diff options
author | Milan Verespej <m.verespej@partner.samsung.com> | 2019-01-21 15:45:42 +0100 |
---|---|---|
committer | Milan Verespej <m.verespej@partner.samsung.com> | 2019-01-28 14:58:57 +0100 |
commit | 91bc226dc7c0096fbaa4aa1bf22598a1a55f6a4c (patch) | |
tree | 3151ab49296c0480d6f5ea4b8b2b0189db74b2fe | |
parent | 2f1f94848beb2af4bb355872986cde78f40e177e (diff) |
Remove bash version of installer
Since bash version of offline installer is not supported in Casablanca
release this change removes it and provides small refactor of offline
resource building scripts.
Change-Id: I953733edc31e994da123b7f0b1c502e156676669
Issue-ID: OOM-1597
Signed-off-by: Milan Verespej <m.verespej@partner.samsung.com>
-rwxr-xr-x | bash/deploy_onap.sh | 55 | ||||
-rwxr-xr-x | bash/tools/000cleanup.sh | 41 | ||||
-rwxr-xr-x | bash/tools/certificates/2create_cert_for_nginx.sh | 47 | ||||
-rwxr-xr-x | bash/tools/certificates/self_extract_cacert.sh | 55 | ||||
-rwxr-xr-x | bash/tools/common-functions.sh | 658 | ||||
-rwxr-xr-x | bash/tools/create_si_cacert_pkg.sh | 29 | ||||
-rwxr-xr-x | bash/tools/create_si_onap_pkg.sh | 88 | ||||
-rwxr-xr-x | bash/tools/creating_data/docker-login.sh | 38 | ||||
-rwxr-xr-x | bash/tools/creating_data/load-docker-images.sh | 75 | ||||
-rwxr-xr-x | bash/tools/creating_data/upload-maven-files.sh | 43 | ||||
-rwxr-xr-x | bash/tools/creating_data/upload-npm-pkgs.sh | 48 | ||||
-rwxr-xr-x | bash/tools/deploy_kube.sh | 95 | ||||
-rwxr-xr-x | bash/tools/deploy_nexus.sh | 194 | ||||
-rwxr-xr-x | bash/tools/gather_data_lists.sh | 34 | ||||
-rwxr-xr-x | bash/tools/load_stored_offline_data.sh | 87 | ||||
-rwxr-xr-x | bash/tools/setup_nfs_mount.sh | 44 | ||||
-rwxr-xr-x | bash/tools/setup_nfs_server_rhel.sh | 51 | ||||
-rwxr-xr-x | bash/tools/setup_nfs_server_ubuntu.sh | 51 | ||||
-rwxr-xr-x | build/common-functions.sh | 92 | ||||
-rwxr-xr-x | build/creating_data/create_nginx_image/01create-image.sh (renamed from bash/tools/creating_data/create_nginx_image/01create-image.sh) | 0 | ||||
-rw-r--r-- | build/creating_data/create_nginx_image/Dockerfile (renamed from bash/tools/creating_data/create_nginx_image/Dockerfile) | 5 | ||||
-rw-r--r-- | build/creating_data/create_nginx_image/gitconfig (renamed from bash/tools/creating_data/create_nginx_image/gitconfig) | 0 | ||||
-rwxr-xr-x | build/creating_data/download-bin-tools.sh (renamed from bash/tools/creating_data/download-bin-tools.sh) | 5 | ||||
-rwxr-xr-x | build/creating_data/download-docker-images.sh (renamed from bash/tools/creating_data/download-docker-images.sh) | 0 | ||||
-rwxr-xr-x | build/creating_data/download-files.sh (renamed from bash/tools/creating_data/download-files.sh) | 0 | ||||
-rwxr-xr-x | build/creating_data/download-git-repos.sh (renamed from bash/tools/creating_data/download-git-repos.sh) | 0 | ||||
-rwxr-xr-x | build/creating_data/download-http-files.sh (renamed from bash/tools/creating_data/download-http-files.sh) | 0 | ||||
-rwxr-xr-x | build/creating_data/download-npm-pkgs.sh (renamed from bash/tools/creating_data/download-npm-pkgs.sh) | 0 | ||||
-rwxr-xr-x | build/creating_data/download-oom.sh (renamed from bash/tools/creating_data/download-oom.sh) | 0 | ||||
-rwxr-xr-x | build/creating_data/download-pip.sh (renamed from bash/tools/creating_data/download-pip.sh) | 0 | ||||
-rwxr-xr-x | build/creating_data/download-pkg.sh (renamed from bash/tools/creating_data/download-pkg.sh) | 0 | ||||
-rwxr-xr-x | build/creating_data/make-docker-images-list.sh (renamed from bash/tools/creating_data/make-docker-images-list.sh) | 0 | ||||
-rwxr-xr-x | build/creating_data/make-git-http-list.sh (renamed from bash/tools/creating_data/make-git-http-list.sh) | 0 | ||||
-rwxr-xr-x | build/creating_data/make-npm-list.sh (renamed from bash/tools/creating_data/make-npm-list.sh) | 0 | ||||
-rwxr-xr-x | build/creating_data/remote-list-gathering.sh (renamed from bash/tools/creating_data/remote-list-gathering.sh) | 1 | ||||
-rwxr-xr-x | build/creating_data/save-docker-images.sh (renamed from bash/tools/creating_data/save-docker-images.sh) | 0 | ||||
-rw-r--r-- | build/data_list/docker_image_list.txt (renamed from bash/tools/data_list/docker_image_list.txt) | 0 | ||||
-rw-r--r-- | build/data_list/docker_manual_image_list.txt (renamed from bash/tools/data_list/docker_manual_image_list.txt) | 0 | ||||
-rw-r--r-- | build/data_list/git_manual_list (renamed from bash/tools/data_list/git_manual_list) | 0 | ||||
-rw-r--r-- | build/data_list/git_repos_list (renamed from bash/tools/data_list/git_repos_list) | 0 | ||||
-rw-r--r-- | build/data_list/http_manual_list.txt (renamed from bash/tools/data_list/http_manual_list.txt) | 0 | ||||
-rw-r--r-- | build/data_list/npm_list.txt (renamed from bash/tools/data_list/npm_list.txt) | 0 | ||||
-rw-r--r-- | build/data_list/pip_list.txt (renamed from bash/tools/data_list/pip_list.txt) | 0 | ||||
-rw-r--r-- | build/data_list/pkg_list.txt (renamed from bash/tools/data_list/pkg_list.txt) | 0 | ||||
-rwxr-xr-x | build/delete-local-images.sh (renamed from bash/tools/delete-local-images.sh) | 0 | ||||
-rwxr-xr-x | build/download_offline_data_by_lists.sh (renamed from bash/tools/download_offline_data_by_lists.sh) | 4 | ||||
-rw-r--r-- | cfg/cacert.cnf | 113 | ||||
-rw-r--r-- | cfg/full_depl_values.yaml | 158 | ||||
-rw-r--r-- | cfg/nexus_cert.cnf | 33 | ||||
-rw-r--r-- | cfg/nginx.conf | 110 | ||||
-rw-r--r-- | cfg/v3.ext | 24 |
51 files changed, 95 insertions, 2183 deletions
diff --git a/bash/deploy_onap.sh b/bash/deploy_onap.sh deleted file mode 100755 index d8ae4f3e..00000000 --- a/bash/deploy_onap.sh +++ /dev/null @@ -1,55 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# fail fast -set -e - -# OS check -. /etc/os-release -OS_ID="${ID}" - -case "$OS_ID" in - centos) - ;; - rhel) - ;; - ubuntu) - ;; - *) - echo This OS is not supported: $OS_ID - exit 1 - ;; -esac - -# boilerplate -RELATIVE_PATH=./tools # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -get_configuration -copy_onap_values_file -patch_npm_oom -patch_spring_oom -patch_cfy_manager_depl $OS_ID -deploy_onap diff --git a/bash/tools/000cleanup.sh b/bash/tools/000cleanup.sh deleted file mode 100755 index 3349c501..00000000 --- a/bash/tools/000cleanup.sh +++ /dev/null @@ -1,41 +0,0 @@ -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - -oldifs=$IFS -IFS=$'\n' - -echo "Deleting containers" -for x in $(docker ps -a); do - cid=$(echo "$x" | awk '{print $1}') - docker rm -f $cid -done - -echo "Deleting volumes" -for x in $(docker volume ls | grep -v 'nexus-data'); do - name=$(echo "$x" | awk '{print $2}') -# echo "A: $name" - docker volume rm $name -done - -echo "Unmounting kubelet pods" -for x in $(mount | grep 'kubelet/pods\|rancher\|docker' | cut -d ' ' -f 3) ; do umount "$x" ; done - -rm -rfd /var/lib/kubelet/* -rm -rfd /var/lib/rancher/* -rm -rfd /var/lib/docker/* - diff --git a/bash/tools/certificates/2create_cert_for_nginx.sh b/bash/tools/certificates/2create_cert_for_nginx.sh deleted file mode 100755 index a9adb520..00000000 --- a/bash/tools/certificates/2create_cert_for_nginx.sh +++ /dev/null @@ -1,47 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# fail fast -set -e - -# boilerplate -RELATIVE_PATH=../ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -message info "Reading configuration" -get_configuration - -update_hosts - -message info "Restarting dnsmasq" -systemctl enable dnsmasq -systemctl restart dnsmasq - -message info "Configure ssl certificates" -create_cert "nexus" - -message info "** Certificates finished **" - -docker restart nginx diff --git a/bash/tools/certificates/self_extract_cacert.sh b/bash/tools/certificates/self_extract_cacert.sh deleted file mode 100755 index 1e7a5abc..00000000 --- a/bash/tools/certificates/self_extract_cacert.sh +++ /dev/null @@ -1,55 +0,0 @@ -#! /bin/sh - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - - -extract_ca() { - cpath=$1 - sed '0,/^#EOF#$/d' $0 > $cpath; - echo "Certificate installed into: $cpath" -} - -OS_ID=$(awk -F= '/^ID=/{print $2}' /etc/os-release) -OS_ID="${OS_ID%\"}" -OS_ID="${OS_ID#\"}" - -if [ "$OS_ID" = "rhel" -o "$OS_ID" = "centos" ]; then - # for centos/ rhel - echo "Detected rhel like distribution" - - update-ca-trust force-enable - extract_ca /etc/pki/ca-trust/source/anchors/rootCAcert.crt - update-ca-trust extract - -elif [ "$OS_ID" = "ubuntu" ]; then - echo "Detected ubuntu distribution" - - mkdir -p /usr/local/share/ca-certificates/extra - extract_ca /usr/local/share/ca-certificates/extra/rootCAcert.crt - update-ca-certificates -else - echo "OS $OS_ID is not supported" - exit -2 -fi - -echo "** Please restart docker (because of reload new CA) **" - -exit 0 -#EOF# diff --git a/bash/tools/common-functions.sh b/bash/tools/common-functions.sh deleted file mode 100755 index 6ffb42a7..00000000 --- a/bash/tools/common-functions.sh +++ /dev/null @@ -1,658 +0,0 @@ -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - -# -# this file contains shared variables and functions for the onap installer -# - -# any script which needs this file can check this variable -# and it will know immediately if the functions and variables -# are loaded and usable -IS_COMMON_FUNCTIONS_SOURCED=YES - -# setting of the path variables -if [ -z "$APROJECT_DIR" ] ; then - INCLUDE_PATH="${LOCAL_PATH}"/"${RELATIVE_PATH}" - APROJECT_DIR=$(readlink -f "$INCLUDE_PATH"/../..) -fi - -RESOURCES_DIR="$APROJECT_DIR/resources" -BASH_SCRIPTS_DIR="$APROJECT_DIR/bash" -NEXUS_DATA="$RESOURCES_DIR/nexus_data" -CERTS_TARGET_PATH="$APROJECT_DIR/live/certs" -NGINX_LOG_DIR="$APROJECT_DIR/live/nginx_logs" -GEN_CFG_PATH="$APROJECT_DIR/live/cfg" -GIT_REPOS="$RESOURCES_DIR/git-repo" -NGINX_HTTP_DIR="$RESOURCES_DIR/http" -RHEL_REPO="$RESOURCES_DIR/pkg/rhel" - -PATH="${PATH}:/usr/local/bin:/usr/local/sbin" -export PATH - -# just self-defense against locale -LANG=C -export LANG - -# dns handling -SIMUL_HOSTS="gcr.io \ -git.rancher.io \ -gerrit.onap.org \ -registry-1.docker.io \ -docker.io \ -registry.npmjs.org \ -nexus3.onap.org \ -nexus.onap.org \ -docker.elastic.co \ -www.getcloudify.org \ -www.springframework.org \ -registry.hub.docker.com \ -git.onap.org \ -repo1.maven.org \ -repo.maven.apache.org" - -# default credentials to the repository -NEXUS_USERNAME=admin -NEXUS_PASSWORD=admin123 -NEXUS_EMAIL=admin@onap.org - -# this function is intended to unify the installer output -message() { - case "$1" in - info) - echo 'INFO:' "$@" - ;; - debug) - echo 'DEBUG:' "$@" >&2 - ;; - warning) - echo 'WARNING [!]:' "$@" >&2 - ;; - error) - echo 'ERROR [!!]:' "$@" >&2 - return 1 - ;; - *) - echo 'UNKNOWN [?!]:' "$@" >&2 - return 2 - ;; - esac - return 0 -} -export message - -# if the environment variable DEBUG is set to DEBUG-ONAP -> -# -> this function will print its arguments -# otherwise nothing is done -debug() { - [ "$DEBUG" = DEBUG-ONAP ] && message debug "$@" -} -export debug - -fail() { - message error "$@" - exit 1 -} - -retry() { - local n=1 - local max=5 - while ! "$@"; do - if [ $n -lt $max ]; then - n=$((n + 1)) - message warning "Command ${@} failed. Attempt: $n/$max" - message info "waiting 10s for another try..." - sleep 10s - else - fail "Command ${@} failed after $n attempts. Better to abort now." - fi - done -} - -may_self_extract() { - # extract and untar to the current directory - sed '0,/^# PAYLOAD BELOW #$/d' "$0" | tar -xvpf - ; -} - -update_hosts() { - if grep -q "^[^#]\+\s$SIMUL_HOSTS\s*\$" /etc/hosts ; then - message info "simulated domains already in /etc/hosts" - else - echo "$LOCAL_IP $SIMUL_HOSTS" >> /etc/hosts - message info "simulated domains added to /etc/hosts (please check it)" - fi - - if grep -q "^[^#]\+\s$NEXUS_FQDN\s*\$" /etc/hosts ; then - message info "nexus FQDN already in /etc/hosts" - else - echo "$LOCAL_IP $NEXUS_FQDN" >> /etc/hosts - message info "Nexus FQDN added to /etc/hosts (please check it)" - fi - - if grep -q "^[^#]\+\srepo.install-server\s*\$" /etc/hosts ; then - message info "custom repo FQDN already in /etc/hosts" - else - echo "$LOCAL_IP repo.install-server" >> /etc/hosts - message info "Nexus FQDN added to /etc/hosts (please check it)" - fi -} - -get_cfg_val() { - name="$1" - shift - ask="$@" - - value=$(eval "echo \$${name}") - if [ -z "$value" ]; then - while [ -z "$value" ] ; do - printf "${ask}" - read -r $name - - value=$(eval "echo \$${name}") - done - echo "${name}='${value}'" >> ./local_repo.conf - fi -} - -get_configuration() { - if [ -f ./local_repo.conf ]; then - . ./local_repo.conf - fi - - if [ -z "${NEXUS_FQDN}" ]; then - NEXUS_FQDN="nexus.$HOSTNAME" - echo "NEXUS_FQDN='${NEXUS_FQDN}'" >> ./local_repo.conf - fi - - if [ -z "${ONAP_SCALE}" ]; then - ONAP_SCALE=full - echo "ONAP_SCALE='${ONAP_SCALE}'" >> ./local_repo.conf - fi - - # nexus should be configured using those default entries - # if it was not put the correct inputs instead - if [ -z "${NPM_USERNAME}" ]; then - NPM_USERNAME="${NEXUS_USERNAME}" - echo "NPM_USERNAME='${NPM_USERNAME}'" >> ./local_repo.conf - fi - - if [ -z "${NPM_PASSWORD}" ]; then - NPM_PASSWORD="${NEXUS_PASSWORD}" - echo "NPM_PASSWORD='${NPM_PASSWORD}'" >> ./local_repo.conf - fi - - if [ -z "${NPM_EMAIL}" ]; then - NPM_EMAIL="$NEXUS_EMAIL" - echo "NPM_EMAIL='${NPM_EMAIL}'" >> ./local_repo.conf - fi - - export NEXUS_FQDN - export ONAP_SCALE - export NPM_USERNAME - export NPM_PASSWORD - export NPM_EMAIL - - NODE_USERNAME="root" - - if [ -z "$LOCAL_IP" ] ; then - echo - echo "======= Mandatory configuration =======" - echo - message info "fill in these mandatory configuration values" - get_cfg_val "LOCAL_IP" "Enter the public IPv4 used for this '$HOSTNAME' install machine," \ - "\nDO NOT USE LOOPBACK! (for example: 10.0.0.1): " - fi -} - -enable_local_repo() { - sed -r "s%PATH%file://$APROJECT_DIR/resources/pkg/rhel%" "$APROJECT_DIR/resources/pkg/rhel/onap.repo" > /etc/yum.repos.d/onap.repo -} - -install_packages() { - os_id="$1" - - message info "Installing packages" - - case "$os_id" in - centos) - yum -y install "$APROJECT_DIR/resources/pkg/centos/*.rpm" - ;; - rhel) - enable_local_repo - yum -y install docker-ce dnsmasq icewm firefox tigervnc-server - systemctl enable docker - systemctl start docker - ;; - ubuntu) - dpkg -i "$APROJECT_DIR/resources/pkg/ubuntu/*.deb" - ;; - *) - message error "OS release is not supported: $os_id" - message info "ABORTING INSTALLATION" - exit 1 - ;; - esac -} - -install_files() { - message info "installation of external binaries" - for binary in kubectl helm rancher jq ; do - cp "$APROJECT_DIR/resources/downloads/${binary}" /usr/local/bin/ - chmod 755 "/usr/local/bin/${binary}" - done - mkdir -p ~/.kube -} - -setup_vnc_server() { - mkdir -p ~/.vnc ~/.icewm - echo "onap" | vncpasswd -f > ~/.vnc/passwd - chmod 0600 ~/.vnc/passwd - - cat > ~/.vnc/xstartup <<EOF -#!/bin/sh - -unset SESSION_MANAGER -unset DBUS_SESSION_BUS_ADDRESS -exec icewm-session - -EOF - -chmod +x ~/.vnc/xstartup - - cat > ~/.icewm/menu <<EOF -prog Firefox firefox firefox -separator - -EOF -vncserver -} - -update_docker_cfg() { - if [ -f "/etc/docker/daemon.json" ]; then - jq '.dns += ["172.17.0.1"]' /etc/docker/daemon.json > /tmp/daemon.json - mv /tmp/daemon.json /etc/docker/daemon.json - else - echo '{"dns": ["172.17.0.1"]}' > /etc/docker/daemon.json - fi -} - -create_root_CA() { - echo "** Generate certificates **" - openssl genrsa -out $CERTS_TARGET_PATH/rootCA.key 4096 - - echo "** Generate self signed ***" - openssl req -config $GEN_CFG_PATH/cacert.cnf -key $CERTS_TARGET_PATH/rootCA.key -new -x509 -days 7300 -sha256 -extensions v3_ca \ - -out $CERTS_TARGET_PATH/rootCAcert.pem - - - # convert to crt - openssl x509 -in $CERTS_TARGET_PATH/rootCAcert.pem -inform PEM -out $CERTS_TARGET_PATH/rootCAcert.crt -} - -install_root_CA() { - os=$1 - echo "** Publishing root CA **" - if [ "$os" == "redhat" ]; then - # for centos - update-ca-trust force-enable - cp $CERTS_TARGET_PATH/rootCAcert.crt /etc/pki/ca-trust/source/anchors/ - update-ca-trust extract - elif [ "$os" == "ubuntu" ]; then - mkdir -p /usr/local/share/ca-certificates/extra - cp $CERTS_TARGET_PATH/rootCAcert.crt /usr/local/share/ca-certificates/extra - update-ca-certificates - else - echo "OS \"$os\" is not supported" - exit -2 - fi - - echo "** Restart docker (because of reload new CA) **" - systemctl restart docker - -} - -create_cert() { - server_name=$1 - - openssl genrsa -out $CERTS_TARGET_PATH/${server_name}_server.key 4096 - echo "** Generate sig request ***" - openssl req -new -config $GEN_CFG_PATH/${server_name}_cert.cnf -key $CERTS_TARGET_PATH/${server_name}_server.key -out $CERTS_TARGET_PATH/${server_name}_server.csr - - # v3.ext must be in separate file , because of bug in openssl 1.0 - echo "** sign **" - openssl x509 -req -in $CERTS_TARGET_PATH/${server_name}_server.csr\ - -extfile $GEN_CFG_PATH/v3.ext\ - -CA $CERTS_TARGET_PATH/rootCAcert.crt\ - -CAkey $CERTS_TARGET_PATH/rootCA.key\ - -CAcreateserial -out $CERTS_TARGET_PATH/${server_name}_server.crt -days 3650 -sha256 -} - -create_all_certs() { - create_cert "nexus" -} - -update_firewall() { -# TODO -#firewall-cmd --permanent --add-port=53/udp -#firewall-cmd --permanent --add-port=53/tcp -#firewall-cmd --permanent --add-port=10001/tcp -#firewall-cmd --permanent --add-port=80/tcp -#firewall-cmd --permanent --add-port=443/tcp -return 0 -} - -distribute_root_CA() { - targetip=$1 - scp $APROJECT_DIR/install_cacert.sh $targetip:. - ssh $targetip ./install_cacert.sh - echo "** Add DNS record to remote host **" - ssh $targetip "echo nameserver $LOCAL_IP > /etc/resolv.conf" -} - -upload_ansible_pkgs() { - os=$1 - targetip=$2 - #if [[ $os == "ubuntu" ]]; then - # those deb & whl packages are needed for sdnc-ansible-server pod - # independently on host OS distros - echo "** Copy required packages for sdnc-ansible-pod to kubernetes node $targetip **" - scp -r $APROJECT_DIR/resources/pkg/ubuntu/ansible_pkg $targetip:. - #fi -} - -remote_setup_nfs_server() { - os=$1 - targetip=$2 - shift 2 - scp $APROJECT_DIR/bash/tools/setup_nfs_server_${os}.sh $targetip:setup_nfs_server.sh - if [[ $os == "ubuntu" ]]; then - scp -r $APROJECT_DIR/resources/pkg/ubuntu/nfs-common-pkg/* $targetip:. - ssh $targetip dpkg -i *.deb - fi - - ssh $targetip /bin/bash ./setup_nfs_server.sh "$@" -} - -remote_setup_nfs_mount() { - os=$1 - targetip=$2 - nfsip=$3 - scp $APROJECT_DIR/bash/tools/setup_nfs_mount.sh $targetip:. - if [[ $os == "ubuntu" ]]; then - scp -r $APROJECT_DIR/resources/pkg/ubuntu/nfs-common-pkg/* $targetip:. - ssh $targetip dpkg -i *.deb - fi - ssh $targetip /bin/bash ./setup_nfs_mount.sh $nfsip -} - -enable_remote_repo() { - targetip=$1 - sed -r "s%PATH%http://repo.install-server%" $APROJECT_DIR/resources/pkg/rhel/onap.repo | ssh $targetip 'cat > /etc/yum.repos.d/onap.repo' -} - -install_remote_docker() { - targetip=$1 - os=$2 - if [[ $os == "ubuntu" ]]; then - scp -r $APROJECT_DIR/resources/pkg/ubuntu/{docker-ce_17.03.2~ce-0~ubuntu-xenial_amd64.deb,libltdl7_2.4.6-0.1_amd64.deb} $targetip:. - ssh $targetip dpkg -i *.deb - elif [[ $os == "rhel" ]]; then - ssh $targetip yum -y install docker-ce - fi - ssh $targetip "mkdir -p /etc/docker" - scp "$APROJECT_DIR/resources/downloads/jq" $targetip:/usr/local/bin/ - ssh $targetip "if [[ -f /etc/docker/daemon.json ]]; then - jq '.dns += [\"$LOCAL_IP\"]' /etc/docker/daemon.json > /tmp/daemon.json - mv /tmp/daemon.json /etc/docker/daemon.json - else - echo {'\"'dns'\"': ['\"'$LOCAL_IP'\"']} > /etc/docker/daemon.json - fi" - - ssh $targetip 'systemctl enable docker; systemctl restart docker' -} - -deploy_rancher() { - docker run -d --entrypoint "/bin/bash" --restart=unless-stopped -p 8080:8080 \ - -v $CERTS_TARGET_PATH:/usr/local/share/ca-certificates/extra:ro \ - --name rancher_server rancher/server:v1.6.14 \ - -c "/usr/sbin/update-ca-certificates;/usr/bin/entry /usr/bin/s6-svscan /service" - echo "** wait until rancher is ready **" -} - -deploy_kubernetes() { - os=$1 - set +e - for i in `seq 5 -1 1`; do - API_RESPONSE=`curl -s 'http://127.0.0.1:8080/v2-beta/apikey' \ - -d '{"type":"apikey","accountId":"1a1","name":"autoinstall"\ - ,"description":"autoinstall","created":null,"kind":null,\ - "removeTime":null,"removed":null,"uuid":null}'` - if [[ "$?" -eq 0 ]]; then - KEY_PUBLIC=`echo $API_RESPONSE | jq -r .publicValue` - KEY_SECRET=`echo $API_RESPONSE | jq -r .secretValue` - break - fi - echo "Waiting for rancher server to start" - sleep 60 - done - set -e - export RANCHER_URL=http://${LOCAL_IP}:8080 - export RANCHER_ACCESS_KEY=$KEY_PUBLIC - export RANCHER_SECRET_KEY=$KEY_SECRET - - rancher env ls - echo "wait 60 sec for rancher environments can settle before we create the onap kubernetes one" - sleep 60 - - rancher env create -t kubernetes onap > kube_env_id.json - PROJECT_ID=$(<kube_env_id.json) - echo "env id: $PROJECT_ID" - export RANCHER_HOST_URL=http://${LOCAL_IP}:8080/v1/projects/$PROJECT_ID - - for i in `seq 5`; do - status=$(rancher env ls | grep $PROJECT_ID | awk '{print $4}') - if [[ "$status" == "active" ]]; then - echo "Check on environments again before registering the URL response" - rancher env ls - break - fi - echo "Wait for environment to become active" - sleep 30 - done - - REG_URL_RESPONSE=`curl -X POST -u $KEY_PUBLIC:$KEY_SECRET -H 'Accept: application/json' -H 'ContentType: application/json' -d '{"name":"$LOCAL_IP"}' "http://$LOCAL_IP:8080/v1/projects/$PROJECT_ID/registrationtokens"` - echo "wait for server to finish url configuration - 3 min" - sleep 180 - # see registrationUrl in - REGISTRATION_TOKENS=`curl http://127.0.0.1:8080/v2-beta/registrationtokens` - REGISTRATION_DOCKER=`echo $REGISTRATION_TOKENS | jq -r .data[0].image` - REGISTRATION_TOKEN=`echo $REGISTRATION_TOKENS | jq -r .data[0].token` - - # base64 encode the kubectl token from the auth pair - # generate this after the host is registered - KUBECTL_TOKEN=$(echo -n 'Basic '$(echo -n "$RANCHER_ACCESS_KEY:$RANCHER_SECRET_KEY" | base64 -w 0) | base64 -w 0) - echo "KUBECTL_TOKEN base64 encoded: ${KUBECTL_TOKEN}" - cat > ~/.kube/config <<EOF -apiVersion: v1 -kind: Config -clusters: -- cluster: - api-version: v1 - insecure-skip-tls-verify: true - server: "https://$LOCAL_IP:8080/r/projects/$PROJECT_ID/kubernetes:6443" - name: "onap" -contexts: -- context: - cluster: "onap" - user: "onap" - name: "onap" -current-context: "onap" -users: -- name: "onap" - user: - token: "$KUBECTL_TOKEN" - -EOF - - if [[ $os == "rhel" ]]; then - echo "Upgrade datavolume for RHEL" - KUBELET_ID=`curl http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/ | jq -r '.data[] | select(.name=="kubelet")'.id` - OLD_LAUNCH_CONFIG=`curl http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID} | jq '.launchConfig'` - NEW_LAUNCH_CONFIG=`echo $OLD_LAUNCH_CONFIG | jq '.dataVolumes[2]="/sys/fs/cgroup:/sys/fs/cgroup:ro,rprivate"'` - - DATA="{ - \"inServiceStrategy\": { - \"batchSize\": 1, - \"intervalMillis\": 2000, - \"startFirst\": false, - \"launchConfig\": ${NEW_LAUNCH_CONFIG}, - \"secondaryLaunchConfigs\": [] - } - }" - curl -s -u $KEY_PUBLIC:$KEY_SECRET -X POST -H 'Content-Type: application/json' -d "${DATA}" "http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID}?action=upgrade" > /dev/null - - echo "Give environment time to update (30 sec)" - sleep 30 - - curl -s -u $KEY_PUBLIC:$KEY_SECRET -X POST "http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID}?action=finishupgrade" > /dev/null - fi -} - -deploy_rancher_agent() { - nodeip=$1 - if [ -z "$REGISTRATION_DOCKER" ]; then - echo "ASSERT: Missing REGISTRATION_DOCKER" - exit 1 - fi - if [ -z "$RANCHER_URL" ]; then - echo "ASSERT: Missing RANCHER_URL" - exit 1 - fi - if [ -z "$REGISTRATION_TOKEN" ]; then - echo "ASSERT: Missing REGISTRATION_TOKEN" - exit 1 - fi - - ssh $nodeip "docker run --rm --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/racher:/var/lib/rancher $REGISTRATION_DOCKER $RANCHER_URL/v1/scripts/$REGISTRATION_TOKEN" - echo "waiting 2 min for creating kubernetes environment" - sleep 120 -} - -deploy_node() { - nodeip=$1 - os=$2 - echo "Deploying node $nodeip" - distribute_root_CA $nodeip - install_remote_docker $nodeip $os - deploy_rancher_agent $nodeip -} - -deploy_onap() { - pushd $APROJECT_DIR/resources/oom/kubernetes - helm init --upgrade --skip-refresh - # this might fail - set +e - helm repo remove stable - set -e - helm serve & - echo "wait a moment before helm will come up ..." - sleep 5 - helm repo add local http://127.0.0.1:8879 - make all - #Pass the CA certificate contents directly during installation. - helm install local/onap -n dev --namespace onap \ - --set "global.cacert=$(cat ${CERTS_TARGET_PATH}/rootCAcert.crt)" - popd -} - -expand_file() { - file=$1 - # print warning if patched file does not exist as some charts - # might not be available for some deployments - if [ ! -f "$file" ]; then - echo "WARNING: Can't patch file $file because this file does not exists." - return 0 - fi - - shift - - for ivar in "$@" ; do - ivalue=$(eval 'echo "$'${ivar}'"') - sed -i "s#${ivar}#${ivalue}#g" "$file" - done -} - -patch_npm_oom() { - if [ -z "$LOCAL_IP" ] ; then - echo "ERROR: LOCAL_IP unset" - return 1 - fi - if [ -z "$NEXUS_FQDN" ] ; then - echo "ERROR: NEXUS_FQDN unset" - return 1 - fi - - UPDATE_HOSTS_FILE="$LOCAL_IP $NEXUS_FQDN" - UPDATE_NPM_REGISTRY="npm set registry \"http://${NEXUS_FQDN}/repository/npm-private/\"" - - expand_file $APROJECT_DIR/resources/oom/kubernetes/common/dgbuilder/templates/deployment.yaml \ - UPDATE_HOSTS_FILE \ - UPDATE_NPM_REGISTRY - expand_file $APROJECT_DIR/resources/oom/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml \ - UPDATE_HOSTS_FILE \ - UPDATE_NPM_REGISTRY -} - -patch_spring_oom() { - if [ -z "$LOCAL_IP" ] ; then - echo "ERROR: LOCAL_IP unset" - return 1 - fi - - UPDATE_HOSTS_FILE="$LOCAL_IP www.springframework.org" - expand_file $APROJECT_DIR/resources/oom/kubernetes/dmaap/charts/message-router/templates/deployment.yaml \ - UPDATE_HOSTS_FILE -} - -patch_cfy_manager_depl() { - os="$1" - file="${APROJECT_DIR}/resources/oom/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml" - - case "$os" in - centos|rhel) - CERT_PATH="/etc/pki/ca-trust/source/anchors" - ;; - ubuntu) - CERT_PATH="/usr/local/share/ca-certificates/extra" - ;; - '') - echo "ERROR: missing argument" - return 1 - ;; - *) - echo "ERROR: unknown OS: ${os}" - return 1 - ;; - esac - - expand_file "$file" CERT_PATH -} - -copy_onap_values_file() { - cp "${APROJECT_DIR}/${CUSTOM_CFG_RELPATH:-cfg}/${ONAP_SCALE}_depl_values.yaml" \ - "${APROJECT_DIR}/resources/oom/kubernetes/onap/values.yaml" -} diff --git a/bash/tools/create_si_cacert_pkg.sh b/bash/tools/create_si_cacert_pkg.sh deleted file mode 100755 index 197f0c0f..00000000 --- a/bash/tools/create_si_cacert_pkg.sh +++ /dev/null @@ -1,29 +0,0 @@ -#! /bin/bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -self="$0" -tools_dir=$(dirname "$self") - -TARGET_FILE="./install_cacert.sh" - -cat "$tools_dir/certificates/self_extract_cacert.sh" "$tools_dir/../../live/certs/rootCAcert.crt" > $TARGET_FILE -chmod a+x $TARGET_FILE -echo "Created self installation file: $TARGET_FILE" diff --git a/bash/tools/create_si_onap_pkg.sh b/bash/tools/create_si_onap_pkg.sh deleted file mode 100755 index 759a1ebc..00000000 --- a/bash/tools/create_si_onap_pkg.sh +++ /dev/null @@ -1,88 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# fail fast -set -e - -# boilerplate -RELATIVE_PATH=./ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -if [ -z "$1" ]; then - VERSION="RC3" - message info "no argument supplied, keeping default naming: $VERSION" -else - VERSION="$1" -fi - -# name of the self-extract-installer -TARGET_FILE="$APROJECT_DIR/selfinstall_onap_beijing_"$VERSION".sh" - -# inserting the head of the script -cat > "$TARGET_FILE" <<EOF -#! /usr/bin/env bash - -# -# This is self-extract installer for onap -# - -# fail fast -set -e - -# boilerplate -SCRIPT_DIR=\$(dirname "\${0}") -APROJECT_DIR=\$(readlink -f "\$SCRIPT_DIR") -IS_SELF_EXTRACT=YES - -EOF - -# splicing the scripts together -cat "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh >> "$TARGET_FILE" -cat "${LOCAL_PATH}"/"${RELATIVE_PATH}"/deploy_nexus.sh >> "$TARGET_FILE" -cat "${LOCAL_PATH}"/"${RELATIVE_PATH}"/deploy_kube.sh >> "$TARGET_FILE" - -# finishing touches to the script -cat >> "$TARGET_FILE" <<EOF - -exit 0 - -# -# Installer script ends here -# The rest of this file is a binary payload -# ! DO NOT MODIFY IT ! -# - -# PAYLOAD BELOW # -EOF - -# appending the tar to the script -cd "$APROJECT_DIR" -tar -h --exclude='.git' --exclude='*.swp' --exclude='selfinstall_onap_*.sh' --exclude='ansible' --exclude='docker' --exclude='local_repo.conf' --exclude='live' -cvf - * >> "$TARGET_FILE" -cd - - -chmod 755 "$TARGET_FILE" -message info "Created Nexus self installation file: $TARGET_FILE" - -exit 0 diff --git a/bash/tools/creating_data/docker-login.sh b/bash/tools/creating_data/docker-login.sh deleted file mode 100755 index d57e23bd..00000000 --- a/bash/tools/creating_data/docker-login.sh +++ /dev/null @@ -1,38 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# boilerplate -RELATIVE_PATH=../ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -echo "Reading configuration" -get_configuration - -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" docker.elastic.co -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" gcr.io -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" nexus3.onap.org:10001 -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" registry.hub.docker.com -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" "$NEXUS_FQDN" diff --git a/bash/tools/creating_data/load-docker-images.sh b/bash/tools/creating_data/load-docker-images.sh deleted file mode 100755 index 685bed42..00000000 --- a/bash/tools/creating_data/load-docker-images.sh +++ /dev/null @@ -1,75 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# boilerplate -RELATIVE_PATH=../ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -CLEAN=false - -if [ -z "$NEXUS_HOST" ]; then - echo "Independent run for inserting of additional docker images" - CLEAN=true - mv ~/.docker/config.json ~/.docker/config.json_backup 2>/dev/null - source "$LOCAL_PATH/docker-login.sh" -fi - -IMG_DIR="$1" -if [[ -z "$IMG_DIR" ]]; then - IMG_DIR="$(pwd)/images" -fi - -if [[ ! -d "${IMG_DIR}" ]]; then - echo "No ${IMG_DIR} to load images" - exit 0 -fi - -load_image() { - local image="$1" - echo "[DEBUG] load ${image}" - result=$(docker load -i "${image}") - echo $result - name=$(echo $result | awk '{print $3}') - echo "[DEBUG] pushing $name" - retry docker push "$name" - # delete pushed image from docker - retry docker rmi "$name" -} - -IMAGES=$(find ${IMG_DIR} -name "*.tar" -type f) -lines=$(echo ${IMAGES} | wc -l) -line=1 -for image in ${IMAGES}; do - echo "== pkg #$line of $lines ==" - load_image "$image" - - line=$((line+1)) -done - -if [ "$CLEAN" = true ]; then - # onap is using different credentials for docker login which can be conflicted - # with ours so better to clean this-up - rm ~/.docker/config.json -fi diff --git a/bash/tools/creating_data/upload-maven-files.sh b/bash/tools/creating_data/upload-maven-files.sh deleted file mode 100755 index 07d6e7ab..00000000 --- a/bash/tools/creating_data/upload-maven-files.sh +++ /dev/null @@ -1,43 +0,0 @@ -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - -DATA_DIR="$1" -if [[ -z "$DATA_DIR" ]]; then - # needs for example: /root/onap-offline-installer/http - echo "Mising arg DATA_DIR" - echo "Usage: $0 <path to http dir> <name of server> [<next server>...]" - exit 1 -fi - -shift -cd "$DATA_DIR" - -for server in $*; do - echo "Uploading to server: $server" - - lines=$(find $server/ -type f | wc -l) - count=1 - while read -r url; do - echo "== pkg #$count of $lines ==" - count=$((count + 1)) - path="$url" - echo "Uploading file: $url" - curl -u admin:admin123 --upload-file $path http://$url - - done <<< "$(find $server/ -type f)" -done diff --git a/bash/tools/creating_data/upload-npm-pkgs.sh b/bash/tools/creating_data/upload-npm-pkgs.sh deleted file mode 100755 index 9a7ed559..00000000 --- a/bash/tools/creating_data/upload-npm-pkgs.sh +++ /dev/null @@ -1,48 +0,0 @@ -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - -LIST_FILE="$1" -if [[ -z "$LIST_FILE" ]]; then - echo "Mising arg LIST_FILE" - exit 1 -fi - -DATA_DIR="$2" -if [[ -z "$DATA_DIR" ]]; then - echo "Mising arg DATA_DIR" - exit 1 -fi - -NEXUS_HOST="$3" -if [[ -z "$NEXUS_HOST" ]]; then - echo "Mising arg NEXUS_HOST" - exit 1 -fi - -npm config set registry $NEXUS_HOST/repository/npm-private/ -# npm adduser moved to top - -cd "$DATA_DIR" -lines=$(ls *.tgz | wc -l) -cnt=1 -for line in *.tgz; do - echo "== pkg #$cnt of $lines ==" - # yallist@2.1.2 - npm publish --access public "${line}" - cnt=$((cnt+1)) -done diff --git a/bash/tools/deploy_kube.sh b/bash/tools/deploy_kube.sh deleted file mode 100755 index f2a77be1..00000000 --- a/bash/tools/deploy_kube.sh +++ /dev/null @@ -1,95 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# fail fast -set -e - -# OS check -. /etc/os-release -OS_ID="${ID}" - -case "$OS_ID" in - centos) - ;; - rhel) - ;; - ubuntu) - ;; - *) - echo This OS is not supported: $OS_ID - exit 1 - ;; -esac - -# boilerplate -RELATIVE_PATH=./ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -message info "Reading configuration" -get_configuration -if [ -z "$NODES_IPS" ] ; then - get_cfg_val "NODES_IPS" "Enter the public IPv4 addresses of kubernetes nodes separated by space," \ - "\n(for example: 10.0.0.2 10.0.0.3 ...): " -fi - -echo "Wait for nexus startup (1min)" -sleep 60 - - -# on install server -deploy_rancher -deploy_kubernetes "$OS_ID" - -echo "Setting up ONAP Local Repo on Kubernetes nodes" -for node in ${NODES_IPS} ; do - enable_remote_repo $node -done - -# setup NFS on nodes -assort_nodes_ips() { - nfs_server="$1" - shift - nfs_clients="$*" -} -assort_nodes_ips ${NODES_IPS} -if [ -n "${nfs_clients}" ]; then - echo "Setting up NFS" - remote_setup_nfs_server $OS_ID ${nfs_server} ${nfs_clients} - for node in ${nfs_clients} ; do - remote_setup_nfs_mount $OS_ID $node ${nfs_server} - done -else - echo "Only one node set. Skipping nfs configuration" -fi - -echo "Copy ansible packages for onap ansible-server" -for node in ${NODES_IPS} ; do - upload_ansible_pkgs $OS_ID $node -done - -# to nodes -for node in ${NODES_IPS} ; do - deploy_node $node $OS_ID -done diff --git a/bash/tools/deploy_nexus.sh b/bash/tools/deploy_nexus.sh deleted file mode 100755 index 1532c614..00000000 --- a/bash/tools/deploy_nexus.sh +++ /dev/null @@ -1,194 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# fail fast -set -e - -# OS check -. /etc/os-release -OS_ID="${ID}" - -case "$OS_ID" in - centos) - ;; - rhel) - ;; - ubuntu) - ;; - *) - echo This OS is not supported: $OS_ID - exit 1 - ;; -esac - -# boilerplate -RELATIVE_PATH=./ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -# -# local functions -# - -start_nexus() { - echo "** Starting nexus **" - if [[ -z "$NEXUS_DATA" ]]; then - echo "Nexus data env is not set" - exit -3 - fi - - # valid for case of fresh nexus deployment - # data are inserted in later phases - mkdir -p $NEXUS_DATA - # hardening - chmod a+wrX $NEXUS_DATA - chown -R 200:200 $NEXUS_DATA - - docker rm -f nexus 1> /dev/null 2>&1 || true - - docker run -d --name nexus\ - --restart unless-stopped \ - -v $NEXUS_DATA:/nexus-data:rw \ - sonatype/nexus3 - - echo "** Creating docker network **" - docker network create nexus_network - docker network connect nexus_network nexus -} - -start_nginx() { - echo "** Starting reverse proxy - nginx **" - - docker rm -f nginx 1> /dev/null 2>&1 || true - mkdir -p $NGINX_HTTP_DIR/repo.install-server - - mkdir -p "$NGINX_HTTP_DIR/repo.install-server" - - docker run -d -p 80:80 -p 443:443 -p 10001:443 \ - --name nginx \ - --network nexus_network \ - -v $GEN_CFG_PATH/nginx.conf:/etc/nginx/nginx.conf:ro \ - -v $CERTS_TARGET_PATH:/etc/nginx/certs:ro \ - -v $GIT_REPOS:/srv/git:rw \ - -v $NGINX_LOG_DIR:/var/log/nginx:rw \ - -v $NGINX_HTTP_DIR:/srv/http:ro \ - -v $RHEL_REPO:/srv/http/repo.install-server:ro \ - --restart unless-stopped \ - own_nginx -} - -patch_cert() { - file=$1 - cp "$APROJECT_DIR/cfg/$file" "$GEN_CFG_PATH/$file" -# sed "s#countryName =.*#countryName = $CERT_COUNTRY#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file -# sed "s#localityName =.*#localityName = $CERT_LOCALITY#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file -# sed "s#organizationName =.*#organizationName = $CERT_ORGANIZATION#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file -} - -patch_conf_files() { - # patch nexus and root cert - patch_cert nexus_cert.cnf - patch_cert cacert.cnf - - # patch nexus v3 ext cert - sed "s#nexus.student12#$NEXUS_FQDN#" "$APROJECT_DIR/cfg/v3.ext" > $GEN_CFG_PATH/v3.ext - - #patch nginx.conf - sed "s#nexus.student12#$NEXUS_FQDN#" "$APROJECT_DIR/cfg/nginx.conf" > $GEN_CFG_PATH/nginx.conf -} - -# -# body -# - -message info "Nexus will be installed into this directory: $(pwd)" - -if ! [ -f ./local_repo.conf ]; then - printf "[?] > Do you want continue? (if no, hit CTRL+C): " - read x -fi - -message info "Reading configuration" -get_configuration - -mkdir -p "$CERTS_TARGET_PATH" -mkdir -p "$NGINX_LOG_DIR" -mkdir -p "$GEN_CFG_PATH" -if [ "$IS_SELF_EXTRACT" = YES ] ; then - message info "Now I will untar the resources" - message info "This may take a long time..." - sleep 3s - may_self_extract -fi - -# -echo "Cleanup docker (if installed)" -docker rm -f nginx 1> /dev/null 2>&1 || true -docker rm -f nexus 1> /dev/null 2>&1 || true - -install_files -install_packages "$OS_ID" -setup_vnc_server - -update_hosts - -# TODO -#check_dependencies - -echo "Restarting dnsmasq" -# TODO dnsmasq config? -systemctl enable dnsmasq -systemctl restart dnsmasq - -echo "** Generating config files to $GEN_CFG_PATH **" -echo "Configure ssl certificates" - -patch_conf_files -create_root_CA - -# create selfinstall CA cert -$BASH_SCRIPTS_DIR/tools/create_si_cacert_pkg.sh -# run generated file -./install_cacert.sh - -create_cert "nexus" - -echo "** Certificates finished **" - -update_docker_cfg - -echo "Restarting docker" -systemctl enable docker -systemctl restart docker - -update_firewall - -set +e - -echo "** Loading images **" -docker load -i $RESOURCES_DIR/offline_data/docker_images_infra/sonatype_nexus3_latest.tar -docker load -i $RESOURCES_DIR/offline_data/docker_images_infra/own_nginx_latest.tar - -start_nexus -start_nginx diff --git a/bash/tools/gather_data_lists.sh b/bash/tools/gather_data_lists.sh deleted file mode 100755 index 3e046cbe..00000000 --- a/bash/tools/gather_data_lists.sh +++ /dev/null @@ -1,34 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - -script_dir="$(dirname ${BASH_SOURCE[0]})" -tools=$(readlink -f "$script_dir") - -echo "WARNING: This script won't be used except rare internal usage, it's just illustrating how we collected lists of artifacts to be downloaded. It's already deprecated" - -TOOLS="$tools/creating_data" -export LISTS_DIR="$tools/data_list" -export ONAP_SERVERS="oom-beijing-postRC2-master oom-beijing-postRC2-compute1 oom-beijing-postRC2-compute2" -OOM_PATH="$tools/../../resources/oom" - -$TOOLS/remote-list-gathering.sh -$TOOLS/make-git-http-list.sh "$OOM_PATH" - - diff --git a/bash/tools/load_stored_offline_data.sh b/bash/tools/load_stored_offline_data.sh deleted file mode 100755 index c04e9893..00000000 --- a/bash/tools/load_stored_offline_data.sh +++ /dev/null @@ -1,87 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# boilerplate -RELATIVE_PATH=./ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -tools="${LOCAL_PATH}" -message info "Reading configuration" -get_configuration - -CTOOLS="$tools/creating_data" -LISTS_DIR="$tools/data_list" -DATA_DIR="$tools/../../resources/offline_data" -export NEXUS_HOST="https://$NEXUS_FQDN" -NPM_REGISTRY="$NEXUS_HOST/repository/npm-private/" - -TOTAL=5 -CURR=1 - -message info "Loading started: $(date)" - -# backup config.json before we change it in docker-login -# however no use for restoring it found -mv ~/.docker/config.json ~/.docker/config.json_backup 2>/dev/null - -echo "[Step $((CURR++))/$TOTAL Setting-up docker login for inserting docker images]" -$CTOOLS/docker-login.sh - -echo "[Step $((CURR++))/$TOTAL Inserting docker images into local nexus]" -$CTOOLS/load-docker-images.sh "$DATA_DIR/docker_images_for_nexus" - -echo "[Step $((CURR++))/$TOTAL Setting-up npm for inserting npm pkgs into local nexus]" - -npm config set registry $NPM_REGISTRY - -/usr/bin/expect <<EOF -spawn npm login -expect "Username:" -send "${NPM_USERNAME}\n" -expect "Password:" -send "${NPM_PASSWORD}\n" -expect Email: -send "${NPM_EMAIL}\n" -expect eof -EOF - -echo "[WA] for tss package - this package uses already specified repo and dont accept our simulated domain" - -cd $DATA_DIR/npm_tar -tar xvzf tsscmp-1.0.5.tgz -rm -f tsscmp-1.0.5.tgz -sed -i "s|https://registry.npmjs.org|${NPM_REGISTRY}|g" package/package.json -tar -zcvf tsscmp-1.0.5.tgz package -rm -rf package -cd - - -echo "[Step $((CURR++))/$TOTAL Inserting npm packages into local nexus]" -$CTOOLS/upload-npm-pkgs.sh "$LISTS_DIR/npm_list.txt" "$DATA_DIR/npm_tar" "$NEXUS_HOST" - -# onap is using different credentials for docker login which can be conflicted -# with ours so better to clean this-up -rm ~/.docker/config.json - -message info "Loading finished: $(date)" diff --git a/bash/tools/setup_nfs_mount.sh b/bash/tools/setup_nfs_mount.sh deleted file mode 100755 index eee471ba..00000000 --- a/bash/tools/setup_nfs_mount.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -usage () { - echo "Usage:" - echo " ./$(basename $0) nfs_master_ip" - exit 1 -} - -if [ "$#" -ne 1 ]; then - echo "Missing NFS mater node" - usage -fi - -MASTER_IP=$1 - -#Install NFS common -#sudo apt-get update -#sudo apt-get install -y nfs-common - -#Create NFS directory -sudo mkdir -p /dockerdata-nfs - -#Mount the remote NFS directory to the local one -sudo mount $MASTER_IP:/dockerdata-nfs /dockerdata-nfs/ -echo "$MASTER_IP:/dockerdata-nfs /dockerdata-nfs nfs auto,nofail,noatime,nolock,intr,tcp,actimeo=1800 0 0" | sudo tee -a /etc/fstab diff --git a/bash/tools/setup_nfs_server_rhel.sh b/bash/tools/setup_nfs_server_rhel.sh deleted file mode 100755 index 24fe2b59..00000000 --- a/bash/tools/setup_nfs_server_rhel.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -usage () { - echo "Usage:" - echo " ./$(basename $0) node1_ip node2_ip ... nodeN_ip" - exit 1 -} - -if [ "$#" -lt 1 ]; then - echo "Missing NFS slave nodes" - usage -fi - -#Install NFS kernel -#sudo apt-get update -#sudo apt-get install -y nfs-kernel-server - -#Create /dockerdata-nfs and set permissions -sudo mkdir -p /dockerdata-nfs -sudo chmod 777 -R /dockerdata-nfs -sudo chown nobody:nobody /dockerdata-nfs/ - -#Update the /etc/exports -NFS_EXP="" -for i in $@; do - NFS_EXP+="$i(rw,sync,no_root_squash,no_subtree_check) " -done -echo "/dockerdata-nfs "$NFS_EXP | sudo tee -a /etc/exports - -#Restart the NFS service -sudo exportfs -a -sudo systemctl restart nfs-server diff --git a/bash/tools/setup_nfs_server_ubuntu.sh b/bash/tools/setup_nfs_server_ubuntu.sh deleted file mode 100755 index fad3abbd..00000000 --- a/bash/tools/setup_nfs_server_ubuntu.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -usage () { - echo "Usage:" - echo " ./$(basename $0) node1_ip node2_ip ... nodeN_ip" - exit 1 -} - -if [ "$#" -lt 1 ]; then - echo "Missing NFS slave nodes" - usage -fi - -#Install NFS kernel -#sudo apt-get update -#sudo apt-get install -y nfs-kernel-server - -#Create /dockerdata-nfs and set permissions -sudo mkdir -p /dockerdata-nfs -sudo chmod 777 -R /dockerdata-nfs -sudo chown nobody:nogroup /dockerdata-nfs/ - -#Update the /etc/exports -NFS_EXP="" -for i in $@; do - NFS_EXP+="$i(rw,sync,no_root_squash,no_subtree_check) " -done -echo "/dockerdata-nfs "$NFS_EXP | sudo tee -a /etc/exports - -#Restart the NFS service -sudo exportfs -a -sudo systemctl restart nfs-kernel-server diff --git a/build/common-functions.sh b/build/common-functions.sh new file mode 100755 index 00000000..e39c4778 --- /dev/null +++ b/build/common-functions.sh @@ -0,0 +1,92 @@ +# COPYRIGHT NOTICE STARTS HERE +# +# Copyright 2018 © Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# COPYRIGHT NOTICE ENDS HERE + +# +# this file contains shared variables and functions for the onap installer +# + +# any script which needs this file can check this variable +# and it will know immediately if the functions and variables +# are loaded and usable +IS_COMMON_FUNCTIONS_SOURCED=YES + +PATH="${PATH}:/usr/local/bin:/usr/local/sbin" +export PATH + +# just self-defense against locale +LANG=C +export LANG + +# default credentials to the repository +NEXUS_USERNAME=admin +NEXUS_PASSWORD=admin123 +NEXUS_EMAIL=admin@onap.org + +# this function is intended to unify the installer output +message() { + case "$1" in + info) + echo 'INFO:' "$@" + ;; + debug) + echo 'DEBUG:' "$@" >&2 + ;; + warning) + echo 'WARNING [!]:' "$@" >&2 + ;; + error) + echo 'ERROR [!!]:' "$@" >&2 + return 1 + ;; + *) + echo 'UNKNOWN [?!]:' "$@" >&2 + return 2 + ;; + esac + return 0 +} +export message + +# if the environment variable DEBUG is set to DEBUG-ONAP -> +# -> this function will print its arguments +# otherwise nothing is done +debug() { + [ "$DEBUG" = DEBUG-ONAP ] && message debug "$@" +} +export debug + +fail() { + message error "$@" + exit 1 +} + +retry() { + local n=1 + local max=5 + while ! "$@"; do + if [ $n -lt $max ]; then + n=$((n + 1)) + message warning "Command ${@} failed. Attempt: $n/$max" + message info "waiting 10s for another try..." + sleep 10s + else + fail "Command ${@} failed after $n attempts. Better to abort now." + fi + done +} + diff --git a/bash/tools/creating_data/create_nginx_image/01create-image.sh b/build/creating_data/create_nginx_image/01create-image.sh index 86d96cf2..86d96cf2 100755 --- a/bash/tools/creating_data/create_nginx_image/01create-image.sh +++ b/build/creating_data/create_nginx_image/01create-image.sh diff --git a/bash/tools/creating_data/create_nginx_image/Dockerfile b/build/creating_data/create_nginx_image/Dockerfile index 412d4edb..6a14f221 100644 --- a/bash/tools/creating_data/create_nginx_image/Dockerfile +++ b/build/creating_data/create_nginx_image/Dockerfile @@ -20,13 +20,8 @@ FROM nginx:alpine RUN apk add --no-cache --update fcgiwrap git git-daemon spawn-fcgi -#RUN mkdir /srv/http -#VOLUME ["/var/log/nginx"] - COPY gitconfig /etc/ -#COPY nginx.conf /etc/nginx/nginx.conf CMD spawn-fcgi -M 666 -s /var/run/fcgiwrap.socket /usr/bin/fcgiwrap && \ nginx -g "daemon off;" -#CMD ["spawn-fcgi","-M 666","-s /var/run/fcgiwrap.socket","/usr/sbin/fcgiwrap"] diff --git a/bash/tools/creating_data/create_nginx_image/gitconfig b/build/creating_data/create_nginx_image/gitconfig index 0c6ab113..0c6ab113 100644 --- a/bash/tools/creating_data/create_nginx_image/gitconfig +++ b/build/creating_data/create_nginx_image/gitconfig diff --git a/bash/tools/creating_data/download-bin-tools.sh b/build/creating_data/download-bin-tools.sh index b48cd2df..a0087517 100755 --- a/bash/tools/creating_data/download-bin-tools.sh +++ b/build/creating_data/download-bin-tools.sh @@ -34,9 +34,6 @@ download() { curl --retry 5 -y 10 -Y 10 --location "$url" -o "$file" } -download "https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64" -mv ./jq-linux64 ./jq - download "https://storage.googleapis.com/kubernetes-release/release/v1.8.10/bin/linux/amd64/kubectl" download "https://storage.googleapis.com/kubernetes-helm/helm-v2.8.2-linux-amd64.tar.gz" @@ -48,4 +45,4 @@ tar -xf ./rancher-linux-amd64-v0.6.7.tar.gz ./rancher-v0.6.7/rancher -O > ranche rm ./rancher-linux-amd64-v0.6.7.tar.gz -chmod a+x ./helm ./jq ./kubectl ./rancher +chmod a+x ./helm ./kubectl ./rancher diff --git a/bash/tools/creating_data/download-docker-images.sh b/build/creating_data/download-docker-images.sh index 121cd5af..121cd5af 100755 --- a/bash/tools/creating_data/download-docker-images.sh +++ b/build/creating_data/download-docker-images.sh diff --git a/bash/tools/creating_data/download-files.sh b/build/creating_data/download-files.sh index 89e2026c..89e2026c 100755 --- a/bash/tools/creating_data/download-files.sh +++ b/build/creating_data/download-files.sh diff --git a/bash/tools/creating_data/download-git-repos.sh b/build/creating_data/download-git-repos.sh index 9d651d93..9d651d93 100755 --- a/bash/tools/creating_data/download-git-repos.sh +++ b/build/creating_data/download-git-repos.sh diff --git a/bash/tools/creating_data/download-http-files.sh b/build/creating_data/download-http-files.sh index 06f41354..06f41354 100755 --- a/bash/tools/creating_data/download-http-files.sh +++ b/build/creating_data/download-http-files.sh diff --git a/bash/tools/creating_data/download-npm-pkgs.sh b/build/creating_data/download-npm-pkgs.sh index 9e8847c9..9e8847c9 100755 --- a/bash/tools/creating_data/download-npm-pkgs.sh +++ b/build/creating_data/download-npm-pkgs.sh diff --git a/bash/tools/creating_data/download-oom.sh b/build/creating_data/download-oom.sh index 010eeec1..010eeec1 100755 --- a/bash/tools/creating_data/download-oom.sh +++ b/build/creating_data/download-oom.sh diff --git a/bash/tools/creating_data/download-pip.sh b/build/creating_data/download-pip.sh index dea60b52..dea60b52 100755 --- a/bash/tools/creating_data/download-pip.sh +++ b/build/creating_data/download-pip.sh diff --git a/bash/tools/creating_data/download-pkg.sh b/build/creating_data/download-pkg.sh index 03bfe07f..03bfe07f 100755 --- a/bash/tools/creating_data/download-pkg.sh +++ b/build/creating_data/download-pkg.sh diff --git a/bash/tools/creating_data/make-docker-images-list.sh b/build/creating_data/make-docker-images-list.sh index b925d91d..b925d91d 100755 --- a/bash/tools/creating_data/make-docker-images-list.sh +++ b/build/creating_data/make-docker-images-list.sh diff --git a/bash/tools/creating_data/make-git-http-list.sh b/build/creating_data/make-git-http-list.sh index a724d6f0..a724d6f0 100755 --- a/bash/tools/creating_data/make-git-http-list.sh +++ b/build/creating_data/make-git-http-list.sh diff --git a/bash/tools/creating_data/make-npm-list.sh b/build/creating_data/make-npm-list.sh index 5901d54d..5901d54d 100755 --- a/bash/tools/creating_data/make-npm-list.sh +++ b/build/creating_data/make-npm-list.sh diff --git a/bash/tools/creating_data/remote-list-gathering.sh b/build/creating_data/remote-list-gathering.sh index 73fb164a..dde1e0f5 100755 --- a/bash/tools/creating_data/remote-list-gathering.sh +++ b/build/creating_data/remote-list-gathering.sh @@ -18,7 +18,6 @@ if [[ -z "$ONAP_SERVERS" ]]; then -# ONAP_SERVERS="oom-beijing-postRC2-master oom-beijing-postRC2-compute1 oom-beijing-postRC2-compute2" echo "Missing environment ONAP_SERVERS" exit 1 fi diff --git a/bash/tools/creating_data/save-docker-images.sh b/build/creating_data/save-docker-images.sh index f4a5d3c7..f4a5d3c7 100755 --- a/bash/tools/creating_data/save-docker-images.sh +++ b/build/creating_data/save-docker-images.sh diff --git a/bash/tools/data_list/docker_image_list.txt b/build/data_list/docker_image_list.txt index 2a039bc1..2a039bc1 100644 --- a/bash/tools/data_list/docker_image_list.txt +++ b/build/data_list/docker_image_list.txt diff --git a/bash/tools/data_list/docker_manual_image_list.txt b/build/data_list/docker_manual_image_list.txt index c4873487..c4873487 100644 --- a/bash/tools/data_list/docker_manual_image_list.txt +++ b/build/data_list/docker_manual_image_list.txt diff --git a/bash/tools/data_list/git_manual_list b/build/data_list/git_manual_list index 43273678..43273678 100644 --- a/bash/tools/data_list/git_manual_list +++ b/build/data_list/git_manual_list diff --git a/bash/tools/data_list/git_repos_list b/build/data_list/git_repos_list index fbfeaaf5..fbfeaaf5 100644 --- a/bash/tools/data_list/git_repos_list +++ b/build/data_list/git_repos_list diff --git a/bash/tools/data_list/http_manual_list.txt b/build/data_list/http_manual_list.txt index c7486b7f..c7486b7f 100644 --- a/bash/tools/data_list/http_manual_list.txt +++ b/build/data_list/http_manual_list.txt diff --git a/bash/tools/data_list/npm_list.txt b/build/data_list/npm_list.txt index 84528569..84528569 100644 --- a/bash/tools/data_list/npm_list.txt +++ b/build/data_list/npm_list.txt diff --git a/bash/tools/data_list/pip_list.txt b/build/data_list/pip_list.txt index a4b09092..a4b09092 100644 --- a/bash/tools/data_list/pip_list.txt +++ b/build/data_list/pip_list.txt diff --git a/bash/tools/data_list/pkg_list.txt b/build/data_list/pkg_list.txt index 43f5aac5..43f5aac5 100644 --- a/bash/tools/data_list/pkg_list.txt +++ b/build/data_list/pkg_list.txt diff --git a/bash/tools/delete-local-images.sh b/build/delete-local-images.sh index 5e481c31..5e481c31 100755 --- a/bash/tools/delete-local-images.sh +++ b/build/delete-local-images.sh diff --git a/bash/tools/download_offline_data_by_lists.sh b/build/download_offline_data_by_lists.sh index 24cd5789..ff519212 100755 --- a/bash/tools/download_offline_data_by_lists.sh +++ b/build/download_offline_data_by_lists.sh @@ -32,7 +32,7 @@ fi CTOOLS="${LOCAL_PATH}/creating_data" LISTS_DIR="${LOCAL_PATH}/data_list" -DATA_DIR="${LOCAL_PATH}/../../resources" +DATA_DIR="${LOCAL_PATH}/../resources" TOTAL=12 CURR=1 @@ -71,7 +71,7 @@ echo "[Step $((CURR++))/$TOTAL Download rhel pkgs]" $CTOOLS/download-pkg.sh "$DATA_DIR/pkg/rhel" echo "[Step $((CURR++))/$TOTAL Download oom]" -$CTOOLS/download-oom.sh "$DATA_DIR" "${LOCAL_PATH}/../../patches/offline-changes.patch" +$CTOOLS/download-oom.sh "$DATA_DIR" "${LOCAL_PATH}/../patches/offline-changes.patch" echo "[Step $((CURR++))/$TOTAL Download sdnc-ansible-server packages]" $CTOOLS/download-pip.sh "$LISTS_DIR/pip_list.txt" "$DATA_DIR/pkg/ubuntu/ansible_pkg" diff --git a/cfg/cacert.cnf b/cfg/cacert.cnf deleted file mode 100644 index a6917ca9..00000000 --- a/cfg/cacert.cnf +++ /dev/null @@ -1,113 +0,0 @@ -[ ca ] -# `man ca` -default_ca = CA_default - -[ CA_default ] -# Directory and file locations. -dir = ./ -certs = $dir/certs -crl_dir = $dir/crl -new_certs_dir = $dir/newcerts -database = $dir/index.txt -serial = $dir/serial -RANDFILE = $dir/private/.rand - -# The root key and root certificate. -private_key = $dir/private/ca.key.pem -certificate = $dir/certs/ca.cert.pem - -# For certificate revocation lists. -crlnumber = $dir/crlnumber -crl = $dir/crl/ca.crl.pem -crl_extensions = crl_ext -default_crl_days = 30 - -# SHA-1 is deprecated, so use SHA-2 instead. -default_md = sha256 - -name_opt = ca_default -cert_opt = ca_default -default_days = 3750 -preserve = no -policy = policy_strict - -[ policy_strict ] -# The root CA should only sign intermediate certificates that match. -# See the POLICY FORMAT section of `man ca`. -countryName = match -organizationName = match -commonName = supplied - -[ policy_loose ] -# Allow the intermediate CA to sign a more diverse range of certificates. -# See the POLICY FORMAT section of the `ca` man page. -countryName = optional -localityName = optional -organizationName = optional -commonName = supplied - -[ req ] -# Options for the `req` tool (`man req`). -default_bits = 4096 -distinguished_name = req_distinguished_name -string_mask = utf8only -prompt = no - -# SHA-1 is deprecated, so use SHA-2 instead. -default_md = sha256 - -# Extension to add when the -x509 option is used. -x509_extensions = v3_ca - -[ req_distinguished_name ] -# Optionally, specify some defaults. -countryName = PL -localityName = Krakow -organizationName = Samsung -commonName = onap - -[ v3_ca ] -# Extensions for a typical CA (`man x509v3_config`). -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid:always,issuer -basicConstraints = critical, CA:true -keyUsage = critical, digitalSignature, cRLSign, keyCertSign - -[ v3_intermediate_ca ] -# Extensions for a typical intermediate CA (`man x509v3_config`). -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid:always,issuer -basicConstraints = critical, CA:true, pathlen:0 -keyUsage = critical, digitalSignature, cRLSign, keyCertSign - -[ usr_cert ] -# Extensions for client certificates (`man x509v3_config`). -basicConstraints = CA:FALSE -nsCertType = client, email -nsComment = "OpenSSL Generated Client Certificate" -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid,issuer -keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment -extendedKeyUsage = clientAuth, emailProtection - -[ server_cert ] -# Extensions for server certificates (`man x509v3_config`). -basicConstraints = CA:FALSE -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid,issuer:always -keyUsage = critical, digitalSignature, keyEncipherment -extendedKeyUsage = serverAuth - -[ crl_ext ] -# Extension for CRLs (`man x509v3_config`). -authorityKeyIdentifier=keyid:always - -[ ocsp ] -# Extension for OCSP signing certificates (`man ocsp`). -basicConstraints = CA:FALSE -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid,issuer -keyUsage = critical, digitalSignature -extendedKeyUsage = critical, OCSPSigning diff --git a/cfg/full_depl_values.yaml b/cfg/full_depl_values.yaml deleted file mode 100644 index b16354e9..00000000 --- a/cfg/full_depl_values.yaml +++ /dev/null @@ -1,158 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration overrides. -# -# These overrides will affect all helm charts (ie. applications) -# that are listed below and are 'enabled'. -################################################################# -global: - # Change to an unused port prefix range to prevent port conflicts - # with other instances running within the same k8s cluster - nodePortPrefix: 302 - - # ONAP Repository - # Uncomment the following to enable the use of a single docker - # repository but ONLY if your repository mirrors all ONAP - # docker images. This includes all images from dockerhub and - # any other repository that hosts images for ONAP components. - #repository: nexus3.onap.org:10001 - repositoryCred: - user: docker - password: docker - - # readiness check - temporary repo until images migrated to nexus3 - readinessRepository: oomk8s - # logging agent - temporary repo until images migrated to nexus3 - loggingRepository: docker.elastic.co - - # image pull policy - #pullPolicy: Always - pullPolicy: IfNotPresent - - # default mount path root directory referenced - # by persistent volumes and log files - persistence: - mountPath: /dockerdata-nfs - - # flag to enable debugging - application support required - debugEnabled: false - -# Repository for creation of nexus3.onap.org secret -repository: nexus3.onap.org:10001 - - -################################################################# -# Enable/disable and configure helm charts (ie. applications) -# to customize the ONAP deployment. -################################################################# -aaf: - enabled: true -aai: - enabled: true -appc: - enabled: true - config: - openStackType: OpenStackProvider - openStackName: OpenStack - openStackKeyStoneUrl: FILL-ME - openStackServiceTenantName: FILL-ME - openStackDomain: FILL-ME - openStackUserName: FILL-ME - openStackEncryptedPassword: FILL-ME -clamp: - enabled: true -cli: - enabled: true -consul: - enabled: true -dcaegen2: - enabled: true -dmaap: - enabled: true -esr: - enabled: true -log: - enabled: true -sniro-emulator: - enabled: true -oof: - enabled: true -msb: - enabled: true -multicloud: - enabled: true -nbi: - enabled: true - config: - # openstack configuration - openStackUserName: "FILL-ME" - openStackRegion: "FILL-ME" - openStackKeyStoneUrl: "FILL-ME" - openStackServiceTenantName: "FILL-ME" - openStackEncryptedPasswordHere: "FILL-ME" -policy: - enabled: true -portal: - enabled: true -robot: - enabled: true -sdc: - enabled: true -sdnc: - enabled: true - - replicaCount: 1 - - config: - enableClustering: false - - mysql: - disableNfsProvisioner: true - replicaCount: 1 -so: - enabled: true - - replicaCount: 1 - - liveness: - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - - # so server configuration - config: - # message router configuration - dmaapTopic: "AUTO" - # openstack configuration - openStackUserName: "FILL-ME" - openStackRegion: "FILL-ME" - openStackKeyStoneUrl: "FILL-ME" - openStackServiceTenantName: "FILL-ME" - openStackEncryptedPasswordHere: "FILL-ME" - - # configure embedded mariadb - mariadb: - config: - mariadbRootPassword: password -uui: - enabled: true -vfc: - enabled: true -vid: - enabled: true -vnfsdk: - enabled: true - diff --git a/cfg/nexus_cert.cnf b/cfg/nexus_cert.cnf deleted file mode 100644 index ab8d5477..00000000 --- a/cfg/nexus_cert.cnf +++ /dev/null @@ -1,33 +0,0 @@ -[ req ] -default_bits = 4096 -default_keyfile = server-key.pem -distinguished_name = dn -#req_extensions = v3_req -x509_extensions = v3_req -string_mask = utf8only -prompt = no -default_md = sha256 - -[ dn ] - -countryName = PL -localityName = Krakow -organizationName = Samsung -commonName = registry-1.docker.io -#emailAddress - -[ v3_req ] - -#subjectKeyIdentifier = hash -#authorityKeyIdentifier = keyid,issuer - -basicConstraints = CA:FALSE -keyUsage = critical, keyAgreement, nonRepudiation, digitalSignature, keyEncipherment -extendedKeyUsage = serverAuth -# does not work here because of bug in openssl -#subjectAltName = @alternate_names -nsComment = "OpenSSL Generated Certificate" - -#[ alternate_names ] - -#DNS.4 = ftp.example.com diff --git a/cfg/nginx.conf b/cfg/nginx.conf deleted file mode 100644 index 7317d3f2..00000000 --- a/cfg/nginx.conf +++ /dev/null @@ -1,110 +0,0 @@ -worker_processes 2; - -events { - worker_connections 1024; -} - -http { - error_log /var/log/nginx/error.log debug; - access_log /var/log/nginx/access.log; - - proxy_intercept_errors on; - proxy_send_timeout 120; - proxy_read_timeout 300; - - upstream nexus { - server nexus:8081; - } - - upstream registry { - server nexus:8082; - } - -# http simulations - server { - listen 80; - listen 443 ssl; - server_name _; - ssl_certificate /etc/nginx/certs/nexus_server.crt; - ssl_certificate_key /etc/nginx/certs/nexus_server.key; - - keepalive_timeout 5 5; - - location / { - root /srv/http/$host; - index index.html; - } - } - -# nexus simulations - server { - listen 80; - listen 443 ssl; - server_name nexus.student12 gcr.io registry-1.docker.io docker.io registry.npmjs.org nexus3.onap.org docker.elastic.co registry.hub.docker.com; - ssl_certificate /etc/nginx/certs/nexus_server.crt; - ssl_certificate_key /etc/nginx/certs/nexus_server.key; - - keepalive_timeout 5 5; - proxy_buffering off; - - # allow large uploads - client_max_body_size 3G; - - location /maven2 { - rewrite /maven2/(.*) /repository/maven2/$1 break; - # redirect to docker registry - proxy_pass http://nexus; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - - location / { - # redirect to docker registry - if ($http_user_agent ~ docker ) { - proxy_pass http://registry; - } - proxy_pass http://nexus; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - } - -# git simulations - server { - listen 80; - listen 443 ssl; - server_name gerrit.onap.org git.rancher.io github.com; - ssl_certificate /etc/nginx/certs/nexus_server.crt; - ssl_certificate_key /etc/nginx/certs/nexus_server.key; - - keepalive_timeout 5 5; - proxy_buffering off; - - location / { - try_files $uri $uri/ @git; - } - - location @git { - - # Set chunks to unlimited, as the body's can be huge - client_max_body_size 0; - - fastcgi_param SCRIPT_FILENAME /usr/libexec/git-core/git-http-backend; - fastcgi_param QUERY_STRING $args; - fastcgi_param HTTP_HOST $server_name; - fastcgi_param PATH_INFO $uri; - - include fastcgi_params; - - fastcgi_param GIT_HTTP_EXPORT_ALL ""; - fastcgi_param GIT_PROJECT_ROOT /srv/git/$host/; - - # Forward REMOTE_USER as we want to know when we are authenticated - fastcgi_param REMOTE_USER $remote_user; - - fastcgi_pass unix:/var/run/fcgiwrap.socket; - } - } -} diff --git a/cfg/v3.ext b/cfg/v3.ext deleted file mode 100644 index b4a6e433..00000000 --- a/cfg/v3.ext +++ /dev/null @@ -1,24 +0,0 @@ -authorityKeyIdentifier=keyid,issuer -basicConstraints=CA:FALSE -keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment -subjectAltName = @alt_names - -[alt_names] -DNS.1 = nexus.student12 -DNS.2 = gcr.io -DNS.3 = git.rancher.io -DNS.4 = gerrit.onap.org -DNS.5 = registry-1.docker.io -DNS.6 = docker.io -DNS.7 = registry.npmjs.org -DNS.8 = nexus3.onap.org -DNS.9 = nexus.onap.org -DNS.10 = docker.elastic.co -DNS.11 = www.getcloudify.org -DNS.12 = registry.hub.docker.com -DNS.13 = github.com -DNS.14 = repo.maven.apache.org -DNS.15 = www.springframework.org -DNS.16 = repo1.maven.org -DNS.17 = git.onap.org - |