Document All-in-One Bare-Metal provisioning

This document describe the proces to do an All-in-One deployment in
a Bare-Metal deployment, listing the Hardware and Software minimal
requirements, it also uses the aio.sh bash script for reducing the
number of manual steps.

Vagrantfile and installer.sh has been modified to disable functional
tests by default and includes the passwordless sudo verification.

Change-Id: Iec7b0bb37d2a46342e6b7e60bed37dbdf2019a10
Signed-off-by: Victor Morales <victor.morales@intel.com>
Issue-ID: MULTICLOUD-408

7 files changed, 224 insertions, 6 deletions

diff --git a/.gitignore b/.gitignore
index b32f4c13..1e570c18 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,6 +6,7 @@
 .*.swp
 *.log
 coverage.html
+docs/build
 
 # Directories
 pkg
diff --git a/docs/bare_metal_provisioning.rst b/docs/bare_metal_provisioning.rst
new file mode 100644
index 00000000..7555611c
--- /dev/null
+++ b/docs/bare_metal_provisioning.rst
@@ -0,0 +1,148 @@
+.. Copyright 2018 Intel Corporation.
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+        http://www.apache.org/licenses/LICENSE-2.0
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+***********************
+Bare-Metal Provisioning
+***********************
+
+The Kubernetes Reference Deployment, aka KRD, has been designed to be consumed
+by Virtual Machines as well as Bare-Metal servers. The *vagrant/aio.sh*
+script contains the bash instructions for provisioning an All-in-One Kubernetes
+deployment in a Bare-Metal server. This document lists the Hardware & Software
+requirements and walkthrough the instructions that *vagrant/aio.sh* contains.
+
+Hardware Requirements
+#####################
+
++-----------+--------+
+| Concept   | Amount |
++===========+========+
+| CPUs      | 8      |
++-----------+--------+
+| Memory    | 32GB   |
++-----------+--------+
+| Hard Disk | 150GB  |
++-----------+--------+
+
+Software Requirements
+#####################
+
+- Ubuntu Server 16.04 LTS
+
+vagrant/aio.sh
+##############
+
+This bash script provides an automated process for deploying an All-in-One
+Kubernetes cluster. Given that the ansible inventory file created by this
+script doesn't specify any information about user and password, it's necessary
+to execute this script as root user.
+
+The following two instructions start the provisioning process.
+
+.. code-block:: bash
+
+    $ sudo su
+    # wget -O - https://git.onap.org/multicloud/k8s/plain/vagrant/aio.sh | bash
+
+In overall, this script can be summarized in three general phases:
+
+1. Cloning and configuring the KRD project.
+2. Enabiling Nested-Virtualization.
+3. Deploying KRD services.
+
+**Cloning and configuring the KRD project**
+
+KRD requires multiple files(bash scripts and ansible playbooks) to operate.
+Therefore, it's necessary to clone the *ONAP multicloud/k8s* project to get
+access to the *vagrant* folder.
+
+.. code-block:: bash
+
+    git clone https://git.onap.org/multicloud/k8s/
+
+Ansible works agains multiple systems, the way for selecting them is through the
+usage of the inventory. The inventory file is a static source for determining the
+target servers used for the execution of ansible tasks. The *aio.sh* script creates
+an inventory file for addressing those tasks to localhost.
+
+.. code-block:: bash
+
+    cat <<EOL > inventory/hosts.ini
+    [all]
+    localhost
+
+    [kube-master]
+    localhost
+
+    [kube-node]
+    localhost
+
+    [etcd]
+    localhost
+
+    [ovn-central]
+    localhost
+
+    [ovn-controller]
+    localhost
+
+    [virtlet]
+    localhost
+
+    [k8s-cluster:children]
+    kube-node
+    kube-master
+    EOL
+
+KRD consumes kubespray_ for provisioning a Kubernetes base deployment. As part
+of the deployment process, this tool downloads and configures *kubectl* binary.
+This action conflicts with *andrewrothstein.kubectl* ansible role. Therefore is
+necessary to remove those instructions from all the ansible playbooks.
+
+.. _kubespray: https://github.com/kubernetes-incubator/kubespray
+
+.. code-block:: bash
+
+    # sed -i '/andrewrothstein.kubectl/d' playbooks/configure-*.ymlb
+
+Ansible uses SSH protocol for executing remote instructions. The following
+instructions create and register ssh keys which avoid the usage of passwords.
+
+.. code-block:: bash
+
+    # echo -e "\n\n\n" | ssh-keygen -t rsa -N ""
+    # cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
+    # chmod og-wx ~/.ssh/authorized_keys
+
+**Enabling Nested-Virtualization**
+
+KRD installs Virtlet_ Kubernetes CRI for running Virtual Machine workloads.
+Nested-virtualization gives the ability of running a Virtual Machine within
+another. The *node.sh* bash script contains the instructions for enabling
+Nested-Virtualization.
+
+.. _Virtlet : https://github.com/Mirantis/virtlet
+
+.. code-block:: bash
+
+    # ./node.sh
+
+**Deploying KRD services**
+
+Finally, the KRD provisioning process can be started through the use of
+*installer.sh* bash script. The output of this script is collected in the
+*krd_installer.log* file for future reference.
+
+.. code-block:: bash
+
+    # ./installer.sh | tee krd_installer.log
+
+.. image:: ./img/installer_workflow.png
diff --git a/docs/img/installer_workflow.png b/docs/img/installer_workflow.png
new file mode 100644
index 00000000..95d1bdb5
--- /dev/null
+++ b/docs/img/installer_workflow.png
diff --git a/docs/index.rst b/docs/index.rst
index 127f0b0e..173076b4 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -18,5 +18,6 @@ Table of contents
 .. toctree::
    :maxdepth: 3
 
-   Project Architecture <krd_architecture>
-   Sample Commands <sampleCommands>
+   KRD Project Architecture <krd_architecture>
+   Bare Metal All-in-One KRD deployment<bare_metal_provisioning>
+   Kubernetes MultiCloud API sample ommands <sampleCommands>
diff --git a/vagrant/Vagrantfile b/vagrant/Vagrantfile
index c4d35368..8cfa4e04 100644
--- a/vagrant/Vagrantfile
+++ b/vagrant/Vagrantfile
@@ -116,7 +116,7 @@ Vagrant.configure("2") do |config|
     installer.vm.network :private_network, :ip => "10.10.10.2", :type => :static
     installer.vm.synced_folder '../', '/root/go/src/k8-plugin-multicloud/', type: sync_type
     installer.vm.provision 'shell' do |sh|
-      sh.env = {'KRD_ENABLE_TESTS': 'false'}
+      sh.env = {'KRD_PLUGIN_ENABLED': 'true'}
       sh.path = "main.sh"
     end
   end
diff --git a/vagrant/aio.sh b/vagrant/aio.sh
new file mode 100755
index 00000000..413e4672
--- /dev/null
+++ b/vagrant/aio.sh
@@ -0,0 +1,58 @@
+#!/bin/bash
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+if [[ $(whoami) != 'root' ]];then
+    echo "This bash script must be executed as root user"
+    exit 1
+fi
+
+echo "Cloning and configuring KRD project..."
+git clone https://git.onap.org/multicloud/k8s/
+cd k8s/vagrant/
+cat <<EOL > inventory/hosts.ini
+[all]
+localhost
+
+[kube-master]
+localhost
+
+[kube-node]
+localhost
+
+[etcd]
+localhost
+
+[ovn-central]
+localhost
+
+[ovn-controller]
+localhost
+
+[virtlet]
+localhost
+
+[k8s-cluster:children]
+kube-node
+kube-master
+EOL
+sed -i '/andrewrothstein.kubectl/d' playbooks/configure-*.yml
+echo -e "\n\n\n" | ssh-keygen -t rsa -N ""
+cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
+chmod og-wx ~/.ssh/authorized_keys
+
+echo "Enabling nested-virtualization"
+./node.sh
+
+echo "Deploying KRD project"
+./installer.sh | tee krd_installer.log
diff --git a/vagrant/installer.sh b/vagrant/installer.sh
index b621afaa..860f63d6 100755
--- a/vagrant/installer.sh
+++ b/vagrant/installer.sh
@@ -158,7 +158,7 @@ function install_plugin {
     pushd $GOPATH/src/k8-plugin-multicloud/deployments
     ./build.sh
 
-    if [[ "${testing_enabled}" = "true" ]]; then
+    if [[ "${testing_enabled}" == "true" ]]; then
         docker-compose up -d
         pushd $krd_tests
         for functional_test in plugin plugin_edgex; do
@@ -187,6 +187,16 @@ function _print_kubernetes_info {
     echo "Admin password: secret" >> $k8s_info_file
 }
 
+if ! sudo -n "true"; then
+    echo ""
+    echo "passwordless sudo is needed for '$(id -nu)' user."
+    echo "Please fix your /etc/sudoers file. You likely want an"
+    echo "entry like the following one..."
+    echo ""
+    echo "$(id -nu) ALL=(ALL) NOPASSWD: ALL"
+    exit 1
+fi
+
 if [[ -n "${KRD_DEBUG}" ]]; then
     set -o xtrace
     verbose="-vvv"
@@ -200,7 +210,7 @@ krd_inventory=$krd_inventory_folder/hosts.ini
 krd_playbooks=$krd_folder/playbooks
 krd_tests=$krd_folder/tests
 k8s_info_file=$krd_folder/k8s_info.log
-testing_enabled=${KRD_ENABLE_TESTS:-true}
+testing_enabled=${KRD_ENABLE_TESTS:-false}
 
 mkdir -p $log_folder
 mkdir -p /opt/csar
@@ -216,7 +226,7 @@ fi
 apt-get update
 install_k8s
 install_addons
-if [[ "${KRD_PLUGIN_ENABLED:-true}" ]]; then
+if [[ "${KRD_PLUGIN_ENABLED:-false}" ]]; then
     install_plugin
 fi
 _print_kubernetes_info