This section explains how to install the BSF Server on the OpenCloud Rhino TAS.

The Sentinel Authentication Gateway BSF Server is a SLEE service deployed on OpenCloud Rhino. It is installed using the Sentinel SDK infrastructure, which takes care of downloading any dependent SLEE components and automatically deploying them on Rhino.

To install the Sentinel Authentication Gateway BSF Server:

Note
Use Ant from the SDK or configure your own

The Ant build tool is required during installation. The Sentinel Authentication Gateway SDK includes a copy of Ant that is preconfigured with the necessary libraries for retrieving SDK dependencies. To use the SDK’s Ant, run sentinel-gaa-sdk/build/bin/ant.

You can use your own Ant installation (version 1.9 or later) by copying the bundled libraries to your ~/.ant/lib directory:

$ cd ~/sentinel-gaa/sentinel-gaa-sdk/build/ant
$ cp ivy.jar ant-build-support.jar ~/.ant/lib

In the following examples, we assume the ant command is the SDK’s version of Ant, or your own with the appropriate libraries, as shown above.


Install with or without Sentinel VoLTE

The BSF Server may be installed with or without Sentinel VoLTE (see the Sentinel VoLTE dependency section).

The following instructions are the same whether Sentinel VoLTE is installed or not.

1. Unzip sentinel-gaa-sdk-2.7.0.x.zip

To unzip sentinel-gaa-sdk-2.7.0.x.zip:

1

Copy the downloaded install zip file to a machine where Rhino and the BSF Server will run.

Tip It’s easiest if you create a new directory in the home directory.
$ mkdir ~/sentinel-gaa

2

Unzip.

$ cp ~/sentinel-gaa-sdk-2.7.0.x.zip ~/sentinel-gaa
$ cd ~/sentinel-gaa
$ unzip sentinel-gaa-sdk-2.7.0.x.zip

This creates the directory sentinel-gaa-sdk.

2. Install Rhino SDK (optional)

This step is not required if you have already installed a Rhino instance for Sentinel Authentication Gateway or if you are using an existing Sentinel VoLTE installation.

For testing and evaluation purposes, you can have the Sentinel Authentication Gateway SDK download and start a Rhino SDK instance. Sentinel Authentication Gateway can then be deployed into this instance.

To install Rhino using the SDK:

1

Run the install-rhino Ant target.

$ cd ~/sentinel-gaa/sentinel-gaa-sdk/rhino-sdk
$ ant install-rhino

The install-rhino target automatically downloads the latest version of Rhino, and installs it in sentinel-gaa-sdk/rhino-sdk/RhinoSDK.

2

Start the Rhino SDK.
Rhino can be started using the Ant target in sentinel-gaa-sdk/rhino-sdk:

$ ant start-rhino

3. Modify SDK Properties

If you installed your own Rhino, you need to modify the rhino.home property in the sdk.properties file.

$ cd ~/sentinel-gaa/sentinel-gaa-sdk

edit the sdk.properties file. Replace this line with the location of your rhino installation. e.g.

rhino.home=/home/ubuntu/rhino

4. Go Offline (optional)

Before installing you can take the SDK offline if required. This will create and populate an offline repository with the artifacts needed for installation.

If you go offline, internet access will not be needed for the installation, the offline repo will be used instead.

You can skip this step, in which case the install will use the internet to download the installation artifacts.

To go offline:

$ cd ~/sentinel-gaa/sentinel-gaa-sdk
$ ./build/bin/go-offline

Mirroring OpenCloud dependencies to repositories/opencloud-offline-mirror

Copying SDK index to offline repository...
Copying SDK infrastructure dependencies to offline repository...
Copying modules to offline repository...

Installing module 681/681

Finished copying repository artifacts.

Updating 'ivy.properties' to use offline resolvers:
 ivy.sdk-resolvers.file=offline-resolvers.xml
 ivy.cache.root=${sdk.root}/build/target/ivy-caches/offline-resolvers.cache

Configuration complete. SDK is now in 'offline' mode. Use 'go-online' to return to online mode.

5. Create a BSF deployment module

1

Run the sdkadm command.

$ cd ~/sentinel-gaa/sentinel-gaa-sdk
$ ./build/bin/sdkadm

This starts the interactive sdkadm tool.

2

Run the create-deployment-module command within the sdkadm console:

> create-deployment-module deploy-bsf deploy-bsf opencloud#sentinel-gaa-deploy#sentinel-gaa/2.7.0;latest.release

...

Creating deployment module 'deploy-bsf' in directory 'deploy-bsf'.

...

Finished writing deployment module to: /home/user/sentinel-gaa/sentinel-gaa-sdk/deploy-bsf

The deployment module is created in the deploy-bsf directory. This describes the configuration and dependencies that will be deployed into Rhino.

6. Edit the default configuration

The default configuration properties for the BSF are in the file deploy-bsf/config/config.properties, as shown below:

zh-server.realm=zh-realm
zh-server.hostname=zh-server.fqdn
zh-server.address=zh-server.fqdn
zh-server.uri=aaa\://zh-server.fqdn\:3868

zh-client.realm=zh-realm
zh-client.hostname=zh-client

http-ra.address=0.0.0.0
http-ra.port=8001

cassandra-cql-ra.host=localhost
cassandra-cql-ra.port=9042

bsf.tracelevel=Info
platform.operator.name=
diameterbase.tracelevel=Info

These should be updated as appropriate for your environment. In particular the zh-* properties specify how the BSF contacts its HSS:

Property Description Example

zh-server.realm

The HSS Diameter realm. This will be used in Destination-Realm AVPs.

home1.net

zh-server.hostname

The FQDN of the HSS. This will be used in Destination-Host AVPs.

hss.home1.net

zh-server.uri

The aaa: or aaas: URI of the HSS. Determines the address, port and transport for connections to the HSS. The host part of the URI should contain the same FQDN as zh-server.hostname.

aaa://hss.home1.net:3868

zh-server.address

May be used to connect to an address different from the HSS address specified above. This can be useful during testing to connect to a simulator while leaving the other HSS properties unchanged. If not needed, just set this to the same value as zh-server.hostname.

127.0.0.1

zh-client.realm

The BSF’s Diameter realm. This will be used in Origin-Realm AVPs.

home1.net

zh-client.hostname

The FQDN of the BSF. This will be used in Origin-Host AVPs.

bsf.home1.net

These properties can be updated after deployment. For more information see Updating the configuration below, and also BSF Configuration.

7. Publish the BSF deployment module

Before deploying, it is necessary to "publish" our BSF deployment module. This creates the required deployment artifacts that the SDK tools will use to deploy the module and its dependencies. The default Ant target in the deploy-bsf module performs this publishing step.

$ cd deploy-bsf
$ ant

8. Run the deploy, bind, and configure scripts

The following Ant targets will deploy the BSF service (and its dependencies), and apply the default configuration.

$ ant deploy-with-deps
$ ant bind-with-deps
$ ant configure-with-deps

The BSF service will now be active.

9. Create the Sentinel configuration profile

Tip If you installed Sentinel Authentication Gateway on top of an existing Sentinel-VoLTE installation, you can skip this step.

If you installed Sentinel Authentication Gateway in Rhino without an existing Sentinel-VoLTE installation, these rhino-console commands must be run:

cd ~/RhinoSDK/client/bin

./rhino-console createprofiletable name=SentinelConfigurationProfile,vendor=OpenCloud,version=2.7.0 SentinelConfigurationTable

./rhino-console createprofile SentinelConfigurationTable SentinelConfiguration PlatformOperator OpenCloud DefaultNetworkOperator OpenCloud HttpParameterForHttpDetermineNetworkOperator ImsiMccMnc DefaultOcsEntityId DiameterRoOcs

Updating the configuration

You can update the configuration after deployment by editing the config/config.properties file and running the configure target from your deploy-bsf directory:

$ vi config/config.properties
$ ant publish-local configure
Note

When applying a new configuration, the Sentinel SDK’s configure target will automatically deactivate and reactivate resource adapters that are part of the configuration. This may not be desirable, particularly in a production configuration.

See BSF Configuration for detailed information on how the BSF is configured, to plan changes with minimal disruption.

Previous page Next page