+++ /dev/null
-# Service Management and Orchestration (SMO)
-
-##### Table of Contents
-[Service Management and Orchestration (SMO)](#service-management-and-orchestration-smo)
-- [Introduction](#introduction)
-- [Overview](#overview)
-- [Prerequisites](#prerequisites)
-- [Usage](#usage)
- - [Bring Up Solution](#bring-up-solution)
- - [Log files and karaf console](#log-files-and-karaf-console)
- - [Customizing Solution](#customizing-solution)
- - [Verification Solution](#verification-solution)
- - [Access to SDN-R UX](#access-to-sdn-r-ux)
- - [Terminate solution](#terminate-solution)
- - [Cleanup](#cleanup)
- - [Troubleshooting](#troubleshooting)
-
-## Introduction
-
-With respect to OAM the SMO implements the O1-interface consumers. According to the O-RAN OAM Architecture and the O-RAN OAM Interface Specification, the SMO implements a NetConf Client for configuration and a HTTP/REST/VES server for receiving all kind of events in a VES format.
-
-The setup contains an OpenDaylight based NetConf client and a VES Collector.
-
-## Overview
-
-This docker-compose file starts a pre-configured, self-contained SDN-R solution
-for developer test or demo purposes
-
- * **Identity**
- ... representing an KeyCloak based identity service for centralized user
- management. Please note that the implementation does not support IPv6.
- Therefore, its own network is required called 'DMZ'.
- In this configuration the external https port is 8463.
-
- * **SDN-R** single node instance
-
- ... representing the NetConf consumer on the Service Management and
- Orchestration framework (SMO) for the O1 interface based on
- ODL-Silicon/ONAP-Istanbul
- SDN-R comes with is own web-portal the external port is 8463.
-
- * **VES collector**
-
- ... representing the VES (REST) provider at SMO for all kind of events. In this configuration the external https port is 8443.
-
- * **DMaaP**
- ... representing SMO DMaaP component, includes message-router
-
- * **ONAP-Policy**
- ... representing all the components of ONAP policy framework, in particular
- the policy-apex-pdp which executes the apex policies deployed in the framework
- when a certain event occurs.
-
- * **Non-RT-RIC**
- ... representing all the components of Non-RT-RIC, includes Non-RT-RIC Control Panel, Non-RT-RIC (Spring Cloud) Service Gateway, A1 Policy Management Services,
- Enrichment Data Coordinator, Non-RT-RIC App Catalogue, "HelloWorld" O-RU Fronthaul Recovery use-case, Near-RT RIC A1 Simulator etc.
-
-## Prerequisites
-
-```
-$ cat /etc/os-release | grep PRETTY_NAME
-PRETTY_NAME="Ubuntu 20.04.2 LTS"
-
-$ docker --version
-Docker version 20.10.7, build 20.10.7-0ubuntu1~20.04.2
-
-$ docker-compose version
-docker-compose version 1.29.1, build c34c88b2
-docker-py version: 5.0.0
-CPython version: 3.7.10
-OpenSSL version: OpenSSL 1.1.0l 10 Sep 2019
-
-
-$ git --version
-git version 2.25.1
-
-```
-Please modify the /etc/hosts of your system.
-
-* <your-system>: is the hostname of the system, where the browser is started
-
-* <deployment-system-ipv4>: is the IP address of the system where the solution will be deployed
-
-For development purposes <your-system> and <deployment-system> may reference the same system.
-
-```
-$ cat /etc/hosts
-127.0.0.1 localhost
-127.0.1.1 <your-system>
-<deployment-system-ipv4> sdnc-web <your-system>
-<deployment-system-ipv4> identity <your-system>
-```
-
-It is beneficial (but not mandatory) adding the following line add the
-end of your ~/.bashrc file. I will suppress warnings when python script
-do not verify self signed certificates for HTTPS communication.
-```
-export PYTHONWARNINGS="ignore:Unverified HTTPS request"
-```
-
-Please ensure that you download and copy the required 3GPP OpenAPIs for VES-stndDefined
-message validation into the folder './solution/integration/smo/oam/ves-collector/externalRepo'.
-
-Please follow the instructions in ./solution/integration/smo/oam/ves-collector/externalRepo/3gpp/rep/sa5/MnS/blob/Rel16/OpenAPI/README.md.
-
-The following tree shows the successfully tested folder structure. It combines different versions of the schemas ('Rel16' and 'SA88-Rel16') using 3GPP branch names.
-
-```
-$ tree solution/integration/smo/oam/ves-collector/externalRepo/
-solution/integration/smo/oam/ves-collector/externalRepo/
-├── 3gpp
-│  └── rep
-│  └── sa5
-│  └── MnS
-│  └── blob
-│  ├── Rel16
-│  │  └── OpenAPI
-│  │ ├── TS28532_FaultMnS.yaml
-│  │ ├── TS28532_FileDataReportingMnS.yaml
-│  │ ├── TS28532_HeartbeatNtf.yaml
-│  │ ├── TS28532_PerfMnS.yaml
-│  │ ├── TS28532_ProvMnS.yaml
-│  │ ├── TS28532_StreamingDataMnS.yaml
-│  │ ├── TS28536_CoslaNrm.yaml
-│  │ ├── TS28541_5GcNrm.yaml
-│  │ ├── TS28541_NrNrm.yaml
-│  │ ├── TS28541_SliceNrm.yaml
-│  │ ├── TS28550_PerfMeasJobCtrlMnS.yaml
-│  │ ├── TS28623_ComDefs.yaml
-│  │ ├── TS28623_GenericNrm.yaml
-│  │ ├── TS29512_Npcf_SMPolicyControl.yaml
-│  │ ├── TS29514_Npcf_PolicyAuthorization.yaml
-│  │ └── TS29571_CommonData.yaml
-│  └── SA88-Rel16
-│  └── OpenAPI
-│  ├── 5gcNrm.yaml
-│  ├── PerDataFileReportMnS.yaml
-│  ├── PerMeasJobCtlMnS.yaml
-│  ├── PerThresMonMnS.yaml
-│  ├── PerfDataStreamingMnS.yaml
-│  ├── README.md
-│  ├── comDefs.yaml
-│  ├── coslaNrm.yaml
-│  ├── faultMnS.yaml
-│  ├── genericNrm.yaml
-│  ├── heartbeatNtf.yaml
-│  ├── nrNrm.yaml
-│  ├── provMnS.yaml
-│  ├── sliceNrm.yaml
-│  └── streamingDataMnS.yaml
-```
-
-## Expected Folder Structure
-
-```
-├── network
-│ ├── .env
-│ ├── config.py
-│ ├── docker-compose.yml
-│ │
-│ ├── ntsim-ng-o-du
-│ └── ntsim-ng-o-ru
-└── smo
- ├── common
- │ ├── .env
- │ ├── docker-compose.yml
- │ │
- │ ├── dmaap
- │ ├── docker
- │ ├── identity
- │ ├── kafka
- │ ├── o-ran-sc-topology-service
- │ └── zookeeper
- ├── non-rt-ric
- │ ├── docker-compose.yml
- │ │
- │ ├── test
- │ ├── data
- │ └── config
- ├── oam
- │ ├── docker-compose.yml
- │ │
- │ ├── sdnc-web
- │ ├── sdnr
- │ └── ves-collector
- └── onap-policy
- ├── docker-compose.yml
- │
- ├── config
- └── wait_for_port.sh
-```
-
-## Usage
-
-### Bring Up Solution
-
-#### Check (adjust if required) environment variables
-
-```
-nano smo/common/.env
-nano smo/non-rt-ric/.env
-nano smo/oam/.env
-nano network/.env
-```
-
-The tested configuration uses the following external https ports:
-
- * 8443 for the ves-collector
- * 8453 for web access to ODLUX (SDNC_WEB_PORT)
- * 8463 for the keyclock web administrator user interface.
-
-#### Startup solution
-
-Please note that it is necessary to configure first the identity service,
-before starting further docker images.
-
-The several docker-compose yml files must be started in the right order as listed below:
-
-```
-docker-compose -f smo/common/docker-compose.yml up -d
-python smo/common/identity/config.py
-```
-
-The python script configure the users within the identity service (keycloak).
-A system user (%USER) is also created with administration rights.
-
-```
-docker-compose -f smo/onap-policy/docker-compose.yml up -d
-docker-compose -f smo/oam/docker-compose.yml up -d
-docker-compose -f smo/non-rt-ric/docker-compose.yml up -d
-```
-
-In order to create/deploy the apex policy for O-RU closed loop recovery use case,
-refer to the section named "Create/Deploy apex policy for O-RU & O-DU use case" in
-this page:
-https://wiki.o-ran-sc.org/pages/viewpage.action?pageId=35881325
-
-Please note that the above instructions assume that the ToscaPolicy.json file
-with default config needs to be deployed. However, when there is a need to update
-the config (for example, to change the O-RU to O-DU mapping), a new ToscaPolicy.json
-file needs to be created. Refer to the section named "Workflow for updating the policy config"
-in this page:
-https://wiki.o-ran-sc.org/pages/viewpage.action?pageId=35881325
-
-Please wait about 2min until all the service are up and running.
-If you see the login page (https://sdnc-web:8453) you are good to go and can start the (simulated) network.
-
-### populate data into Non-RT-RIC
-
-Full instruction on how to run Non-RT-RIC can be found in this page:
-<https://wiki.o-ran-sc.org/display/RICNR/Release+D>
-
-When containers in Non-RT-RIC are all up, by default, there is no data running inside. Folder `non-rt-ric/data/` contains several scripts to populate data into Non-RT-RIC for test & demo purpose.
-
-```
-bash prepareDmaapMsg.sh
-```
-
-script `prepareDmaapMsg.sh` sends messages to DMaaP message router, then Non-RT-RIC policy-agent service polls messages from DMaaP, and creates policy instances accordingly.
-
-```
-bash preparePmsData.sh
-```
-
-script `preparePmsData.sh` sends http requests to policy-agent service, and creates policy instances accordingly.
-
-```
-bash prepareEcsData.sh
-```
-
-script `prepareIcsData.sh` sends http requests to ics service, and creates data accordingly.
-
-Afterwards, open webpage:
-<http://localhost:8182/>
-Now we should see some data in the page.
-
-```
-docker-compose -f network/docker-compose.yml up -d
-```
-
-Usually the first ves:event gets lost. Please restart the O-DU docker container(s) to send a second ves:pnfRegistration.
-
-```
-docker-compose -f network/docker-compose.yml restart ntsim-ng-o-du-1122
-python network/config.py
-```
-
-The python script configures the simulated O-DU and O-RU according to O-RAN hybrid architecture.
-
-O-DU - NETCONF Call HOME and NETCONF notifications
-O-RU - ves:pnfRegistration and ves:fault, ves:heartbeat
-
-
-![ves:pnfRegistration in ODLUX](docs/nstim-ng-connected-after-ves-pnf-registration-in-odlux.png "ves:pnfRegistration in ODLUX")
-
-'True' indicated that the settings through SDN-R to the NETCONF server were
-successful.
-
-SDN-R reads the fault events from DMaaP and processes them.
-Finally the fault events are visible in ODLUX.
-
-![ves:fault in ODLUX](docs/ves-fault-in-odlux.png "ves:fault in ODLUX")
-
-
-### Log files and karaf console
-
-#### ODL karaf.logs
-
-```
-docker exec -it sdnr tail -f /opt/opendaylight/data/log/karaf.log
-```
-
-#### karaf console access (karaf:karaf)
-
-```
-ssh karaf@localhost -p 8101
-```
-
-#### ves-collector logs
-
-```
-docker logs -f ves-collector
-```
-
-#### onap-policy apex logs
-
-```
-docker logs policy-apex-pdp
-```
-
-#### Non-RT-RIC logs
-
-```
-docker logs policy-agent
-docker logs oru-app
-docker logs ecs
-```
-
-### Customizing Solution
-
-'.env' file contains customizing parameters
-
-### Verification Solution
-
-#### Access to SDN-R ODLUX
-
-##### Login into SDN-R
-
- https://sdnc-web:8453
-
- User: admin // see .env file
-
- Password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
-In case of trouble, please update the commands with your customized '.env' file.
-
-#### Access to Topology Service
-
-```
-curl -u admin:admin http://localhost:18181/rests/data/network-topology:network-topology/topology=topology-netconf/node=o-ran-sc-topology-service/yang-ext:mount/tapi-common:context/tapi-topology:topology-context
-```
-
-#### Access to Wireshark
-
-```
- http://localhost:3000
-```
-
-Select the interfaces you would like to capture.
-As first guess, please select the bridge interfaces.
-### Terminate solution
-
-To stop all container please respect the following order
-
-```
-docker-compose -f network/docker-compose.yml down
-docker-compose -f smo/oam/docker-compose.yml down
-docker-compose -f smo/onap-policy/docker-compose.yml down
-docker-compose -f smo/non-rt-ric/docker-compose.yml down
-docker-compose -f smo/common/docker-compose.yml down
-```
-
-### Cleanup
-
-!!! be careful if other stopped containers are on the same system
-```
-docker system prune -a -f
-```
-### Troubleshooting
-
-In most cases the .env setting do not fit to the environment and need to be
-adjusted.
-
-Please make sure that the network settings to not overlap with other networks.
-
-The commands ...
-```
-docker ps -a
-docker-compose ps
-
-## Prerequisites
-# python3, tmux, libtmux
-tmux new-session -n workspace -s integration
-
-# within tmux session
-python tmux-logging.py
-```
-... are your friends.
-
-![tmux logging](docs/tmux-logging.png "tmux logging")
\ No newline at end of file
+++ /dev/null
-################################################################################
-# Copyright 2022 highstreet technologies and others
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-COMPOSE_PROJECT_NAME=o-ran-sc-g-release
-
-# Credentials
-
-ADMIN_USERNAME=admin
-ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
-# Network settings
-# Please update /etc/docker/daemon.json accordingly
-# https://docs.docker.com/config/daemon/ipv6/
-NETWORK_SUBNET_SMO=2001:db8:1:40::/96
-NETWORK_GATEWAY_SMO=2001:db8:1:40::1
-
-# Identity server
-IDENTITY_IMAGE=bitnami/keycloak:18.0.2
-IDENTITY_MGMT_USERNAME=manager
-IDENTITY_MGMT_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-IDENTITY_PORT_HTTPS=8463
-IDENTITY_PROVIDER_URL=https://identity:8463
-
-# PERSISTENCE (including SDN-R Database)
-PERSISTENCE_IMAGE=docker.elastic.co/elasticsearch/elasticsearch-oss:7.9.3
-
-## ZooKeeper
-ZOOKEEPER_IMAGE=nexus3.onap.org:10001/onap/dmaap/zookeeper:6.0.3
-
-## Kafka
-KAFKA_IMAGE=nexus3.onap.org:10001/onap/dmaap/kafka111:1.0.4
-
-## DMaaP
-DMAAP_IMAGE=nexus3.onap.org:10001/onap/dmaap/dmaap-mr:1.1.18
-
-# O-RAN-SC Topology service
-O_RAN_SC_TOPOLOGY_IMAGE=nexus3.o-ran-sc.org:10004/o-ran-sc/smo-nts-ng-topology-server:1.4.5
-
-# Wireshark
-WIRESHARK_IMAGE=lscr.io/linuxserver/wireshark
+++ /dev/null
-################################################################################
-# Copyright 2022 highstreet technologies GmbH
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-version: '3.8'
-services:
-
- identity:
- image: ${IDENTITY_IMAGE}
- container_name: identity
- ports:
- - ${IDENTITY_PORT_HTTPS}:${IDENTITY_PORT_HTTPS}
- environment:
- - KEYCLOAK_HTTPS_PORT=${IDENTITY_PORT_HTTPS}
- - KEYCLOAK_CREATE_ADMIN_USER=true
- - KEYCLOAK_ADMIN_USER=${ADMIN_USERNAME}
- - KEYCLOAK_ADMIN_PASSWORD=${ADMIN_PASSWORD}
- - KEYCLOAK_MANAGEMENT_USER=${IDENTITY_MGMT_USERNAME}
- - KEYCLOAK_MANAGEMENT_PASSWORD=${IDENTITY_MGMT_PASSWORD}
- - KEYCLOAK_DATABASE_HOST=identitydb
- - KEYCLOAK_DATABASE_NAME=keycloak
- - KEYCLOAK_DATABASE_USER=keycloak
- - KEYCLOAK_DATABASE_PASSWORD=keycloak
- - KEYCLOAK_JDBC_PARAMS=sslmode=disable&connectTimeout=30000
- - KEYCLOAK_PRODUCTION=false
- - KEYCLOAK_ENABLE_TLS=true
- - KEYCLOAK_TLS_KEYSTORE_FILE=/opt/bitnami/keycloak/certs/keystore.jks
- - KEYCLOAK_TLS_TRUSTSTORE_FILE=/opt/bitnami/keycloak/certs/truststore.jks
- - KEYCLOAK_TLS_KEYSTORE_PASSWORD=password
- - KEYCLOAK_TLS_TRUSTSTORE_PASSWORD=changeit
- # - JAVA_OPTS=-Djboss.http.port=${IDENTITY_PORT}
- # - JAVA_OPTS=-Djboss.bind.address.private=[::1] -Djboss.bind.address=[::1] -Djava.net.preferIPv6Addresses=true -Djava.net.preferIPv4Stack=false
- volumes:
- - /etc/localtime:/etc/localtime:ro
- - ./identity/standalone.xml:/opt/jboss/keycloak/standalone/configuration/standalone.xml
- - ./identity/keystore.jks:/opt/bitnami/keycloak/certs/keystore.jks
- - ./identity/truststoreONAPall.jks:/opt/bitnami/keycloak/certs/truststore.jks
- depends_on:
- - identitydb
- networks:
- - dmz
-
- identitydb:
- image: docker.io/bitnami/postgresql:13
- container_name: identitydb
- environment:
- - ALLOW_EMPTY_PASSWORD=no
- - POSTGRESQL_USERNAME=keycloak
- - POSTGRESQL_DATABASE=keycloak
- - POSTGRESQL_PASSWORD=keycloak
- networks:
- - dmz
-
-
- persistence:
- image: ${PERSISTENCE_IMAGE}
- container_name: persistence
- environment:
- - discovery.type=single-node
-
- zookeeper:
- image: ${ZOOKEEPER_IMAGE}
- container_name: zookeeper
- ports:
- - 2181:2181
- environment:
- ZOOKEEPER_REPLICAS: 1
- ZOOKEEPER_TICK_TIME: 2000
- ZOOKEEPER_SYNC_LIMIT: 5
- ZOOKEEPER_INIT_LIMIT: 10
- ZOOKEEPER_MAX_CLIENT_CNXNS: 200
- ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT: 3
- ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL: 24
- ZOOKEEPER_CLIENT_PORT: 2181
- KAFKA_OPTS: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl
- ZOOKEEPER_SERVER_ID:
- volumes:
- - ./zookeeper/zk_server_jaas.conf:/etc/zookeeper/secrets/jaas/zk_server_jaas.conf
-
- kafka:
- image: ${KAFKA_IMAGE}
- container_name: kafka
- ports:
- - 9092:9092
- environment:
- enableCadi: 'false'
- KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
- KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS: 40000
- KAFKA_ZOOKEEPER_SESSION_TIMEOUT_MS: 40000
- KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT
- KAFKA_ADVERTISED_LISTENERS: INTERNAL_PLAINTEXT://kafka:9092
- KAFKA_LISTENERS: INTERNAL_PLAINTEXT://0.0.0.0:9092
- KAFKA_INTER_BROKER_LISTENER_NAME: INTERNAL_PLAINTEXT
- KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE: 'false'
- KAFKA_OPTS: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/zk_client_jaas.conf
- KAFKA_ZOOKEEPER_SET_ACL: 'true'
- KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
- # Reduced the number of partitions only to avoid the timeout error for the first subscribe call in slow environment
- KAFKA_OFFSETS_TOPIC_NUM_PARTITIONS: 1
- volumes:
- - ./kafka/zk_client_jaas.conf:/etc/kafka/secrets/jaas/zk_client_jaas.conf
- depends_on:
- - zookeeper
-
- dmaap:
- container_name: onap-dmaap
- image: ${DMAAP_IMAGE}
- ports:
- - 3904:3904
- - 3905:3905
- environment:
- enableCadi: 'false'
- volumes:
- - ./dmaap/MsgRtrApi.properties:/appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties
- - ./dmaap/logback.xml:/appl/dmaapMR1/bundleconfig/etc/logback.xml
- - ./dmaap/cadi.properties:/appl/dmaapMR1/etc/cadi.properties
- depends_on:
- - zookeeper
- - kafka
-
- o-ran-sc-topology-service:
- image: "${O_RAN_SC_TOPOLOGY_IMAGE}"
- container_name: o-ran-sc-topology-service
- hostname: o-ran-sc-topology-service
- ports:
- - 18181:8181
- volumes:
- - ./o-ran-sc-topology-service/tapi-common-operational.json:/opt/dev/deploy/data/tapi-common-operational.json
- - ./o-ran-sc-topology-service/tapi-common-running.json:/opt/dev/deploy/data/tapi-common-running.json
-
- wireshark:
- image: "${WIRESHARK_IMAGE}"
- container_name: wireshark
- cap_add:
- - NET_ADMIN
- network_mode: host
- environment:
- - PUID=1000
- - PGID=1000
- - TZ=Europe/London
- volumes:
- - ./wireshark:/config
- # no port mappbecause of network mode host.
- # ports:
- # - 3000:3000
- restart: unless-stopped
-networks:
- dmz:
- driver: bridge
- name: dmz
- enable_ipv6: false
- default:
- driver: bridge
- name: smo
- enable_ipv6: true
- ipam:
- driver: default
- config:
- - subnet: ${NETWORK_SUBNET_SMO}
- gateway: ${NETWORK_GATEWAY_SMO}
+++ /dev/null
-################################################################################
-# Copyright 2021 highstreet technologies and others
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-COMPOSE_PROJECT_NAME=o-ran-sc-g-release
-
-# Credentials
-ADMIN_USERNAME=admin
-ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
-# Network settings
-
-# Please update /etc/docker/daemon.json accordingly
-# https://docs.docker.com/config/daemon/ipv6/
-NETWORK_SUBNET_OAM_IPv6=2001:db8:1:50::/96
-NETWORK_GATEWAY_OAM_IPv6=2001:db8:1:50::1
-
-# Identity server
-IDENTITY_PROVIDER_URL=https://identity:8463
-
-# SDN Controller
-SDNC_IMAGE=nexus3.onap.org:10001/onap/sdnc-image:2.4.0
-SDNC_REST_PORT=8181
-SDNC_OAM_IPv6=2001:db8:1:50::23
-SDNC_CERT_DIR=/opt/opendaylight/current/certs
-
-# SDN Controller Web
-SDNC_WEB_IMAGE=nexus3.onap.org:10001/onap/sdnc-web-image:2.4.0
-SDNC_WEB_PORT=8453
-
-## VES Collector
-VES_COLLECTOR_IMAGE=nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1
-VES_COLLECTOR_OAM_IPv6=2001:db8:1:50::27
-VES_COLLECTOR_IP=ves-collector
-VES_COLLECTOR_PORT=8443
-VES_COLLECTOR_USERNAME=sample1
-VES_COLLECTOR_PASSWORD=sample1
+++ /dev/null
-################################################################################
-# Copyright 2021 highstreet technologies GmbH
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-version: '3.8'
-services:
- sdnc-web:
- image: ${SDNC_WEB_IMAGE}
- container_name: sdnc-web
- ports:
- - ${SDNC_WEB_PORT}:${SDNC_WEB_PORT}
- environment:
- - ENABLE_OAUTH=true
- - WEBPROTOCOL=HTTPS
- - WEBPORT=${SDNC_WEB_PORT}
- - SDNRPROTOCOL=http
- - SDNRHOST=sdnr
- - SDNRPORT=${SDNC_REST_PORT}
- - SSL_CERT_DIR=/opt/app/osaaf/local/certs
- - SSL_CERTIFICATE=cert.pem
- - SSL_CERTIFICATE_KEY=key.pem
- volumes:
- - ./sdnc-web:/opt/app/osaaf/local/certs
- networks:
- dmz:
- smo:
-
- sdnr:
- image: ${SDNC_IMAGE}
- container_name: sdnr
- ports:
- - ${SDNC_REST_PORT}:8181
- - 6666:6666
- - 4335:4335
- environment:
- - ENABLE_ODL_CLUSTER=false
- - ENABLE_OAUTH=true
- - ODL_CERT_DIR=${SDNC_CERT_DIR}
- - ODL_ADMIN_PASSWORD=${ADMIN_PASSWORD}
- - SDNC_CONFIG_DIR=/opt/onap/ccsdk/data/properties
- - SDNC_REPLICAS=0
- - CCSDK_REPLICAS=0
- - DOMAIN=""
- - SDNRWT=true
- - SDNRONLY=true
- - SDNRINIT=true
- - SDNRDM=true
- - SDNRDBURL=http://persistence:9200
- - SDNR_NETCONF_CALLHOME_ENABLED=true
- - A1_ADAPTER_NORTHBOUND=false
- - JAVA_OPTS=-Xms256m -Xmx4g
- - IDENTITY_PROVIDER_URL=${IDENTITY_PROVIDER_URL}
- - SDNC_WEB_URL=https://sdnc-web:${SDNC_WEB_PORT}
- - SDNR_VES_COLLECTOR_ENABLED=true
- - SDNR_VES_COLLECTOR_TLS_ENABLED=true
- - SDNR_VES_COLLECTOR_TRUST_ALL_CERTS=true
- - SDNR_VES_COLLECTOR_IP=ves-collector
- - SDNR_VES_COLLECTOR_PORT=$VES_COLLECTOR_PORT
- - SDNR_VES_COLLECTOR_VERSION=v7
- - SDNR_VES_COLLECTOR_REPORTING_ENTITY_NAME=ONAP SDN-R
- - SDNR_VES_COLLECTOR_EVENTLOG_MSG_DETAIL=LONG
- - SDNR_VES_COLLECTOR_USERNAME=${VES_COLLECTOR_USERNAME}
- - SDNR_VES_COLLECTOR_PASSWORD=${VES_COLLECTOR_PASSWORD}
- volumes:
- - ./sdnr/oauth-aaa-app-config.xml:/opt/onap/sdnc/data/oauth-aaa-app-config.xml
- - ./sdnr/oauth-provider.config.json:/opt/opendaylight/etc/oauth-provider.config.json
- - ./sdnr/devicemanager.properties:/opt/opendaylight/etc/devicemanager.properties
- - ./sdnr/mountpoint-registrar.properties:/opt/opendaylight/etc/mountpoint-registrar.properties
- - ./sdnr/certs/certs.properties:${SDNC_CERT_DIR}/certs.properties
- - ./sdnr/certs/keys0.zip:${SDNC_CERT_DIR}/keys0.zip
- networks:
- dmz:
- smo:
- default:
- ipv6_address: ${SDNC_OAM_IPv6}
-
- ves-collector:
- image: ${VES_COLLECTOR_IMAGE}
- container_name: ves-collector
- environment:
- DMAAPHOST: onap-dmaap
- ports:
- - 8443:8443
- volumes:
- - ./ves-collector/collector.properties:/opt/app/VESCollector/etc/collector.properties
- - ./ves-collector/ves-dmaap-config.json:/opt/app/VESCollector/etc/ves-dmaap-config.json
- - ./ves-collector/externalRepo:/opt/app/VESCollector/etc/externalRepo
- networks:
- smo:
- default:
- ipv6_address: ${VES_COLLECTOR_OAM_IPv6}
-
-networks:
- dmz:
- external: true
- smo:
- external: true
- default:
- driver: bridge
- name: oam
- enable_ipv6: true
- ipam:
- driver: default
- config:
- - subnet: ${NETWORK_SUBNET_OAM_IPv6}
- gateway: ${NETWORK_GATEWAY_OAM_IPv6}
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV\r
-BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx\r
-NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK\r
-DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC\r
-ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7\r
-XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn\r
-H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM\r
-pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7\r
-NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg\r
-2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY\r
-wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd\r
-ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM\r
-P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6\r
-aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY\r
-PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G\r
-A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ\r
-UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN\r
-BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz\r
-L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9\r
-7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx\r
-c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf\r
-jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2\r
-RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h\r
-PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF\r
-CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+\r
-Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A\r
-cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR\r
-ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX\r
-dYY=
------END CERTIFICATE-----
+++ /dev/null
-Bag Attributes
- friendlyName: sdnc@sdnc.onap.org
- localKeyID: 54 69 6D 65 20 31 36 31 31 36 38 33 32 39 38 35 32 32
-Key Attributes: <No Attributes>
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIk4s7xBaGXdgCAggA
-MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECI7qjnyFxa3mBIIEyHgvXzCmhOT/
-atHsneicZqaGXxz57z1mPosvGwf2w6WerxOyW+cFejNepgMH+c5MQAfTuTD0H5g3
-SoyC9TKfHBld439sKO3hnDBROsypugO2uP4ownGiKQxOdwHNCOS8nC1EbUYC6nHR
-B5QtRpDHZzB2t9dd6+RU1PuPUFRxjIPZsCM1DdKKhMHQHr8WDSbi170XfzC6O2Ko
-23tgDq9cQYTqmgFedjyWpEmxfcibaujGOZ4VQej+tn60A03cXHG05tN/XvDCbQty
-9bw1kiS8e+qmdUhkEIhR2aY0Z9sCUOLwJPDg/1vE0ZwK/bRGRD432PD+dmSLFV+v
-m2m/ec8IQer8hCleI6GBaFI28QZyS2jznbzS7b/hU+nyxkZXejAymU1OBcNV4H8M
-qf5ITWs+Ma5fc/8X90MlJacmBo3JuusTvDImLFP+5Nn5Yo3cnDeiAyMo0vFuywrv
-bATYAncPlzksb6py3D5iXmLxREgLI14/TdZLhcYXBHw76oPz+/CH0A2P/HICPIjr
-zF8U6zNI4bIguBTfVmm6YLjzOkVkKx4e/0fJiQO1yhzIsghhByIMg1uPcm0olNQz
-r+YRPKTqFCPRxyGgPMleN56qeLhN8Q1WyJzIJoVVpDFc+4Stbv71C/po6/6A3v4r
-hGUPCSsj8wJN+ozdamDWpeyRVCwXmmKwJU96pbnhdH/l6CPjmniAuKLzOMLJH1AD
-FJEm1Frpz40BDC2U/165+nlfcHZfePWVPpNuqWzUfywqu8ORS/pYhapFoLLafQIn
-22KhnPnbNXclIzuI0wiKjoNAfzJM0S9hysdojK/bptaZXUFeBEe41A8exuOjOxRh
-pJqqgq2cRx6cmnAy0dr54+GoZr3haQCqTk814cxumOHqQdWllblA1D9b5Wd+8T5+
-tYdzYatsvjeY/VDH5czAbUhgBHGO3Vkxm49QemcopNDeCZ7RXmSwl2X6HLfCwnfH
-9zsdNrIMfSTdRk9H4iHTyFRyoPViX6wYxlD7B9hJWggEyDVg9RvJImOSKyWk+NKd
-WmfxaywgUJkxsJeEBCso8V690lm//oWrc17qWEd29h/9J0MPNa2zXJyG1Yq1RohZ
-JW3IcnE8gCoyHVjxBCVjKPA6dXtfDNfmCDyEG+GgPglQUj9TBIRGmn9e067M6dB9
-vhnK12SBQNTyoH5vWSbP2u5wk6jV5QKYyqMbNHAD1uvsBbWy4FpoI+epp2Y3XcAr
-kgBzopKSaCbj1thxxUHsMYBspVDR+D0SR4fsHhj+Y3jmr37s3q1NOSkWUMcMa7Hi
-zaozRSo8hYUwP5RHpPcNCTcK0dhFPAWXyGPtP7IribGQDhUAdde/s4yPuSLa28zy
-uTKWU5vSlaE+9WRSKvbA8HdKTPv45dV/qUCHITvPOdsqkWJ3qhNQMrrD9Mx17oj/
-zGZTcRGQG62dfYUR9v2rGE6Gj7MzaE1SrQgYqtCzWfJ9e3fBqOlko5jtZ5Kz86DU
-ZFISrkb1sATngzWFtvyNgHFx4fUsYDJbc8XlB47H5Byyj/6SypS6dMpwqpNezn8s
-xQi3yUfpg7GQzTFKdwmqK/KVeh0KZF/0FM+ZCUPh6IaRDcp8+Hm7H72ZD4vPxs4s
-8bvLx9bxfiI+/6Om51IQrQ==
------END ENCRYPTED PRIVATE KEY-----
-Bag Attributes
- friendlyName: sdnc@sdnc.onap.org
- localKeyID: 54 69 6D 65 20 31 36 31 31 36 38 33 32 39 38 35 32 32
-subject=CN = sdnc, OU = sdnc@sdnc.onap.org:DEV, OU = OSAAF, O = ONAP, C = US
-
-issuer=C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_9
-
------BEGIN CERTIFICATE-----
-MIIE6zCCA9OgAwIBAgIJALyx+8HFJuYTMA0GCSqGSIb3DQEBCwUAMEcxCzAJBgNV
-BAYTAlVTMQ0wCwYDVQQKDARPTkFQMQ4wDAYDVQQLDAVPU0FBRjEZMBcGA1UEAwwQ
-aW50ZXJtZWRpYXRlQ0FfOTAeFw0yMTAxMjYxNzQ4MThaFw0yMjAxMjYxNzQ4MTha
-MFwxDTALBgNVBAMMBHNkbmMxHzAdBgNVBAsMFnNkbmNAc2RuYy5vbmFwLm9yZzpE
-RVYxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALQtwrW3Eiru18BADUiBIbEU
-sruiLu63h6jDprLqrxGt57d5MSpxaRoOPoWDPE/Z6LvMwTGfiQIPsFnZ2H3YtDsI
-/p1fOFAHxCUl5Cs4HnYjJUkDs2U7dXUYZR8enNPZRfFZNUOajxERUgyE/0g+yHS1
-AlysMInFDblmNEYgQoNiN996FpBamHivCDXw612bBkkZQOTeKJaCZ0DPGIYGAJtf
-Q1kIL7Y1D3c3C0VD39homtxqIb21rje63YVISprbfKX0RxijkWw0wXjaRDwxPGwH
-TrDHgsrPH/zv9Hak6cJkTw5e7VBHHlL1sHYgPSDLd/8PFGkmD4a/N/IKLy/14KMC
-AwEAAaOCAcMwggG/MAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1UdJQEB
-/wQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBUBgNVHSMETTBLgBSB95lbELnIjN7z
-Ul7qTmmgQz6s3aEwpC4wLDEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAx
-CzAJBgNVBAYTAlVTggEHMB0GA1UdDgQWBBRUhHQPlauGoN9fiGiB7WYr+oIHJDCC
-AQkGA1UdEQSCAQAwgf2BH21hcmsuZC5tYW5hZ2VyQHBlb3BsZS5vc2FhZi5jb22C
-BHNkbmOCG2MxLnZtMS5zZG5jLnNpbXBsZWRlbW8ub25hcIIbYzIudm0xLnNkbmMu
-c2ltcGxlZGVtby5vbmFwghtjMy52bTEuc2RuYy5zaW1wbGVkZW1vLm9uYXCCG2M0
-LnZtMS5zZG5jLnNpbXBsZWRlbW8ub25hcIIJb25hcC1zZG5jgg5vbmFwLXNkbmMu
-b25hcIIcc2RuYy5hcGkuc2ltcGxlZGVtby5vbmFwLm9yZ4IJc2RuYy5vbmFwghx2
-bTEuc2RuYy5zaW1wbGVkZW1vLm9uYXAub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQAg
-7fybHysjWyKejSfPnodYuLfQoCIaXe5C4JbwLGKweAost5E6ud2rscN/c5UYNPs/
-IskfnMxULLzJpEXdUHwLQaLJj0fQQBRHq23s8P7Emu44ZeEzxAQfI+4pKRzTYxag
-4dIitf91nhUq5SQI/pcki+/ElkwfeKHYQLBDU8ygG/gZKh1UHxIjfva7v/ENqL2h
-H8UDXsLhOx/guaJzH2CRQdKMminsdtnNgSRRPzWRe4EMc2ah6G6E4B/Za/n7Rhq5
-r6jpvM/XIxPCY4ci5jJIbvdahS4I54kMaLRTSl4gT8+n8ie/GzhZlXX+1MR8HCZc
-8SWDYxmc8MkJ20iekiSc
------END CERTIFICATE-----
-Bag Attributes
- friendlyName: CN=intermediateCA_9,OU=OSAAF,O=ONAP,C=US
-subject=C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_9
-
-issuer=OU = OSAAF, O = ONAP, C = US
-
------BEGIN CERTIFICATE-----
-MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
-RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
-MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
-A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
-neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
-o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
-nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
-v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
-15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
-gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
-M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
-BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
-AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
-ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
-u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
-+pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
-QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
-8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
-kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
-aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
-uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
-tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
-BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
------END CERTIFICATE-----
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC0LcK1txIq7tfA
-QA1IgSGxFLK7oi7ut4eow6ay6q8Rree3eTEqcWkaDj6FgzxP2ei7zMExn4kCD7BZ
-2dh92LQ7CP6dXzhQB8QlJeQrOB52IyVJA7NlO3V1GGUfHpzT2UXxWTVDmo8REVIM
-hP9IPsh0tQJcrDCJxQ25ZjRGIEKDYjffehaQWph4rwg18OtdmwZJGUDk3iiWgmdA
-zxiGBgCbX0NZCC+2NQ93NwtFQ9/YaJrcaiG9ta43ut2FSEqa23yl9EcYo5FsNMF4
-2kQ8MTxsB06wx4LKzx/87/R2pOnCZE8OXu1QRx5S9bB2ID0gy3f/DxRpJg+Gvzfy
-Ci8v9eCjAgMBAAECggEAbB+J2MIjhOAPWK8XSYs0TK+/EhohT9+S6RN/1Z4/sLxL
-cS6o8m9cQuaJXlWCu+hoYUpeJQk3jqUbjs/LurlwbnzXTlj10hDXA/PZGJZ0sTAm
-D8rIvNcRhVM+W45jTj30WwDNleQKNpPOSPUGvLPwVxjIchRijEpUEg3jELILOAuW
-ebloKLqc5SDAPKIpepZO7bz4L/dVlQSEBp3OTzyfeecbBNS2Vfw0K+I5BqGJAssZ
-Dq+ixSHRj6mdvm7tf5e14j65W8VKvUoHbktp9z2OBCItySV4g1dqrfM7T9SqsosH
-cbwR5dIieiFnhdg94rfpzH2QTCBt5MGUpCcv+CbQAQKBgQDkenCAImG1jAjzQNxb
-7LXLJeIqJC2E3290hEYge2Bi+1/WmV222AAwNUEPQfKa7qUJRLpX8a4p+9kTaZos
-93szyYEyp4vf93GDHvQPmKMJDCbbxa94txd5dnrtYTN+MCPjpwr+75++JRUUwcNr
-k3mkzM87zhSBkyYcGiCsza4gQQKBgQDJ4enp8Zly3GqufbWJNpKut6e9hC6f4qWi
-4qRUBmjnogm0HiGmn83n9B6SI6OnaRy/dXgPBogZDeETyzGu78nArDK+cy8wSy0H
-aPuApqGJzsuAl6YWudYt4ooBcJL99XgTGxFAb2q04JKxh18V6DRfj7pY2uhZongI
-OdcMSE2H4wKBgQCUzNEcAkhUbmEd264oCB/VsFR9UZZ7pPD3l3X8jZ2WmVQvdS69
-eCuXOfenMjIIiUfeo24g/HuLSER2Ch6pDnykm6WTEd9c+9Bnru8QgT4dFFbyZusC
-2WtmZa1lkBpzInMdPptAsVr+ATSbkh3tn9xnYiPNNUfRo738K2AAauvugQKBgQCd
-dzbqoOXdr4sOm0LzybtTyDBwJB/x2ej0Se9/EpjUw5DqCu6YduE2YTVPK7lEpTol
-JE0G+0NAt5CtzbntB1/Ihwf1gQZ3lsuCkiJJ0K8DPGeC38ZOx5kFpUObp+EfcU29
-KUmlhsImX1xMWJiUD9B6ETN6hxTghVc2o1bXX7YJnQKBgQCGiRnjCEmKd8hefkS8
-ub9F4kdOzXmG4XhK+oZWVGPXIGfnoxm6IbWcjSArA/m8TLfJSHPKujnLOnOkffpi
-7+PWzTHn5BFDGUb8z3mxwJV8e9szoDkljoiUwYU/S8eatAm6lyJv1gp2wmDI9DfT
-86BefCEvGk3EzAo3L6hhHdICzA==
------END PRIVATE KEY-----
-
+++ /dev/null
-keys0.zip
-***********
+++ /dev/null
-################################################################################
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-################################################################################
-
-#
-# Comma separated list of features repositories to register by default
-#
-featuresRepositories = file:${karaf.etc}/db8aa871-2190-4400-922c-6055a7c56102.xml, mvn:org.onap.ccsdk.sli.core/ccsdk-sli-core-all/1.2.2/xml/features, mvn:org.onap.ccsdk.sli.adaptors/ccsdk-sli-adaptors-all/1.2.2/xml/features, mvn:org.onap.ccsdk.sli.northbound/ccsdk-sli-northbound-all/1.2.2/xml/features, mvn:org.onap.ccsdk.sli.plugins/ccsdk-sli-plugins-all/1.2.2/xml/features, mvn:org.onap.ccsdk.features/ccsdk-features-all/1.1.4/xml/features, mvn:org.onap.ccsdk.oran/a1-adapter-northbound/1.1.4/xml/features, mvn:org.onap.ccsdk.features.sdnr.northbound/sdnr-northbound-all/1.1.4/xml/features, mvn:org.onap.ccsdk.features.sdnr.wt/sdnr-wt-feature-aggregator/1.1.4/xml/features, mvn:org.onap.ccsdk.features.sdnr.wt/sdnr-wt-feature-aggregator-oauth/1.1.4/xml/features, mvn:org.onap.ccsdk.features.sdnr.wt/sdnr-wt-feature-aggregator-devicemanager/1.1.4/xml/features, mvn:org.onap.ccsdk.features.sdnr.wt/sdnr-wt-feature-aggregator-devicemanager-base/1.1.4/xml/features ,mvn:org.onap.sdnc.northbound/sdnc-northbound-all/2.1.3/xml/features
-
-#
-# Comma separated list of features to install at startup
-#
-featuresBoot = 8a02945f-f980-4626-8ccc-87334d9e1d06,odl-restconf-all,odl-netconf-topology,odl-mdsal-all,odl-mdsal-apidocs, odl-daexim-all, odl-restconf-nb-rfc8040, odl-netconf-callhome-ssh, sdnr-wt-feature-aggregator-devicemanager-base,sdnr-wt-feature-aggregator-devicemanager,sdnr-wt-helpserver-feature,sdnr-wt-odlux-core-feature,sdnr-wt-odlux-apps-feature
-
-#
-# Resource repositories (OBR) that the features resolver can use
-# to resolve requirements/capabilities
-#
-# The format of the resourceRepositories is
-# resourceRepositories=[xml:url|json:url],...
-# for Instance:
-#
-#resourceRepositories=xml:http://host/path/to/index.xml
-# or
-#resourceRepositories=json:http://host/path/to/index.json
-#
-
-#
-# Defines if the boot features are started in asynchronous mode (in a dedicated thread)
-#
-featuresBootAsynchronous=false
-
-#
-# Service requirements enforcement
-#
-# By default, the feature resolver checks the service requirements/capabilities of
-# bundles for new features (xml schema >= 1.3.0) in order to automatically installs
-# the required bundles.
-# The following flag can have those values:
-# - disable: service requirements are completely ignored
-# - default: service requirements are ignored for old features
-# - enforce: service requirements are always verified
-#
-#serviceRequirements=default
-
-#
-# Store cfg file for config element in feature
-#
-#configCfgStore=true
-
-#
-# Configuration of features processing mechanism (overrides, blacklisting, modification of features)
-# XML file defines instructions related to features processing
-# versions.properties may declare properties to resolve placeholders in XML file
-# both files are relative to ${karaf.etc}
-#
-#featureProcessing=org.apache.karaf.features.xml
-#featureProcessingVersions=versions.properties
# limitations under the License.
#
-COMPOSE_PROJECT_NAME=o-ran-sc-g-release
+COMPOSE_PROJECT_NAME=o-ran-sc-h-release
# Credentials
ADMIN_USERNAME=admin
# SDN Controller
SDNC_REST_PORT=8181
SDNC_OAM_IPv6=2001:db8:1:50::23
+SDNC_OAM_HOST=controller.oam.smo.o-ran-sc.org
# VES Collector
VES_COLLECTOR_OAM_IPv6=2001:db8:1:50::27
+VES_COLLECTOR_OAM_HOST=ves-collector.oam.smo.o-ran-sc.org
# NTS NG settings
NEXUS3_DOCKER_REPO=nexus3.o-ran-sc.org:10004/o-ran-sc/
NTS_BUILD_VERSION=1.5.2
IPv6_ENABLED=true
-SSH_CONNECTIONS=0
-TLS_CONNECTIONS=1
+SSH_CONNECTIONS=1
+TLS_CONNECTIONS=0
NTS_HOST_IP=2a00:7b80:454:2000::2
NTS_HOST_BASE_PORT=50000
NTS_HOST_NETCONF_SSH_BASE_PORT=0
NTS_NF_MOUNT_POINT_ADDRESSING_METHOD=docker-mapping
-SDN_CONTROLLER_PROTOCOL=http
+SDN_CONTROLLER_PROTOCOL=https
# ssh: SDN_CONTROLLER_CALLHOME_PORT=6666
-SDN_CONTROLLER_CALLHOME_PORT=4335
+SDN_CONTROLLER_CALLHOME_PORT=4334
VES_COMMON_HEADER_VERSION=7.2.1
VES_ENDPOINT_PROTOCOL=https
-VES_ENDPOINT_PORT=8443
+VES_ENDPOINT_PORT=443
VES_ENDPOINT_AUTH_METHOD=basic-auth
VES_ENDPOINT_USERNAME=sample1
VES_ENDPOINT_PASSWORD=sample1
#!/usr/bin/env python
################################################################################
-# Copyright 2021 highstreet technologies GmbH
+# Copyright 2023 highstreet technologies GmbH
#
# Licensed under the Apache License, Version 2.0 (the 'License');
# you may not use this file except in compliance with the License.
import json
import requests
import subprocess
+import pathlib
+from jproperties import Properties
+
+def get_environment_variable(name):
+ configs = Properties()
+ path = pathlib.Path( os.path.dirname(os.path.abspath(__file__)) )
+ env_file = str(path.absolute()) + '/.env'
+ with open(env_file, "rb") as read_prop:
+ configs.load(read_prop)
+ return configs.get(name).data
dockerFilter = subprocess.check_output("docker ps --format '{{.Names}}'", shell=True)
containers = dockerFilter.splitlines()
mapping = dict({"ntsim-ng-o-ru": "O-RU", "ntsim-ng-o-du": "O-DU"})
# base = 'https://sdnc-web:8453'
-base = 'https://localhost:8453'
+base = get_environment_variable('SDN_CONTROLLER_PROTOCOL') + '://' + get_environment_variable('SDNC_OAM_HOST')
username = 'admin'
password = 'Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U'
################################################################################
-# Copyright 2021 highstreet technologies GmbH
+# Copyright 2023 highstreet technologies GmbH
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
NTS_HOST_TRANSFER_SFTP_BASE_PORT: ${NTS_HOST_TRANSFER_SFTP_BASE_PORT}
SDN_CONTROLLER_PROTOCOL: ${SDN_CONTROLLER_PROTOCOL}
- SDN_CONTROLLER_IP: ${SDNC_OAM_IPv6}
- SDN_CONTROLLER_PORT: ${SDNC_REST_PORT}
+ SDN_CONTROLLER_IP: ${SDNC_OAM_HOST}
+ # SDN_CONTROLLER_PORT: ${SDNC_REST_PORT}
SDN_CONTROLLER_CALLHOME_IP: ${SDNC_OAM_IPv6}
SDN_CONTROLLER_CALLHOME_PORT: ${SDN_CONTROLLER_CALLHOME_PORT}
SDN_CONTROLLER_USERNAME: ${ADMIN_USERNAME}
VES_COMMON_HEADER_VERSION: ${VES_COMMON_HEADER_VERSION}
VES_ENDPOINT_PROTOCOL: ${VES_ENDPOINT_PROTOCOL}
- VES_ENDPOINT_IP: ${VES_COLLECTOR_OAM_IPv6}
+ VES_ENDPOINT_IP: ${VES_COLLECTOR_OAM_HOST}
VES_ENDPOINT_PORT: ${VES_ENDPOINT_PORT}
VES_ENDPOINT_AUTH_METHOD: ${VES_ENDPOINT_AUTH_METHOD}
VES_ENDPOINT_USERNAME: ${VES_ENDPOINT_USERNAME}
+++ /dev/null
-# Service Management and Orchestration (SMO)
-
-This project focus on a docker-compose deployment solution for SMO/OAM Components.
-
-## Introduction
-
-With respect to OAM the SMO implements the O1-interface consumers.
-According to the O-RAN OAM Architecture and the O-RAN OAM Interface Specification,
-the SMO implements a NETCONF Client for configuration and a HTTP/REST/VES server
-for receiving all kind of events in VES format.
-
-The setup contains an OpenDaylight based NETCONF client and an ONAP VES Collector.
-
-## SMO OAM Components
-
-This docker-compose file starts a pre-configured, self-contained SDN-R solution
-with the following components.
-
- * **Identity**
- ... representing an KeyCloak based identity service for centralized user
- management. Please note that the implementation does not support IPv6.
- Therefore, its own network is required called 'DMZ'.
- In this configuration the external https port is 8463.
-
- * **SDN-R** single node instance
-
- ... representing the NETCONF consumer on the Service Management and
- Orchestration framework (SMO) for the O1 interface based on
- ODL.
- SDN-R comes with is own web-portal the external port is 8463.
-
- * **VES collector**
-
- ... representing the VES (REST) provider at SMO for all kind of events. In this configuration the external https port is 8443.
-
- * **DMaaP**
- ... representing SMO DMaaP component, includes message-router
-
-## Prerequisites
-
-```
-$ cat /etc/os-release | grep PRETTY_NAME
-PRETTY_NAME="Ubuntu 20.04.2 LTS"
-
-$ docker --version
-Docker version 20.10.7, build 20.10.7-0ubuntu1~20.04.2
-
-$ docker-compose version
-docker-compose version 1.29.1, build c34c88b2
-docker-py version: 5.0.0
-CPython version: 3.7.10
-OpenSSL version: OpenSSL 1.1.0l 10 Sep 2019
-
-
-$ git --version
-git version 2.25.1
-
-```
-Please modify the /etc/hosts of your system.
-
-* \<your-system>: is the hostname of the system, where the browser is started
-
-* \<deployment-system-ipv4>: is the IP address of the system where the solution will be deployed
-
-For development purposes <your-system> and <deployment-system> may reference the same system.
-
-```
-$ cat /etc/hosts
-127.0.0.1 localhost
-127.0.1.1 <your-system>
-<deployment-system-ipv4> sdnc-web <your-system>
-<deployment-system-ipv4> identity <your-system>
-```
-
-It is beneficial (but not mandatory) adding the following line add the
-end of your ~/.bashrc file. I will suppress warnings when python script
-do not verify self signed certificates for HTTPS communication.
-
-```
-export PYTHONWARNINGS="ignore:Unverified HTTPS request"
-```
-
-Please ensure that you download and copy the required 3GPP OpenAPIs for VES-stndDefined
-message validation into the folder './solution/operation-and-maintenance/smo/oam/ves-collector/externalRepo'.
-
-Please follow the instructions in ./solution/operation-and-maintenance/smo/oam/ves-collector/externalRepo/3gpp/rep/sa5/MnS/blob/Rel16/OpenAPI/README.md.
-
-The following tree shows the successfully tested folder structure. It combines different versions of the schemas ('Rel16' and 'SA88-Rel16') using 3GPP branch names.
-
-```
-$ tree solution/operation-and-maintenance/smo/oam/ves-collector/externalRepo/
-solution/operation-and-maintenance/smo/oam/ves-collector/externalRepo/
-├── 3gpp
-│  └── rep
-│  └── sa5
-│  └── MnS
-│  └── blob
-│  ├── Rel16
-│  │  └── OpenAPI
-│  │  ├── README.md
-│  │ ├── TS28532_FaultMnS.yaml
-│  │ ├── TS28532_FileDataReportingMnS.yaml
-│  │ ├── TS28532_HeartbeatNtf.yaml
-│  │ ├── TS28532_PerfMnS.yaml
-│  │ ├── TS28532_ProvMnS.yaml
-│  │ ├── TS28532_StreamingDataMnS.yaml
-│  │ ├── TS28536_CoslaNrm.yaml
-│  │ ├── TS28541_5GcNrm.yaml
-│  │ ├── TS28541_NrNrm.yaml
-│  │ ├── TS28541_SliceNrm.yaml
-│  │ ├── TS28550_PerfMeasJobCtrlMnS.yaml
-│  │ ├── TS28623_ComDefs.yaml
-│  │ ├── TS28623_GenericNrm.yaml
-│  │ ├── TS29512_Npcf_SMPolicyControl.yaml
-│  │ ├── TS29514_Npcf_PolicyAuthorization.yaml
-│  │ └── TS29571_CommonData.yaml
-│  └── SA88-Rel16
-│  └── OpenAPI
-│  ├── 5gcNrm.yaml
-│  ├── PerDataFileReportMnS.yaml
-│  ├── PerMeasJobCtlMnS.yaml
-│  ├── PerThresMonMnS.yaml
-│  ├── PerfDataStreamingMnS.yaml
-│  ├── README.md
-│  ├── comDefs.yaml
-│  ├── coslaNrm.yaml
-│  ├── faultMnS.yaml
-│  ├── genericNrm.yaml
-│  ├── heartbeatNtf.yaml
-│  ├── nrNrm.yaml
-│  ├── provMnS.yaml
-│  ├── sliceNrm.yaml
-│  └── streamingDataMnS.yaml
-```
-
-## Expected Folder Structure
-
-The following figure show the expected folder structure for the different
-docker-compose file and its configurations.
-
-```
-├── network
-│ ├── .env
-│ ├── config.py
-│ ├── docker-compose.yml
-│ │
-│ ├── ntsim-ng-o-du
-│ └── ntsim-ng-o-ru
-└── smo
- ├── common
- │ ├── .env
- │ ├── docker-compose.yml
- │ │
- │ ├── dmaap
- │ ├── docker
- │ ├── identity
- │ ├── kafka
- │ └── zookeeper
- └── oam
- ├── .env
- ├── docker-compose.yml
- │
- ├── web
- ├── controller
- └── ves-collector
-```
-
-## Usage
-
-### Bring Up Solution
-
-#### Short story
-
-The following commands should be invoked. More detailed can be found in the
-next chapters.
-
-```
-docker-compose -f smo/common/docker-compose.yml up -d
-# wait until the cpu load is low again
-python smo/common/identity/config.py
-
-docker-compose -f smo/oam/docker-compose.yml up -d
-# wait until the cpu load is low again
-
-docker-compose -f network/docker-compose.yml up -d
-# wait about 2min
-docker restart ntsim-ng-o-du-1122
-python network/config.py
-```
-
-#### Check (adjust if required) environment variables
-
-```
-nano smo/common/.env
-nano smo/oam/.env
-nano network/.env
-```
-
-The tested configuration uses the following external https ports:
-
- * 8443 for the ves-collector
- * 8453 for web access to ODLUX (SDNC_WEB_PORT)
- * 8463 for the keyclock web administrator user interface.
-
-#### Startup solution
-
-Please note that it is necessary to configure first the identity service,
-before starting further docker images.
-
-The several docker-compose yml files must be started in the right order as listed below:
-
-```
-docker-compose -f smo/common/docker-compose.yml up -d
-python smo/common/identity/config.py
-```
-
-The python script configure the users within the identity service (keycloak).
-A system user (%USER) is also created with administration rights.
-
-
-```
-docker-compose -f smo/oam/docker-compose.yml up -d
-```
-
-Looking into the ONAP SDN-R logs will give you the startup procedure.
-
-```
-docker logs -f sdnr
-```
-
-The startup was successful when you see the following line:
-
-```
-Everything OK in Certificate Installation
-```
-
-If you see the login page (https://sdnc-web:8453) you are good to go and can start the (simulated) network.
-
-```
-docker-compose -f network/docker-compose.yml up -d
-```
-
-Usually the first ves:event gets lost. Please restart the O-DU docker container(s) to send a second ves:pnfRegistration.
-
-```
-docker-compose -f network/docker-compose.yml restart ntsim-ng-o-du-1122
-python network/config.py
-```
-
-The python script configures the simulated O-DU and O-RU according to O-RAN hybrid architecture.
-
-O-DU - NETCONF Call HOME and NETCONF notifications
-O-RU - ves:pnfRegistration and ves:fault, ves:heartbeat
-
-![ves:pnfRegistration in ODLUX](docs/nstim-ng-connected-after-ves-pnf-registration-in-odlux.png "ves:pnfRegistration in ODLUX")
-
-'True' indicated that the settings through SDN-R to the NETCONF server were
-successful.
-
-SDN-R reads the fault events from DMaaP and processes them.
-Finally the fault events are visible in ODLUX.
-
-![ves:fault in ODLUX](docs/ves-fault-in-odlux.png "ves:fault in ODLUX")
-
-
-### Log files and karaf console
-
-#### ODL karaf.logs
-
-```
-docker exec -it sdnr tail -f /opt/opendaylight/data/log/karaf.log
-```
-
-#### ves-collector logs
-
-```
-docker logs -f ves-collector
-```
-
-### Customizing Solution
-
-'.env' file contains customizing parameters
-
-### Verification Solution
-
-#### Access to SDN-R ODLUX
-
-##### Login into SDN-R
-
- https://sdnc-web:8453
-
- User: admin // see .env file
-
- Password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
-In case of trouble, please update the commands with your customized '.env' file.
-
-### Terminate solution
-
-To stop all container please respect the following order
-
-```
-docker-compose -f network/docker-compose.yml down
-docker-compose -f smo/oam/docker-compose.yml down
-docker-compose -f smo/common/docker-compose.yml down
-```
-
-### Cleanup
-
-!!! be careful if other stopped containers are on the same system
-```
-docker system prune -a -f
-```
-### Troubleshooting
-
-In most cases the .env setting do not fit to the environment and need to be
-adjusted.
-
-Please make sure that the network settings to not overlap with other networks.
-
-The commands ...
-```
-docker ps -a
-docker-compose ps
+++ /dev/null
-# Deployment Process
-
-If all goes well the commands and its responses looks like this:
-
-```
-demx8as6@oam.orbit-lab.org$ docker-compose -f smo/common/docker-compose.yml up -d
-Creating zookeeper ... done
-Creating identity ... done
-Creating persistence ... done
-Creating kafka ... done
-Creating onap-dmaap ... done
-
-demx8as6@oam.orbit-lab.org$ python smo/common/identity/config.py
-Got token!
-User leia.organa created!
-User r2.d2 created!
-User luke.skywalker created!
-User jargo.fett created!
-User martin.skorupski created!
-User demx8as6 created!
-User role demx8as6 administration created!
-User role jargo.fett supervision created!
-User role leia.organa administration created!
-User role luke.skywalker provision created!
-User role martin.skorupski administration created!
-User role r2.d2 administration created!
-
-demx8as6@oam.orbit-lab.org$ docker-compose -f smo/oam/docker-compose.yml up -d
-WARNING: Found orphan containers (kafka, persistence, identity, zookeeper, onap-dmaap) for this project. If you removed or renamed this service in your compose file, you can run this command with the --remove-orphans flag to clean it up.
-Creating sdnc-web ... done
-Creating sdnr ... done
-Creating ves-collector ... done
-
-demx8as6@oam.orbit-lab.org$ docker-compose -f network/docker-compose.yml up -d
-Creating ntsim-ng-o-du-1122 ... done
-Creating ntsim-ng-o-ru-fh-11223 ... done
-Creating ntsim-ng-o-ru-fh-11221 ... done
-Creating ntsim-ng-o-ru-fh-11222 ... done
-
-demx8as6@oam.orbit-lab.org$ docker restart ntsim-ng-o-du-1122
-ntsim-ng-o-du-1122
-
-demx8as6@oam.orbit-lab.org$ python network/config.py
-Set O-RU-11222 True
-Set O-RU-11221 True
-Set O-DU-1122 True
-Set O-RU-11223 True
-
-demx8as6@oam.orbit-lab.org$
-```
-
-# Verification with ODLUX
-
-The ODLUX web application is accessible at port 8453.
-
-```
-https://sdnc-web:8453/
-```
-
-## Connect
-
-At the 'Connect' page, 4 connections to the simulated network should be in state 'connected'. This validates the secure (TLS) VES:PNF-Registration and NETCONF CallHome onboarding is correctly configured for IPv6.
-
-![Automated onboarding using NETCONF CallHome or VES:PNF-Registration](docs/smo-oam-test-01.png "Automated onboarding using NETCONF CallHome or VES:PNF-Registration")
-
-## Fault
-
-The simulated Network is configured in a way that spontaneous fault messages are send to the SMO using the VES or the NETCONF protocol.
-
-At the 'Fault' page on tab 'Alarm Log' NETCONF and VES fault notification should be visible.
-
-![Fault notification (NETCONF and VES)](docs/smo-oam-test-02.png "Fault notification (NETCONF and VES)")
-
+++ /dev/null
-../integration/network
\ No newline at end of file
+++ /dev/null
-../../../integration/smo/common/dmaap
\ No newline at end of file
+++ /dev/null
-../../../integration/smo/common/docker
\ No newline at end of file
+++ /dev/null
-################################################################################
-# Copyright 2022 highstreet technologies GmbH
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-version: '3.8'
-services:
-
- identity:
- image: ${IDENTITY_IMAGE}
- container_name: identity
- ports:
- - ${IDENTITY_PORT_HTTPS}:${IDENTITY_PORT_HTTPS}
- environment:
- - KEYCLOAK_HTTPS_PORT=${IDENTITY_PORT_HTTPS}
- - KEYCLOAK_CREATE_ADMIN_USER=true
- - KEYCLOAK_ADMIN_USER=${ADMIN_USERNAME}
- - KEYCLOAK_ADMIN_PASSWORD=${ADMIN_PASSWORD}
- - KEYCLOAK_MANAGEMENT_USER=${IDENTITY_MGMT_USERNAME}
- - KEYCLOAK_MANAGEMENT_PASSWORD=${IDENTITY_MGMT_PASSWORD}
- - KEYCLOAK_DATABASE_HOST=identitydb
- - KEYCLOAK_DATABASE_NAME=keycloak
- - KEYCLOAK_DATABASE_USER=keycloak
- - KEYCLOAK_DATABASE_PASSWORD=keycloak
- - KEYCLOAK_JDBC_PARAMS=sslmode=disable&connectTimeout=30000
- - KEYCLOAK_PRODUCTION=false
- - KEYCLOAK_ENABLE_TLS=true
- - KEYCLOAK_TLS_KEYSTORE_FILE=/opt/bitnami/keycloak/certs/keystore.jks
- - KEYCLOAK_TLS_TRUSTSTORE_FILE=/opt/bitnami/keycloak/certs/truststore.jks
- - KEYCLOAK_TLS_KEYSTORE_PASSWORD=password
- - KEYCLOAK_TLS_TRUSTSTORE_PASSWORD=changeit
- volumes:
- - /etc/localtime:/etc/localtime:ro
- - ./identity/standalone.xml:/opt/jboss/keycloak/standalone/configuration/standalone.xml
- - ./identity/keystore.jks:/opt/bitnami/keycloak/certs/keystore.jks
- - ./identity/truststoreONAPall.jks:/opt/bitnami/keycloak/certs/truststore.jks
- depends_on:
- - identitydb
- networks:
- - dmz
-
- identitydb:
- image: docker.io/bitnami/postgresql:13
- container_name: identitydb
- environment:
- - ALLOW_EMPTY_PASSWORD=no
- - POSTGRESQL_USERNAME=keycloak
- - POSTGRESQL_DATABASE=keycloak
- - POSTGRESQL_PASSWORD=keycloak
- networks:
- - dmz
-
-
- persistence:
- image: ${PERSISTENCE_IMAGE}
- container_name: persistence
- environment:
- - discovery.type=single-node
-
- zookeeper:
- image: ${ZOOKEEPER_IMAGE}
- container_name: zookeeper
- ports:
- - 2181:2181
- environment:
- ZOOKEEPER_REPLICAS: 1
- ZOOKEEPER_TICK_TIME: 2000
- ZOOKEEPER_SYNC_LIMIT: 5
- ZOOKEEPER_INIT_LIMIT: 10
- ZOOKEEPER_MAX_CLIENT_CNXNS: 200
- ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT: 3
- ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL: 24
- ZOOKEEPER_CLIENT_PORT: 2181
- KAFKA_OPTS: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl
- ZOOKEEPER_SERVER_ID:
- volumes:
- - ./zookeeper/zk_server_jaas.conf:/etc/zookeeper/secrets/jaas/zk_server_jaas.conf
-
- kafka:
- image: ${KAFKA_IMAGE}
- container_name: kafka
- ports:
- - 9092:9092
- environment:
- enableCadi: 'false'
- KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
- KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS: 40000
- KAFKA_ZOOKEEPER_SESSION_TIMEOUT_MS: 40000
- KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT
- KAFKA_ADVERTISED_LISTENERS: INTERNAL_PLAINTEXT://kafka:9092
- KAFKA_LISTENERS: INTERNAL_PLAINTEXT://0.0.0.0:9092
- KAFKA_INTER_BROKER_LISTENER_NAME: INTERNAL_PLAINTEXT
- KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE: 'false'
- KAFKA_OPTS: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/zk_client_jaas.conf
- KAFKA_ZOOKEEPER_SET_ACL: 'true'
- KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
- # Reduced the number of partitions only to avoid the timeout error for the first subscribe call in slow environment
- KAFKA_OFFSETS_TOPIC_NUM_PARTITIONS: 1
- volumes:
- - ./kafka/zk_client_jaas.conf:/etc/kafka/secrets/jaas/zk_client_jaas.conf
- depends_on:
- - zookeeper
-
- dmaap:
- container_name: onap-dmaap
- image: ${DMAAP_IMAGE}
- ports:
- - 3904:3904
- - 3905:3905
- environment:
- enableCadi: 'false'
- volumes:
- - ./dmaap/MsgRtrApi.properties:/appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties
- - ./dmaap/logback.xml:/appl/dmaapMR1/bundleconfig/etc/logback.xml
- - ./dmaap/cadi.properties:/appl/dmaapMR1/etc/cadi.properties
- depends_on:
- - zookeeper
- - kafka
-
-networks:
- dmz:
- driver: bridge
- name: dmz
- enable_ipv6: false
- default:
- driver: bridge
- name: smo
- enable_ipv6: true
- ipam:
- driver: default
- config:
- - subnet: ${NETWORK_SUBNET_SMO}
- gateway: ${NETWORK_GATEWAY_SMO}
+++ /dev/null
-../../../integration/smo/common/identity/
\ No newline at end of file
+++ /dev/null
-../../../integration/smo/common/kafka
\ No newline at end of file
+++ /dev/null
-../../../integration/smo/common/zookeeper
\ No newline at end of file
+++ /dev/null
-../../../integration/smo/oam/sdnr
\ No newline at end of file
+++ /dev/null
-../../../integration/smo/oam/ves-collector
\ No newline at end of file
+++ /dev/null
-../../../integration/smo/oam/sdnc-web
\ No newline at end of file
# limitations under the License.
#
-COMPOSE_PROJECT_NAME=o-ran-sc-g-release
-
# Credentials
-
ADMIN_USERNAME=admin
ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
NETWORK_SUBNET_SMO=2001:db8:1:40::/96
NETWORK_GATEWAY_SMO=2001:db8:1:40::1
+# traefik network
+SOLUTION_DOMAIN=smo.o-ran-sc.org
+TRAEFIK_IMAGE=traefik:v2.9
+TRAEFIK_LOG_LEVEL=DEBUG
+TRAEFIK_NETWORK_NAME=smo
+TRAEFIK_SUBNET=172.30.0.0/16
+TRAEFIK_SUBNET_IPv6=2001:db8:1:30::/64
+TRAEFIK_SUBNET_IPv6_PRE_STRING=2001:db8:1:30
+TRAEFIK_GATEWAY_IP=172.30.0.1
+TRAEFIK_GATEWAY_IPv6=${TRAEFIK_SUBNET_IPv6_PRE_STRING}:172:30:0:1
+
# Identity server
IDENTITY_IMAGE=bitnami/keycloak:18.0.2
+IDENTITYDB_IMAGE=docker.io/bitnami/postgresql:13
IDENTITY_MGMT_USERNAME=manager
IDENTITY_MGMT_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-IDENTITY_PORT_HTTPS=8463
-IDENTITY_PROVIDER_URL=https://identity:8463
+# IDENTITY_PORT_HTTPS=8463
+IDENTITY_PROVIDER_URL=https://identity.smo.o-ran-sc.org
# PERSISTENCE (including SDN-R Database)
PERSISTENCE_IMAGE=docker.elastic.co/elasticsearch/elasticsearch-oss:7.9.3
## Kafka
KAFKA_IMAGE=nexus3.onap.org:10001/onap/dmaap/kafka111:1.0.4
-## DMaaP
+## Messages (DMaaP)
DMAAP_IMAGE=nexus3.onap.org:10001/onap/dmaap/dmaap-mr:1.1.18
--- /dev/null
+# no more versions needed! Compose spec supports all features w/o a version
+services:
+
+ gateway:
+ image: ${TRAEFIK_IMAGE}
+ container_name: gateway
+ hostname: gateway
+ healthcheck:
+ test:
+ - CMD
+ - traefik
+ - healthcheck
+ - --ping
+ interval: 10s
+ timeout: 5s
+ retries: 3
+ restart: always
+ ports:
+ - 80:80
+ - 443:443
+ command:
+ - --serverstransport.insecureskipverify=true
+ - --log.level=${TRAEFIK_LOG_LEVEL}
+ - --global.sendanonymoususage=false
+ - --global.checkNewVersion=false
+ - --api.insecure=true
+ - --api.dashboard=true
+ - --api.debug=true
+ - --ping
+ - --accesslog=false
+ - --entrypoints.web.address=:80
+ - --entrypoints.web.http.redirections.entrypoint.to=websecure
+ - --entrypoints.web.http.redirections.entrypoint.scheme=https
+ - --entrypoints.websecure.address=:443
+ - --entrypoints.websecure.http.tls.domains[0].main=gateway.${SOLUTION_DOMAIN}
+ - --entrypoints.websecure.http.tls.domains[0].sans=*.${SOLUTION_DOMAIN}
+ - --providers.docker.endpoint=unix:///var/run/docker.sock
+ - --providers.docker.network=${TRAEFIK_NETWORK_NAME}
+ - --providers.docker.exposedByDefault=false
+ - --providers.docker.watch=true
+ - --providers.file.filename=/middleware.yml
+ volumes:
+ - /var/run/docker.sock:/var/run/docker.sock:ro
+ - ./gateway/conf/middleware.yml:/middleware.yml:ro
+ - ./gateway/conf/.htpasswd:/.htpasswd:ro
+ labels:
+ traefik.enable: true
+ traefik.http.middlewares.traefik-auth.basicauth.usersfile: .htpasswd
+ traefik.http.routers.gateway.rule: Host(`gateway.${SOLUTION_DOMAIN}`)
+ traefik.http.routers.gateway.entrypoints: websecure
+ traefik.http.routers.gateway.service: api@internal
+ traefik.http.routers.gateway.middlewares: strip
+ traefik.http.middlewares.strip.stripprefix.prefixes: /traefik
+ traefik.http.routers.gateway.tls: true
+ traefik.http.services.gateway.loadbalancer.server.port: 8080
+ networks:
+ - dmz
+ - default
+
+ identitydb:
+ image: ${IDENTITYDB_IMAGE}
+ container_name: identitydb
+ hostname: identitydb
+ environment:
+ - ALLOW_EMPTY_PASSWORD=no
+ - POSTGRESQL_USERNAME=keycloak
+ - POSTGRESQL_DATABASE=keycloak
+ - POSTGRESQL_PASSWORD=keycloak
+
+ identity:
+ image: ${IDENTITY_IMAGE}
+ container_name: identity
+ hostname: identity
+ environment:
+ - KEYCLOAK_CREATE_ADMIN_USER=true
+ - KEYCLOAK_ADMIN_USER=${ADMIN_USERNAME}
+ - KEYCLOAK_ADMIN_PASSWORD=${ADMIN_PASSWORD}
+ - KEYCLOAK_MANAGEMENT_USER=${IDENTITY_MGMT_USERNAME}
+ - KEYCLOAK_MANAGEMENT_PASSWORD=${IDENTITY_MGMT_PASSWORD}
+ - KEYCLOAK_DATABASE_HOST=identitydb
+ - KEYCLOAK_DATABASE_NAME=keycloak
+ - KEYCLOAK_DATABASE_USER=keycloak
+ - KEYCLOAK_DATABASE_PASSWORD=keycloak
+ - KEYCLOAK_JDBC_PARAMS=sslmode=disable&connectTimeout=30000
+ - KEYCLOAK_PRODUCTION=false
+ - KEYCLOAK_ENABLE_TLS=true
+ - KEYCLOAK_TLS_KEYSTORE_FILE=/opt/bitnami/keycloak/certs/keystore.jks
+ - KEYCLOAK_TLS_TRUSTSTORE_FILE=/opt/bitnami/keycloak/certs/truststore.jks
+ - KEYCLOAK_TLS_KEYSTORE_PASSWORD=password
+ - KEYCLOAK_TLS_TRUSTSTORE_PASSWORD=changeit
+ restart: unless-stopped
+ volumes:
+ - /etc/localtime:/etc/localtime:ro
+ - ./identity/standalone.xml:/opt/jboss/keycloak/standalone/configuration/standalone.xml
+ - ./identity/keystore.jks:/opt/bitnami/keycloak/certs/keystore.jks
+ - ./identity/truststoreONAPall.jks:/opt/bitnami/keycloak/certs/truststore.jks
+ labels:
+ traefik.enable: true
+ traefik.http.routers.identity.entrypoints: websecure
+ traefik.http.routers.identity.rule: Host(`identity.${SOLUTION_DOMAIN}`)
+ traefik.http.routers.identity.tls: true
+ traefik.http.services.identity.loadbalancer.server.port: 8080
+ depends_on:
+ identitydb:
+ condition: service_started
+ gateway:
+ condition: service_healthy
+
+ persistence:
+ image: ${PERSISTENCE_IMAGE}
+ container_name: persistence
+ environment:
+ - discovery.type=single-node
+
+ zookeeper:
+ image: ${ZOOKEEPER_IMAGE}
+ container_name: zookeeper
+ # ports:
+ # - 2181:2181
+ environment:
+ ZOOKEEPER_REPLICAS: 1
+ ZOOKEEPER_TICK_TIME: 2000
+ ZOOKEEPER_SYNC_LIMIT: 5
+ ZOOKEEPER_INIT_LIMIT: 10
+ ZOOKEEPER_MAX_CLIENT_CNXNS: 200
+ ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT: 3
+ ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL: 24
+ ZOOKEEPER_CLIENT_PORT: 2181
+ KAFKA_OPTS: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl
+ ZOOKEEPER_SERVER_ID:
+ volumes:
+ - ./zookeeper/zk_server_jaas.conf:/etc/zookeeper/secrets/jaas/zk_server_jaas.conf
+
+ kafka:
+ image: ${KAFKA_IMAGE}
+ container_name: kafka
+ environment:
+ enableCadi: 'false'
+ KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
+ KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS: 40000
+ KAFKA_ZOOKEEPER_SESSION_TIMEOUT_MS: 40000
+ KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT
+ KAFKA_ADVERTISED_LISTENERS: INTERNAL_PLAINTEXT://kafka:9092
+ KAFKA_LISTENERS: INTERNAL_PLAINTEXT://0.0.0.0:9092
+ KAFKA_INTER_BROKER_LISTENER_NAME: INTERNAL_PLAINTEXT
+ KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE: 'false'
+ KAFKA_OPTS: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/zk_client_jaas.conf
+ KAFKA_ZOOKEEPER_SET_ACL: 'true'
+ KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
+ # Reduced the number of partitions only to avoid the timeout error for the first subscribe call in slow environment
+ KAFKA_OFFSETS_TOPIC_NUM_PARTITIONS: 1
+ volumes:
+ - ./kafka/zk_client_jaas.conf:/etc/kafka/secrets/jaas/zk_client_jaas.conf
+ depends_on:
+ zookeeper:
+ condition: service_started
+
+ messages:
+ image: ${DMAAP_IMAGE}
+ container_name: messages
+ hostname: messages
+ environment:
+ enableCadi: 'false'
+ volumes:
+ - ./messages/MsgRtrApi.properties:/appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties
+ - ./messages/logback.xml:/appl/dmaapMR1/bundleconfig/etc/logback.xml
+ - ./messages/cadi.properties:/appl/dmaapMR1/etc/cadi.properties
+ labels:
+ traefik.enable: true
+ traefik.http.routers.messages.entrypoints: websecure
+ traefik.http.routers.messages.rule: Host(`messages.${SOLUTION_DOMAIN}`)
+ traefik.http.routers.messages.tls: true
+ traefik.http.services.messages.loadbalancer.server.port: 3904
+ depends_on:
+ kafka:
+ condition: service_started
+ gateway:
+ condition: service_healthy
+
+networks:
+ dmz:
+ name: dmz
+ driver: bridge
+ enable_ipv6: false
+ ipam:
+ driver: default
+ config:
+ - subnet: ${TRAEFIK_SUBNET}
+ gateway: ${TRAEFIK_GATEWAY_IP}
+ - subnet: ${TRAEFIK_SUBNET_IPv6}
+ gateway: ${TRAEFIK_GATEWAY_IPv6}
+ default:
+ name: ${TRAEFIK_NETWORK_NAME}
# importing the sys, json, requests library
import os
+import pathlib
import sys
import json
import time
def get_environment_variable(name):
configs = Properties()
- env_file = os.path.dirname(os.path.abspath(__file__)) + '/' + '../' + '.env'
+ path = pathlib.Path( os.path.dirname(os.path.abspath(__file__)) )
+ env_file = str(path.parent.absolute()) + '/.env'
with open(env_file, "rb") as read_prop:
configs.load(read_prop)
return configs.get(name).data
def isReady(timeoutSeconds=180):
- url = getBaseUrl()
+ url = getBaseUrl();
while timeoutSeconds > 0:
try:
response = requests.get(url, verify=False, headers={})
"clientAuthenticatorType": "client-secret",
"secret": "2a64fdca-c205-4b52-9f58-195ccc142ddb",
"redirectUris": [
- "https://sdnc-web:8453/*"
+ "https://odlux.oam.smo.o-ran-sc.org/*"
],
"webOrigins": [],
"notBefore": 0,
# limitations under the License.
#
-COMPOSE_PROJECT_NAME=o-ran-sc-g-release
+COMPOSE_PROJECT_NAME=o-ran-sc-h-release
# Credentials
ADMIN_USERNAME=admin
NETWORK_SUBNET_OAM_IPv6=2001:db8:1:50::/96
NETWORK_GATEWAY_OAM_IPv6=2001:db8:1:50::1
+# traefik network
+SOLUTION_DOMAIN=smo.o-ran-sc.org
+TRAEFIK_NETWORK_NAME=dmz
+
# Identity server
-IDENTITY_PROVIDER_URL=https://identity:8463
+IDENTITY_PROVIDER_URL=https://identity.smo.o-ran-sc.org
# SDN Controller
-SDNC_IMAGE=nexus3.onap.org:10001/onap/sdnc-image:2.4.0
+SDNC_IMAGE=nexus3.onap.org:10001/onap/sdnc-image:2.4.2
SDNC_REST_PORT=8181
SDNC_OAM_IPv6=2001:db8:1:50::23
SDNC_CERT_DIR=/opt/opendaylight/current/certs
# SDN Controller Web
-SDNC_WEB_IMAGE=nexus3.onap.org:10001/onap/sdnc-web-image:2.4.0
-SDNC_WEB_PORT=8453
+SDNC_WEB_IMAGE=nexus3.onap.org:10001/onap/sdnc-web-image:2.4.2
+SDNC_WEB_PORT=8080
## VES Collector
VES_COLLECTOR_IMAGE=nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1
VES_COLLECTOR_OAM_IPv6=2001:db8:1:50::27
VES_COMMON_HEADER_VERSION=7.2.1
-VES_ENDPOINT_PROTOCOL=https
-VES_ENDPOINT_PORT=8443
+VES_ENDPOINT_PROTOCOL=http
+VES_ENDPOINT_PORT=8080
VES_ENDPOINT_AUTH_METHOD=basic-auth
VES_ENDPOINT_USERNAME=sample1
VES_ENDPOINT_PASSWORD=sample1
\ No newline at end of file
[VESCollector]
VES_COLLECTOR_ENABLED=true
-VES_COLLECTOR_TLS_ENABLED=true
+VES_COLLECTOR_TLS_ENABLED=false
VES_COLLECTOR_TRUST_ALL_CERTS=true
VES_COLLECTOR_USERNAME=sample1
VES_COLLECTOR_PASSWORD=sample1
VES_COLLECTOR_IP=ves-collector
-VES_COLLECTOR_PORT=8443
+VES_COLLECTOR_PORT=8080
VES_COLLECTOR_VERSION=v7
REPORTING_ENTITY_NAME=ONAP SDN-R
EVENTLOG_MSG_DETAIL=LONG
sdnrPasswd=${ODL_ADMIN_PASSWORD}
[fault]
-faultConsumerClass=org.onap.ccsdk.features.sdnr.wt.mountpointregistrar.impl.DMaaPFaultVESMsgConsumer
TransportType=HTTPNOAUTH
-host=onap-dmaap:3904
+host=messages:3904
topic=unauthenticated.SEC_FAULT_OUTPUT
contenttype=application/json
group=myG
fetchPause=5000
[pnfRegistration]
-pnfRegConsumerClass=org.onap.ccsdk.features.sdnr.wt.mountpointregistrar.impl.DMaaPPNFRegVESMsgConsumer
TransportType=HTTPNOAUTH
-host=onap-dmaap:3904
+host=messages:3904
topic=unauthenticated.VES_PNFREG_OUTPUT
contenttype=application/json
group=myG
limit=1000
fetchPause=5000
+[provisioning]
+TransportType=HTTPNOAUTH
+host=messages:3904
+topic=unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT
+contenttype=application/json
+group=myG
+id=C1
+timeout=20000
+limit=10000
+fetchPause=5000
\ No newline at end of file
{
"tokenSecret": "my-secret",
"tokenIssuer": "ONAP-SDNC",
- "publicUrl": "https://sdnc-web:8453",
+ "publicUrl": "https://odlux.oam.smo.o-ran-sc.org",
"redirectUri": "/odlux/index.html#/oauth?token=",
"supportOdlUsers": "true",
"providers": [
{
"id": "identity",
"type": "KEYCLOAK",
- "url": "https://identity:8463",
- "internalUrl": "https://identity:8463",
+ "url": "https://identity.smo.o-ran-sc.org",
"clientId": "odlux.app",
"openIdConfigUrl": "/realms/onap/.well-known/openid-configuration",
"secret": "2a64fdca-c205-4b52-9f58-195ccc142ddb",
-################################################################################
-# Copyright 2021 highstreet technologies GmbH
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-version: '3.8'
+# no more versions needed! Compose spec supports all features w/o a version
services:
- sdnc-web:
+
+ odlux:
image: ${SDNC_WEB_IMAGE}
- container_name: sdnc-web
- ports:
- - ${SDNC_WEB_PORT}:${SDNC_WEB_PORT}
+ container_name: odlux
+ hostname: odlux
environment:
- ENABLE_OAUTH=true
- - WEBPROTOCOL=HTTPS
+ - WEBPROTOCOL=HTTP
- WEBPORT=${SDNC_WEB_PORT}
- SDNRPROTOCOL=http
- SDNRHOST=sdnr
- SDNRPORT=${SDNC_REST_PORT}
- - SSL_CERT_DIR=/opt/app/osaaf/local/certs
- - SSL_CERTIFICATE=cert.pem
- - SSL_CERTIFICATE_KEY=key.pem
- volumes:
- - ./web:/opt/app/osaaf/local/certs
+ labels:
+ traefik.enable: true
+ traefik.http.routers.sdnc-web.entrypoints: websecure
+ traefik.http.routers.sdnc-web.rule: Host(`odlux.oam.${SOLUTION_DOMAIN}`)
+ traefik.http.routers.sdnc-web.tls: true
+ traefik.http.services.sdnc-web.loadbalancer.server.port: ${SDNC_WEB_PORT}
networks:
- dmz:
smo:
sdnr:
image: ${SDNC_IMAGE}
container_name: sdnr
+ hostname: sdnr
ports:
- - ${SDNC_REST_PORT}:8181
- 6666:6666
- 4335:4335
environment:
- ENABLE_ODL_CLUSTER=false
- ENABLE_OAUTH=true
- - ODL_CERT_DIR=${SDNC_CERT_DIR}
- ODL_ADMIN_PASSWORD=${ADMIN_PASSWORD}
- SDNC_CONFIG_DIR=/opt/onap/ccsdk/data/properties
- SDNC_REPLICAS=0
- A1_ADAPTER_NORTHBOUND=false
- JAVA_OPTS=-Xms256m -Xmx4g
- IDENTITY_PROVIDER_URL=${IDENTITY_PROVIDER_URL}
- - SDNC_WEB_URL=https://sdnc-web:${SDNC_WEB_PORT}
+ - SDNC_WEB_URL=https://odlux.oam.${SOLUTION_DOMAIN}
- SDNR_VES_COLLECTOR_ENABLED=true
- - SDNR_VES_COLLECTOR_TLS_ENABLED=true
+ - SDNR_VES_COLLECTOR_TLS_ENABLED=false
- SDNR_VES_COLLECTOR_TRUST_ALL_CERTS=true
- SDNR_VES_COLLECTOR_IP=ves-collector
- SDNR_VES_COLLECTOR_PORT=$VES_ENDPOINT_PORT
- ./controller/oauth-provider.config.json:/opt/opendaylight/etc/oauth-provider.config.json
- ./controller/devicemanager.properties:/opt/opendaylight/etc/devicemanager.properties
- ./controller/mountpoint-registrar.properties:/opt/opendaylight/etc/mountpoint-registrar.properties
- - ./controller/certs/certs.properties:${SDNC_CERT_DIR}/certs.properties
- - ./controller/certs/keys0.zip:${SDNC_CERT_DIR}/keys0.zip
+ labels:
+ traefik.enable: true
+ traefik.http.routers.sdnr.entrypoints: websecure
+ traefik.http.routers.sdnr.rule: Host(`controller.oam.${SOLUTION_DOMAIN}`)
+ traefik.http.routers.sdnr.tls: true
+ traefik.http.services.sdnr.loadbalancer.server.port: 8181
networks:
- dmz:
smo:
default:
ipv6_address: ${SDNC_OAM_IPv6}
ves-collector:
image: ${VES_COLLECTOR_IMAGE}
container_name: ves-collector
+ hostname: ves-collector
environment:
- DMAAPHOST: onap-dmaap
- ports:
- - 8443:8443
+ DMAAPHOST: messages
volumes:
- ./ves-collector/collector.properties:/opt/app/VESCollector/etc/collector.properties
- ./ves-collector/ves-dmaap-config.json:/opt/app/VESCollector/etc/ves-dmaap-config.json
- ./ves-collector/externalRepo:/opt/app/VESCollector/etc/externalRepo
+ labels:
+ traefik.enable: true
+ traefik.http.routers.ves.entrypoints: websecure
+ traefik.http.routers.ves.rule: Host(`ves-collector.oam.${SOLUTION_DOMAIN}`)
+ traefik.http.routers.ves.tls: true
+ traefik.http.services.ves.loadbalancer.server.port: ${VES_ENDPOINT_PORT}
networks:
smo:
- default:
- ipv6_address: ${VES_COLLECTOR_OAM_IPv6}
networks:
- dmz:
- external: true
smo:
external: true
default:
ipam:
driver: default
config:
- - subnet: ${NETWORK_SUBNET_OAM_IPv6}
- gateway: ${NETWORK_GATEWAY_OAM_IPv6}
+ - subnet: "${NETWORK_SUBNET_OAM_IPv6}"
+ gateway: "${NETWORK_GATEWAY_OAM_IPv6}"
\ No newline at end of file
## - At this time, the server always binds to 0.0.0.0
##
##
-#collector.service.port=8080
+collector.service.port=8080
## Authentication is only supported via secure port
## When enabled - require valid keystore defined
-collector.service.secure.port=8443
+# collector.service.secure.port=8443
# auth.method flags:
#
# noAuth - default option - no security (http)
# certBasicAuth - auth by certificate and basic auth username / password (https)
-auth.method=certBasicAuth
+auth.method=noAuth
## Combination of userid,hashPassword encoded pwd list to be supported
## userid and pwd comma separated; pipe delimitation between each pair
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-statechange": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-thresholdCrossingAlert": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-heartbeat": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.SEC_HEARTBEAT_OUTPUT/"
}
},
"ves-other": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.SEC_OTHER_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.SEC_OTHER_OUTPUT/"
}
},
"ves-mobileflow": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-sipsignaling": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-voicequality": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-fault": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.SEC_FAULT_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.SEC_FAULT_OUTPUT/"
}
},
"ves-measurement": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/"
}
},
"ves-3gpp-fault-supervision": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT/"
}
},
"ves-3gpp-provisioning": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT/"
}
},
"ves-3gpp-heartbeat": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT/"
}
},
"ves-3gpp-performance-assurance": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT/"
}
},
"ves-syslog-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-statechange-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-thresholdCrossingAlert-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-heartbeat-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-other-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-mobileflow-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-sipsignaling-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTSves7_valid_ip_v4.json-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTSves7_valid_ip_v4.json-DEV"
}
},
"ves-voicequality-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-fault-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-measurement-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-3gpp-fault-supervision-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT"
+ "topic_url": "http://messages:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT"
}
},
"ves-3gpp-provisioning-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT"
+ "topic_url": "http://messages:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT"
}
},
"ves-3gpp-heartbeat-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-3gpp-performance-assurance-secondary": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
+ "topic_url": "http://messages:3904/events/DCAE-SE-COLLECTOR-EVENTS-DEV"
}
},
"ves-pnfRegistration": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.VES_PNFREG_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.VES_PNFREG_OUTPUT/"
}
},
"ves-o1-notify-pnf-registration": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.VES_O1_NOTIFY_PNF_REGISTRATION_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.VES_O1_NOTIFY_PNF_REGISTRATION_OUTPUT/"
}
},
"ves-o-ran-sc-du-hello-world-pm-streaming-oas3": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.VES_O_RAN_SC_HELLO_WORLD_PM_STREAMING_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.VES_O_RAN_SC_HELLO_WORLD_PM_STREAMING_OUTPUT/"
}
},
"ves-file-ready": {
"type": "message_router",
"dmaap_info": {
"location": "mtl5",
- "topic_url": "http://onap-dmaap:3904/events/unauthenticated.VES_FILE_READY_OUTPUT/"
+ "topic_url": "http://messages:3904/events/unauthenticated.VES_FILE_READY_OUTPUT/"
}
}
}
\ No newline at end of file