diff options
-rw-r--r-- | .gitignore | 1 | ||||
-rw-r--r-- | docs/bare_metal_provisioning.rst | 148 | ||||
-rw-r--r-- | docs/img/installer_workflow.png | bin | 0 -> 64943 bytes | |||
-rw-r--r-- | docs/index.rst | 5 | ||||
-rw-r--r-- | vagrant/Vagrantfile | 2 | ||||
-rwxr-xr-x | vagrant/aio.sh | 58 | ||||
-rwxr-xr-x | vagrant/installer.sh | 16 | ||||
-rw-r--r-- | vagrant/inventory/group_vars/k8s-cluster.yml | 2 |
8 files changed, 225 insertions, 7 deletions
@@ -6,6 +6,7 @@ .*.swp *.log coverage.html +docs/build # Directories pkg diff --git a/docs/bare_metal_provisioning.rst b/docs/bare_metal_provisioning.rst new file mode 100644 index 00000000..7555611c --- /dev/null +++ b/docs/bare_metal_provisioning.rst @@ -0,0 +1,148 @@ +.. Copyright 2018 Intel Corporation. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +*********************** +Bare-Metal Provisioning +*********************** + +The Kubernetes Reference Deployment, aka KRD, has been designed to be consumed +by Virtual Machines as well as Bare-Metal servers. The *vagrant/aio.sh* +script contains the bash instructions for provisioning an All-in-One Kubernetes +deployment in a Bare-Metal server. This document lists the Hardware & Software +requirements and walkthrough the instructions that *vagrant/aio.sh* contains. + +Hardware Requirements +##################### + ++-----------+--------+ +| Concept | Amount | ++===========+========+ +| CPUs | 8 | ++-----------+--------+ +| Memory | 32GB | ++-----------+--------+ +| Hard Disk | 150GB | ++-----------+--------+ + +Software Requirements +##################### + +- Ubuntu Server 16.04 LTS + +vagrant/aio.sh +############## + +This bash script provides an automated process for deploying an All-in-One +Kubernetes cluster. Given that the ansible inventory file created by this +script doesn't specify any information about user and password, it's necessary +to execute this script as root user. + +The following two instructions start the provisioning process. + +.. code-block:: bash + + $ sudo su + # wget -O - https://git.onap.org/multicloud/k8s/plain/vagrant/aio.sh | bash + +In overall, this script can be summarized in three general phases: + +1. Cloning and configuring the KRD project. +2. Enabiling Nested-Virtualization. +3. Deploying KRD services. + +**Cloning and configuring the KRD project** + +KRD requires multiple files(bash scripts and ansible playbooks) to operate. +Therefore, it's necessary to clone the *ONAP multicloud/k8s* project to get +access to the *vagrant* folder. + +.. code-block:: bash + + git clone https://git.onap.org/multicloud/k8s/ + +Ansible works agains multiple systems, the way for selecting them is through the +usage of the inventory. The inventory file is a static source for determining the +target servers used for the execution of ansible tasks. The *aio.sh* script creates +an inventory file for addressing those tasks to localhost. + +.. code-block:: bash + + cat <<EOL > inventory/hosts.ini + [all] + localhost + + [kube-master] + localhost + + [kube-node] + localhost + + [etcd] + localhost + + [ovn-central] + localhost + + [ovn-controller] + localhost + + [virtlet] + localhost + + [k8s-cluster:children] + kube-node + kube-master + EOL + +KRD consumes kubespray_ for provisioning a Kubernetes base deployment. As part +of the deployment process, this tool downloads and configures *kubectl* binary. +This action conflicts with *andrewrothstein.kubectl* ansible role. Therefore is +necessary to remove those instructions from all the ansible playbooks. + +.. _kubespray: https://github.com/kubernetes-incubator/kubespray + +.. code-block:: bash + + # sed -i '/andrewrothstein.kubectl/d' playbooks/configure-*.ymlb + +Ansible uses SSH protocol for executing remote instructions. The following +instructions create and register ssh keys which avoid the usage of passwords. + +.. code-block:: bash + + # echo -e "\n\n\n" | ssh-keygen -t rsa -N "" + # cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys + # chmod og-wx ~/.ssh/authorized_keys + +**Enabling Nested-Virtualization** + +KRD installs Virtlet_ Kubernetes CRI for running Virtual Machine workloads. +Nested-virtualization gives the ability of running a Virtual Machine within +another. The *node.sh* bash script contains the instructions for enabling +Nested-Virtualization. + +.. _Virtlet : https://github.com/Mirantis/virtlet + +.. code-block:: bash + + # ./node.sh + +**Deploying KRD services** + +Finally, the KRD provisioning process can be started through the use of +*installer.sh* bash script. The output of this script is collected in the +*krd_installer.log* file for future reference. + +.. code-block:: bash + + # ./installer.sh | tee krd_installer.log + +.. image:: ./img/installer_workflow.png diff --git a/docs/img/installer_workflow.png b/docs/img/installer_workflow.png Binary files differnew file mode 100644 index 00000000..95d1bdb5 --- /dev/null +++ b/docs/img/installer_workflow.png diff --git a/docs/index.rst b/docs/index.rst index 127f0b0e..173076b4 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -18,5 +18,6 @@ Table of contents .. toctree:: :maxdepth: 3 - Project Architecture <krd_architecture> - Sample Commands <sampleCommands> + KRD Project Architecture <krd_architecture> + Bare Metal All-in-One KRD deployment<bare_metal_provisioning> + Kubernetes MultiCloud API sample ommands <sampleCommands> diff --git a/vagrant/Vagrantfile b/vagrant/Vagrantfile index c4d35368..8cfa4e04 100644 --- a/vagrant/Vagrantfile +++ b/vagrant/Vagrantfile @@ -116,7 +116,7 @@ Vagrant.configure("2") do |config| installer.vm.network :private_network, :ip => "10.10.10.2", :type => :static installer.vm.synced_folder '../', '/root/go/src/k8-plugin-multicloud/', type: sync_type installer.vm.provision 'shell' do |sh| - sh.env = {'KRD_ENABLE_TESTS': 'false'} + sh.env = {'KRD_PLUGIN_ENABLED': 'true'} sh.path = "main.sh" end end diff --git a/vagrant/aio.sh b/vagrant/aio.sh new file mode 100755 index 00000000..413e4672 --- /dev/null +++ b/vagrant/aio.sh @@ -0,0 +1,58 @@ +#!/bin/bash +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +set -o errexit +set -o nounset +set -o pipefail + +if [[ $(whoami) != 'root' ]];then + echo "This bash script must be executed as root user" + exit 1 +fi + +echo "Cloning and configuring KRD project..." +git clone https://git.onap.org/multicloud/k8s/ +cd k8s/vagrant/ +cat <<EOL > inventory/hosts.ini +[all] +localhost + +[kube-master] +localhost + +[kube-node] +localhost + +[etcd] +localhost + +[ovn-central] +localhost + +[ovn-controller] +localhost + +[virtlet] +localhost + +[k8s-cluster:children] +kube-node +kube-master +EOL +sed -i '/andrewrothstein.kubectl/d' playbooks/configure-*.yml +echo -e "\n\n\n" | ssh-keygen -t rsa -N "" +cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys +chmod og-wx ~/.ssh/authorized_keys + +echo "Enabling nested-virtualization" +./node.sh + +echo "Deploying KRD project" +./installer.sh | tee krd_installer.log diff --git a/vagrant/installer.sh b/vagrant/installer.sh index b621afaa..860f63d6 100755 --- a/vagrant/installer.sh +++ b/vagrant/installer.sh @@ -158,7 +158,7 @@ function install_plugin { pushd $GOPATH/src/k8-plugin-multicloud/deployments ./build.sh - if [[ "${testing_enabled}" = "true" ]]; then + if [[ "${testing_enabled}" == "true" ]]; then docker-compose up -d pushd $krd_tests for functional_test in plugin plugin_edgex; do @@ -187,6 +187,16 @@ function _print_kubernetes_info { echo "Admin password: secret" >> $k8s_info_file } +if ! sudo -n "true"; then + echo "" + echo "passwordless sudo is needed for '$(id -nu)' user." + echo "Please fix your /etc/sudoers file. You likely want an" + echo "entry like the following one..." + echo "" + echo "$(id -nu) ALL=(ALL) NOPASSWD: ALL" + exit 1 +fi + if [[ -n "${KRD_DEBUG}" ]]; then set -o xtrace verbose="-vvv" @@ -200,7 +210,7 @@ krd_inventory=$krd_inventory_folder/hosts.ini krd_playbooks=$krd_folder/playbooks krd_tests=$krd_folder/tests k8s_info_file=$krd_folder/k8s_info.log -testing_enabled=${KRD_ENABLE_TESTS:-true} +testing_enabled=${KRD_ENABLE_TESTS:-false} mkdir -p $log_folder mkdir -p /opt/csar @@ -216,7 +226,7 @@ fi apt-get update install_k8s install_addons -if [[ "${KRD_PLUGIN_ENABLED:-true}" ]]; then +if [[ "${KRD_PLUGIN_ENABLED:-false}" ]]; then install_plugin fi _print_kubernetes_info diff --git a/vagrant/inventory/group_vars/k8s-cluster.yml b/vagrant/inventory/group_vars/k8s-cluster.yml index f038d4f2..8263c063 100644 --- a/vagrant/inventory/group_vars/k8s-cluster.yml +++ b/vagrant/inventory/group_vars/k8s-cluster.yml @@ -66,4 +66,4 @@ helm_enabled: true # NOTE: Ipvs is based on netfilter hook function, but uses hash table as the underlying data structure and # works in the kernel space # https://kubernetes.io/docs/concepts/services-networking/service/#proxy-mode-ipvs -kube_proxy_mode: ipvs +#kube_proxy_mode: ipvs |