Document AAF Installation

Issue-ID: AAF-292 Change-Id: Ic02bf086454dcd0de306f9e6d9c334fd0f6b21e7 Signed-off-by: Instrumental <jonathan.gathman@att.com>
author: Instrumental <jonathan.gathman@att.com> 2018-07-20 11:32:41 -0500
committer: Instrumental <jonathan.gathman@att.com> 2018-07-20 11:32:53 -0500
commit: 15f3969cb88ce5576da368708dad1903828148f0 (patch)
tree: 043a8550a5ad2a9ce7b83a6e893d8015aadaf32a /docs/sections/installation
parent: 87da9feacd0abb0d60b98cc00c4755121fc73bbb (diff)
2 files changed, 218 insertions, 0 deletions
diff --git a/docs/sections/installation/install_from_source.rst b/docs/sections/installation/install_from_source.rst
new file mode 100644
index 00000000..4a4b03c5
--- /dev/null
+++ b/docs/sections/installation/install_from_source.rst
@@ -0,0 +1,218 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+
+Installing from Source Code
+============================
+
+*Note: this document assumes UNIX Bash Shell.  Being AAF works in Windows, but you will have to create your own script/instruction conversions.*
+
+------------------
+Modes
+------------------
+
+AAF can be run in various ways
+  * Standalone (on your O/S)
+  * Docker (localized)
+  * Kubernetes
+  * ONAP Styles
+    * HEAT (Docker Container Based Initilization)
+    * OOM  (a Helm Chart based Kubernetes Environment)
+
+------------------
+Prerequisites
+------------------
+
+You need the following tools to build and run AAF
+  * git
+  * maven
+  * Java (JDK 1.8+, openjdk is fine)
+  * Cassandra
+     * a separate installation is fine
+     * these instructions will start off with a Docker based Cassandra instance
+  * Machine - one of the following
+     * Standalone Java Processes - no additional running environments necessary
+     * docker - typically available via packages for O/S
+     * kubernetes - ditto
+     
+
+------------------
+Build from Source
+------------------
+Choose the directory you wish to start in... This process will create an "authz" subdirectory::
+
+  $ mkdir -p ~/src
+  $ cd ~/src
+
+Use 'git' to 'clone' the master code::
+ 
+  $ git clone https://gerrit.onap.org/r/aaf/authz
+
+Change to that directory::
+
+  $ cd authz
+
+Use Maven to build::
+
+  << TODO, get ONAP Settings.xml>>
+  $ mvn install
+
+.. -----------------
+.. Standalone
+.. -----------------
+
+-----------------
+Docker Mode
+-----------------
+
+After you have successfully run maven, you will need a Cassandra.  If you don't have one, here are instructions for a Docker Standalone Cassandra.  For a *serious* endeavor, you need a multi-node Cassandra.
+
+From "authz"::
+
+  $ cd auth/auth-cass/src/main/cql
+  $ vi config.dat
+
+===================
+Existing Cassandra
+===================
+
+AAF Casablanca has added a table.  If you have an existing AAF Cassandra, do the following::
+
+  ### If Container Cassandra, add these steps, otherwise, skip
+  $ docker container cp init2_1.cql aaf_cass:/tmp
+  $ docker exec -it aaf_cass bash
+  (docker) $ cd /tmp
+  ###
+  $ cqlsh -f 'init2_1.cql'
+
+=====================
+New Docker Cassandra
+=====================
+
+Assuming you are in your src/authz directory::
+
+  $ cd auth/auth-cass/docker
+  $ sh dinstall.sh
+
+---------------------
+AAF Itself
+---------------------
+
+Assuming you are in your src/authz directory::
+
+  $ cd auth/docker
+  ### If you have not done so before (don't overwrite your work!)
+  $ cp d.props.init d.props
+
+You will need to edit and fill out the information in your d.props file.  Here is info to help
+
+**Local Env info** - These are used to load the /etc/hosts file in the Containers, so AAF is available internally and externally
+
+  =============== =============
+  Variable        Explanation
+  =============== =============
+  HOSTNAME        This must be the EXTERNAL FQDN of your host.  Must be in DNS or /etc/hosts
+  HOST_IP         This must be the EXTERNAL IP of your host. Must be accessible from "anywhere"
+  CASS_HOST       If Docker Cass, this is the INTERNAL FQDN/IP.  If external Cass, then DNS|/etc/hosts entry
+  aaf_env         This shows up in GUI and certs, to differentiate environments
+  aaf_register_as As pre-set, it is the same external hostname.
+  cadi_latitude   Use "https://bing.com/maps", if needed, to locate your current Global Coords
+  cadi_longitude  ditto
+  =============== =============
+
+==============================
+"Bleeding Edge" Source install
+==============================
+
+AAF can be built, and local Docker Images built with the following::
+
+  $ sh dbuild.sh
+
+Otherwise, just let it pull from Nexus
+
+==============================
+Configure AAF Volume
+==============================
+
+AAF uses a Persistent Volume to store data longer term, such as CADI configs, Organization info, etc, so that data is not lost when changing out a container.
+
+This volume is created automatically, as necessary, and linked into the container when starting. ::
+
+  ## Be sure to have your 'd.props' file filled out before running.
+  $ sh aaf.sh
+
+==============================
+Bootstrapping with Keystores
+==============================
+
+Start the container in bash mode, so it stays up. ::
+
+  $ bash aaf.sh bash
+  id@77777: 
+
+In another shell, find out your Container name. ::
+  
+  $ docker container ls | grep aaf_config
+
+CD to directory with CA p12 files 
+  
+  * org.osaaf.aaf.p12
+  * org.osaaf.aaf.signer.p12    (if using Certman to sign certificates)
+
+Copy keystores for this AAF Env ::
+
+  $ docker container cp -L org.osaaf.aaf.p12 aaf_agent_<Your ID>:/opt/app/osaaf/local
+  ### IF using local CA Signer 
+  $ docker container cp -L org.osaaf.aaf.signer.p12 aaf_agent_<Your ID>:/opt/app/osaaf/local
+
+In Agent Window ::
+
+  id@77777: agent encrypt cadi_keystore_password
+  ### IF using local CA Signer 
+  id@77777: agent encrypt cm_ca.local 
+
+Check to make sure all passwords are set ::
+
+  id@77777: grep "enc:" *.props
+
+When good, exit from Container Shell and run AAF ::
+
+  id@77777: exit
+  $ bash drun.sh
+
+Check the Container logs for correct Keystore passwords, other issues ::
+
+  $ docker container logs aaf_<service>
+
+Watch logs ::
+
+  $ sh aaf.sh taillog
+
+Notes:
+
+You can find an ONAP Root certificate, and pre-built trustores  for ONAP Test systems at:
+  | authz/auth/sample/public/AAF_RootCA.cert
+  | authz/auth/sample/public/truststoreONAPall.jks
+
+Good Tests to run ::
+
+  ## From "docker" dir
+  ##
+  ## assumes you have DNS or /etc/hosts entry for aaf-onap-test.osaaf.org
+  ##
+  $ curl --cacert ../sample/public/AAF_RootCA.cer -u demo@people.osaaf.org:demo123456! https://aaf-onap-test.osaaf.org:8100/authz/perms/user/demo@people.osaaf.org
+  $ openssl s_client -connect aaf-onap-test.osaaf.org:8100
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/docs/sections/installation/fromsource.rst b/docs/sections/installation/sample.rst
index 19ac6221..19ac6221 100644
--- a/docs/sections/installation/fromsource.rst
+++ b/docs/sections/installation/sample.rst
author	Instrumental <jonathan.gathman@att.com>	2018-07-20 11:32:41 -0500
committer	Instrumental <jonathan.gathman@att.com>	2018-07-20 11:32:53 -0500
commit	15f3969cb88ce5576da368708dad1903828148f0 (patch)
tree	043a8550a5ad2a9ce7b83a6e893d8015aadaf32a /docs/sections/installation
parent	87da9feacd0abb0d60b98cc00c4755121fc73bbb (diff)