-# O-RAN-SC Non-RT RIC Policy Agent
+# O-RAN-SC Non-RT RIC A1 Policy Management Service
-The O-RAN Non-RT RIC Policy Agent provides a REST API for the management of policies within the O-RAN architecture. This README provides details on the features, configuration, and running instructions for the Policy Agent.
+The O-RAN-SC A1 Policy Management Service provides a REST API for the management of policies within the O-RAN architecture. This README provides details on the features, configuration, and running instructions for the A1 Policy Management Service.
For detailed API documentation and further information, refer to the NONRTRIC documentation at [NONRTRIC Wiki](https://wiki.o-ran-sc.org/display/RICNR).
+For additional detailed documentation, also refer to the NONRTRIC documentation at [A1 Policy Management Service Documentation site](https://docs.o-ran-sc.org/projects/o-ran-sc-nonrtric-plt-a1policymanagementservice).
+
+The A1 Policy Management Service is homed in ONAP. For additional documentation see [ONAP CCSDK documentation](https://docs.onap.org/projects/onap-ccsdk-oran).
+and [wiki](https://wiki.onap.org/display/DW/O-RAN+A1+Policies+in+ONAP).
## Features
-The Policy Agent offers various functionalities to manage and monitor policies and RIC capabilities:
-- **Client Supervision**: Monitors clients (R-APPs) to eliminate stray policies in case of client failure.
-- **Consistency Monitoring**: Ensures the SMO view of policies and RIC capabilities is consistent with the actual situation in the RICs.
-- **Policy Configuration**:
- - Single REST API for all RICs in the network.
- - Query functions to find all policies in a RIC, all policies owned by a service (R-APP), all policies of a specific type, etc.
- - Maps O1 resources (ManagedElement) to the controlling RIC.
+The A1 Policy Management Service is a microservice which maintains a transient repository of:
+
+- All A1 policies instances in the network. Each policy is targeted to a near-RT-RIC instance and is owned by a 'service' (e.g., rApps or the NONRTRIC Dashboard).
+- All near-RT-RICs in the network.
+- All Policy types supported by each near-RT-RIC.
+
+The service provides :
+
+- Unified REST API for managing A1 Policies in all near-RT-RICs.
+- Compliant with O-RAN R1 specification for A1-Policy Management (R1-AP v5.0, with additional features & fixes)
+- Synchronized view of A1 Policy instances for each rAPP
+- Synchronized view of A1 Policy instances in each near-RT-RIC
+- Synchronized view of A1 Policy types supported by each near-RT-RIC
+- Lookup service to find the near-RT-RIC to control resources in the RAN as defined in O1 (e.g. which near-RT-RIC should be accessed to control a certain CU or DU, which in turn controls a certain cell).
+- Monitors all near-RT-RICs and maintains data consistency, e.g. recovery from near-RT-RIC restarts
+- Support for different Southbound APIs to the near-RT-RICs (different versions of the A1-P and other similar APIs).
+- HTTPS can be configured to use a supplied certificate/private key and to validate peers towards a list of trusted CAs/certs.
+- HTTP proxy support for tunneling HTTP/HTTPS connections.
+- Fine-grained access-control - with new optional callouts to an external auth function
+- Fine-grained monitoring metrics, logging & call tracing can be configured
## Configuration
-The Policy Agent uses default keystore and truststore files included in the container. The paths and passwords for these stores are specified in a YAML configuration file located at:
+The A1 Policy Management Service uses default keystore and truststore files included in the container. The paths and passwords for these stores are specified in a YAML configuration file located at:
### Default Truststore Certificates
The default truststore includes the following trusted certificates:
-- **A1 Simulator Certificate**: [a1simulator cert](https://gerrit.o-ran-sc.org/r/gitweb?p=sim/a1-interface.git;a=tree;f=near-rt-ric-simulator/certificate;h=172c1e5aacd52d760e4416288dc5648a5817ce65;hb=HEAD)
-- **A1 Controller Certificate**: [a1controller cert (keystore.jks)](https://gerrit.o-ran-sc.org/r/gitweb?p=nonrtric.git;a=tree;f=sdnc-a1-controller/oam/installation/sdnc-a1/src/main/resources;h=17fdf6cecc7a866c5ce10a35672b742a9f0c4acf;hb=HEAD)
-- **Policy Agent's Own Certificate**: Used for mocking and unit-testing purposes (ApplicationTest.java).
+- **A1 Simulator Certificate**: [a1simulator cert](https://gerrit.o-ran-sc.org/r/gitweb?p=sim/a1-interface.git;a=tree;f=near-rt-ric-simulator/certificate)
+- **A1 Policy Management Service's Own Certificate**: Used for mocking and unit-testing purposes (ApplicationTest.java).
### Overriding Default Configuration
--volume "$PWD/new_keystore.jks:/opt/app/policy-agent/etc/cert/keystore.jks" \
--volume "$PWD/new_truststore.jks:/opt/app/policy-agent/etc/cert/truststore.jks" \
--volume "$PWD/new_application.yaml:/opt/app/policy-agent/config/application.yaml" \
- o-ran-sc/nonrtric-policy-agent:2.2.0-SNAPSHOT
+ nexus3.o-ran-sc.org:10002/o-ran-sc/nonrtric-plt-a1policymanagementservice:2.8.0
```
### Running Policy Agent Locally
## License
-Copyright (C) 2019 Nordix Foundation. All rights reserved.
+Copyright (C) 2019-2023 Nordix Foundation. All rights reserved.
+Copyright (C) 2024: OpenInfra Foundation Europe. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
Code Review / nonrtric / plt / a1policymanagementservice.git / blobdiff