Diameter administration in SailFin 2.0 can be performed using the administration console (GUI) or administration command line utility (CLI) 'asadmin'. In this blog, I'll be covering all the CLI commands which can be used to configure Diameter stack. But before starting off with the commands, a few notes on how Diameter stack configuration exactly looks like.
A typical top-level Diameter configuration entry in domain.xml would look like this:
<diameter-service>
<peer-configuration>
<listener
diameter-application-ref="app_1">
<vendorid>31345</vendorid>
<productname>Sun Diameter</productname>
<firmware-revision>1.0</firmware-revision>
<mode>client</mode>
<bindto host="${DIAMETER_TCP_ADDRESS}" port="${DIAMETER_TCP_PORT}"
transport="tcp"/>
<bindto host="${DIAMETER_SSL_ADDRESS}" port="${DIAMETER_SSL_PORT}"
transport="tls">
<ssl cert-nickname="s1cs" client-auth-enabled="false"
ssl2-enabled="false" ssl3-enabled="false" tls-enabled="true"
tls-rollback-enabled="true"/>
</bindto>
<accept-unknown-peer>true</accept-unknown-peer>
<tctimer>10000</tctimer>
<realm>onyx.null</realm>
</listener>
<peers
retry="300"/>
<diameter-applications id="app_1">
<application vendorid="10415">
<authapp id="16777221"/>
</application>
</diameter-applications>
<max-threads>10</max-threads>
<msg-buffer-size>4096</msg-buffer-size>
<enable-msg-persistence>false</enable-msg-persistence>
</peer-configuration>
</diameter-service>
Diameter service essentially consists of connection information for an individual Diameter peer. Peer configuration contains details of a listener, peers and a set of one or more Diameter protocol applications. Listener is nothing but a local Diameter peer and defines details like vendor id, product name, firmware version, mode (eg. client, server, relay or proxy), address/port/transport of the local peer (bindto), flag indicating if unknown peer connections will be accepted or not (accept-unknown-peer), time interval for retrying peer connections (tctimer), and a realm name used by the local peer.
Peer configuration can also include a list of known peers. Each peer will point to the application, will include host/port/transport of peer and also the realm.
Finally, peer configuration also includes a list of Diameter applications to run. Applications can be either authentication or accounting applications supported by a particular vendor.
Diameter can be installed on an existing SailFin 2.0 installation using "asadmin install-addon" command. Diameter support can be enabled on either developer or cluster profile of SailFin. If you haven't installed the Diameter addon and try to run any of the Diameter commands, you will get a message as shown below:
$
asadmin create-diameter-service |
You can look at Naman's blog on how to setup Diameter.
Coming to the actual commands, 14 new commands have been added to configure the above mentioned Diameter stack configuration.
Configuring diameter-service:
create-diameter-service [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [--appref appref] [target(Default server)]
| $
asadmin create-diameter-service Command create-diameter-service executed successfully. |
delete-diameter-service [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [target(Default server)]
| $
asadmin delete-diameter-service Command delete-diameter-service executed successfully. |
Configuring diameter-applications:
create-diameter-application --applicationsid applicationsid [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [--authappid authappid] [--acctappid acctappid] [--target target(Default server)] vendorid
CLI014 applicationsid is a required option.
| $
asadmin create-diameter-application --applicationsid app_1 15555 Command create-diameter-application executed successfully. $ asadmin create-diameter-application --applicationsid app_1 --authappid 1 16666 Command create-diameter-application executed successfully. $ asadmin create-diameter-application --applicationsid app_1 --acctappid 2 16667 Command create-diameter-application executed successfully. |
list-diameter-applications [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [target(Default server)]
| $
asadmin list-diameter-applications app_1 Command list-diameter-applications executed successfully. |
list-diameter-application [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [--target target(Default server)] applicationsid
| $
asadmin list-diameter-application app_1 10415 15555 16666 16667 Command list-diameter-application executed successfully. |
create-diameter-authapp --applicationsid applicationsid --vendorid vendorid [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [--target target(Default server)] authappid
CLI014 applicationsid is a required option.
create-diameter-acctapp --applicationsid applicationsid --vendorid vendorid [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [--target target(Default server)] acctappid
CLI014 applicationsid is a required option.
| $
asadmin create-diameter-authapp --applicationsid app_1 --vendorid 15555
1 Command create-diameter-authapp executed successfully. $ asadmin create-diameter-acctapp --applicationsid app_1 --vendorid 15555 2 Command create-diameter-acctapp executed successfully. |
delete-diameter-authapp --applicationsid applicationsid --vendorid vendorid [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [--target target(Default server)] authappid
CLI014 applicationsid is a required option.
delete-diameter-acctapp --applicationsid applicationsid --vendorid vendorid [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [--target target(Default server)] acctappid
CLI014 applicationsid is a required option.
| $
asadmin delete-diameter-authapp --applicationsid app_1 --vendorid 15555
1 Command delete-diameter-authapp executed successfully. $ asadmin delete-diameter-acctapp --applicationsid app_1 --vendorid 15555 2 Command delete-diameter-acctapp executed successfully. |
Configuring diameter peers:
create-peer --appref appref --connectiondefinition connectiondefinition --realm realm [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [--pool pname] [--jndiname jndiname] [--peerhost localhost] [--peerport 3868] [--target target(Default server)] id
| $
asadmin create-peer --appref app_1 --connectiondefinition Rf --realm
Sun.com peer_1 Command create-peer executed successfully. |
list-peers [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [target(Default server)]
| $
asadmin list-peers peer_1 Command list-peers executed successfully. |
delete-peer [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848] [--secure|-s=true] [--user admin_user] [--passwordfile file_name] [--target target(Default server)] id
| $
asadmin delete-peer peer_1 Command delete-peer executed successfully. |
Note: In case of developer profile, the commands operate on server-config where ever target is not specified.