/
Release I - Run in Docker

Release I - Run in Docker

Jun 19, 2024

This page describes how to run various NONRTRIC functions in Docker.

In this sample deployment all NONRTRIC components run as docker containers and communicate via a private docker network with container ports, where ports are also available on localhost.

Details of the architecture can be found from Release I page.

Project Requirements

  • docker and docker-compose (latest)

  • curl (or similar)

  • Additional optional requirements if using the "Helm Manager" function

    • kubernetes v1.19+

    • kubectl with admin access to kubernetes (e.g., minikube, docker-desktop kubernetes etc) 

    • helm with access to kubernetes - this is only applicable when running the Helm Manager example operations 

  • Addition optional requirement if using the "DMaaP Adapter" or "DMaap Mediator Producer" services

Images

The images used for running the Non-RT RIC can be selected from the table below depending on if the images are built manually (snapshot image) or if release images shall be used.

In general, there is no need to build the images manually unless there are code changes made by the user, so release images should be used. Instruction on how to build all components, see. Release I - Build.

The run commands throughout this page uses the release images and tags. Replace the release images/tags in the container run commands in the instructions if manually-built snapshot images are desired. 

H Release - Images & Tags

Ports

The following ports will be allocated and exposed to localhost for each component. If other port(s) are desired, then the ports need to be replaced in the container run commands in the instructions further below.



Component

Port exposed to localhost (http/https)

Component

Port exposed to localhost (http/https)

A1 Policy Management Service

8081/8443

A1 Simulator (Near-RT RIC simulator) 

8085/8185,  8086/8186, 8087/8187

Information Coordinator Service

8083/8434

Non-RT RIC Control Panel

8080/8880

SDNC A1-Controller

8282/8443

Gateway

9090 (only http)

App Catalogue Service

8680/8633

Helm Manager

8112 (only http)

DMaaP Mediator Producer

9085/9185

DMaaP Adapter Service

9087/9187

SME-CapifCore

8090 (only http)

Prerequisites

The containers need to be connected to docker network in order to communicate with each other.

Create a private docker network. If another network name is used, all references to 'nonrtric-docker-net' in the container run commands below need to be updated.

docker network create nonrtric-docker-net

Run the A1 Policy Management Service Docker Container

Test locally with three separate A1 simulator instances, each running a one of the three available A1 Policy interface versions:  

  • Create an application_configuration.json file with the configuration below.  This will configure the A1 Policy Management Service to use the simulators for the A1 interface

  • Note: Any defined ric names must match the given docker container names in near-RT RIC simulator startup, see Run A1 Simulator Docker Containers

The A1 Policy Management Service can be configured to support A1 connection via an SDNC A1-Controller for some or all rics/simulators. It is optional to access the near-RT-RIC through an SDNC A1-Controller.
This is enabled in the configuration file using the optional "controller" parameter for each ric entry. If all configured rics bypass the A1-Controller (do not have "controller" values) then the "controller" object at the top of the configuration can be omitted. If all configured rics bypass the SDNC A1-Controller there is no need to start an SDNC A1-Controller.

This sample configuration is for running without the SDNC A1-Controller

application_configuration.json
{ "config": { "ric": [ { "name": "ric1", "baseUrl": "http://ric1:8085/", "managedElementIds": [ "kista_1", "kista_2" ] }, { "name": "ric2", "baseUrl": "http://ric2:8085/", "managedElementIds": [ "kista_3", "kista_4" ] }, { "name": "ric3", "baseUrl": "http://ric3:8085/", "managedElementIds": [ "kista_5", "kista_6" ] } ] } }

This sample configuration is for running with the SDNC A1-Controller

application_configuration.json
{ "config": { "controller": [ { "name": "a1controller", "baseUrl": "https://a1controller:8443", "userName": "admin", "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U" } ], "ric": [ { "name": "ric1", "baseUrl": "http://ric1:8085/", "controller": "a1controller", "managedElementIds": [ "kista_1", "kista_2" ] }, { "name": "ric2", "baseUrl": "http://ric2:8085/", "controller": "a1controller", "managedElementIds": [ "kista_3", "kista_4" ] }, { "name": "ric3", "baseUrl": "http://ric3:8085/", "controller": "a1controller", "managedElementIds": [ "kista_5", "kista_6" ] } ] } }

Note: The A1 Policy Management Service DMaaP interface is deprecated/removed so this interface shall no longer be configured in the application_configuration.json.



Start the container with the following command. Replace "<absolute-path-to-file>" with the the path to the created configuration file in the command. The configuration file is mounted to the container. There will be WARN messages appearing in the log until the simulators are started.

docker run --rm -v <absolute-path-to-file>/application_configuration.json:/opt/app/policy-agent/data/application_configuration.json -p 8081:8081 -p 8433:8433 --network=nonrtric-docker-net --name=policy-agent-container nexus3.o-ran-sc.org:10002/o-ran-sc/nonrtric-plt-a1policymanagementservice:2.6.0

Wait 1 minute to allow the container to start and to read the configuration. Then run the command below another terminal. The output should match the configuration in the file - all three rics (ric1, ric2 and ric3) should be included in the output. Note that each ric has the state "UNAVAILABLE" until the simulators are started.

Note: If the policy management service is started with config for the SDNC A1 Controller (the second config option), do the steps described in section Run the SDNC A1 Controller Docker Container below before proceeding.

curl localhost:8081/a1-policy/v2/rics

Expected output (not that all simulators - ric1,ric2 and ric3 will indicate "state":"UNAVAILABLE" until the simulators has been started in Run A1 Simulator Docker Containers):

{"rics":[{"ric_id":"ric1","managed_element_ids":["kista_1","kista_2"],"policytype_ids":[],"state":"UNAVAILABLE"},{"ric_id":"ric3","managed_element_ids":["kista_5","kista_6"],"policytype_ids":[],"state":"UNAVAILABLE"},{"ric_id":"ric2","managed_element_ids":["kista_3","kista_4"],"policytype_ids":[],"state":"UNAVAILABLE"}]}

Run the SDNC A1 Controller Docker Container (ONAP SDNC)

This step is only applicable if the configuration for the Policy Management Service include the SDNC A1 Controller (second config option), see Run the A1 Policy Management Service Docker Container.

Create the docker compose file - be sure to update image for the a1controller to the one listed for SDNC A1 Controller in the table on the top of this page.
docker-compose.yaml 

docker-compose.yaml
version: '3' networks: default: external: true name: nonrtric-docker-net services: db: image: nexus3.o-ran-sc.org:10001/mariadb:10.5 container_name: sdncdb networks: - default ports: - "3306" environment: - MYSQL_ROOT_PASSWORD=itsASecret - MYSQL_ROOT_HOST=% - MYSQL_USER=sdnctl - MYSQL_PASSWORD=gamma - MYSQL_DATABASE=sdnctl logging: driver: "json-file" options: max-size: "30m" max-file: "5" a1controller: image: nexus3.onap.org:10001/onap/sdnc-image:2.5.4 depends_on : - db container_name: a1controller networks: - default entrypoint: ["/opt/onap/sdnc/bin/startODL.sh"] ports: - 8282:8181 - 8443:8443 links: - db:dbhost - db:sdnctldb01 - db:sdnctldb02 environment: - MYSQL_ROOT_PASSWORD=itsASecret - MYSQL_USER=sdnctl - MYSQL_PASSWORD=gamma - MYSQL_DATABASE=sdnctl - SDNC_CONFIG_DIR=/opt/onap/sdnc/data/properties - SDNC_BIN=/opt/onap/sdnc/bin - ODL_CERT_DIR=/tmp - ODL_ADMIN_USERNAME=admin - ODL_ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - ODL_USER=admin - ODL_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - SDNC_DB_INIT=true - A1_TRUSTSTORE_PASSWORD=a1adapter - AAI_TRUSTSTORE_PASSWORD=changeit logging: driver: "json-file" options: max-size: "30m" max-file: "5"

Start the SNDC A1 controller with the following command, using the created docker-compose file.

docker-compose up

Open this url below in a web browser to verify that the SDNC A1 Controller is up and running. It may take a few minutes until the endpoint is available.

http://localhost:8282/apidoc/explorer/index.html#/controller%20A1-ADAPTER-API
Username/password: admin/Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U

The Karaf logs of A1 controller can be followed e.g. by using command 

docker exec a1controller sh -c "tail -f /opt/opendaylight/data/log/karaf.log"

Run the A1 Simulator (Near-RT-RIC simulator) Docker Containers

Start a simulator for each ric defined in in the application_configuration.json created above in section Run the A1 Policy Management Service Docker Container. Each simulator will use one of the currently available A1 interface versions. Each simulator uses different local ports.

ric1

docker run --rm --network=nonrtric-docker-net -p 8085:8085 -p 8185:8185 -e A1_VERSION=OSC_2.1.0 -e ALLOW_HTTP=true --name=ric1 nexus3.o-ran-sc.org:10002/o-ran-sc/a1-simulator:2.5.0

ric2

docker run --rm --network=nonrtric-docker-net -p 8086:8085 -p 8186:8185 -e A1_VERSION=STD_1.1.3 -e ALLOW_HTTP=true --name=ric2 nexus3.o-ran-sc.org:10002/o-ran-sc/a1-simulator:2.5.0

ric3

docker run --rm --network=nonrtric-docker-net -p 8087:8085 -p 8187:8185 -e A1_VERSION=STD_2.0.0 -e ALLOW_HTTP=true --name=ric3 nexus3.o-ran-sc.org:10002/o-ran-sc/a1-simulator:2.5.0

Wait at least one minute to let the policy management service synchronise the rics. Then run the command below another terminal. The output should match the configuration in the file. Note that each ric now has the state "AVAILABLE".

curl localhost:8081/a1-policy/v2/rics

Expected output - all state should indicated AVAILABLE:

{"rics":[{"ric_id":"ric1","managed_element_ids":["kista_1","kista_2"],"policytype_ids":[],"state":"AVAILABLE"},{"ric_id":"ric3","managed_element_ids":["kista_5","kista_6"],"policytype_ids":[],"state":"AVAILABLE"},{"ric_id":"ric2","managed_element_ids":["kista_3","kista_4"],"policytype_ids":[""],"state":"AVAILABLE"}]}

Only the simulators using version STD_2.0.0 and OSC_2.1.0 supports A1 Policy types. Run the commands below to add one A1 Policy type in each  of ric1 and ric3. A1-AP version 1 (STD_1.1.3) does not support A1 Policy types.

Create the file with policy type for ric1

osc_pt1.json
{ "name": "pt1", "description": "pt1 policy type", "policy_type_id": 1, "create_schema": { "$schema": "http://json-schema.org/draft-07/schema#", "title": "OSC_PT1_0.1.0", "description": "QoS policy type", "type": "object", "properties": { "scope": { "type": "object", "properties": { "ueId": { "type": "string" }, "qosId": { "type": "string" } }, "additionalProperties": false, "required": [ "ueId", "qosId" ] }, "statement": { "type": "object", "properties": { "priorityLevel": { "type": "number" } }, "additionalProperties": false, "required": [ "priorityLevel" ] } } } }

Put the policy type to ric1 - should http response code 201

curl -X PUT -v -H Content-Type:application/json http://localhost:8085/a1-p/policytypes/123 --data-binary @osc_pt1.json

Create the file with policy type for ric3

std_pt1.json
{ "policySchema": { "$schema": "http://json-schema.org/draft-07/schema#", "title": "STD_QOS_0_2_0", "description": "STD QOS policy type", "type": "object", "properties": { "scope": { "type": "object", "properties": { "ueId": { "type": "string" }, "qosId": { "type": "string" } }, "additionalProperties": false, "required": [ "ueId", "qosId" ] }, "qosObjectives": { "type": "object", "properties": { "priorityLevel": { "type": "number" } }, "additionalProperties": false, "required": [ "priorityLevel" ] } } }, "statusSchema": { "$schema": "http://json-schema.org/draft-07/schema#", "title": "STD_QOS_0.2.0", "description": "STD QOS policy type status", "type": "object", "properties": { "enforceStatus": { "type": "string" }, "enforceReason": { "type": "string" }, "additionalProperties": false, "required": [ "enforceStatus" ] } } }

Put the policy type to ric3 - should return http response code 201

curl -X PUT -v -H Content-Type:application/json http://localhost:8087/policytype?id=std_pt1  --data-binary @std_pt1.json 

Wait approximately 1 minute to let the policy management service synchronise the types with the simulators.

List the synchronised types:

curl localhost:8081/a1-policy/v2/policy-types

Expected output:

{"policytype_ids":["","123","std_pt1"]}

Run the Information Coordinator Service Docker Container

Run the following command to start the information coordinator service.

docker run --rm --network=nonrtric-docker-net -p 8083:8083 -p 8434:8434 --name=information-service-container nexus3.o-ran-sc.org:10002/o-ran-sc/nonrtric-plt-informationcoordinatorservice:1.5.0

Verify that the Information Coordinator Service is started and responding (response is an empty array).

curl localhost:8083/data-producer/v1/info-types

Expected output:

[ ]

For troubleshooting/verification purposes you can view/access the full swagger API from url: http://localhost:8083/swagger-ui/index.html?configUrl=/v3/api-docs/swagger-config

Run the NONRTRIC Gateway and NONRTRIC Control Panel Docker Container

The NONRTRIC Gateway exposes the interfaces of the A1 Policy Management Service and the Information Coordinator Service to a single port of the gateway. This single port is then used by the NONRTRIC Control Panel to access both services.

Create the config file for the gateway.

application.yaml 
server: port: 9090 spring: cloud: gateway: httpclient: ssl: useInsecureTrustManager: true wiretap: true httpserver: wiretap: true routes: - id: A1-Policy uri: https://policy-agent-container:8433 predicates: - Path=/a1-policy/** - id: A1-EI-P uri: https://information-service-container:8434 predicates: - Path=/data-producer/** - id: A1-EI-C uri: https://information-service-container:8434 predicates: - Path=/data-consumer/** management: endpoint: gateway: enabled: true endpoints: web: exposure: include: "gateway,loggers,logfile,health,info,metrics,threaddump,heapdump" logging: level: ROOT: ERROR org.springframework: ERROR org.springframework.cloud.gateway: INFO reactor.netty: INFO file: name: /var/log/nonrtric-gateway/application.log

Run the following command to start the gateway. Replace "<absolute-path-to-file>" with the the path to the created application.yaml.

docker run --rm --network=nonrtric-docker-net --name=nonrtric-gateway -v <absolute-path-to-config-file>/application.yaml:/opt/app/nonrtric-gateway/config/application.yaml -p 9090:9090 nexus3.o-ran-sc.org:10002/o-ran-sc/nonrtric-gateway:1.2.0

Run the following two commands to check that the services can be reached through the gateway

curl localhost:9090/a1-policy/v2/rics

Expected output:

{"rics":[{"ric_id":"ric1","managed_element_ids":["kista_1","kista_2"],"policytype_ids":["123"],"state":"AVAILABLE"},{"ric_id":"ric3","managed_element_ids":["kista_5","kista_6"],"policytype_ids":["std_pt1"],"state":"AVAILABLE"},{"ric_id":"ric2","managed_element_ids":["kista_3","kista_4"],"policytype_ids":[""],"state":"AVAILABLE"}]}

Second command:

curl localhost:9090/data-producer/v1/info-types

Expected output:

[ ]

Create the config file for the control panel:

nginx.conf
events{} http { include /etc/nginx/mime.types; resolver 127.0.0.11; server { listen 8080; server_name localhost; root /usr/share/nginx/html; index index.html; location /a1-policy/ { set $upstream nonrtric-gateway; proxy_pass http://$upstream:9090; } location /data-producer/ { set $upstream nonrtric-gateway; proxy_pass http://$upstream:9090; } location /data-consumer/ { set $upstream nonrtric-gateway; proxy_pass http://$upstream:9090; } location / { try_files $uri $uri/ /index.html; } } }

Run the following command to start the control panel. Replace "<absolute-path-to-file>" below with the the path to the nginx.conf file created above.

docker run --rm -p 8080:8080 --network=nonrtric-docker-net --name=control-panel -v <absolute-path-to-config-file>/nginx.conf:/etc/nginx/nginx.conf nexus3.o-ran-sc.org:10002/o-ran-sc/nonrtric-controlpanel:2.5.0

The web-based UI can be accessed by pointing the web-browser to this URL: 

http://localhost:8080/

Run the App Catalogue Service Docker Container

Start the App Catalogue Service by the following command.

docker run --rm -p 8680:8680 -p 8633:8633 --network=nonrtric-docker-net --name=rapp-catalogue-service nexus3.o-ran-sc.org:10002/o-ran-sc/nonrtric-plt-rappcatalogue:1.2.0

Verify that the service is up and running

curl localhost:8680/services

Expected output:

[ ]

Run the App Catalogue (Enhanced) Service Docker Container

Start the App Catalogue Enhanced Service by the following command.

docker run --rm -p 9096:9096 -p 9196:9196 -e ALLOW_HTTP=true --network=nonrtric-docker-net --name=rapp-catalogue-service-enhanced nexus3.o-ran-sc.org:10002/o-ran-sc/nonrtric-plt-rappcatalogue-enhanced:1.0.1

Verify that the service is up and running

curl localhost:9096/rappcatalogue

Expected output:

[ ]

Run the Helm Manager Docker Container

Note: Access to kubernetes is required as stated the requirements on the top of this page.

Download the  'helm-manager' repo: Helm Manager (h-release branch).

$ cd helmmanager
 
$ mkdir -p mnt/database
 
$ kubectl create ns chkm

Start the helm manger in a separate shell by the following command:

$ docker run \
--rm \
-it \
-p 8112:8083 \
--name helmmanagerservice \
--network nonrtric-docker-net \
-v $(pwd)/mnt/database:/var/helm-manager-service \
-v ~/.kube:/home/nonrtric/.kube \
-v ~/.helm:/home/nonrtric/.helm \
-v ~/.config/helm:/home/nonrtric/.config/helm \
-v ~/.cache/helm:/home/nonrtric/.cache/helm \
-v $(pwd)/config/application.yaml:/etc/app/helm-manager/application.yaml \
nexus3.o-ran-sc.org:10002/o-ran-sc/nonrtric-plt-helmmanager:1.3.0

Ensure the app has started by listing the current charts - response should be empty json array. 

$ curl http://helmadmin:itisasecret@localhost:8112/helm/charts
{"charts":[]}

To test the app further, start a test helm chart store, then create a dummy helm chart:

Start a chartmuseum chart repository in a separate shell

$ docker run --rm -it \
-p 8222:8080 \
--name chartmuseum \
--network nonrtric-docker-net \
-e DEBUG=1 \
-e STORAGE=local \
-e STORAGE_LOCAL_ROOTDIR=/charts \
-v $(pwd)/charts:/charts \
ghcr.io/helm/chartmuseum:v0.13.1

Add the chartmuseum chart store to the helm manager by the following command:

$ docker exec -it helmmanagerservice helm repo add cm http://chartmuseum:8080
"cm" has been added to your repositories

Create a dummy helm chart for test and package the chart, and save this chart in chartmuseum:

$ helm create simple-app
Creating simple-app


$ helm package simple-app
Successfully packaged chart and saved it to: <path>/simple-app-0.1.0.tgz
 
$ curl --data-binary @simple-app-0.1.0.tgz -X POST http://localhost:8222/api/charts
{"saved":true}

The commands below show examples of operations towards the helm manager using the dummy chart.

As an alternative, run the script 'test.sh' to execute a full sequence of commands.

$ ./test.sh docker
 
Start test
================
Get apps - empty
================
curl -sw %{http_code} http://helmadmin:itisasecret@localhost:8112/helm/charts
 Curl OK
  Response: 200
  Body: {"charts":[]}
 
================
Add repo
================
curl -sw %{http_code} http://helmadmin:itisasecret@localhost:8112/helm/repo -X POST -H Content-Type:application/json -d @cm-repo.json
 Curl OK  Response: 201  Body: ============Onboard app===========curl -sw %{http_code} http://helmadmin:itisasecret@localhost:8112/helm/onboard/chart -X POST -F chart=@simple-app-0.1.0.tgz -F values=@simple-app-values.yaml -F info=<simple-app.json Curl OK  Response: 200  Body: =====================Get apps - simple-app=====================curl -sw %{http_code} http://helmadmin:itisasecret@localhost:8112/helm/charts Curl OK  Response: 200  Body: {"charts":[{"releaseName":"simpleapp","chartId":{"name":"simple-app","version":"0.1.0"},"namespace":"ckhm","repository":{"repoName":"cm","protocol":null,"address":null,"port":null,"userName":null,"password":null},"overrideParams":null}]} ===========Install app===========curl -sw %{http_code} http://helmadmin:itisasecret@localhost:8112/helm/install -X POST -H Content-Type:application/json -d @simple-app-installation.json Curl OK  Response: 201  Body: =====================Get apps - simple-app=====================curl -sw %{http_code} http://helmadmin:itisasecret@localhost:8112/helm/charts Curl OK  Response: 200  Body: {"charts":[{"releaseName":"simpleapp","chartId":{"name":"simple-app","version":"0.1.0"},"namespace":"ckhm","repository":{"repoName":"cm","protocol":null,"address":null,"port":null,"userName":null,"password":null},"overrideParams":null}]} =================================================================helm ls to list installed app - simpleapp chart should be visible=================================================================NAME        NAMESPACE   REVISION    UPDATED                                 STATUS      CHART               APP VERSIONsimpleapp   ckhm        1           2022-06-27 21:18:27.407666475 +0000 UTC deployed    simple-app-0.1.0    1.16.0     ==========================================sleep 30 - give the app some time to start======================================================================List svc and  pod of the app============================NAME                   TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGEsimpleapp-simple-app   ClusterIP   10.98.120.189   <none>        80/TCP    30sNAME                                    READY   STATUS    RESTARTS   AGEsimpleapp-simple-app-675f44fc99-qsxr6   1/1     Running   0          30s ========================Uninstall app simple-app========================curl -sw %{http_code} http://helmadmin:itisasecret@localhost:8112/helm/uninstall/simple-app/0.1.0 -X DELETE Curl OK  Response: 204  Body: ===========================================sleep 30 - give the app some time to remove=======================================================================================================List svc and  pod of the app - should be gone or terminating============================================================No resources found in ckhm namespace.No resources found in ckhm namespace. =====================Get apps - simple-app=====================curl -sw %{http_code} http://helmadmin:itisasecret@localhost:8112/helm/charts Curl OK  Response: 200  Body: {"charts":[{"releaseName":"simpleapp","chartId":{"name":"simple-app","version":"0.1.0"},"namespace":"ckhm","repository":{"repoName":"cm","protocol":null,"address":null,"port":null,"userName":null,"password":null},"overrideParams":null}]} ============Delete chart===========curl -sw %{http_code} http://helmadmin:itisasecret@localhost:8112/helm/chart/simple-app/0.1.0 -X DELETE Curl OK  Response: 204  Body: ================Get apps - empty================curl -sw %{http_code} http://helmadmin:itisasecret@localhost:8112/helm/charts Curl OK  Response: 200  Body: {"charts":[]} Test result  All tests okEnd of test