5 Common Services REST APIs
This chapter provides information about the REST specifications for Common Services used in NRF. You can use the following APIs to update configurations related to the Overload Control feature.
5.1 Perf-Info Configuration
This section explains REST API configurations required at Perf-Info to enable Overload control feature.
5.1.1 Overload Level Threshold Configuration in Perf-Info
The following URI can be used for configuring overload threshold in Ingress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/perfinfo/overloadLevelThreshold
Method:
- GET: Get Overload Threshold Value of the required service (Backend service).
- PUT: Update the Overload Threshold Value of the required service (Backend service).
- DELETE: Delete the Overload Threshold Value of the required service (Backend service).
Content Type: application/json
[
{
"svcName": "ocnrf-nfdiscovery",
"metricsThresholdList": [
{
"metricsName": "svc_failure_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 250,
"abatementValue": 200
},
{
"level": "L2",
"onsetValue": 300,
"abatementValue": 280
},
{
"level": "L3",
"onsetValue": 600,
"abatementValue": 480
},
{
"level": "L4",
"onsetValue": 900,
"abatementValue": 720
}
]
},
{
"metricsName": "memory",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 70,
"abatementValue": 65
},
{
"level": "L2",
"onsetValue": 80,
"abatementValue": 75
},
{
"level": "L3",
"onsetValue": 90,
"abatementValue": 85
},
{
"level": "L4",
"onsetValue": 95,
"abatementValue": 91
}
]
},
{
"metricsName": "cpu",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 65,
"abatementValue": 60
},
{
"level": "L2",
"onsetValue": 75,
"abatementValue": 70
},
{
"level": "L3",
"onsetValue": 80,
"abatementValue": 75
},
{
"level": "L4",
"onsetValue": 90,
"abatementValue": 85
}
]
},
{
"metricsName": "svc_pending_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 5000,
"abatementValue": 4500
},
{
"level": "L2",
"onsetValue": 6000,
"abatementValue": 5300
},
{
"level": "L3",
"onsetValue": 7000,
"abatementValue": 6200
},
{
"level": "L4",
"onsetValue": 8000,
"abatementValue": 7200
}
]
}
]
},
{
"svcName": "ocnrf-nfregistration",
"metricsThresholdList": [
{
"metricsName": "svc_failure_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 250,
"abatementValue": 200
},
{
"level": "L2",
"onsetValue": 300,
"abatementValue": 280
},
{
"level": "L3",
"onsetValue": 600,
"abatementValue": 480
},
{
"level": "L4",
"onsetValue": 900,
"abatementValue": 720
}
]
},
{
"metricsName": "memory",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 70,
"abatementValue": 65
},
{
"level": "L2",
"onsetValue": 80,
"abatementValue": 75
},
{
"level": "L3",
"onsetValue": 90,
"abatementValue": 85
},
{
"level": "L4",
"onsetValue": 95,
"abatementValue": 91
}
]
},
{
"metricsName": "cpu",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 65,
"abatementValue": 60
},
{
"level": "L2",
"onsetValue": 75,
"abatementValue": 70
},
{
"level": "L3",
"onsetValue": 80,
"abatementValue": 75
},
{
"level": "L4",
"onsetValue": 90,
"abatementValue": 85
}
]
},
{
"metricsName": "svc_pending_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 5000,
"abatementValue": 4500
},
{
"level": "L2",
"onsetValue": 6000,
"abatementValue": 5300
},
{
"level": "L3",
"onsetValue": 7000,
"abatementValue": 6200
},
{
"level": "L4",
"onsetValue": 8000,
"abatementValue": 7200
}
]
}
]
},
{
"svcName": "ocnrf-nfaccesstoken",
"metricsThresholdList": [
{
"metricsName": "svc_failure_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 250,
"abatementValue": 200
},
{
"level": "L2",
"onsetValue": 300,
"abatementValue": 280
},
{
"level": "L3",
"onsetValue": 600,
"abatementValue": 480
},
{
"level": "L4",
"onsetValue": 900,
"abatementValue": 720
}
]
},
{
"metricsName": "memory",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 70,
"abatementValue": 65
},
{
"level": "L2",
"onsetValue": 80,
"abatementValue": 75
},
{
"level": "L3",
"onsetValue": 90,
"abatementValue": 85
},
{
"level": "L4",
"onsetValue": 95,
"abatementValue": 91
}
]
},
{
"metricsName": "cpu",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 65,
"abatementValue": 60
},
{
"level": "L2",
"onsetValue": 75,
"abatementValue": 70
},
{
"level": "L3",
"onsetValue": 80,
"abatementValue": 75
},
{
"level": "L4",
"onsetValue": 92,
"abatementValue": 87
}
]
},
{
"metricsName": "svc_pending_count",
"levelThresholdList": [
{
"level": "L1",
"onsetValue": 100,
"abatementValue": 58
},
{
"level": "L2",
"onsetValue": 190,
"abatementValue": 125
},
{
"level": "L3",
"onsetValue": 250,
"abatementValue": 200
},
{
"level": "L4",
"onsetValue": 400,
"abatementValue": 300
}
]
}
]
}
]Table 5-1 Overload Level Threshold
| Attribute Name | Description | Details |
|---|---|---|
svcName |
Name of the backend service (svcName). | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList |
List of criteria used to calculate the load level. | DataType:
array
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList.metricsName |
Name of overload indicator such as cpu, svc_failure_count, svc_pending_count, and memory. | DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList.levelThresholdList |
List of threshold values. | DataType: array
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList.levelThresholdList.level |
Specifies the name of the level. The name specified in this parameter
must match the level name in Ingress Gateway's
ocdiscardpolicies.
|
DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList.levelThresholdList.abatementValue |
The overload condition is considered as cleared, if the
load level for the indicator mentioned in
metricsThresholdList.metricsName is below the abatement value.
|
DataType:
integer
Mandatory(M)/Optional(O)/Conditional(C): M |
metricsThresholdList.levelThresholdList.onsetValue |
The load level for the indicator mentioned in
metricsThresholdList.metricsName is set as per the
metricsThresholdList.levelThresholdList.level, if the overload
condition is breached this onset value.
|
DataType:
integer
Mandatory(M)/Optional(O)/Conditional(C): M |
5.2 Egress Gateway Configuration
This section explains REST API configurations required at Egress Gateway for various features.
5.2.1 Peer Configuration
This resource is used in SbiRouting feature. This URI can be used to add
or update the list of peers wherein each peer consists of ID, host, port or virtualHost,
and apiPrefix. The ID of each peer is mapped to peerIdentifier in
"peersetconfiguration" resource. The default value is null.
Peer Configuration
URI: {apiRoot}/nrf/nf-common-component/v1/egw/peerconfiguration
Method: PUT, PATCH, GET
- PUT: Updates peer configuration.
- GET: Retrieves peer configuration.
- PATCH: Updates specific peer configuration.
Resource: array (PeerConfiguration)
Body:
curl -v -X PUT "http://10.75.226.126:30747/nrf/nf-common-component/v1/egw/peerconfiguration" -H "Content-Type: application/json" -d @peer.json
peer.json sample:-
[
{
"id": "peer1",
"host": "scp-stub-service01",
"port": "8080",
"apiPrefix": "/",
"healthApiPath":"/{scpApiRoot}/{apiVersion}/status"
},
{
"id": "peer2",
"host": "scp-stub-service02",
"port": "8080",
"apiPrefix": "/",
"healthApiPath":"/{scpApiRoot}/{apiVersion}/status"
}
]curl -v -X PUT "http://10.75.226.126:30747/nrf/nf-common-component/v1/egw/peerconfiguration" -H "Content-Type: application/json" -d @peer.json
peer.json sample:-
[
{
"id": "peer3",
"virtualHost": "scp-stub-service03",
"apiPrefix": "/",
"healthApiPath":"/{scpApiRoot}/{apiVersion}/status"
}
]Note:
Combination of static and virtual host configuration is not supported.Table 5-2 Peer Configuration
| Attribute Name | Description | Details |
|---|---|---|
id |
Peer identifier | DataType: string
Constraints: Unique value in peer configuration Default Value: NA |
host |
Host details of a local peer. It can be IPv4, IPv6 and FQDN details. |
DataType: string
Constraints: NA Default Value: NA |
port |
Port details of a local host peer. | DataType: string
Constraints: NA Default Value: NA |
virtualHost |
Host details of a remote peer.
This FQDN is sent to Alternate Route Service for DNS SRV resolution. |
DataType: string
Constraints: NA Default Value: NA |
apiPrefix |
API prefix details of a peer. | DataType: string
Constraints: Keep the value as / only for NRF Default Value: NA |
healthApiPath |
Include the SCP API details. | DataType: string
Constraints: NA Default Value: /{scpApiRoot}/{apiVersion}/status |
5.2.2 Peer Set Configuration
This section provides details about peer set configuration at Egress
Gateway. This URI is used to add or update the list of peer sets wherein each peer
set consists of id and list of http/https instances. Each instance
consists of priority and peer identifier that is mapped to id in peerconfiguration
resource. The id of each peer set is mapped to
peerSetIdentifier in routesconfiguration
resource. The default value is null.
URI: {apiRoot}/nrf/nf-common-component/v1/egw/peersetconfiguration
Method: PUT, PATCH, GET
- PUT: Updates peer set configuration.
- GET: Retrieves peer set configuration.
- PATCH: Updates specific peer set configuration.
Resource: array (PeerSetConfiguration)
curl -v -X PUT "http://10.75.226.126:32247/nrf/nf-common-component/v1/egw/peersetconfiguration" -H "Content-Type: application/json" -d @peerset.json
sample peerset.json
[
{
"id":"set0",
"httpConfiguration":[
{
"priority": 1,
"peerIdentifier": "peer1"
}],
"httpsConfiguration":[
{
"priority": 1,
"peerIdentifier": "peer1"
}]
}
]Table 5-3 Peer Set Configuration
| Attribute | Description | Details |
|---|---|---|
id |
Identifier for Peer Set. | DataType: string
Constraints: Unique value in peer set configuration. Default Value: NA |
httpConfiguration |
Configuration for HTTP based Peers. This value will be selected, if 3GPPAPIRootScheme value is http. | DataType: array (Table 5-4)
Constraints: NA Default Value: NA |
httpsConfiguration |
Configuration for HTTPs based Peers. This value will be selected, if 3GPPAPIRootScheme value is https. | DataType: array (Table 5-4)
Constraints: NA Default Value: NA |
Table 5-4 Peer Identifier Configuration
| Attribute | Description | Details |
|---|---|---|
priority |
Priority of peer to be used in a peer set. | DataType: integer
Constraints: Priority must be unique. Default Value: NA |
peerIdentifier |
Peer identifier is the value of peer configured during PeerConfiguration. | DataType: string
Constraints: NA Default Value: NA |
5.2.3 Peer Monitoring Configuration
The below API is used to retrieve the peer monitoring configuration.
URI: {apiRoot}/nrf/nf-common-component/v1/egw/peermonitoringconfiguration
- GET: Fetches the details of peer monitoring configuration.
- PUT: Updates replace the existing values with the new value sent for peer monitoring configuration.
- PATCH: Changes the value of the modified parameters in peer monitoring configuration.
Content Type: application/json
Body:
{
"enabled":true,
"timeout":1000,
"frequency":2000,
"failureThreshold":3,
"successThreshold":4
}Table 5-5 Peer Monitoring Configuration
| Attribute | Description | Details |
|---|---|---|
enabled |
Indicates the attribute to enable or disable monitoring at a global level. |
DataType: Boolean Constraints:true or false Default Value: false |
timeout |
Indicates the flag to configure the duration of time after which calls to the SCP health API is timed out. |
DataType: long Constraints:NA Recommended Range: 300 milliseconds to 10000 milliseconds Default Value: 1000 milliseconds |
frequency |
Indicates the frequency or interval at which Egress Gateway microservice initiates health check calls toward SCP. |
DataType: long Constraints:NA Recommended Range: 300 milliseconds to 10000 milliseconds Default Value: 2000 milliseconds |
failureThreshold |
Indicates the number of consecutive failure responses after which a healthy SCP can be marked as unhealthy. Health API call to given SCP fails consecutively to these many attempts before it is marked as Unavailable from Available. |
Data Type: Integer Constraints: NA Recommended Range: 1 to 5 Default Value: 3 |
successThreshold |
Indicates the number of successful responses after which an unhealthy SCP can be marked as healthy. Health API call to given SCP shall succeed consecutively to these many attempts before it is marked as Available from Unavailable. |
Data Type: Integer Constraints: NA Recommended Range: 1 to 5 Default Value: 4 |
5.2.4 Error Criteria Sets
This section provides details about error criteria set configuration at Egress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/egw/sbiroutingerrorcriteriasets
Method: PUT, PATCH, GET
- PUT: Updates sbiroutingerrorcriteria configuration.
- GET: Retrieves sbiroutingerrorcriteria configuration.
- PATCH: Updates specific sbiroutingerrorcriteria configuration.
[
{
"id":"criteria_0",
"method":[
"GET",
"POST",
"PUT",
"DELETE",
"PATCH"
],
"exceptions":[
"java.util.concurrent.TimeoutException",
"java.net.UnknownHostException"
]
},
{
"id":"criteria_1",
"method":[
"GET",
"POST",
"PUT",
"DELETE",
"PATCH"
],
"response":{
"statuses":[
{
"statusSeries":"4xx",
"status":[
400,
404
]
},
{
"statusSeries":"5xx",
"status":[
500,
503
]
}
]}
}
]Table 5-6 sbiroutingerrorcriteriasets
| Attribute | Description | Details |
|---|---|---|
sbiroutingerrorcriteriasets.id |
Unique id for a sbiRoutingErrorCriteriaSet | DataType: string
Constraints: Unique value of route Default Value: NA |
sbiroutingerrorcriteriasets.method |
Methods for which reroute or retry is triggered. | DataType: string
Constraints: GET, POST, PUT, PATCH, DELETE Default Value: NA |
sbiroutingerrorcriteriasets.response.exceptions |
Specific exceptions for which reroute or retry is
triggered.
Note: exceptions and response cannot be configured under same criteria Id. |
DataType: string
Constraints: NA Default Value: java.util.concurrent.TimeoutException |
sbiroutingerrorcriteriasets.response.statuses.statusSeries |
Http Status Series for which reroute or retry is triggered, when the error response is received from downstream. | DataType: string
Constraints: 4xx, 5xx Default Value: NA |
sbiroutingerrorcriteriasets.response.statuses.status |
Specific HTTP Statuses that belongs to above mentioned status series for which reroute or retry is triggered. To enable retry or reroute for all the HTTP status belonging to a status series, configure this as -1. | DataType: string
Constraints: 401, 404 or -1 Default Value: NA |
sbiroutingerrorcriteriasets.response.exceptions |
Specific exceptions for which reroute or retry is
triggered.
Note: exceptions and response cannot be configured under same criteria Id. |
DataType: string
Constraints: NA Default Value: java.util.concurrent.TimeoutException |
5.2.5 Error Action Sets
This section provides details about error action set configuration at Egress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/egw/sbiroutingerroractionsets
Method: PUT, PATCH, GET
- PUT: Updates sbiroutingerroraction configuration.
- GET: Retrieves sbiroutingerroraction configuration.
- PATCH: Updates specific sbiroutingerroraction configuration.
[
{
"id":"action_0",
"action":"reroute",
"attempts":2,
"blacklist":{
"enabled":false,
"duration":60000
}
},
{
"id":"action_1",
"action":"reroute",
"attempts":2,
"blacklist":{
"enabled":false,
"duration":60000
}
}
]Table 5-7 sbiroutingerroractionsets
| Attribute | Description | Details |
|---|---|---|
sbiroutingerroractionsets.id |
Unique Id for sbiRoutingErrorActionSet | DataType: string
Constraints: Default Value: NA |
sbiroutingerroractionsets.action |
Action that needs to be taken when specific criteria set is matched. | DataType: string
Constraints: reroute, retry Default Value: reroute |
sbiroutingerroractionsets.attempts |
Maximum no of retries to either same or different peer in case of error or failures from backend. | DataType: string
Constraints: NA Default Value: 3 |
sbiroutingerroractionsets.blackList.enabled |
This flag enables the peer blacklist feature using the server headers received in the response. | DataType: boolean
Constraints: true, false Default Value: false |
sbiroutingerroractionsets.blackList.duration |
The duration for which the peer is blacklisted and no traffic is routed to that peer for this period. | DataType: integer
Constraints: NA Default Value: 60000 |
5.2.6 Routes Configuration
This URI can be used to fetch and update the list of routes configuration.
Routes Configuration
URI: {apiRoot}/nrf/nf-common-component/v1/egw/routesconfiguration
Method: PUT, PATCH, GET
- PUT: Updates route configuration.
- GET: Retrieves route configuration.
- PATCH: Updates specific route configuration.
Resource: array (RoutesConfiguration)
Body
{
"id":"egress_scp_proxy2",
"uri":"http://localhost:32069/",
"order":3,
"metadata":{
"httpsTargetOnly":false,
"httpRuriOnly":false,
"sbiRoutingEnabled":false
},
"predicates":[
{
"args":{
"pattern":"/nef"
},
"name":"Path"
}
],
"filters":[
{
"name":"SbiRouting",
"args":{
"peerSetIdentifier":"set0",
"customPeerSelectorEnabled":false
}
}
]
}Table 5-8 Routes Configuration
| Attribute | Description | Details |
|---|---|---|
id |
Route configuration identifier CAUTION:- Default Route with id
' |
DataType: string
Constraints: Unique value of route Default Value: NA |
uri |
Provide any dummy URL, or leave the existing URL with the existing value. | DataType: string
Constraints: NA Default Value: NA |
order |
Provide the order of the execution of this route. Note: The value of the order attribute must be unique for each routing configuration. |
DataType: integer
Constraints: NA Default Value: NA |
httpRuriOnly |
This flag indicates the scheme of the outgoing request from
OCNRF.
If the value is set to true, the scheme of RURI is changed to http. If the value is set to false, no change occurs to the scheme. Note: In case of non-ASM configuration and
|
DataType: boolean (true,false)
Constraints: NA Default Value: NA |
httpsTargetOnly |
For NRF, the value of this flag must always be set to true. Note: This is a read-only attribute. |
DataType: boolean (true, false)
Constraints: NA Default Value: NA |
predicates |
Header predicate details for matching target PLMN mapped to this SBIRoute rule. Note: The predicates can be combined in a single configuration as shown in the Body, or only the required configuration can be retained for processing the message. Sample value:- "predicates": [{ "args": { "header": "OC-MCCMNC", "regexp": "310014" }, "name": "Header" }] Note: "header": "OC-MCCMNC" must not be changed. Only "regexp": "310014" can be modified. regexp consists of MCC and MNC values. In this example, value of MCC and MNC is 310 and 014. Multiple values can be provided for regexp as shown below: "predicates": [{ "args": { "header": "OC-MCCMNC", "regexp": "310014" }, "name": "Header" }, { "args": { "header": "OC-MCCMNC", "regexp": "315012" }, "name": "Header" }] |
DataType: Predicate structure. See description for more
details.
Constraints: NA Default Value: NA |
filters |
Filters can be created for various purposes. Use all of the filters as mentioned in the example without any updates. | DataType: Filter structure. See the description for more
details.
Constraints: NA Default Value: NA |
5.3 Ingress Gateway Configuration
This section explains REST API configurations required at Ingress Gateway for various features.
5.3.1 Policy Mapping Configuration in Ingress Gateway
The following URI can be used to update service names and corresponding policy names for the service that is mapped to "ocDiscardPolicies" based on "policyName" and enable or disable the Overload Control feature and the sampling period in overload control. The Overload Control feature is disabled by default, and the sampling period is 200. To enable the feature, invoke REST API and update the enabled flag to true.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/ocpolicymapping
Method:
- GET: Get Policy mapping value of the required service.
- PUT: Update the Policy mapping value of the required service.
Content Type: application/json
{
"enabled": true,
"mappings": [
{
"svcName": "ocnrf-nfdiscovery",
"policyName": "nfdiscoveryPolicy"
},
{
"svcName": "ocnrf-nfaccesstoken",
"policyName": "nfaccesstokenPolicy"
},
{
"svcName": "ocnrf-nfregistration",
"policyName": "nfregistrationPolicy"
}
],
"samplingPeriod": 200
}Table 5-9 Policy Mapping Configuration
| Attribute Name | Description | Details |
|---|---|---|
enabled |
To enable or disable discard policy at Ingress Gateway. | DataType:
boolean
Mandatory(M)/Optional(O)/Conditional(C): M |
mappings.svcName |
The service entry to determine a mapping between service and discard
policy name per service. svcName must be added in the following
format:<deployment-name>-<servicename>
Note: servicename is fixed and cannot be changed. |
DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
mappings.policyName |
The discard policy entry to determine a mapping between service and discard policy name per service. | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
samplingPeriod |
Time frame for each cycle of Overload Control per service. Its value is in milliseconds. | DataType:
integer
Mandatory(M)/Optional(O)/Conditional(C): M |
5.3.2 Discard Policy Configuration in Ingress Gateway
The following URI can be used to update discard policies that are used in
overload control to select the appropriate policy from the configured list based on the
load level of a particular service. By default, ocdiscardpolicies is
null.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/ocdiscardpolicies
Method:
- GET: Get discard policy configuration of the required service.
- PUT: Update discard policy configuration of the required service.
Content Type: application/json
[
{
"name": "nfdiscoveryPolicy",
"scheme": "PercentageBased",
"policies": [
{
"level": "L1",
"value": 0,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L2",
"value": 10,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L3",
"value": 25,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L4",
"value": 50,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error503"
}
]
},
{
"name": "nfaccesstokenPolicy",
"scheme": "PercentageBased",
"policies": [
{
"level": "L1",
"value": 0,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L2",
"value": 10,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L3",
"value": 25,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L4",
"value": 50,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error503"
}
]
},
{
"name": "nfregistrationPolicy",
"scheme": "PercentageBased",
"policies": [
{
"level": "L1",
"value": 0,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L2",
"value": 10,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L3",
"value": 15,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error429"
},
{
"level": "L4",
"value": 25,
"action": "RejectWithErrorCode",
"errorCodeProfile": "error503"
}
]
}
]Table 5-10 Discard Policy Configuration
| Attribute Name | Description | Details |
|---|---|---|
name |
Name of the discarded policy. Note: name must be the value configured in policyName under ocpolicymapping. |
DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
scheme |
Discarded policy scheme based on percentage. | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
policies.value |
Value of priority above which requests are considered as potential candidates for drop. Percentage of requests to drop in the current sampling period over the calculated rate in the previous sampling period. | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
policies.action |
Defines the action to be taken on selected requests rejection based on error code. | DataType: string
The value can be: RejectWithErrorCode Mandatory(M)/Optional(O)/Conditional(C): M |
policies.level |
Defines the overload level. | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
policies.errorCodeProfile |
The error code profiles. | DataType:
string
Mandatory(M)/Optional(O)/Conditional(C): M |
5.3.3 Error Code Profile Configuration in Ingress Gateway
The following URI can be used to update the errorcodeprofiles that is used in Overload Control, Controlled Shutdown feature for populating details in error responses when a request is discarded.
Note:
Below is the sample error code profile that can be linked for controlled shutdown. The errorcodeprofiles configuration is used for other features as well. Hence, the configuration must be performed with caution.By default, the errorcodeprofiles remains null.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/errorcodeprofiles
Method:
- GET: Get Error Code configuration of the required service.
- PUT: Update Error Code configuration of the required service.
Content Type: application/json
[
{
"name": "error429",
"errorCode": 429,
"errorCause": "Too many requests",
"errorTitle": "Too many requests",
"redirectURL": "",
"retry-after": "",
"errorDescription": "Too many requests"
},
{
"name": "error503",
"errorCode": 503,
"errorCause": "Backend not able to handle traffic",
"errorTitle": "Backend not able to handle traffic",
"redirectURL": "",
"retry-after": "",
"errorDescription": "Backend not able to handle traffic"
},
{
"name": "shutdownerror503",
"errorCode": 503,
"errorCause": "UNSPECIFIED_NF_FAILURE",
"errorTitle": "NRF is in COMPLETE_SHUTDOWN state. Service temporarily unavailable",
"redirectURL": "",
"retry-after": "",
"errorDescription": "NRF is in COMPLETE_SHUTDOWN state. Service temporarily unavailable"
}
]Table 5-11 Error Code Profile Configuration
| Attribute Name | Description | Details |
|---|---|---|
name |
Error name. | DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
errorCode |
errorCode field in an errorScenario determines the HttpStatusCode that needs to be populated in ProblemDetails (HttpStatus field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType field. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): M |
errorCause |
errorCause field in an errorScenario determines the error cause that needs to be populated in ProblemDetails (Cause field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): O |
errorTitle |
errorTitle field in an errorScenario determines the title that needs to be populated in ProblemDetails (Title field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): O |
redirectURL |
redirectURL field in an errorScenario determines the redirection URL, this value is populated in LOCATION header while sending response from Ingress Gateway. The header is populated only when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter, the errorCode configured for the particular errorScenario lies in 3xx error series and the redirectUrl field for the particular errorScenario is configured appropriately. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): O |
retry-after |
retry-after field in an errorScenario determines the value in seconds or particular date after which the service should be retried, this value is populated in Retry-After header while sending response from Ingress Gateway. The header is populated only when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType parameter, the errorCode configured for the particular errorScenario lies in 3xx error series and the retry-after field for the particular errorScenario is configured appropriately in seconds. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): O |
errorDescription |
errorDescription field in an errorScenario determines the description that needs to be populated in ProblemDetails (Detail field) response from Ingress Gateway when the exception occurred at Ingress Gateway matches the configured errorScenario's exceptionType field. | DataType: integer
Mandatory(M)/Optional(O)/Conditional(C): O |
5.3.4 Error Code Series Configuration in Ingress Gateway
The following URI can be used to update the errorcodeserieslist used in Overload Control feature to list the configurable exception or error for an error scenario in Ingress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/errorcodeserieslist
Method:
- GET: Get Error Code Series configuration of the required service.
- PUT: Update Error Code Series configuration of the required service.
Content Type: application/json
[
{
"id": "E1",
"exceptionList": [
"RequestTimeout",
"ConnectionTimeout",
"UnknownHostException",
"NotFoundException"
],
"errorCodeSeries":
[
{
"errorSet": "4xx",
"errorCodes": [400, 408]
},
{
"errorSet": "5xx",
"errorCodes": [500, 503]
}
]
}
]Table 5-12 Error Code Series Configuration
| Attribute Name | Description | Details |
|---|---|---|
id |
Indicates the error code identifier. | DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
exceptionList |
Lists the configurable exception or error for an error scenario in Ingress Gateway. The only supported values are: ConnectionTimeout, RequestTimeout, UnknownHostException, ConnectException, RejectedExecutionException, InternalError and NotFoundException, ClosedChannelException, BlackListIpException |
DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
errorCodeSeries |
Lists the error codes for a specific service. Note: "ErrorCodeSeries" is configured only if a set of error responses with specific error codes is expected in server header. If it is not configured then all the error responses will have server header. |
DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
errorSet |
Possible values for "errorSet" attribute: 5xx, 4xx, 3xx, 2xx, 1xx | DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
errorCodes |
Possible values include all error codes in the respective HttpSeries value assigned for "errorSet". Note: Use single value of "-1" if all error codes in that HttpSeries are to be considered. |
DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
5.3.5 Routes Configuration in Ingress Gateway
The following URI can be used to configure the route ID and configuration in Ingress Gateway.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/routesconfiguration
Method: PUT
Content Type: application/json
[
{
"id": "disc_mapping",
"failureReqCountErrorCodeSeriesId": "E1"
},
{
"id": "registration_mapping",
"failureReqCountErrorCodeSeriesId": "E1"
},
{
"id": "accesstoken_mapping",
"failureReqCountErrorCodeSeriesId": "E1"
}
]Table 5-13 Routes Configuration
| Attribute Name | Description | Details |
|---|---|---|
id |
Value of "id" attribute defines a specific service for route configuration. | DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
failureReqCountErrorCodeSeriesId |
Indicates the ID that is used to map the service with the error code ID defined in errorcodeserieslist. | DataType: string
Mandatory(M)/Optional(O)/Conditional(C): M |
5.3.6 Controlled Shutdown Error Mapping Configuration
The following URI can be used for mapping between the routes and the error code profile that is used when the Ingress Gateway rejects incoming requests.
URI: {apiRoot}/nrf/nf-common-component/v1/igw/controlledshutdownerrormapping
- GET: Gets the mapping between the routes and the error code profile.
- PUT: Updates the mapping between the routes and the error code profile.
Content Type: application/json
{
"routeErrorProfileList": [
{
"routeId":"disc_mapping",
"errorProfileName":"shutdownerror503"
},
{
"routeId":"registration_mapping",
"errorProfileName":"shutdownerror503"
},
{
"routeId":"accesstoken_mapping",
"errorProfileName":"shutdownerror503"
},
{
"routeId":"subscription_mapping",
"errorProfileName":"shutdownerror503"
}
]
}Table 5-14 Controlled Shutdown Error Mapping
| Attribute Name | Description | Details |
|---|---|---|
routeErrorProfileList.routeId |
The route id that is configured in routes configuration. |
DataType: string Constraints: NA Possible values: <subscription_mapping,accesstoken_mapping,registration_mapping,disc_mapping> The possible values should match with the routeId of the routes configuration. Default Value: NA |
routeErrorProfileList.errorProfileName |
The error profile name that is used to fetch the error from errorcodeprofiles. |
DataType: string Constraints: NA Default Value: shutdownerror503 |
5.3.7 CCA Header Validation
The following URI can be used for configuring the CCA header validation requests.
URI:
{apiRoot}/{nfType}/nf-common-component/v1/igw/ccaheader
- GET: Gets the details stored in DB for property ccaheader.
- PUT: Replaces the existing values with the new value sent.
- PATCH: Updates the value of the parameters modified.
Content Type: application/json
{
"enabled": false,
"minExpiryTime": 2000,
"maxTokenAge": 20,
"role": "NRF",
"subKey": "subjectAltName",
"validationRule": "strict",
"k8SecretName": "ocingress-secret",
"k8NameSpace": "ocingress-ns",
"fileName": "caroot.cer"
}Table 5-15 CCA Header Validation Configuration
| Attribute Name | Description | Details |
|---|---|---|
enabled |
Indicates if the CCA validation feature flag is enabled
or disabled.
Note: This is a read-only parameter. If you want to enable
this feature, use
|
Data Type: boolean Constraints: true, false Default Value: false Presence: M |
minExpiryTime |
Indicates the buffer or additional time that is added to the current time to check it with the certificate expiry time. |
Data Type: integer Constraints:NA Default Value: 0 Presence: M |
maxTokenAge |
Indicates the maximum token age allowed.
Note: It skips the check if the value is 0. |
Data Type: integer Constraints: 0 - 86400 seconds Default Value: 0 Recommended Value: 60 for NRF. Presence: M |
role |
Indicates the CCA token validator role to match the
audience claim in the header.
Note: This is a read-only parameter. |
Data Type: string Constraints: NA Default Value: NRF Presence: M |
subKey |
Indicates if the certificate extension name to be read in
the public key certificate received in CCA request for
consumer NFs Instance Id.
For NRF this value should be NF Instance
Id.
Note: This is a read-only parameter. |
Data Type: string Constraints: NA Default Value: subjectAltName Presence: M |
validationRule |
Indicates the CCA validation rule.
For NRF, this value is always strict. |
Data Type: string Constraints: strict, relaxed Default Value: strict Presence: M |
k8SecretName |
Indicates the name of the Kubernetes secret in which the
CA bundle is present.
Note: After fresh installation, these attributes must be configured with appropriate values as per the system requirement using the Rest API as these values are sample ones. Example
|
Data Type: string Constraints: NA Default Value: NA Presence: M |
k8SecretNameSpace |
Indicates the Kubernetes namespace in which CA bundle is
present.
Note: changens value is updated with NRF secret for CCA header. Note: After fresh installation, these attributes must be configured with appropriate values as per the system requirement using the Rest API as these values are sample ones. Example
|
Data Type: string Constraints: NA Default Value: NA Presence: M |
fileName |
Indicates the name of the CA bundle file used for CCA.
This is the file generated by certificate and key generation steps.
Note: After fresh installation, these attributes must be configured with appropriate values as per the system requirement using the Rest API as these values are sample ones. Example:
|
Data Type: string Constraints: NA Default Value: NA Presence: M |
5.3.8 Ingress Gateway Pod Protection Options
URI: {apiRoot}/nf-common-component/v1/igw/podprotection
- GET: Retrieves Ingress Gateway pod protection options configuration.
- PUT: Enables or Disables Ingress Gateway pod protection feature.
Content Type: application/json
{
"enabled": true,
"monitoringInterval": 100,
"congestionControl": {
"enabled": true,
"stateChangeSampleCount": 10,
"actionSamplingPeriod": 3,
"states": [
{
"name": "Normal",
"weight": 0,
"entryAction": [
{
"action": "MaxConcurrentStreamsUpdate",
"arguments": {
"incrementBy": 30,
"incrementByActionSamplingPeriod": 3,
"maxConcurrentStreamsPerCon": 100
}
},
{
"action": "AcceptIncomingConnections",
"arguments": {
"accept": true
}
}
]
},
{
"name": "DoC",
"weight": 1,
"resourceThreshold": {
"pendingMessage": 1500,
"CPU": 75
},
"entryAction": [
{
"action": "AcceptIncomingConnections",
"arguments": {
"accept": false
}
},
{
"action": "MaxConcurrentStreamsUpdate",
"arguments": {
"incrementBy": 30,
"incrementByActionSamplingPeriod": 3,
"decrementBy": 30,
"decrementByActionSamplingPeriod": 1,
"maxConcurrentStreamsPerCon": 10
}
}
]
},
{
"name": "Congested",
"weight": 2,
"resourceThreshold": {
"pendingMessage": 2000,
"CPU": 85
},
"entryAction": [
{
"action": "AcceptIncomingConnections",
"arguments": {
"accept": false
}
},
{
"action": "MaxConcurrentStreamsUpdate",
"arguments": {
"decrementBy": 30,
"decrementByActionSamplingPeriod": 1,
"maxConcurrentStreamsPerCon": 1
}
}
]
}
]
}
}Table 5-16 Pod Protection Options
| Attribute | Description | Details |
|---|---|---|
enabled |
This attribute indicates if the Pod Protection feature is enabled or disabled. | DataType: Boolean
Constraints: true, false Default Value: false |
monitoringInterval |
This attribute indicates the periodicity at which the overload state is monitored. Unit: Milliseconds Note: This is a read-only attribute. The proposed value for this attribute is 100. |
DataType: Integer
Constraints: NA Default Value: NA |
congestionControl |
This attribute specifies the congestion control configuration. For more information about congestion control parameters, see Table 2-72. |
DataType: Object
Constraints: NA Default Value: NA |
Table 5-17 CongestionControlConfig
| Attribute | Description | Details |
|---|---|---|
enabled |
This attribute allows the configuration of pod protection
attributes for the Ingress Gateway pods.
Note: This must be set to true for Pod Protection feature. |
DataType: Boolean
Constraints: true, false Default Value: false |
actionSamplingPeriod |
This attribute indicates the interval at which the
configured action must be considered. The actions are configured
under The interval is calculated as
( Note: This is a read-only attribute. The proposed value for this attribute is 3. |
DataType: Integer
Constraints: NA Default Value: NA |
stateChangeSampleCount |
This attribute indicates the number of times the pod must be in the particular congestion state before transitioning to another state. For example, if the current state is normal, and the new
state is DoC, then NRF moves the pod to DoC only if the state is
reported for 10 times in 1 second
( Note: This is a read-only attribute. The proposed value for this attribute is 10. |
DataType: Integer
Constraints: NA Default Value: NA |
states |
This attribute indicates the congestion states, the
thresholds, and corresponding actions.
For more information about congestion states, see Table 2-73. |
DataType: Object
Constraints: NA Default Value: NA |
Table 5-18 CongestionStates
| Attribute | Description | Details |
|---|---|---|
name |
The name of the congestion state.
Note: This is a read-only attribute. |
DataType: String
Constraints: Normal, Doc, Congested Default Value: NA |
weight |
The weight of the congestion state. The weight indicates
the critical of the congestion state. The lower the value, the lower the
criticality.
Note: This is a read-only attribute. The proposed value for this attribute is for Normal is 0, DoC is 1, and Congested is 2. |
DataType: Integer
Constraints: NA Default Value: NA |
entryAction |
This attribute indicates the actions for the congestion state. For more information about the entry action configuration, see Table 2-74. Note: This is a read-only attribute. |
DataType: List
Constraints: NA Default Value: NA |
resourceThreshold |
This attribute indicates the resource thresholds for the given congestion state. This configuration is mandatory for the 'DoC' and 'Congested' states. For more information about the threshold for each resources, see Table 2-75. Note: This is a read-only attribute. |
DataType: Object
Constraints: NA Default Value: NA |
Table 5-19 EntryActionConfig
| Attribute | Description | Details |
|---|---|---|
action |
This attribute indicates the action for the congestion
state.
|
DataType: String
Constraints: MaxConcurrentStreamsUpdate, AcceptIncomingConnections Default Value: NA |
arguments |
This attribute indicates the actions for the congestion state. For more information about the arguments, see Table 2-76. |
DataType: Map <String, Object>
Constraints: NA Default Value: NA |
Table 5-20 ResourceThreshold
| Attribute | Description | Details |
|---|---|---|
cpu |
The CPU threshold is expressed in percentage.
The recommended value for this attribute is for DoC is 75 and for Congested is 85. Note: The default value is recommended and must not be changed. |
DataType: Integer
Constraints: NA Default Value: NA |
pendingMessage |
The number of pending messages to be processed, expressed
in absolute count.
The recommended value for this attribute is for DoC is 1500 and for Congested is 2000. Note: The default value is recommended and must not be changed. |
DataType: Integer
Constraints: NA Default Value: NA |
Table 5-21 Possible Arguments
| Attribute | Description | Details |
|---|---|---|
accept |
The attribute indicates if the incoming connection should
be accepted or not. Applicable when the action is
AcceptIncomingConnections.
true: The incoming connection is accepted. false: The incoming connection is rejected. The proposed value for Normal state is true, and for DoC and Congested state is false. |
DataType: Boolean
Constraints: true, false Default Value: NA |
incrementBy |
The attribute indicates the factor by which the current
concurrent streams value will be incremented till it reaches
maxConcurrentStreamsPerCon.
Note: This is preconfigured for Normal and DoC state. The proposed value for this attribute is 30. |
DataType: Integer
Constraints: NA Default Value: NA |
decrementBy |
The attribute indicates the factor by which the current
concurrent streams value will be decremented till it reaches
Note: This is preconfigured for DoC and Congested state. The proposed value for this attribute is 30. |
DataType: Integer
Constraints: NA Default Value: NA |
maxConcurrentStreamsPerCon |
The attribute indicates the maximum number of concurrent
streams per connection allowed.
The proposed value for this attribute is for Normal is 100, DoC is 10, and Congested is 1. |
DataType: Integer
Constraints: NA Default Value: NA |
decrementByActionSamplingPeriod |
The attribute indicates the time interval at which the
decrementBy is applied to reach
maxConcurrentStreamsPerCon. If not provided, the
actionSamplingPeriod is used.
Note: This is preconfigured for DoC and Congested state. The proposed value for this attribute is 1. Unit is seconds. |
DataType: Integer
Constraints: NA Default Value: NA |
incrementByActionSamplingPeriod |
The attribute indicates the time interval at which the
incrementBy is applied to reach
maxConcurrentStreamsPerCon. If not provided, the
actionSamplingPeriod is used.
Note: This is preconfigured for Normal and DoC state. The proposed value for this attribute is 3. Unit is seconds. |
DataType: Integer
Constraints: NA Default Value: NA |