From 6754bc1b77065026d499a76d203d12257d33a113 Mon Sep 17 00:00:00 2001 From: "stark, steven" Date: Thu, 19 Sep 2019 15:43:00 -0700 Subject: [INT] Adding deployments scripts for ONAP on AKS Patch 2 - updating readme and removing dash character from BUILD parameter Patch 3 - updating image url to amd instead of arm, fixing NFS os disk parameter Issue-ID: INT-1270 Signed-off-by: stark, steven Change-Id: I1d8824b3c098855c9094e27fad8c820e4df42677 --- deployment/aks/README.md | 324 ++++++++++++++++ deployment/aks/bootstrap_onap.sh | 91 +++++ deployment/aks/cloud.conf | 85 +++++ deployment/aks/cloud.conf.example | 85 +++++ deployment/aks/cloud.sh | 424 +++++++++++++++++++++ deployment/aks/configure_nfs_pod.sh | 70 ++++ deployment/aks/create_aks.sh | 238 ++++++++++++ deployment/aks/create_devstack.sh | 367 ++++++++++++++++++ deployment/aks/create_nfs.sh | 237 ++++++++++++ deployment/aks/create_onap.sh | 110 ++++++ deployment/aks/create_peering.sh | 28 ++ deployment/aks/create_public_ip.sh | 28 ++ deployment/aks/create_resource_group.sh | 21 + deployment/aks/create_route.sh | 30 ++ deployment/aks/create_sg_rule.sh | 36 ++ deployment/aks/post-install/bootstrap.sh | 176 +++++++++ deployment/aks/post-install/create_az.sh | 42 ++ deployment/aks/post-install/create_clli.sh | 59 +++ deployment/aks/post-install/create_cloud_region.sh | 75 ++++ .../create_cloud_region_relationship.sh | 46 +++ .../create_cloud_region_subscriber_relationship.sh | 62 +++ deployment/aks/post-install/create_cloud_site.sh | 50 +++ deployment/aks/post-install/create_customer.sh | 43 +++ deployment/aks/post-install/create_lob.sh | 34 ++ .../aks/post-install/create_owning_entity.sh | 34 ++ deployment/aks/post-install/create_platform.sh | 34 ++ deployment/aks/post-install/create_project.sh | 34 ++ deployment/aks/post-install/create_service_type.sh | 42 ++ deployment/aks/post-install/create_subscription.sh | 65 ++++ deployment/aks/util/create_integration_override.sh | 75 ++++ deployment/aks/util/create_openstack_cli.sh | 61 +++ deployment/aks/util/create_robot_config.sh | 80 ++++ deployment/aks/util/integration_override.template | 39 ++ 33 files changed, 3225 insertions(+) create mode 100644 deployment/aks/README.md create mode 100755 deployment/aks/bootstrap_onap.sh create mode 100644 deployment/aks/cloud.conf create mode 100644 deployment/aks/cloud.conf.example create mode 100755 deployment/aks/cloud.sh create mode 100755 deployment/aks/configure_nfs_pod.sh create mode 100755 deployment/aks/create_aks.sh create mode 100755 deployment/aks/create_devstack.sh create mode 100755 deployment/aks/create_nfs.sh create mode 100755 deployment/aks/create_onap.sh create mode 100755 deployment/aks/create_peering.sh create mode 100755 deployment/aks/create_public_ip.sh create mode 100755 deployment/aks/create_resource_group.sh create mode 100755 deployment/aks/create_route.sh create mode 100755 deployment/aks/create_sg_rule.sh create mode 100755 deployment/aks/post-install/bootstrap.sh create mode 100755 deployment/aks/post-install/create_az.sh create mode 100755 deployment/aks/post-install/create_clli.sh create mode 100755 deployment/aks/post-install/create_cloud_region.sh create mode 100755 deployment/aks/post-install/create_cloud_region_relationship.sh create mode 100755 deployment/aks/post-install/create_cloud_region_subscriber_relationship.sh create mode 100755 deployment/aks/post-install/create_cloud_site.sh create mode 100755 deployment/aks/post-install/create_customer.sh create mode 100755 deployment/aks/post-install/create_lob.sh create mode 100755 deployment/aks/post-install/create_owning_entity.sh create mode 100755 deployment/aks/post-install/create_platform.sh create mode 100755 deployment/aks/post-install/create_project.sh create mode 100755 deployment/aks/post-install/create_service_type.sh create mode 100755 deployment/aks/post-install/create_subscription.sh create mode 100755 deployment/aks/util/create_integration_override.sh create mode 100755 deployment/aks/util/create_openstack_cli.sh create mode 100755 deployment/aks/util/create_robot_config.sh create mode 100644 deployment/aks/util/integration_override.template diff --git a/deployment/aks/README.md b/deployment/aks/README.md new file mode 100644 index 000000000..4eb37cbc3 --- /dev/null +++ b/deployment/aks/README.md @@ -0,0 +1,324 @@ +# ONAP on AKS + +## License + +Copyright 2019 AT&T Intellectual Property. All rights reserved. + +This file is licensed under the CREATIVE COMMONS ATTRIBUTION 4.0 INTERNATIONAL LICENSE + +Full license text at https://creativecommons.org/licenses/by/4.0/legalcode + + +## About + +ONAP on AKS will orchestrate an Azure Kubernetes Service (AKS) deployment, a DevStack deployment, an ONAP + NFS deployment, as well as configuration to link the Azure resources together. After ONAP is installed, a cloud region will also be added to ONAP with the new DevStack details that can be used to instantiate a VNF. + + +### Pre-Reqs + +The following software is required to be installed: + +- bash +- [helm](https://helm.sh/docs/using_helm/) +- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) +- [azure command line](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-apt?view=azure-cli-latest) +- make, openjdk-8-jdk, openjdk-8-jre (``apt-get update && apt-get install make openjdk-8-jre openjdk-8-jdk``) + +Check the [OOM Cloud Setup Guide](https://docs.onap.org/en/latest/submodules/oom.git/docs/oom_cloud_setup_guide.html#cloud-setup-guide-label) for the versions of kubectl and helm to use. + +After installing the above software, run ``az login`` and follow the instructions to finalize the azure command line installation. **You'll need to be either an owner or co-owner of the azure subscription, or some of the deployment steps may not complete successfully**. If you have multiple azure subscriptions, use ``az account set --subscription `` prior to running ``az login`` so that resources are deployed to the correct subscription. See [the azure docs](https://docs.microsoft.com/en-us/cli/azure/get-started-with-azure-cli?view=azure-cli-latest) for more details on using the azure command line. + + +### The following resources will be created in Azure + +- Kubernetes cluster via AKS (Azure Kubernetes Service) +- VM running NFS server application +- VM running latest DevStack version + + +## Usage + + +### cloud.sh + + +``cloud.sh`` is the main driver script, and deploys a Kubernetes Cluster (AKS), DevStack, NFS, and bootstraps ONAP with configuration needed to instantiate a VNF. The script creates ONAP in "about" an hour. + +``` + +$ ./cloud.sh --help +./cloud.sh [options] + + +options: +-f, --no-prompt executes with no prompt for confirmation +-n, --no-install don't install ONAP +-o, --override create integration override for robot configuration +-h, --help provide brief overview of script + +This script deploys a cloud environment in Azure. +It: +- Uses Azure Kubernetes Service (AKS) to bootstrap a kubernetes cluster. +- Creates a VM to be used as NFS storage. +- Creates a VM and installs DevStack, to be used with ONAP. +- Creates an openstack cli pod that can be used for cli access to devstack +- Creates an integration-override.yaml file to configure robot +- Launches ONAP onto the AKS Cluster via OOM. +- Configures Networking, SSH Access, and Security Group Rules + +``` + +#### Example + +``` +$ ./cloud.sh --override +``` + + +### cloud.conf + + +This file contains the parameters that will be used when executing ``cloud.sh``. The parameter ``BUILD`` will be generated at runtime. + +For an example with all of the parameters filled out, check [here](./cloud.conf.example). You can copy this and modify to suit your deployment. The parameters that MUST be modified from ``cloud.conf.example`` are ``USER_PUBLIC_IP_PREFIX`` and ``BUILD_DIR``. + +All other parameters will work out of the box, however you can also customize them to suit your own deployment. See below for a description of the available parameters and how they're used. + + +``` + +# The variable $BUILD will be generated dynamically when this file is sourced + +RANDOM_STRING=`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4` +BUILD= This is just a helper variable to create a random string to assign to various resources. Look at cloud.conf.example to see how it can be used. + +# GLOBAL PARAMS +LOCATION= Location in Azure to deploy resources +USER_PUBLIC_IP_PREFIX= Space delimited list of ip addresses/CIDR blocks that will be added to azure secuirty groups for access. Add the CIDR blocks to grant access for ssh, ONAP portal, and DevStack horizon access. +BUILD_DIR= /path/to/directory where build files, artifacts, and other files will be created. + +# AKS PARAMS +AKS_RESOURCE_GROUP_NAME= Name of resource group in azure that will be created for the AKS resource. Must not already exist. +AKS_NAME= Name of AKS resource. +AKS_K8_VERSION= Kubernetes version, use az aks get-versions --location to see available versions. +AKS_NODE_COUNT= Number of nodes that will comprise the AKS cluster. +AKS_NODE_SIZE= Flavor to use for AKS nodes. +AKS_VNET_NAME= Name of VNET that AKS nodes will attach to. +AKS_DNS_PREFIX= DNS prefix that will be used by kubernetes dns service. +AKS_POD_CIDR= CIDR used for pod ip allocation. +AKS_NODE_CIDR= CIDR used for node ip allocation. +AKS_SERVICE_CIDR= CIDR used for kubernetes service allocation. +AKS_DNS_IP= IP address to assign to kubernetes dns service. Should be from AKS_SERVICE_CIDR range. +AKS_ADMIN_USER= User name that will be created on AKS nodes. Use this user to ssh into AKS nodes if needed. + +# NFS PARAMS +NFS_NAME= Name of NFS VM created in Azure. +NFS_RG= Name of resource group that will be created in Azure for the NFS VM. Must not already exist. +NFS_VM_SIZE= Flavor to use for NFS VM. +NFS_LOCATION= Azure location to deploy NFS VM. +NFS_CIDR= CIDR for NFS VNET. +NFS_ADMIN_USER= User name that will be created on NFS VM. Use this to ssh to NFS VM if needed. +NFS_VNET_NAME= Name of VNET that NFS VM will attach to. +NFS_SUBNET_NAME= Name of SUBNET attached to NFS_VNET_NAME. +NFS_DISK_SIZE= Size of OS Disk for NFS VM. + +# DEVSTACK PARAMS +DEVSTACK_NAME= Name of DevStack VM created in Azure. +DEVSTACK_RG= Name of resource group that will be created in Azure for the DevStack VM. Must not already exist. +DEVSTACK_VM_SIZE= Flavor to use for DevStack VM. +DEVSTACK_LOCATION= Azure location to deploy DevStack VM. +DEVSTACK_CIDR= CIDR for DevStack VNET. +DEVSTACK_PRIVATE_IP= IP to allocate to DevStack VM. This should be from DEVSTACK_CIDR range, and will be used to communicate with DevStack from ONAP. +DEVSTACK_ADMIN_USER= User name that will be created on DevStack VM. Use this to ssh to DevStack VM if needed. +DEVSTACK_VNET_NAME= Name of VNET that DevStack VM will attach to. +DEVSTACK_SUBNET_NAME= Name of SUBNET attached to DEVSTACK_VNET_NAME. +DEVSTACK_DISK_SIZE= Size of OS Disk for DevStack VM. +OPENSTACK_USER= User name that will be added to OpenStack after devstack has finished installing. This is also the username that will be used to create a cloud site in ONAP SO. +OPENSTACK_PASS= Password to use for OPENSTACK_USER. +OPENSTACK_TENANT= Tenant name that will be added to OpenStack after devstack has finished installing. This is also the username that will be used to create a cloud site in ONAP SO. +OPENSTACK_REGION= Only allows RegionOne for now, future enhancements will be added to allow multi-region. +IMAGE_LIST= Space delimited list of image urls to add to DevStack. Not required. + +# ONAP PARAMS +CLLI= Name of CLLI to be created in AAI. +CLOUD_OWNER= Name of Cloud Owner to be created in AAI. +CLOUD_REGION= Name of Cloud Region to be created in AAI. +CUSTOMER= Name of Customer to be created in AAI. +SUBSCRIBER= Name of Subscriber to be created in AAI. +SERVICE_TYPE= Name of Service Type to be created in AAI. +AZ= Name of Availability Zone to be created in AAI. +OE= Name of Owning Entity to be created in VID. +LOB= Name of Line of Business to be created in VID. +PROJECT= Name of Project to be created in VID. +PLATFORM= Name of Platform to be created in VID. +OS_ID= Primary key to be used when adding cloud site to mariadb pod. +OS_TENANT_ROLE= Only supports admin for now. +OS_KEYSTONE= Use KEYSTONE_V3 for now. +OOM_BRANCH= Branch of OOM to clone and use to install ONAP. +CHART_VERSION= Version of charts to use for ONAP install. This is needed in case multiple versions of the onap helm charts are present on the machine being used for the install. +OOM_OVERRIDES= Command line overrides to use when running helm deploy. --set , etc... +DOCKER_REPOSITORY= Image repository url to pull ONAP images to use for installation. + +``` + +### Integration Override + +When you execute ``cloud.sh``, you have the option to create an ``integration-override.yaml`` file that will be used during ``helm deploy ...`` to install ONAP. This is done by passing the ``--override`` flag to cloud.sh. + +The template used to create the override file is ``./util/integration-override.template``, and is invoked by ``./util/create_robot_config.sh``. It's very possible this isn't complete or sufficient for how you'd like to customize your deployment. You can update the template file and/or the script to provide additional customization for your ONAP install. + + +### OOM Overrides + +In ``cloud.conf``, there's a parameter ``OOM_OVERRIDES`` available that's used to provide command line overrides to ``helm deploy``. This uses the standard helm syntax, so if you're using it the value should look like ``OOM_OVERRIDES="--set vid.enabled=false,so.image=abc"``. If you don't want to override anything, just set this value to an empty string. + + +## Post Deployment + +After ONAP and DevStack are deployed, there will be a ``deployment.notes`` file with instructions on how to access the various components. The ``BUILD_DIR`` specified in ``cloud.conf`` will contain a new ssh key, kubeconfig, and other deployment artifacts as well. + +All of the access information below will be in ``deployment.notes``. + + +### Kubernetes Access + +To access the Kubernetes dashboard: + +``az aks browse --resource-group $AKS_RESOURCE_GROUP_NAME --name $AKS_NAME`` + +To use kubectl: +``` + +export KUBECONFIG=$BUILD_DIR/kubeconfig +kubectl ... + +``` + +### Devstack Access + +To access Horizon: + +Find the public IP address via the Azure portal, and go to +``http://$DEVSTACK_PUBLIC_IP`` + +SSH access to DevStack node: + +``ssh -i $BUILD_DIR/id_rsa ${DEVSTACK_ADMIN_USER}@${DEVSTACK_PUBLIC_IP}`` + +OpenStack cli access: + +There's an openstack cli pod that's created in the default kubernetes default namespace. To use it, run: + +``kubectl exec $OPENSTACK_CLI_POD -- sh -lc ""`` + + +### NFS Access + +``ssh -i $BUILD_DIR/id_rsa ${NFS_ADMIN_USER}@${NFS_PUBLIC_IP}`` + + +## Deleting the deployment + +After deployment, there will be a script named ``$BUILD_DIR/clean.sh`` that can be used to delete the resource groups that were created during deployment. This script is not required; you can always just navigate to the Azure portal to delete the resource groups manually. + + +## Running the scripts separately + +Below are instructions for how to create DevStack, NFS, or AKS cluster separately if you don't want to create everything all at once. + +**NOTE: The configuration to link components together (network peering, route table modification, NFS setup, etc...) and the onap-bootstrap will not occur if you run the scripts separately** + + +### DevStack creation + +``` + +$ ./create_devstack.sh --help +./create_devstack.sh [options] + + +required: +--public-key public key to add for admin user [required] +--user-public-ip public ip that will be granted access to VM [required] +-l, --location location to deploy VM [required] +-u, --admin-user admin user to create on VM [required] + +additional options: +-f, --no-prompt executes with no prompt for confirmation +-h, --help provide brief overview of script +-n, --name VM name [optional] +-g, --resource-group provide brief overview of script [optional] +-s, --size Azure flavor size for VM [optional] +-c, --cidr cidr for VNET to create for VM [optional]. If provided, must also provide --devstack-private-ip from same range. +-d, --directory directory to store cloud config data [optional] +--vnet-name name of Vnet to create for VM [optional] +--image-list space delimited list of image urls that will be added to devstack [optional] +--devstack-private-ip private ip assigned to VM [optional]. If provided, this value must come from the CIDR range of VNET. +--devstack-subnet-name subnet name created on VNET [optional] +--devstack-disk-size size of OS disk to be allocated [optional] +--openstack-username default user name for openstack [optional] +--openstack-password default password for openstack [optional] +--openstack-tenant default tenant name for openstack [optional] + +``` + + +### NFS Creation + +``` + +$ ./create_nfs.sh --help +./create_nfs.sh [options] + + +required: +--public-key public key to add for admin user [required] +--user-public-ip public ip that will be granted access to VM [required] +-l, --location location to deploy VM [required] +-u, --admin-user admin user to create on VM [required] +--aks-node-cidr CIDR for Kubernetes nodes [required]. This is used during the NFS deploy to grant access to the NFS server from Kubernetes. + +additional options: +-f, --no-prompt executes with no prompt for confirmation +-h, --help provide brief overview of script +-n, --name VM name [optional] +-g, --resource-group resource group that will be created [optional] +-s, --size Azure flavor size for VM [optional] +-c, --cidr cidr for VNET to create for VM [optional]. +-d, --directory directory to store cloud config data [optional] +--vnet-name name of Vnet to create for VM [optional] +--nfs-subnet-name subnet name created on VNET [optional] +--nfs-disk-size size of external disk to be mounted on NFS VM [optional] + +``` + + +### AKS Creation + +``` + +$ ./create_aks.sh --help +./create_aks.sh [options] + + +required: +--user-public-ip public ip that will be granted access to AKS [required] +--admin-user admin user created on AKS nodes [required] +--public-key public key added for admin user [required] +-l, --location location to deploy AKS [required] + +additional options: +-f, --no-prompt executes with no prompt for confirmation +-h, --help provide brief overview of script +-n, --name AKS name [optional] +-g, --resource-group name of resource group that will be created [optional] +-s, --size azure flavor size for Kube nodes [optional] +-v, --kube-version version of Kubernetes for cluster [optional] +-c, --node-count number of nodes for cluster [optional] +--service-cidr cidr for Kuberenetes services [optional]. +--dns-ip IP for Kuberenetes dns service [optional]. This should be from --service-cidr. +--pod-cidr cidr for Kuberenetes pods [optional]. +--node-cidr cidr for Kuberenetes nodes [optional]. +--vnet-name name of Vnet to create for Kubernetes Cluster [optional] + +``` diff --git a/deployment/aks/bootstrap_onap.sh b/deployment/aks/bootstrap_onap.sh new file mode 100755 index 000000000..99661a9b6 --- /dev/null +++ b/deployment/aks/bootstrap_onap.sh @@ -0,0 +1,91 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" + +CONF=$1 + +if [ -z "$CONF" ]; then + echo "Configuration file required, exiting..." + exit 1 +fi + +. $CONF + +kubectl create configmap onap-bootstrap --from-file=$DIR/post-install/ --from-file=kubeconfig=$KUBECONFIG --from-file=onap.conf=$CONF + +cat < /tmp/onap-bootstrap-log + +kubectl delete pod onap-bootstrap +kubectl delete configmap onap-bootstrap + +if [ "$podstatus" = "Error" ]; then + echo "ONAP bootstrap failed!" +fi diff --git a/deployment/aks/cloud.conf b/deployment/aks/cloud.conf new file mode 100644 index 000000000..0865d7ae6 --- /dev/null +++ b/deployment/aks/cloud.conf @@ -0,0 +1,85 @@ +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# The variable $BUILD will be generated dynamically when this file is sourced + +RANDOM_STRING=`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4` +BUILD="ONAP-$RANDOM_STRING" + +# GLOBAL PARAMS +LOCATION= +USER_PUBLIC_IP_PREFIX= +BUILD_DIR= + +# AKS PARAMS +AKS_RESOURCE_GROUP_NAME= +AKS_NAME= +AKS_K8_VERSION= +AKS_NODE_COUNT= +AKS_NODE_SIZE= +AKS_VNET_NAME= +AKS_DNS_PREFIX= +AKS_POD_CIDR= +AKS_NODE_CIDR= +AKS_SERVICE_CIDR= +AKS_DNS_IP= +AKS_ADMIN_USER= + +# NFS PARAMS +NFS_NAME= +NFS_RG= +NFS_VM_SIZE= +NFS_LOCATION= +NFS_CIDR= +NFS_ADMIN_USER= +NFS_VNET_NAME= +NFS_SUBNET_NAME= +NFS_DISK_SIZE= + +# DEVSTACK PARAMS +DEVSTACK_NAME= +DEVSTACK_RG= +DEVSTACK_VM_SIZE= +DEVSTACK_LOCATION= +DEVSTACK_CIDR= +DEVSTACK_PRIVATE_IP= +DEVSTACK_ADMIN_USER= +DEVSTACK_VNET_NAME= +DEVSTACK_SUBNET_NAME= +DEVSTACK_DISK_SIZE= +OPENSTACK_USER= +OPENSTACK_PASS= +OPENSTACK_TENANT= +OPENSTACK_REGION= +IMAGE_LIST= + +# ONAP PARAMS +CLLI= +CLOUD_OWNER= +CLOUD_REGION= +CUSTOMER= +SUBSCRIBER= +SERVICE_TYPE= +AZ= +OE= +LOB= +PROJECT= +PLATFORM= +OS_ID= +OS_TENANT_ROLE= +OS_KEYSTONE= +OOM_BRANCH= +CHART_VERSION= +OOM_OVERRIDES= +DOCKER_REPOSITORY= diff --git a/deployment/aks/cloud.conf.example b/deployment/aks/cloud.conf.example new file mode 100644 index 000000000..d3f5087ba --- /dev/null +++ b/deployment/aks/cloud.conf.example @@ -0,0 +1,85 @@ +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# The variable $BUILD will be generated dynamically when this file is sourced + +RANDOM_STRING=`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4` +BUILD="ONAP$RANDOM_STRING" + +# GLOBAL PARAMS +LOCATION="westus2" +USER_PUBLIC_IP_PREFIX="10.0.0.0/8 192.168.100.0/24" +BUILD_DIR=/home/username/$BUILD + +# AKS PARAMS +AKS_RESOURCE_GROUP_NAME=$BUILD"-AKSRG" +AKS_NAME=$BUILD"-AKS" +AKS_K8_VERSION="1.14.6" +AKS_NODE_COUNT="7" +AKS_NODE_SIZE="Standard_DS4_v2" +AKS_VNET_NAME="$BUILD"-AKSVNET"" +AKS_DNS_PREFIX=$BUILD"-dns" +AKS_POD_CIDR="10.244.0.0/16" +AKS_NODE_CIDR="169.1.0.0/16" +AKS_SERVICE_CIDR="170.1.0.0/16" +AKS_DNS_IP="170.1.0.10" +AKS_ADMIN_USER="onap_user" + +# NFS PARAMS +NFS_NAME=$BUILD"-NFS" +NFS_RG=$BUILD"-NFS-RG" +NFS_VM_SIZE=$AKS_NODE_SIZE +NFS_LOCATION=$LOCATION +NFS_CIDR="173.163.0.0/28" +NFS_ADMIN_USER="onap_user" +NFS_VNET_NAME=$BUILD"-NFSVNET" +NFS_SUBNET_NAME=$BUILD"-NFSSUBNET" +NFS_DISK_SIZE=512 + +# DEVSTACK PARAMS +DEVSTACK_NAME=$BUILD"-DEVSTACK" +DEVSTACK_RG=$BUILD"-DEVSTACK-RG" +DEVSTACK_VM_SIZE="Standard_D16s_v3" +DEVSTACK_LOCATION=$LOCATION +DEVSTACK_CIDR="10.0.200.0/24" +DEVSTACK_PRIVATE_IP="10.0.200.4" +DEVSTACK_ADMIN_USER="onap_user" +DEVSTACK_VNET_NAME=$BUILD"-DEVSTACKVNET" +DEVSTACK_SUBNET_NAME=$BUILD"-DEVSTACKSUBNET" +DEVSTACK_DISK_SIZE=512 +OPENSTACK_USER="onap_user" +OPENSTACK_PASS="supersecret" +OPENSTACK_TENANT="onap_project" +OPENSTACK_REGION="RegionOne" +IMAGE_LIST="https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img" + +# ONAP PARAMS +CLLI="testclli1" +CLOUD_OWNER="ONAPOWNER" +CLOUD_REGION="ONAPREGION" +CUSTOMER="ONAPCUSTOMER" +SUBSCRIBER="ONAPSUBSCRIBER" +SERVICE_TYPE="ONAPSERVICE" +AZ="nova" +OE="testentity" +LOB="testlob" +PROJECT="testproject" +PLATFORM="testplatform" +OS_ID="OnapOpenstack" +OS_TENANT_ROLE="admin" +OS_KEYSTONE="KEYSTONE_V3" +OOM_BRANCH="master" +CHART_VERSION="5.0.0" +OOM_OVERRIDES="" +DOCKER_REPOSITORY="nexus3.onap.org:10001" diff --git a/deployment/aks/cloud.sh b/deployment/aks/cloud.sh new file mode 100755 index 000000000..ac471a91b --- /dev/null +++ b/deployment/aks/cloud.sh @@ -0,0 +1,424 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" + +NO_PROMPT=0 +NO_INSTALL=0 +OVERRIDE=0 + +OPENSTACK_CLI_POD="os-cli-0" + +if [ ! -f $DIR/cloud.conf ]; then + echo "cloud.conf not found, exiting..." + exit 1 +fi + +. $DIR/cloud.conf + +while test $# -gt 0; do + case "$1" in + -h|--help) + echo "./cloud.sh [options]" + echo " " + echo " " + echo "options:" + echo "-f, --no-prompt executes with no prompt for confirmation" + echo "-n, --no-install don't install ONAP" + echo "-o, --override create integration override for robot configuration" + echo "-h, --help provide brief overview of script" + echo " " + echo "This script deploys a cloud environment in Azure." + echo "It: " + echo "- Uses Azure Kubernetes Service (AKS) to bootstrap a kubernetes cluster." + echo "- Creates a VM with an external disk to be used as NFS storage." + echo "- Creates a VM and installs DevStack, to be used with ONAP." + echo "- Launches ONAP onto the AKS Cluster via OOM." + echo "- Configures Networking, SSH Access, and Security Group Rules" + echo "" + exit 0 + ;; + -f|--no-prompt) + shift + NO_PROMPT=1 + ;; + -n|--no-install) + shift + NO_INSTALL=1 + ;; + -o|--override) + shift + OVERRIDE=1 + ;; + *) + echo "Unknown Argument. Try running with --help ." + exit 0 + ;; + esac +done + +cat < $BUILD_DIR/clean.sh +echo "" >> $BUILD_DIR/clean.sh +chmod 755 $BUILD_DIR/clean.sh + +ssh-keygen -t rsa -N "" -f $BUILD_DIR/id_rsa + +PUBLIC_KEY=$BUILD_DIR/id_rsa.pub +PRIVATE_KEY=$BUILD_DIR/id_rsa + + +echo "az group delete --resource-group $DEVSTACK_RG --yes" >> $BUILD_DIR/clean.sh +echo "" >> $BUILD_DIR/clean.sh + +echo "Creating DEVSTACK Server $DEVSTACK_NAME in $LOCATION" +$DIR/create_devstack.sh --name "$DEVSTACK_NAME" \ + --resource-group "$DEVSTACK_RG" \ + --size "$DEVSTACK_VM_SIZE" \ + --location "$DEVSTACK_LOCATION" \ + --cidr "$DEVSTACK_CIDR" \ + --admin-user "$DEVSTACK_ADMIN_USER" \ + --directory "$BUILD_DIR" \ + --vnet-name "$DEVSTACK_VNET_NAME" \ + --public-key "$PUBLIC_KEY" \ + --user-public-ip "$USER_PUBLIC_IP_PREFIX" \ + --devstack-private-ip "$DEVSTACK_PRIVATE_IP" \ + --devstack-subnet-name "$DEVSTACK_SUBNET_NAME" \ + --devstack-disk-size "$DEVSTACK_DISK_SIZE" \ + --openstack-username "$OPENSTACK_USER" \ + --openstack-password "$OPENSTACK_PASS" \ + --openstack-tenant "$OPENSTACK_TENANT" \ + --image-list "$IMAGE_LIST" \ + --no-prompt + + +echo "az group delete --resource-group $NFS_RG --yes" >> $BUILD_DIR/clean.sh +echo "" >> $BUILD_DIR/clean.sh + +echo "Creating NFS Server $NFS_NAME in $LOCATION" +$DIR/create_nfs.sh --name "$NFS_NAME" \ + --resource-group "$NFS_RG" \ + --size "$NFS_VM_SIZE" \ + --location "$NFS_LOCATION" \ + --cidr "$NFS_CIDR" \ + --admin-user "$NFS_ADMIN_USER" \ + --directory "$BUILD_DIR" \ + --vnet-name "$NFS_VNET_NAME" \ + --public-key "$PUBLIC_KEY" \ + --user-public-ip "$USER_PUBLIC_IP_PREFIX" \ + --nfs-subnet-name "$NFS_SUBNET_NAME" \ + --aks-node-cidr "$AKS_NODE_CIDR" \ + --nfs-disk-size "$NFS_DISK_SIZE" \ + --no-prompt + + +echo "az group delete --resource-group $AKS_RESOURCE_GROUP_NAME --yes" >> $BUILD_DIR/clean.sh +echo "" >> $BUILD_DIR/clean.sh + +echo "Creating AKS $AKS_NAME in $LOCATION" +$DIR/create_aks.sh --name "$AKS_NAME" \ + --resource-group "$AKS_RESOURCE_GROUP_NAME" \ + --kube-version "$AKS_K8_VERSION" \ + --location "$LOCATION" \ + --node-count "$AKS_NODE_COUNT" \ + --size "$AKS_NODE_SIZE" \ + --service-cidr "$AKS_SERVICE_CIDR" \ + --pod-cidr "$AKS_POD_CIDR" \ + --dns-ip "$AKS_DNS_IP" \ + --node-cidr "$AKS_NODE_CIDR" \ + --vnet-name "$AKS_VNET_NAME" \ + --user-public-ip "$USER_PUBLIC_IP_PREFIX" \ + --public-key "$PUBLIC_KEY" \ + --admin-user "$AKS_ADMIN_USER" \ + --no-prompt + + +AKS_MANAGEMENT_RESOURCE_GROUP_NAME=`az group list --query "[?starts_with(name, 'MC_${AKS_RESOURCE_GROUP_NAME}')].name | [0]" --output tsv` +AKS_VNET_ID=`az network vnet show --resource-group ${AKS_RESOURCE_GROUP_NAME} --name ${AKS_VNET_NAME} --query 'id' --output tsv` +NFS_VNET_ID=`az network vnet show --name ${NFS_VNET_NAME} --resource-group ${NFS_RG} --query "id" --output tsv` +DEVSTACK_VNET_ID=`az network vnet show --name ${DEVSTACK_VNET_NAME} --resource-group ${DEVSTACK_RG} --query "id" --output tsv` +AKS_ROUTE_TABLE_NAME=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/routeTables" --query "[0] | name" --output tsv` +DEVSTACK_PRIVATE_IP=`az vm show --name ${DEVSTACK_NAME} --resource-group ${DEVSTACK_RG} -d --query "privateIps" --output tsv` +NFS_PRIVATE_IP=`az vm show --name ${NFS_NAME} --resource-group ${NFS_RG} -d --query "privateIps" --output tsv` +NFS_PUBLIC_IP=`az vm show --name ${NFS_NAME} --resource-group ${NFS_RG} -d --query "publicIps" --output tsv` +DEVSTACK_PUBLIC_IP=`az vm show --name ${DEVSTACK_NAME} --resource-group ${DEVSTACK_RG} -d --query "publicIps" --output tsv` + +# adding public ip to aks +NIC_NAME0=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkInterfaces" --query "[0] | name" --output tsv` +AKS_NSG_NAME=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkSecurityGroups" --query "[0] | name" --output tsv` +$DIR/create_public_ip.sh "AKSPUBLICIP1" "$AKS_MANAGEMENT_RESOURCE_GROUP_NAME" "$NIC_NAME0" +$DIR/create_sg_rule.sh "$AKS_MANAGEMENT_RESOURCE_GROUP_NAME" "$AKS_NSG_NAME" '*' "30000-32000" "$USER_PUBLIC_IP_PREFIX" '*' '*' "ONAP" "120" + +AKS_PUBLIC_IP_ADDRESS=`az network public-ip show --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} -n AKSPUBLICIP1 --query "ipAddress" --output tsv` + +### Peering networks ### +# peering requires source = VNet NAME, destination = VNet ID + +echo "creating peering from AKS Vnet to NFS Vnet..." +$DIR/create_peering.sh "$AKS_VNET_NAME" \ + "$AKS_RESOURCE_GROUP_NAME" \ + "$NFS_VNET_ID" \ + "kube-to-nfs" + +echo "creating peering from AKS Vnet to Devstack Vnet..." +$DIR/create_peering.sh "$AKS_VNET_NAME" \ + "$AKS_RESOURCE_GROUP_NAME" \ + "$DEVSTACK_VNET_ID" \ + "kube-to-devstack" + +echo "creating peering from NFS Vnet to AKS Vnet..." +$DIR/create_peering.sh "$NFS_VNET_NAME" \ + "$NFS_RG" \ + "$AKS_VNET_ID" \ + "nfs-to-kube" + +echo "creating peering from NFS Vnet to AKS Vnet..." +$DIR/create_peering.sh "$DEVSTACK_VNET_NAME" \ + "$DEVSTACK_RG" \ + "$AKS_VNET_ID" \ + "devstack-to-kube" + + +### Adding next hop to kubernetes for devstack ### +echo "creating route from AKS Vnet to Devstack Vnet..." +$DIR/create_route.sh "$DEVSTACK_CIDR" \ + "guestvms" \ + "$AKS_MANAGEMENT_RESOURCE_GROUP_NAME" \ + "$AKS_ROUTE_TABLE_NAME" \ + "$DEVSTACK_PRIVATE_IP" + + + +# TODO +# Lets find a better place for this +az aks get-credentials --resource-group "$AKS_RESOURCE_GROUP_NAME" \ + --name "$AKS_NAME" \ + --file "$BUILD_DIR"/"kubeconfig" + +$DIR/configure_nfs_pod.sh "$PRIVATE_KEY" \ + "$BUILD_DIR"/"kubeconfig" \ + "$NFS_PRIVATE_IP" \ + "$AKS_ADMIN_USER" + +# TODO +# add this to post-install or post-configure phase +# to support adding multiple devstacks to same ONAP +cat > "$BUILD_DIR/openstack_rc" < "$BUILD_DIR/onap.conf" < "$BUILD_DIR/deployment.notes" <" + +--------NFS ACCESS-------- +ssh -i ${PRIVATE_KEY} ${NFS_ADMIN_USER}@${NFS_PUBLIC_IP} + +--------KUBERNETES ACCESS-------- +kubeconfig: export KUBECONFIG=$BUILD_DIR/kubeconfig +dashboard: az aks browse --resource-group ${AKS_RESOURCE_GROUP_NAME} --name ${AKS_NAME} + +--------BUILD DETAILS-------- +Build directory: $BUILD_DIR +Integration repo: $BUILD_DIR/integration +OOM repo: $BUILD_DIR/oom + +--------ADD TO /etc/hosts-------- +$AKS_PUBLIC_IP_ADDRESS portal.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS sdc.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS sdc.api.fe.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS sdc.api.be.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS vid.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS policy.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS aai.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS cli.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS so.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS so.monitoring.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS so-monitoring +$AKS_PUBLIC_IP_ADDRESS sdnc.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS clamp.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS dcae.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS appc.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS aaf.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS portal-sdk.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS robot.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS msb.api.discovery.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS msb.api.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS aai.ui.simpledemo.onap.org +$AKS_PUBLIC_IP_ADDRESS policy.api.simpledemo.onap.org + +EOF + +cat "$BUILD_DIR/deployment.notes" diff --git a/deployment/aks/configure_nfs_pod.sh b/deployment/aks/configure_nfs_pod.sh new file mode 100755 index 000000000..96f66a6f3 --- /dev/null +++ b/deployment/aks/configure_nfs_pod.sh @@ -0,0 +1,70 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +PRIVATE_KEY=$1 +KUBECONFIG=$2 +NFS_IP=$3 +ADMIN_USER=$4 + +export KUBECONFIG=$KUBECONFIG + +echo "setting up nfs on AKS nodes" +kubectl create configmap aks-key --from-file=$PRIVATE_KEY + +for IPADDRESS in `kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="InternalIP")].address}'`; do + +cat </dev/null 2>&1 && pwd )" +NO_PROMPT=0 +RANDOM_PREFIX="ONAP" +RANDOM_STRING="$RANDOM_PREFIX"-`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4` + +AKS_NAME= +AKS_RESOURCE_GROUP_NAME= +AKS_K8_VERSION= +LOCATION= +AKS_NODE_COUNT= +AKS_NODE_SIZE= +AKS_SERVICE_CIDR= +AKS_POD_CIDR= +AKS_DNS_IP= +AKS_NODE_CIDR= +AKS_NETWORK_NAME= +USER_PUBLIC_IP_PREFIX= +PUBLIC_KEY= +AKS_ADMIN_USER= + +function check_required_parameter() { + # arg1 = parameter + # arg2 = parameter name + if [ -z "$1" ]; then + echo "$2 was not was provided. This parameter is required." + exit 1 + fi +} + +function check_optional_paramater() { + # arg1 = parameter + # arg2 = default + if [ -z "$1" ]; then + echo "$2" + else + echo "$1" + fi +} + + +while test $# -gt 0; do + case "$1" in + -h|--help) + echo "./create_aks.sh [options]" + echo " " + echo " " + echo "required:" + echo "--user-public-ip public ip that will be granted access to AKS [required]" + echo "--admin-user admin user created on AKS nodes [required]" + echo "--public-key public key added for admin user [required]" + echo "-l, --location location to deploy AKS [required]" + echo " " + echo "additional options:" + echo "-f, --no-prompt executes with no prompt for confirmation" + echo "-h, --help provide brief overview of script" + echo "-n, --name AKS name [optional]" + echo "-g, --resource-group name of resource group that will be created [optional]" + echo "-s, --size azure flavor size for Kube nodes [optional]" + echo "-v, --kube-version version of Kubernetes for cluster [optional]" + echo "-c, --node-count number of nodes for cluster [optional]" + echo "--service-cidr cidr for Kuberenetes services [optional]." + echo "--dns-ip IP for Kuberenetes dns service [optional]. This should be from --service-cidr." + echo "--pod-cidr cidr for Kuberenetes pods [optional]." + echo "--node-cidr cidr for Kuberenetes nodes [optional]." + echo "--vnet-name name of Vnet to create for Kubernetes Cluster [optional]" + echo "" + exit 0 + ;; + -f|--no-prompt) + shift + NO_PROMPT=1 + ;; + -n|--name) + shift + AKS_NAME=$1 + shift + ;; + -g|--resource-group) + shift + AKS_RESOURCE_GROUP_NAME=$1 + shift + ;; + -s|--size) + shift + AKS_NODE_SIZE=$1 + shift + ;; + -l|--location) + shift + LOCATION=$1 + shift + ;; + -v|--kube-version) + shift + AKS_K8_VERSION=$1 + shift + ;; + -c|--node-count) + shift + AKS_NODE_COUNT=$1 + shift + ;; + --service-cidr) + shift + AKS_SERVICE_CIDR=$1 + shift + ;; + --dns-ip) + shift + AKS_DNS_IP=$1 + shift + ;; + --pod-cidr) + shift + AKS_POD_CIDR=$1 + shift + ;; + --node-cidr) + shift + AKS_NODE_CIDR=$1 + shift + ;; + --vnet-name) + shift + AKS_NETWORK_NAME=$1 + shift + ;; + --user-public-ip) + shift + USER_PUBLIC_IP_PREFIX=$1 + shift + ;; + --admin-user) + shift + AKS_ADMIN_USER=$1 + shift + ;; + --public-key) + shift + PUBLIC_KEY=$1 + shift + ;; + *) + echo "Unknown Argument $1. Try running with --help." + exit 0 + ;; + esac +done + +check_required_parameter "$LOCATION" "--location" +check_required_parameter "$USER_PUBLIC_IP_PREFIX" "--user-public-ip" +check_required_parameter "$AKS_ADMIN_USER" "--admin-user" +check_required_parameter "$PUBLIC_KEY" "--public-key" + +AKS_RESOURCE_GROUP_NAME=$(check_optional_paramater "$AKS_RESOURCE_GROUP_NAME" $RANDOM_STRING"-AKSRG") +AKS_NAME=$(check_optional_paramater "$AKS_NAME" $RANDOM_STRING"-AKS") +AKS_NODE_SIZE=$(check_optional_paramater "$AKS_NODE_SIZE" "Standard_DS4_v2") +AKS_POD_CIDR=$(check_optional_paramater "$AKS_POD_CIDR" "168.1.0.0/16") +AKS_NODE_CIDR=$(check_optional_paramater "$AKS_NODE_CIDR" "169.1.0.0/16") +AKS_NETWORK_NAME=$(check_optional_paramater "$AKS_NETWORK_NAME" $RANDOM_STRING"-AKS-VNET") +AKS_SERVICE_CIDR=$(check_optional_paramater "$AKS_SERVICE_CIDR" "170.1.0.0/16") +AKS_DNS_IP=$(check_optional_paramater "$AKS_DNS_IP" "170.1.0.10") +AKS_K8_VERSION=$(check_optional_paramater "$AKS_K8_VERSION" "1.13.5") +AKS_NODE_COUNT=$(check_optional_paramater "$AKS_NODE_COUNT" "7") + +if [ $NO_PROMPT = 0 ]; then + read -p "Would you like to proceed? [y/n]" -n 1 -r + echo " " + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 0 + fi +fi + +set -x +set -e + +AKS_SUBNET_NAME=$AKS_NETWORK_NAME"-SUBNET" + +echo "Creating AKS Resource Group $AKS_RESOURCE_GROUP_NAME in $LOCATION" +$DIR/create_resource_group.sh "$AKS_RESOURCE_GROUP_NAME" "$LOCATION" + +az network vnet create --resource-group "$AKS_RESOURCE_GROUP_NAME" \ + --name "$AKS_NETWORK_NAME" \ + --address-prefix "$AKS_NODE_CIDR" \ + --subnet-name "$AKS_SUBNET_NAME" \ + --subnet-prefix "$AKS_NODE_CIDR" + +AKS_SUBNET_ID=`az network vnet show --resource-group ${AKS_RESOURCE_GROUP_NAME} --name ${AKS_NETWORK_NAME} --query "subnets | [0] | id" --output tsv` + +az aks create --name "$AKS_NAME" \ + --resource-group "$AKS_RESOURCE_GROUP_NAME" \ + --disable-rbac \ + --kubernetes-version "$AKS_K8_VERSION" \ + --location "$LOCATION" \ + --node-count "$AKS_NODE_COUNT" \ + --node-vm-size "$AKS_NODE_SIZE" \ + --service-cidr "$AKS_SERVICE_CIDR" \ + --pod-cidr "$AKS_POD_CIDR" \ + --network-plugin "kubenet" \ + --dns-service-ip "$AKS_DNS_IP" \ + --admin-username "$AKS_ADMIN_USER" \ + --ssh-key-value "$PUBLIC_KEY" \ + --vnet-subnet-id "$AKS_SUBNET_ID" +echo "" + +AKS_MANAGEMENT_RESOURCE_GROUP_NAME=`az group list --query "[?starts_with(name, 'MC_${AKS_RESOURCE_GROUP_NAME}')].name | [0]" --output tsv` +AKS_NSG_NAME=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkSecurityGroups" --query "[0] | name" --output tsv` +AKS_NSG_ID=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkSecurityGroups" --query "[0] | id" --output tsv` + +echo "Associating Security Group with AKS Subnet ${AKS_SUBNET_NAME}" +az network vnet subnet update --resource-group="$AKS_RESOURCE_GROUP_NAME" \ + --name "$AKS_SUBNET_NAME" \ + --vnet-name "$AKS_NETWORK_NAME" \ + --network-security-group "$AKS_NSG_ID" + +for ((i=0;i<$AKS_NODE_COUNT;i++)); do + NIC_NAME=`az resource list --resource-group ${AKS_MANAGEMENT_RESOURCE_GROUP_NAME} --resource-type "Microsoft.Network/networkInterfaces" --query "[$i] | name" --output tsv` + echo "Associating Security Group ${AKS_NSG_NAME} with AKS Node NIC ${NIC_NAME}" + az network nic update --resource-group "$AKS_MANAGEMENT_RESOURCE_GROUP_NAME" -n "$NIC_NAME" --network-security-group "$AKS_NSG_NAME" + echo "" +done + diff --git a/deployment/aks/create_devstack.sh b/deployment/aks/create_devstack.sh new file mode 100755 index 000000000..fc136f00a --- /dev/null +++ b/deployment/aks/create_devstack.sh @@ -0,0 +1,367 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +NO_PROMPT=0 +RANDOM_PREFIX="ONAP" +RANDOM_STRING="$RANDOM_PREFIX"-`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4` + +DEVSTACK_RG= +DEVSTACK_LOCATION= +PUBLIC_KEY= +DEVSTACK_NAME= +DEVSTACK_VM_SIZE= +SUBNET_CIDR= +ADMIN_USER= +BUILD_DIR= +DEVSTACK_VNET_NAME= +USER_PUBLIC_IP_PREFIX= +DEVSTACK_PRIVATE_IP= +DEVSTACK_SUBNET_NAME= +DEVSTACK_DISK_SIZE= +OPENSTACK_USER= +OPENSTACK_PASS= +OS_PROJECT_NAME= +IMAGE_LIST= + +function check_required_parameter() { + # arg1 = parameter + # arg2 = parameter name + if [ -z "$1" ]; then + echo "$2 was not was provided. This parameter is required." + exit 1 + fi +} + +function check_optional_paramater() { + # arg1 = parameter + # arg2 = parameter name + if [ -z "$1" ]; then + echo "$2" + else + echo "$1" + fi +} + + +while test $# -gt 0; do + case "$1" in + -h|--help) + echo "./create_devstack.sh [options]" + echo " " + echo " " + echo "required:" + echo "--public-key public key to add for admin user [required]" + echo "--user-public-ip public ip that will be granted access to VM [required]" + echo "-l, --location location to deploy VM [required]" + echo "-u, --admin-user admin user to create on VM [required]" + echo " " + echo "additional options:" + echo "-f, --no-prompt executes with no prompt for confirmation" + echo "-h, --help provide brief overview of script" + echo "-n, --name VM name [optional]" + echo "-g, --resource-group provide brief overview of script [optional]" + echo "-s, --size Azure flavor size for VM [optional]" + echo "-c, --cidr cidr for VNET to create for VM [optional]. If provided, must also provide --devstack-private-ip from same range." + echo "-d, --directory directory to store cloud config data [optional]" + echo "--vnet-name name of Vnet to create for VM [optional]" + echo "--image-list space delimited list of image urls that will be added to devstack [optional]" + echo "--devstack-private-ip private ip assigned to VM [optional]. If provided, this value must come from the CIDR range of VNET." + echo "--devstack-subnet-name subnet name created on VNET [optional]" + echo "--devstack-disk-size size of OS disk to be allocated [optional]" + echo "--openstack-username default user name for openstack [optional]" + echo "--openstack-password default password for openstack [optional]" + echo "--openstack-tenant default tenant name for openstack [optional]" + echo "" + exit 0 + ;; + -f|--no-prompt) + shift + NO_PROMPT=1 + ;; + -n|--name) + shift + DEVSTACK_NAME=$1 + shift + ;; + -g|--resource-group) + shift + DEVSTACK_RG=$1 + shift + ;; + -s|--size) + shift + DEVSTACK_VM_SIZE=$1 + shift + ;; + -l|--location) + shift + DEVSTACK_LOCATION=$1 + shift + ;; + -c|--cidr) + shift + SUBNET_CIDR=$1 + shift + ;; + -u|--admin-user) + shift + ADMIN_USER=$1 + shift + ;; + -d|--directory) + shift + BUILD_DIR=$1 + shift + ;; + --vnet-name) + shift + DEVSTACK_VNET_NAME=$1 + shift + ;; + --image-list) + shift + IMAGE_LIST=$1 + shift + ;; + --public-key) + shift + PUBLIC_KEY=$1 + shift + ;; + --user-public-ip) + shift + USER_PUBLIC_IP_PREFIX=$1 + shift + ;; + --devstack-private-ip) + shift + DEVSTACK_PRIVATE_IP=$1 + shift + ;; + --devstack-subnet-name) + shift + DEVSTACK_SUBNET_NAME=$1 + shift + ;; + --devstack-disk-size) + shift + DEVSTACK_DISK_SIZE=$1 + shift + ;; + --openstack-username) + shift + OPENSTACK_USER=$1 + shift + ;; + --openstack-password) + shift + OPENSTACK_PASS=$1 + shift + ;; + --openstack-tenant) + shift + OS_PROJECT_NAME=$1 + shift + ;; + *) + echo "Unknown Argument $1. Try running with --help." + exit 0 + ;; + esac +done + +check_required_parameter "$ADMIN_USER" "--admin-user" +check_required_parameter "$PUBLIC_KEY" "--public-key" +check_required_parameter "$DEVSTACK_LOCATION" "--location" +check_required_parameter "$USER_PUBLIC_IP_PREFIX" "--user-public-ip" + +DEVSTACK_RG=$(check_optional_paramater "$DEVSTACK_RG" $RANDOM_STRING"-DEVSTACKRG") +DEVSTACK_NAME=$(check_optional_paramater "$DEVSTACK_NAME" $RANDOM_STRING"-DEVSTACK") +DEVSTACK_VM_SIZE=$(check_optional_paramater "$DEVSTACK_VM_SIZE" "Standard_DS4_v2") +SUBNET_CIDR=$(check_optional_paramater "$SUBNET_CIDR" "173.0.0.0/24") +BUILD_DIR=$(check_optional_paramater "$BUILD_DIR" /tmp/devstack-$RANDOM_STRING) +DEVSTACK_VNET_NAME=$(check_optional_paramater "$DEVSTACK_VNET_NAME" $RANDOM_STRING"-DEVSTACK-VNET") +DEVSTACK_PRIVATE_IP=$(check_optional_paramater "$DEVSTACK_PRIVATE_IP" "173.0.0.4") +DEVSTACK_SUBNET_NAME=$(check_optional_paramater "$DEVSTACK_SUBNET_NAME" $RANDOM_STRING"-DEVSTACK-VNET-SUBNET") +DEVSTACK_DISK_SIZE=$(check_optional_paramater "$DEVSTACK_DISK_SIZE" "64") +OPENSTACK_USER=$(check_optional_paramater "$OPENSTACK_USER" "admin") +OPENSTACK_PASS=$(check_optional_paramater "$OPENSTACK_PASS" "secret") +OS_PROJECT_NAME=$(check_optional_paramater "$OS_PROJECT_NAME" "admin") +IMAGE_LIST=$(check_optional_paramater "$IMAGE_LIST" "") + + +if [ $NO_PROMPT = 0 ]; then + read -p "Would you like to proceed? [y/n]" -n 1 -r + echo " " + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 0 + fi +fi + +set -x +set -e + +# TODO +# This needs to be hardened +DEVSTACK_PRIVATE_GATEWAY=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/1/'` +DEVSTACK_ALLOCATION_START=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/10/'` +DEVSTACK_ALLOCATION_END=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/240/'` + +DATA_FILE=$BUILD_DIR/cloud-cfg-os.yaml + +if [ ! -d $BUILD_DIR ]; then + echo "running script standalone..." + mkdir -p "$BUILD_DIR" +fi + +$DIR/create_resource_group.sh "$DEVSTACK_RG" "$DEVSTACK_LOCATION" + +az network public-ip create --resource-group "$DEVSTACK_RG" --name "DEVSTACK_PUBLIC_IP" --allocation-method Static +DEVSTACK_PUBLIC_IP=`az network public-ip show --resource-group "$DEVSTACK_RG" --name "DEVSTACK_PUBLIC_IP" --query 'ipAddress' --output tsv` + +cat > $DATA_FILE < local.conf <> /etc/resolvconf/resolv.conf.d/head + - echo "nameserver 8.8.8.8" >> /etc/resolvconf/resolv.conf.d/head + - service resolvconf restart + - su -l stack ./start.sh + - iptables -t nat -F POSTROUTING + - iptables -t nat -A POSTROUTING -o br-ex -j MASQUERADE + - iptables -t nat -A PREROUTING -d "$DEVSTACK_PUBLIC_IP" -j DNAT --to-destination $DEVSTACK_PRIVATE_IP +EOF + +DEVSTACK_IMAGE="UbuntuLTS" +DEVSTACK_SECURITY_GROUP=$DEVSTACK_NAME"-SG" + +az network nsg create --resource-group "$DEVSTACK_RG" \ + --name "$DEVSTACK_SECURITY_GROUP" + +$DIR/create_sg_rule.sh "$DEVSTACK_RG" "$DEVSTACK_SECURITY_GROUP" '*' "22" "$USER_PUBLIC_IP_PREFIX" '*' '*' "SSH" "100" +$DIR/create_sg_rule.sh "$DEVSTACK_RG" "$DEVSTACK_SECURITY_GROUP" '*' "80" "$USER_PUBLIC_IP_PREFIX" '*' '*' "HORIZON" "110" + +az vm create --name "$DEVSTACK_NAME" \ + --resource-group "$DEVSTACK_RG" \ + --size "$DEVSTACK_VM_SIZE" \ + --admin-username "$ADMIN_USER" \ + --ssh-key-value @"$PUBLIC_KEY" \ + --os-disk-size-gb "$DEVSTACK_DISK_SIZE" \ + --image "$DEVSTACK_IMAGE" \ + --location "$DEVSTACK_LOCATION" \ + --subnet-address-prefix "$SUBNET_CIDR" \ + --subnet "$DEVSTACK_SUBNET_NAME" \ + --vnet-address-prefix "$SUBNET_CIDR" \ + --vnet-name "$DEVSTACK_VNET_NAME" \ + --custom-data "$DATA_FILE" \ + --nsg "$DEVSTACK_SECURITY_GROUP" \ + --private-ip-address "$DEVSTACK_PRIVATE_IP" \ + --public-ip-address "DEVSTACK_PUBLIC_IP" +echo "" + +az network vnet subnet update --resource-group="$DEVSTACK_RG" \ + --name "$DEVSTACK_SUBNET_NAME" \ + --vnet-name "$DEVSTACK_VNET_NAME" \ + --network-security-group "$DEVSTACK_SECURITY_GROUP" + +DEVSTACK_NIC_ID=`az vm nic list --resource-group ${DEVSTACK_RG} --vm-name ${DEVSTACK_NAME} --query "[0] | id" --output tsv` + +### Enabling IP Forwarding on DEVSTACK vnic ### +az network nic update --ids "$DEVSTACK_NIC_ID" --ip-forwarding + diff --git a/deployment/aks/create_nfs.sh b/deployment/aks/create_nfs.sh new file mode 100755 index 000000000..8262d1e8c --- /dev/null +++ b/deployment/aks/create_nfs.sh @@ -0,0 +1,237 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +NO_PROMPT=0 +RANDOM_PREFIX="ONAP" +RANDOM_STRING="$RANDOM_PREFIX"-`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4` + + +NFS_NAME= +NFS_RG= +NFS_VM_SIZE= +NFS_LOCATION= +SUBNET_CIDR= +ADMIN_USER= +BUILD_DIR= +NFS_VNET_NAME= +PUBLIC_KEY= +USER_PUBLIC_IP_PREFIX= +NFS_SUBNET_NAME= +AKS_POD_CIDR= +NFS_DISK_SIZE= + +function check_required_parameter() { + # arg1 = parameter + # arg2 = parameter name + if [ -z "$1" ]; then + echo "$2 was not was provided. This parameter is required." + exit 1 + fi +} + +function check_optional_paramater() { + # arg1 = parameter + # arg2 = parameter name + if [ -z "$1" ]; then + echo "$2" + else + echo "$1" + fi +} + + +while test $# -gt 0; do + case "$1" in + -h|--help) + echo "./create_nfs.sh [options]" + echo " " + echo " " + echo "required:" + echo "--public-key public key to add for admin user [required]" + echo "--user-public-ip public ip that will be granted access to VM [required]" + echo "-l, --location location to deploy VM [required]" + echo "-u, --admin-user admin user to create on VM [required]" + echo "--aks-node-cidr CIDR for Kubernetes nodes [required]. This is used during the NFS deploy to grant access to the NFS server from Kubernetes." + echo " " + echo "additional options:" + echo "-f, --no-prompt executes with no prompt for confirmation" + echo "-h, --help provide brief overview of script" + echo "-n, --name VM name [optional]" + echo "-g, --resource-group resource group that will be created [optional]" + echo "-s, --size Azure flavor size for VM [optional]" + echo "-c, --cidr cidr for VNET to create for VM [optional]." + echo "-d, --directory directory to store cloud config data [optional]" + echo "--vnet-name name of Vnet to create for VM [optional]" + echo "--nfs-subnet-name subnet name created on VNET [optional]" + echo "--nfs-disk-size size of external disk to be mounted on NFS VM [optional]" + echo "" + exit 0 + ;; + -f|--no-prompt) + shift + NO_PROMPT=1 + ;; + -n|--name) + shift + NFS_NAME=$1 + shift + ;; + -g|--resource-group) + shift + NFS_RG=$1 + shift + ;; + -s|--size) + shift + NFS_VM_SIZE=$1 + shift + ;; + -l|--location) + shift + NFS_LOCATION=$1 + shift + ;; + -c|--cidr) + shift + SUBNET_CIDR=$1 + shift + ;; + -u|--admin-user) + shift + ADMIN_USER=$1 + shift + ;; + -d|--directory) + shift + BUILD_DIR=$1 + shift + ;; + --vnet-name) + shift + NFS_VNET_NAME=$1 + shift + ;; + --public-key) + shift + PUBLIC_KEY=$1 + shift + ;; + --user-public-ip) + shift + USER_PUBLIC_IP_PREFIX=$1 + shift + ;; + --aks-node-cidr) + shift + AKS_POD_CIDR=$1 + shift + ;; + --nfs-subnet-name) + shift + NFS_SUBNET_NAME=$1 + shift + ;; + --nfs-disk-size) + shift + NFS_DISK_SIZE=$1 + shift + ;; + *) + echo "Unknown Argument $1. Try running with --help." + exit 0 + ;; + esac +done + +check_required_parameter "$ADMIN_USER" "--admin-user" +check_required_parameter "$PUBLIC_KEY" "--public-key" +check_required_parameter "$NFS_LOCATION" "--location" +check_required_parameter "$USER_PUBLIC_IP_PREFIX" "--user-public-ip" +check_required_parameter "$AKS_POD_CIDR" "--aks-node-cidr" + +NFS_RG=$(check_optional_paramater "$NFS_RG" $RANDOM_STRING"-NFS-RG") +NFS_NAME=$(check_optional_paramater "$NFS_NAME" $RANDOM_STRING"-NFS") +NFS_VM_SIZE=$(check_optional_paramater "$NFS_VM_SIZE" "Standard_DS4_v2") +SUBNET_CIDR=$(check_optional_paramater "$SUBNET_CIDR" "174.0.0.0/24") +BUILD_DIR=$(check_optional_paramater "$BUILD_DIR" /tmp/nfs-$RANDOM_STRING) +NFS_VNET_NAME=$(check_optional_paramater "$NFS_VNET_NAME" $RANDOM_STRING"-NFS-VNET") +NFS_SUBNET_NAME=$(check_optional_paramater "$NFS_SUBNET_NAME" $RANDOM_STRING"-NFS-VNET-SUBNET") +NFS_DISK_SIZE=$(check_optional_paramater "$NFS_DISK_SIZE" "256") + +if [ $NO_PROMPT = 0 ]; then + read -p "Would you like to proceed? [y/n]" -n 1 -r + echo " " + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 0 + fi +fi + +set -x +set -e + +NFS_IMAGE="UbuntuLTS" +NFS_SECURITY_GROUP=$NFS_NAME"-SG" +DATA_FILE=$BUILD_DIR/cloud-cfg.yaml + +if [ ! -d $BUILD_DIR ]; then + echo "running script standalone..." + mkdir -p "$BUILD_DIR" +fi + +$DIR/create_resource_group.sh "$NFS_RG" "$NFS_LOCATION" + +cat > $DATA_FILE <> /etc/exports + - mkdir /dockerdata-nfs + - chmod 777 -R /dockerdata-nfs + - chown nobody:nogroup /dockerdata-nfs + - exportfs -ra + - systemctl restart nfs-kernel-server +EOF + +az network nsg create --resource-group "$NFS_RG" \ + --name "$NFS_SECURITY_GROUP" + +$DIR/create_sg_rule.sh "$NFS_RG" "$NFS_SECURITY_GROUP" '*' "22" "$USER_PUBLIC_IP_PREFIX" '*' '*' "SSH" "100" + +az vm create --name "$NFS_NAME" \ + --resource-group "$NFS_RG" \ + --size "$NFS_VM_SIZE" \ + --os-disk-size-gb "$NFS_DISK_SIZE" \ + --admin-username "$ADMIN_USER" \ + --ssh-key-value @"$PUBLIC_KEY" \ + --image "UbuntuLTS" \ + --location "$NFS_LOCATION" \ + --subnet-address-prefix "$SUBNET_CIDR" \ + --subnet "$NFS_SUBNET_NAME" \ + --vnet-address-prefix "$SUBNET_CIDR" \ + --vnet-name "$NFS_VNET_NAME" \ + --custom-data "$DATA_FILE" \ + --nsg "$NFS_SECURITY_GROUP" +echo "" + +az network vnet subnet update --resource-group "$NFS_RG" \ + --name "$NFS_SUBNET_NAME" \ + --vnet-name "$NFS_VNET_NAME" \ + --network-security-group "$NFS_SECURITY_GROUP" + diff --git a/deployment/aks/create_onap.sh b/deployment/aks/create_onap.sh new file mode 100755 index 000000000..4abddd64f --- /dev/null +++ b/deployment/aks/create_onap.sh @@ -0,0 +1,110 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -x + +BUILD_NAME=$1 +KUBECONFIG=$2 +NFS_SERVER_IP=$3 +OOM_BRANCH=$4 +BUILD_DIR=$5 +CHART_VERSION=$6 +OOM_OVERRIDES=$7 + +pushd . + +cd $BUILD_DIR + +export KUBECONFIG="$KUBECONFIG" +kubectl get nodes + +COUNTER=0 +until [ $COUNTER -ge 10 ]; do + +echo "overriding default storage class for AKS" +kubectl delete sc default +sleep 1 +cat </dev/null 2>&1 && pwd )" + +set -x + +if [ ! -d $BUILD_DIR ]; then + mkdir -p $BUILD_DIR +fi + +# TODO +# Get these from values.yaml +export AAI_DNS_NAME=aai.onap +export AAI_PORT=8443 +export AAI_USER=AAI +export AAI_PASS=AAI +export AAI_PROTOCOL=https +export VID_DNS_NAME=vid.onap +export VID_PORT=8443 +export VID_PROTOCOL=https +export SDC_DNS_NAME=sdc-fe.onap +export SDC_PORT=9443 +export SDC_PROTOCOL=https + +DATA_FILE=$BUILD_DIR"/get_tenant_id.json" + +cat > $DATA_FILE < $DATA_FILE < $DATA_FILE < $DATA_FILE < $DATA_FILE < $DATA_FILE < $DATA_FILE < $DATA_FILE < $DATA_FILE < $DATA_FILE < $DATA_FILE < $DATA_FILE < $DATA_FILE </dev/null 2>&1 && pwd )" + +BUILD_DIR=$1 +OPENSTACK_CLI_POD=$2 +OPENSTACK_RC=$3 +DOCKER_REPOSITORY=$4 +NFS_IP_ADDR=$5 +K8S_01_VM_IP=$6 +KUBECONFIG=$7 + +. $OPENSTACK_RC + +export KUBECONFIG=$KUBECONFIG + +git clone https://gerrit.onap.org/r/integration "$BUILD_DIR/integration" + +echo "" +echo "Looping until openstack is ready." +echo "This can take a bit of time, and you might see errors initially if openstack is still launching." +echo "" +echo "" +# Need to wait until openstack is up and running +COUNTER=0 +kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack token issue" +until [ $? -eq 0 ] || [ $COUNTER -gt 60 ]; do +COUNTER=$((COUNTER +1)) +sleep 60 +echo "issuing auth token to openstack to verify openstack cli is up and running." +kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack token issue" +done + +if [ $? -ne 0 ]; then + echo "Unable to communicate with openstack to create the integration-override.yaml file" + exit 1 +fi + +OS_PUBLIC_NETWORK_ID=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack network show public -c id -f value"` +OS_OAM_NETWORK_ID=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack network show private -c id -f value"` +OS_OAM_NETWORK_SUBNET_ID=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack subnet show private-subnet -c id -f value"` +OS_SEC_GROUP=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack security group list --project $OS_PROJECT_NAME -c ID -f value"` +OS_OAM_NETWORK_CIDR=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack subnet show public-subnet -c cidr -f value"` +OS_OAM_NETWORK_PREFIX=`echo $OS_OAM_NETWORK_CIDR | cut -d '.' -f1-2` + +echo "export OS_PUBLIC_NETWORK_ID=$OS_PUBLIC_NETWORK_ID" > "$BUILD_DIR/openstack_params.conf" +echo "export DOCKER_REPOSITORY=$DOCKER_REPOSITORY" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_OAM_NETWORK_ID=$OS_OAM_NETWORK_ID" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_OAM_NETWORK_SUBNET_ID=$OS_OAM_NETWORK_SUBNET_ID" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_OAM_NETWORK_PREFIX=$OS_OAM_NETWORK_PREFIX" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_SEC_GROUP=$OS_SEC_GROUP" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_UBUNTU_14_IMAGE=trusty-server-cloudimg-amd64-disk1" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_UBUNTU_16_IMAGE=xenial-server-cloudimg-amd64-disk1" >> "$BUILD_DIR/openstack_params.conf" +echo "export OS_OAM_NETWORK_CIDR=$OS_OAM_NETWORK_CIDR" >> "$BUILD_DIR/openstack_params.conf" +echo "export NFS_IP_ADDR=$NFS_IP_ADDR" >> "$BUILD_DIR/openstack_params.conf" +echo "export K8S_01_VM_IP=$K8S_01_VM_IP" >> "$BUILD_DIR/openstack_params.conf" + +OS_PROJECT_ID=`kubectl exec $OPENSTACK_CLI_POD -- sh -lc "openstack project show $OS_PROJECT_NAME -c id -f value"` + +echo "export OS_PROJECT_ID=$OS_PROJECT_ID" >> "$OPENSTACK_RC" + +$DIR/create_robot_config.sh "$OPENSTACK_RC" "$BUILD_DIR/openstack_params.conf" "$BUILD_DIR" "$DIR/integration_override.template" diff --git a/deployment/aks/util/create_openstack_cli.sh b/deployment/aks/util/create_openstack_cli.sh new file mode 100755 index 000000000..01ae88673 --- /dev/null +++ b/deployment/aks/util/create_openstack_cli.sh @@ -0,0 +1,61 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set +e + +KUBECONFIG=$1 +OPENSTACK_RC=$2 +CLI_NAME=$3 + +export KUBECONFIG=$KUBECONFIG + +kubectl create configmap openstack-rc-$CLI_NAME --from-file=$OPENSTACK_RC + +cat <> /root/.profile; while true; do sleep 60; done;' + restartPolicy: Never + volumes: + - name: openstack-rc-$CLI_NAME + configMap: + name: openstack-rc-$CLI_NAME + defaultMode: 0755 +EOF + +# TODO +# Add better check for pod readiness +sleep 120 diff --git a/deployment/aks/util/create_robot_config.sh b/deployment/aks/util/create_robot_config.sh new file mode 100755 index 000000000..dea67b858 --- /dev/null +++ b/deployment/aks/util/create_robot_config.sh @@ -0,0 +1,80 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +OPENSTACK_RC=$1 +OPENSTACK_PARAM=$2 +BUILD_DIR=$3 +INTEGRATION_TEMPLATE=$4 + +if [ "$OPENSTACK_RC" == "" ] + then + echo "No OPENSTACK_RC file" + echo "Usage: create-robot-config.sh " + exit +fi +if [ "$OPENSTACK_PARAM" == "" ] + then + echo "No OPENSTACK_PARAM" + echo "Usage: create-robot-config.sh " + exit +fi + +source $OPENSTACK_RC +source $OPENSTACK_PARAM + +env + +SO_ENCRYPTION_KEY=aa3871669d893c7fb8abbcda31b88b4f +export OS_PASSWORD_ENCRYPTED_FOR_ROBOT=$(echo -n "$OS_PASSWORD" | openssl aes-128-ecb -e -K "$SO_ENCRYPTION_KEY" -nosalt | xxd -c 256 -p) + +#Use new encryption method +pushd . + +cd $BUILD_DIR/integration/deployment/heat/onap-rke/scripts +javac Crypto.java +SO_ENCRYPTION_KEY=aa3871669d893c7fb8abbcda31b88b4f +export OS_PASSWORD_ENCRYPTED=$(java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY") + +cp $INTEGRATION_TEMPLATE ./integration-override.yaml +template="integration-override.yaml" +sed -ir -e "s/\${OS_PASSWORD_ENCRYPTED_FOR_ROBOT}/$OS_PASSWORD_ENCRYPTED_FOR_ROBOT/" $template +sed -ir -e "s/\${OS_PASSWORD_ENCRYPTED}/$OS_PASSWORD_ENCRYPTED/" $template + +sed -ir -e "s/\${OS_PROJECT_ID}/$OS_PROJECT_ID/" $template +sed -ir -e "s/\${OS_USERNAME}/$OS_USERNAME/" $template +sed -ir -e "s/\${OS_USER_DOMAIN_NAME}/$OS_USER_DOMAIN_NAME/" $template +sed -ir -e "s/\${OS_PROJECT_NAME}/$OS_PROJECT_NAME/" $template +sed -ir -e "s/\${OS_USERNAME}/$OS_USERNAME/" $template +sed -ir -e "s~\${OS_AUTH_URL}~$OS_AUTH_URL~" $template + + +sed -ir -e "s/__docker_proxy__/$DOCKER_REPOSITORY/" $template +sed -ir -e "s/__public_net_id__/$OS_PUBLIC_NETWORK_ID/" $template +sed -ir -e "s~__oam_network_cidr__~$OS_OAM_NETWORK_CIDR~" $template +sed -ir -e "s/__oam_network_prefix__/$OS_OAM_NETWORK_PREFIX/" $template +sed -ir -e "s/__oam_network_id__/$OS_OAM_NETWORK_ID/" $template +sed -ir -e "s/__oam_subnet_id__/$OS_OAM_NETWORK_SUBNET_ID/" $template +sed -ir -e "s/__sec_group__/$OS_SEC_GROUP/" $template + +sed -ir -e "s/\${OS_UBUNTU_14_IMAGE}/$OS_UBUNTU_14_IMAGE/" $template +sed -ir -e "s/\${OS_UBUNTU_16_IMAGE}/$OS_UBUNTU_16_IMAGE/" $template + +sed -ir -e "s/__nfs_ip_addr__/$NFS_IP_ADDR/" $template +sed -ir -e "s/__k8s_01_vm_ip__/$K8S_01_VM_IP/" $template + +cat $template +cp $template $BUILD_DIR/$template + +popd diff --git a/deployment/aks/util/integration_override.template b/deployment/aks/util/integration_override.template new file mode 100644 index 000000000..5f24824a3 --- /dev/null +++ b/deployment/aks/util/integration_override.template @@ -0,0 +1,39 @@ +global: + repository: __docker_proxy__ + pullPolicy: IfNotPresent +robot: + enabled: true + flavor: large + appcUsername: "appc@appc.onap.org" + appcPassword: "demo123456!" + openStackKeyStoneUrl: "${OS_AUTH_URL}" + openStackKeystoneAPIVersion: "v3" + openStackPublicNetId: "__public_net_id__" + openStackTenantId: "${OS_PROJECT_ID}" + openStackUserName: "${OS_USERNAME}" + openStackUserDomain: "${OS_USER_DOMAIN_NAME}" + openStackProjectName: "${OS_PROJECT_NAME}" + ubuntu14Image: "${OS_UBUNTU_14_IMAGE}" + ubuntu16Image: "${OS_UBUNTU_16_IMAGE}" + openStackPrivateNetCidr: "__oam_network_cidr__" + openStackPrivateNetId: "__oam_network_id__" + openStackPrivateSubnetId: "__oam_subnet_id__" + openStackSecurityGroup: "__sec_group__" + openStackOamNetworkCidrPrefix: "__oam_network_prefix__" + dcaeCollectorIp: "__k8s_01_vm_ip__" + vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh" + demoArtifactsVersion: "1.4.0" + demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" + scriptVersion: "1.4.0" + nfsIpAddress: "__nfs_ip_addr__" + config: + openStackEncryptedPasswordHere: "${OS_PASSWORD_ENCRYPTED_FOR_ROBOT}" + openStackSoEncryptedPassword: "${OS_PASSWORD_ENCRYPTED}" +so: + enabled: true + so-catalog-db-adapter: + config: + openStackUserName: "${OS_USERNAME}" + openStackKeyStoneUrl: "${OS_AUTH_URL}/v3" + openStackEncryptedPasswordHere: "${OS_PASSWORD_ENCRYPTED}" + openStackTenantId: "${OS_PROJECT_ID}" -- cgit 1.2.3-korg