diff options
Diffstat (limited to 'deployment/aks/util')
-rwxr-xr-x | deployment/aks/util/create_integration_override.sh | 75 | ||||
-rwxr-xr-x | deployment/aks/util/create_openstack_cli.sh | 61 | ||||
-rwxr-xr-x | deployment/aks/util/create_robot_config.sh | 80 | ||||
-rw-r--r-- | deployment/aks/util/integration_override.template | 39 |
4 files changed, 255 insertions, 0 deletions
diff --git a/deployment/aks/util/create_integration_override.sh b/deployment/aks/util/create_integration_override.sh new file mode 100755 index 000000000..15d853918 --- /dev/null +++ b/deployment/aks/util/create_integration_override.sh @@ -0,0 +1,75 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" + +BUILD_DIR=$1 +OPENSTACK_CLI_POD=$2 +OPENSTACK_RC=$3 +DOCKER_REPOSITORY=$4 +NFS_IP_ADDR=$5 +K8S_01_VM_IP=$6 +KUBECONFIG=$7 + +. $OPENSTACK_RC + +export KUBECONFIG=$KUBECONFIG + +git clone https://gerrit.onap.org/r/integration "$BUILD_DIR/integration" + +echo "" +echo "Looping until openstack is ready." +echo "This can take a bit of time, and you might see errors initially if openstack is still launching." +echo "" +echo "" +# Need to wait until openstack is up and running +COUNTER=0 +kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack token issue" +until [ $? -eq 0 ] || [ $COUNTER -gt 60 ]; do +COUNTER=$((COUNTER +1)) +sleep 60 +echo "issuing auth token to openstack to verify openstack cli is up and running." +kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack token issue" +done + +if [ $? -ne 0 ]; then + echo "Unable to communicate with openstack to create the integration-override.yaml file" + exit 1 +fi + +OS_PUBLIC_NETWORK_ID=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack network show public -c id -f value"` +OS_OAM_NETWORK_ID=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack network show private -c id -f value"` +OS_OAM_NETWORK_SUBNET_ID=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack subnet show private-subnet -c id -f value"` +OS_SEC_GROUP=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack security group list --project $OS_PROJECT_NAME -c ID -f value"` +OS_OAM_NETWORK_CIDR=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack subnet show public-subnet -c cidr -f value"` +OS_OAM_NETWORK_PREFIX=`echo $OS_OAM_NETWORK_CIDR | cut -d '.' -f1-2` + +echo "export OS_PUBLIC_NETWORK_ID=$OS_PUBLIC_NETWORK_ID" > "$BUILD_DIR/openstack_params.conf" +echo "export DOCKER_REPOSITORY=$DOCKER_REPOSITORY" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_OAM_NETWORK_ID=$OS_OAM_NETWORK_ID" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_OAM_NETWORK_SUBNET_ID=$OS_OAM_NETWORK_SUBNET_ID" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_OAM_NETWORK_PREFIX=$OS_OAM_NETWORK_PREFIX" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_SEC_GROUP=$OS_SEC_GROUP" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_UBUNTU_14_IMAGE=trusty-server-cloudimg-amd64-disk1" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_UBUNTU_16_IMAGE=xenial-server-cloudimg-amd64-disk1" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_OAM_NETWORK_CIDR=$OS_OAM_NETWORK_CIDR" >> "$BUILD_DIR/openstack_params.conf" +echo "export NFS_IP_ADDR=$NFS_IP_ADDR" >> "$BUILD_DIR/openstack_params.conf" +echo "export K8S_01_VM_IP=$K8S_01_VM_IP" >> "$BUILD_DIR/openstack_params.conf" + +OS_PROJECT_ID=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack project show $OS_PROJECT_NAME -c id -f value"` + +echo "export OS_PROJECT_ID=$OS_PROJECT_ID" >> "$OPENSTACK_RC" + +$DIR/create_robot_config.sh "$OPENSTACK_RC" "$BUILD_DIR/openstack_params.conf" "$BUILD_DIR" "$DIR/integration_override.template" diff --git a/deployment/aks/util/create_openstack_cli.sh b/deployment/aks/util/create_openstack_cli.sh new file mode 100755 index 000000000..01ae88673 --- /dev/null +++ b/deployment/aks/util/create_openstack_cli.sh @@ -0,0 +1,61 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set +e + +KUBECONFIG=$1 +OPENSTACK_RC=$2 +CLI_NAME=$3 + +export KUBECONFIG=$KUBECONFIG + +kubectl create configmap openstack-rc-$CLI_NAME --from-file=$OPENSTACK_RC + +cat <<EOF | kubectl create -f - +apiVersion: v1 +kind: Pod +metadata: + name: $CLI_NAME +spec: + containers: + - name: openstack-cli + image: alpine + volumeMounts: + - name: openstack-rc-$CLI_NAME + mountPath: /openstack + command: ["/bin/sh"] + args: + - -c + - apk update && \ + apk add python && \ + apk add py-pip && \ + apk add python-dev && \ + apk add gcc && \ + apk add musl-dev && \ + apk add libffi-dev && \ + apk add openssl-dev && \ + pip install python-openstackclient && \ + sh -c 'echo ". /openstack/openstack_rc" >> /root/.profile; while true; do sleep 60; done;' + restartPolicy: Never + volumes: + - name: openstack-rc-$CLI_NAME + configMap: + name: openstack-rc-$CLI_NAME + defaultMode: 0755 +EOF + +# TODO +# Add better check for pod readiness +sleep 120 diff --git a/deployment/aks/util/create_robot_config.sh b/deployment/aks/util/create_robot_config.sh new file mode 100755 index 000000000..dea67b858 --- /dev/null +++ b/deployment/aks/util/create_robot_config.sh @@ -0,0 +1,80 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +OPENSTACK_RC=$1 +OPENSTACK_PARAM=$2 +BUILD_DIR=$3 +INTEGRATION_TEMPLATE=$4 + +if [ "$OPENSTACK_RC" == "" ] + then + echo "No OPENSTACK_RC file" + echo "Usage: create-robot-config.sh <openstack.rc> <openstack_env_param>" + exit +fi +if [ "$OPENSTACK_PARAM" == "" ] + then + echo "No OPENSTACK_PARAM" + echo "Usage: create-robot-config.sh <openstack.rc> <openstack_env_param>" + exit +fi + +source $OPENSTACK_RC +source $OPENSTACK_PARAM + +env + +SO_ENCRYPTION_KEY=aa3871669d893c7fb8abbcda31b88b4f +export OS_PASSWORD_ENCRYPTED_FOR_ROBOT=$(echo -n "$OS_PASSWORD" | openssl aes-128-ecb -e -K "$SO_ENCRYPTION_KEY" -nosalt | xxd -c 256 -p) + +#Use new encryption method +pushd . + +cd $BUILD_DIR/integration/deployment/heat/onap-rke/scripts +javac Crypto.java +SO_ENCRYPTION_KEY=aa3871669d893c7fb8abbcda31b88b4f +export OS_PASSWORD_ENCRYPTED=$(java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY") + +cp $INTEGRATION_TEMPLATE ./integration-override.yaml +template="integration-override.yaml" +sed -ir -e "s/\${OS_PASSWORD_ENCRYPTED_FOR_ROBOT}/$OS_PASSWORD_ENCRYPTED_FOR_ROBOT/" $template +sed -ir -e "s/\${OS_PASSWORD_ENCRYPTED}/$OS_PASSWORD_ENCRYPTED/" $template + +sed -ir -e "s/\${OS_PROJECT_ID}/$OS_PROJECT_ID/" $template +sed -ir -e "s/\${OS_USERNAME}/$OS_USERNAME/" $template +sed -ir -e "s/\${OS_USER_DOMAIN_NAME}/$OS_USER_DOMAIN_NAME/" $template +sed -ir -e "s/\${OS_PROJECT_NAME}/$OS_PROJECT_NAME/" $template +sed -ir -e "s/\${OS_USERNAME}/$OS_USERNAME/" $template +sed -ir -e "s~\${OS_AUTH_URL}~$OS_AUTH_URL~" $template + + +sed -ir -e "s/__docker_proxy__/$DOCKER_REPOSITORY/" $template +sed -ir -e "s/__public_net_id__/$OS_PUBLIC_NETWORK_ID/" $template +sed -ir -e "s~__oam_network_cidr__~$OS_OAM_NETWORK_CIDR~" $template +sed -ir -e "s/__oam_network_prefix__/$OS_OAM_NETWORK_PREFIX/" $template +sed -ir -e "s/__oam_network_id__/$OS_OAM_NETWORK_ID/" $template +sed -ir -e "s/__oam_subnet_id__/$OS_OAM_NETWORK_SUBNET_ID/" $template +sed -ir -e "s/__sec_group__/$OS_SEC_GROUP/" $template + +sed -ir -e "s/\${OS_UBUNTU_14_IMAGE}/$OS_UBUNTU_14_IMAGE/" $template +sed -ir -e "s/\${OS_UBUNTU_16_IMAGE}/$OS_UBUNTU_16_IMAGE/" $template + +sed -ir -e "s/__nfs_ip_addr__/$NFS_IP_ADDR/" $template +sed -ir -e "s/__k8s_01_vm_ip__/$K8S_01_VM_IP/" $template + +cat $template +cp $template $BUILD_DIR/$template + +popd diff --git a/deployment/aks/util/integration_override.template b/deployment/aks/util/integration_override.template new file mode 100644 index 000000000..5f24824a3 --- /dev/null +++ b/deployment/aks/util/integration_override.template @@ -0,0 +1,39 @@ +global: + repository: __docker_proxy__ + pullPolicy: IfNotPresent +robot: + enabled: true + flavor: large + appcUsername: "appc@appc.onap.org" + appcPassword: "demo123456!" + openStackKeyStoneUrl: "${OS_AUTH_URL}" + openStackKeystoneAPIVersion: "v3" + openStackPublicNetId: "__public_net_id__" + openStackTenantId: "${OS_PROJECT_ID}" + openStackUserName: "${OS_USERNAME}" + openStackUserDomain: "${OS_USER_DOMAIN_NAME}" + openStackProjectName: "${OS_PROJECT_NAME}" + ubuntu14Image: "${OS_UBUNTU_14_IMAGE}" + ubuntu16Image: "${OS_UBUNTU_16_IMAGE}" + openStackPrivateNetCidr: "__oam_network_cidr__" + openStackPrivateNetId: "__oam_network_id__" + openStackPrivateSubnetId: "__oam_subnet_id__" + openStackSecurityGroup: "__sec_group__" + openStackOamNetworkCidrPrefix: "__oam_network_prefix__" + dcaeCollectorIp: "__k8s_01_vm_ip__" + vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh" + demoArtifactsVersion: "1.4.0" + demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" + scriptVersion: "1.4.0" + nfsIpAddress: "__nfs_ip_addr__" + config: + openStackEncryptedPasswordHere: "${OS_PASSWORD_ENCRYPTED_FOR_ROBOT}" + openStackSoEncryptedPassword: "${OS_PASSWORD_ENCRYPTED}" +so: + enabled: true + so-catalog-db-adapter: + config: + openStackUserName: "${OS_USERNAME}" + openStackKeyStoneUrl: "${OS_AUTH_URL}/v3" + openStackEncryptedPasswordHere: "${OS_PASSWORD_ENCRYPTED}" + openStackTenantId: "${OS_PROJECT_ID}" |