From c0095d1fed1e1ffc4d2ed75f34e39ab4e3874d2e Mon Sep 17 00:00:00 2001 From: Eric Debeau Date: Wed, 15 Nov 2017 23:58:49 +0000 Subject: Update Setting UP according to doc meeting Merge Former Integration.rst Align with Readme demo file Add link to designate installation Add link to the wiki for the component lists Add information about OpenStack providers Change-Id: I932b1b4d186e19f85308c93dc8421d74f5353f8c ISSUE-ID: DOC-153 Signed-off-by: Eric Debeau --- docs/guides/onap-developer/settingup/fullonap.rst | 273 +++++++++++++++++++-- .../onap-developer/settingup/install-designate.rst | 22 +- 2 files changed, 264 insertions(+), 31 deletions(-) diff --git a/docs/guides/onap-developer/settingup/fullonap.rst b/docs/guides/onap-developer/settingup/fullonap.rst index 5436cc638..859005f55 100644 --- a/docs/guides/onap-developer/settingup/fullonap.rst +++ b/docs/guides/onap-developer/settingup/fullonap.rst @@ -31,7 +31,11 @@ OpenStack --------- ONAP installation is validated on `OpenStack Ocata `_ or latter release. -The following Open Stack components must be deployed in the infrastructure: +You can use various Cloud providers offering OpenStack based solutions. A list of available Cloud providers on the `OpenStack marketplace `_. + +You can use your private Cloud infrastructure. + +The following OpenStack components must be deployed in the infrastructure: - *Cinder* - *Designate* - *Glance* @@ -46,7 +50,13 @@ To deploy OpenStack, you can use various solutions: - `OPNFV Cross Community Continuous Integration - XCI installer `_ *Designate* component is usually not deployed using standard OpenStack installers. -Please find a guide to deploy and configure *Designate*. +Please find a guide to deploy and configure *Designate* + +.. toctree:: + :maxdepth: 1 + + install-designate.rst + The OpenStack infrastructure must enable internet access. @@ -121,18 +131,248 @@ Security The default installation assumes that the Default security group is configured to enable full access between the ONAP components. Depending on your environment, we may need to open some security groups (eg when using the portal from your desktop). -The following tables presents the ports exposed by the various components: - -TODO list the ports +The list of various services and ports used can be found on the `ONAP wiki `_ **Deployment** ============== +Source files +------------ + +- Template file: https://git.onap.org/demo/plain/heat/ONAP/onap_openstack.yaml +- Environment file: https://git.onap.org/demo/plain/heat/ONAP/onap_openstack.env + +Description +----------- + +The ONAP HEAT template spins up the entire ONAP platform. The template, +onap_openstack.yaml, comes with an environment file, +onap_openstack.env, in which all the default values are defined. + +The HEAT template is composed of two sections: (i) parameters, and (ii) +resources. +The parameter section contains the declaration and +description of the parameters that will be used to spin up ONAP, such as +public network identifier, URLs of code and artifacts repositories, etc. +The default values of these parameters can be found in the environment +file. + +The resource section contains the definition of: + +- ONAP Private Management Network, which ONAP components use to communicate with each other and with VNFs +- ONAP Virtual Machines (VMs) +- Public/private key pair used to access ONAP VMs +- Virtual interfaces towards the ONAP Private Management Network +- Disk volumes. + +Each VM specification includes Operating System image name, VM size +(i.e. flavor), VM name, etc. Each VM has two virtual network interfaces: +one towards the public network and one towards the ONAP Private +Management network, as described above. Furthermore, each VM runs a +post-instantiation script that downloads and installs software +dependencies (e.g. Java JDK, gcc, make, Python, ...) and ONAP software +packages and docker containers from remote repositories. + +When the HEAT template is executed, the Openstack HEAT engine creates +the resources defined in the HEAT template, based on the parameters +values defined in the environment file. + +Environment file +---------------- + +Before running HEAT, it is necessary to customize the environment file. +Indeed, some parameters, namely public_net_id, pub_key, +openstack_tenant_id, openstack_username, and openstack_api_key, +need to be set depending on the user's environment: + +**Global parameters** + +:: + + public_net_id: PUT YOUR NETWORK ID/NAME HERE + pub_key: PUT YOUR PUBLIC KEY HERE + openstack_tenant_id: PUT YOUR OPENSTACK PROJECT ID HERE + openstack_username: PUT YOUR OPENSTACK USERNAME HERE + openstack_api_key: PUT YOUR OPENSTACK PASSWORD HERE + horizon_url: PUT THE HORIZON URL HERE + keystone_url: PUT THE KEYSTONE URL HERE (do not include version number) + +openstack_region parameter is set to RegionOne (OpenStack default). If +your OpenStack is using another Region, please modify this parameter. + +public_net_id is the unique identifier (UUID) or name of the public +network of the cloud provider. To get the public_net_id, use the +following OpenStack CLI command (ext is the name of the external +network, change it with the name of the external network of your +installation) + +:: + + openstack network list | grep ext | awk '{print $2}' + +pub_key is string value of the public key that will be installed in +each ONAP VM. To create a public/private key pair in Linux, please +execute the following instruction: + +:: + + user@ubuntu:~$ ssh-keygen -t rsa + +The following operations to create the public/private key pair occur: + +:: + + Generating public/private rsa key pair. + Enter file in which to save the key (/home/user/.ssh/id_rsa): + Created directory '/home/user/.ssh'. + Enter passphrase (empty for no passphrase): + Enter same passphrase again: + Your identification has been saved in /home/user/.ssh/id_rsa. + Your public key has been saved in /home/user/.ssh/id_rsa.pub. + +openstack_username, openstack_tenant_id (password), and +openstack_api_key are user's credentials to access the +OpenStack-based cloud. + +**Images and flavors parameters** + +:: + + ubuntu_1404_image: PUT THE UBUNTU 14.04 IMAGE NAME HERE + ubuntu_1604_image: PUT THE UBUNTU 16.04 IMAGE NAME HERE + flavor_small: PUT THE SMALL FLAVOR NAME HERE + flavor_medium: PUT THE MEDIUM FLAVOR NAME HERE + flavor_large: PUT THE LARGE FLAVOR NAME HERE + flavor_xlarge: PUT THE XLARGE FLAVOR NAME HERE + flavor_xxlarge: PUT THE XXLARGE FLAVOR NAME HERE + +To get the images in your OpenStack environment, use the following +OpenStack CLI command: + +:: + + openstack image list | grep 'ubuntu' + +To get the flavor names used in your OpenStack environment, use the +following OpenStack CLI command: + +:: + + openstack flavor list + +**Network parameters** + +:: + + dns_list: PUT THE ADDRESS OFTHE EXTERNAL DNS HERE (e.g. a comma-separated list of IP addresses in your /etc/resolv.conf in UNIX-based Operating Systems). THIS LIST MUST INCLUDE THE DNS SERVER THAT OFFERS DNS AS AS SERVICE (see DCAE section below for more details) + external_dns: PUT THE FIRST ADDRESS OF THE EXTERNAL DNS LIST HERE oam_network_cidr: 10.0.0.0/16 + dns_forwarder: PUT THE IP OF DNS FORWARDER FOR ONAP DEPLOYMENT'S OWN DNS SERVER + oam_network_cidr: 10.0.0.0/16 + +You can use the Google Public DNS 8.8.8.8 and 4.4.4.4 address or your internal DNS servers + +ONAP installs a DNS server used to resolve IP addresses in the ONAP OAM private network. +ONAP Amsterdam Release also requires OpenStack Designate DNS support for the DCAE platform, so as to allow IP address discovery and communication among DCAE elements. +This is required because the ONAP HEAT template only installs the DCAE bootstrap container, which will in turn install the entire DCAE platform. +As such, at installation time, the IP addresses of the DCAE components are unknown. + +The DNS server that ONAP installs needs to be connected to the Designate DNS to allow communication between the DCAE elements and the other ONAP components. +To this end, dns\_list, external\_dns, and dns\_forwarder should all have the IP address of the Designate DNS. +These three parameters are redundant, but still required for Amsterdam Release. Originally, dns\_list and external\_dns were both used to circumvent some limitations of older OpenStack versions. +In future releases, the DNS settings and parameters in HEAT will be consolidated. +The Designate DNS is configured to access the external DNS. +As such, the ONAP DNS will forward to the Designate DNS the queries from ONAP components to the external world. +The Designate DNS will then forward those queries to the external DNS. + +**DCAE Parameters** + +DCAE spins up ONAP's data collection and analytics system in two phases. + +The first is the launching of a bootstrap VM that is specified in the ONAP Heat template, as described above. This VM requires a number of deployment-specific configuration parameters being provided so that it can subsequently bring up the DCAE system. + +There are two groups of parameters. + +The first group relates to the launching of DCAE VMs, including parameters such as the keystone URL and additional VM image IDs/names. +Hence these parameters need to be provided to DCAE. +Note that although DCAE VMs will be launched in the same tenant as the rest of ONAP, because DCAE may use MultiCloud node as the agent for interfacing with the underlying cloud, it needs a separate keystone URL (which points to MultiCloud node instead of the underlying cloud). + +The second group of configuration parameters relate to DNS As A Service support (DNSaaS). +DCAE requires DNSaaS for registering its VMs into organization-wide DNS service. +For OpenStack, DNSaaS is provided by Designate, as mentioned above. +Designate support can be provided via an integrated service endpoint listed under the service catalog of the OpenStack installation; or proxyed by the ONAP MultiCloud service. +For the latter case, a number of parameters are needed to configure MultiCloud to use the correct Designate service. + +These parameters are described below: + +:: + + dcae_keystone_url: PUT THE MULTIVIM PROVIDED KEYSTONE API URL HERE + dcae_centos_7_image: PUT THE CENTOS7 VM IMAGE NAME HERE FOR DCAE LAUNCHED CENTOS7 VM + dcae_domain: PUT THE NAME OF DOMAIN THAT DCAE VMS REGISTER UNDER + dcae_public_key: PUT THE PUBLIC KEY OF A KEYPAIR HERE TO BE USED BETWEEN DCAE LAUNCHED VMS + dcae_private_key: PUT THE SECRET KEY OF A KEYPAIR HERE TO BE USED BETWEEN DCAE LAUNCHED VMS + + dnsaas_config_enabled: PUT WHETHER TO USE PROXYED DESIGNATE + dnsaas_region: PUT THE DESIGNATE PROVIDING OPENSTACK'S REGION HERE + dnsaas_keystone_url: PUT THE DESIGNATE PROVIDING OPENSTACK'S KEYSTONE URL HERE + dnsaas_tenant_name: PUT THE TENANT NAME IN THE DESIGNATE PROVIDING OPENSTACK HERE (FOR R1 USE THE SAME AS openstack_tenant_name) + dnsaas_username: PUT THE DESIGNATE PROVIDING OPENSTACK'S USERNAME HERE + dnsaas_password: PUT THE DESIGNATE PROVIDING OPENSTACK'S PASSWORD HERE + Instantiation ------------- -- To deploy ONAP, use the Heat template and follow the described guidelines in `Integration project `_ -- The Heat template deployment may take time (up to one hour) depending on your hardware environment. +The ONAP platform can be instantiated via Horizon (OpenStack dashboard) +or Command Line. + +**Instantiation via Horizon:** + +- Login to Horizon URL with your personal credentials +- Click "Stacks" from the "Orchestration" menu +- Click "Launch Stack" +- Paste or manually upload the HEAT template file (onap_openstack.yaml) in the "Template Source" form +- Paste or manually upload the HEAT environment file (onap_openstack.env) in the "Environment Source" form +- Click "Next" - Specify a name in the "Stack Name" form +- Provide the password in the "Password" form +- Click "Launch" + +**Instantiation via Command Line:** + +- Install the HEAT client on your machine, e.g. in Ubuntu (ref. http://docs.openstack.org/user-guide/common/cli-install-openstack-command-line-clients.html): + +:: + + apt-get install python-dev python-pip + pip install python-heatclient # Install heat client + pip install python-openstackclient # Install the Openstack client to support multiple services + +- Create a file (named i.e. ~/openstack/openrc) that sets all the + environmental variables required to access Rackspace: + +:: + + export OS_AUTH_URL=INSERT THE AUTH URL HERE + export OS_USERNAME=INSERT YOUR USERNAME HERE + export OS_TENANT_ID=INSERT YOUR TENANT ID HERE + export OS_REGION_NAME=INSERT THE REGION HERE + export OS_PASSWORD=INSERT YOUR PASSWORD HERE + +- Run the script from command line: + +:: + + source ~/openstack/openrc + +- In order to install the ONAP platform, type: + +:: + + heat stack-create STACK_NAME -f PATH_TO_HEAT_TEMPLATE(YAML FILE) -e PATH_TO_ENV_FILE # Old HEAT client, OR + openstack stack create -t PATH_TO_HEAT_TEMPLATE(YAML FILE) -e PATH_TO_ENV_FILE STACK_NAME # New Openstack client + + +.. Note The Heat template deployment may take time (up to one hour) depending on your hardware environment. + Test the installation --------------------- @@ -143,7 +383,7 @@ Run the following command to perform the HealthCheck: docker exec -it openecompete_container /var/opt/OpenECOMP_ETE/runTags.sh -i health h -d ./html -V /share/config/integration_robot_properties.py -V /share/config/integration_preload_parameters.py -V /share/config/vm_properties.py -This testsuite will execute 31 tests towards the various ONAP components. +This testsuite will execute 30 tests towards the various ONAP components. Detect problems --------------- @@ -160,7 +400,6 @@ The list of containers are described in the following section. In case some cont sudo docker ps -a sudo docker logs - **Portal configuration** ======================== The current ONAP installation is using the *onap.org* domain. @@ -202,26 +441,14 @@ Go to the `Portal component user guide `_ - - `SDC http://onap.readthedocs.io/en/latest/submodules/sdc.git/docs/index.html>`_ + - `SDC `_ - `UI Use-Case `_ **Components** ============== -The following table presents the list of containers for every Virtual Machine - - .. csv-table:: - :header: Virtual Machine, Container, Description - :widths: 15, 20, 20 - - onap-appc,sdnc_dgbuilder_container - ,appc_controller_container - ,sdnc_db_container - -TODO: list all the containers - -TODO: update the deployment figure available on the wiki ? +The list of various services and ports used can be found on the `ONAP wiki `_ .. This work is licensed under a Creative Commons Attribution 4.0 International License. http://creativecommons.org/licenses/by/4.0 diff --git a/docs/guides/onap-developer/settingup/install-designate.rst b/docs/guides/onap-developer/settingup/install-designate.rst index f24443528..09576966f 100644 --- a/docs/guides/onap-developer/settingup/install-designate.rst +++ b/docs/guides/onap-developer/settingup/install-designate.rst @@ -16,26 +16,32 @@ **Designate Overview** ====================== Designate is a *DNS as a Service* components. It allows API based interaction with a DNS server. + This DNS server can be any *well configured* DNS server. + Designate allows to create **any** entries in the DNS and thus has to be used wisely (see `Designate Production Guidelines ` to have a complete explanation). + In order to be valuable, Designate must be plugged with a DNS Server that will be used: -- your global (pool of) DNS Server(s). Every entries put by Designate will be seen by everybody. It may then be very dangerous. -- a specific (pool of) DNS Server(s) for your openstack deployment. DNS resolution will work only for your VM. **This is the one that has been tested**. -- a specific (pool of) DNS Server(s) for an openstack tenant. Not a lot of doc is available for that so this part won't be explained here. + + - your global (pool of) DNS Server(s). Every entries put by Designate will be seen by everybody. It may then be very dangerous. + - a specific (pool of) DNS Server(s) for your openstack deployment. DNS resolution will work only for your VM. **This is the one that has been tested**. + - a specific (pool of) DNS Server(s) for an openstack tenant. Not a lot of doc is available for that so this part won't be explained here. **Designate usage in ONAP** =========================== Currently, only DCAE Gen2 deployment needs designate to work. + DCAE deployment use cloudify with openstack plugin to start the needed VM for DCAE. In particular, Designate is used to give the IP address of consul server. Thus, the others VMs needs to access the DNS server where Designate push records. + In order to do that, we'll have to deploy DNS Server(s), configure them to accept dns updates and configure our networks to point to this DNS. This Fow-To will use bind but you can change to any of the `proposed backends `. -Limitations with heat automated deployment +Limitations with Heat automated deployment ------------------------------------------ -The current design of HEAT installer installs DCAE needed VM into the same tenant of the same openstack of the other ONAP components. Thus, this openstack tenant must support Designate. +The current design of Heat installer installs DCAE needed VM into the same tenant of the same openstack of the other ONAP components. Thus, this openstack tenant must support Designate. -Limitations with kubernetes automated deployment +Limitations with Kubernetes automated deployment ------------------------------------------------ The current design of kubernetes deployment installs DCAE into any openstack instances in any tenant. It stills mandate designate on the tenant. @@ -49,5 +55,5 @@ Few steps have to be performed. The detail of each steps are in `the config guid 3. Configure Designate in openstack 4. Create a pool pointing to your nameserver -Now, when starting the HEAT Deployment, use this nameserver. When the stack heat has started, retrieve the random string (XXX in the example) and create the zone XXX.yourdomain (yourdomain is what you have filled in `dcae_domain` in onap_openstack.env). -For OOM, use the DNS on the container host so it can give it to the relevant VM +Now, when starting the Heat Deployment, use this nameserver. When the stack heat has started, retrieve the random string (XXX in the example) and create the zone XXX.yourdomain (yourdomain is what you have filled in `dcae_domain` in onap_openstack.env). +For OOM, use the DNS on the container host so it can give it to the relevant VM. -- cgit 1.2.3-korg