Try via ssh from APPC. Its probably a connectivity issue over the OAM network.
Brian From: onap-discuss-boun...@lists.onap.org [mailto:onap-discuss-boun...@lists.onap.org] On Behalf Of Ramanarayanan, Karthick Sent: Monday, January 29, 2018 6:10 PM To: PLATANIA, MARCO <plata...@research.att.com>; onap-discuss@lists.onap.org Subject: Re: [onap-discuss] Demo update-vfw policy script when running without closed loop I have tried admin/admin as well for netconf username/password. Doesn't work. It seems its having issues connecting to netconf server on port 1830. ________________________________ From: Ramanarayanan, Karthick Sent: Monday, January 29, 2018 3:07:28 PM To: PLATANIA, MARCO (MARCO); onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org> Subject: Re: [onap-discuss] Demo update-vfw policy script when running without closed loop This is the ODL karaf log from inside appc pod : ssh -p 8101 karaf@localhost log:tail pertaining to the appc mount put request for your perusal. 2018-01-29 23:01:46,170 | INFO | on-dispatcher-52 | AbstractNetconfTopology | 354 - netconf-topology-config - 1.2.1.Carbon | Connecting RemoteDevice{Uri [_value=826d1073-d4cc-4064-bb29-d815701b0d6a]} , with config Node{getNodeId=Uri [_value=826d1073-d4cc-4064-bb29-d815701b0d6a], augmentations={interface org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.NetconfNode=NetconfNode{getActorResponseWaitTime=5, getBetweenAttemptsTimeoutMillis=2000, getConcurrentRpcLimit=0, getConnectionTimeoutMillis=20000, getCredentials=LoginPassword{getPassword=root, getUsername=root, augmentations={}}, getDefaultRequestTimeoutMillis=60000, getHost=Host [_ipAddress=IpAddress [_ipv4Address=Ipv4Address [_value=172.23.3.16]]], getKeepaliveDelay=120, getMaxConnectionAttempts=0, getPort=PortNumber [_value=2831], getSchemaCacheDirectory=schema, getSleepFactor=1.5, isReconnectOnChangedSchema=false, isSchemaless=false, isTcpOnly=false}}} 2018-01-29 23:01:46,175 | WARN | on-dispatcher-52 | AbstractNetconfTopology | 354 - netconf-topology-config - 1.2.1.Carbon | Adding keepalive facade, for device Uri [_value=826d1073-d4cc-4064-bb29-d815701b0d6a] 2018-01-29 23:01:46,175 | INFO | on-dispatcher-52 | AbstractNetconfTopology | 354 - netconf-topology-config - 1.2.1.Carbon | Concurrent rpc limit is smaller than 1, no limit will be enforced for device RemoteDevice{826d1073-d4cc-4064-bb29-d815701b0d6a} 2018-01-29 23:01:46,203 | WARN | a]-nio2-thread-5 | AsyncSshHandler | 340 - org.opendaylight.netconf.netty-util - 1.2.1.Carbon | Unable to setup SSH connection on channel: [id: 0x9380f506] java.net.ConnectException: Connection refused at sun.nio.ch.UnixAsynchronousSocketChannelImpl.checkConnect(Native Method)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.finishConnect(UnixAsynchronousSocketChannelImpl.java:252)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.finish(UnixAsynchronousSocketChannelImpl.java:198)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.onEvent(UnixAsynchronousSocketChannelImpl.java:213)[:1.8.0_151] at sun.nio.ch.EPollPort$EventHandlerTask.run(EPollPort.java:293)[:1.8.0_151] at java.lang.Thread.run(Thread.java:748)[:1.8.0_151] 2018-01-29 23:01:48,220 | WARN | a]-nio2-thread-6 | AsyncSshHandler | 340 - org.opendaylight.netconf.netty-util - 1.2.1.Carbon | Unable to setup SSH connection on channel: [id: 0x19ec55b6] java.net.ConnectException: Connection refused at sun.nio.ch.UnixAsynchronousSocketChannelImpl.checkConnect(Native Method)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.finishConnect(UnixAsynchronousSocketChannelImpl.java:252)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.finish(UnixAsynchronousSocketChannelImpl.java:198)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.onEvent(UnixAsynchronousSocketChannelImpl.java:213)[:1.8.0_151] at sun.nio.ch.EPollPort$EventHandlerTask.run(EPollPort.java:293)[:1.8.0_151] at java.lang.Thread.run(Thread.java:748)[:1.8.0_151] 2018-01-29 23:01:51,235 | WARN | a]-nio2-thread-7 | AsyncSshHandler | 340 - org.opendaylight.netconf.netty-util - 1.2.1.Carbon | Unable to setup SSH connection on channel: [id: 0x0e1e1323] java.net.ConnectException: Connection refused at sun.nio.ch.UnixAsynchronousSocketChannelImpl.checkConnect(Native Method)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.finishConnect(UnixAsynchronousSocketChannelImpl.java:252)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.finish(UnixAsynchronousSocketChannelImpl.java:198)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.onEvent(UnixAsynchronousSocketChannelImpl.java:213)[:1.8.0_151] at sun.nio.ch.EPollPort$EventHandlerTask.run(EPollPort.java:293)[:1.8.0_151] at java.lang.Thread.run(Thread.java:748)[:1.8.0_151] 2018-01-29 23:01:55,751 | WARN | a]-nio2-thread-8 | AsyncSshHandler | 340 - org.opendaylight.netconf.netty-util - 1.2.1.Carbon | Unable to setup SSH connection on channel: [id: 0xd6b84044] java.net.ConnectException: Connection refused at sun.nio.ch.UnixAsynchronousSocketChannelImpl.checkConnect(Native Method)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.finishConnect(UnixAsynchronousSocketChannelImpl.java:252)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.finish(UnixAsynchronousSocketChannelImpl.java:198)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.onEvent(UnixAsynchronousSocketChannelImpl.java:213)[:1.8.0_151] at sun.nio.ch.EPollPort$EventHandlerTask.run(EPollPort.java:293)[:1.8.0_151] at java.lang.Thread.run(Thread.java:748)[:1.8.0_151] 2018-01-29 23:02:02,514 | WARN | a]-nio2-thread-1 | AsyncSshHandler | 340 - org.opendaylight.netconf.netty-util - 1.2.1.Carbon | Unable to setup SSH connection on channel: [id: 0x6c1fe552] java.net.ConnectException: Connection refused at sun.nio.ch.UnixAsynchronousSocketChannelImpl.checkConnect(Native Method)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.finishConnect(UnixAsynchronousSocketChannelImpl.java:252)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.finish(UnixAsynchronousSocketChannelImpl.java:198)[:1.8.0_151] at sun.nio.ch.UnixAsynchronousSocketChannelImpl.onEvent(UnixAsynchronousSocketChannelImpl.java:213)[:1.8.0_151] at sun.nio.ch.EPollPort$EventHandlerTask.run(EPollPort.java:293)[:1.8.0_151] at java.lang.Thread.run(Thread.java:748)[:1.8.0_151] 2018-01-29 23:02:04,571 | INFO | a]-nio2-thread-2 | ClientSessionImpl | 30 - org.apache.sshd.core - 0.14.0 | Client session created 2018-01-29 23:02:04,571 | INFO | o-group-thread-8 | ServerSession | 30 - org.apache.sshd.core - 0.14.0 | Server session created from /127.0.0.1:34746 2018-01-29 23:02:04,574 | INFO | a]-nio2-thread-2 | ClientSessionImpl | 30 - org.apache.sshd.core - 0.14.0 | Start flagging packets as pending until key exchange is done 2018-01-29 23:02:04,574 | INFO | a]-nio2-thread-2 | ClientSessionImpl | 30 - org.apache.sshd.core - 0.14.0 | Server version string: SSH-2.0-SSHD-CORE-0.14.0 2018-01-29 23:02:04,855 | INFO | Appc-Listener-1 | EventHandlerImpl | 360 - appc-common - 1.2.0 | Read 0 messages from APPC-LCM-READ as APPC-EVENT-LISTENER-TEST/390. 2018-01-29 23:02:04,856 | INFO | Appc-Listener-1 | EventHandlerImpl | 360 - appc-common - 1.2.0 | Getting up to 10 incoming events 2018-01-29 23:02:04,856 | INFO | Appc-Listener-1 | HttpDmaapConsumerImpl | 365 - appc-dmaap-adapter-bundle - 1.2.0 | GET http://dmaap.onap-message-router:3904/events/APPC-LCM-READ/APPC-EVENT-LISTENER-TEST/390?timeout=60000&limit=10<https://urldefense.proofpoint.com/v2/url?u=http-3A__dmaap.onap-2Dmessage-2Drouter-3A3904_events_APPC-2DLCM-2DREAD_APPC-2DEVENT-2DLISTENER-2DTEST_390-3Ftimeout-3D60000-26limit-3D10&d=DwQFAg&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=lkl9Jd8Af8BKyb74qAsBQ29J4K6bCKUALgLNTAB8qlw&s=vUhUaO8Z5Xw4aKGwL69zbRXEV0cNKxvnXOHGLS9xknk&e=> 2018-01-29 23:02:04,866 | ERROR | Appc-Listener-1 | HttpDmaapConsumerImpl | 365 - appc-dmaap-adapter-bundle - 1.2.0 | Did not get 200 from DMaaP. Got 404 - {"mrstatus":3001,"helpURL":"https://wiki.web.att.com/display/DMAAP/DMaaP+Home","message":"No such topic exists.-[APPC-LCM-READ]","status":404} 2018-01-29 23:02:04,867 | INFO | Appc-Listener-1 | HttpDmaapConsumerImpl | 365 - appc-dmaap-adapter-bundle - 1.2.0 | Sleeping for 60s after failed request 2018-01-29 23:02:05,494 | WARN | a]-nio2-thread-4 | AcceptAllServerKeyVerifier | 30 - org.apache.sshd.core - 0.14.0 | Server at /127.0.0.1:1830 presented unverified RSA key: a0:99:2c:0f:ef:e3:74:2f:e9:b0:b7:17:cc:4b:a5:65 2018-01-29 23:02:05,495 | INFO | a]-nio2-thread-4 | ClientSessionImpl | 30 - org.apache.sshd.core - 0.14.0 | Dequeing pending packets 2018-01-29 23:02:05,496 | INFO | a]-nio2-thread-6 | ClientUserAuthServiceNew | 30 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_USERAUTH_FAILURE 2018-01-29 23:02:05,497 | INFO | a]-nio2-thread-7 | UserAuthKeyboardInteractive | 30 - org.apache.sshd.core - 0.14.0 | Received Password authentication en-US 2018-01-29 23:02:05,510 | INFO | a]-nio2-thread-8 | ClientUserAuthServiceNew | 30 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_USERAUTH_FAILURE 2018-01-29 23:02:05,510 | INFO | a]-nio2-thread-1 | UserAuthKeyboardInteractive | 30 - org.apache.sshd.core - 0.14.0 | Received Password authentication en-US 2018-01-29 23:02:05,511 | INFO | a]-nio2-thread-2 | UserAuthKeyboardInteractive | 30 - org.apache.sshd.core - 0.14.0 | Received Password authentication en-US 2018-01-29 23:02:05,511 | INFO | a]-nio2-thread-3 | UserAuthKeyboardInteractive | 30 - org.apache.sshd.core - 0.14.0 | Received Password authentication en-US 2018-01-29 23:02:05,523 | INFO | a]-nio2-thread-4 | ClientUserAuthServiceNew | 30 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_USERAUTH_FAILURE ________________________________ From: Ramanarayanan, Karthick Sent: Monday, January 29, 2018 2:24:44 PM To: PLATANIA, MARCO (MARCO); onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org> Subject: Re: [onap-discuss] Demo update-vfw policy script when running without closed loop Hi Marco, The policy push works now with your workaround to add (?h=amsterdam) in the push policy script with a complete ONAP restart. Policies are pushed successfully for the packetgen vnf. Then after an appc put to network topology to configure packetgen interface which succeeds, I still don't see the appc mount points show up in appc/opendaylight interface. The packetgen vnf is up and running. OOM policy is 1.1.1. No dcae present as mentioned earlier. Everything else has gone fine except the appc mount. Appc pod logs don't reveal anything. What am I missing? Regards, -Karthick ________________________________ From: PLATANIA, MARCO (MARCO) <plata...@research.att.com<mailto:plata...@research.att.com>> Sent: Thursday, January 25, 2018 11:08:24 AM To: Ramanarayanan, Karthick; onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org> Subject: [**EXTERNAL**] Re: [onap-discuss] Demo update-vfw policy script when running without closed loop Karthick, Please look for BRMS_DEPENDENCY_VERSION at the end of ${OOM_HOME}/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw.conf. That parameter should be the same as the Policy container version number. For Amsterdam, it has to be either 1.1.1 or 1.1.3, depending on the Policy version that you are using (Amsterdam v1.1.1 or Amsterdam Maintenance v1.1.3). Also, ${OOM_HOME}/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/push-policies.sh, line 11 should be: wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl<https://urldefense.proofpoint.com/v2/url?u=https-3A__git.onap.org_policy_drools-2Dapplications_plain_controlloop_templates_archetype-2Dcl-2Damsterdam_src_main_resources_archetype-2Dresources_src_main_resources_-5F-5FclosedLoopControlName-5F-5F.drl&d=DwMGaQ&c=06gGS5mmTNpWnXkc0ACHoA&r=3Q306Mu4iPxbTMD0vasm2o7f6Fs_R4Dsdq4HWP9yOq8&m=wDZaSAO3tIo-zRp6uBt7V6vADdhEAPt1c39n-zHk9mE&s=nEQneqR5LZsDAA6MkLofGHqXk8bSQFKyPrF2G6gCY_o&e=>?h=amsterdam<https://urldefense.proofpoint.com/v2/url?u=https-3A__git.onap.org_policy_drools-2Dapplications_plain_controlloop_templates_archetype-2Dcl-2Damsterdam_src_main_resources_archetype-2Dresources_src_main_resources_-5F-5FclosedLoopControlName-5F-5F.drl-3Fh-3Damsterdam&d=DwMF-g&c=LFYZ-o9_HUMeMTSQicvjIg&r=KgFIQiUJzSC0gUhJaQxg8eC3w16GC3sKgWIcs4iIee0&m=LGT5idEEumK08dApXCgOxFAfXApvLoMJ1CW7sK4AiF0&s=qmCN2BpW641q_DVePqiSz6PvxNkhIe1v8lJoT7ifX6I&e=> instead of wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl<https://urldefense.proofpoint.com/v2/url?u=https-3A__git.onap.org_policy_drools-2Dapplications_plain_controlloop_templates_archetype-2Dcl-2Damsterdam_src_main_resources_archetype-2Dresources_src_main_resources_-5F-5FclosedLoopControlName-5F-5F.drl&d=DwMGaQ&c=06gGS5mmTNpWnXkc0ACHoA&r=3Q306Mu4iPxbTMD0vasm2o7f6Fs_R4Dsdq4HWP9yOq8&m=wDZaSAO3tIo-zRp6uBt7V6vADdhEAPt1c39n-zHk9mE&s=nEQneqR5LZsDAA6MkLofGHqXk8bSQFKyPrF2G6gCY_o&e=> (note ?h=amsterdam at the end of the correct call). You can make these changes in your OOM local repo, as described above, or directly in the ONAP configuration folder in your NFS share (or local disk if you have a single-host K8S cluster), in /dockerdata-nfs/onap/policy/opt/policy/config/pe/push-policies.sh (and the same path for brmsgw.conf). The former approach requires to rebuild ONAP, while the latter requires to rebuild only Policy. Marco From: <onap-discuss-boun...@lists.onap.org<mailto:onap-discuss-boun...@lists.onap.org>> on behalf of "Ramanarayanan, Karthick" <krama...@ciena.com<mailto:krama...@ciena.com>> Date: Thursday, January 25, 2018 at 1:32 PM To: "onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>" <onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>> Subject: [onap-discuss] Demo update-vfw policy script when running without closed loop Hi, In my kubernetes setup minus dcae (just vFW without closed loop), I am trying to mount the appc packetgen interface but I am unable to see the mounts in appc mounts list. The policy that was pushed used the kubernetes update-vfw-op-policy.sh script which seems to be applicable for closed loop. Though the policy script runs and applies the policy and restarts the policy pods, the get on controlloop.Params fails at the end. curl -v --silent --user @1b3rt:31nst31n -X GET http://$<https://urldefense.proofpoint.com/v2/url?u=http-3A__-24&d=DwQFAw&c=LFYZ-o9_HUMeMTSQicvjIg&r=KgFIQiUJzSC0gUhJaQxg8eC3w16GC3sKgWIcs4iIee0&m=LPXvZgE66FrVN0FIXILCjCz_Ep8xUinjYJIIJRxdf7o&s=IRfCSSeF5ogZBUBhykVnXlspVj64QepZK_QHx6udwfc&e=>{K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params | python -m json.tool { "error": "amsterdam:closedloop-amsterdam:org.onap.policy.controlloop.Params not found" } Moving ahead, I configure the packet gen interface with an appc put to network topology for the packetgen vnf/ip. Put succeeds but appc mounts doesn't show up. Wondering if the policy script needs to be changed when executing without closed loop? What am I missing? Thanks, -Karthick
_______________________________________________ onap-discuss mailing list onap-discuss@lists.onap.org https://lists.onap.org/mailman/listinfo/onap-discuss