1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
|
#!/bin/bash -x
printenv
mkdir -p /opt/config
echo "__rancher_ip_addr__" > /opt/config/rancher_ip_addr.txt
echo `hostname -I` `hostname` >> /etc/hosts
mkdir -p /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
"insecure-registries" : ["__docker_proxy__"]
}
EOF
cat > /etc/apt/apt.conf.d/30proxy<<EOF
Acquire::http { Proxy "http://__apt_proxy__"; };
Acquire::https::Proxy "DIRECT";
EOF
apt-get -y update
apt-get -y install linux-image-extra-$(uname -r) jq
cd ~
# install docker 1.12
curl -s https://releases.rancher.com/install-docker/1.12.sh | sh
usermod -aG docker ubuntu
# install kubernetes 1.8.6
curl -s -LO https://storage.googleapis.com/kubernetes-release/release/v1.8.6/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
mkdir ~/.kube
# install helm 2.3
wget -q http://storage.googleapis.com/kubernetes-helm/helm-v2.3.0-linux-amd64.tar.gz
tar -zxvf helm-v2.3.0-linux-amd64.tar.gz
sudo mv linux-amd64/helm /usr/local/bin/helm
# Fix virtual memory allocation for onap-log:elasticsearch:
echo "vm.max_map_count=262144" >> /etc/sysctl.conf
sysctl -p
# install rancher agent
echo export RANCHER_IP=__rancher_ip_addr__ > api-keys-rc
source api-keys-rc
sleep 50
until curl -s -o projects.json -H "Accept: application/json" http://$RANCHER_IP:8080/v2-beta/projects; do
sleep 10
done
OLD_PID=$(jq -r '.data[0].id' projects.json)
curl -s -H "Accept: application/json" -H "Content-Type: application/json" -d '{"accountId":"1a1"}' http://$RANCHER_IP:8080/v2-beta/apikeys > apikeys.json
echo export RANCHER_ACCESS_KEY=`jq -r '.publicValue' apikeys.json` >> api-keys-rc
echo export RANCHER_SECRET_KEY=`jq -r '.secretValue' apikeys.json` >> api-keys-rc
source api-keys-rc
curl -s -u "${RANCHER_ACCESS_KEY}:${RANCHER_SECRET_KEY}" -X DELETE -H 'Content-Type: application/json' "http://$RANCHER_IP:8080/v2-beta/projects/$OLD_PID"
until [ ! -z "$TEMPLATE_ID" ] && [ "$TEMPLATE_ID" != "null" ]; do
sleep 5
curl -s -H "Accept: application/json" http://$RANCHER_IP:8080/v2-beta/projectTemplates?name=Kubernetes > projectTemplatesKubernetes.json
TEMPLATE_ID=$(jq -r '.data[0].id' projectTemplatesKubernetes.json)
done
curl -s -u "${RANCHER_ACCESS_KEY}:${RANCHER_SECRET_KEY}" -X POST -H 'Content-Type: application/json' -d '{ "name":"oom", "projectTemplateId":"'$TEMPLATE_ID'" }' "http://$RANCHER_IP:8080/v2-beta/projects" > project.json
PID=`jq -r '.id' project.json`
echo export RANCHER_URL=http://$RANCHER_IP:8080/v1/projects/$PID >> api-keys-rc
source api-keys-rc
until [ $(jq -r '.state' project.json) == "active" ]; do
sleep 5
curl -s -H "Accept: application/json" http://$RANCHER_IP:8080/v1/projects/$PID > project.json
done
TID=$(curl -s -X POST -H "Accept: application/json" -H "Content-Type: application/json" http://$RANCHER_IP:8080/v1/projects/$PID/registrationTokens | jq -r '.id')
touch token.json
while [ $(jq -r .command token.json | wc -c) -lt 10 ]; do
sleep 5
curl -s -X GET -H "Accept: application/json" http://$RANCHER_IP:8080/v1/projects/$PID/registrationToken/$TID > token.json
done
RANCHER_AGENT_CMD=$(jq -r .command token.json)
eval $RANCHER_AGENT_CMD
# download rancher CLI
wget -q https://github.com/rancher/cli/releases/download/v0.6.7/rancher-linux-amd64-v0.6.7.tar.xz
unxz rancher-linux-amd64-v0.6.7.tar.xz
tar xvf rancher-linux-amd64-v0.6.7.tar
# Clone OOM:
cd ~
git clone -b amsterdam http://gerrit.onap.org/r/oom
# Update values.yaml to point to docker-proxy instead of nexus3:
cd ~/oom/kubernetes
perl -p -i -e 's/nexus3.onap.org:10001/__docker_proxy__/g' `find ./ -name values.yaml` oneclick/setenv.bash
KUBETOKEN=$(echo -n 'Basic '$(echo -n "$RANCHER_ACCESS_KEY:$RANCHER_SECRET_KEY" | base64 -w 0) | base64 -w 0)
# create .kube/config
cat > ~/.kube/config <<EOF
apiVersion: v1
kind: Config
clusters:
- cluster:
api-version: v1
insecure-skip-tls-verify: true
server: "https://$RANCHER_IP:8080/r/projects/$PID/kubernetes:6443"
name: "oom"
contexts:
- context:
cluster: "oom"
user: "oom"
name: "oom"
current-context: "oom"
users:
- name: "oom"
user:
token: "$KUBETOKEN"
EOF
export KUBECONFIG=/root/.kube/config
kubectl config view
# Update ~/oom/kubernetes/kube2msb/values.yaml kubeMasterAuthToken to use the token from ~/.kube/config
sed -i "s/kubeMasterAuthToken:.*/kubeMasterAuthToken: $KUBETOKEN/" ~/oom/kubernetes/kube2msb/values.yaml
# Put your onap_key ssh private key in ~/.ssh/onap_key
# Create or edit ~/oom/kubernetes/config/onap-parameters.yaml
cat > ~/oom/kubernetes/config/onap-parameters.yaml <<EOF
# For information regarding those parameters, please visit http://onap.readthedocs.io/en/latest/submodules/dcaegen2.git/docs/sections/installation_heat.html
#################
# COMMON CONFIG #
#################
# NEXUS
NEXUS_HTTP_REPO: https://nexus.onap.org/content/sites/raw
NEXUS_DOCKER_REPO: nexus3.onap.org:10001
NEXUS_USERNAME: docker
NEXUS_PASSWORD: docker
# ONAP config
# Do not change unless you know what you're doing
DMAAP_TOPIC: "AUTO"
DEMO_ARTIFACTS_VERSION: "1.1.1"
# ------------------------------------------------#
# OpenStack Config on which VNFs will be deployed #
# ------------------------------------------------#
# The four below parameters are only used by Robot.
# As Robot is able to perform some automated actions,
# e.g. onboard/distribute/instantiate, it has to be
# configured with four below parameters (in addition
# to the OPENSTACK ones).
# If you don't intend to use Robot for those actions,
# you can put dummy values, but you will have to provide
# those values when deploying VNF anyway.
# --------------------------------------------------
# This is the OAM Network ID used for internal network by VNFs.
# You could create 10.10.10.0/24 (256 IPs should be enough) in your cloud instance.
OPENSTACK_OAM_NETWORK_ID: "__oam_network_id__"
# This is the public Network ID. Public = external network in OpenStack.
# Floating IPs will be created and assigned to VNFs from this network,
# to provide external reachability.
OPENSTACK_PUBLIC_NETWORK_ID: "__public_net_id__"
# VM Flavor to be used by VNF.
OPENSTACK_FLAVOR: "m1.medium"
# VM image to be used by VNF. Here ubuntu 14.04 is provided.
OPENSTACK_IMAGE: "__ubuntu_1604_image__"
OPENSTACK_USERNAME: "__openstack_username__"
OPENSTACK_PASSWORD: "__openstack_api_key__"
OPENSTACK_TENANT_NAME: "__openstack_tenant_name__"
OPENSTACK_TENANT_ID: "__openstack_tenant_id__"
OPENSTACK_REGION: "RegionOne"
# Either v2.0 or v3
OPENSTACK_API_VERSION: "v2.0"
OPENSTACK_KEYSTONE_URL: "__keystone_url__"
# Don't change this if you don't know what it is
OPENSTACK_SERVICE_TENANT_NAME: "service"
########
# DCAE #
########
# Whether or not to deploy DCAE
# If set to false, all the parameters below can be left empty or removed
# If set to false, update ../dcaegen2/values.yaml disableDcae value to true,
# this is to avoid deploying the DCAE deployments and services.
DEPLOY_DCAE: "true"
# DCAE Config
DCAE_DOCKER_VERSION: v1.1.1
DCAE_VM_BASE_NAME: "dcae"
# ------------------------------------------------#
# OpenStack Config on which DCAE will be deployed #
# ------------------------------------------------#
# Whether to have DCAE deployed on the same OpenStack instance on which VNF will be deployed.
# (e.g. re-use the same config as defined above)
# If set to true, discard the next config block, else provide the values.
IS_SAME_OPENSTACK_AS_VNF: "true"
# Fill in the values in below block only if IS_SAME_OPENSTACK_AS_VNF set to "false"
# ---
# Either v2.0 or v3
DCAE_OS_API_VERSION: "v2.0"
DCAE_OS_KEYSTONE_URL: "__keystone_url__"
DCAE_OS_USERNAME: ""
DCAE_OS_PASSWORD: ""
DCAE_OS_TENANT_NAME: ""
DCAE_OS_TENANT_ID: ""
DCAE_OS_REGION: ""
# ---
# We need to provide the config of the public network here, because the DCAE VMs will be
# assigned a floating IP on this network so one can access them, to debug for instance.
# The ID of the public network.
DCAE_OS_PUBLIC_NET_ID: "__public_net_id__"
# The name of the public network.
DCAE_OS_PUBLIC_NET_NAME: "__public_net_name__"
# This is the private network that will be used by DCAE VMs. The network will be created during the DCAE boostrap process,
# and will the subnet created will use this CIDR. (/28 provides 16 IPs, DCAE requires 15.)
DCAE_OS_OAM_NETWORK_CIDR: "10.99.0.0/16"
# This will be the private ip of the DCAE boostrap VM. This VM is responsible for spinning up the whole DCAE stack (14 VMs total)
DCAE_IP_ADDR: "10.99.4.1"
# The flavors' name to be used by DCAE VMs
DCAE_OS_FLAVOR_SMALL: "m1.small"
DCAE_OS_FLAVOR_MEDIUM: "m1.medium"
DCAE_OS_FLAVOR_LARGE: "m1.large"
# The images' name to be used by DCAE VMs
DCAE_OS_UBUNTU_14_IMAGE: "__ubuntu_1404_image__"
DCAE_OS_UBUNTU_16_IMAGE: "__ubuntu_1604_image__"
DCAE_OS_CENTOS_7_IMAGE: "__centos_7_image__"
# This is the keypair that will be created in OpenStack, and that one can use to access DCAE VMs using ssh.
# The private key needs to be in a specific format so at the end of the process, it's formatted properly
# when ending up in the DCAE HEAT stack. The best way is to do the following:
# - copy paste your key
# - surround it with quote
# - add \n at the end of each line
# - escape the result using https://www.freeformatter.com/java-dotnet-escape.html#ad-output
DCAE_OS_KEY_NAME: "onap_key"
DCAE_OS_PUB_KEY: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh"
DCAE_OS_PRIVATE_KEY: \"-----BEGIN RSA PRIVATE KEY-----\\n\r\nMIIEpQIBAAKCAQEAylw4KKN/ljqnFBvP+blG5PNfsnM4MAuGPMsE5rkKmzcZWNaE\\n\r\nNGMXTFKlJ4YrUl7OUv8kbgFTmB8BoNpgrNtKACDaz/psQSOeOADCG/YrT4wrYKrR\\n\r\nNhFqOjJpxRmxweEsd14qBOxeFT7Ie42qbCMMzo260HvjLmtUxkOXeJ3xDkGmoJVy\\n\r\nyzxX7nO1m4WyWyukO6x6mX0XDsADF4A6AapcqinoisJ7pnXaNkcjU/JY2Jrwem7s\\n\r\n+ypzIp86O6gdLpLVU9ORR/UYNAk1h+Z6K5Rual4D9mrpC9IJNaYfIgLe7mC39ZLa\\n\r\nfiySNoGhei9P6pYvRJlQki69bid/EPAgX5YZIQIDAQABAoIBAQClDekkhI9ZqseC\\n\r\nqFjPuKaxsizZMg+faJb6WSHLSxzyk1OSWY6F6FklgLeC8HW/fuLNYZyGOYDEsG20\\n\r\nlMqL02Wdiy7OutS3oOS5iyzIf9a90HfFJi706el6RIpvINETcaXCS0T8tQrcS1Rd\\n\r\nKqTaBRC6HXJGAPbBcvw3pwQSdskatU6a/Kt2a3x6DsqqinQcgEB/SbrDaJCUX9sb\\n\r\nF2HVUwdq7aZK1Lk0ozr1FID9mrhjwWuQ6XC+vjG0FqtyXeMpR5iaQ73hex3FXQ8z\\n\r\nOjkFbMwuHWSh1DSx70r5yFrrBqwQKnMsBqx4QDRf3fIENUnWviaL+n+gwcXA07af\\n\r\n4kaNUFUtAoGBAPuNNRAGhZnyZ9zguns9PM56nmeMUikV5dPN2DTbQb79cpfV+7pC\\n\r\n6PeSH/dTKFLz62d6qAM2EsNXQvewf8fipBVBRPsRqKOv+uepd01dHNy62I5B+zRm\\n\r\nbe9Kbe+EN60qdzvyPM+2hV6CnvGv1dirimS9pu6RrxD2Rmz1ectnJE+rAoGBAM3w\\n\r\nUbSEemyZ6EKjck2RfdipzY0MNBnIZ2cUqHh8mmPXjdTLzpXb9vmPbHb01Qwo8MP+\\n\r\ngMnTbTBOzyNAaHdIrCO9FHW6C85j3ot5Yzcr+EcBVcua+7KHU0Sgn44JNH8DisJ7\\n\r\nY63UP/1Xb4d1/QvHfxYy3WOvvRdVZ7pPo8JNX95jAoGAIe5CIg8/JizUZa7KeKUh\\n\r\n9pgDleQPkQsrHQ6/AyIwFBsLwf9THSS5V+uV9D57SfUs46Bf2U8J6N90YQSlt8iS\\n\r\naWuManFPVgT+yxDIzt6obf2mCEpOIBtQ6N4ZRh2HhQwdWTCrkzkDdGQaHG+jYL6C\\n\r\nxGPwiG2ON7OAfGIAM7eN5lECgYEAhoRLWlaOgRGnHKAWsYQvZ67CjTdDcPPuVu6v\\n\r\nfMQnNMA/7JeTwV+E205L0wfpgZ/cZKmBBlQMJlnUA3q2wfO+PTnse1mjDJU/cGtB\\n\r\n22/lJLxChlQdxGeQhGtGzUhF+hEeOhrO6WSSx7CtMRZoy6Dr6lwfMFZCdVNcBd6v\\n\r\nYOOZk3ECgYEAseUKGb6E80XTVVNziyuiVbQCsI0ZJuRfqMZ2IIDQJU9u6AnGAway\\n\r\nitqHbkGsmDT+4HUz01+1JKnnw42RdSrHdU/LaOonD+RIGqe2x800QXzqASKLdCXr\\n\r\ny7RoiFqJtkdFQykzJemA+xOXvHLgKi/MXFsU90PCD0VJKLj8vwpX78Y=\\n\r\n-----END RSA PRIVATE KEY-----\\n\r\n\"
# This below settings allows one to configure the /etc/resolv.conf nameserver resolution for all the DCAE VMs.
# -
# In the HEAT setup, it's meant to be a DNS list, as the HEAT setup deploys a DNS Server VM in addition to DNS Designate
# and this DNS Server is setup to forward request to the DNS Designate backend when it cannot resolve, hence the
# DNS_FORWARDER config here. The DCAE Boostrap requires both inputs, even though they are now similar, we have to pass
# them.
# -
# ATTENTION: Assumption is made the DNS Designate backend is configure to forward request to a public DNS (e.g. 8.8.8.8)
# -
# Put the IP of the DNS Designate backend (e.g. the OpenStack IP supporting DNS Designate)
DNS_IP: "__dns_forwarder__"
DNS_FORWARDER: "__dns_forwarder__"
# Public DNS - not used but required by the DCAE boostrap container
EXTERNAL_DNS: "__external_dns__"
# DNS domain for the DCAE VMs
DCAE_DOMAIN: "dcaeg2.onap.org"
# Proxy DNS Designate. This means DCAE will run in an instance not support Designate, and Designate will be provided by another instance.
# Set to true if you wish to use it
DNSAAS_PROXY_ENABLE: "__dnsaas_proxy_enable__"
# Provide this only if DNSAAS_PROXY_ENABLE set to true. The IP has to be the IP of one of the K8S hosts.
# e.g. http://10.195.197.164/api/multicloud-titanium_cloud/v0/pod25_RegionOne/identity/v2.0
DCAE_PROXIED_KEYSTONE_URL: "http://__k8s_ip_addr__/__dnsaas_proxied_keystone_url_path__"
# -----------------------------------------------------#
# OpenStack Config on which DNS Designate is supported #
# -----------------------------------------------------#
# If this is the same OpenStack used for the VNF or DCAE, please re-enter the values here.
DNSAAS_API_VERSION: "v3"
DNSAAS_REGION: "RegionOne"
DNSAAS_KEYSTONE_URL: "__dnsaas_keystone_url__"
DNSAAS_TENANT_ID: "__dnsaas_tenant_id__"
DNSAAS_TENANT_NAME: "__dnsaas_tenant_name__"
DNSAAS_USERNAME: "__dnsaas_username__"
DNSAAS_PASSWORD: "__dnsaas_password__"
EOF
cat ~/oom/kubernetes/config/onap-parameters.yaml
# wait for kubernetes to initialze
sleep 100
until [ $(kubectl get pods --namespace kube-system | tail -n +2 | grep -c Running) -ge 6 ]; do
sleep 10
done
# Source the environment file:
cd ~/oom/kubernetes/oneclick/
source setenv.bash
# run the config pod creation
cd ~/oom/kubernetes/config
./createConfig.sh -n onap
# Wait until the config container completes.
sleep 20
until [ $(kubectl get pods --namespace onap -a | tail -n +2 | grep -c Completed) -eq 1 ]; do
sleep 10
done
# version control the config to see what's happening
cd /dockerdata-nfs/
git init
git config user.email "root@k8s"
git config user.name "root"
git add -A
git commit -m "initial commit"
cat /dockerdata-nfs/onap/dcaegen2/heat/onap_dcae.env
# Run ONAP:
cd ~/oom/kubernetes/oneclick/
./createAll.bash -n onap
# Check ONAP status:
sleep 3
kubectl get pods --all-namespaces
|
