1 files changed, 345 insertions, 0 deletions

diff --git a/bootstrap/vagrant-minimal-onap/Vagrantfile b/bootstrap/vagrant-minimal-onap/Vagrantfile
new file mode 100644
index 000000000..e0ddafd9d
--- /dev/null
+++ b/bootstrap/vagrant-minimal-onap/Vagrantfile
@@ -0,0 +1,345 @@
+# -*- mode: ruby -*-
+# -*- coding: utf-8 -*-
+
+host_ip = "192.168.121.1"
+operator_key = "${HOME}/.ssh/onap-key"
+vagrant_user = "vagrant"
+vagrant_password = "vagrant"
+synced_folder_main = "/vagrant"
+synced_folder_config = "#{synced_folder_main}/config"
+synced_folder_tools_config = "#{synced_folder_main}/tools/config"
+os_config = "#{synced_folder_config}/local.conf"
+os_env = "#{synced_folder_config}/dot_env"
+cluster_yml = "cluster.yml"
+apt_prefs_dir = "/etc/apt/apt.conf.d"
+apt_prefs = "95silent-approval"
+helm_timeout = "1800"
+helm_master_password = "vagrant"
+
+vm_memory = 1 * 1024
+vm_memory_os = 4 * 1024
+vm_memory_onap = 64 * 1024
+vm_cpu = 1
+vm_cpus = 8
+vm_box = "generic/ubuntu1804"
+vm_box_op = "generic/ubuntu2004"
+vm_disk = 32
+vm_disk_onap = 64
+vm_storage_pool = "default"
+
+operation = {
+  name: 'operator',
+  hostname: 'operator',
+  ip: '172.17.4.254',
+  box: vm_box_op,
+  cpus: vm_cpu,
+  memory: vm_memory,
+  disk: vm_disk,
+  pool: vm_storage_pool
+}
+devstack = {
+  name: 'devstack',
+  hostname: 'devstack',
+  ip: '172.17.4.200',
+  box: vm_box,
+  cpus: vm_cpu,
+  memory: vm_memory_os,
+  disk: vm_disk,
+  pool: vm_storage_pool
+}
+control = {
+  name: 'control',
+  hostname: 'control',
+  ip: '172.17.4.100',
+  box: vm_box,
+  cpus: vm_cpu,
+  memory: vm_memory,
+  disk: vm_disk,
+  pool: vm_storage_pool
+}
+worker = {
+  name: 'worker',
+  hostname: 'worker',
+  ip: '172.17.4.101',
+  box: vm_box,
+  cpus: vm_cpus,
+  memory: vm_memory_onap,
+  disk: vm_disk_onap,
+  pool: vm_storage_pool
+}
+
+cluster = [] << control << worker
+all = cluster.dup << operation << devstack
+
+operation_post_msg = "Run: \"vagrant provision #{operation[:name]} --provision-with=rke_up,setup_kubectl,setup_helm_cluster,setup_helm_repo,deploy_onap\" to complete ONAP deployment"
+
+$replace_dns = <<-SCRIPT
+  HOST_IP="$1"
+  rm -f /etc/resolv.conf # drop its dynamic management by systemd-resolved
+  echo nameserver "$HOST_IP" | tee /etc/resolv.conf
+SCRIPT
+
+$enable_ipv6 = <<-SCRIPT
+  sed -i'' 's/net.ipv6.conf.all.disable_ipv6.*$/net.ipv6.conf.all.disable_ipv6 = 0/' /etc/sysctl.conf
+  sysctl -p
+SCRIPT
+
+$setup_devstack = <<-SCRIPT
+  CONFIG="$1"
+  git clone https://opendev.org/openstack/devstack
+  cd devstack
+  cp "$CONFIG" .
+  ./stack.sh
+SCRIPT
+
+$add_to_docker_group = <<-SCRIPT
+  USER="$1"
+  echo "Adding ${USER} to 'docker' group"
+  usermod -aG docker "$USER"
+SCRIPT
+
+$setup_debconf = <<-SCRIPT
+  echo "Setting debconf frontend to noninteractive"
+  sed -i'.orig' '/^Config:/a Frontend: noninteractive' /etc/debconf.conf
+SCRIPT
+
+$install_sshpass = <<-SCRIPT
+  apt-get update
+  echo "Installing 'sshpass'"
+  apt-get install sshpass
+SCRIPT
+
+$install_make = <<-SCRIPT
+  apt-get update
+  echo "Installing 'make'"
+  apt-get install make
+SCRIPT
+
+$install_docker = <<-SCRIPT
+  apt-get update
+  echo "Setting up 'docker' repository"
+  apt-get install \
+    apt-transport-https \
+    ca-certificates \
+    curl \
+    gnupg-agent \
+    software-properties-common
+  curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
+  add-apt-repository \
+   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
+   $(lsb_release -cs) \
+   stable"
+  apt-get update
+
+  echo "Installing 'docker'"
+  apt-get install docker-ce docker-ce-cli containerd.io
+SCRIPT
+
+$resize_disk = <<-SCRIPT
+  DEV=${1:-vda}
+  PART=${2:-3}
+  echo ", +" | sfdisk -N "$PART" "/dev/$DEV" --no-reread
+  partprobe
+  resize2fs "/dev/${DEV}${PART}"
+SCRIPT
+
+$generate_key = <<-SCRIPT
+  KEY_FILE="$1"
+  echo "Generating SSH key (${KEY_FILE})"
+  ssh-keygen -q -b 4096 -t rsa -f "$KEY_FILE" -N ""
+SCRIPT
+
+$deploy_key = <<-SCRIPT
+  KEY="$1"
+  USER="$2"
+  PASS="$PASSWORD"
+  IPS="$3"
+  echo "Deploying ${KEY} for ${USER}"
+  for ip in $IPS; do
+    echo "on ${ip}"
+    sshpass -p "$PASS" ssh-copy-id -o StrictHostKeyChecking=no -i "$KEY" "${USER}@${ip}"
+  done
+SCRIPT
+
+$link_dotfiles = <<-SCRIPT
+  SYNC_DIR="$1"
+  for rc in ${SYNC_DIR}/dot_*; do
+    src="$rc"
+    dst="${HOME}/.${rc##*dot_}"
+    echo "Symlinking ${src} to ${dst}"
+    ln -sf "$src" "$dst"
+  done
+SCRIPT
+
+$link_file = <<-SCRIPT
+  SYNC_DIR="$1"
+  FILE="$2"
+  src="${SYNC_DIR}/${FILE}"
+  dst="$3"
+  echo "Symlinking ${src} to ${dst}"
+  ln -sf "$src" "$dst"
+SCRIPT
+
+$rke_up = "rke up"
+$rke_down = "rke remove --force || true" # best effort
+
+$get_oom = <<-SCRIPT
+  BRANCH="${1:-7.0.0-ONAP}"
+  REPO="${2:-https://git.onap.org/oom}"
+  git clone -b "$BRANCH" "$REPO" --recurse-submodules
+SCRIPT
+
+$get_helm_plugins = "mkdir -p ${HOME}/.helm && cp -R ${HOME}/oom/kubernetes/helm/plugins/ ${HOME}/.helm"
+
+$setup_helm_cluster = <<-SCRIPT
+  export KUBECONFIG="${HOME}/.kube/config.onap"
+  kubectl config use-context onap
+  kubectl -n kube-system create serviceaccount tiller
+  kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
+  helm init --stable-repo-url https://charts.helm.sh/stable --service-account tiller
+  kubectl -n kube-system rollout status deploy/tiller-deploy
+SCRIPT
+
+# FIXME: replace sleep command with helm repo readiness probe
+$setup_helm_repo = <<-SCRIPT
+  helm serve &
+  sleep 3
+  helm repo add local http://127.0.0.1:8879
+  make -e SKIP_LINT=TRUE -C ${HOME}/oom/kubernetes all
+SCRIPT
+
+$deploy_onap = <<-SCRIPT
+  OVERRIDE="${1:-${HOME}/oom/kubernetes/onap/resources/environments/core-onap.yaml}"
+
+  ENV="${2:-#{os_env}}"
+  export $(cat "$ENV" | xargs)
+
+  TIMEOUT="${3:-#{helm_timeout}}"
+  MASTER_PASSWORD="${4:-#{helm_master_password}}"
+
+  encrypt () {
+    KEY="${HOME}/oom/kubernetes/so/resources/config/mso/encryption.key"
+    echo -n "$1" \
+    | openssl aes-128-ecb -e -K `cat "$KEY"` -nosalt \
+    | xxd -c 256 -p
+  }
+
+  export OPENSTACK_ENCRYPTED_PASSWORD="$(encrypt $OPENSTACK_PASSWORD)"
+
+  export KUBECONFIG="${HOME}/.kube/config.onap"
+
+  helm deploy core local/onap --verbose \
+    --set global.masterPassword="$MASTER_PASSWORD" \
+    --namespace onap --timeout "$TIMEOUT" -f "$OVERRIDE"
+SCRIPT
+
+Vagrant.configure('2') do |config|
+  all.each do |machine|
+    config.vm.define machine[:name] do |config|
+      config.vm.box = machine[:box]
+      config.vm.hostname = machine[:hostname]
+
+      config.vm.provider :virtualbox do |v|
+        v.name = machine[:name]
+        v.memory = machine[:memory]
+        v.cpus = machine[:cpus]
+      end
+
+      config.vm.provider :libvirt do |v|
+        v.memory = machine[:memory]
+        v.cpus = machine[:cpus]
+        v.machine_virtual_size = machine[:disk] # set at VM creation
+        v.storage_pool_name = machine[:pool]
+      end
+
+      config.vm.network :private_network, ip: machine[:ip]
+      config.vm.provision "replace_dns", type: :shell, run: "always", inline: $replace_dns, args: host_ip
+
+      if machine[:name] == 'devstack'
+        config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: "Vagrantfile"
+
+        config.vm.provision "enable_ipv6", type: :shell, run: "always", inline: $enable_ipv6
+        config.vm.provision "setup_devstack", type: :shell, privileged: false, inline: $setup_devstack, args: os_config
+      end
+
+      if machine[:name] == 'control'
+        config.vm.provision "customize_control", type: :shell, path: "tools/imported/openstack-k8s-controlnode.sh"
+        config.vm.provision "fix_groups_control", type: :shell, inline: $add_to_docker_group, args: vagrant_user
+      end
+
+      if machine[:name] == 'worker'
+        config.vm.provision "customize_worker", type: :shell, path: "tools/imported/openstack-k8s-workernode.sh"
+        config.vm.provision "fix_groups_worker", type: :shell, inline: $add_to_docker_group, args: vagrant_user
+        config.vm.provision "resize_disk", type: :shell, inline: $resize_disk
+      end
+
+      if machine[:name] == 'operator'
+        config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: ["Vagrantfile", "operator"]
+        config.vm.synced_folder "~/.ssh", "/home/#{vagrant_user}/.ssh", type: "rsync", rsync__exclude: "authorized_keys"
+        config.vm.synced_folder "./operator", "/home/#{vagrant_user}", type: "sshfs", reverse: true, sshfs_opts_append: "-o nonempty"
+
+        config.vm.provision "setup_debconf", type: :shell, inline: $setup_debconf
+        config.vm.provision "link_apt_prefs", type: :shell, run: "always" do |s|
+          s.inline = $link_file
+          s.args = [synced_folder_tools_config, apt_prefs, apt_prefs_dir]
+        end
+        config.vm.provision "link_dotfiles_root", type: :shell, run: "always" do |s|
+          s.inline = $link_dotfiles
+          s.args = synced_folder_tools_config
+        end
+        config.vm.provision "link_dotfiles_user", type: :shell, run: "always" do |s|
+          s.privileged = false
+          s.inline = $link_dotfiles
+          s.args = synced_folder_tools_config
+        end
+
+        config.vm.provision "install_docker", type: :shell, inline: $install_docker
+        config.vm.provision "fix_groups_operator", type: :shell, inline: $add_to_docker_group, args: vagrant_user
+        config.vm.provision "install_sshpass", type: :shell, inline: $install_sshpass
+        config.vm.provision "generate_key", type: :shell, privileged: false, inline: $generate_key, args: operator_key
+
+        ips = ""
+        cluster.each { |node| ips << node[:ip] << " " }
+        config.vm.provision "deploy_key", type: :shell do |s|
+          s.privileged = false
+          s.inline = $deploy_key
+          s.args = [operator_key, vagrant_user, ips]
+          s.env = {'PASSWORD': vagrant_password}
+        end
+
+        config.vm.provision "get_rke", type: :shell, path: "tools/get_rke.sh"
+        config.vm.provision "link_cluster_yml", type: :shell, run: "always" do |s|
+          s.privileged = false
+          s.inline = $link_file
+          s.args = [synced_folder_config, cluster_yml, "$HOME"]
+        end
+
+        config.vm.post_up_message = operation_post_msg
+        config.vm.provision "rke_up", type: :shell, run: "never", privileged: false, inline: $rke_up
+        config.trigger.before :destroy do |trigger|
+          trigger.warn = "Removing cluster"
+          trigger.run_remote = {privileged: false, inline: $rke_down}
+        end
+
+        config.vm.provision "get_kubectl", type: :shell, path: "tools/get_kubectl.sh"
+        config.vm.provision "setup_kubectl", type: :shell, run: "never" do |s|
+          s.privileged = false
+          s.path = "tools/setup_kubectl.sh"
+        end
+        config.vm.provision "get_helm", type: :shell, path: "tools/get_helm.sh"
+        config.vm.provision "get_oom", type: :shell do |s|
+          s.privileged = false
+          s.inline = $get_oom
+        end
+        config.vm.provision "get_helm_plugins", type: :shell, privileged: false, inline: $get_helm_plugins
+        config.vm.provision "install_make", type: :shell, inline: $install_make
+        config.vm.provision "setup_helm_cluster", type: :shell, run: "never", privileged: false, inline: $setup_helm_cluster
+        config.vm.provision "setup_helm_repo", type: :shell, run: "never", privileged: false, inline: $setup_helm_repo
+        config.vm.provision "deploy_onap", type: :shell, run: "never" do |s|
+          s.privileged = false
+          s.inline = $deploy_onap
+        end
+      end
+    end
+  end
+end