radiator vnf configuration manual copyright open system … › nfv ›...

Radiator VNF configuration manual

Configuration manual of Radiator VNF 2017.1. Last revised on November 14, 2017

Copyright Open System Consultants Pty. Ltd, 2017

Table of Contents1. Introduction to Chef and cookbooks ................................................................................................................ 1

1.1. Recipes ................................................................................................................................................... 1

1.2. Attributes ................................................................................................................................................ 1

1.3. Templates ............................................................................................................................................... 1

2. Introduction to Radiator VNF Manager ........................................................................................................... 2

3. General VNF cookbook .................................................................................................................................... 6

3.1. General cookbook attributes .................................................................................................................. 6

3.1.1. Common Radiator VNF attributes .............................................................................................. 6

3.1.2. Configuration attributes .............................................................................................................. 6

3.1.3. Network attributes ....................................................................................................................... 6

3.1.4. Secret handling attributes ............................................................................................................ 7

3.1.5. External service attributes ........................................................................................................... 7

3.1.6. Software installation attributes ................................................................................................... 7

3.2. General cookbook recipes ...................................................................................................................... 7

3.2.1. default .......................................................................................................................................... 8

3.2.2. system .......................................................................................................................................... 8

3.2.3. base .............................................................................................................................................. 8

3.2.4. chef .............................................................................................................................................. 8

3.2.5. configuration ............................................................................................................................... 8

3.2.6. discovery ..................................................................................................................................... 9

3.2.7. consul .......................................................................................................................................... 9

3.2.8. dnsmasq ....................................................................................................................................... 9

3.2.9. filebeat ......................................................................................................................................... 9

3.2.10. ntp .............................................................................................................................................. 9

3.2.11. radiator .................................................................................................................................... 10

3.2.12. syslog ....................................................................................................................................... 10

3.2.13. topbeat ..................................................................................................................................... 10

4. BEDBINT cookbook ...................................................................................................................................... 10

4.1. BEDBINT cookbook attributes ........................................................................................................... 10

4.1.1. Configuration attributes ............................................................................................................ 10

4.1.2. Software installation attributes ................................................................................................. 11

4.2. BEDBINT cookbook recipes ............................................................................................................... 11

4.2.1. default ........................................................................................................................................ 11

4.2.2. install_bedbint ........................................................................................................................... 11

4.2.3. service_bedbint .......................................................................................................................... 12

4.2.4. install_relay ............................................................................................................................... 12

4.2.5. service_relay .............................................................................................................................. 12

5. Control cookbook ........................................................................................................................................... 12

5.1. Control cookbook attributes ................................................................................................................. 12

5.2. Control cookbook recipes .................................................................................................................... 12

Configuration manual of Radiator VNF2017.1. Last revised on November 14, 2017

i of iii

5.2.1. default ........................................................................................................................................ 12

5.2.2. redis ........................................................................................................................................... 13

5.2.3. mariadb ...................................................................................................................................... 13

5.2.4. galera ......................................................................................................................................... 13

6. Loadbalancer cookbook .................................................................................................................................. 13

6.1. Loadbalancer cookbook attributes ....................................................................................................... 13

6.2. Loadbalancer cookbook recipes ........................................................................................................... 14

6.2.1. default ........................................................................................................................................ 14

6.2.2. install_radius ............................................................................................................................. 14

6.2.3. service_radius ............................................................................................................................ 14

6.2.4. install_diameter ......................................................................................................................... 14

6.2.5. service_diameter ........................................................................................................................ 15

7. Management cookbook ................................................................................................................................... 15

7.1. Management cookbook attributes ........................................................................................................ 15

7.1.1. Elasticsearch attributes .............................................................................................................. 15

7.1.2. Logstash attributes .................................................................................................................... 16

7.1.3. Grafana attributes ...................................................................................................................... 16

7.1.4. Address allocator attributes ...................................................................................................... 16

7.1.5. Janitor attributes ........................................................................................................................ 17

7.1.6. Alert manager attributes ............................................................................................................ 17

7.1.7. SNMP interface attributes ......................................................................................................... 18

7.2. Management cookbook recipes ........................................................................................................... 18

7.2.1. default ........................................................................................................................................ 19

7.2.2. alert_manager ............................................................................................................................ 19

7.2.3. allocator ..................................................................................................................................... 19

7.2.4. curator ....................................................................................................................................... 19

7.2.5. elasticsearch .............................................................................................................................. 19

7.2.6. grafana ....................................................................................................................................... 19

7.2.7. janitor ........................................................................................................................................ 20

7.2.8. kibana ........................................................................................................................................ 20

7.2.9. logstash ...................................................................................................................................... 20

7.2.10. nginx ........................................................................................................................................ 20

7.2.11. ntp ............................................................................................................................................ 20

7.2.12. rsyslog ..................................................................................................................................... 20

7.2.13. snmp ........................................................................................................................................ 20

7.2.14. statssearch ................................................................................................................................ 21

8. Worker cookbook ........................................................................................................................................... 21

8.1. Worker cookbook attributes ................................................................................................................. 21

8.1.1. Configuration attributes ............................................................................................................ 21

8.1.2. Service attributes ....................................................................................................................... 22

8.1.3. Additional file attributes ........................................................................................................... 22

8.1.4. Software installation attributes ................................................................................................. 23


ii of iii

8.2. Worker cookbook recipes .................................................................................................................... 23

8.2.1. default ........................................................................................................................................ 23

8.2.2. install ......................................................................................................................................... 23

8.2.3. service ....................................................................................................................................... 23

8.2.4. debug ......................................................................................................................................... 23

8.2.5. validation ................................................................................................................................... 23

8.2.6. pcap ........................................................................................................................................... 24

9. Configuration examples .................................................................................................................................. 24

9.1. Enabling debugging ............................................................................................................................. 24

9.2. Configuring log file cleanup ................................................................................................................ 24

9.3. Selecting dashboards ............................................................................................................................ 27

9.4. Configuring automatic scaling ............................................................................................................. 28

9.5. Connecting to backend systems ........................................................................................................... 28

9.6. Enabling syslog output to external loghost ......................................................................................... 29

10. Site cookbook development example ........................................................................................................... 30

10.1. Requirements ...................................................................................................................................... 31

10.2. Getting started .................................................................................................................................... 31

10.2.1. Setting up a test environment ................................................................................................. 31

10.2.2. Running Test Kitchen ............................................................................................................. 32

10.3. Creating your own cookbook ............................................................................................................ 38

10.3.1. Creating new cookbook .......................................................................................................... 38

10.3.2. Cookbook style checks ........................................................................................................... 38

10.3.3. Cookbook unit testing ............................................................................................................. 39

10.3.4. Cookbook smoke testing ......................................................................................................... 39

10.3.5. Packaging cookbooks .............................................................................................................. 39

10.3.6. Deploying cookbooks ............................................................................................................. 40

11. Abbreviations ................................................................................................................................................ 40


iii of iii

1. Introduction to Chef and cookbooks

1. Introduction to Chef and cookbooksRadiator VNF cookbooks contain all data needed for installing and configuring fully functional, production-ready Radiator VNF. Apart from these cookbooks, you need your own site cookbooks, which contain everythingrelated to your environment and business logic. The Radiator VNF package contains some example sitecookbooks to start with.

Configuring Radiator VNF is internally handled with Chef, thus some knowledge about Chef is required. Formore information, see Chef documentation [https://docs.chef.io/] and Chef tutorials [https://learn.chef.io/#/].

1.1. Recipes

The recipes are the parts in cookbooks that contain the needed actions. They are command the system toinstall, configure, and start services, create files and users, and run commands. The recipes are organised in arun_list that defines the function of each node. Also the visibility of attributes is defined in run_list.

Recipes contain several different resources. Template is the most important of them. For more information ontemplates, see Section 1.3. Templates on page 1.

1.2. Attributes

Configuring Radiator VNF cookbooks is done through Chef's attributes. The attributes are parameters thatdefine the values in different formats, such as strings, integers, and arrays. The attributes have several levels andthey can be configured in different places. Each level and place override some other level and place. Usually theRadiator VNF cookbooks define the attributes on default level either in attribute files or recipes. Attributes canbe accessed from recipes or templates.

The attributes are usually divided into namespaces. The attributes that Radiator VNF directly defines and usesare in radiator-vnf namespace.

1.3. Templates

Radiator VNF uses templates a lot and most of the service configuration is done with templates. Templates arefiles that are rendered to configuration files for nodes. When the defined attributes are given to the template, itrenders them to the actual configuration files.

Here is an example of a worker configuration template:

<SessionDatabase REDIS>

Identifier RadiatorVNF_SessionDatabaseREDIS

SessionKey Radiator:VNF:SessionDatabase:Session:%{ReplyVar:AutoClass}

SessionUpdateKey Radiator:VNF:SessionDatabase:Session:%{Request:Class}

SessionEndedKey Radiator:VNF:SessionDatabase:SessionEnded

NasKey Radiator:VNF:SessionDatabase:NAS:%0

UserKey Radiator:VNF:SessionDatabase:User:%0

<%= print_value(@config.dig('SessionDatabase', 'REDIS'), 'AddSessionParamDef',

indent: 4) -%>

<%= print_value(@config.dig('SessionDatabase', 'REDIS'), 'UpdateSessionParamDef',

indent: 4) -%>

<%= print_value(@config.dig('SessionDatabase', 'REDIS'), 'DeleteSessionParamDef',

indent: 4) -%>

</SessionDatabase>

The example code contains also Embedded Ruby code. For more information about Embedded Ruby intemplates, see About Templates [https://docs.chef.io/templates.html].


1 of 41

https://docs.chef.io/

https://learn.chef.io/#/

https://docs.chef.io/templates.html

2. Introduction to Radiator VNF Manager

This example is part of worker's configuration and it defines SessionDatabase block for Radiator. Given thefollowing configuration attribute and with the use of the print_value() helper method, the template above isrendered in to a static configuration file for the Radiator VNF worker:

default['radiator-vnf']['worker']['configuration']['SessionDatabase']['REDIS']

['AddSessionParamDef'] = [

'uuid,%{ReplyVar:AutoClass},unknown-uuid,request,formatted',

'username,%0,unknown-user,request,formatted',

'nas_id,%1,unknown-nas,request,formatted',

'nas_port,%2,unknown-port,request,formatted',

'session_id,%3,unknown-session,request,formatted',

'framed_ip,%{Framed-IP-Address},unknown-address,reply,formatted',

'framed_ipv6_address,%{Framed-IPv6-Address},unknown-address,request,formated',

'framed_ipv6_prefix,%{Framed-IPv6-Prefix},unknown-prefix,request,formated',

'state,initiated,unknown-state,request,formatted',

'init_time,%t,unknown-time,request,formatted',

'calling_station,%{Calling-Station-Id},unknown-calling-station,request,formatted',

'called_station,%{Called-Station-Id},unknown-called-station,request,formatted',

]

The result of the rendering is this:

<SessionDatabase REDIS>

Identifier RadiatorVNF_SessionDatabaseREDIS

SessionKey Radiator:VNF:SessionDatabase:Session:%{ReplyVar:AutoClass}

SessionUpdateKey Radiator:VNF:SessionDatabase:Session:%{Request:Class}

SessionEndedKey Radiator:VNF:SessionDatabase:SessionEnded

NasKey Radiator:VNF:SessionDatabase:NAS:%0

UserKey Radiator:VNF:SessionDatabase:User:%0

AddSessionParamDef uuid,%{ReplyVar:AutoClass},unknown-uuid,request,formatted

AddSessionParamDef username,%0,unknown-user,request,formatted

AddSessionParamDef nas_id,%1,unknown-nas,request,formatted

AddSessionParamDef nas_port,%2,unknown-port,request,formatted

AddSessionParamDef session_id,%3,unknown-session,request,formatted

AddSessionParamDef framed_ip,%{Framed-IP-Address},unknown-address,reply,

formatted

AddSessionParamDef framed_ipv6_address,%{Framed-IPv6-Address},

unknown-address,request,formated

AddSessionParamDef framed_ipv6_prefix,%{Framed-IPv6-Prefix},unknown-prefix,

request,formated

AddSessionParamDef state,initiated,unknown-state,request,formatted

AddSessionParamDef init_time,%t,unknown-time,request,formatted

AddSessionParamDef calling_station,%{Calling-Station-Id},

unknown-calling-station,request,formatted

AddSessionParamDef called_station,%{Called-Station-Id},

unknown-called-station,request,formatted

</SessionDatabase>

2. Introduction to Radiator VNF ManagerWhile Chef handles the installation of VNF (Virtualised Network Function) nodes, Radiator VNF Managerorchestrates the configuration management. It controls Chef's actions and provides the required information toChef.


2 of 41


Radiator VNFM uses Juju as a configuration manager by default. It is responsible for providing the necessaryapplication relationships. All VNF components have relationships between each other. These relationshipsenable creating the correct order for deployment and configuration. Juju also sets up Git repositories forcookbook sources.

Juju writes automatically node.json and solo.rb files, which are part of Chef's basic configuration.node.json contains basic information about the node. solo.rb is Chef's main configuration file and itcontains information about store location of cookbooks, data bags, and Chef's log file. If you use other VNFM(Virtualised Network Function Manager) than Juju, you must make sure these files are created.

Here is an example of node.json of Chef configuration:

{

"radiator-vnf": {

"management": {

"capacity": 2

},

"control": {

"capacity": 3

},

"bedbint": {

"capacity": 2

},

"loadbalancer": {

"capacity": 3

},

"node_role": "control",

"vnf_uuid": "111111-111111-111111",

"vnf_name": "mycompany-myusecase"

},

"consul": {

"config": {

"server": true

}

}

}

Here is an example of solo.rb of Chef Client configuration:

cookbook_path ['/opt/radiator-vnf/chef/cookbooks',

'/opt/radiator-vnf/chef/site-cookbooks' ]

log_location '/var/log/chef/solo.log'

log_level :debug

data_bag_path '/opt/radiator-vnf/chef/data_bags'

Juju also writes other service-related configuration files. Chef inspects them and uses them to configure someapplications. These configuration files are stored in /opt/radiator-vnf/cache/. Here is an example of acache file:

loadbalancer_nodes:

radiator-vnf-loadbalancer-0: 10.10.10.1

radiator-vnf-loadbalancer-1: 10.10.10.2

Juju fetches the updated cookbooks from Git repositories and runs Chef on the nodes with the correctrun_list.


3 of 41


Juju is also responsible of scaling. The environment files in cache/ are updated when the environment changes.Figure 1 shows the workflow when the site cookbook configuration is changed.

Figure 1. Configuration change workflow

User GitrepositoryUser

Juju(VNFM) VNF node

Update site_cookbook

Tag new version of site_cookbook

Update site_cookbooks_version configuration option

VNFM notifies about configuration change

Juju charm fetches updated cookbooks

Juju charm runs Chef with updated cookbooks

Chef-related configuration options

The following configuration options are related to Chef:

• chef_run_list

This is a Chef cookbook run list. It describes the run list for each role when Chef is running. Your sitecookbook defines additional functionality for the node and you must edit this option to include the newcookbooks and attributes.

The default value is recipe[radiator_vnf::default], it just installs a node without any specific role.

• radiator_vnf_cookbooks_source

This string defines the sources for the Radiator VNF cookbooks. It is indented to be used with the RadiatorVNF Git repositories. Use a semicolon to separate different sources. Here is an example of using thisoption:

[email protected]:radiator-vnf-cookbooks.git;

ssh://[email protected]/radiator-vnf-cookbooks.git;

[email protected]:radiator-vnf-cookbooks.git;

• radiator_vnf_cookbooks_version


4 of 41


This is the Git reference ID for the Radiator VNF cookbooks. It is a string that defines the version ofRadiator VNF cookbooks that are checked out from the Git repository. This supports any Git referenceID's, branches, and tags. The default value is master.

• site_cookbooks_source

This string defines the sources for the site cookbooks. It is indented to be used with the Radiator VNF Gitrepositories. Use a semicolon to separate different sources. Here is an example of using this option:

[email protected]:site-cookbooks.git;

ssh://[email protected]/site-cookbooks.git;

[email protected]:site-cookbooks.git;

This is empty by default. It must be defined, an error is logged if left empty.

• site_cookbooks_version

This is the Git reference ID for the site cookbooks. It is a string that defines the version of site cookbooksthat are checked out from the Git repository. This supports any Git reference ID's, branches, and tags. Thedefault value is master.

• chef_initial_run_list

This is the initial Radiator VNF discovery phase run list for Chef. Initial Radiator VNF deployment is donein 2 phases. This option describes the run list for the initial service discovery phase. The default value isrecipe[radiator_vnf::base],recipe[radiator_vnf::discovery], it configures the RadiatorVNF base service discovery. Usually there is no need to change this option.

• chef_log_level

This defines the logging level for the Chef Solo runs.

For more information, see chef-client documentation [https://docs.chef.io/ctl_chef_client.html].

• node_capacity_control

This integer defines the number of nodes for the control role. It is pushed directly to the node usingattributes JSON (JavaScript Object Notation) file. The default value is 3.

• node_capacity_management

This integer defines the number of nodes for the management role. It is pushed directly to the node usingattributes JSON file. The default value is 3.

• node_capacity_bedbint

This integer defines the number of nodes for the BEDBINT (Backend Database Interface) role. It is pusheddirectly to the node using attributes JSON file. The default value is 2.

• node_capacity_loadbalancer

This integer defines the number of nodes for the loadbalancer role. It is pushed directly to the node usingattributes JSON file. The default value is 2.

• radiator_vnf_juju_user

This string defines the Juju user for the nodes. The Juju user has to be created and granted sufficient accessrights during the deployment. This is empty by default. It must be defined, an error is logged if left empty.

• radiator_vnf_juju_key

This string defines the key for the Juju user. The key for the Juju user has to be created during thedeployment. This is empty by default. It must be defined, an error is logged if left empty.


5 of 41

https://docs.chef.io/ctl_chef_client.html

3. General VNF cookbook

• fetch_http_cookbooks

This is a Boolean value that defines whether the cookbooks are downloaded with HTTP instead of Git. Thedefault value is false.

CAUTION

This is currently an experimental option and not intended to be used with Radiator VNFM.

3. General VNF cookbookThe general Radiator VNF cookbook, radiator_vnf, provides the common functionality for all differentroles.

3.1. General cookbook attributes

Here are listed all the attributes that are used in the general Radiator VNF cookbook.

3.1.1. Common Radiator VNF attributes

The common Radiator VNF attributes are described in radiator_vnf:attributes/default.rb. If you useJuju as a VNFM, Juju sets these attributes automatically, there is no need to set them manually. If you use someother VNFM, take care that these attributes are set as they are mandatory. The common Radiator VNF attributesare:

• node['radiator-vnf']['vnf_name']

This is the descriptive name of deployed Radiator VNF.

• node['radiator-vnf']['vnf_uuid']

This is the unique identifier of deployed Radiator VNF.

• node['radiator-vnf']['node_role']

This describes the role which the node is configured for.

3.1.2. Configuration attributes

The configuration attributes are described in radiator_vnf:attributes/configuration.rb. Theconfiguration attributes are:

• node['radiator-vnf']['config_data_bag']

The Radiator VNF cookbooks can merge configuration data from Chef data bags. This attribute defines theused data bag.

• node['radiator-vnf']['<role_or_service>']['configuration']

This provides the configuration data for the templates that are used for configuring each role or service. If['config_data_bag'] is defined, the contents of the data bag are merged into these.

3.1.3. Network attributes

The network attributes are described in radiator_vnf:attributes/networks.rb. Currently there is onlyone network attribute:

• node['radiator-vnf']['networks']['<network>']

The Radiator VNF cookbooks define several services that are binded to different interfaces. Each servicebelongs to one of the following networks:


6 of 41


– data

– control

– management

If the network is not defined, the interface with the default route is used and IPv6 addresses are preferred toIPv4.

3.1.4. Secret handling attributes

The secret handling attributes are described in radiator_vnf:attributes/secrets.rb. Currently there isonly one secret handling attribute:

• node['radiator-vnf']['secrets']

Currently the secrets attribute hash defines the passwords for MariaDB and Redis. Here is an example ofsetting AUTH that is used with Redis:

node['radiator-vnf']['secrets']['redis']['auth'] = 'myverysecretpassword'

3.1.5. External service attributes

The external service attributes are:

• node['radiator-vnf']['services']['ntp']['servers']

This defines the array of external NTP (Network Time Protocol) servers that Radiator VNF uses. Internallythe management nodes act as NTP servers for other nodes. This is empty by default, and it is described inradiator_vnf:attributes/services.rb.

• node['radiator-vnf']['services']['dns']['servers']

This defines the array of external DNS (Domain Name System) servers that Radiator VNF uses. If thisattribute is not defined, the servers supplied by DHCP (Dynamic Host Configuration Protocol) are used.Internally Consul Service Discovery is used as a DNS for the radiator.vnf domain. This is described inradiator_vnf:attributes/default.rb.

• node['radiator-vnf']['services']['syslog']['servers']

This defines the array of external syslog servers that Radiator VNF uses. If you define this, you mustalso enable the syslog output for the Logstash service of the management node. Internally all logs andstatistics are sent to the management node. Syslog forwarding is disabled by default. This is describedin radiator_vnf:attributes/services.rb, radiator_vnf_management:attributes/logstash.rb, and radiator_vnf_management:recipes/rsyslog.rb.

3.1.6. Software installation attributes

The software installation attributes are described in radiator_vnf:attributes/software.rb. There isonly one software installation attribute:

• node['radiator-vnf']['software']

All directly installed softwares and their versions are listed in this attribute hash. This hash is used by eachrole-specific cookbook to install the dependencies.

3.2. General cookbook recipes

This section introduces the recipes that are included in the general cookbook.


7 of 41


3.2.1. default

The default recipe checks that the VNF UUID (Universally Unique ID) and name are set. It also includesother recipes.

3.2.2. system

The system recipe contains the following functionalities:

• It ensures that logrotate is installed by including logrotate::default.

• It sets up a cron job to run log rotation every 5 minutes.

• It introduces an execute resource to reload systemd daemons. This is not run but it receives notificationsfrom other recipes.

3.2.3. base

The base recipe includes other recipes.

3.2.4. chef

The chef recipe ensures that the components needed for running radiator_vnf cookbooks are available forChef. These include chef-sugar and chef-vault cookbooks. This recipe also configures log rotation andsending the Chef run logs to Elasticsearch.

3.2.5. configuration

The configuration recipe merges the contents of the configured data bags to the attributes. You mustconfigure the source data bag using node['radiator-vnf']['config_data_bag']. For more information,see Section 3.1.2. Configuration attributes on page 6.

Here is an example code how to change log level of Radiator VNF workers using a data bag:

{

"id": "my_configuration_data_bag",

"__comments__": [

"JSON does not allow for comments, so this __comments__ field is used "

"here as an example, please note that only the 'configuration' section "

"below is merged in to runtime configuration,",

"so this field is not accessible from the templates directly.",

"",

"The configuration from below is merged in to the node's attributes.",

"For example the worker's Trace level is then accessible through "

"node['radiator-vnf']['worker']['configuration']",

"and useable in a template to be rendered in a configuration file.",

"",

"See: "

"radiator_vnf:templates/etc/radiator/partials/radiator-logging.cfg.erb"

],

"worker": {

"configuration": {

"Trace": 4

}

},


8 of 41


When this code is merged to the attributes, node['radiator-vnf']['worker']['configuration']['Trace'] attribute's value is 4.

3.2.6. discovery

The discovery recipe includes 2 other recipes, consul and dnsmasq. These are important recipes and mustalways be on your run_list.

3.2.7. consul

The consul recipe ensures that the Consul internal service discovery service is installed and configuredproperly. This must always be on your run_list. This recipe is included in discovery recipe.

The Consul cluster name is automatically the combination of node['radiator-vnf']['vnf_name'] andnode['radiator-vnf']['vnf_uuid'] attributes. Thus these attributes must be correctly set, too. If you useRadiator VNFM, Juju sets them automatically.

3.2.8. dnsmasq

The dnsmasq recipe ensures that the dnsmasq service is properly installed and configured. This recipe mustalways be on your run_list, and it is included in discovery recipe.

The dnsmasq service acts as a local DNS resolver on each Radiator VNF node and forwards the DNS queries tothe internal Consul service discovery.

3.2.9. filebeat

The filebeat recipe installs and configures Filebeat. Filebeat is used for pushing the lines from log files toElasticsearch through Logstash.

If you need to push additional log files to the database, use filebeat_prospector resource of the filebeatcookbook. Here is an example of pushing Chef logs with the configuration that is defined in the chef recipe:

filebeat_prospector 'chef' do

paths ['/var/log/chef/*.log']

document_type 'log'

multiline(

'pattern' => '^\[[0-9]{4}-[0-9]{2}-[0-9]{2}',

'negate' => true,

'match' => 'after'

)

fields_under_root true

fields('log_type' => 'chef')

end

For more information on Filebeat prospectors and filebeat_prospector resource, see Filebeat [https://www.elastic.co/guide/en/beats/filebeat/1.3/configuration-filebeat-options.html] and filebeat Cookbook[https://supermarket.chef.io/cookbooks/filebeat].

3.2.10. ntp

The ntp recipe ensures that clock sync service NTP is installed and configured. Internally the Radiator VNFnodes use the clock of the management nodes as a source. Use node['radiator-vnf']['services']['ntp']['servers'] attribute to configure an external NTP server.


9 of 41

https://www.elastic.co/guide/en/beats/filebeat/1.3/configuration-filebeat-options.html

https://www.elastic.co/guide/en/beats/filebeat/1.3/configuration-filebeat-options.html

https://supermarket.chef.io/cookbooks/filebeat

https://supermarket.chef.io/cookbooks/filebeat

4. BEDBINT cookbook

3.2.11. radiator

The radiator recipe ensures that the default users, directories, and logging configuration are properly set up.

3.2.12. syslog

The syslog recipe handles the sending of system logs with Filebeat to Elasticsearch.

3.2.13. topbeat

The topbeat recipe ensures that Topbeat is properly installed and configured. Topbeat sends the system logs toElasticsearch.

4. BEDBINT cookbookThe BEDBINT cookbook, radiator_vnf_bedbint, installs and configures software for the BEDBINT role.

The most common use cases are:

• Connecting to backends, such as SQL and LDAP (Lightweight Directory Access Protocol), with theRadiator OSC Library Daemon

• Diameter-based HSS (Home Subscriber Server) connections with Radiator Diameter Relay instance

Other functionalities depend on the capabilities of software and their configuration, which can be changed usingthis cookbook, its attributes, and templates.

4.1. BEDBINT cookbook attributes

Here are listed all the attributes that are used in the BEDBINT cookbook.


The BEDBINT configuration attributes are:

• node['radiator-vnf']['bedbint']['configuration']

This defines the main source for the BEDBINT role. It is passed on to the configuration templates as@config variable. This is shared with both Radiator OSC Library and Radiator.

• node['radiator-vnf']['bedbint']['options']['config_template']

This defines the template that is used for configuring either Radiator OSC Library or Radiator. The defaultvalue is radiator_vnf_bedbint:etc/radiator/radiator-vnf-bedbint.cfg.erb. To use atemplate from other cookbook, use the <cookbook>:<template> notation.

• node['radiator-vnf']['bedbint']['options']['config_variables']

This defines the configuration variables that are passed on to the main template and any partial templates.

• node['radiator-vnf']['bedbint']['options']['config_helpers']

Additional helper methods for the configuration templates can be provided as an array. This attribute liststhe modules, which are included with helpers parameter of Chef templates.

• node['radiator-vnf']['bedbint']['partial_templates']['radius']

This defines an array of partial templates provided for the RADIUS users. This list is used by theradiator_vnf_bedbint:etc/radiator/radiator-vnf-bedbint-radius-base.cfg.erb

template as selected by default with the node['radiator-vnf']['bedbint']['options']['config_variables']['partials'] attribute.


10 of 41

4. BEDBINT cookbook

• node['radiator-vnf']['bedbint']['partial_templates']['diameter-relay']

This defines an array of partial templates provided for the Diameter users. This list is used by theradiator_vnf_bedbint:etc/radiator/radiator-vnf-bedbint-diameter-relay.cfg.erb

template, which is commented out by default.


The BEDBINT software installation attributes are:

• node['radiator-vnf']['bedbint']['dependencies']['osc-library']

This defines the array of dependencies that are installed for the Radiator OSC Library Daemon. Eachdependency has to be defined also in the node['radiator-vnf']['software'] attribute. You candirectly install the dependency packages in your site cookbooks with the package resource. Usually thereis no need for changing this attribute.

• node['radiator-vnf']['bedbint']['dependencies']['diameter-relay']

This defines the array of dependencies that are installed for Radiator. Each dependency has to be definedalso in the node['radiator-vnf']['software'] attribute. You can directly install the dependencypackages in your site cookbooks with the package resource. Usually there is no need for changing thisattribute.

4.2. BEDBINT cookbook recipes

This section introduces the recipes that are included in the BEDBINT cookbook.

Radiator and Radiator OSC Library have different code bases. This is the reason why the BEDBINT cookbookis separated into 2 sets of recipes. Only one is supported at a time. The recipes are separated by the suffixes intheir names:

• _bedbint

This suffix means Radiator OSC Library-based setup for RADIUS.

• _relay

This suffix means Radiator-based setup for Diameter.

4.2.1. default

The default recipe includes all other recipes. Radiator VNF is installed as a RADIUS-based system by defaultand this recipe includes install_bedbint and service_bedbint in addition to the common base andservice discovery recipes.

4.2.2. install_bedbint

The install_bedbint recipe installs Radiator OSC Library and its dependencies. The dependency list isgathered from node['radiator-vnf']['bedbint']['dependencies']['osc-library'] attributearray.

All parameters that are defined as sub-attributes in node['radiator-vnf']['software']['<dependency_package>'] are directly sent to the package resources. Define the versions ofdependencies by setting the node['radiator-vnf']['software']['<dependency_package>']['version'] attribute. To upgrade the dependencies to the newest possible version, set node['radiator-vnf']['software']['<dependency_package>']['action'] attribute to upgrade. By default RadiatorVNF cookbooks explicitly set the versions for the dependencies.


11 of 41

5. Control cookbook

4.2.3. service_bedbint

The service_bedbint recipe configures and starts a Radiator OSC Library daemon by setting the attributesof the osc_library cookbook. It uses osc_daemon LWRP (Lightweight Resource Provider) resource fromthe osc_library cookbook. Do not set the osc_library cookbook attributes directly, instead use thenode['radiator-vnf']['bedbint'] attribute.

4.2.4. install_relay

The install_relay recipe installs Radiator and its dependencies. The dependency list is gathered fromnode['radiator-vnf']['bedbint']['dependencies']['diameter-relay'] attribute array.


4.2.5. service_relay

The service_relay recipe configures and starts a Radiator instance by setting the attributes of the radiatorcookbook. It also configures a service with the poise_service resource from the Poise cookbook set. Donot set the radiator cookbook attributes directly, instead use the node['radiator-vnf']['bedbint']attribute.

5. Control cookbookThe Control cookbook, radiator_vnf_control, installs and configures software for the control role.

The main purpose of the control node is to act as a redundant message queue for session data, statistics andalso as a database for address allocation. The control nodes also act as servers for the internal Consul servicediscovery while other nodes are clients.

Configuration of the control node is much less customisable that other nodes, such as workers andloadbalancers. Database clusters are complex systems and they are not very relevant when creating the businesslogic, so the Control cookbook sets up Redis and MariaDB in a certain way.

5.1. Control cookbook attributes

The Control cookbook does not have any configurable attributes.

5.2. Control cookbook recipes

This section introduces the recipes that are included in the Control cookbook.

5.2.1. default

The default recipe includes all other recipes. By default Radiator VNF is installed as a RADIUS-based systemwith address allocation available. This recipe includes the following recipes:

• redis

• mariadb

• Common base recipes

• Service discovery recipes


12 of 41

6. Loadbalancer cookbook

5.2.2. redis

The redis recipe installs and configures Redis. Redis Sentinels and master-slave replication are also set up ifmore than one control node are installed. Radiator VNF's base functionality requires Redis and you must alwayshave this recipe in the run_list.

5.2.3. mariadb

The mariadb recipe configures and starts a MariaDB database server. If your environment does not requireMariaDB database, leave this recipe out of the run_list.

5.2.4. galera

The galera recipe sets up Galera clustering for MariaDB database if more than one control node are installed.If Galera is needed, this recipe is automatically included by the mariadb recipe.

The Galera cluster name is automatically derived from the combination of node['radiator-vnf']['vnf_name'] and node['radiator-vnf']['vnf_uuid'] attributes. These attributes must be properlyset. If you use Radiator VNFM, Juju sets up these attributes automatically.

6. Loadbalancer cookbookThe Loadbalancer cookbook, vnf_loadbalancer, installs and configures software for the loadbalancer role.

The purpose of the loadbalancer is to act as a single contact point for the external systems. The 2 supported usecases are:

• Connecting from RADIUS client to RADIUS worker

• Connecting from Diameter client to Diameter worker

6.1. Loadbalancer cookbook attributes

Radiator VNF Loadbalancer cookbook contains only configuration attributes. They are listed here:

• node['radiator-vnf']['loadbalancer']['configuration']

This defines the main source for the loadbalancer role. It is passed on to the configuration templates as@config variable. This is shared with both Radiator OSC Library and Radiator, thus only one is supportedat a time.

• node['radiator-vnf']['loadbalancer']['options']['config_template']

This defines the main template that is used for configuring either Radiator OSC Library or Radiator.The default value is radiator_vnf_loadbalancer:etc/radiator/radiator-vnf-loadbalancer.cfg.erb. To use a template from other cookbook, use the <cookbook>:<template>notation.

• node['radiator-vnf']['loadbalancer']['options']['config_variables']

This defines the configuration variables that are passed on to the main template and any partial templates.For more information on template variables, see Chef template documentation [https://docs.chef.io/resource_template.html#variables].

• node['radiator-vnf']['loadbalancer']['options']['config_helpers']


• node['radiator-vnf']['loadbalancer']['partial_templates']['radius']


13 of 41

https://docs.chef.io/resource_template.html#variables


6. Loadbalancer cookbook

This defines an array of partial templates provided for the RADIUS users. This list is used by theradiator_vnf_loadbalancer:etc/radiator/radiator-vnf-loadbalancer-radius-

base.cfg.erb template as selected by default with the node['radiator-vnf']['loadbalancer']['options']['config_variables']['partials'] attribute.

• node['radiator-vnf']['loadbalancer']['partial_templates']['diameter']

This defines an array of partial templates provided for the Diameter users. This list is used by theradiator_vnf_loadbalancer:etc/radiator/radiator-vnf-loadbalancer-diameter-

base.cfg.erb template, which is commented out by default.

6.2. Loadbalancer cookbook recipes

This section introduces the recipes that are included in the Loadbalancer cookbook.

Radiator Diameter Loadbalancer and Radiator OSC Library have different code bases. This is the reason whythe Loadbalancer cookbook is separated into 2 sets of recipes. Only one is supported at a time. The recipes areseparated by the suffixes in their names:

• _radius

This suffix means Radiator OSC Library-based setup for RADIUS.

• _diameter

This suffix means Radiator Diameter Loadbalancer-based setup for Diameter.

6.2.1. default

The default recipe includes all other recipes. Radiator VNF is installed as a RADIUS-based system by defaultand this recipe includes install_bedbint and service_bedbint in addition to the common base andservice discovery recipes.

6.2.2. install_radius

The install_radius recipe installs Radiator OSC Library and its dependencies. The dependency list isgathered from node['radiator-vnf']['bedbint']['dependencies']['osc-library'] attributearray.


6.2.3. service_radius

The service_radius recipe configures and starts a Radiator OSC Library daemon by setting the attributes ofthe osc_library cookbook. It uses osc_daemon LWRP resource. Do not set the osc_library cookbookattributes directly, instead use the node['radiator-vnf']['bedbint'] attribute.

6.2.4. install_diameter

The install_diameter recipe installs Radiator and its dependencies. The dependency list is gathered fromnode['radiator-vnf']['bedbint']['dependencies']['radiator-diameterlb'] attribute array.


14 of 41

7. Management cookbook


6.2.5. service_diameter

The service_diameter recipe configures and starts a Radiator Diameter Loadbalancer. For these actions, itcreates a configuration file from the template. It also configures a service with the poise_service resourcefrom the Poise cookbook set. Later this cookbook will be similar to osc_library and radiator cookbooks.

7. Management cookbookThe management cookbook, radiator_vnf_management, installs and configures the software for themanagement role.

The main purpose of the management node is to act as a database for statistics and logs. It also performs janitortasks and provides interfaces to the outside systems, such as SNMP (Simple Network Management Protocol).

The management node contains several services that are running with the Radiator OSC Library daemonand they have similar configuration as BEDBINT and Loadbalancer. The services are divided into separateattributes.

7.1. Management cookbook attributes

Here are listed all the attributes that are used in the Radiator VNF Management cookbook.

7.1.1. Elasticsearch attributes

The Radiator VNF management Elasticsearch attributes are:

• node['radiator-vnf']['management']['elasticsearch']['configuration']

This defines the attributes that are passed on to the template defining elasticsearch.yml. Theseattributes directly configure Elasticsearch itself.

• node['radiator-vnf']['management']['elasticsearch']['max_open_files']

This defines the maximum amount of files Elasticsearch uses. The default value is relatively high.

• node['radiator-vnf']['management']['elasticsearch']['max_heap']

This defines the maximum size of the Elasticsearch memory. By default, the Elasticsearch memory size is50% of the system memory.

• node['radiator-vnf']['management']['elasticsearch']['restart_on_update']

This defines whether the ElasticSearch service is restarted automatically after configuration changes or not.By default, this is false.

• node['radiator-vnf']['management']['curator']['actions']

This defines the actions Curator runs, such as deleting old indices. By default, the indices are deleted whenthey are older than a week or when they use more than 75 GB disk space.

Curator is installed to tend the statistics and log indices in the database. Curator tasks run from cron.For more information, see radiator_vnf_management:attributes/curator.rb and Curatordocumentation [https://www.elastic.co/guide/en/elasticsearch/client/curator/4.3/actions.html].


15 of 41

https://www.elastic.co/guide/en/elasticsearch/client/curator/4.3/actions.html

https://www.elastic.co/guide/en/elasticsearch/client/curator/4.3/actions.html


7.1.2. Logstash attributes

The Logstash configuration files can be defined using templates. For more information on Logstash and theseattributes, see radiator_vnf_management:attributes/logstash.rb and Logstash documentation[https://www.elastic.co/guide/en/logstash/2.4/input-plugins.html]. The Radiator VNF management Logstashattributes are:

• node['radiator-vnf']['management']['logstash']['inputs']

This attribute defines the input plug-ins for Logstash. Usually there is no need to change this.

• node['radiator-vnf']['management']['logstash']['filters']

This attribute defines the filter plug-ins for Logstash. Usually there is no need to change this.

• node['radiator-vnf']['management']['logstash']['outputs']

This attribute defines the outputs for templates. Usually there is no need to change this. For example, youcan enable syslog forwarding with this attribute.

• node['radiator-vnf']['management']['logstash']['patterns']

This defines if additional Grok patterns are used. The sub-attributes are created as a file in /etc/logstash/patterns/ with the keys and values as the content.

7.1.3. Grafana attributes

The Radiator VNF management Grafana attributes are:

• node['radiator-vnf']['management']['grafana']['dashboards']

This defines the array of Grafana dashboards as JSON files, that are imported. The statistics differ betweenRADIUS- and Diameter-based setups and different dashboards are needed. By default, we provide 2 arrays,one for RADIUS and one for Diameter:

– node['radiator-vnf']['management']['dashboards']['radius']

This defines a list of RADIUS dashboards that are imported by default.

– node['radiator-vnf']['management']['dashboards']['diameter']

This defines a list of Diameter dashboards.

7.1.4. Address allocator attributes

The Radiator VNF management address allocator attributes are:

• node['radiator-vnf']['allocator']['configuration']

This defines the main source for configuring the allocator service. This is passed to the configurationtemplates as a @config variable.

• node['radiator-vnf']['allocator']['options']['config_template']

This defines the main template that is used for configuring the Radiator address allocator. Thedefault value is radiator_vnf_management:radiator_vnf_management:etc/radiator/radiator-vnf-allocator.cfg.erb. A template from other cookbook can be also used, use notation<cookbook>:<template>.

• node['radiator-vnf']['allocator']['options']['config_variables']

This defines the configuration variables that are passed on to the main template and partialtemplates. For more information about templates, see Chef documentation [https://docs.chef.io/resource_template.html#variables].


16 of 41

https://www.elastic.co/guide/en/logstash/2.4/input-plugins.html

https://www.elastic.co/guide/en/logstash/2.4/input-plugins.html




• node['radiator-vnf']['allocator']['options']['config_helpers']

This defines the list of modules that are included with helpers parameter in Chef templates. Additionalhelper methods can be provided as an array. For more information about helpers, see Chef documentation[https://docs.chef.io/resource_template.html#library-modules].

• node['radiator-vnf']['allocator']['files']['sql']

Before the allocator and workers can use address allocation, the databases and procedures must be createdin the MariaDB database. This defines as an array the multiple SQL syntax files that are imported tothe MariaDB running on the control nodes. When importing multiple files, make sure their order iscorrect. Currently no checks are made during run and the file is imported to all of the nodes that haveradiator_vnf_management::allocator recipe included in their run_list. The database name isalways radiator, also the user in the database is radiator.

7.1.5. Janitor attributes

The Radiator VNF management Janitor attributes are:

• node['radiator-vnf']['janitor']['configuration']

This defines the main source for configuring Janitor service. This is passed to the configuration templatesas the @config variable.

• node['radiator-vnf']['janitor']['options']['config_template']

This defines the main template for configuring Radiator OSC Library daemon that acts as Janitor. Thedefault value is radiator_vnf_management:etc/radiator/radiator-vnf-janitor.cfg.erb. Atemplate from other cookbook can be also used, use notation <cookbook>:<template>.

• node['radiator-vnf']['janitor']['options']['config_variables']


• node['radiator-vnf']['janitor']['options']['config_helpers']


7.1.6. Alert manager attributes

The Radiator VNF management alert manager attributes are:

• node['radiator-vnf']['alert-manager']['configuration']

This defines the main source for configuring alert manager. This is passed to the configuration templates asa @config variable.

• node['radiator-vnf']['alert-manager']['options']['config_template']

This defines the main template for configuring Radiator OSC Library daemon that acts as alertmanager. The default value is radiator_vnf_management:etc/radiator/radiator-vnf-alert-manager.cfg.erb. A template from other cookbook can be also used, use notation<cookbook>:<template>.

• node['radiator-vnf']['alert-manager']['options']['config_variables']


17 of 41

https://docs.chef.io/resource_template.html#library-modules








• node['radiator-vnf']['alert-manager']['options']['config_helpers']

This defines the list of modules that are included with helpers parameter in the Chef templates.Additional helper methods can be provided as an array. For more information about helpers, see Chefdocumentation [https://docs.chef.io/resource_template.html#library-modules].

• node['radiator-vnf']['alert-manager']['rules']

This defines the hash of rules for the alert manager. The rules consist of configuration options forcomparing statistics data and scripts to run for the scaling action.

7.1.7. SNMP interface attributes

The Radiator VNF management SNMP interface attributes are:

• node['radiator-vnf']['snmp-agent-extender']['configuration']

This defines the main source for configuring SNMP interface. This is passed to the configuration templatesas a @config variable.

• node['radiator-vnf']['snmp-agent-extender']['options']['config_template']

This defines the main template for configuring Radiator OSC Library daemon that acts as an SNMPagent. The default value is radiator_vnf_management:etc/radiator/radiator-vnf-snmp-agent-extender.cfg.erb. A template from other cookbook can be also used, use notation<cookbook>:<template>.

• node['radiator-vnf']['snmp-agent-extender']['options']['config_variables']


• node['radiator-vnf']['snmp-agent-extender']['options']['config_helpers']


• node['radiator-vnf']['management']['snmpd']['2c']['enabled']

This defines whether SNMPv2c (Community-Based Simple Network Management Protocol version2) is enabled. It is enabled by default and currently it is the only version Radiator VNF supports. Sub-attributes of node['radiator-vnf']['management']['snmpd'] are passed directly to the SNMPdconfiguration.

• node['radiator-vnf']['management']['snmpd']['mibs']

This defines the SNMP MIB (Management Information Base) that are loaded into SNMPd. This list is alsoused for Radiator OSC Library snmp-agent-extender. You can set node['radiator-vnf']['snmp-agent-extender']['configuration']['MibModule'] array separately. For more information, seeradiator_vnf_management:attributes/snmp.rb.

7.2. Management cookbook recipes

This section introduces the recipes that are included in the Management cookbook


18 of 41










7.2.1. default

The default recipe includes all other recipes.

7.2.2. alert_manager

The alert_manager recipe installs, configures, and starts Radiator OSC Library daemon by setting theattributes of the osc_library cookbook and using the osc_daemon LWRP resource it provides.

Do not set the osc_library cookbook's attributes directly, instead use node['radiator-vnf']['alert-manager'] attribute.

The Radiator OSC Library alert manager is a service that handles scaling and alerting. Currently,Juju controller API is supported for scaling. By default, no rules are defined. See an example inradiator_vnf_management:attributes/alert_manager.rb.

7.2.3. allocator

The allocator recipe installs, configures, and starts a Radiator instance by setting the attributes in radiatorcookbook and configuring a service with the poise_service resource from the Poise set of cookbooks. Theallocator recipe also imports the SQL files with the MariaDB client.

Do not set radiator cookbook's attributes directly, instead use node['radiator-vnf']['allocator']attribute.

7.2.4. curator

The curator recipe installs and configures the Elasticsearch Curator. It also takes care of creating cron jobsand Curator action files to run. You can disable or replace the default rules by changing the node['radiator-vnf']['management']['curator']['actions'] attribute hash. The configuration sub-attribute contains ahash that is directly converted into the YAML format, which is also used by Curator actions.

7.2.5. elasticsearch

The elasticsearch recipe uses the elasticsearch cookbook to install and configure the Elasticsearchdatabase. Elasticsearch is used for storing log and statistics data from Radiator VNF. It also includes thecurator recipe.

Usually there is no need to change the setting, but the node['radiator-vnf']['management']['elasticsearch']['configuration'] attribute is available for passing Elasticsearch configurationoptions to the Elasticsearch configuration file.

The Elasticsearch cluster name is automatically set to be a combination of node['radiator-vnf']['vnf_name'] and node['radiator-vnf']['vnf_uuid'] attributes. These attributes must be properlyset. If you use Radiator VNFM, Juju sets them automatically.

7.2.6. grafana

The grafana recipe installs, configures, and starts the Grafana dashboard service. It also adds automaticallyElasticsearch datasources for the Radiator VNF default Elasticsearch indices.

You can also use the grafana_datasource resource from the grafana cookbook to programmatically adddatasources. For more information, see Grafana cookbook documentation [https://github.com/radiator-software/chef-grafana#grafana_datasource].

In addition to datasources, we provide default Grafana dashboards that display KPI (Key PerformanceIndicators) of the Radiator VNF system. The dashboards are JSON files that are imported to Grafana directly


19 of 41

https://github.com/radiator-software/chef-grafana#grafana_datasource

https://github.com/radiator-software/chef-grafana#grafana_datasource


from the node['radiator-vnf']['management']['grafana']['dashboards'] attribute. To use atemplate from other cookbook, use the <cookbook>:<template> notation.

7.2.7. janitor

The janitor recipe installs, configures, and starts a Radiator OSC Library daemon by setting the attributes ofthe osc_library cookbook and using the osc_daemon LWRP resource it provides.

Do not set the osc_library cookbook attributes directly, instead use the node['radiator-vnf']['janitor'] attribute.

7.2.8. kibana

The kibana recipe creates the necessary users and directories for Kibana, and also installs and configures it.Kibana saves its configuration data into an Elasticsearch index, so Kibana recipe or attributes do not have manychangeable options.

7.2.9. logstash

The logstash recipe installs, configures, and starts the Logstash log management service. It also creates theconfiguration files from node['radiator-vnf']['management']['logstash'] attribute for Logstashinputs, filters, and outputs.

7.2.10. nginx

The nginx recipe uses the chef_nginx cookbook to install the NGINX web server.

Configuration is manageD separately with the node['nginx_conf']['locations'] attribute andnginx_conf_file resource from the nginx_conf cookbook. This separation means that a location blockcan be configured where it is otherwise set up and then pushed into a configuration file in the nginx recipe.You can also add your own NGINX configuration, if you have customised services installed from your sitecookbooks on the management node and you want to expose them.

For more information, see nginx_conf documentation [https://supermarket.chef.io/cookbooks/nginx_conf].

7.2.11. ntp

The ntp recipe configures the NTP service server. It is part of the management node. The management nodesare each other's peers, while the other Radiator VNF nodes only sync their time from the management node.

Use node['radiator-vnf']['services']['ntp']['servers'] attribute to add external servers.

7.2.12. rsyslog

The rsyslog recipe configures syslog that is forwarded to the management nodes. It is not included in thedefault recipe, so to be able to push the syslogs out of the Radiator VNF, you must add this recipe to yourrun_list and configure a Logstash output.

7.2.13. snmp

The snmp recipe installs, configures, and starts a Radiator OSC Library daemon by setting the attributes of theosc_library cookbook and using the osc_daemon LWRP resource it provides.

Do not set the osc_library cookbook attributes directly, instead use the node['radiator-vnf']['janitor'] attribute.


20 of 41

https://supermarket.chef.io/cookbooks/nginx_conf

8. Worker cookbook

This recipe also handles setting up the system's SNMPd service. Radiator OSC Library acts as an SNMP agent.Currently the exposed configuration of the SNMPd itself is limited to enabling SNMPv2c. It is enabled bydefault, that is the only option Radiator VNF supports at the moment.

The name of the SNMP community is automatically combined from node['radiator-vnf']['vnf_name']and node['radiator-vnf']['vnf_uuid'] attributes. These attributes must be correctly set. If you useRadiator VNFM, they are automatically set by Juju.

7.2.14. statssearch

The statssearch recipe configures the statssearch module of Radiator OSC Library. SNMP AgentExtender and Alert Manager use this module. This recipe is automatically included in default recipe.

Currently this recipe does not have configurable attributes.

8. Worker cookbookThe worker cookbook, radiator_vnf_worker, installs and configures software for the worker role.

This cookbook supports 2 use cases:

• Connecting from RADIUS client through Loadbalancer

• Connecting from Diameter client through Loadbalancer

Radiator instances that run on the workers handle both use cases. They need different configurations and thus adifferent Radiator installations. Only one is supported at a time.

A PCAP (Packet Capture) option is available, it is disabled by default. By including the correct configurationtemplate and recipe, the workers are able to produce PCAP files out of the RADIUS and Diameter packets.

Also a configuration validation setup is available and it is used by default to check the worker configurationbefore putting the new changes into use.

8.1. Worker cookbook attributes

Here are listed all the attributes that are used in the Radiator VNF worker cookbook.


The Radiator VNF worker configuration attributes are:

• node['radiator-vnf']['worker']['configuration']

This defines the main source for the worker role. It is passed on to the configuration templates as a@config variable.

• node['radiator-vnf']['worker']['options']['config_template']

This defines the main template that is used for configuring either Radiator OSC Library or Radiator. Thedefault value is radiator_vnf_worker:etc/radiator/radiator-vnf-worker.cfg.erb. To use atemplate from other cookbook, use the <cookbook>:<template> notation.

• node['radiator-vnf']['worker']['options']['config_variables']

This defines the configuration variables that are passed on to the main template and any partial templates.For more information on template variables, see Chef template documentation [https://docs.chef.io/resource_template.html#variables].

• node['radiator-vnf']['worker']['options']['config_helpers']


21 of 41



8. Worker cookbook


• node['radiator-vnf']['worker']['partial_templates']['radius']

This defines an array of partial templates provided for the RADIUS users. This list is used by theradiator_vnf_worker:etc/radiator/radiator-vnf-worker-radius-base.cfg.erb

template as selected by default with the node['radiator-vnf']['worker']['options']['config_variables']['partials'] attribute.

• node['radiator-vnf']['worker']['partial_templates']['3gpp-aaa-server']

This defines an array of partial templates provided for the Diameter users. This list is used by the etc/radiator/radiator-vnf-worker-diameter-3gppaaaserver.cfg.erb template, which iscommented out by default.

8.1.2. Service attributes

The Radiator VNF worker service attributes are:

• node['radiator-vnf']['worker']['options']['radiusd_includes']

This defines the extra files that are included in -I argument for the Perl binary. They are provided as anarray.

• node['radiator-vnf']['worker']['options']['radiusd_params']

This defines the extra parameter that are provided to the Radiator's radiusd binary. They are provided asan array.

• node['radiator-vnf']['worker']['options']['dictionary_source']

This defines the additional dictionary file that is copied to /etc/radiator as a cookbook_file.Radiator VNF workers use that file. To use a file from other cookbook, use the <cookbook>:<file>notation. This is an empty string by default and the default dictionary file is used.

• node['radiator-vnf']['worker']['options']['dictionary_file']

This defines the name of an additional dictionary file if it is provided using node['radiator-vnf']['worker']['options']['dictionary_source'] attribute. The default value isdictionary_RADIATOR_VNF.

Do not change this attribute to dictionary. Currently the Radiator cookbook overwrites the file and thedefault dictionary file is deleted.

• node['radiator-vnf']['worker']['instance_ratio']

This defines the ratio of Radiator instances per CPU core. The default value is 2.

8.1.3. Additional file attributes

The additional Radiator VNF worker file attributes are:

• node['radiator-vnf']['worker']['files']['hooks']

You can run code snippets and hooks from a file in the Radiator configuration. This attribute defines thefiles as an array. The array is copied to /etc/radiator/hooks with the cookbook_file resource. Touse a file from other cookbook, use the <cookbook>:<file> notation.

• node['radiator-vnf']['worker']['files']['modules']


22 of 41

8. Worker cookbook

You can run code snippets as Perl modules in the Radiator configuration. This attribute defines the filesas an array. The array is copied to /etc/radiator/modules with the cookbook_file resource. Themodules are requires on the Radiator VNF worker instance's command line with Perl -M command lineargument.

• node['radiator-vnf']['worker']['files']['scripts']

You can run script files, similar to hooks, in the Radiator configuration. This attribute defines the files asan array. The array is copied to /etc/radiator/scripts with the cookbook_file resource. To use afile from other cookbook, use the <cookbook>:<file> notation.


There is only one Radiator VNF worker software installation attribute:

• node['radiator-vnf']['worker']['dependencies']['radiator']

This defines the array of dependencies that are installed for the Radiator OSC Library daemon. Alldependencies must be defined with node['radiator-vnf']['software'] attribute. You can directlyinstall the dependency packages in your site cookbooks with the package resource. Usually there is noneed to change this attribute.

8.2. Worker cookbook recipes

This section introduces the recipes that are included in the Worker cookbook.

8.2.1. default

The default recipe includes all other recipes.

8.2.2. install

The install recipe installs Radiator and all its dependencies. The dependency list is gathered fromnode['radiator-vnf']['worker']['dependencies']['radiator'] attribute array. This recipe alsoinstalls the requires Radiator packs and creates directories for hooks, scripts, and modules.

8.2.3. service

The service recipe configures and starts the required amount of Radiator instances by setting the attributes inradiator cookbook. It also configures a service with the poise_service resource from the Poise cookbookset.

Do not set the radiator cookbook attributes directly, instead use the node['radiator-vnf']['worker']attribute.

8.2.4. debug

The debug recipe is similar to the service recipe, but it also forces trace level to 4 and sets a @debug variableto true for configuration templates. It uses the same source but the rendered configuration file has a suffix -debug.cfg.

8.2.5. validation

The validation recipe creates a separate configuration file in the same way as radiator cookbook does forthe other instances. This configuration file has a suffix -validation.cfg. It is not run as a daemon, insteadthe validation recipe runs the radiusd binary with -c flag. It is run before rendering the configuration of theactual Radiator worker instances with the new configuration.


23 of 41

9. Configuration examples

8.2.6. pcap

The pcap recipe sets up a rotation and shipment with Filebeat for the generated PCAP files. Usenode['radiator-vnf']['worker']['options']['config_variables']['partials'] attribute toinclude radiator_vnf_worker:radiator-worker-messagelog-filecarrier-libpcap.cfg.erbtemplate that actually configures the PCAP file creation.

9. Configuration examplesThis section contains some examples of configuring Radiator VNF.

9.1. Enabling debugging

Here are few examples of configuring debug logging for all the authentication related components in theRadiator VNF. The configuration change is done by using attributes, save the .rb file in attributes/directory in your site cookbooks repository.

• To enable debugging of Radiator RADIUS or Diameter instances on a worker:

default['radiator-vnf']['worker']['configuration']['Trace'] = 4

• To enable debugging of OSC Library RADIUS Loadbalancer instances on a loadbalancer:

default['radiator-vnf']['loadbalancer']['configuration']['LogLevel'] = 'debug'

• To enable debugging of OSC Library BEDBINT instances on a BEDBINT:

default['radiator-vnf']['bedbint']['configuration']['LogLevel'] = 'debug'

• To enable debugging of Radiator Diameter LB instances on a loadbalancer:

default['radiator-vnf']['loadbalancer']['configuration']['logLevel'] = 'debug'

• To enable debugging of Radiator Diameter Relay instances on a BEDBINT:

default['radiator-vnf']['bedbint']['configuration']['Trace'] = 4

9.2. Configuring log file cleanup

Here are examples of configuring Elasticsearch Curator to delete logs and statistics from Elasticsearch.

Cleanup can be managed according to several rules. By default, the Curator deletes logs older than one week.The logs are also deleted when their size reaches 75 GB. Disk space and memory also limit the amount of logsand statistics Elasticsearch can keep. To decrease memory consumption, the indices can be closed instead ofbeing deleted altogether. This way the logs and statistics do not use memory resources. Note that closed indicesare not searchable. Change these rules according to your system resources.

The configuration change is done by using attributes, save the .rb file in attributes/ directory in your sitecookbooks repository.

Deleting logs based on time

Here is a configuration example of deleting logs older than 5 days:

default['radiator-vnf']['management']['curator']['actions']

['delete-old-radiator-logs-index']['enabled'] = true


['delete-old-radiator-logs-index']['configuration'] = {


24 of 41


'actions' => {

1 => {

'action' => 'delete_indices',

'description' => 'Delete old Radiator log indices',

'options' => {

'ignore_empty_list' => true,

},

'filters' => [

{

'filtertype' => 'kibana',

'exclude' => true,

},

{

'filtertype' => 'pattern',

'kind' => 'prefix',

'value' => 'radiator-logs-',

},

{

'filtertype' => 'age',

'source' => 'name',

'direction' => 'older',

'timestring' => '%Y.%m.%d.%H',

'unit' => 'days',

'unit_count' => 5,

},

],

},

},

}


['delete-old-radiator-logs-index']['cron']['minute'] = '12'


['delete-old-radiator-logs-index']['cron']['hour'] = '*'

Deleting logs based on memory usage

Here is a configuration example of deleting logs or statistics consuming more than 10 GB:


['delete-indices-over-diskspace']['enabled'] = true


['delete-indices-over-diskspace']['configuration'] = {

'actions' => {

1 => {

'action' => 'delete_indices',

'description' => 'Delete oldest index if disk space

is over threshold',

'options' => {


},

'filters' => [

{



25 of 41


'exclude' => true,

},

{

'filtertype' => 'space',

'disk_space' => 10,

},

],

},

},

}


['delete-indices-over-diskspace']['cron']['minute'] = '*/5'


['delete-indices-over-diskspace']['cron']['hour'] = '*'

Closing logs based on time

Here is a configuration example of closing logs older than 7 days:


['close-old-radiator-logs-index']['enabled'] = true


['close-old-radiator-logs-index']['configuration'] = {

'actions' => {

1 => {

'action' => 'close',

'description' => 'Close old Radiator log indices',

'options' => {


},

'filters' => [

{


'exclude' => true,

},

{

'filtertype' => 'pattern',

'kind' => 'prefix',

'value' => 'radiator-logs-',

},

{

'filtertype' => 'age',

'source' => 'name',

'direction' => 'older',

'timestring' => '%Y.%m.%d.%H',

'unit' => 'days',

'unit_count' => 7,

},

],

},

},

}



26 of 41


['close-old-radiator-logs-index']['cron']['minute'] = '12'


['close-old-radiator-logs-index']['cron']['hour'] = '*'

9.3. Selecting dashboards

Here is an example of configuring Grafana dashboards. Statistics are different between RADIUS- and Diameter-based deployments, so they are shown in different dashboards. RADIUS dashboards are the default, so noconfiguration is necessary in that case.


As an example, if deploying from the supplied goodies cookbooks, the file can be created in thegoodies_radius_fixed_management cookbook for a RADIUS deployment, or in the case of Diameter, inthe goodies_diameter_vowifi_management cookbook.

The same attribute can be used to upload user-created dashboards to the management node, if there are any. Youmust have dashboards as JSON files in your site cookbook's templates.

To switch from the default to Diameter dashboards:

default['radiator-vnf']['management']['grafana']['dashboards']

=

node['radiator-vnf']['management']['dashboards']['diameter']

To introduce custom dashboards in addition to the default:

default['radiator-vnf']['management']['grafana']['dashboards']

= [ { 'name' => 'address-pools', 'enabled' => true, 'template' =>

'radiator_vnf_management:etc/grafana/dashboards/address-pools.json.erb',

}, { 'name' => 'radius-loadbalancer', 'enabled' => true, 'template'

=>

'radiator_vnf_management:etc/grafana/dashboards/radius-loadbalancer.json.erb',

}, { 'name' => 'radius-per-worker-instance', 'enabled' => true,

'template' =>

'radiator_vnf_management:etc/grafana/dashboards/

radius-per-worker-instance.json.erb',

}, { 'name' => 'radius-worker', 'enabled' => true, 'template' =>

'radiator_vnf_management:etc/grafana/dashboards/radius-worker.json.erb',

}, { 'name' => 'radiator-vnf', 'enabled' => true, 'template' =>

'radiator_vnf_management:etc/grafana/dashboards/radiator-vnf-radius.json.erb',

}, { 'name' => 'radius-loadbalancer-per-instance', 'enabled' =>

true, 'template' =>

'radiator_vnf_management:etc/grafana/dashboards/

radius-loadbalancer-per-instance.json.erb',

}, { 'name' => 'radius-per-worker', 'enabled' => true, 'template'

=>

'radiator_vnf_management:etc/grafana/dashboards/radius-per-worker.json.erb',

}, { 'name' => 'my-custom-dashboard', 'enabled' => true, 'template'

=> 'mycompany_myusecase:dashboards/my-custom-dashboard.json.erb', }, {

'name' => 'another-custom-dashboard', 'enabled' => true, 'template'

=> 'mycompany_myusecase:dashboards/another-custom-dashboard.json.erb',

}, { 'name' => 'a-disabled-dashboard', 'enabled' => false,

'template' =>


27 of 41


'mycompany_myusecase:dashboards/this-wont-be-shown.json.erb', },

]

When creating custom dashboards in Grafana, they can be exported as JSON. Note that the name of thedashboard must match in the configuration attribute and the title in the file.

9.4. Configuring automatic scaling

Configuration for the Juju scaling script is created automatically by Radiator VNF charms, so you can use itdirectly. Here is an example:

default['radiator-vnf']['alert-manager']['rules'] = {

'oscNfvStatsCpuUsageInPercentWorker' => [

{

'description' => 'Scale out if worker cpu load is over 40%.',

'disabled' => 0,

'identifier' => 'worker_scale_out_if_over_40',

'rule_type' => 'comparison',

'threshold_value' => 40,

'comparison_operator' => 'gt',

'action' => 'nfv_scale_out',

'action_cooldown_interval' => 120,

'action_retry_count' => 'unlimited',

'action_noretry_backofftime' => 120,

'script_name' => '/usr/bin/python3',

'script_parameters' => '/usr/local/bin/radiator-vnf-scaler',

'nfv_config' => '/opt/radiator-vnf/scaler/config.yaml',

'nfv_unit_name' => 'radiator-vnf-worker',

}

}

9.5. Connecting to backend systems

Here is an example of configuring backend connections from the BEDBINT. The configuration depends on thesystems it connects to.


As an example, if deploying from the supplied goodies cookbooks, the file can be created in thegoodies_radius_fixed_bedbint cookbook for a RADIUS deployment, or in the case of Diameter, in thegoodies_diameter_vowifi_bedbint cookbook.

To create a connection from the BEDBINT to a LDAP database:

default['radiator-vnf']['bedbint']['configuration']['Backend'] =

'ldaps://ldap.internal.example.com:636'

default['radiator-vnf']['bedbint']['configuration']['LDAP']['AuthDN'] =

'cn=Manager,dc=example,dc=com'

default['radiator-vnf']['bedbint']['configuration']['LDAP']['AuthPassword'] =

'secret'

default['radiator-vnf']['bedbint']['configuration']['LDAP']['BaseDN'] =

v'dc=example,dc=com'

default['radiator-vnf']['bedbint']['configuration']['LDAP']['Scope'] = 'sub'

default['radiator-vnf']['bedbint']['configuration']['LDAP']['SearchFilter'] =


28 of 41


'(cn=%{name})'

default['radiator-vnf']['bedbint']['configuration']['LDAP']['UsernameAttr'] =

'cn'

default['radiator-vnf']['bedbint']['configuration']['LDAP']['PasswordAttr'] =

'userPassword'

To create a connection from the BEDBINT to a HSS system:

default['radiator-vnf']['bedbint']['options']['config_variables']['origin_realm']

= 'internal.example.com'

default['radiator-vnf']['bedbint']['configuration']['DiaPeerDef']

['Origin-Host=hss.internal.example.com'] = {

'Identifier' => 'Our_HSS_Connection',

'Initiator' => 1,

'ProductName' => 'Radiator VNF BEDBINT Diameter Relay',

'SupportedVendorIds' => [

'3GPP'

],

'AuthApplicationIds' => [

'Relay'

],

'VendorAuthApplicationIds' => [

'3GPP:3GPP SWx'

],

'OriginHost' => "bedbint-#{node['hostname']}.internal.example.com",

'OriginRealm' => 'internal.example.com',

'DestinationRealm' => 'internal.example.com',

'DestinationHost' => 'hss.internal.example.com',

'Peer' => '172.17.123.50'

}

default['radiator-vnf']['bedbint']['configuration']['AuthBy']['DiaRelay']

['DiaPeerDef'] = [

'DiaPeerDef-Identifier=Our_HSS_Connection'

]

9.6. Enabling syslog output to external loghost

Here is an example of configuring syslog output from the Radiator VNF.

Logs are internally gathered with Filebeat through Logstash into Elasticsearch. Logstash can also forward thelogs to an external logging host.


As an example, if deploying from the supplied goodies cookbooks, the file can be created in thegoodies_radius_fixed_management cookbook for a RADIUS deployment, or in the case of Diameter, inthe goodies_diameter_vowifi_management cookbook.

To enable syslog forwarding in Logstash:

default['radiator-vnf']['management']['logstash']['outputs'] = [

{

'name' => 'syslog-forward',


29 of 41

10. Site cookbook development example

'enabled' => true,

'order' => 50,

'template' =>

'radiator_vnf_management:etc/logstash/conf.d/output-syslog-forward.conf.erb',

},

{

'name' => 'elasticsearch',

'enabled' => true,

'order' => 50,

'template' =>

'radiator_vnf_management:etc/logstash/conf.d/output-elasticsearch.conf.erb',

},

]

To include syslog forwarder recipe:

include_recipe 'radiator_vnf_management::rsyslog'

10. Site cookbook development exampleRadiator VNF deployment has goodies/ directory, which contains example cookbooks for implementing aRADIUS-based setup for Radiator VNF. This section describes the deployment of these cookbooks and testingthem locally using Test Kitchen. This is a recommended workflow for developing your own site cookbooks.

The basic idea is to write a site cookbook that provides the necessary environment and use-case-specificparameters to Radiator VNF cookbooks to get a functioning VNF system with a working business logic.

Important files and directories

Here are listed some important files and directories in site-cookbooks/:

• Berksfile

This is a file for Berkshelf that describes the dependencies for this cookbook set.

• Rakefile

This is a helper file for packaging and providing cookbooks as Rake tasks.

• site_spec_helper.rb

This file provides common parameters for running ChefSpec unit tests on the cookbooks.

• .kitchen.yml

This is a configuration file for Test Kitchen. It handles locally the converging of test nodes.

• test/

This directory contains files for running InSpec tests on a converged node.

Each cookbook directory contains files and sub-directories. Here are listed some important files and folders:

• /metadata.rb

This file describes the cookbook and lists its dependencies to Chef.

• /attributes/

This directory contains files that set attributes for the Radiator VNF cookbooks.

• /recipes/


30 of 41


This directory contains file that set attributes for the Radiator VNF recipes and describe additionalresources.

• /files/

This is an optional directory that contains raw files for recipes.

• /templates/

This is an optional directory that provides ERB (Embedded Ruby) templates for recipes.

• /spec/

This directory contains ChefSpec unit tests for the cookbook.

10.1. Requirements

You need the following software and tools for deploying and testing Radiator VNF example:

• Radiator VNF cookbooks

• Radiator VNF package repository

• ChefDK

This toolkit contains the necessary tools for Chef cookbook development, such as Test Kitchen, ChefSpec,and Berkshelf.

Make sure you have a version with Chef 12. Chef 13 has been released but it is not yet supported.

• Vagrant

By default, Test Kitchen is configured to start the virtual machines using Vagrant. Other different driversare also available.

• Virtualbox

Virtualbox is the default virtualisation solution. Test Kitchen supports other providers, too.

• Apt repository

This is needed as a source for the packages. If you have Radiator VNFM and its repository available, youcan use it.

10.2. Getting started

This section describes how you can make changes to configuration and test it locally. You need to have a testingenvironment and be able to run Test Kitchen to complete this example.

10.2.1. Setting up a test environment

For setting up the test environment, you need a .kitchen.yaml file. An example of this file is located insite-cookbooks directory. To set up a test environment:

1. Create a copy of the .kitchen.yaml file and name it .kitchen.local.yml.

2. Edit the .kitchen.local.yml file. Test Kitchen automatically uses this file to override the default.

platforms:

- name: ubuntu-16.04

attributes:

consul:

config:


31 of 41


server: true

bootstrap: true

goodies:

repository:

radiator-vnf-repository:

distribution: '2017.0'

components: ['main']

key: 'http://internal.example.com/radiator-vnf/RADIATOR-VNF-2017-GPG-KEY'

uri: 'http://internal.example.com/radiator-vnf'

YAML is very strict about indentation. Be sure that you use the right number of spaces.

3. Extract the Radiator VNF cookbook package into the same directory where site-cookbooks directory islocated.

10.2.2. Running Test Kitchen

To run Test Kitchen:

1. Set the environment variable to point the site-cookbook/goodies example you want to converge. Thisenvironment variable is used by Berksfile, Rakefile, and .kitchen.yaml.

2. Export the RADIUS-fixed use case:

$ export RADIATOR_VNF_USE_CASE="radius-fixed"

3. Invoke Test Kitchen to get Radiator VNF worker running with Vagrant in Virtualbox:

$ cd site-cookbooks

$ kitchen converge radius-fixed-worker-ubuntu

You must have installed ChefDK and extracted the cookbooks before you can invoke Test Kitchen.

4. Converge all roles:

$ kitchen converge demo

Test Kitchen uses fuzzy matching to guess what you want to do, so this command converges all roles.

Depending on the log levels, the converging process looks like this:

-----> Starting Kitchen (v1.15.0)

-----> Converging <radius-fixed-worker-ubuntu-1604>...

Preparing files for transfer

Preparing dna.json

Resolving cookbook dependencies with Berkshelf 5.6.3...

Removing non-cookbook files before transfer

Preparing data_bags

Preparing solo.rb

-----> Chef Omnibus installation detected (12.18.31)

Transferring files to <radius-fixed-worker-ubuntu-1604>

[2017-03-22T13:04:24+00:00] DEBUG: Current chef_repo_path is

["/tmp/kitchen", "/tmp/kitchen"]

[2017-03-22T13:04:24+00:00] DEBUG: Sleeping for 0 seconds

[2017-03-22T13:04:25+00:00] INFO: Started chef-zero at

chefzero://localhost:8889 with repository at /tmp/kitchen,

/tmp/kitchen


32 of 41


One version per cookbook

[2017-03-22T13:04:25+00:00] DEBUG: Running Ohai with the

following configuration: {:log_location=>#<IO:<STDOUT>>,

:node_name=>"radius-fixed-worker-ubuntu-1604",

:checksum_path=>"/tmp/kitchen/checksums",

:file_cache_path=>"/tmp/kitchen/cache",

:file_backup_path=>"/tmp/kitchen/backup",

:cookbook_path=>["/tmp/kitchen/cookbooks",

"/tmp/kitchen/site-cookbooks"],

:data_bag_path=>"/tmp/kitchen/data_bags",

:environment_path=>"/tmp/kitchen/environments",

:node_path=>"/tmp/kitchen/nodes",

:role_path=>"/tmp/kitchen/roles",

:client_path=>"/tmp/kitchen/clients",

:user_path=>"/tmp/kitchen/users",

:validation_key=>"/tmp/kitchen/validation.pem",

:client_key=>"/tmp/kitchen/client.pem",

:chef_server_url=>"chefzero://localhost:8889",

:encrypted_data_bag_secret=>"/tmp/kitchen/encrypted_data_bag_secret",

:treat_deprecation_warnings_as_errors=>false,

:config_file=>"/tmp/kitchen/solo.rb",

:force_logger=>false,

:force_formatter=>true,

:profile_ruby=>false,

:color=>false, :log_level=>:debug,

:json_attribs=>"/tmp/kitchen/dna.json",

:specific_recipes=>[],

:solo=>true,

:local_mode=>true}

[2017-03-22T13:04:25+00:00] INFO: Forking chef instance to converge...

[2017-03-22T13:04:25+00:00] DEBUG: Fork successful.

Waiting for new chef pid: 24078

[2017-03-22T13:04:25+00:00] DEBUG: Forked instance now converging

Starting Chef Client, version 12.18.31

[2017-03-22T13:04:25+00:00] INFO: *** Chef 12.18.31 ***

[2017-03-22T13:04:25+00:00] INFO: Platform: x86_64-linux

[2017-03-22T13:04:25+00:00] INFO: Chef-client pid: 24078

[2017-03-22T13:04:25+00:00] DEBUG: Chef-client request_id:

afb0659f-668e-425c-b183-3e117f99f8cb

...

Chef Client finished, 13/246 resources updated in 01 minutes 03 seconds

[2017-03-22T13:05:28+00:00] DEBUG: Server doesn't support resource

history, skipping resource report.

[2017-03-22T13:05:28+00:00] DEBUG: Audit Reports are disabled. Skipping

sending reports.

[2017-03-22T13:05:29+00:00] DEBUG: Forked instance successfully reaped

(pid: 24078)

[2017-03-22T13:05:29+00:00] DEBUG: Exiting

Finished converging <radius-fixed-worker-ubuntu-1604> (1m43.48s).

-----> Kitchen is finished. (1m46.31s)


33 of 41


5. After a successful converging, run the provided InSpec tests:

$ kitchen verify radius-fixed-worker-ubuntu


-----> Setting up <radius-fixed-worker-ubuntu-1604>...

Finished setting up <radius-fixed-worker-ubuntu-1604> (0m0.00s).

-----> Verifying <radius-fixed-worker-ubuntu-1604>...

Loaded

Target: ssh://[email protected]:2205

File /etc/radiator/worker.cfg

# should be file

# should be readable by user radiator

# content should eq "#\n# /etc/radiator/worker.cfg\n#\n# Radiator VNF

Worker\n#\n# This configuration file is generated b...AuthBy>\n\n AuthLog

RadiatorVNF_AuthLogFILE_JSON\n</Handler>\n\n# End of partial configuration\n"

Service radiator-instance-1

# should be enabled

# should be running

Port 11812

# should be listening

# protocols should include "udp"

Port 11813




# should be enabled

# should be running

Port 11814



Port 11815



Test Summary: 15 successful, 0 failures, 0 skipped

Finished verifying <radius-fixed-worker-ubuntu-1604> (0m1.38s).


The following example changes the business logic and Trace level. Chef has several levels of attributes anddifferent place where to set them. The following procedure uses the override level for changing the Trace levelbecause Radiator VNF provides a way to set configuration attributes through data bags. Configuration changesin data bags are merged into the attributes and it overwrites the attributes on default level.

To change the Trace level and edit the business logic:

1. The source data bag for the configuration is set with node['radiator-vnf']['config_data_bag']attribute. Its value is demo/ by default in the site cookbooks. Change it to test/fixtures/data_bagsfor the JSON file.

2. For changing the Trace level, set node.override['radiator-vnf']['worker']['configuration']['Trace'] = '3' in a recipe before include_recipes line.


34 of 41


$ cd site-cookbooks/demo_*_worker

$ echo "# This is a test of changing the business logic" >>

templates/default/fixed-business-logic.cfg.erb

$ vi recipes/default.rb

3. Converge the configuration.

$ kitchen converge radius-fixed-worker-ubuntu


...

* template[/etc/radiator/worker.cfg] action

create[2017-03-22T13:40:09+00:00]

INFO: Processing template[/etc/radiator/worker.cfg]

action create (radiator::configuration line 35)

[2017-03-22T13:40:09+00:00] INFO:

template[/etc/radiator/worker.cfg] backed up to

/tmp/kitchen/backup/etc/radiator/worker.cfg.chef-20170322134009.131422

[2017-03-22T13:40:09+00:00] INFO:

template[/etc/radiator/worker.cfg] removed backup at

/tmp/kitchen/backup/etc/radiator/worker.cfg.chef-20170322131650.491911

[2017-03-22T13:40:09+00:00] INFO:

template[/etc/radiator/worker.cfg] updated file

contents /etc/radiator/worker.cfg

- update content in file /etc/radiator/worker.cfg from 3aa6e4 to 7bf4a6

--- /etc/radiator/worker.cfg 2017-03-22 13:35:23.208734593 +0000

+++ /etc/radiator/.chef-worker20170322-1848-16oqg0m.cfg 2017-03-22

13:40:09.048734593 +0000

@@ -12,13 +12,13 @@

#

# Rendered partial configuration:

"etc/radiator/partials/radiator-logging.cfg.erb"

from cookbook: "radiator_vnf"

-Trace 4

+Trace 3

LogDir /var/log/radiator

LogFile

LogMicroseconds

<Log FILE>

- Trace 4

+ Trace 3

Identifier RadiatorVNF_LogFILE_JSON

Filename %L/radiator-%{GlobalVar:instance}.log

LogFormatHook sub { Radius::LogFormat::format_log_json(@_); }

@@ -981,6 +981,7 @@

AuthLog RadiatorVNF_AuthLogFILE_JSON

</Handler>

+# This is a test of changing the business logic


35 of 41


# End of partial configuration

...

[2017-03-22T13:40:11+00:00] INFO: template[/etc/radiator/worker.cfg]

sending restart action to poise_service[radiator-instance-1]

(delayed)

Recipe: radiator_vnf_worker::service

* poise_service[radiator-instance-1] action

restart[2017-03-22T13:40:11+00:00]

INFO: Processing poise_service[radiator-instance-1]

action restart (radiator_vnf_worker::service line 39)

* service[radiator-instance-1] action

restart[2017-03-22T13:40:11+00:00]

INFO: Processing service[radiator-instance-1]

action restart

(/tmp/kitchen/cache/cookbooks/radiator_vnf_worker/recipes/service.rb

line 39)

[2017-03-22T13:40:19+00:00] INFO: service[radiator-instance-1] restarted

- restart service service[radiator-instance-1]

[2017-03-22T13:40:19+00:00] INFO: template[/etc/radiator/worker.cfg]

sending restart action to poise_service[radiator-instance-2] (delayed)

* poise_service[radiator-instance-2] action

restart[2017-03-22T13:40:19+00:00]

INFO: Processing poise_service[radiator-instance-2] action

restart (radiator_vnf_worker::service line 39)

* service[radiator-instance-2] action

restart[2017-03-22T13:40:19+00:00]

INFO: Processing service[radiator-instance-2] action restart

(/tmp/kitchen/cache/cookbooks/radiator_vnf_worker/recipes/service.rb line 39)

[2017-03-22T13:40:27+00:00] INFO: service[radiator-instance-2] restarted

- restart service service[radiator-instance-2]

...

Chef Client finished, 19/252 resources updated in 52 seconds

Finished converging <radius-fixed-worker-ubuntu-1604> (1m26.21s).


4. Verify the configuration.

$ kitchen verify radius-fixed-worker-ubuntu


-----> Setting up <radius-fixed-worker-ubuntu-1604>...

Finished setting up <radius-fixed-worker-ubuntu-1604> (0m0.00s).

-----> Verifying <radius-fixed-worker-ubuntu-1604>...

Loaded

Target: ssh://[email protected]:2205


36 of 41


File /etc/radiator/worker.cfg

# should be file

# should be readable by user radiator

# content should eq "#\n# /etc/radiator/worker.cfg\n#\n# Radiator VNF

Worker\n#\n# This configuration file is generated b...AuthBy>\n\n

AuthLog RadiatorVNF_AuthLogFILE_JSON\n</Handler>\n\n# End of partial

configuration\n"

expected: "#\n# /etc/radiator/worker.cfg\n#\n# Radiator VNF Worker\n#\n#

This configuration file is generated b...AuthBy>\n\n

AuthLog RadiatorVNF_AuthLogFILE_JSON\n</Handler>\n\n#

End of partial configuration\n"

got: "#\n# /etc/radiator/worker.cfg\n#\n#

Radiator VNF Worker\n#\n#

This configuration file is generated b...ON\n</Handler>\n#

This is a test of changing the business logic\n\n# End of

partial configuration\n"

(compared using ==)

Diff:

@@ -12,13 +12,13 @@

#

# Rendered partial configuration:

"etc/radiator/partials/radiator-logging.cfg.erb" from

cookbook: "radiator_vnf"

-Trace 4

+Trace 3

LogDir /var/log/radiator

LogFile

LogMicroseconds

<Log FILE>

- Trace 4

+ Trace 3

Identifier RadiatorVNF_LogFILE_JSON

Filename %L/radiator-%{GlobalVar:instance}.log

LogFormatHook sub { Radius::LogFormat::format_log_json(@_); }

@@ -981,6 +981,7 @@

AuthLog RadiatorVNF_AuthLogFILE_JSON

</Handler>

+# This is a test of changing the business logic

# End of partial configuration


# should be enabled

# should be running


37 of 41


Port 11812



Port 11813




# should be enabled

# should be running

Port 11814



Port 11815



Test Summary: 14 successful, 1 failures, 0 skipped

>>>>>> ------Exception-------

>>>>>> Class: Kitchen::ActionFailed

>>>>>> Message: 1 actions failed.

>>>>>> Verify failed on instance <radius-fixed-worker-ubuntu-1604>.

>>>>>> Please see .kitchen/logs/radius-fixed-worker-ubuntu-1604.log

>>>>>> for more details

>>>>>> ----------------------

>>>>>> Please see .kitchen/logs/kitchen.log for more details

>>>>>> Also try running `kitchen diagnose --all` for configuration

10.3. Creating your own cookbook

This section discusses writing a cookbook for your own use case.

10.3.1. Creating new cookbook

You can start creating your own cookbook by making a copy of an example cookbook. site-cookbooks/directory contains several example cookbooks, they have also some tests included and already modifiesRadiator attributes.

You can also start from scratch with the following Chef commands:

$ mkdir -p my-radiator-vnf-use-case/site-cookbooks

$ cd my-radiator-vnf-use-case/site-cookbooks

$ chef generate cookbook my_company_use_case_common

$ chef generate cookbook my_company_use_case_vnf_worker

For more information on creating cookbooks with Chef, see chef generate cookbook command documentation[https://docs.chef.io/ctl_chef.html#chef-generate-cookbook].

10.3.2. Cookbook style checks

Cookbook and Ruby code style checks can show some errors in a very early stage so it is recommendable to dothese checks.


38 of 41

https://docs.chef.io/ctl_chef.html#chef-generate-cookbook

https://docs.chef.io/ctl_chef.html#chef-generate-cookbook


You can use either Foodcritic or Cookstyle tools. For more information on Foodcritic, see Foodcriticdocumentation [https://docs.chef.io/foodcritic.html]. For more information on Cookstyle, see Cookstyledocumentation [https://docs.chef.io/cookstyle.html].

To use Foodcritic:

$ chef exec foodcritic site-cookbooks

To use Cookstyle:

$ chef exec cookstyle site-cookbooks

10.3.3. Cookbook unit testing

Chef uses Ruby as DSL (Domain-specific Language) and many Chef testing tools are derived from Ruby tools.ChefSpec is a testing framework for Chef cookbooks, it uses RSpec example to run tests. For more informationon RSpec, see RSpec documentation [http://rspec.info/]. ChefSpec is a useful tool for catching regressionsbetween versions. It tests resources but it can also find missing include_recipe lines. ChefSpecs uses onlymemory, it does not require virtual machines.

To do unit testing with ChefSpec:

$ cd site-cookbooks

$ chef exec rspec --pattern my_company*/**/spec/**/*_spec.rb

Each example site cookbook directory contains ChefSpec tests. For more information on ChefSpec, seeChefSpec repository [https://github.com/chefspec/chefspec].

10.3.4. Cookbook smoke testing

In smoke testing, or in integration testing, the node is converged with Chef and the result is verified that it iscorrect. Test Kitchen can run multiple different verifiers but this example uses InSpec. It can be run against theactual production servers.

The smoke test has been done earlier in this example case, when kitchen verify was executed.

$ cd site-cookbooks

$ kitchen test

10.3.5. Packaging cookbooks

Berkshelf is used for resolving the dependencies of each cookbook, it describes the sources for the resolving.Usually Berkshelf reads the metadata.rb file of each cookbook.

Radiator VNF has a clear distinction with the default Radiator VNF cookbooks written by the provider andthe site cookbooks written by you. The site cookbooks depend on the default Radiator VNF cookbooks. ForBerkshelf, the Radiator VNF package provides Rakefile that helps with using Berkshelf library directly.

Vendoring Berkshelf means calculating dependencies and pushing them into a separate directory. Packagingmeans creating a tar.gz package out of the result.

To vendor Berkshelf:

$ cd site-cookbooks

$ chef exec rake berkshelf:vendor

I, [2017-03-23T09:46:50.686857 #42006] INFO -- : Solving dependencies with

Berksfile

I, [2017-03-23T09:46:50.692157 #42006] INFO -- : Vendoring dependency cookbooks


39 of 41

https://docs.chef.io/foodcritic.html

https://docs.chef.io/foodcritic.html

https://docs.chef.io/cookstyle.html

https://docs.chef.io/cookstyle.html

http://rspec.info/

https://github.com/chefspec/chefspec

11. Abbreviations

to ../deployment-cookbooks

...

I, [2017-03-23T09:46:51.158766 #42006] INFO -- : Copying cookbooks to

../deployment-cookbooks

To package the dependencies:

$ cd site-cookbooks

$ chef exec rake berkshelf:package

I, [2017-03-23T09:47:47.509431 #42054] INFO -- : Solving dependencies with

Berksfile

...

I, [2017-03-23T09:47:47.929100 #42054] INFO -- : Packaging cookbooks to archive

site-cookbooks-demo-1490255267.tar.gz

10.3.6. Deploying cookbooks

The actual deployment method depends on your environment. If you use Radiator VNFM, push yourcookbooks, including dependencies, into the site-cookbooks Git repository.

The Radiator VNF cookbooks are in a separate directory. The cookbooks in these 2 directories must beavailable for the destination node so that Chef Solo finds them and continues converging the node based on theconfigured run_list.

11. Abbreviations

Backend Database Interface

Acronym: BEDBINT

Dynamic Host Configuration Protocol

Acronym: DHCP

Domain Name System

Acronym: DNS

Domain-specific Language

Acronym: DSL

Embedded Ruby

Acronym: ERB

Home Subscriber Server

Acronym: HSS

JavaScript Object Notation

Acronym: JSON

Key Performance Indicators

Acronym: KPI

Lightweight Directory Access Protocol

Acronym: LDAP


40 of 41

11. Abbreviations

Lightweight Resource Provider

Acronym: LWRP

Management Information Base

Acronym: MIB

Network Time Protocol

Acronym: NTP

Packet Capture

Acronym: PCAP

Simple Network Management Protocol

Acronym: SNMP

Community-Based Simple Network Management Protocol version 2

Acronym: SNMPv2c

Universally Unique ID

Acronym: UUID

Virtualised Network Function

Acronym: VNF

Virtualised Network Function Manager

Acronym: VNFM


41 of 41

radiator vnf configuration manual copyright open system … › nfv ›...

Documents