2 Configuring SEPP using rules
NF-Mediation Reloading ConfigMap, if in case any updates made in the Rules.
- Tool NF Mediation Download Tool can be used to download the rule config map in a folder (folder name will be configmap name). It needs namespace as well as required configmap name. These rules then can be changed accordingly.
- Tool NF Mediation Upload Tool can be used to upload the rule config map from the existing config map folder. It needs namespace as well as required configmap name to be uploaded.
- If rules changed on NF active mediation then use "<release-name>-nf-mediation-config-active" as the name of the configmap.
- If rules changed on NF test mediation then use "<release-name>-nf-mediation-config-test" as the name of the configmap.
Configure SEPP using rules
Following is the procedure to configure SEPP using rules:
- Login to the node where you want to update the SEPP config map.
- Execute rules download script to download the existing config map. Refer to NF Mediation Download Toolfor download script.
- Edit the config map with new values.
- Execute rules upload script to upload the new config map. Refer to NF Mediation Upload Tool for upload script. The modifcation in the new rules can be in the headers or the body of the request or response sent to mediation.
NF Mediation Download Tool
Following is the rule for downloading NF
mediation:
#!/bin/sh
read -p "Enter a valid Namespace name: " in_namespace
read -p "Enter a valid rules ConfigMap Name: " in_config
if ( [ -z "$in_namespace" ] || [ -z "$in_config" ] )
then
echo "Namespace/ConfigMap can not be empty"
else
#default_namespace="seppsvc"
#namespace=${in_namespace:-$default_namespace}
mkdir -p $in_config
cd $in_config
kubectl get cm $in_config -n $in_namespace -o json > rule_file
for i in $(jq -r '.data | keys | .[]' rule_file);
do
j=$(echo $i | sed 's/\./\\./g')
var="{.data."$j"}"
kubectl get cm $in_config -n $in_namespace -o jsonpath=$var > $i
done
rm -rf rule_file
cd ../../../
fi
NF Mediation Upload Tool
Following is the rule for uploading the NF
mediation:
#!/bin/sh
read -p "Enter a valid Namespace name: " in_namespace
read -p "Enter a valid rules ConfigMap Name: " in_config
if ( [ -z "$in_namespace" ] || [ -z "$in_config" ] )
then
echo "Namespace/ConfigMap can not be empty"
else
#default_namespace="seppsvc"
#namespace=${in_namespace:-$default_namespace}
#mkdir -p $in_config
#cd $in_config
folder_name="$in_config/"
#echo $folder_name
kubectl create configmap $in_config -n $in_namespace --dry-run -o yaml --from-file=$folder_name| kubectl replace -f -
fi
NF-Mediation Rule Configuration
Following are the sample mediation rules.
Roaming Partner
Following is the sample rule to configure roaming partner:
rule "Roaming-partner-1"
when
req : Request(body.get("$.dataToIntegrityProtectBlock.requestLine.path") == "nnrf-disc/v1/nf-instances")
then
req.headers.add("x-destination-uri", "http://psepp-stub-service.default:8084/sepp/ipx/testing/server")
end
Modification operation
Following is the sample rule to add Modification Oparation:
rule "Modification-policy"
when
rsp : Response(body.has("$..metaData.authorizedIpxId", "ipx.oracle.com") && body.has("$..statusLine","HTTP/2 200 OK"))
then
String iePath1 = rsp.body.absPath("$..payload","iePath", "/nfInstances/0/fqdn")
String iePath2 = rsp.body.absPath("$..payload","iePath", "/nfInstances/0/ausfInfo/supiRanges/0/start")
rsp.body.put("$.modifications","operations",operation("ADD", "dataToIntegrityProtectBlock/payload", null, "['/validity','BODY','400']"))
rsp.body.put("$.modifications","operations",operation("REMOVE", "dataToIntegrityProtectBlock"+iePath1,null, null))
rsp.body.add("$.modifications.operations",operation("REPLACE", "dataToIntegrityProtectBlock"+iePath2,null, "20"))
end
Common functions
Following is the sample rule to add the mediation
rules:
function Map<Object, Object> addObject() {
return new HashMap<Object, Object>();
}
function ArrayList<Object> addArray() {
return new ArrayList<Object>();
}
function Map<String,Object> operation(String op,
String path,
String from,
Object value) {
Map< String,Object> operationObj = new HashMap< String,Object>();
operationObj.put("op", op);
operationObj.put("path", path);
operationObj.put("from", from);
operationObj.put("value", value);
return operationObj;
}
Common rules
Following is a common rule sample
file.
rule "Ipx-Add-Modification-block-If-Not-Found"
salience 3
when
req : Request(body.has("$.modifications") == false)
then
req.body.put("$", "modifications", addObject())
req.body.put("$.modifications", "operations", addArray())
end
rule "Ipx-Add-Operations-Array-If-Not-Found"
salience 4
when
req : Request(body.has("$.modifications.operations") == false)
then
req.body.put("$.modifications", "operations", addArray())
end
rule "Ipx-Add-Modification-block-If-Not-Found-Rsp"
salience 5
when
rsp : Response(body.has("$.modifications") == false)
then
rsp.body.put("$", "modifications", addObject())
rsp.body.put("$.modifications", "operations", addArray())
end
rule "Ipx-Add-Operations-Array-If-Not-Found-Rsp"
salience 6
when
rsp : Response(body.has("$.modifications.operations") == false)
then
rsp.body.put("$.modifications", "operations", addArray())
end
Custom rules
Following is the custom rule sample
file.
rule "IPX-Sample Rule Behave1"
when
rsp : Response(body.has("$..metaData.authorizedIpxId", "ipx.oracle.com") && body.has("$..statusLine","HTTP/2 200 OK"))
then
String iePath1 = rsp.body.absPath("$..payload","iePath", "/nfInstances/0/fqdn")
String iePath2 = rsp.body.absPath("$..payload","iePath", "/nfInstances/0/ausfInfo/supiRanges/0/start")
rsp.body.put("$.modifications","operations",operation("ADD", "dataToIntegrityProtectBlock/payload", null, "['/validity','BODY','400']"))
rsp.body.put("$.modifications","operations",operation("REMOVE", "dataToIntegrityProtectBlock"+iePath1,null, null))
rsp.body.add("$.modifications.operations",operation("REPLACE", "dataToIntegrityProtectBlock"+iePath2,null, "20"))
end
rule "IPX-Sample Rule Behave2"
when
rsp : Response(body.has("$..metaData.authorizedIpxId", "ipx.oracle.com") && body.has("$..statusLine","HTTP/2 200 OK") && body.has("$..headers[*].header","content-type"))
then
String iePath = rsp.body.absPath("$..headers","header", "content-type")
rsp.body.add("$.modifications.operations",operation("ADD", "dataToIntegrityProtectBlock/headers", null, "['Content-type','charset=UTF-8']"))
rsp.body.add("$.modifications.operations",operation("ADD", "dataToIntegrityProtectBlock/headers",null, "['Content-type','text/plain']"))
rsp.body.add("$.modifications.operations",operation("REMOVE", "dataToIntegrityProtectBlock"+iePath,null, null))
end
rule "IPX-Sample Rule Behave4"
when
rsp : Response(body.has("$..metaData.authorizedIpxId", "ipx.oracle.com") && body.has("$..statusLine","HTTP/2 200 OK") && body.has("$..payload[*].iePath","/nfInstances/0/ausfInfo/supiRanges/0/end"))
then
String iePath = rsp.body.absPath("$..payload","iePath", "/nfInstances/0/ausfInfo/supiRanges/0/end")
rsp.body.add("$.modifications.operations",operation("REMOVE", "dataToIntegrityProtectBlock"+iePath, null, null))
end