summaryrefslogtreecommitdiffstats
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/images/network/network_1.pngbin0 -> 127009 bytes
-rw-r--r--docs/images/network/network_2.pngbin0 -> 133842 bytes
-rw-r--r--docs/images/network/network_3.pngbin0 -> 105085 bytes
-rw-r--r--docs/images/network/network_4.pngbin0 -> 97405 bytes
-rw-r--r--docs/images/sg/sg_1.pngbin0 -> 108229 bytes
-rw-r--r--docs/images/sg/sg_2.pngbin0 -> 153078 bytes
-rw-r--r--docs/oom_developer_guide.rst3
-rw-r--r--docs/oom_hardcoded_certificates.rst28
-rw-r--r--docs/oom_project_description.rst1
-rw-r--r--docs/oom_setup_kubernetes_rancher.rst54
10 files changed, 82 insertions, 4 deletions
diff --git a/docs/images/network/network_1.png b/docs/images/network/network_1.png
new file mode 100644
index 0000000000..d51cb1280b
--- /dev/null
+++ b/docs/images/network/network_1.png
Binary files differ
diff --git a/docs/images/network/network_2.png b/docs/images/network/network_2.png
new file mode 100644
index 0000000000..9498a460d3
--- /dev/null
+++ b/docs/images/network/network_2.png
Binary files differ
diff --git a/docs/images/network/network_3.png b/docs/images/network/network_3.png
new file mode 100644
index 0000000000..c729405aef
--- /dev/null
+++ b/docs/images/network/network_3.png
Binary files differ
diff --git a/docs/images/network/network_4.png b/docs/images/network/network_4.png
new file mode 100644
index 0000000000..cc8f96fac0
--- /dev/null
+++ b/docs/images/network/network_4.png
Binary files differ
diff --git a/docs/images/sg/sg_1.png b/docs/images/sg/sg_1.png
new file mode 100644
index 0000000000..ff5264d3c4
--- /dev/null
+++ b/docs/images/sg/sg_1.png
Binary files differ
diff --git a/docs/images/sg/sg_2.png b/docs/images/sg/sg_2.png
new file mode 100644
index 0000000000..395057fc97
--- /dev/null
+++ b/docs/images/sg/sg_2.png
Binary files differ
diff --git a/docs/oom_developer_guide.rst b/docs/oom_developer_guide.rst
index c3fb603d04..3cced83f62 100644
--- a/docs/oom_developer_guide.rst
+++ b/docs/oom_developer_guide.rst
@@ -373,6 +373,9 @@ Templates are provided in order to create Kubernetes resources (Secrets,
Ingress, Services, ...) or part of Kubernetes resources (names, labels,
resources requests and limits, ...).
+a full list and simple description is done in
+`kubernetes/common/common/documentation.rst`.
+
Service template
----------------
diff --git a/docs/oom_hardcoded_certificates.rst b/docs/oom_hardcoded_certificates.rst
new file mode 100644
index 0000000000..eb53a2d848
--- /dev/null
+++ b/docs/oom_hardcoded_certificates.rst
@@ -0,0 +1,28 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2018 Amdocs, Bell Canada
+
+.. Links
+.. _hardcoded-certiticates-label:
+
+ONAP Hardcoded certificates
+###########################
+
+ONAP current installation have hardcoded certificates.
+Here's the list of these certificates:
+
+ +-----------------------------------------------------------------------------------------------------------------------------+
+ | Project | ONAP Certificate | Own Certificate | Path |
+ +============+==================+==================+==========================================================================+
+ | VID | No | Yes | kubernetes/vid/resources/cert |
+ +------------+------------------+------------------+--------------------------------------------------------------------------+
+ | AAI | Yes | No | aai/oom/resources/config/haproxy/aai.pem |
+ +------------+------------------+------------------+--------------------------------------------------------------------------+
+ | AAI | Yes | No | aai/oom/resources/config/aai/aai_keystore |
+ +------------+------------------+------------------+--------------------------------------------------------------------------+
+ | AAI | Yes | No | aai/oom/components/aai-search-data/resources/config/auth/tomcat_keystore |
+ +------------+------------------+------------------+--------------------------------------------------------------------------+
+ | AAI | No | Yes | aai/oom/components/aai-babel/resources/config/auth/tomcat_keystore |
+ +------------+------------------+------------------+--------------------------------------------------------------------------+
+ | AAI | Yes | Yes | aai/oom/components/aai-model-loaderresources/config/auth/tomcat_keystore |
+ +------------+------------------+------------------+--------------------------------------------------------------------------+
diff --git a/docs/oom_project_description.rst b/docs/oom_project_description.rst
index 6486f4bab7..7903b709d8 100644
--- a/docs/oom_project_description.rst
+++ b/docs/oom_project_description.rst
@@ -38,6 +38,7 @@ The OOM documentation is broken into four different areas each targeted at a dif
- :ref:`user-guide-label` - a guide for operators of an ONAP instance
- :ref:`developer-guide-label` - a guide for developers of OOM and ONAP
- :ref:`cloud-setup-guide-label` - a guide for those setting up cloud environments that ONAP will use
+- :ref:`hardcoded-certiticates-label` - the list of all hardcoded certificates sets in ONAP installation
The :ref:`release-notes-label` for OOM describe the incremental features per release.
diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst
index 6dcc3c72cb..1b5d6d1985 100644
--- a/docs/oom_setup_kubernetes_rancher.rst
+++ b/docs/oom_setup_kubernetes_rancher.rst
@@ -69,6 +69,42 @@ Example::
> chmod 600 ~/.ssh/onap-key
+Create Network
+==============
+
+An internal network is required in order to deploy our VMs that will host
+Kubernetes.
+
+.. image:: images/network/network_1.png
+
+.. image:: images/network/network_2.png
+
+.. image:: images/network/network_3.png
+
+.. Note::
+ It's better to have one network per deployment and obviously the name of this
+ network should be unique.
+
+Now we need to create a router to attach this network to outside:
+
+.. image:: images/network/network_4.png
+
+Create Security Group
+=====================
+
+A specific security group is also required
+
+.. image:: images/sg/sg_1.png
+
+then click on `manage rules` of the newly created security group.
+And finally click on `Add Rule` and create the following one:
+
+.. image:: images/sg/sg_2.png
+
+.. Note::
+ the security is clearly not good here and the right SG will be proposed in a
+ future version
+
Create Kubernetes Control Plane VMs
===================================
@@ -96,11 +132,15 @@ The recommended flavor is at least 4 vCPU and 8GB ram.
Networking
----------
+Use the created network:
+
.. image:: images/cp_vms/control_plane_4.png
Security Groups
---------------
+Use the created security group:
+
.. image:: images/cp_vms/control_plane_5.png
Key Pair
@@ -112,7 +152,7 @@ Assign the key pair that was created/selected previously (e.g. onap_key).
Apply customization script for Control Plane VMs
------------------------------------------------
-Click :download:`openstack-k8s-controlnode.sh <openstack-k8s-controlnode.sh>`
+Click :download:`openstack-k8s-controlnode.sh <openstack-k8s-controlnode.sh>`
to download the script.
.. literalinclude:: openstack-k8s-controlnode.sh
@@ -140,10 +180,10 @@ Highly-Available Kubernetes Workers. ONAP workloads will only be scheduled on th
Launch new VM instances
-----------------------
-The number and size of Worker VMs is depenedent on the size of the ONAP deployment.
-By default, all ONAP applications are deployed. It's possible to customize the deployment
+The number and size of Worker VMs is depenedent on the size of the ONAP deployment.
+By default, all ONAP applications are deployed. It's possible to customize the deployment
and enable a subset of the ONAP applications. For the purpose of this guide, however,
-we will deploy 12 Kubernetes Workers that have been sized to handle the entire ONAP
+we will deploy 12 Kubernetes Workers that have been sized to handle the entire ONAP
application workload.
.. image:: images/wk_vms/worker_1.png
@@ -304,6 +344,12 @@ Download and install kubectl. Binaries can be found here for Linux and Mac:
https://storage.googleapis.com/kubernetes-release/release/v1.15.2/bin/linux/amd64/kubectl
https://storage.googleapis.com/kubernetes-release/release/v1.15.2/bin/darwin/amd64/kubectl
+You only need to install kubectl where you'll launch kubernetes command. This
+can be any machines of the kubernetes cluster or a machine that has IP access
+to the APIs.
+Usually, we use the first controller as it has also access to internal
+Kubernetes services, which can be convenient.
+
Validate deployment
-------------------