.. SPDX-License-Identifier: CC-BY-4.0
.. Copyright (C) 2021 Nordix
-.. |archpic| image:: ./images/nonrtric-architecture-F.png
+.. |archpic| image:: ./images/nonrtric-architecture-H.png
:alt: Image: O-RAN SC - NONRTRIC Overall Architecture
Summary
* `A1 Policy Management Service <#a1-policy-management-service-from-onap-ccsdk>`_. :doc:`Documentation site <a1policymanagementservice:index>`.
* `A1 Policy Controller / Adapter <#a1-sdnc-controller-a1-adapter-controller-plugin>`_.
* `Near-RT RIC A1 Simulator <#a1-interface-near-rt-ric-simulator>`_. :doc:`Documentation site <simulator:index>`.
-* `Non-RT-RIC (Spring Cloud) Service Gateway <#non-rt-ric-spring-cloud-service-gateway>`_.
-* `Non-RT-RIC (Kong) Service Exposure Prototyping <#non-rt-ric-kong-service-exposure-prototyping>`_.
-* `DMaaP/Kafka Information Producer Adapters <#dmaap-kafka-information-producer-adapters>`_. :doc:`Documentation site adapter <dmaapadapter:index>`. :doc:`Documentation site mediator <dmaapmediatorproducer:index>`.
-* `Initial Non-RT-RIC App Catalogue <#initial-non-rt-ric-app-catalogue>`_. :doc:`Documentation site <rappcatalogue:index>`.
-* `Initial K8S Helm Chart LCM Manager <#id5>`_. :doc:`Documentation site <helmmanager:index>`.
-* `Test Framework <#id1>`_.
-* `Use Cases: <#non-rt-ric-use-cases>`_:
+* `Non-RT-RIC (Spring Cloud) Service Gateway <#spring-cloud-service-gateway>`_.
+* `Non-RT-RIC Service Exposure Security Architecture Prototyping <#service-exposure-security-architecture-prototyping>`_. :doc:`Documentation site <service-exposure/se-overview/>`.
+* `DMaaP/Kafka Information Producer Adapters <#dmaap-information-producer-adapters-kafka>`_. :doc:`Documentation site adapter <dmaapadapter:index>`. :doc:`Documentation site mediator <dmaapmediatorproducer:index>`.
+* `Initial Non-RT-RIC App Catalogue <#initial-app-catalogue>`_. :doc:`Documentation site <rappcatalogue:index>`.
+* `Initial K8S Helm Chart LCM Manager <#initial-kubernetes-helm-chart-lcm-manager>`_. :doc:`Documentation site <helmmanager:index>`.
+* `Service Management & Exposure (SME) <#service-management-and-exposure>`_. :doc:`Documentation site <sme:index>`.
+* `Authentication Support <#authentication-support-keycloak>`_.
+* `Test Framework <#non-rt-ric-test-framework>`_.
+* `Use Cases: <#non-rt-ric-use-cases>`_
* "Helloworld" O-RU Fronthaul Recovery use case. :doc:`Documentation site <orufhrecovery:index>`.
* "Helloworld" O-DU Slice Assurance use case. :doc:`Documentation site <ransliceassurance:index>`.
+
Non-RT-RIC Control Panel / NONRTRIC Dashboard
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A data consumer can have several active data subscriptions (Information Job). One Information Job consists of the type of data to produce and additional parameters, which may be different for different data types. These parameters are not defined or limited by this service.
Maintains a registry of:
+
- Information Types / schemas
- Information Producers
- Information Consumers
- Information Jobs
-The service is not involved in data delivery and hence does not put restrictions on this.
+The service is not involved in data delivery and hence does not put restrictions on this.
Implementation:
- Repo: *sim/a1-interface*.
- Documentation at the :doc:`A1 Simulator documentation site <simulator:index>`.
-Non-RT-RIC (Spring Cloud) Service Gateway
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+(Spring Cloud) Service Gateway
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Support Apps to use A1 Services.
- `Spring Cloud Gateway <https://cloud.spring.io/spring-cloud-gateway>`_ provides the library to build a basic API gateway.
- Repo: *portal/nonrtric-controlpanel*.
-Non-RT-RIC (Kong) Service Exposure Prototyping
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Service Exposure Security Architecture Prototyping
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Support Apps to use NONRTRIC, SMO and other App interfaces.
A building block for coming releases as the R1 Interface concept matures .
- Support dynamic registration and exposure of service interfaces to Non-RT-RIC applications (& NONRTRIC Control panel).
-- Extends a static gateway function specifically for NONRTRIC Control panel (described above).
-- Initial version based on `Kong API Gateway <https://docs.konghq.com/gateway-oss>`_ function.
-- Initial exposure candidates include A1 (NONRTRIC) services & O1 (OAM/SMO) services.
+- The architecture and componets are defined in :doc:`Non-RT RIC Security Architecture Prototyping (Documentation site) <service-exposure/se-overview/>`.
-NONRTRIC Kubernetes deployment - including Kong configurations can be found in the OSC `it/dep <https://gerrit.o-ran-sc.org/r/gitweb?p=it/dep.git;a=tree;f=nonrtric/helm/nonrtric>`_ Gerrit repo.
-
-DMaaP/Kafka Information Producer Adapters
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+DMaaP Information Producer Adapters (Kafka)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Configurable mediators to take information from DMaaP and Kafka and present it as a coordinated Information Producer.
Implementation:
- Implementation in Java Spring (DMaaP Adapter), repo: *nonrtric/plt/dmaapadapter*, see :doc:`DMaaP Adapter documentation site <dmaapadapter:index>`.
-- Implemention in Go (DMaaP Mediator Producer), repo: *nonrtric/plt/dmaapmediatorproducer*, see :doc:`DMaaP Mediator Producer documentation site <dmaapmediatorproducer:index>`.
+- Implementation in Go (DMaaP Mediator Producer), repo: *nonrtric/plt/dmaapmediatorproducer*, see :doc:`DMaaP Mediator Producer documentation site <dmaapmediatorproducer:index>`.
-Initial Non-RT-RIC App Catalogue
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Initial App Catalogue
+~~~~~~~~~~~~~~~~~~~~~
Register for Non-RT-RIC Apps.
- Repo: *nonrtric/plt/rappcatalogue*
- Documentation at the :doc:`rApp Catalogue documentation site <rappcatalogue:index>`.
-Initial K8S Helm Chart LCM Manager
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Initial Kubernetes Helm Chart LCM Manager
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Onboard, start, stop, and modify Non-RT-RIC App µServices as Helm Charts.
*A building block for coming releases as the R-APP concept matures*.
- Repo: *nonrtric/plt/helmmanager*
- Documentation at the :doc:`Helm Manager documentation site <helmmanager:index>`.
-Test Framework
-~~~~~~~~~~~~~~
+Service Management and Exposure
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+An initial implementation of the CAPIF Core service. It implements the following CAPIF APIs:
+
+- API Provider Management
+- Publish Service
+- Discover Service
+- API Invoker Management
+- Security
+- Events
+
+Implementation:
+
+- Implemented in Go
+- Repo: *nonrtric/plt/sme*
+- Documentation at the :doc:`Service Management & Exposure (SME) documentation site <sme:index>`.
+
+Authentication Support (Keycloak)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The auth-token-fetch provides support for authentication.
+It is intended to be used as a sidecar and does the authentication procedure, gets and saves the access token
+in the local file system. This includes refresh of the token before it expires.
+This means that the service only needs to read the token from a file.
+
+It is tested using Keycloak as authentication provider.
+
+.. image:: ./AuthSupport.png
+ :width: 500pt
+
+So, a service just needs to read the token file and for instance insert it in the authorization header when using HTTP.
+The file needs to be re-read if it has been updated.
+
+The auth-token-fetch is configured by the following environment variables.
+
+* CERT_PATH - the file path of the cert to use for TSL, example: security/tls.crt
+* CERT_KEY_PATH - the file path of the private key file for the cert, example: "security/tls.key"
+* ROOT_CA_CERTS_PATH - the file path of the trust store.
+* CREDS_GRANT_TYPE - the grant_type used for authentication, example: client_credentials
+* CREDS_CLIENT_SECRET - the secret/private shared key used for authentication
+* CREDS_CLIENT_ID - the client id used for authentication
+* OUTPUT_FILE - the path where the fetched authorization token is stored, example: "/tmp/authToken.txt"
+* AUTH_SERVICE_URL - the URL to the authentication service (Keycloak)
+* REFRESH_MARGIN_SECONDS - how long in advance before the authorization token expires it is refreshed
+
+RAN Performance Monitoring Functions (File-based PM)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Functions to collect/parse/filter/store/forward file-based & event-based RAN PM data:
+
+- End-to-end tool-chain to collection, parsing, filtering and delivery of file-based RAN PM observability data
+- PM report data format defined by 3GPP (TS 32.432 and 3GPP TS 32.435)
+- High performance, fully scalable
+- Subscribers (e.g. rApps) can subscribe for chosen measurement types from specific resources in the network
+
+Implementation:
+
+- Implemented in Go, Java and Python
+- Repo: *nonrtric/plt/ranpm*
+- Documentation at the :doc:`Non-RT RIC RAN PM Usecase / Functions documentation site <ranpm:index>`.
+
+Non-RT-RIC Test Framework
+~~~~~~~~~~~~~~~~~~~~~~~~~
A full test environment with extensive test cases/scripts can be found in the ``test`` directory in the *nonrtric* source code.
Code Review / nonrtric.git / blobdiff