No NS in the qual-1VNF-1PoP

[DarioValocchi]

After SP deployment in qualification environment, the BSS doesn't show any NSD in the Available Network Services tab.

Activating -e -x on the Jenkins shell, the jobs fails at the following point:

10:12:54 + curl -f -v -i -X POST -F package=@qual-1VNF-1PoP.son http://1pop.sp.sonata-nfv.eu/api/v2/packages
10:12:54 Note: Unnecessary use of -X or --request, POST is already inferred.
10:12:54   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
10:12:54                                  Dload  Upload   Total   Spent    Left  Speed
10:12:54 
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 10.30.0.244...
10:12:54 * Connected to 1pop.sp.sonata-nfv.eu (10.30.0.244) port 80 (#0)
10:12:54 > POST /api/v2/packages HTTP/1.1
10:12:54 > Host: 1pop.sp.sonata-nfv.eu
10:12:54 > User-Agent: curl/7.47.0
10:12:54 > Accept: */*
10:12:54 > Content-Length: 4359
10:12:54 > Expect: 100-continue
10:12:54 > Content-Type: multipart/form-data; boundary=------------------------d46f4970b9f6dec5
10:12:54 > 
10:12:54 < HTTP/1.1 100 Continue
10:12:54 } [165 bytes data]
10:12:54 * The requested URL returned error: 401 Unauthorized
10:12:54 
100  4359    0     0  100  4359      0  35833 --:--:-- --:--:-- --:--:-- 36024
10:12:54 * Closing connection 0
10:12:54 curl: (22) The requested URL returned error: 401 Unauthorized
10:12:54 HTTP/1.1 100 Continue

So I guess there's something to modify in the jobs to adapt to the security features of the SP.

[dang03]

In order to meet the security requirements, a user is required before posting a package to the SP. I suggest to add next steps to the job: register a "developer" user in first place, then authenticate the user to get the access token. Next, add the access token to the "authorization" header ("bearer <access_token>") to the curl POST of the package.
The following code shows how to do it:

User registration:

qual_reg_data() { 
  cat << EOF 
  {"username":"qual","password":"1234","user_type":"developer","email":"qual.user@email.com"} 
  EOF 
} 

printf "\n\n======== POST Qual User Registration form to Gatekeeper ==\n\n\n" 
resp=$(curl -qSfsw '\n%{http_code}' -H "Content-Type: application/json" \ 
-d "$(qual_reg_data)" \ 
-X POST http://1pop.sp.sonata-nfv.eu/api/v2/users) 
echo $resp 

code=$(echo "$resp" | tail -n1) 
echo "Code: $code" 

if [[ $code != 201 ]] ; 
  then 
    echo "Response $code"
    exit -1
fi

User Login:

resp=$(curl -qSfsw '\n%{http_code}' -d '{"username":"qual","password":"1234"}' \
http://1pop.sp.sonata-nfv.eu/api/v2/sessions)
echo $resp

token=$(echo $resp | awk '{json=$1 FS $2 FS $3; print json}' | python -mjson.tool | grep "access_token" | awk -F ':[ \t]*' '{print $2}' | sed 's/,//g' | sed 's/"//g')
echo "TOKEN="$token

code=$(echo "$resp" | tail -n1)
echo "Code: $code"

if [[ $code != 200 ]] ;
  then
    echo "Error: Response error $code"
    exit -1
fi

POST package using access token:

resp=$(curl -qSfsw '\n%{http_code}' -F "package=@qual-1VNF-1PoP.son" \
-H "Authorization: Bearer $token" -X POST http://1pop.sp.sonata-nfv.eu/api/v2/packages)
echo $resp

[DarioValocchi]

Thanks @dang03 I added a code snippet similar to the one used in int-eng to cope with user registration and authentication. It seems to work, but still no package is available at the BSS. I'll investigate further.

[DarioValocchi]

The package seems to be pushed correctly

11:44:23 HTTP/1.1 201 Created
11:44:23 Server: nginx/1.11.10
11:44:23 Date: Thu, 22 Jun 2017 11:44:23 GMT
11:44:23 Content-Type: application/json
11:44:23 Content-Length: 1057
11:44:23 Connection: keep-alive
11:44:23 Location: http://10.30.0.244:5100/packages/6b7b75a1-d68a-4a78-8566-9c9eab7671ec
11:44:23 X-Content-Type-Options: nosniff
11:44:23 
11:44:23 {"created_at":"2017-06-22T11:44:23.249+00:00","md5":"49ce3e2f15aec5c012ef35575255ebfb","pd":{"description":"SONATA RING service for qualification environment","descriptor_version":"1.0","entry_service_template":"/service_descriptors/sonata-qual-1vnf-1pop.yml","maintainer":"Felipe Vicens, ATOS, felipe.vicens@atos.net","name":"sonata-ring-service","package_content":[{"content-type":"application/sonata.service_descriptor","md5":"3480169189d000dc70dfe5b022629c21","name":"/service_descriptors/sonata-qual-1vnf-1pop.yml"},{"content-type":"application/sonata.function_descriptor","md5":"7dac616660f603911ac6268aa3846095","name":"/function_descriptors/vring-vnf-vnfd.yml"}],"schema":"https://raw.githubusercontent.com/sonata-nfv/son-schema/master/package-descriptor/pd-schema.yml","sealed":true,"vendor":"eu.sonata-nfv.package","version":"0.1"},"signature":null,"status":"active","updated_at":"2017-06-22T11:44:23.249+00:00","username":"sonata-1498131847","uuid":"6b7b75a1-d68a-4a78-8566-9c9eab7671ec","son-package-uuid":"a9f1f544-884f-4b23-a5b1-f29588f5b6a2"}

Could it be an issue with the version of the BSS running in qual? @felipevicens @srodriguezOPT

[santiagordguez]

Hi @DarioValocchi ,

The BSS is requesting services invoking GET http://1pop.sp.sonata-nfv.eu/api/v2/services?status=active&limit=10&offset=0
and GK responses with "{"error":{"code":400,"message":"Unprocessable entity: authorization header must be "Bearer ""}}"

I think that the BSS deployed version is not the right one. The current version has "Bearer token":
https://github.com/sonata-nfv/son-bss/blob/master/application/code/app/login/loginService.js#L57

[santiagordguez]

Oh, wait!

@DarioValocchi , @felipevicens
The BSS was deployed with the user management option disabled and is sending a fake token:
https://github.com/sonata-nfv/son-bss/blob/master/application/code/app/login/loginService.js#L42

You need to redeploy the BSS with the user management enabled

[DarioValocchi]

Ok, I've put the flag withUserManagement to true. After the re-build the BSS shows correctly the NSD.
Thanks guys.