5.6 Post Installation Procedure

Kafka VM

Note:

  • By default, Kafka exposes the XSI IP on port 9094 to connect with DSR.
  • This procedure is only recommended if there is any issue connecting with XSI IP.

Perform the following procedure to update Kafka VM:

  1. Log in to the Kafka VM.
  2. Navigate to the Kafka configuration directory:
    cd /opt/kafka/config
  3. Edit the broker.properties file:
    vi broker.properties
  4. Locate the advertised.listeners property:
    advertised.listeners=EXTERNAL://<IP>:9094
  5. Replace <IP> with the new IP (Kafka xmi, or imi if it is reachable from DSR).
  6. Save the file and exit.
  7. Perform the following command to restart the Kafka service status:
    systemctl restart kafka
  8. Perform the following command to verify the Kafka service status:
    systemctl status kafka

    Expected result: The status should show active.

Service VM

This procedure is only applicable in the following cases:

  • Case 1: User has not provides the DSR SOAM VIP during IDIH creation through VNFM in Swagger JSON.
  • Case 2: User prefers to change the existing DSR SOAM VIP provided during creation.

    Perform the following procedure to update DSR SOAM VIP:

    1. Log in to the Service VM.
    2. Navigate to the cd /opt/ directory:
    3. Edit the configuration file:
      vi cnidih_VM.yaml
    4. Inside the nfconfig-manager container section:
      1. Locate the property:
        NFCONFIG_PLUGIN_DSR_HOST
      2. Provide or replace the existing IP with the new one.
    5. Inside the protraceprocessor container section, ensure to set the following propertyNFCONFIG_CLIENT_ENABLED to True.

      Note:

      Verify it is set to true, not false.
    6. Save the file and exit.
    7. Perform the following command to restart the service:
      docker-compose -f /opt/cnidih_VM.yaml up -d
    8. If the SOAM VIP is reachable and appropriate, the nfconfig service and protraceprocessor services will operate as expected.

SSL Certificate Creation for IDIH

Note:

Create your own certificates in case of expiration of provided certificate.

Kafka VM

  1. Certificates are required in KeyStore and TrustStore format (PKCS or JKS).
  2. Private key which is part of KeyStore must be encrypted.
  3. One KeyStore and TrustStore file is required.

DSR (it acts as client for Kafka)

  1. Certificates are required in pem format here.
  2. Required files are: certificate, privatekey, CA file.

    Privatekey should be encrypted with password.

  3. To upload the above files on DSR SOAM: from the Main Menu, go to Diameter, and Troubleshooting with IDIH, and then Configuration.

    Note:

    Same CA file must be used for Kafka and DSR Certificates.

Service VM

  1. Certificates are required in KeyStore and TrustStore format (PKCS).
  2. One KeyStore file and TrustStore file is required.
  3. Same CA file can be used which is used while creating certificates for Kafka or different CA file also can be used.
  4. Private key which is part of KeyStore must not be encrypted.
  5. Certificate should contain the following fqdn's as SAN's (Subject Alternative Names):
    • idih.tekelec.com
    • tekelec.com
    • cnidih-portal
    • usermanagement
    • protraceprocessor
    • ttrdecoder
    • alarmmanagement