diff options
Diffstat (limited to 'docs')
-rw-r--r-- | docs/example-integration-override-v3.yaml | 64 | ||||
-rw-r--r-- | docs/oom_quickstart_guide.rst | 48 | ||||
-rw-r--r-- | docs/oom_setup_kubernetes_rancher.rst | 34 |
3 files changed, 129 insertions, 17 deletions
diff --git a/docs/example-integration-override-v3.yaml b/docs/example-integration-override-v3.yaml new file mode 100644 index 0000000000..659389a920 --- /dev/null +++ b/docs/example-integration-override-v3.yaml @@ -0,0 +1,64 @@ +global: + repository: 10.12.5.2:5000 + pullPolicy: IfNotPresent +################################################################# +# This override file configures openstack parameters for ONAP +################################################################# +robot: + enabled: true + flavor: large + appcUsername: "appc@appc.onap.org" + appcPassword: "demo123456!" + # KEYSTONE Version 3 Required for Rocky and beyond + openStackKeystoneAPIVersion: "v3" + # OS_AUTH_URL without the /v3 from the openstack .RC file + openStackKeyStoneUrl: "http://10.12.25.2:5000" + # OS_PROJECT_ID from the openstack .RC file + openStackTenantId: "09d8566ea45e43aa974cf447ed591d77" + # OS_USERNAME from the openstack .RC file + openStackUserName: "OS_USERNAME_HERE" + # OS_PROJECT_DOMAIN_ID from the openstack .RC file + # in some environments it is a string but in other environmens it may be a numeric + openStackDomainId: "default" + # OS_USER_DOMAIN_NAME from the openstack .RC file + openStackUserDomain: "Default" + openStackProjectName: "OPENSTACK_PROJECT_NAME_HERE" + ubuntu14Image: "ubuntu-14-04-cloud-amd64" + ubuntu16Image: "ubuntu-16-04-cloud-amd64" + openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4" + openStackPrivateNetId: "83c84b68-80be-4990-8d7f-0220e3c6e5c8" + openStackPrivateSubnetId: "e571c1d1-8ac0-4744-9b40-c3218d0a53a0" + openStackPrivateNetCidr: "10.0.0.0/16" + openStackOamNetworkCidrPrefix: "10.0" + openStackSecurityGroup: "bbe028dc-b64f-4f11-a10f-5c6d8d26dc89" + dcaeCollectorIp: "10.12.6.109" + vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh" + demoArtifactsVersion: "1.4.0" + demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" + scriptVersion: "1.4.0" + rancherIpAddress: "10.12.6.160" + config: + # use the python utility to encrypt the OS_PASSWORD for the OS_USERNAME + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PYTHON_PASSWORD_HERE_XXXXXXXXXXXXXXXX" + openStackSoEncryptedPassword: "YYYYYYYYYYYYYYYYYYYYYYYY_OPENSTACK_JAVA_PASSWORD_HERE_YYYYYYYYYYYYYYYY" +so: + enabled: true + so-catalog-db-adapter: + config: + openStackUserName: "OS_USERNAME_HERE" + # OS_AUTH_URL (keep the /v3) from the openstack .RC file + openStackKeyStoneUrl: "http://10.12.25.2:5000/v3" + # use the SO Java utility to encrypt the OS_PASSWORD for the OS_USERNAME + openStackEncryptedPasswordHere: "YYYYYYYYYYYYYYYYYYYYYYYY_OPENSTACK_JAVA_PASSWORD_HERE_YYYYYYYYYYYYYYYY" +appc: + enabled: true + replicaCount: 3 + config: + enableClustering: true + openStackType: "OpenStackProvider" + openStackName: "OpenStack" + openStackKeyStoneUrl: "http://10.12.25.2:5000/v3" + openStackServiceTenantName: "OPENSTACK_PROJECT_NAME_HERE" + openStackDomain: "OPEN_STACK_DOMAIN_NAME_HERE" + openStackUserName: "OS_USER_NAME_HERE" + openStackEncryptedPassword: "OPENSTACK_CLEAR_TEXT_PASSWORD_HERE" diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index a641fabf60..bd5e3eeee6 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -30,7 +30,7 @@ file like onap-all.yaml, onap-vfw.yaml or openstack.yaml file to suit your deplo OpenStack tenant information. .. note:: - Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in + Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in the oom/kubernetes/onap/resources/overrides/ directory. @@ -77,23 +77,65 @@ Java encryption library is not easy to integrate with openssl/python that ROBOT uses in Dublin. .. note:: - To generate SO openStackEncryptedPasswordHere : + To generate SO openStackEncryptedPasswordHere and openStackSoEncryptedPassword: + + SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key` - SO_ENCRYPTION_KEY=`cat ~/oom/kubenertes/so/resources/config/mso/encrypt.key` OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX git clone http://gerrit.onap.org/r/integration cd integration/deployment/heat/onap-rke/scripts + + javac Crypto.java + + [ if javac is not installed 'apt-get update ; apt-get install default-jdk' ] + java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY" d. Update the OpenStack parameters: +There are assumptions in the demonstration VNF heat templates about the networking +available in the environment. To get the most value out of these templates and the +automation that can help confirm the setup is correct, please observe the following +constraints. + +openStackPublicNetId: + +This network should allow heat templates to add interfaces. +This need not be an external network, floating IPs can be assigned to the ports on +the VMs that are created by the heat template but its important that neutron allow +ports to be created on them. + +openStackPrivateNetCidr: "10.0.0.0/16" + +This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity. +The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the +demonstration ip addressing plan embodied in the preload template prevent conflicts when +instantiating the various VNFs. If you need to change this, you will need to modify the preload +data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data +in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect +to create. + +openStackOamNetworkCidrPrefix: "10.0" + +This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the +robot scripts for demonstration. A production deployment need not worry about this +setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix. + + +Example Keystone v2.0 .. literalinclude:: example-integration-override.yaml :language: yaml +Example Keystone v3 (required for Rocky and later releases) +.. literalinclude:: example-integration-override-v3.yaml + :language: yaml + + + **Step 4.** To setup a local Helm server to server up the ONAP charts:: > helm serve & diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst index 3ccde8d418..90a060b592 100644 --- a/docs/oom_setup_kubernetes_rancher.rst +++ b/docs/oom_setup_kubernetes_rancher.rst @@ -30,19 +30,19 @@ to deploy and manage our Kubernetes Cluster. The result at the end of this tutorial will be: -*1.* Creation of a Key Pair to use with Open Stack and RKE +#. Creation of a Key Pair to use with Open Stack and RKE -*2.* Creation of OpenStack VMs to host Kubernetes Control Plane +#. Creation of OpenStack VMs to host Kubernetes Control Plane -*3.* Creation of OpenStack VMs to host Kubernetes Workers +#. Creation of OpenStack VMs to host Kubernetes Workers -*4.* Installation and configuration of RKE to setup an HA Kubernetes +#. Installation and configuration of RKE to setup an HA Kubernetes -*5.* Installation and configuration of kubectl +#. Installation and configuration of kubectl -*5.* Installation and configuration of helm +#. Installation and configuration of helm -*7.* Creation of an NFS Server to be used by ONAP as shared persistance +#. Creation of an NFS Server to be used by ONAP as shared persistance There are many ways one can execute the above steps. Including automation through the use of HEAT to setup the OpenStack VMs. To better illustrate the steps involved, we have captured the manual creation of such an environment using the ONAP Wind River Open Lab. @@ -62,7 +62,8 @@ Use an existing key pair, import one or create a new one to assign. For the purpose of this guide, we will assume a new local key called "onap-key" has been downloaded and is copied into **~/.ssh/**, from which it can be referenced. -Example: +Example:: + > mv onap-key ~/.ssh > chmod 600 ~/.ssh/onap-key @@ -250,13 +251,11 @@ in this file. Run RKE ------- -From within the same directory as the cluster.yml file, simply execute: +From within the same directory as the cluster.yml file, simply execute:: > rke up -The output will look something like: - -.. code-block:: +The output will look something like:: INFO[0000] Initiating Kubernetes cluster INFO[0000] [certificates] Generating admin certificates and kubeconfig @@ -307,6 +306,9 @@ https://storage.googleapis.com/kubernetes-release/release/v1.13.5/bin/darwin/amd Validate deployment ------------------- + +:: + > cp kube_config_cluster.yml ~/.kube/config.onap > export KUBECONFIG=~/.kube/config.onap @@ -315,7 +317,7 @@ Validate deployment > kubectl get nodes -o=wide -.. code-block:: +:: NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME onap-control-1 Ready controlplane,etcd 3h53m v1.13.5 10.0.0.8 <none> Ubuntu 18.04 LTS 4.15.0-22-generic docker://18.9.5 @@ -338,7 +340,8 @@ Validate deployment Install Helm ============ -Example Helm client install on Linux: +Example Helm client install on Linux:: + > wget http://storage.googleapis.com/kubernetes-helm/helm-v2.12.3-linux-amd64.tar.gz > tar -zxvf helm-v2.12.3-linux-amd64.tar.gz @@ -347,6 +350,9 @@ Example Helm client install on Linux: Initialize Kubernetes Cluster for use by Helm --------------------------------------------- + +:: + > kubectl -n kube-system create serviceaccount tiller > kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller |