diff options
author | deen1985 <damian.nowak@nokia.com> | 2021-03-25 17:33:35 +0100 |
---|---|---|
committer | Vijay Venkatesh Kumar <vv770d@att.com> | 2021-03-26 14:53:30 +0000 |
commit | de4f97807cb2c2bebb50e6db7dd06b1ffbe515a1 (patch) | |
tree | ebf297699c9d90ca29b0c4cd3b1dad03b0e7eeef | |
parent | f422763ca6fda1484197a50509872eceee52de2c (diff) |
[Docs] Update the HV-VES installations instructions
Update the HV-VES installations intructions - add standard CFY installation.
Include optional installation without the TLS enabled.
Change-Id: I3c33769025fbadddb547ca719a438574586a1c43
Signed-off-by: Damian Nowak <damian.nowak@nokia.com>
Issue-ID: DCAEGEN2-2681
-rw-r--r-- | docs/sections/services/ves-hv/index.rst | 2 | ||||
-rw-r--r-- | docs/sections/services/ves-hv/installation.rst | 77 | ||||
-rw-r--r-- | docs/sections/services/ves-hv/running-insecure.rst | 58 | ||||
-rw-r--r-- | docs/sections/tls_enablement.rst | 1 |
4 files changed, 79 insertions, 59 deletions
diff --git a/docs/sections/services/ves-hv/index.rst b/docs/sections/services/ves-hv/index.rst index 94703119..6f849dc4 100644 --- a/docs/sections/services/ves-hv/index.rst +++ b/docs/sections/services/ves-hv/index.rst @@ -31,10 +31,10 @@ High Volume VES Collector overview and functions design repositories deployment + installation run-time-configuration HV-VES Offered APIs <../../apis/ves-hv/index> authorization - running-insecure example-event healthcheck-and-monitoring troubleshooting diff --git a/docs/sections/services/ves-hv/installation.rst b/docs/sections/services/ves-hv/installation.rst new file mode 100644 index 00000000..d97db068 --- /dev/null +++ b/docs/sections/services/ves-hv/installation.rst @@ -0,0 +1,77 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 + +.. _installation: + +HV-VES installation +=================== + +Starting from ONAP/Honolulu release, HV-VES is installed with a DCAEGEN2-Services Helm charts. +This installation mechanism is convenient, but it doesn`t support all HV-VES features (e.g. CMP v2 certificates, and IPv4/IPv6 dual stack networking). This description demonstrates, how to deploy HV-VES collector using Cloudify orchestrator. + +Setting insecure mode for testing +--------------------------------- + +HV-VES application is configured by default to use TLS/SSL encryption on TCP connection. +However it is posible to turn off TLS/SSL authorization by overriding Cloudify blueprint inputs. + +Accessing bootstrap container with Kubernetes command line tool +--------------------------------------------------------------- + +To find bootstrap pod, execute the following command: + +:: + + kubectl -n <onap namespace> get pods | grep bootstrap + +To run command line in bootstrap pod, execute: + +:: + + kubectl -n <onap namespace> exec -it <bootstrap-pod-name> bash + + +Install HV-VES collector using Cloudify blueprint inputs +--------------------------------------------------------- + +1. If You have a running HV-VES instance, uninstall HV-VES and delete current deployment: + +:: + + cfy executions start -d hv-ves uninstall + cfy deployments delete hv-ves + +2. Create new deployment with inputs from yaml file (available by default in bootstrap container): + +:: + + cfy deployments create -b hv-ves -i inputs/k8s-hv_ves-inputs.yaml hv-ves + +In order to disable the TLS security, override the 'secuirty_ssl_disable' value in the deloyment: + +:: + + cfy deployments create -b hv-ves -i inputs/k8s-hv_ves-inputs.yaml -i security_ssl_disable=True hv-ves + +To verify inputs, You can execute: + +:: + + cfy deployments inputs hv-ves + +3. Install HV-VES deployment: + +:: + + cfy executions start -d hv-ves install + + +Using external TLS certificates obtained using CMP v2 protocol +-------------------------------------------------------------- + +In order to use the X.509 certificates obtained from the CMP v2 server (so called "operator`s certificates"), refer to the following description: + +.. toctree:: + :maxdepth: 1 + + Enabling TLS with external x.509 certificates <../../tls_enablement> diff --git a/docs/sections/services/ves-hv/running-insecure.rst b/docs/sections/services/ves-hv/running-insecure.rst deleted file mode 100644 index 8d366ac2..00000000 --- a/docs/sections/services/ves-hv/running-insecure.rst +++ /dev/null @@ -1,58 +0,0 @@ -.. This work is licensed under a Creative Commons Attribution 4.0 International License. -.. http://creativecommons.org/licenses/by/4.0 - -.. _running_insecure: - -Running insecure HV-VES in test environments -============================================ - -HV-VES application is configured by default to use TLS/SSL encryption on TCP connection. However it is posible to turn off TLS/SSL authorization by overriding Cloudify blueprint inputs. - - -Accessing bootstrap container with Kubernetes command line tool ---------------------------------------------------------------- - -To find bootstrap pod, execute the following command: - -:: - - kubectl -n <onap namespace> get pods | grep bootstrap - -To run command line in bootstrap pod, execute: - -:: - - kubectl -n <onap namespace> exec -it <bootstrap-pod-name> bash - - -Disable TLS/SSL by overriding Cloudify blueprint inputs -------------------------------------------------------- - -1. If You have a running HV-VES instance, uninstall HV-VES and delete current deployment: - -:: - - cfy executions start -d hv-ves uninstall - cfy deployments delete hv-ves - -2. Create new deployment with inputs from yaml file and override 'security_ssl_disable' value: - -:: - - cfy deployments create -b hv-ves -i inputs/k8s-hv_ves-inputs.yaml -i security_ssl_disable=True hv-ves - -To verify inputs, You can execute: - -:: - - cfy deployments inputs hv-ves - -3. Install HV-VES deployment: - -:: - - cfy executions start -d hv-ves install - - - - diff --git a/docs/sections/tls_enablement.rst b/docs/sections/tls_enablement.rst index 3d5a8cd5..bd907697 100644 --- a/docs/sections/tls_enablement.rst +++ b/docs/sections/tls_enablement.rst @@ -1,5 +1,6 @@ .. This work is licensed under a Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 +.. _tls_enablement: TLS Support =========== |