Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

To open the HTTP/2 Server agent configuration dialog from a workflow configuration, you can do either one of the following:

  • double-click the agent icon

  • select the agent icon and click the  Edit button

The Agent Configuration consists of the following tabs:

Server Tab

HTTP/2 Server Agent Configuration - Server tab

The Server tab contains the following settings:

Setting

Description

Settings

Use SSL

Select this option to use the SSL.

Security Profile

Click Browse to select a security profile with certificate and configuration to use, if you prefer to use a secure connection. Refer to Security (4.2) for more information.

Enable 2-way Authentication

If you have selected to use SSL, you can select this option to enable 2-way Authentication. If this option is selected, the Security (4.2) used must be configured using Java Truststore.

Host 

Enter the IP address or hostname that you want the agent to bind to.

Port

Enter the port number you want the agent to bind to.

Request Handling

Default connection concurrent streams

Fundamentally HTTP/2 is designed to make it easy for a client to send multiple parallel requests. Each request is entitled to a thread and if blocking APIs are used, then there are many ways a client can cause that thread to block.

To handle the resource problem this can cause, the setting Default connection concurrent streams can be used.

The setting specifies the maximum number of concurrently open streams allowed per single HTTP/2 connection. The default value uses in Jetty HTTP/2 server is 128. Larger values increase parallelism, but cost a memory commitment.

Route Error to APL

Select this option if you want to route HTTP errors to APL for custom handling. For more information on how to handle the error using APL, refer to Route Error to APL.

Timeout

Client Timeout (sec)

The period in seconds after which the HTTP/2 Server should close the connection if a client is inactive. That is, this is the period of inactivity from when the client has opened the connection or received the last expected response until the server should close the connection. For example, if Client Timeout is set to 6, this means that the server will close the connection if the client is inactive for 6 seconds.

Server Timeout (sec)

The period in seconds before which the HTTP/2 Server has to reply to a request. That is, this is the period within which a server has to process a request and send a response to a client. If the time limit is reached, an error response with a status code of 500 will be sent.

Responses

Default Charset

Select the character set you want to use as default character set. UTF-8 is preselected.

This character set will be used if the character set requested by Accept-Charset is not found in system.

GZIP Compression Level

If gzip is requested, then the response will be be gzipped with the compression level you specify in this field, 1-9.

Route Error to APL

When enabling Route Error to APL, you will send the request over as part of the RequestCycle UDR where you will then be able to use the Analysis agent to customize your own response. The example shown below has an If statement to catch any requests with errors by checking for isError that are set to True. The APL code will then go on to populate the response and route it back to the HTTP/2 Server agent.

import ultra.openapi.Test_5G.TS29510_Nnrf_NFDiscovery;
consume {

    http.RequestCycle cycleUdr = (http.RequestCycle) input;
    
    debug("input from client \n" + cycleUdr);
    
    ProblemDetails problemDetails = udrCreate(ProblemDetails);
    http.Response response = udrCreate(http.Response);
    
    if (cycleUdr.isError) { // cycleUdr.isError will be true if any errors is encountered while processing the request
	 	list<string> headers = listCreate(string);
        listAdd(headers, "application/problem+json");
        mapSet(response.headers, "Content-Type", headers);
 
        problemDetails.title = "Request Error";
        problemDetails.cause = cycleUdr.errorMessages[0]; // cycleUdr.errorMessages is a list containing error messages set from the error encountered
        problemDetails.status = cycleUdr.errorStatusCode; // cycleUdr.errorStatusCode contains the status code of the error encountered

        response.openAPIUDR = problemDetails;
        response.statusCode = cycleUdr.errorStatusCode;
    } 

    cycleUdr.response = response;
    debug("after apl logic \n" + cycleUdr);

    udrRoute("to_server", cycleUdr);

Overload Protection Tab

HTTP/2 Server Agent Configuration - Overload Protection tab

The Overload Protection tab controls overload protection and contains the following settings:

Setting

Description

Enable Overload Protection

Select this option if you want enable overload protection.

Number of Requests

If you have selected enable overload protection, enter the maximum number of requests that are allowed to be sent during the time specified in Average Period (sec). When this number of requests has been reached, further requests will be blocked until the time specified in Wait Duration (sec) has passed, then a retry will be attempted.

Period (sec)

Enter the time period in seconds for which the number of requests should be counted.

Wait Before Retry (sec)

Enter the number of seconds to wait before attempting to retry a request.

OpenAPI Tab

HTTP/2 Server Agent Configuration - OpenAPI tab

The OpenAPI tab contains the following settings:

Setting

Description

OpenAPI

Use OpenAPI Profile

Select this option if you want the agent to use the OpenAPI profile(s).

OpenAPI Profile

Browse and select the profiles to be used. This field is enabled when the Use OpenAPI Profile option is selected.

Click Add to browse for the available OpenAPI profiles.

Warning!

There are no limits to the number of profiles users can select. However, by selecting a large number of OpenAPI profiles will have significant impact on the overall performance of the workflow.

Enable Validation

Select this option if you want to validate the OpenAPI profile.

Warning!

Turning this option ON will have a very significant performance impact on the overall performance of the flow. When validation is enabled, each payload will be validated against the Open API schema, an operation that can be very resource-intensive. We recommend to only enable this setting during development and testing and to disable it in a stable production environment.

Note!

Strict validation is applied against the OpenAPI specification due to the upgrade of third party libraries. For Example, if the response contains the body but the schema doesn't expect the response to contain body then it will causing validation failure. Refer to this link for further information https://bitbucket.org/atlassian/swagger-request-validator/issues/246/validator-does-not-check-a-response-body

Override Error Response

Override Error Response on Server Shutdown

Select this option to enable the customization of the HTTP response for when a request to the server is received upon the server being terminated.

Override Error Response on Server Overload

Select this option to enable the customization of the HTTP response for when a request to the server is received upon the server being overloaded.

Note!

Overload protection should be enabled to utilize this feature.

Status Code

The HTTP error code for the error response. The default error code set is 503 for server shutdown and 429 for server overload.

Content Type

Enter the media type to be used as part of the HTTP header for the response. The default media type is "application/problem+json".

UDR Type

Browse for the UDR that will be populated as part of the HTTP response message.

UDR Field

The fields in the selected UDR Type will be shown in this column.

Type

The data type for the each of the UDR fields will be shown here. supports the following data type:

  • String

  • BigInt

  • Boolean

  • Int

Value

Enter a value that conforms to the data type of the UDR field. The value will then be parsed into the HTTP response when the error is triggered.

5G Tab

http2server_5gtab.png

HTTP/2 Server Agent Configuration - 5G tab

The 5G tab contains the following settings:

Setting

Description

5G

Use 5G Profile

Select this option if you want the agent to use a 5G profile.

5G Profile

Browse and select the profile to be used. This field is enabled when the Use 5G Profile option is selected.

NRF Address Settings

Primary NRF

Enter one or more primary NRF (NF Repository Function) address in this list.

Secondary NRF

Enter one or more secondary NRF (NF Repository Function) address in this list. It is optional to have secondary NRF addresses in any primary NRF address. The secondary NRF addresses serve as alternative connections when the heartbeat with the primary NRF address is not established.

This list displays the secondary NRF addresses based on the selected Primary NRF.

Additional Settings

Enable Fall Back (Reconnect to Primary NRF when it is available)

Select this option to have the agent reconnect to the primary NRF address from the secondary address. The agent will send a heartbeat repeatedly to the primary NRF address to determine its availability.

Enable Registration Retry (Retry when NRF addresses failed to register)

Select this option to have the agent retry to register a failed address before connecting to the next address. The agent will attempt to register the failed address based on the configured count and interval before attempting to register the next available address.

Retry Count

Enter the number of retries for failed address. The maximum retry count is 5.

Retry Interval (secs)

Enter the time interval in seconds, between retries. The maximum retry interval is 99 seconds.

Examples of Configuring Multiple Primary NRF Addresses

Info!

Use the primary and secondary NRF addresses below as reference to the following examples.

  • Primary NRF Address (P1) contains a Secondary NRF Address (S1)
    (P1) http://localhost:8000 contains (S1) http://localhost:8001

  • Primary Address (P2)
    (P2) http://localhost:9000

Example 1 - Successful connection to all primary addresses

Address

P1

S1

P2

Availability

(tick)

(tick)

(tick)

Result

Connected

Connected

Example 2 - Connect to secondary address when primary address is unavailable

Address

P1

S1

P2

Availability

(error)

(tick)

(tick)

Result

Connected

Connected

Example 3 - Connect to all remaining primary addresses when any of the primary and secondary addresses are unavailable

Address

P1

S1

P2

Availability

(error)

(error)

(tick)

Result

Connected

Note!

When the primary (P1) and secondary (S1) addresses are unavailable, the system will not attempt to reconnect. Users are required to re-initiate the workflow to reconnect, unless the Enable Registration Retry option is selected.

Example 4 - All primary and secondary addresses are unavailable upon initiating the workflow

Address

P1

S1

P2

Availability

(error)

(error)

(error)

Result

The workflow is aborted.

Note!

Configuring multiple primary and secondary NRF addresses in a workflow in the Desktop Client

When multiple primary NRF addresses are used in a workflow, the workflow table in Desktop Client shows the primary and secondary NRF addresses in the following manner:

wf_instance_table.png
  • Each primary NRF address and its secondary NRF addresses are displayed in corresponding to the respective row.
    In the example above, the first primary NRF address contains three secondary NRF addresses. These pairs are displayed in the first row of each table.

  • While each primary NRF address is listed vertically in the table, secondary NRF addresses are listed within the same row, separated by commas.

Proxy Support

If a proxy server is needed to reach NRF servers please look at HTTP Proxy Setup (4.2) in order to configure the proxy.

Authentication Tab

HTTP/2 Server Agent Configuration - Authentication tab

The Authentication tab contains the following settings:

Setting

Description

Use Token Authentication

Select this option if you want to use token authentication.

Access Token Required

If you have selected Token Authentication, you can select this option if you want the access token to be required.

Public Key

Paste the public key into this field.

Info!

If the Authorization Server is used, the public key should be extracted from the Java Keystore which the Authorization Server is bootstrapped with.

The following are steps to extract the public key:

# Convert JKS to PKCS12 format
keytool -importkeystore \
-srckeystore <KEYSTORE_NAME>.jks \
-destkeystore <KEYSTORE_NAME>.p12 \
-srcalias <ALIAS> \
-srcstoretype jks \
-deststoretype pkcs12

# Export certificate from PKCS12 key
openssl pkcs12 -in <KEYSTORE_NAME>.p12 -nokeys -out cert.pem

# Export public key from certificate
openssl x509 -pubkey -noout -in cert.pem -out public_key.pem





  • No labels