aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBorislav Glozman <Borislav.Glozman@amdocs.com>2019-07-14 06:05:57 +0000
committerGerrit Code Review <gerrit@onap.org>2019-07-14 06:05:57 +0000
commitca98e9bde4e6e5eb11cb7370073fb43b8254e8bc (patch)
treede3635ecc485d2bb50385a2c967f14ff92bda62d
parent484428600ecc0a9eb70ced4582a473c5b12042fd (diff)
parentacf8cd8ecb9a69399b2cece93bce54c3cff00052 (diff)
Merge "Update for Keystone v3"
-rw-r--r--docs/example-integration-override-v3.yaml64
-rw-r--r--docs/oom_quickstart_guide.rst48
-rw-r--r--kubernetes/robot/resources/config/eteshare/config/vm_properties.py4
-rw-r--r--kubernetes/robot/values.yaml43
4 files changed, 146 insertions, 13 deletions
diff --git a/docs/example-integration-override-v3.yaml b/docs/example-integration-override-v3.yaml
new file mode 100644
index 0000000000..659389a920
--- /dev/null
+++ b/docs/example-integration-override-v3.yaml
@@ -0,0 +1,64 @@
+global:
+ repository: 10.12.5.2:5000
+ pullPolicy: IfNotPresent
+#################################################################
+# This override file configures openstack parameters for ONAP
+#################################################################
+robot:
+ enabled: true
+ flavor: large
+ appcUsername: "appc@appc.onap.org"
+ appcPassword: "demo123456!"
+ # KEYSTONE Version 3 Required for Rocky and beyond
+ openStackKeystoneAPIVersion: "v3"
+ # OS_AUTH_URL without the /v3 from the openstack .RC file
+ openStackKeyStoneUrl: "http://10.12.25.2:5000"
+ # OS_PROJECT_ID from the openstack .RC file
+ openStackTenantId: "09d8566ea45e43aa974cf447ed591d77"
+ # OS_USERNAME from the openstack .RC file
+ openStackUserName: "OS_USERNAME_HERE"
+ # OS_PROJECT_DOMAIN_ID from the openstack .RC file
+ # in some environments it is a string but in other environmens it may be a numeric
+ openStackDomainId: "default"
+ # OS_USER_DOMAIN_NAME from the openstack .RC file
+ openStackUserDomain: "Default"
+ openStackProjectName: "OPENSTACK_PROJECT_NAME_HERE"
+ ubuntu14Image: "ubuntu-14-04-cloud-amd64"
+ ubuntu16Image: "ubuntu-16-04-cloud-amd64"
+ openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4"
+ openStackPrivateNetId: "83c84b68-80be-4990-8d7f-0220e3c6e5c8"
+ openStackPrivateSubnetId: "e571c1d1-8ac0-4744-9b40-c3218d0a53a0"
+ openStackPrivateNetCidr: "10.0.0.0/16"
+ openStackOamNetworkCidrPrefix: "10.0"
+ openStackSecurityGroup: "bbe028dc-b64f-4f11-a10f-5c6d8d26dc89"
+ dcaeCollectorIp: "10.12.6.109"
+ vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh"
+ demoArtifactsVersion: "1.4.0"
+ demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases"
+ scriptVersion: "1.4.0"
+ rancherIpAddress: "10.12.6.160"
+ config:
+ # use the python utility to encrypt the OS_PASSWORD for the OS_USERNAME
+ openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PYTHON_PASSWORD_HERE_XXXXXXXXXXXXXXXX"
+ openStackSoEncryptedPassword: "YYYYYYYYYYYYYYYYYYYYYYYY_OPENSTACK_JAVA_PASSWORD_HERE_YYYYYYYYYYYYYYYY"
+so:
+ enabled: true
+ so-catalog-db-adapter:
+ config:
+ openStackUserName: "OS_USERNAME_HERE"
+ # OS_AUTH_URL (keep the /v3) from the openstack .RC file
+ openStackKeyStoneUrl: "http://10.12.25.2:5000/v3"
+ # use the SO Java utility to encrypt the OS_PASSWORD for the OS_USERNAME
+ openStackEncryptedPasswordHere: "YYYYYYYYYYYYYYYYYYYYYYYY_OPENSTACK_JAVA_PASSWORD_HERE_YYYYYYYYYYYYYYYY"
+appc:
+ enabled: true
+ replicaCount: 3
+ config:
+ enableClustering: true
+ openStackType: "OpenStackProvider"
+ openStackName: "OpenStack"
+ openStackKeyStoneUrl: "http://10.12.25.2:5000/v3"
+ openStackServiceTenantName: "OPENSTACK_PROJECT_NAME_HERE"
+ openStackDomain: "OPEN_STACK_DOMAIN_NAME_HERE"
+ openStackUserName: "OS_USER_NAME_HERE"
+ openStackEncryptedPassword: "OPENSTACK_CLEAR_TEXT_PASSWORD_HERE"
diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst
index a641fabf60..bd5e3eeee6 100644
--- a/docs/oom_quickstart_guide.rst
+++ b/docs/oom_quickstart_guide.rst
@@ -30,7 +30,7 @@ file like onap-all.yaml, onap-vfw.yaml or openstack.yaml file to suit your deplo
OpenStack tenant information.
.. note::
- Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in
+ Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in
the oom/kubernetes/onap/resources/overrides/ directory.
@@ -77,23 +77,65 @@ Java encryption library is not easy to integrate with openssl/python that
ROBOT uses in Dublin.
.. note::
- To generate SO openStackEncryptedPasswordHere :
+ To generate SO openStackEncryptedPasswordHere and openStackSoEncryptedPassword:
+
+ SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key`
- SO_ENCRYPTION_KEY=`cat ~/oom/kubenertes/so/resources/config/mso/encrypt.key`
OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX
git clone http://gerrit.onap.org/r/integration
cd integration/deployment/heat/onap-rke/scripts
+
+
javac Crypto.java
+
+ [ if javac is not installed 'apt-get update ; apt-get install default-jdk' ]
+
java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY"
d. Update the OpenStack parameters:
+There are assumptions in the demonstration VNF heat templates about the networking
+available in the environment. To get the most value out of these templates and the
+automation that can help confirm the setup is correct, please observe the following
+constraints.
+
+openStackPublicNetId:
+
+This network should allow heat templates to add interfaces.
+This need not be an external network, floating IPs can be assigned to the ports on
+the VMs that are created by the heat template but its important that neutron allow
+ports to be created on them.
+
+openStackPrivateNetCidr: "10.0.0.0/16"
+
+This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity.
+The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the
+demonstration ip addressing plan embodied in the preload template prevent conflicts when
+instantiating the various VNFs. If you need to change this, you will need to modify the preload
+data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data
+in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect
+to create.
+
+openStackOamNetworkCidrPrefix: "10.0"
+
+This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the
+robot scripts for demonstration. A production deployment need not worry about this
+setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix.
+
+
+Example Keystone v2.0
.. literalinclude:: example-integration-override.yaml
:language: yaml
+Example Keystone v3 (required for Rocky and later releases)
+.. literalinclude:: example-integration-override-v3.yaml
+ :language: yaml
+
+
+
**Step 4.** To setup a local Helm server to server up the ONAP charts::
> helm serve &
diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py
index 64e5273f5c..0f3f0c2dde 100644
--- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py
@@ -66,6 +66,7 @@ GLOBAL_INJECTED_OPENSTACK_TENANT_ID = '{{ .Values.openStackTenantId }}'
GLOBAL_INJECTED_OPENSTACK_USERNAME = '{{ .Values.openStackUserName }}'
GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME = '{{ .Values.openStackProjectName }}'
GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID = '{{ .Values.openStackDomainId }}'
+GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN = '{{ .Values.openStackUserDomain }}'
GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION = '{{ .Values.openStackKeystoneAPIVersion }}'
GLOBAL_INJECTED_REGION_THREE = '{{ .Values.openStackRegionRegionThree }}'
GLOBAL_INJECTED_KEYSTONE_REGION_THREE = '{{ .Values.openStackKeyStoneUrlRegionThree }}'
@@ -73,6 +74,7 @@ GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE = '{{ .Values.openSt
GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE = '{{ .Values.openStackUserNameRegionThree }}'
GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE = '{{ .Values.openStackPasswordRegionThree }}'
GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE = '{{ .Values.openSackMsoEncryptdPasswordRegionThree }}'
+GLOBAL_INJECTED_OPENSTACK_SO_ENCRYPTED_PASSWORD = '{{ .Values.config.openStackSoEncryptedPassword}}'
GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE = '{{ .Values.openStackTenantIdRegionThree }}'
GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE = '{{ .Values.openStackProjectNameRegionThree }}'
GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE = '{{ .Values.openStackDomainIdRegionThree }}'
@@ -165,6 +167,7 @@ GLOBAL_INJECTED_PROPERTIES = {
"GLOBAL_INJECTED_OPENSTACK_USERNAME" : '{{ .Values.openStackUserName }}',
"GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME" : '{{ .Values.openStackProjectName }}',
"GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID" : '{{ .Values.openStackDomainId }}',
+ "GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN" : '{{ .Values.openStackUserDomain }}',
"GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION" : '{{ .Values.openStackKeystoneAPIVersion }}',
"GLOBAL_INJECTED_REGION_THREE" : '{{ .Values.openStackRegionRegionThree }}',
"GLOBAL_INJECTED_KEYSTONE_REGION_THREE" : '{{ .Values.openStackKeyStoneUrlRegionThree }}',
@@ -172,6 +175,7 @@ GLOBAL_INJECTED_PROPERTIES = {
"GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE" : '{{ .Values.openStackUserNameRegionThree }}',
"GLOBAL_INJECTED_OPENSTACK_PASSWORD_REGION_THREE" : '{{ .Values.openStackPasswordRegionThree }}',
"GLOBAL_INJECTED_OPENSTACK_MSO_ENCRYPTED_PASSWORD_REGION_THREE" : '{{ .Values.openSackMsoEncryptdPasswordRegionThree }}',
+ "GLOBAL_INJECTED_OPENSTACK_SO_ENCRYPTED_PASSWORD" : '{{ .Values.config.openStackSoEncryptedPassword}}',
"GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE" : '{{ .Values.openStackTenantIdRegionThree }}',
"GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE" : '{{ .Values.openStackProjectNameRegionThree }}',
"GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE" : '{{ .Values.openStackDomainIdRegionThree }}',
diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml
index 65da947c95..5443771e9b 100644
--- a/kubernetes/robot/values.yaml
+++ b/kubernetes/robot/values.yaml
@@ -37,6 +37,7 @@ config:
# openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment
openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
+ openStackSoEncryptedPassword: "SAME_STRING_AS_SO_JAVA_ENCRYPTED_PASSWORD"
# Demo configuration
# Nexus demo artifact version. Maps to GLOBAL_INJECTED_ARTIFACTS_VERSION
@@ -45,24 +46,46 @@ demoArtifactsVersion: "1.4.0"
demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases"
# Openstack medium sized flavour name. Maps GLOBAL_INJECTED_VM_FLAVOR
openStackFlavourMedium: "m1.medium"
+
+################# Openstack .RC Parameters ################################333
+# KEYSTONE Version 3 Required for Rocky and beyond
+# Openstack Keystone API version. Valid values are [ v2.0, v3 ]. Maps to GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION
+openStackKeystoneAPIVersion: "v2.0"
+
+# OS_AUTH_URL without the /v3 or /v2.0 from the openstack .RC file
# Openstack keystone URL. Maps to GLOBAL_INJECTED_KEYSTONE
openStackKeyStoneUrl: "http://1.2.3.4:5000"
+
+# OS_PROJECT_ID from the openstack .RC file
+# Openstack tenant UUID where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_TENANT_ID
+openStackTenantId: "47899782ed714295b1151681fdfd51f5"
+
+# OS_PROJECT_NAME from the openstack .RC file
+# Project name of Openstack where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME
+openStackProjectName: "onap"
+
+# OS_USERNAME from the openstack .RC file
+# username for Openstack tenant where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_USERNAME
+openStackUserName: "tenantUsername"
+
+# OS_PROJECT_DOMAIN_ID from the openstack .RC file
+# in some environments it is a string but in other environmens it may be a numeric
+# Domain id of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID
+openStackDomainId: "default"
+
+# OS_USER_DOMAIN from the openstack .RC file
+# Use Domain of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN
+openStackUserDomain: "Default"
+
+
# UUID of the Openstack network that can assign floating ips. Maps to GLOBAL_INJECTED_PUBLIC_NET_ID
openStackPublicNetId: "e8f51958045716781ffc"
# password for Openstack tenant where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PASSWORD
openStackPassword: "tenantPassword"
# Openstack region. Maps to GLOBAL_INJECTED_REGION
openStackRegion: "RegionOne"
-# Openstack tenant UUID where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_TENANT_ID
-openStackTenantId: "47899782ed714295b1151681fdfd51f5"
-# username for Openstack tenant where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_USERNAME
-openStackUserName: "tenantUsername"
-# Project name of Openstack where VNFs will be spawned. Maps to GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME
-openStackProjectName: "onap"
-# Domain id of openstack where VNFs will be deployed. Maps to GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID
-openStackDomainId: "Default"
-# Openstack Keystone API version. Valid values are [ v2.0, v3 ]. Maps to GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION
-openStackKeystoneAPIVersion: "v2.0"
+
+
# Values for second cloud instante for VNF instantiatioen testing and keystone v3
openStackRegionRegionThree: "RegionThree"
openStackKeyStoneUrlRegionThree: "http://1.2.3.4:5000"