blob: 39da50e74b8cd50072faeaf313fc3789f88ef340 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
|
#!/bin/bash
#SPDX-license-identifier: Apache-2.0
##############################################################################
# Copyright (c) 2018
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
set -o errexit
set -o nounset
set -o pipefail
INSTALLER_DIR="$(readlink -f "$(dirname "${BASH_SOURCE[0]}")")"
source ${INSTALLER_DIR}/../../tests/_functions.sh
# _install_go() - Install GoLang package
function _install_go {
version=$(grep "go_version" ${kud_playbooks}/kud-vars.yml | awk -F "'" '{print $2}')
local tarball=go$version.linux-amd64.tar.gz
#gcc is required for go apps compilation
if ! which gcc; then
sudo apt-get install -y gcc
fi
if $(go version &>/dev/null); then
return
fi
wget https://dl.google.com/go/$tarball
sudo tar -C /usr/local -xzf $tarball
rm $tarball
export PATH=$PATH:/usr/local/go/bin
sudo sed -i "s|^PATH=.*|PATH=\"$PATH\"|" /etc/environment
#allow golang to work with sudo
sudo sed -i 's|secure_path="\([^"]\+\)"|secure_path="\1:/usr/local/go/bin"|' /etc/sudoers
}
# _install_pip() - Install Python Package Manager
function _install_pip {
if $(pip --version &>/dev/null); then
sudo -E pip install --no-cache-dir --upgrade pip
else
sudo apt-get install -y python-dev
curl -sL https://bootstrap.pypa.io/pip/2.7/get-pip.py | sudo python
fi
}
# _install_ansible() - Install and Configure Ansible program
function _install_ansible {
if $(ansible --version &>/dev/null); then
sudo pip uninstall -y ansible
fi
_install_pip
local version=$(grep "ansible_version" ${kud_playbooks}/kud-vars.yml | awk -F ': ' '{print $2}')
sudo mkdir -p /etc/ansible/
sudo -E pip install --no-cache-dir ansible==$version
}
# _install_docker() - Download and install docker-engine
function _install_docker {
local max_concurrent_downloads=${1:-3}
if $(docker version &>/dev/null); then
return
fi
sudo apt-get install -y apt-transport-https ca-certificates curl
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt-get update
sudo apt-get install -y docker-ce
sudo mkdir -p /etc/systemd/system/docker.service.d
if [ ${http_proxy:-} ]; then
echo "[Service]" | sudo tee /etc/systemd/system/docker.service.d/http-proxy.conf
echo "Environment=\"HTTP_PROXY=$http_proxy\"" | sudo tee --append /etc/systemd/system/docker.service.d/http-proxy.conf
fi
if [ ${https_proxy:-} ]; then
echo "[Service]" | sudo tee /etc/systemd/system/docker.service.d/https-proxy.conf
echo "Environment=\"HTTPS_PROXY=$https_proxy\"" | sudo tee --append /etc/systemd/system/docker.service.d/https-proxy.conf
fi
if [ ${no_proxy:-} ]; then
echo "[Service]" | sudo tee /etc/systemd/system/docker.service.d/no-proxy.conf
echo "Environment=\"NO_PROXY=$no_proxy\"" | sudo tee --append /etc/systemd/system/docker.service.d/no-proxy.conf
fi
sudo systemctl daemon-reload
echo "DOCKER_OPTS=\"-H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --max-concurrent-downloads $max_concurrent_downloads \"" | sudo tee --append /etc/default/docker
if [[ -z $(groups | grep docker) ]]; then
sudo usermod -aG docker $USER
fi
sudo systemctl restart docker
sleep 10
}
function _set_environment_file {
# By default ovn central interface is the first active network interface on localhost. If other wanted, need to export this variable in aio.sh or Vagrant file.
OVN_CENTRAL_INTERFACE="${OVN_CENTRAL_INTERFACE:-$(ip addr show | awk '/inet.*brd/{print $NF; exit}')}"
echo "export OVN_CENTRAL_INTERFACE=${OVN_CENTRAL_INTERFACE}" | sudo tee --append /etc/environment
echo "export OVN_CENTRAL_ADDRESS=$(get_ovn_central_address)" | sudo tee --append /etc/environment
echo "export KUBE_CONFIG_DIR=/opt/kubeconfig" | sudo tee --append /etc/environment
echo "export CSAR_DIR=/opt/csar" | sudo tee --append /etc/environment
echo "export ANSIBLE_CONFIG=${ANSIBLE_CONFIG}" | sudo tee --append /etc/environment
}
# install_k8s() - Install Kubernetes using kubespray tool
function install_k8s {
echo "Deploying kubernetes"
local dest_folder=/opt
version=$(grep "kubespray_version" ${kud_playbooks}/kud-vars.yml | awk -F ': ' '{print $2}')
local_release_dir=$(grep "local_release_dir" $kud_inventory_folder/group_vars/k8s-cluster.yml | awk -F "\"" '{print $2}')
local tarball=v$version.tar.gz
sudo apt-get install -y sshpass make unzip # install make to run mitogen target and unzip is mitogen playbook dependency
sudo apt-get install -y gnupg2 software-properties-common
_install_docker
_install_ansible
wget https://github.com/kubernetes-incubator/kubespray/archive/$tarball
sudo tar -C $dest_folder -xzf $tarball
sudo chown -R $USER $dest_folder/kubespray-$version
sudo mkdir -p ${local_release_dir}/containers
rm $tarball
pushd $dest_folder/kubespray-$version/
sudo -E pip install --no-cache-dir -r ./requirements.txt
make mitogen
popd
rm -f $kud_inventory_folder/group_vars/all.yml 2> /dev/null
if [[ -n "${verbose:-}" ]]; then
echo "kube_log_level: 5" | tee $kud_inventory_folder/group_vars/all.yml
else
echo "kube_log_level: 2" | tee $kud_inventory_folder/group_vars/all.yml
fi
echo "kubeadm_enabled: true" | tee --append $kud_inventory_folder/group_vars/all.yml
if [[ -n "${http_proxy:-}" ]]; then
echo "http_proxy: \"$http_proxy\"" | tee --append $kud_inventory_folder/group_vars/all.yml
fi
if [[ -n "${https_proxy:-}" ]]; then
echo "https_proxy: \"$https_proxy\"" | tee --append $kud_inventory_folder/group_vars/all.yml
fi
export ANSIBLE_CONFIG=$dest_folder/kubespray-$version/ansible.cfg
ansible-playbook $verbose -i $kud_inventory \
$kud_playbooks/preconfigure-kubespray.yml --become --become-user=root \
| sudo tee $log_folder/setup-kubernetes.log
if [ "$container_runtime" == "docker" ]; then
/bin/echo -e "\n\e[1;42mDocker will be used as the container runtime interface\e[0m"
ansible-playbook $verbose -i $kud_inventory \
$dest_folder/kubespray-$version/cluster.yml --become \
--become-user=root | sudo tee $log_folder/setup-kubernetes.log
elif [ "$container_runtime" == "containerd" ]; then
/bin/echo -e "\n\e[1;42mContainerd will be used as the container runtime interface\e[0m"
# Because the kud_kata_override_variable has its own quotations in it
# a eval command is needed to properly execute the ansible script
ansible_kubespray_cmd="ansible-playbook $verbose -i $kud_inventory \
$dest_folder/kubespray-$version/cluster.yml \
-e ${kud_kata_override_variables} --become --become-user=root | \
sudo tee $log_folder/setup-kubernetes.log"
eval $ansible_kubespray_cmd
ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" \
$kud_playbooks/configure-kata.yml --become --become-user=root | \
sudo tee $log_folder/setup-kata.log
else
echo "Only Docker or Containerd are supported container runtimes"
exit 1
fi
# Configure environment
mkdir -p $HOME/.kube
cp $kud_inventory_folder/artifacts/admin.conf $HOME/.kube/config
# Copy Kubespray kubectl to be usable in host running Ansible. Requires kubectl_localhost: true in inventory/group_vars/k8s-cluster.yml
sudo cp $kud_inventory_folder/artifacts/kubectl /usr/local/bin/
}
# install_addons() - Install Kubenertes AddOns
function install_addons {
source /etc/environment
echo "Installing Kubernetes AddOns"
_install_ansible
sudo ansible-galaxy install $verbose -r $kud_infra_folder/galaxy-requirements.yml --ignore-errors
ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" $kud_playbooks/configure-kud.yml | sudo tee $log_folder/setup-kud.log
# The order of KUD_ADDONS is important: some plugins (sriov, qat)
# require nfd to be enabled. Some addons are not currently supported with containerd
if [ "${container_runtime}" == "docker" ]; then
kud_addons=${KUD_ADDONS:-virtlet ovn4nfv nfd sriov \
qat optane cmk}
elif [ "${container_runtime}" == "containerd" ]; then
kud_addons=${KUD_ADDONS:-ovn4nfv nfd}
fi
for addon in ${kud_addons}; do
echo "Deploying $addon using configure-$addon.yml playbook.."
ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" \
$kud_playbooks/configure-${addon}.yml | \
sudo tee $log_folder/setup-${addon}.log
done
echo "Run the test cases if testing_enabled is set to true."
if [[ "${testing_enabled}" == "true" ]]; then
failed_kud_tests=""
# Run Kata test first if Kata was installed
if [ "${container_runtime}" == "containerd" ]; then
#Install Kata webhook for test pods
ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" \
-e "kata_webhook_runtimeclass=$kata_webhook_runtimeclass" \
$kud_playbooks/configure-kata-webhook.yml \
--become --become-user=root | \
sudo tee $log_folder/setup-kata-webhook.log
kata_webhook_deployed=true
pushd $kud_tests
bash kata.sh || failed_kud_tests="${failed_kud_tests} kata"
popd
fi
# Run other plugin tests
# The topology-manager is added to the tests here as it is
# enabled via kubelet config, not an addon
for addon in topology-manager ${kud_addons}; do
pushd $kud_tests
bash ${addon}.sh || failed_kud_tests="${failed_kud_tests} ${addon}"
popd
done
# Remove Kata webhook if user didn't want it permanently installed
if ! [ "${enable_kata_webhook}" == "true" ]; then
ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" \
-e "kata_webhook_runtimeclass=$kata_webhook_runtimeclass" \
$kud_playbooks/configure-kata-webhook-reset.yml \
--become --become-user=root | \
sudo tee $log_folder/kata-webhook-reset.log
fi
if [[ ! -z "$failed_kud_tests" ]]; then
echo "Test cases failed:${failed_kud_tests}"
return 1
fi
fi
# Check if Kata webhook should be installed and isn't already installed
if [ "$enable_kata_webhook" == "true" ] && ! [ "$kata_webhook_deployed" == "true" ]; then
ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" \
-e "kata_webhook_runtimeclass=$kata_webhook_runtimeclass" \
$kud_playbooks/configure-kata-webhook.yml \
--become --become-user=root | \
sudo tee $log_folder/setup-kata-webhook.log
fi
echo "Add-ons deployment complete..."
}
# install_plugin() - Install ONAP Multicloud Kubernetes plugin
function install_plugin {
echo "Installing multicloud/k8s plugin"
_install_docker
sudo -E pip install --no-cache-dir docker-compose
sudo mkdir -p /opt/{kubeconfig,consul/config}
sudo cp $HOME/.kube/config /opt/kubeconfig/kud
pushd $kud_folder/../../../deployments
sudo ./build.sh
if [[ "${testing_enabled}" == "true" ]]; then
sudo ./start.sh
pushd $kud_tests
for functional_test in plugin plugin_edgex plugin_fw plugin_eaa; do
bash ${functional_test}.sh
done
popd
fi
popd
}
# _print_kubernetes_info() - Prints the login Kubernetes information
function _print_kubernetes_info {
if ! $(kubectl version &>/dev/null); then
return
fi
# Expose Dashboard using NodePort
node_port=30080
KUBE_EDITOR="sed -i \"s|type\: ClusterIP|type\: NodePort|g\"" kubectl -n kube-system edit service kubernetes-dashboard
KUBE_EDITOR="sed -i \"s|nodePort\: .*|nodePort\: $node_port|g\"" kubectl -n kube-system edit service kubernetes-dashboard
master_ip=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}' | awk -F '[:/]' '{print $4}')
printf "Kubernetes Info\n===============\n" > $k8s_info_file
echo "Dashboard URL: https://$master_ip:$node_port" >> $k8s_info_file
echo "Admin user: kube" >> $k8s_info_file
echo "Admin password: secret" >> $k8s_info_file
}
sudo -k # forgot sudo password
if ! sudo -n "true"; then
echo ""
echo "passwordless sudo is needed for '$(id -nu)' user."
echo "Please fix your /etc/sudoers file. You likely want an"
echo "entry like the following one..."
echo ""
echo "$(id -nu) ALL=(ALL) NOPASSWD: ALL"
exit 1
fi
verbose=""
if [[ -n "${KUD_DEBUG:-}" ]]; then
set -o xtrace
verbose="-vvv"
fi
# Configuration values
log_folder=/var/log/kud
kud_folder=${INSTALLER_DIR}
kud_infra_folder=$kud_folder/../../deployment_infra
export kud_inventory_folder=$kud_folder/inventory
kud_inventory=$kud_inventory_folder/hosts.ini
kud_playbooks=$kud_infra_folder/playbooks
kud_tests=$kud_folder/../../tests
k8s_info_file=$kud_folder/k8s_info.log
testing_enabled=${KUD_ENABLE_TESTS:-false}
container_runtime=${CONTAINER_RUNTIME:-docker}
enable_kata_webhook=${ENABLE_KATA_WEBHOOK:-false}
kata_webhook_runtimeclass=${KATA_WEBHOOK_RUNTIMECLASS:-kata-clh}
kata_webhook_deployed=false
# For containerd the etcd_deployment_type: docker is the default and doesn't work.
# You have to use either etcd_kubeadm_enabled: true or etcd_deployment_type: host
# See https://github.com/kubernetes-sigs/kubespray/issues/5713
kud_kata_override_variables="container_manager=containerd \
-e etcd_deployment_type=host -e kubelet_cgroup_driver=cgroupfs \
-e \"{'download_localhost': false}\" -e \"{'download_run_once': false}\""
sudo mkdir -p $log_folder
sudo mkdir -p /opt/csar
sudo chown -R $USER /opt/csar
# Install dependencies
# Setup proxy variables
if [ -f $kud_folder/sources.list ]; then
sudo mv /etc/apt/sources.list /etc/apt/sources.list.backup
sudo cp $kud_folder/sources.list /etc/apt/sources.list
fi
echo "Removing ppa for jonathonf/python-3.6"
sudo ls /etc/apt/sources.list.d/ || true
sudo find /etc/apt/sources.list.d -maxdepth 1 -name '*jonathonf*' -delete || true
sudo apt-get update
_install_go
install_k8s
_set_environment_file
install_addons
if ${KUD_PLUGIN_ENABLED:-false}; then
install_plugin
fi
_print_kubernetes_info
|