policytypes | | POST, force a specific response code for an A1 operation | http://localhost:8085/forceresponse?code=<http-code> | | POST, force delayed response of all A1 operations | http://localhost:8085/forcedelay?delay=<seconds> | | PUT, set status and optional reason | http://localhost:8085/status?status=<status>[&reason=<reason>] | | POST, send status for policy | http://localhost:8085/sendstatus?policyid=<policyid> | | POST, deliver data | http://localhost:8085/datadelivery | | GET a counter
(counter-name: 'num_instances', 'num_types'(always 0), 'interface', 'remote_hosts' or 'datadelivery') | http://localhost:8085/counter/<counter-name> | | Turn on http header and payload logging | http://localhost:8085payload_logging/on | | Turn off http header and payload logging | http://localhost:8085payload_logging/off |

Configuring the simulator

An env variable, A1_VERSION need to be passed to the container at start to select the desired interface version. The variable shall be set to one of the version-ids shown in the table in the first section. For example A1_VERSIION=STD_1.1.3.

An env variable, REMOTE_HOSTS_LOGGING, can be set (any value is ok) and the the counter remote_hosts will log the host names of all remote hosts that has accessed the A1 URIs. If host names cannot be resolved, the ip address of the remote host is logged instead. This logging is default off so must be configured to be enabled. If not configured, the counter remote_hosts will return a fixed text indicating that host name logging is not enabled. Use this feature with caution, remote host lookup may take time in certain environments.

And optional env variable, DUPLICATE_CHECK, can be set to '1' to turn on duplicate check of policiy json. A duplicate policy is when the policy json is exactly same as for a different policy id of the same type. This function is default set off if the variable is not set at all or set to '0'.

The simulator can also run using the https protocol. The enable https, a valid certificate and key need to provided. There is self-signed certificate available in the certificate dir and that dir shall be mounted to the container to make it available

By default, this image has default certificates under /usr/src/app/cert file "cert.crt" is the certificate file file "key.crt" is the key file file "generate_cert_and_key.sh" is a shell script to generate certificate and key file "pass" stores the password when you run the shell script

Start the a1-interface container without specifing external certificates:

'docker run --rm -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=STD_1.1.3 -e REMOTE_HOSTS_LOGGING=1 -e DUPLICATE_CHECK=0 a1test'

It will listen to https 8185 port(using default certificates) by default. Http can be enabled on port 8085 using an environment variable "ALLOW_HTTP". If this environment variable is left out or set to false, the nginx server will send "444 Connection Closed Without Response" when making a call using http. Example command to enable http:

'docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=OSC_2.1.0 -e ALLOW_HTTP=true -e DUPLICATE_CHECK=0 a1test'

This certificates/key can be overriden by mounting a volume when using "docker run" or "docker-compose" In 'docker run', use field: --volume "$PWD/certificate:/usr/src/app/cert" a1test In 'docker-compose.yml', use field: volumes: - ./certificate:/usr/src/app/cert:ro

In docker run the full command could look like this:
'docker run -it -p 8085:8085 -p 8185:8185 -e A1_VERSION=STD_1.1.3 -e ALLOW_HTTP=true -e REMOTE_HOSTS_LOGGING=1 -e DUPLICATE_CHECK=0 --volume /PATH_TO_CERT_DIR/certificate:/usr/src/app/cert a1test'

http port 8085 and https port 8185

The variable for A1 version is set with the '-e' flag.

With logging of remote host enabled "-e REMOTE_HOSTS_LOGGING=1 "

With policy json duplicate check set to off (0)

With certificate dir mounted "--volume /PATH_TO_CERT_DIR/certificate:/usr/src/app/cert"

Updating the openapi specs

The openapi specifications are stored in the 'api/<version>/'. If adding/replacing with a new file, make sure to copy the 'operationId' parameter for each operation to the new file.

Start and test of the simulator

See also 'Basic test and code coverage'.

First, download the sim/a1-interface repo on gerrit: git clone "https://gerrit.o-ran-sc.org/oransc/sim/a1-interface"

Goto the main directory, 'a1-interface/near-rt-ric-simulator'. There is a folder 'test/<version>/' for each supported simulator version. This folder contains a script to build and start the simulator (as a container in interactive mode), a script for basic testing as well as json files for the test script.

Go to the test folder of the selected version, 'test/<version>/.

Note that test can be performed both using the nonsecure http port and the secure https port.

Build and start the simulator container using:

./build_and_start.sh duplicate-check|ignore-duplicate

This will build and start the container in interactive mode. The built container only resides in the local docker repository. Note, the default port is 8085 for http and 8185 for https. When running the simulator as a container, the defualt ports can be re-mapped to any port on the localhost.

In a second terminal, go to the same folder and run the basic test script, basic_test.sh nonsecure|secure or commands.sh nonsecure|secure duplicate-check|ignore-duplicate

Note that the arg for duplicate check must match in both scripts. This script runs a number of tests towards the simulator to make sure it works properply.

Basic test and code coverage

Basic test, or unit test, using a python script is also supported. This test basically the same thing as the bash script mentioned in the section above. Follow the instruction of how to clone the repo described in that section. Only http is tested as the internal flask server is only using http (https is part of the webserver inteface).

Navigate to 'near-rt-ric-simulator/tests'. Choose the version to test and use that file for test.

Use 'python3 -m pytest <filename>' to run unit test only with no coverage check

Or use 'coverage run -m pytest <filename>' to run unit test and produce coverage data.

List coverage data by 'coverage report -m --include=../../*' - the include flag makes the list to only contain coverage data from the simulator python file.

To use the 'coverage' cmd, coverage need to be installed use 'pip install coverage'

License

Copyright (C) 2021 Nordix Foundation. Licensed under the Apache License, Version 2.0 (the "License") you may not use this file except in compliance with the License. You may obtain a copy of the License at

  http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

For more information about license please see the LICENSE file for details.