diff options
-rw-r--r-- | docs/example-integration-override.yaml | 40 | ||||
-rw-r--r-- | docs/helm-search.txt | 71 | ||||
-rw-r--r-- | docs/oom_quickstart_guide.rst | 32 | ||||
-rw-r--r-- | docs/oom_setup_kubernetes_rancher.rst | 47 | ||||
m--------- | kubernetes/aai | 0 | ||||
-rw-r--r-- | kubernetes/onap/resources/overrides/openstack.yaml | 18 |
6 files changed, 122 insertions, 86 deletions
diff --git a/docs/example-integration-override.yaml b/docs/example-integration-override.yaml index 9c336d69ce..56699d921c 100644 --- a/docs/example-integration-override.yaml +++ b/docs/example-integration-override.yaml @@ -1,36 +1,46 @@ global: repository: 10.12.5.2:5000 pullPolicy: IfNotPresent +################################################################# +# This override file configures openstack parameters for ONAP +################################################################# +appc: + config: + enableClustering: false + openStackType: "OpenStackProvider" + openStackName: "OpenStack" + openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" + openStackServiceTenantName: "OPENSTACK_TENANTNAME_HERE" + openStackDomain: "Default" + openStackUserName: "OPENSTACK_USERNAME_HERE" + openStackEncryptedPassword: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PASSWORD_HERE_XXXXXXXXXXXXXXXX" robot: - enabled: true - flavor: large appcUsername: "appc@appc.onap.org" - appcPassword: "APPC_PASSWORD_HERE" + appcPassword: "demo123456!" openStackKeyStoneUrl: "http://10.12.25.2:5000" openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4" openStackTenantId: "09d8566ea45e43aa974cf447ed591d77" openStackUserName: "OPENSTACK_USERNAME_HERE" ubuntu14Image: "ubuntu-14-04-cloud-amd64" ubuntu16Image: "ubuntu-16-04-cloud-amd64" - openStackPrivateNetId: "d4ab89ff-c735-4ce4-93f6-cff445157b98" - openStackPrivateSubnetId: "46c2391c-ed98-4fb0-8ab7-88678bc55b9f" + openStackPrivateNetId: "c7824f00-bef7-4864-81b9-f6c3afabd313" + openStackPrivateSubnetId: "2a0e8888-f93e-4615-8d28-fc3d4d087fc3" openStackPrivateNetCidr: "10.0.0.0/16" - openStackSecurityGroup: "3914301b-2996-414f-ba0a-da4b2275a753" + openStackSecurityGroup: "3a7a1e7e-6d15-4264-835d-fab1ae81e8b0" openStackOamNetworkCidrPrefix: "10.0" - dcaeCollectorIp: "10.12.5.46" + dcaeCollectorIp: "10.12.6.88" vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh" - demoArtifactsVersion: "1.3.0" + demoArtifactsVersion: "1.4.0-SNAPSHOT" demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" - scriptVersion: "1.3.0" - rancherIpAddress: "10.12.6.38" + scriptVersion: "1.4.0-SNAPSHOT" + rancherIpAddress: "10.12.5.127" config: - openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HEREXXXXXXXXXXXXXXXX" + # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" so: - enabled: true + # so server configuration so-catalog-db-adapter: config: openStackUserName: "OPENSTACK_USERNAME_HERE" openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" - openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HEREXXXXXXXXXXXXXXXX" - - + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX"
\ No newline at end of file diff --git a/docs/helm-search.txt b/docs/helm-search.txt index db95e4f7d7..036ad036f2 100644 --- a/docs/helm-search.txt +++ b/docs/helm-search.txt @@ -1,31 +1,42 @@ NAME CHART VERSION APP VERSION DESCRIPTION -local/onap 4.0.0 Dublin Open Network Automation Platform (ONAP) -local/aaf 4.0.0 ONAP Application Authorization Framework -local/aai 4.0.0 ONAP Active and Available Inventory -local/cassandra 4.0.0 ONAP cassandra -local/cds 4.0.0 ONAP Common Design Studio -local/clamp 4.0.0 ONAP Clamp -local/cli 4.0.0 ONAP Command Line Interface -local/consul 4.0.0 ONAP Consul Agent -local/contrib 4.0.0 ONAP optional tools -local/dcaegen2 4.0.0 ONAP DCAE Gen2 -local/dmaap 4.0.1 ONAP DMaaP components -local/esr 4.0.0 ONAP External System Register -local/log 4.0.0 ONAP Logging ElasticStack -local/msb 4.0.0 ONAP MicroServices Bus -local/multicloud 4.0.0 ONAP multicloud broker -local/nbi 4.0.0 ONAP Northbound Interface -local/oof 4.0.0 ONAP Optimization Framework -local/pnda 4.0.0 ONAP DCAE PNDA -local/policy 4.0.0 ONAP Policy Administration Point -local/pomba 4.0.0 ONAP Post Orchestration Model Based Audit -local/portal 4.0.0 ONAP Web Portal -local/postgres 4.0.0 ONAP Postgres Server -local/robot 4.0.0 A helm Chart for kubernetes-ONAP Robot -local/sdnc-prom 4.0.0 ONAP SDNC Policy Driven Ownership Management -local/sniro-emulator 4.0.0 ONAP Mock Sniro Emulator -local/so 4.0.0 ONAP Service Orchestrator -local/uui 4.0.0 ONAP uui -local/vfc 4.0.0 ONAP Virtual Function Controller (VF-C) -local/vid 4.0.0 ONAP Virtual Infrastructure Deployment -local/vnfsdk 4.0.0 ONAP VNF SDK +local/onap 4.0.0 Dublin Open Network Automation Platform (ONAP) +local/aaf 4.0.0 ONAP Application Authorization Framework +local/aai 4.0.0 ONAP Active and Available Inventory +local/appc 4.0.0 Application Controller +local/cassandra 4.0.0 ONAP cassandra +local/cds 4.0.0 ONAP Controller Design Studio (CDS) +local/clamp 4.0.0 ONAP Clamp +local/cli 4.0.0 ONAP Command Line Interface +local/common 4.0.0 Common templates for inclusion in other charts +local/consul 4.0.0 ONAP Consul Agent +local/contrib 4.0.0 ONAP optional tools +local/dcaegen2 4.0.0 ONAP DCAE Gen2 +local/dgbuilder 4.0.0 D.G. Builder application +local/dmaap 4.0.1 ONAP DMaaP components +local/esr 4.0.0 ONAP External System Register +local/log 4.0.0 ONAP Logging ElasticStack +local/mariadb-galera 4.0.0 Chart for MariaDB Galera cluster +local/mongo 4.0.0 MongoDB Server +local/msb 4.0.0 ONAP MicroServices Bus +local/multicloud 4.0.0 ONAP multicloud broker +local/music 4.0.0 MUSIC - Multi-site State Coordination Service +local/mysql 4.0.0 MySQL Server +local/nbi 4.0.0 ONAP Northbound Interface +local/network-name-gen 4.0.0 Name Generation Micro Service +local/nfs-provisioner 4.0.0 NFS provisioner +local/oof 4.0.0 ONAP Optimization Framework +local/pnda 4.0.0 ONAP DCAE PNDA +local/policy 4.0.0 ONAP Policy Administration Point +local/pomba 4.0.0 ONAP Post Orchestration Model Based Audit +local/portal 4.0.0 ONAP Web Portal +local/postgres 4.0.0 ONAP Postgres Server +local/robot 4.0.0 A helm Chart for kubernetes-ONAP Robot +local/sdc 4.0.0 Service Design and Creation Umbrella Helm charts +local/sdnc 4.0.0 SDN Controller +local/sdnc-prom 4.0.0 ONAP SDNC Policy Driven Ownership Management +local/sniro-emulator 4.0.0 ONAP Mock Sniro Emulator +local/so 4.0.0 ONAP Service Orchestrator +local/uui 4.0.0 ONAP uui +local/vfc 4.0.0 ONAP Virtual Function Controller (VF-C) +local/vid 4.0.0 ONAP Virtual Infrastructure Deployment +local/vnfsdk 4.0.0 ONAP VNF SDK
\ No newline at end of file diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index 20eb8fab79..501deda7e4 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -25,21 +25,25 @@ available), follow the following instructions to deploy ONAP. > sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm -**Step 3.** Customize the helm charts like onap.values.yaml or an override.yaml -like integration-override.yaml file to suit your deployment with items like the +**Step 3.** Customize the helm charts like oom/kubernetes/onap/values.yaml or an override +file like onap-all.yaml, onap-vfw.yaml or openstack.yaml file to suit your deployment with items like the OpenStack tenant information. +.. note:: + Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in + the oom/kubernetes/onap/resources/overrides/ directory. + a. You may want to selectively enable or disable ONAP components by changing the `enabled: true/false` flags. b. Encyrpt the OpenStack password using the shell tool for robot and put it in - the robot helm charts or robot section of integration-override.yaml + the robot helm charts or robot section of openstack.yaml c. Encrypt the OpenStack password using the java based script for SO helm charts - or SO section of integration-override.yaml. + or SO section of openstack.yaml. d. Update the OpenStack parameters that will be used by robot, SO and APPC helm @@ -63,9 +67,9 @@ openssl algorithm that works with the python based Robot Framework. .. note:: To generate ROBOT openStackEncryptedPasswordHere : - ``root@olc-rancher:~# cd so/resources/config/mso/`` + ``cd so/resources/config/mso/`` - ``root@olc-rancher:~/oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p`` + ``/oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p`` c. Generating SO Encrypted Password: The SO Encrypted Password uses a java based encryption utility since the @@ -120,20 +124,24 @@ follows:: **Step 8.** Once the repo is setup, installation of ONAP can be done with a single command - a. If you updated the values directly use this command:: +.. note:: + The --timeout 900 is currently required in Dublin to address long running initialization tasks + for DMaaP and SO. Without this timeout value both applications may fail to deploy. - > helm deploy dev local/onap --namespace onap + a. To deploy all ONAP applications use this command:: + > cd oom/kubernetes + > helm deploy dev local/onap --namespace onap -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/openstack.yaml --timeout 900 - b. If you are using an integration-override.yaml file use this command:: + b. If you are using a custom override (e.g. integration-override.yaml) use this command:: - > helm deploy dev local/onap -f /root/integration-override.yaml --namespace onap + > helm deploy dev local/onap -f /root/integration-override.yaml --namespace onap --timeout 900 c. If you have a slower cloud environment you may want to use the public-cloud.yaml which has longer delay intervals on database updates.:: - > helm deploy dev local/onap -f /root/oom/kubernetes/onap/resources/environments/public-cloud.yaml -f /root/integration-override.yaml --namespace onap + > helm deploy dev local/onap -f /root/oom/kubernetes/onap/resources/environments/public-cloud.yaml -f /root/integration-override.yaml --namespace onap --timeout 900 **Step 9.** Commands to interact with the OOM installation @@ -141,7 +149,7 @@ single command Use the following to monitor your deployment and determine when ONAP is ready for use:: - > kubectl get pods --all-namespaces -o=wide + > kubectl get pods -n onap -o=wide Undeploying onap can be done using the following command:: diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst index ebc44e6a96..3ccde8d418 100644 --- a/docs/oom_setup_kubernetes_rancher.rst +++ b/docs/oom_setup_kubernetes_rancher.rst @@ -23,6 +23,11 @@ This guide provides instructions on how to setup a Highly-Available Kubernetes C For this, we are hosting our cluster on OpenStack VMs and using the Rancher Kubernetes Engine (RKE) to deploy and manage our Kubernetes Cluster. +.. contents:: + :depth: 1 + :local: +.. + The result at the end of this tutorial will be: *1.* Creation of a Key Pair to use with Open Stack and RKE @@ -42,11 +47,6 @@ The result at the end of this tutorial will be: There are many ways one can execute the above steps. Including automation through the use of HEAT to setup the OpenStack VMs. To better illustrate the steps involved, we have captured the manual creation of such an environment using the ONAP Wind River Open Lab. -.. contents:: - :depth: 1 - :local: -.. - Create Key Pair =============== A Key Pair is required to access the created OpenStack VMs and will be used by @@ -63,9 +63,9 @@ For the purpose of this guide, we will assume a new local key called "onap-key" has been downloaded and is copied into **~/.ssh/**, from which it can be referenced. Example: - $ mv onap-key ~/.ssh + > mv onap-key ~/.ssh - $ chmod 600 ~/.ssh/onap-key + > chmod 600 ~/.ssh/onap-key Create Kubernetes Control Plane VMs @@ -252,11 +252,12 @@ Run RKE ------- From within the same directory as the cluster.yml file, simply execute: - $ rke up + > rke up The output will look something like: .. code-block:: + INFO[0000] Initiating Kubernetes cluster INFO[0000] [certificates] Generating admin certificates and kubeconfig INFO[0000] Successfully Deployed state file at [./cluster.rkestate] @@ -306,15 +307,16 @@ https://storage.googleapis.com/kubernetes-release/release/v1.13.5/bin/darwin/amd Validate deployment ------------------- - $ cp kube_config_cluster.yml ~/.kube/config.onap + > cp kube_config_cluster.yml ~/.kube/config.onap - $ export KUBECONFIG=~/.kube/config.onap + > export KUBECONFIG=~/.kube/config.onap - $ kubectl config use-context onap + > kubectl config use-context onap - $ kubectl get nodes -o=wide + > kubectl get nodes -o=wide .. code-block:: + NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME onap-control-1 Ready controlplane,etcd 3h53m v1.13.5 10.0.0.8 <none> Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 onap-control-2 Ready controlplane,etcd 3h53m v1.13.5 10.0.0.11 <none> Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 @@ -336,13 +338,22 @@ Validate deployment Install Helm ============ - $ kubectl -n kube-system create serviceaccount tiller +Example Helm client install on Linux: + > wget http://storage.googleapis.com/kubernetes-helm/helm-v2.12.3-linux-amd64.tar.gz + + > tar -zxvf helm-v2.12.3-linux-amd64.tar.gz + + > sudo mv linux-amd64/helm /usr/local/bin/helm + +Initialize Kubernetes Cluster for use by Helm +--------------------------------------------- + > kubectl -n kube-system create serviceaccount tiller - $ kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller + > kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller - $ helm init --service-account tiller + > helm init --service-account tiller - $ kubectl -n kube-system rollout status deploy/tiller-deploy + > kubectl -n kube-system rollout status deploy/tiller-deploy @@ -438,12 +449,12 @@ Click :download:`slave_nfs_node.sh <slave_nfs_node.sh>` to download the script. The master_nfs_node.sh script runs in the NFS Master node and needs the list of NFS Slave nodes as input, e.g.:: - $ sudo ./master_nfs_node.sh node1_ip node2_ip ... nodeN_ip + > sudo ./master_nfs_node.sh node1_ip node2_ip ... nodeN_ip The slave_nfs_node.sh script runs in each NFS Slave node and needs the IP of the NFS Master node as input, e.g.:: - $ sudo ./slave_nfs_node.sh master_node_ip + > sudo ./slave_nfs_node.sh master_node_ip ONAP Deployment via OOM diff --git a/kubernetes/aai b/kubernetes/aai -Subproject 1b28e45136d5096ef4c07f4142c76b45224b3cf +Subproject e67a94e6be333271c8237d6ebd5fb0f48940135 diff --git a/kubernetes/onap/resources/overrides/openstack.yaml b/kubernetes/onap/resources/overrides/openstack.yaml index a3c5867e15..a8294d249f 100644 --- a/kubernetes/onap/resources/overrides/openstack.yaml +++ b/kubernetes/onap/resources/overrides/openstack.yaml @@ -21,17 +21,17 @@ appc: openStackType: "OpenStackProvider" openStackName: "OpenStack" openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" - openStackServiceTenantName: "Integration-OOM-Staging-Daily" + openStackServiceTenantName: "OPENSTACK_TENANTNAME_HERE" openStackDomain: "Default" - openStackUserName: "demo" - openStackEncryptedPassword: "onapdemo" + openStackUserName: "OPENSTACK_USERNAME_HERE" + openStackEncryptedPassword: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PASSWORD_HERE_XXXXXXXXXXXXXXXX" robot: appcUsername: "appc@appc.onap.org" appcPassword: "demo123456!" openStackKeyStoneUrl: "http://10.12.25.2:5000" openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4" openStackTenantId: "09d8566ea45e43aa974cf447ed591d77" - openStackUserName: "demo" + openStackUserName: "OPENSTACK_USERNAME_HERE" ubuntu14Image: "ubuntu-14-04-cloud-amd64" ubuntu16Image: "ubuntu-16-04-cloud-amd64" openStackPrivateNetId: "c7824f00-bef7-4864-81b9-f6c3afabd313" @@ -47,18 +47,14 @@ robot: rancherIpAddress: "10.12.5.127" config: # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment - openStackEncryptedPasswordHere: "bbaef6cd76625ab9eb60deedeae7dbb9" + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" so: # so server configuration so-catalog-db-adapter: config: - openStackUserName: "demo" + openStackUserName: "OPENSTACK_USERNAME_HERE" openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" - openStackEncryptedPasswordHere: "1E82B3AF7ACF458C3A6058DF4DD5FD5E526FDAFAF163589C5F85F80CD7AEC09E034F375B" - # configure embedded mariadb - mariadb: - config: - mariadbRootPassword: password + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" nbi: config: # openstack configuration |