vFW Closed Loop - Operational Policy issues in Beijing #policy #usecaseui #kubernetes #install #drools


Cristina Precup
 

Dear community,

I am trying to upload the Operational Policy for the Closed Loop part of the virtual Firewall use case (step 2 of Close Loop in https://wiki.onap.org/display/DW/vFWCL+instantiation%2C+testing%2C+and+debuging). However, there is no Policy after performing the upload step with update-vfw-op-policy.sh:

$ sh update-vfw-op-policy.sh localhost 30220 30221 3a35d839-82cc-442a-bcff-92d5d97d6a1f


Removing the vFW Policy from PDP..


* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 30220 (#0)
Handling connection for 30220
DELETE /pdp/api/deletePolicy HTTP/1.1
Host: localhost:30220
User-Agent: curl/7.54.0
Content-Type: application/json
Accept: text/plain
ClientAuth: cHl0aG9uOnRlc3Q=
Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==
Environment: TEST
Content-Length: 128
* upload completely sent off: 128 out of 128 bytes
* Connection #0 to host localhost left intact
P

Updating vFW Operational Policy ..

* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 30220 (#0)
PUT /pdp/api/updatePolicy HTTP/1.1
Host: localhost:30220
User-Agent: curl/7.54.0
Handling connection for 30220
Content-Type: application/json
Accept: text/plain
ClientAuth: cHl0aG9uOnRlc3Q=
Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==
Environment: TEST
Content-Length: 1328
Expect: 100-continue
* Connection #0 to host localhost left intact
P

Pushing the vFW Policy ..


* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 30220 (#0)
Handling connection for 30220
PUT /pdp/api/pushPolicy HTTP/1.1
Host: localhost:30220
User-Agent: curl/7.54.0
Content-Type: application/json
Accept: text/plain
ClientAuth: cHl0aG9uOnRlc3Q=
Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==
Environment: TEST
Content-Length: 99
* upload completely sent off: 99 out of 99 bytes
* Connection #0 to host localhost left intact
P

Restarting PDP-D ..


[drools-pdp-controllers]
L []: Stopping Policy Management... Policy Management (pid=3306) is stopping... Policy Management has stopped.
[drools-pdp-controllers]
L []: Policy Management (pid 3711) is running


PDP-D amsterdam maven coordinates ..


* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 30221 (#0)
* Server auth using Basic with user '@1b3rt'
GET /policy/pdp/engine/controllers/amsterdam/drools HTTP/1.1
Host: localhost:30221
Authorization: Basic QDFiM3J0OjMxbnN0MzFu
User-Agent: curl/7.54.0
Accept: */*
Handling connection for 30221
< HTTP/1.1 200 OK
< Date: Mon, 10 Sep 2018 13:31:31 GMT
< Content-Type: application/json
< Content-Length: 231
< Server: Jetty(9.3.24.v20180605)
<
{ [231 bytes data]
* Connection #0 to host localhost left intact
{
"alive": false,
"artifactId": "NO-ARTIFACT-ID",
"brained": false,
"canonicalSessionNames": [],
"container": null,
"groupId": "NO-GROUP-ID",
"locked": false,
"recentSinkEvents": [],
"recentSourceEvents": [],
"sessionNames": [],
"version": "NO-VERSION"
}


PDP-D control loop updated ..


* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 30221 (#0)
* Server auth using Basic with user '@1b3rt'
Handling connection for 30221
GET /policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params HTTP/1.1
Host: localhost:30221
Authorization: Basic QDFiM3J0OjMxbnN0MzFu
User-Agent: curl/7.54.0
Accept: */*
< HTTP/1.1 200 OK
< Date: Mon, 10 Sep 2018 13:31:32 GMT
< Content-Type: application/json
< Content-Length: 2
< Server: Jetty(9.3.24.v20180605)
<
{ [2 bytes data]
* Connection #0 to host localhost left intact
[]

Furthermore, the policy portal does not have any policies in it.

Here is the output of the drools healthcheck:

CURL GET http://10.42.1.8:6969/healthcheck (see postman)
{
"healthy": false,
"details": [
{
"name": "PDP-D",
"url": "self",
"healthy": true,
"code": 200,
"message": "alive"
},
{
"name": "PAP",
"url": "http://pap:9091/pap/test",
"healthy": false,
"code": 0,
"message": null
},
{
"name": "PDP",
"url": "http://pdp:8081/pdp/test",
"healthy": false,
"code": 0,
"message": null
}
]
}

I understand that the steps have changed in Beijing, and have therefore switched to the Before Installing Policies and Install Policies steps from this wiki https://wiki.onap.org/display/DW/Policy+on+OOM.

In my case, it seems that the service name resolution for brmsgw does not work for nexus, drools and message-router. The situation is identical to the one reported here: https://lists.onap.org/g/onap-discuss/message/12074?p=,,,20,0,0,0::relevance,,%23policy,20,2,0,24974444. Are there any instructions on how to deal with this issue? What is the password for policy user with root privileges?

Looking forward to your reply!


Best regards,
--
Cristina Precup

Join onap-discuss@lists.onap.org to automatically receive all group messages.