...
HTTP/2 Client Agent Configuration - Client tab
Setting | Description |
---|---|
Settings | |
Use SSL | Select this option to use the SSL. |
Security Profile | Click Browse to select a security profile with certificate and configuration to use, if you prefer to use a secure connection. Refer to Security (4.3) for more information. |
Min Connections Per Destination | Specify the minimum number of connections towards an endpoint (identified by host:port) that the agent will try to maintain. A value of 0 indicates "no minimum". This is not a hard limit as there could be more connections created during the spike in traffic. For more details see |
Min Connections Per Destination Check Interval(s)
https://infozone.atlassian.net/wiki/spaces/UEPE4D/pages/304388151/HTTP+2+Client+Agent+Configuration+4.3#Algorithm-for-Minimum-Connections. | |
Min Connections Per Destination Check Interval(s) | Specify how often you wish to check the established connections. A value of 0 indicates "no check will be performed". After each interval, the agent will try to create additional connections to achieve number set in the Min Connections Per Destination parameter. No connections will be shut down if the current number of connections is greater than the number set in Min Connections Per Destination. For more details, see |
Default connection concurrent streams | The initial value of concurrent streams that the client would like to handle per connection. The default value is 1000 |
Note!
This value may be overridden by any value sent by server.. Note! This value may be overridden by any value sent by server. | |
Max Response Content Length (MB) | Specify the maximum length for response content. The default value is 8MB. Note! While it is possible to set this value to infinite, this may lead to an out-of-memory error, potentially causing the EC to crash. It is advisable to set the memory size of the EC higher than the anticipated size of the HTTP content the agent will receive. |
Timeout | |
Request Timeout (sec) | Enter the timeout period in seconds for the request to the HTTP/2 client to wait for a response before timing out. |
Queue Settings | |
Max Requests Queued Per Destination | The size of the message queue in the Jetty server. Default is 20000. |
Note! Use this property to manage the memory usage. It is recommended that the EC or ECD running the workflow have xmx that is at the minimum (message size X queue size), otherwise there is a risk for out of memory errors. | |
Retry Interval for Full Queues (ms) | A millisecond value to indicate the time it will take for the request to try again when the queue is full. |
Max Retries for Full Queues | When the Route Error UDR option is checked, this field will be enabled. This field will indicate how many times the request will attempt to retry before routing it to Error UDR. |
Route Error UDR | If this checkbox is selected, the request will attempt to be received by the agent until it reached the maximum amount of retries. Once the threshold is reached, the request will be stored in an Error UDR and sent as an output from the HTTP/2 client agent. If the checkbox is cleared the request will attempt the retries for an indefinite amount of time, until the workflow is terminated. |
Server Monitor | |
Use HTTP2 Server Monitor | Select this checkbox to monitor the connection status of all servers that the agent has sent requests to. The monitoring is done by sending regular ping messages to the servers. If the servers are not responding, or there are other communication errors, they will be indicated as Unavailable. A list of the Available and Unavailable servers is available in two MIM values: |
Ping Interval (s) | Define the ping message interval for the Server Monitor. The time unit is seconds and 10 seconds is default. |
...
Algorithm for Minimum Connections
In case there is a need to run more than one connection towards an endpoint (identified by host:port) irrespective of current traffic, there is an option to configure that using Min Connections Per Destination and Min Connections Per Destination Check Interval(s) parameters.
At the beginning, the agent will try to establish the number of connections set in Min Connections Per Destination and then later try to keep number of open connections for each endpoint. As some connections can be shut down due to any reason, the agent will try to check its status at regular intervals. These check intervals are configured in Min Connections Per Destination Check Interval(s) parameter.
...
Note!
The connections are used by the agent in Round Robin manner. The agent will never try to close a valid connection.
OpenAPI Tab
The OpenAPI tab contains the following settings:
...
HTTP/2 Client Agent Configuration - OpenAPI tab
Setting | Description | ||
---|---|---|---|
Use OpenAPI Profile | Select this option if you want the agent to use the OpenAPI profile(s). | ||
OpenAPI Profile | Browse and select the profile to be used. This field is enabled when the Use OpenAPI Profile option is selected. Click Browse to search for the available OpenAPI profiles.
| ||
Enable Validation | Select this option if you want to validate the OpenAPI profile.
|
Note! Strict validation is applied against the OpenAPI specification due to the upgrade of third party libraries. For Example, if the response contains the body but the schema doesn't expect the response to contain body then it will causing validation failure. Refer to this link for further information https://bitbucket.org/atlassian/swagger-request-validator/issues/246/validator-does-not-check-a-response-body |
Authentication Tab
The Authentication tab contains settings for the following Authentication types:
...
Basic Authentication Type
...
Setting | Description |
---|---|
Username | Enter a username for an account on the remote server. The username must not include colon (:) characters. |
Password | Enter the password associated with the username |
...
. |
...
...
OAuth 2.0
...
Authentication Type
...
Setting | Description |
---|---|
Grant Type | Select the grant type:
|
Client ID | Enter the unique client identifier issued by the authorization server. |
Client Secret | Enter the client secret issued by the authorization server. |
Username | Enter the resource owner username, this can be the end-user granting access to a protected resource. This field is required when you have selected Resource Owner Password Credentials from the drop-down list Grant Type. |
Password | Enter the password associated with the username. This field is required when you have selected Resource Owner Password Credentials from the drop-down list Grant Type. |
Access Token URI | Enter the URI where the access token can be obtained. |
Token expiration override (sec) | Enter a time in seconds when you would like to refresh the access token prior to the expiration. This allows the application to obtain a new access token without the user's interaction. |
Additional Parameters | Some authentication servers may require additional parameters in the body of the token requests. To add a parameter, click the Add button and then enter the name of the parameter in the Key field and the value of the parameter in the Value field. Do not use escape characters in the value field, these will be added automatically by the HTTP2 Client agent. For instance, "https://example.com/" will be sent as "https%3A%2F%2example.com%2F". |
...
Note!
If an agent is configured on the Authentication Tab to use OAuth 2.0, an additional step may be required if the token needs to be obtained via HTTPS protocol.
The HTTP/2 Client internally uses the Java built-in HTTP Client to obtain a token. If a certificate is required to contact the authorization server, the proper certificate has to be imported into the pod.
For more information on steps to import the necessary certificate, refer to Importing Certificate to JDK/JRE Security Cacert in Kubernetes Pods (4.3).
...
Note!
To access the Authorization Server User's Guide(4.3), a valid CA certificate is required instead of a self-signed certificate.
Nnrf Access Token Authentication Type
...
...
Setting | Description |
---|---|
Authorization Server (NRF) | Enter the full URL path for the authorization server. If you enter an https URL, you must select the checkbox Use SSL. |
Use SSL | If you want to use encryption, select this checkbox. |
Security Profile | If you prefer to use a secure connection, click Browse to select a security profile with certificate and configuration. Refer to Security (4.3) for more information. |
NF Instance ID | Enter the NF instance ID of the server that you want to send requests from. |
Scope | Enter a string for the service(s) that you want to use, separated by whitespaces. |
Optional Parameters | |
NF Type | The NF type available for selection is CHF (charging function). If you select this setting, you must also select the Target NF Type. This is included in an access token request for an NF Type but not for a specific NF/NF service instance. |
Target NF Instance ID | Enter the NF instance ID of the server for which the access token is requested. This is included in an access token request for a specific NF service provider and shall contain NF Instance ID of the specific NF service provider. |
Target NF Type | The NF type available for selection is CHF (charging function). If you select this setting, you must also select NF Type. This is included in an access token request for an NF Type but not for a specific NF/NF service instance. |
Requester FQDN | Enter the Requester FQDN (Fully Qualified Domain Name). This is used by the NRF (Network Repository Function) to validate that the requester NF service consumer is allowed to access the target NF service provider. |
Target NF Set ID | Enter the Target NF Set ID of the consumer profile. This is included in the access token request of the NF type. |
Target NF Service Set ID | Enter the Target NF Service Set ID of the consumer profile. This is used by the NRF (Network Repository Function) to validate that the requester NF service consumer is allowed to access the target NF service instance. |
Hnrf Access Token URI | Enter the Hnrf URI where the access token can be obtained. |
Source NF Instance ID | Enter the Source NF Instance ID of the service provider. This contains the NF Instance ID of the source NF to collect data from the NF service provider. |
Requester PLMN |
PLMN |
ID | |
MCC | Enter the mobile country code (MCC) for the Requester PLMN (Public Land Mobile Network) ID If you enter values for the PLMN ID, you must enter values for the Target PLMN ID - MCC. |
MNC | Enter the mobile network code (MNC) for the Requester PLMN (Public Land Mobile Network) ID. If you enter values for the PLMN ID, you must enter values for the Target PLMN ID - MNC. |
Customize Format | Select this option to enter customized formats for the Requester PLMN ID. The supported format is JSON. For more information, refer to 3GPP TS 29.510 Technical Specification. |
Note! By selecting this option, the above MCC and MNC fields will be disabled |
Target PLMN
HTTP/2 Client Agent Configuration - NNRF Access Token authentication type (Target PLMN). | |
Target PLMN | |
Target PLMN ID | |
MCC | Enter the mobile country code (MCC) for the Target PLMN (Public Land Mobile Network) ID. This value is required if you have opted to enter the value for Requester PLMN ID - MCC. |
MNC | Enter the mobile network code (MNC) for the Target PLMN (Public Land Mobile Network) ID. This value is required if you have opted to enter the value for Requester PLMN ID - MNC. |
Customize Format | Select this option to enter customized formats for the Target PLMN ID. The supported format is JSON. For more information, refer to 3GPP TS 29.510 Technical Specification. |
Note! By selecting this option, the above MCC and MNC fields will be disabled. | |
Target SNPN |
MCC | Enter the mobile country code (MCC) for the Target SNPN (Standalone Non-Public Network). |
MNC | Enter the mobile network code (MNC) for the Target SNPN (Standalone Non-Public Network). |
NID | Enter the network identifier (NID) for the Target SNPN (Standalone Non-Public Network). |
Customize Format | Select this option to enter customized formats for the Target SNPN. The supported format is JSON. For more information, refer to 3GPP TS 29.510 Technical Specification. |
Note! By selecting this option, the above MCC, MNC and NID fields will be disabled. | |
Requester S-NSSAI List |
S-NSSAI List | Enter the Requester S-NSSAI(s) (Single Network Slice Selection Assistance Information) of the service provider. This is included during an access token request for an NF type and not for a specific NF / NF service instance. |
Customize Format | Select this option to enter customized formats for the Requester S-NSSAI list. The supported format is JSON. For more information, refer to 3GPP TS 29.510 Technical Specification. |
Note! By selecting this option, the above S-NSSAI List field will be |
Target S-NSSAI List
HTTP/2 Client Agent Configuration - NNRF Access Token authentication type (disabled. | |
Target S-NSSAI List |
Target S-NSSAI list | Enter the Target S-NSSAI(s) (Single Network Slice Selection Assistance Information) of the service provider. This list may be included for NF type access token request but not for a specific NF/NF service instance. |
Customize Format | Select this option to enter customized formats for the Target S-NSSAI list. The supported format is JSON. For more information, refer to 3GPP TS 29.510 Technical Specification. |
Note! By selecting this option, the above Target S-NSSAI List field will be disabled. | |
Requester PLMN List |
PLMN List | Enter the Requester PLMN (Public Land Mobile Network) of the service producer. | ||
Customize Format | Select this option to enter customized formats for the Requester PLMN list. The supported format is JSON. For more information, refer to 3GPP TS 29.510 Technical Specification.
| ||
Requester SNPN List |
SNPN List | Enter the Requester SNPN (Standalone Non-Public Network) of the service producer. |
Customize Format | Select this option to enter customized formats for the Requester SNPN list. The supported format is JSON. For more information, refer to 3GPP TS 29.510 Technical Specification. |
Note! By selecting this option, the above Requester PLMN List field will be disabled. | |
Target NSI List HTTP/2 Client Agent Configuration - NNRF Access Token authentication type (Target NSI List) | |
Target NSI list | Enter the target NSI(s) (Network Slice Instances). This list may be included for NF type access token request but not for a specific NF/NF service instance. |
Customize Format | Select this option to enter customized formats for the Target NSI list. The supported format is JSON. For more information, refer to 3GPP TS 29.510 Technical Specification. |
Note! By selecting this option, the above Target NSI field will be disabled. |
...
Note!
If
...
you have selected NNRF Access Token as authentication type in the Authentication tab, you may have to perform an
...
addtional step
...
if the token
...
has to be
...
obtaining using HTTPS
...
.
The HTTP/2 Client internally uses the Java built-in HTTP Client to access the NNRF server. If a certificate is required to contact the authentication server, the proper certificate has to be put into the default certificates file for the respective JDK distribution used.
...
Code Block |
---|
cd $JAVA_HOME/lib/security
keytool -import -alias mycert -keystore cacerts -file nnrfHost.cert |
HTTP/2 Client Proxy
If HTTP traffic is required to be routed through a proxy, please look at see HTTP Proxy Setup (4.3) in order for information on how to configure the proxy.
...
Note!
Currently the HTTP/2 Client agent only supports HTTP/1.1 protocol traffic routing when a proxy is configured.
Without a proxy, HTTP/2 Client is able to route to HTTP/2 protocol traffic.