In this section:
The primary interfaces used to access the SBC are the Embedded Management Application (EMA) GUI, EMA in Platform Mode GUI, Command Line Interface (CLI) and BMC (Baseboard Management Controller) GUI and REpresentational State Transfer Configuration Application Processing Interface (RESTCONF API).
The EMA provides a comprehensive method to provision, maintain and administer the SBC platform from any Web browser. This is the most frequently used access method. For more details, refer to the EMA User Guide.
For login details, refer to Logging Into EMA.
The EMA in Platform Mode provides current status of the platform, application software version information and system information. The EMA in Platform Mode is also used to start, stop and restart the application as well as reboot the host. The EMA in Platform Mode supports upgrading the operating system and application. Additional features include a web interface for generic troubleshooting activities, security and remote access management.
For more information, refer to Logging into EMA in Platform Mode.
Command Line Interface (CLI) is the traditional method to configure systems from any machine with network access using a secure shell (SSH) client terminal emulator).
For login details, refer to Logging Into CLI.
Not applicable to the SBC Software Edition (SWe).
The Baseboard Management Controller (BMC) supports the following functions:
For login details, refer to Logging Into the BMC
RESTCONF APIs provide access to RESTCONF API which is a simple, stateless architecture style (not a protocol) that uses the HTTP/HTTPS method ( such as GET, PUT, POST, DELETE) to retrieve the management information from the database. The main advantage is its simple interfaces and can be modified while the application is running.
RESTCONF has the following properties:
Client-Server model: In a client-server model, clients are associated with the user interface, and the servers manage data storage behind the interface. This allows a separation between the client and server.
To use a RESTCONF API, your application makes HTTPs requests and parses the responses. Currently, the only supported response format is XML. The methods used by developers are standard HTTP methods such as GET, PUT, POST, PATCH and DELETE.
For access details, refer to Accessing RESTCONF API.
SOAP APIs provide access to Simple Object Access (SOAP) API which is protocol specification used to exchange structured information in the implementation of web services. It uses XML information set for its message format, and usually relies on other application layer protocols, such as Hypertext Transfer Protocol (HTTP) or Simple Mail Transfer Protocol (SMTP), for message negotiation and transmission. The advantage of using SOAP is that it is very versatile and uses different transport protocols. The standard stacks use HTTP as a transport protocol.
The SBC SOAP API supports the following requests for each managed object:
The RAMP application maps each SOAP request to the corresponding RESTCONF request towards the SBC. In network configurations where RAMP is deployed, RAMP is also used to configure SBC Core using SOAP API for SBC. This interface supports provisioning as well the operations exposed by the yang models. For details, refer to the RAMP document "SBC SOAP API reference".
For access details, refer to Accessing SOAP API.
If your network includes the RAMP platform, and the SBC is added as a managed node or is part of a managed cluster, you can access a web-based management interface from the EMS. The SBC Configuration Manager application provides GUI configuration and management options similar to what the EMA GUI provides. The SBC Configuration Manager is accessible under Node Management by navigating to the Node Inventory, Registration and Other Functions window (Network > Node Management > Function Manager) and selecting the Configure function for a node. The SBC Configuration Manager is also accessible under Cluster Management by navigating to the Configurations tab for a cluster (Network > Cluster Management > Manage VNFs > Configurations) and clicking on the Edit Configure option. Refer to Ribbon Application Management Platform Documentation for more information on node and cluster management.
The SBC Core includes the utility /opt/sonus/bin/SbcSftp
with permissions -rwsr-xr-x
, which allows you to securely transfer files to a remote server using the Linux shell.
When executed, the program SbcSftp
:
Uploads/Downloads specified files to/from the remote server over a SFTP session, if the user has permissions to access the file
The advantage of using SbcSftp
over standard sftp
is that SbcSftp
automatically creates and deletes ACLs for accessing the remote server. For details, refer to SbcSftp - Secure File Transfers with Automated ACL Creation and Deletion.
The SBC SWe and SBC CNe use a RAMP configured for CNe as the single point of authentication for the SBC when using the SBC RESTCONF API or the SBC CLI. This single sign-on feature applies when the SBC CLI and SBC RESTCONF APIs are proxied from RAMP to the SBC (without requiring any knowledge on RAMP of the semantics of the request).
The SBC is enhanced with the following capabilities:
In a deployment, end-users are authenticated and authorized by RAMP when they connect to the SBC. RAMP may interface with external identity providers for this purpose. After authentication, RAMP determines the usergroup that the user belongs to. RAMP passes on this user and usergroup information to the ConfD through the mechanisms mentioned below.
RAMP uses the existing 'emsadmin' user account to interface with the SBC. When the SBC registers with the RAMP, the LCA (Life Cycle Agent) on the SBC requests a password for the 'emsadmin' user account. The LCA updates this account on the SBC with the password generated and returned by RAMP in its response.
RAMP provides a web-based CLI terminal to the end-user. RAMP connects to the SBC's CLI port over the SSH, and proxy requests and responses from/to the end-user's web-based CLI terminal. RAMP connects to the SBC's CLI port as explained below:
End-user's username and groupname will be passed as the ssh ‘command’: The end-user's username and the groupname of the enduser's group is passed as arguments to the ssh command exactly as shown in the example below:
ssh -t emsadmin@10.34.175.181 "alice admin"
Here, the first argument ('alice') represents the end-user's username. The last argument ('admin') represents the group to which the end-user belongs.
RAMP proxies the RESTCONF requests from the end-user over HTTPS, after substituting the end-user's credentials with a special set of credentials. RAMP connects to the SBC as shown below:
With a special password: The space (' ') , proxy admin username and groupname is appended to the password field in the format shown below:
<space><ramp username>;<end-user's groupname>;<proxy admin user's password>
Here, semi-colons are used to separate the various fields of the password.
Please note that in this case, if the user's SBC password has expired, the customer is prompted to change their password before proceeding.
This means that REST API requests are rejected, and the user cannot log in through the RAMP CLI until the user changes the password using one of the following methods: