diff options
| -rwxr-xr-x | bash/deploy_onap.sh | 55 | ||||
| -rwxr-xr-x | bash/tools/000cleanup.sh | 41 | ||||
| -rwxr-xr-x | bash/tools/certificates/2create_cert_for_nginx.sh | 47 | ||||
| -rwxr-xr-x | bash/tools/certificates/self_extract_cacert.sh | 55 | ||||
| -rwxr-xr-x | bash/tools/common-functions.sh | 658 | ||||
| -rwxr-xr-x | bash/tools/create_si_cacert_pkg.sh | 29 | ||||
| -rwxr-xr-x | bash/tools/create_si_onap_pkg.sh | 88 | ||||
| -rwxr-xr-x | bash/tools/creating_data/docker-login.sh | 38 | ||||
| -rwxr-xr-x | bash/tools/creating_data/load-docker-images.sh | 75 | ||||
| -rwxr-xr-x | bash/tools/creating_data/upload-maven-files.sh | 43 | ||||
| -rwxr-xr-x | bash/tools/creating_data/upload-npm-pkgs.sh | 48 | ||||
| -rwxr-xr-x | bash/tools/deploy_kube.sh | 95 | ||||
| -rwxr-xr-x | bash/tools/deploy_nexus.sh | 194 | ||||
| -rwxr-xr-x | bash/tools/gather_data_lists.sh | 34 | ||||
| -rwxr-xr-x | bash/tools/load_stored_offline_data.sh | 87 | ||||
| -rwxr-xr-x | bash/tools/setup_nfs_mount.sh | 44 | ||||
| -rwxr-xr-x | bash/tools/setup_nfs_server_rhel.sh | 51 | ||||
| -rwxr-xr-x | bash/tools/setup_nfs_server_ubuntu.sh | 51 | ||||
| -rwxr-xr-x | build/common-functions.sh | 92 | ||||
| -rwxr-xr-x | build/creating_data/create_nginx_image/01create-image.sh (renamed from bash/tools/creating_data/create_nginx_image/01create-image.sh) | 0 | ||||
| -rw-r--r-- | build/creating_data/create_nginx_image/Dockerfile (renamed from bash/tools/creating_data/create_nginx_image/Dockerfile) | 5 | ||||
| -rw-r--r-- | build/creating_data/create_nginx_image/gitconfig (renamed from bash/tools/creating_data/create_nginx_image/gitconfig) | 0 | ||||
| -rwxr-xr-x | build/creating_data/download-bin-tools.sh (renamed from bash/tools/creating_data/download-bin-tools.sh) | 5 | ||||
| -rwxr-xr-x | build/creating_data/download-docker-images.sh (renamed from bash/tools/creating_data/download-docker-images.sh) | 0 | ||||
| -rwxr-xr-x | build/creating_data/download-files.sh (renamed from bash/tools/creating_data/download-files.sh) | 0 | ||||
| -rwxr-xr-x | build/creating_data/download-git-repos.sh (renamed from bash/tools/creating_data/download-git-repos.sh) | 0 | ||||
| -rwxr-xr-x | build/creating_data/download-http-files.sh (renamed from bash/tools/creating_data/download-http-files.sh) | 0 | ||||
| -rwxr-xr-x | build/creating_data/download-npm-pkgs.sh (renamed from bash/tools/creating_data/download-npm-pkgs.sh) | 0 | ||||
| -rwxr-xr-x | build/creating_data/download-oom.sh (renamed from bash/tools/creating_data/download-oom.sh) | 0 | ||||
| -rwxr-xr-x | build/creating_data/download-pip.sh (renamed from bash/tools/creating_data/download-pip.sh) | 0 | ||||
| -rwxr-xr-x | build/creating_data/download-pkg.sh (renamed from bash/tools/creating_data/download-pkg.sh) | 0 | ||||
| -rwxr-xr-x | build/creating_data/make-docker-images-list.sh (renamed from bash/tools/creating_data/make-docker-images-list.sh) | 0 | ||||
| -rwxr-xr-x | build/creating_data/make-git-http-list.sh (renamed from bash/tools/creating_data/make-git-http-list.sh) | 0 | ||||
| -rwxr-xr-x | build/creating_data/make-npm-list.sh (renamed from bash/tools/creating_data/make-npm-list.sh) | 0 | ||||
| -rwxr-xr-x | build/creating_data/remote-list-gathering.sh (renamed from bash/tools/creating_data/remote-list-gathering.sh) | 1 | ||||
| -rwxr-xr-x | build/creating_data/save-docker-images.sh (renamed from bash/tools/creating_data/save-docker-images.sh) | 0 | ||||
| -rw-r--r-- | build/data_list/docker_image_list.txt (renamed from bash/tools/data_list/docker_image_list.txt) | 0 | ||||
| -rw-r--r-- | build/data_list/docker_manual_image_list.txt (renamed from bash/tools/data_list/docker_manual_image_list.txt) | 0 | ||||
| -rw-r--r-- | build/data_list/git_manual_list (renamed from bash/tools/data_list/git_manual_list) | 0 | ||||
| -rw-r--r-- | build/data_list/git_repos_list (renamed from bash/tools/data_list/git_repos_list) | 0 | ||||
| -rw-r--r-- | build/data_list/http_manual_list.txt (renamed from bash/tools/data_list/http_manual_list.txt) | 0 | ||||
| -rw-r--r-- | build/data_list/npm_list.txt (renamed from bash/tools/data_list/npm_list.txt) | 0 | ||||
| -rw-r--r-- | build/data_list/pip_list.txt (renamed from bash/tools/data_list/pip_list.txt) | 0 | ||||
| -rw-r--r-- | build/data_list/pkg_list.txt (renamed from bash/tools/data_list/pkg_list.txt) | 0 | ||||
| -rwxr-xr-x | build/delete-local-images.sh (renamed from bash/tools/delete-local-images.sh) | 0 | ||||
| -rwxr-xr-x | build/download_offline_data_by_lists.sh (renamed from bash/tools/download_offline_data_by_lists.sh) | 4 | ||||
| -rw-r--r-- | cfg/cacert.cnf | 113 | ||||
| -rw-r--r-- | cfg/full_depl_values.yaml | 158 | ||||
| -rw-r--r-- | cfg/nexus_cert.cnf | 33 | ||||
| -rw-r--r-- | cfg/nginx.conf | 110 | ||||
| -rw-r--r-- | cfg/v3.ext | 24 |
51 files changed, 95 insertions, 2183 deletions
diff --git a/bash/deploy_onap.sh b/bash/deploy_onap.sh deleted file mode 100755 index d8ae4f3e..00000000 --- a/bash/deploy_onap.sh +++ /dev/null @@ -1,55 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# fail fast -set -e - -# OS check -. /etc/os-release -OS_ID="${ID}" - -case "$OS_ID" in - centos) - ;; - rhel) - ;; - ubuntu) - ;; - *) - echo This OS is not supported: $OS_ID - exit 1 - ;; -esac - -# boilerplate -RELATIVE_PATH=./tools # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -get_configuration -copy_onap_values_file -patch_npm_oom -patch_spring_oom -patch_cfy_manager_depl $OS_ID -deploy_onap diff --git a/bash/tools/000cleanup.sh b/bash/tools/000cleanup.sh deleted file mode 100755 index 3349c501..00000000 --- a/bash/tools/000cleanup.sh +++ /dev/null @@ -1,41 +0,0 @@ -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - -oldifs=$IFS -IFS=$'\n' - -echo "Deleting containers" -for x in $(docker ps -a); do - cid=$(echo "$x" | awk '{print $1}') - docker rm -f $cid -done - -echo "Deleting volumes" -for x in $(docker volume ls | grep -v 'nexus-data'); do - name=$(echo "$x" | awk '{print $2}') -# echo "A: $name" - docker volume rm $name -done - -echo "Unmounting kubelet pods" -for x in $(mount | grep 'kubelet/pods\|rancher\|docker' | cut -d ' ' -f 3) ; do umount "$x" ; done - -rm -rfd /var/lib/kubelet/* -rm -rfd /var/lib/rancher/* -rm -rfd /var/lib/docker/* - diff --git a/bash/tools/certificates/2create_cert_for_nginx.sh b/bash/tools/certificates/2create_cert_for_nginx.sh deleted file mode 100755 index a9adb520..00000000 --- a/bash/tools/certificates/2create_cert_for_nginx.sh +++ /dev/null @@ -1,47 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# fail fast -set -e - -# boilerplate -RELATIVE_PATH=../ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -message info "Reading configuration" -get_configuration - -update_hosts - -message info "Restarting dnsmasq" -systemctl enable dnsmasq -systemctl restart dnsmasq - -message info "Configure ssl certificates" -create_cert "nexus" - -message info "** Certificates finished **" - -docker restart nginx diff --git a/bash/tools/certificates/self_extract_cacert.sh b/bash/tools/certificates/self_extract_cacert.sh deleted file mode 100755 index 1e7a5abc..00000000 --- a/bash/tools/certificates/self_extract_cacert.sh +++ /dev/null @@ -1,55 +0,0 @@ -#! /bin/sh - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - - -extract_ca() { - cpath=$1 - sed '0,/^#EOF#$/d' $0 > $cpath; - echo "Certificate installed into: $cpath" -} - -OS_ID=$(awk -F= '/^ID=/{print $2}' /etc/os-release) -OS_ID="${OS_ID%\"}" -OS_ID="${OS_ID#\"}" - -if [ "$OS_ID" = "rhel" -o "$OS_ID" = "centos" ]; then - # for centos/ rhel - echo "Detected rhel like distribution" - - update-ca-trust force-enable - extract_ca /etc/pki/ca-trust/source/anchors/rootCAcert.crt - update-ca-trust extract - -elif [ "$OS_ID" = "ubuntu" ]; then - echo "Detected ubuntu distribution" - - mkdir -p /usr/local/share/ca-certificates/extra - extract_ca /usr/local/share/ca-certificates/extra/rootCAcert.crt - update-ca-certificates -else - echo "OS $OS_ID is not supported" - exit -2 -fi - -echo "** Please restart docker (because of reload new CA) **" - -exit 0 -#EOF# diff --git a/bash/tools/common-functions.sh b/bash/tools/common-functions.sh deleted file mode 100755 index 6ffb42a7..00000000 --- a/bash/tools/common-functions.sh +++ /dev/null @@ -1,658 +0,0 @@ -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - -# -# this file contains shared variables and functions for the onap installer -# - -# any script which needs this file can check this variable -# and it will know immediately if the functions and variables -# are loaded and usable -IS_COMMON_FUNCTIONS_SOURCED=YES - -# setting of the path variables -if [ -z "$APROJECT_DIR" ] ; then - INCLUDE_PATH="${LOCAL_PATH}"/"${RELATIVE_PATH}" - APROJECT_DIR=$(readlink -f "$INCLUDE_PATH"/../..) -fi - -RESOURCES_DIR="$APROJECT_DIR/resources" -BASH_SCRIPTS_DIR="$APROJECT_DIR/bash" -NEXUS_DATA="$RESOURCES_DIR/nexus_data" -CERTS_TARGET_PATH="$APROJECT_DIR/live/certs" -NGINX_LOG_DIR="$APROJECT_DIR/live/nginx_logs" -GEN_CFG_PATH="$APROJECT_DIR/live/cfg" -GIT_REPOS="$RESOURCES_DIR/git-repo" -NGINX_HTTP_DIR="$RESOURCES_DIR/http" -RHEL_REPO="$RESOURCES_DIR/pkg/rhel" - -PATH="${PATH}:/usr/local/bin:/usr/local/sbin" -export PATH - -# just self-defense against locale -LANG=C -export LANG - -# dns handling -SIMUL_HOSTS="gcr.io \ -git.rancher.io \ -gerrit.onap.org \ -registry-1.docker.io \ -docker.io \ -registry.npmjs.org \ -nexus3.onap.org \ -nexus.onap.org \ -docker.elastic.co \ -www.getcloudify.org \ -www.springframework.org \ -registry.hub.docker.com \ -git.onap.org \ -repo1.maven.org \ -repo.maven.apache.org" - -# default credentials to the repository -NEXUS_USERNAME=admin -NEXUS_PASSWORD=admin123 -NEXUS_EMAIL=admin@onap.org - -# this function is intended to unify the installer output -message() { - case "$1" in - info) - echo 'INFO:' "$@" - ;; - debug) - echo 'DEBUG:' "$@" >&2 - ;; - warning) - echo 'WARNING [!]:' "$@" >&2 - ;; - error) - echo 'ERROR [!!]:' "$@" >&2 - return 1 - ;; - *) - echo 'UNKNOWN [?!]:' "$@" >&2 - return 2 - ;; - esac - return 0 -} -export message - -# if the environment variable DEBUG is set to DEBUG-ONAP -> -# -> this function will print its arguments -# otherwise nothing is done -debug() { - [ "$DEBUG" = DEBUG-ONAP ] && message debug "$@" -} -export debug - -fail() { - message error "$@" - exit 1 -} - -retry() { - local n=1 - local max=5 - while ! "$@"; do - if [ $n -lt $max ]; then - n=$((n + 1)) - message warning "Command ${@} failed. Attempt: $n/$max" - message info "waiting 10s for another try..." - sleep 10s - else - fail "Command ${@} failed after $n attempts. Better to abort now." - fi - done -} - -may_self_extract() { - # extract and untar to the current directory - sed '0,/^# PAYLOAD BELOW #$/d' "$0" | tar -xvpf - ; -} - -update_hosts() { - if grep -q "^[^#]\+\s$SIMUL_HOSTS\s*\$" /etc/hosts ; then - message info "simulated domains already in /etc/hosts" - else - echo "$LOCAL_IP $SIMUL_HOSTS" >> /etc/hosts - message info "simulated domains added to /etc/hosts (please check it)" - fi - - if grep -q "^[^#]\+\s$NEXUS_FQDN\s*\$" /etc/hosts ; then - message info "nexus FQDN already in /etc/hosts" - else - echo "$LOCAL_IP $NEXUS_FQDN" >> /etc/hosts - message info "Nexus FQDN added to /etc/hosts (please check it)" - fi - - if grep -q "^[^#]\+\srepo.install-server\s*\$" /etc/hosts ; then - message info "custom repo FQDN already in /etc/hosts" - else - echo "$LOCAL_IP repo.install-server" >> /etc/hosts - message info "Nexus FQDN added to /etc/hosts (please check it)" - fi -} - -get_cfg_val() { - name="$1" - shift - ask="$@" - - value=$(eval "echo \$${name}") - if [ -z "$value" ]; then - while [ -z "$value" ] ; do - printf "${ask}" - read -r $name - - value=$(eval "echo \$${name}") - done - echo "${name}='${value}'" >> ./local_repo.conf - fi -} - -get_configuration() { - if [ -f ./local_repo.conf ]; then - . ./local_repo.conf - fi - - if [ -z "${NEXUS_FQDN}" ]; then - NEXUS_FQDN="nexus.$HOSTNAME" - echo "NEXUS_FQDN='${NEXUS_FQDN}'" >> ./local_repo.conf - fi - - if [ -z "${ONAP_SCALE}" ]; then - ONAP_SCALE=full - echo "ONAP_SCALE='${ONAP_SCALE}'" >> ./local_repo.conf - fi - - # nexus should be configured using those default entries - # if it was not put the correct inputs instead - if [ -z "${NPM_USERNAME}" ]; then - NPM_USERNAME="${NEXUS_USERNAME}" - echo "NPM_USERNAME='${NPM_USERNAME}'" >> ./local_repo.conf - fi - - if [ -z "${NPM_PASSWORD}" ]; then - NPM_PASSWORD="${NEXUS_PASSWORD}" - echo "NPM_PASSWORD='${NPM_PASSWORD}'" >> ./local_repo.conf - fi - - if [ -z "${NPM_EMAIL}" ]; then - NPM_EMAIL="$NEXUS_EMAIL" - echo "NPM_EMAIL='${NPM_EMAIL}'" >> ./local_repo.conf - fi - - export NEXUS_FQDN - export ONAP_SCALE - export NPM_USERNAME - export NPM_PASSWORD - export NPM_EMAIL - - NODE_USERNAME="root" - - if [ -z "$LOCAL_IP" ] ; then - echo - echo "======= Mandatory configuration =======" - echo - message info "fill in these mandatory configuration values" - get_cfg_val "LOCAL_IP" "Enter the public IPv4 used for this '$HOSTNAME' install machine," \ - "\nDO NOT USE LOOPBACK! (for example: 10.0.0.1): " - fi -} - -enable_local_repo() { - sed -r "s%PATH%file://$APROJECT_DIR/resources/pkg/rhel%" "$APROJECT_DIR/resources/pkg/rhel/onap.repo" > /etc/yum.repos.d/onap.repo -} - -install_packages() { - os_id="$1" - - message info "Installing packages" - - case "$os_id" in - centos) - yum -y install "$APROJECT_DIR/resources/pkg/centos/*.rpm" - ;; - rhel) - enable_local_repo - yum -y install docker-ce dnsmasq icewm firefox tigervnc-server - systemctl enable docker - systemctl start docker - ;; - ubuntu) - dpkg -i "$APROJECT_DIR/resources/pkg/ubuntu/*.deb" - ;; - *) - message error "OS release is not supported: $os_id" - message info "ABORTING INSTALLATION" - exit 1 - ;; - esac -} - -install_files() { - message info "installation of external binaries" - for binary in kubectl helm rancher jq ; do - cp "$APROJECT_DIR/resources/downloads/${binary}" /usr/local/bin/ - chmod 755 "/usr/local/bin/${binary}" - done - mkdir -p ~/.kube -} - -setup_vnc_server() { - mkdir -p ~/.vnc ~/.icewm - echo "onap" | vncpasswd -f > ~/.vnc/passwd - chmod 0600 ~/.vnc/passwd - - cat > ~/.vnc/xstartup <<EOF -#!/bin/sh - -unset SESSION_MANAGER -unset DBUS_SESSION_BUS_ADDRESS -exec icewm-session - -EOF - -chmod +x ~/.vnc/xstartup - - cat > ~/.icewm/menu <<EOF -prog Firefox firefox firefox -separator - -EOF -vncserver -} - -update_docker_cfg() { - if [ -f "/etc/docker/daemon.json" ]; then - jq '.dns += ["172.17.0.1"]' /etc/docker/daemon.json > /tmp/daemon.json - mv /tmp/daemon.json /etc/docker/daemon.json - else - echo '{"dns": ["172.17.0.1"]}' > /etc/docker/daemon.json - fi -} - -create_root_CA() { - echo "** Generate certificates **" - openssl genrsa -out $CERTS_TARGET_PATH/rootCA.key 4096 - - echo "** Generate self signed ***" - openssl req -config $GEN_CFG_PATH/cacert.cnf -key $CERTS_TARGET_PATH/rootCA.key -new -x509 -days 7300 -sha256 -extensions v3_ca \ - -out $CERTS_TARGET_PATH/rootCAcert.pem - - - # convert to crt - openssl x509 -in $CERTS_TARGET_PATH/rootCAcert.pem -inform PEM -out $CERTS_TARGET_PATH/rootCAcert.crt -} - -install_root_CA() { - os=$1 - echo "** Publishing root CA **" - if [ "$os" == "redhat" ]; then - # for centos - update-ca-trust force-enable - cp $CERTS_TARGET_PATH/rootCAcert.crt /etc/pki/ca-trust/source/anchors/ - update-ca-trust extract - elif [ "$os" == "ubuntu" ]; then - mkdir -p /usr/local/share/ca-certificates/extra - cp $CERTS_TARGET_PATH/rootCAcert.crt /usr/local/share/ca-certificates/extra - update-ca-certificates - else - echo "OS \"$os\" is not supported" - exit -2 - fi - - echo "** Restart docker (because of reload new CA) **" - systemctl restart docker - -} - -create_cert() { - server_name=$1 - - openssl genrsa -out $CERTS_TARGET_PATH/${server_name}_server.key 4096 - echo "** Generate sig request ***" - openssl req -new -config $GEN_CFG_PATH/${server_name}_cert.cnf -key $CERTS_TARGET_PATH/${server_name}_server.key -out $CERTS_TARGET_PATH/${server_name}_server.csr - - # v3.ext must be in separate file , because of bug in openssl 1.0 - echo "** sign **" - openssl x509 -req -in $CERTS_TARGET_PATH/${server_name}_server.csr\ - -extfile $GEN_CFG_PATH/v3.ext\ - -CA $CERTS_TARGET_PATH/rootCAcert.crt\ - -CAkey $CERTS_TARGET_PATH/rootCA.key\ - -CAcreateserial -out $CERTS_TARGET_PATH/${server_name}_server.crt -days 3650 -sha256 -} - -create_all_certs() { - create_cert "nexus" -} - -update_firewall() { -# TODO -#firewall-cmd --permanent --add-port=53/udp -#firewall-cmd --permanent --add-port=53/tcp -#firewall-cmd --permanent --add-port=10001/tcp -#firewall-cmd --permanent --add-port=80/tcp -#firewall-cmd --permanent --add-port=443/tcp -return 0 -} - -distribute_root_CA() { - targetip=$1 - scp $APROJECT_DIR/install_cacert.sh $targetip:. - ssh $targetip ./install_cacert.sh - echo "** Add DNS record to remote host **" - ssh $targetip "echo nameserver $LOCAL_IP > /etc/resolv.conf" -} - -upload_ansible_pkgs() { - os=$1 - targetip=$2 - #if [[ $os == "ubuntu" ]]; then - # those deb & whl packages are needed for sdnc-ansible-server pod - # independently on host OS distros - echo "** Copy required packages for sdnc-ansible-pod to kubernetes node $targetip **" - scp -r $APROJECT_DIR/resources/pkg/ubuntu/ansible_pkg $targetip:. - #fi -} - -remote_setup_nfs_server() { - os=$1 - targetip=$2 - shift 2 - scp $APROJECT_DIR/bash/tools/setup_nfs_server_${os}.sh $targetip:setup_nfs_server.sh - if [[ $os == "ubuntu" ]]; then - scp -r $APROJECT_DIR/resources/pkg/ubuntu/nfs-common-pkg/* $targetip:. - ssh $targetip dpkg -i *.deb - fi - - ssh $targetip /bin/bash ./setup_nfs_server.sh "$@" -} - -remote_setup_nfs_mount() { - os=$1 - targetip=$2 - nfsip=$3 - scp $APROJECT_DIR/bash/tools/setup_nfs_mount.sh $targetip:. - if [[ $os == "ubuntu" ]]; then - scp -r $APROJECT_DIR/resources/pkg/ubuntu/nfs-common-pkg/* $targetip:. - ssh $targetip dpkg -i *.deb - fi - ssh $targetip /bin/bash ./setup_nfs_mount.sh $nfsip -} - -enable_remote_repo() { - targetip=$1 - sed -r "s%PATH%http://repo.install-server%" $APROJECT_DIR/resources/pkg/rhel/onap.repo | ssh $targetip 'cat > /etc/yum.repos.d/onap.repo' -} - -install_remote_docker() { - targetip=$1 - os=$2 - if [[ $os == "ubuntu" ]]; then - scp -r $APROJECT_DIR/resources/pkg/ubuntu/{docker-ce_17.03.2~ce-0~ubuntu-xenial_amd64.deb,libltdl7_2.4.6-0.1_amd64.deb} $targetip:. - ssh $targetip dpkg -i *.deb - elif [[ $os == "rhel" ]]; then - ssh $targetip yum -y install docker-ce - fi - ssh $targetip "mkdir -p /etc/docker" - scp "$APROJECT_DIR/resources/downloads/jq" $targetip:/usr/local/bin/ - ssh $targetip "if [[ -f /etc/docker/daemon.json ]]; then - jq '.dns += [\"$LOCAL_IP\"]' /etc/docker/daemon.json > /tmp/daemon.json - mv /tmp/daemon.json /etc/docker/daemon.json - else - echo {'\"'dns'\"': ['\"'$LOCAL_IP'\"']} > /etc/docker/daemon.json - fi" - - ssh $targetip 'systemctl enable docker; systemctl restart docker' -} - -deploy_rancher() { - docker run -d --entrypoint "/bin/bash" --restart=unless-stopped -p 8080:8080 \ - -v $CERTS_TARGET_PATH:/usr/local/share/ca-certificates/extra:ro \ - --name rancher_server rancher/server:v1.6.14 \ - -c "/usr/sbin/update-ca-certificates;/usr/bin/entry /usr/bin/s6-svscan /service" - echo "** wait until rancher is ready **" -} - -deploy_kubernetes() { - os=$1 - set +e - for i in `seq 5 -1 1`; do - API_RESPONSE=`curl -s 'http://127.0.0.1:8080/v2-beta/apikey' \ - -d '{"type":"apikey","accountId":"1a1","name":"autoinstall"\ - ,"description":"autoinstall","created":null,"kind":null,\ - "removeTime":null,"removed":null,"uuid":null}'` - if [[ "$?" -eq 0 ]]; then - KEY_PUBLIC=`echo $API_RESPONSE | jq -r .publicValue` - KEY_SECRET=`echo $API_RESPONSE | jq -r .secretValue` - break - fi - echo "Waiting for rancher server to start" - sleep 60 - done - set -e - export RANCHER_URL=http://${LOCAL_IP}:8080 - export RANCHER_ACCESS_KEY=$KEY_PUBLIC - export RANCHER_SECRET_KEY=$KEY_SECRET - - rancher env ls - echo "wait 60 sec for rancher environments can settle before we create the onap kubernetes one" - sleep 60 - - rancher env create -t kubernetes onap > kube_env_id.json - PROJECT_ID=$(<kube_env_id.json) - echo "env id: $PROJECT_ID" - export RANCHER_HOST_URL=http://${LOCAL_IP}:8080/v1/projects/$PROJECT_ID - - for i in `seq 5`; do - status=$(rancher env ls | grep $PROJECT_ID | awk '{print $4}') - if [[ "$status" == "active" ]]; then - echo "Check on environments again before registering the URL response" - rancher env ls - break - fi - echo "Wait for environment to become active" - sleep 30 - done - - REG_URL_RESPONSE=`curl -X POST -u $KEY_PUBLIC:$KEY_SECRET -H 'Accept: application/json' -H 'ContentType: application/json' -d '{"name":"$LOCAL_IP"}' "http://$LOCAL_IP:8080/v1/projects/$PROJECT_ID/registrationtokens"` - echo "wait for server to finish url configuration - 3 min" - sleep 180 - # see registrationUrl in - REGISTRATION_TOKENS=`curl http://127.0.0.1:8080/v2-beta/registrationtokens` - REGISTRATION_DOCKER=`echo $REGISTRATION_TOKENS | jq -r .data[0].image` - REGISTRATION_TOKEN=`echo $REGISTRATION_TOKENS | jq -r .data[0].token` - - # base64 encode the kubectl token from the auth pair - # generate this after the host is registered - KUBECTL_TOKEN=$(echo -n 'Basic '$(echo -n "$RANCHER_ACCESS_KEY:$RANCHER_SECRET_KEY" | base64 -w 0) | base64 -w 0) - echo "KUBECTL_TOKEN base64 encoded: ${KUBECTL_TOKEN}" - cat > ~/.kube/config <<EOF -apiVersion: v1 -kind: Config -clusters: -- cluster: - api-version: v1 - insecure-skip-tls-verify: true - server: "https://$LOCAL_IP:8080/r/projects/$PROJECT_ID/kubernetes:6443" - name: "onap" -contexts: -- context: - cluster: "onap" - user: "onap" - name: "onap" -current-context: "onap" -users: -- name: "onap" - user: - token: "$KUBECTL_TOKEN" - -EOF - - if [[ $os == "rhel" ]]; then - echo "Upgrade datavolume for RHEL" - KUBELET_ID=`curl http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/ | jq -r '.data[] | select(.name=="kubelet")'.id` - OLD_LAUNCH_CONFIG=`curl http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID} | jq '.launchConfig'` - NEW_LAUNCH_CONFIG=`echo $OLD_LAUNCH_CONFIG | jq '.dataVolumes[2]="/sys/fs/cgroup:/sys/fs/cgroup:ro,rprivate"'` - - DATA="{ - \"inServiceStrategy\": { - \"batchSize\": 1, - \"intervalMillis\": 2000, - \"startFirst\": false, - \"launchConfig\": ${NEW_LAUNCH_CONFIG}, - \"secondaryLaunchConfigs\": [] - } - }" - curl -s -u $KEY_PUBLIC:$KEY_SECRET -X POST -H 'Content-Type: application/json' -d "${DATA}" "http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID}?action=upgrade" > /dev/null - - echo "Give environment time to update (30 sec)" - sleep 30 - - curl -s -u $KEY_PUBLIC:$KEY_SECRET -X POST "http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID}?action=finishupgrade" > /dev/null - fi -} - -deploy_rancher_agent() { - nodeip=$1 - if [ -z "$REGISTRATION_DOCKER" ]; then - echo "ASSERT: Missing REGISTRATION_DOCKER" - exit 1 - fi - if [ -z "$RANCHER_URL" ]; then - echo "ASSERT: Missing RANCHER_URL" - exit 1 - fi - if [ -z "$REGISTRATION_TOKEN" ]; then - echo "ASSERT: Missing REGISTRATION_TOKEN" - exit 1 - fi - - ssh $nodeip "docker run --rm --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/racher:/var/lib/rancher $REGISTRATION_DOCKER $RANCHER_URL/v1/scripts/$REGISTRATION_TOKEN" - echo "waiting 2 min for creating kubernetes environment" - sleep 120 -} - -deploy_node() { - nodeip=$1 - os=$2 - echo "Deploying node $nodeip" - distribute_root_CA $nodeip - install_remote_docker $nodeip $os - deploy_rancher_agent $nodeip -} - -deploy_onap() { - pushd $APROJECT_DIR/resources/oom/kubernetes - helm init --upgrade --skip-refresh - # this might fail - set +e - helm repo remove stable - set -e - helm serve & - echo "wait a moment before helm will come up ..." - sleep 5 - helm repo add local http://127.0.0.1:8879 - make all - #Pass the CA certificate contents directly during installation. - helm install local/onap -n dev --namespace onap \ - --set "global.cacert=$(cat ${CERTS_TARGET_PATH}/rootCAcert.crt)" - popd -} - -expand_file() { - file=$1 - # print warning if patched file does not exist as some charts - # might not be available for some deployments - if [ ! -f "$file" ]; then - echo "WARNING: Can't patch file $file because this file does not exists." - return 0 - fi - - shift - - for ivar in "$@" ; do - ivalue=$(eval 'echo "$'${ivar}'"') - sed -i "s#${ivar}#${ivalue}#g" "$file" - done -} - -patch_npm_oom() { - if [ -z "$LOCAL_IP" ] ; then - echo "ERROR: LOCAL_IP unset" - return 1 - fi - if [ -z "$NEXUS_FQDN" ] ; then - echo "ERROR: NEXUS_FQDN unset" - return 1 - fi - - UPDATE_HOSTS_FILE="$LOCAL_IP $NEXUS_FQDN" - UPDATE_NPM_REGISTRY="npm set registry \"http://${NEXUS_FQDN}/repository/npm-private/\"" - - expand_file $APROJECT_DIR/resources/oom/kubernetes/common/dgbuilder/templates/deployment.yaml \ - UPDATE_HOSTS_FILE \ - UPDATE_NPM_REGISTRY - expand_file $APROJECT_DIR/resources/oom/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml \ - UPDATE_HOSTS_FILE \ - UPDATE_NPM_REGISTRY -} - -patch_spring_oom() { - if [ -z "$LOCAL_IP" ] ; then - echo "ERROR: LOCAL_IP unset" - return 1 - fi - - UPDATE_HOSTS_FILE="$LOCAL_IP www.springframework.org" - expand_file $APROJECT_DIR/resources/oom/kubernetes/dmaap/charts/message-router/templates/deployment.yaml \ - UPDATE_HOSTS_FILE -} - -patch_cfy_manager_depl() { - os="$1" - file="${APROJECT_DIR}/resources/oom/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml" - - case "$os" in - centos|rhel) - CERT_PATH="/etc/pki/ca-trust/source/anchors" - ;; - ubuntu) - CERT_PATH="/usr/local/share/ca-certificates/extra" - ;; - '') - echo "ERROR: missing argument" - return 1 - ;; - *) - echo "ERROR: unknown OS: ${os}" - return 1 - ;; - esac - - expand_file "$file" CERT_PATH -} - -copy_onap_values_file() { - cp "${APROJECT_DIR}/${CUSTOM_CFG_RELPATH:-cfg}/${ONAP_SCALE}_depl_values.yaml" \ - "${APROJECT_DIR}/resources/oom/kubernetes/onap/values.yaml" -} diff --git a/bash/tools/create_si_cacert_pkg.sh b/bash/tools/create_si_cacert_pkg.sh deleted file mode 100755 index 197f0c0f..00000000 --- a/bash/tools/create_si_cacert_pkg.sh +++ /dev/null @@ -1,29 +0,0 @@ -#! /bin/bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -self="$0" -tools_dir=$(dirname "$self") - -TARGET_FILE="./install_cacert.sh" - -cat "$tools_dir/certificates/self_extract_cacert.sh" "$tools_dir/../../live/certs/rootCAcert.crt" > $TARGET_FILE -chmod a+x $TARGET_FILE -echo "Created self installation file: $TARGET_FILE" diff --git a/bash/tools/create_si_onap_pkg.sh b/bash/tools/create_si_onap_pkg.sh deleted file mode 100755 index 759a1ebc..00000000 --- a/bash/tools/create_si_onap_pkg.sh +++ /dev/null @@ -1,88 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# fail fast -set -e - -# boilerplate -RELATIVE_PATH=./ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -if [ -z "$1" ]; then - VERSION="RC3" - message info "no argument supplied, keeping default naming: $VERSION" -else - VERSION="$1" -fi - -# name of the self-extract-installer -TARGET_FILE="$APROJECT_DIR/selfinstall_onap_beijing_"$VERSION".sh" - -# inserting the head of the script -cat > "$TARGET_FILE" <<EOF -#! /usr/bin/env bash - -# -# This is self-extract installer for onap -# - -# fail fast -set -e - -# boilerplate -SCRIPT_DIR=\$(dirname "\${0}") -APROJECT_DIR=\$(readlink -f "\$SCRIPT_DIR") -IS_SELF_EXTRACT=YES - -EOF - -# splicing the scripts together -cat "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh >> "$TARGET_FILE" -cat "${LOCAL_PATH}"/"${RELATIVE_PATH}"/deploy_nexus.sh >> "$TARGET_FILE" -cat "${LOCAL_PATH}"/"${RELATIVE_PATH}"/deploy_kube.sh >> "$TARGET_FILE" - -# finishing touches to the script -cat >> "$TARGET_FILE" <<EOF - -exit 0 - -# -# Installer script ends here -# The rest of this file is a binary payload -# ! DO NOT MODIFY IT ! -# - -# PAYLOAD BELOW # -EOF - -# appending the tar to the script -cd "$APROJECT_DIR" -tar -h --exclude='.git' --exclude='*.swp' --exclude='selfinstall_onap_*.sh' --exclude='ansible' --exclude='docker' --exclude='local_repo.conf' --exclude='live' -cvf - * >> "$TARGET_FILE" -cd - - -chmod 755 "$TARGET_FILE" -message info "Created Nexus self installation file: $TARGET_FILE" - -exit 0 diff --git a/bash/tools/creating_data/docker-login.sh b/bash/tools/creating_data/docker-login.sh deleted file mode 100755 index d57e23bd..00000000 --- a/bash/tools/creating_data/docker-login.sh +++ /dev/null @@ -1,38 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# boilerplate -RELATIVE_PATH=../ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -echo "Reading configuration" -get_configuration - -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" docker.elastic.co -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" gcr.io -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" nexus3.onap.org:10001 -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" registry.hub.docker.com -docker login -u "${NEXUS_USERNAME}" -p "${NEXUS_PASSWORD}" "$NEXUS_FQDN" diff --git a/bash/tools/creating_data/load-docker-images.sh b/bash/tools/creating_data/load-docker-images.sh deleted file mode 100755 index 685bed42..00000000 --- a/bash/tools/creating_data/load-docker-images.sh +++ /dev/null @@ -1,75 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# boilerplate -RELATIVE_PATH=../ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -CLEAN=false - -if [ -z "$NEXUS_HOST" ]; then - echo "Independent run for inserting of additional docker images" - CLEAN=true - mv ~/.docker/config.json ~/.docker/config.json_backup 2>/dev/null - source "$LOCAL_PATH/docker-login.sh" -fi - -IMG_DIR="$1" -if [[ -z "$IMG_DIR" ]]; then - IMG_DIR="$(pwd)/images" -fi - -if [[ ! -d "${IMG_DIR}" ]]; then - echo "No ${IMG_DIR} to load images" - exit 0 -fi - -load_image() { - local image="$1" - echo "[DEBUG] load ${image}" - result=$(docker load -i "${image}") - echo $result - name=$(echo $result | awk '{print $3}') - echo "[DEBUG] pushing $name" - retry docker push "$name" - # delete pushed image from docker - retry docker rmi "$name" -} - -IMAGES=$(find ${IMG_DIR} -name "*.tar" -type f) -lines=$(echo ${IMAGES} | wc -l) -line=1 -for image in ${IMAGES}; do - echo "== pkg #$line of $lines ==" - load_image "$image" - - line=$((line+1)) -done - -if [ "$CLEAN" = true ]; then - # onap is using different credentials for docker login which can be conflicted - # with ours so better to clean this-up - rm ~/.docker/config.json -fi diff --git a/bash/tools/creating_data/upload-maven-files.sh b/bash/tools/creating_data/upload-maven-files.sh deleted file mode 100755 index 07d6e7ab..00000000 --- a/bash/tools/creating_data/upload-maven-files.sh +++ /dev/null @@ -1,43 +0,0 @@ -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - -DATA_DIR="$1" -if [[ -z "$DATA_DIR" ]]; then - # needs for example: /root/onap-offline-installer/http - echo "Mising arg DATA_DIR" - echo "Usage: $0 <path to http dir> <name of server> [<next server>...]" - exit 1 -fi - -shift -cd "$DATA_DIR" - -for server in $*; do - echo "Uploading to server: $server" - - lines=$(find $server/ -type f | wc -l) - count=1 - while read -r url; do - echo "== pkg #$count of $lines ==" - count=$((count + 1)) - path="$url" - echo "Uploading file: $url" - curl -u admin:admin123 --upload-file $path http://$url - - done <<< "$(find $server/ -type f)" -done diff --git a/bash/tools/creating_data/upload-npm-pkgs.sh b/bash/tools/creating_data/upload-npm-pkgs.sh deleted file mode 100755 index 9a7ed559..00000000 --- a/bash/tools/creating_data/upload-npm-pkgs.sh +++ /dev/null @@ -1,48 +0,0 @@ -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - -LIST_FILE="$1" -if [[ -z "$LIST_FILE" ]]; then - echo "Mising arg LIST_FILE" - exit 1 -fi - -DATA_DIR="$2" -if [[ -z "$DATA_DIR" ]]; then - echo "Mising arg DATA_DIR" - exit 1 -fi - -NEXUS_HOST="$3" -if [[ -z "$NEXUS_HOST" ]]; then - echo "Mising arg NEXUS_HOST" - exit 1 -fi - -npm config set registry $NEXUS_HOST/repository/npm-private/ -# npm adduser moved to top - -cd "$DATA_DIR" -lines=$(ls *.tgz | wc -l) -cnt=1 -for line in *.tgz; do - echo "== pkg #$cnt of $lines ==" - # yallist@2.1.2 - npm publish --access public "${line}" - cnt=$((cnt+1)) -done diff --git a/bash/tools/deploy_kube.sh b/bash/tools/deploy_kube.sh deleted file mode 100755 index f2a77be1..00000000 --- a/bash/tools/deploy_kube.sh +++ /dev/null @@ -1,95 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# fail fast -set -e - -# OS check -. /etc/os-release -OS_ID="${ID}" - -case "$OS_ID" in - centos) - ;; - rhel) - ;; - ubuntu) - ;; - *) - echo This OS is not supported: $OS_ID - exit 1 - ;; -esac - -# boilerplate -RELATIVE_PATH=./ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -message info "Reading configuration" -get_configuration -if [ -z "$NODES_IPS" ] ; then - get_cfg_val "NODES_IPS" "Enter the public IPv4 addresses of kubernetes nodes separated by space," \ - "\n(for example: 10.0.0.2 10.0.0.3 ...): " -fi - -echo "Wait for nexus startup (1min)" -sleep 60 - - -# on install server -deploy_rancher -deploy_kubernetes "$OS_ID" - -echo "Setting up ONAP Local Repo on Kubernetes nodes" -for node in ${NODES_IPS} ; do - enable_remote_repo $node -done - -# setup NFS on nodes -assort_nodes_ips() { - nfs_server="$1" - shift - nfs_clients="$*" -} -assort_nodes_ips ${NODES_IPS} -if [ -n "${nfs_clients}" ]; then - echo "Setting up NFS" - remote_setup_nfs_server $OS_ID ${nfs_server} ${nfs_clients} - for node in ${nfs_clients} ; do - remote_setup_nfs_mount $OS_ID $node ${nfs_server} - done -else - echo "Only one node set. Skipping nfs configuration" -fi - -echo "Copy ansible packages for onap ansible-server" -for node in ${NODES_IPS} ; do - upload_ansible_pkgs $OS_ID $node -done - -# to nodes -for node in ${NODES_IPS} ; do - deploy_node $node $OS_ID -done diff --git a/bash/tools/deploy_nexus.sh b/bash/tools/deploy_nexus.sh deleted file mode 100755 index 1532c614..00000000 --- a/bash/tools/deploy_nexus.sh +++ /dev/null @@ -1,194 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# fail fast -set -e - -# OS check -. /etc/os-release -OS_ID="${ID}" - -case "$OS_ID" in - centos) - ;; - rhel) - ;; - ubuntu) - ;; - *) - echo This OS is not supported: $OS_ID - exit 1 - ;; -esac - -# boilerplate -RELATIVE_PATH=./ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -# -# local functions -# - -start_nexus() { - echo "** Starting nexus **" - if [[ -z "$NEXUS_DATA" ]]; then - echo "Nexus data env is not set" - exit -3 - fi - - # valid for case of fresh nexus deployment - # data are inserted in later phases - mkdir -p $NEXUS_DATA - # hardening - chmod a+wrX $NEXUS_DATA - chown -R 200:200 $NEXUS_DATA - - docker rm -f nexus 1> /dev/null 2>&1 || true - - docker run -d --name nexus\ - --restart unless-stopped \ - -v $NEXUS_DATA:/nexus-data:rw \ - sonatype/nexus3 - - echo "** Creating docker network **" - docker network create nexus_network - docker network connect nexus_network nexus -} - -start_nginx() { - echo "** Starting reverse proxy - nginx **" - - docker rm -f nginx 1> /dev/null 2>&1 || true - mkdir -p $NGINX_HTTP_DIR/repo.install-server - - mkdir -p "$NGINX_HTTP_DIR/repo.install-server" - - docker run -d -p 80:80 -p 443:443 -p 10001:443 \ - --name nginx \ - --network nexus_network \ - -v $GEN_CFG_PATH/nginx.conf:/etc/nginx/nginx.conf:ro \ - -v $CERTS_TARGET_PATH:/etc/nginx/certs:ro \ - -v $GIT_REPOS:/srv/git:rw \ - -v $NGINX_LOG_DIR:/var/log/nginx:rw \ - -v $NGINX_HTTP_DIR:/srv/http:ro \ - -v $RHEL_REPO:/srv/http/repo.install-server:ro \ - --restart unless-stopped \ - own_nginx -} - -patch_cert() { - file=$1 - cp "$APROJECT_DIR/cfg/$file" "$GEN_CFG_PATH/$file" -# sed "s#countryName =.*#countryName = $CERT_COUNTRY#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file -# sed "s#localityName =.*#localityName = $CERT_LOCALITY#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file -# sed "s#organizationName =.*#organizationName = $CERT_ORGANIZATION#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file -} - -patch_conf_files() { - # patch nexus and root cert - patch_cert nexus_cert.cnf - patch_cert cacert.cnf - - # patch nexus v3 ext cert - sed "s#nexus.student12#$NEXUS_FQDN#" "$APROJECT_DIR/cfg/v3.ext" > $GEN_CFG_PATH/v3.ext - - #patch nginx.conf - sed "s#nexus.student12#$NEXUS_FQDN#" "$APROJECT_DIR/cfg/nginx.conf" > $GEN_CFG_PATH/nginx.conf -} - -# -# body -# - -message info "Nexus will be installed into this directory: $(pwd)" - -if ! [ -f ./local_repo.conf ]; then - printf "[?] > Do you want continue? (if no, hit CTRL+C): " - read x -fi - -message info "Reading configuration" -get_configuration - -mkdir -p "$CERTS_TARGET_PATH" -mkdir -p "$NGINX_LOG_DIR" -mkdir -p "$GEN_CFG_PATH" -if [ "$IS_SELF_EXTRACT" = YES ] ; then - message info "Now I will untar the resources" - message info "This may take a long time..." - sleep 3s - may_self_extract -fi - -# -echo "Cleanup docker (if installed)" -docker rm -f nginx 1> /dev/null 2>&1 || true -docker rm -f nexus 1> /dev/null 2>&1 || true - -install_files -install_packages "$OS_ID" -setup_vnc_server - -update_hosts - -# TODO -#check_dependencies - -echo "Restarting dnsmasq" -# TODO dnsmasq config? -systemctl enable dnsmasq -systemctl restart dnsmasq - -echo "** Generating config files to $GEN_CFG_PATH **" -echo "Configure ssl certificates" - -patch_conf_files -create_root_CA - -# create selfinstall CA cert -$BASH_SCRIPTS_DIR/tools/create_si_cacert_pkg.sh -# run generated file -./install_cacert.sh - -create_cert "nexus" - -echo "** Certificates finished **" - -update_docker_cfg - -echo "Restarting docker" -systemctl enable docker -systemctl restart docker - -update_firewall - -set +e - -echo "** Loading images **" -docker load -i $RESOURCES_DIR/offline_data/docker_images_infra/sonatype_nexus3_latest.tar -docker load -i $RESOURCES_DIR/offline_data/docker_images_infra/own_nginx_latest.tar - -start_nexus -start_nginx diff --git a/bash/tools/gather_data_lists.sh b/bash/tools/gather_data_lists.sh deleted file mode 100755 index 3e046cbe..00000000 --- a/bash/tools/gather_data_lists.sh +++ /dev/null @@ -1,34 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - -script_dir="$(dirname ${BASH_SOURCE[0]})" -tools=$(readlink -f "$script_dir") - -echo "WARNING: This script won't be used except rare internal usage, it's just illustrating how we collected lists of artifacts to be downloaded. It's already deprecated" - -TOOLS="$tools/creating_data" -export LISTS_DIR="$tools/data_list" -export ONAP_SERVERS="oom-beijing-postRC2-master oom-beijing-postRC2-compute1 oom-beijing-postRC2-compute2" -OOM_PATH="$tools/../../resources/oom" - -$TOOLS/remote-list-gathering.sh -$TOOLS/make-git-http-list.sh "$OOM_PATH" - - diff --git a/bash/tools/load_stored_offline_data.sh b/bash/tools/load_stored_offline_data.sh deleted file mode 100755 index c04e9893..00000000 --- a/bash/tools/load_stored_offline_data.sh +++ /dev/null @@ -1,87 +0,0 @@ -#! /usr/bin/env bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -# boilerplate -RELATIVE_PATH=./ # relative path from this script to 'common-functions.sh' -if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then - SCRIPT_DIR=$(dirname "${0}") - LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") - . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh -fi - -tools="${LOCAL_PATH}" -message info "Reading configuration" -get_configuration - -CTOOLS="$tools/creating_data" -LISTS_DIR="$tools/data_list" -DATA_DIR="$tools/../../resources/offline_data" -export NEXUS_HOST="https://$NEXUS_FQDN" -NPM_REGISTRY="$NEXUS_HOST/repository/npm-private/" - -TOTAL=5 -CURR=1 - -message info "Loading started: $(date)" - -# backup config.json before we change it in docker-login -# however no use for restoring it found -mv ~/.docker/config.json ~/.docker/config.json_backup 2>/dev/null - -echo "[Step $((CURR++))/$TOTAL Setting-up docker login for inserting docker images]" -$CTOOLS/docker-login.sh - -echo "[Step $((CURR++))/$TOTAL Inserting docker images into local nexus]" -$CTOOLS/load-docker-images.sh "$DATA_DIR/docker_images_for_nexus" - -echo "[Step $((CURR++))/$TOTAL Setting-up npm for inserting npm pkgs into local nexus]" - -npm config set registry $NPM_REGISTRY - -/usr/bin/expect <<EOF -spawn npm login -expect "Username:" -send "${NPM_USERNAME}\n" -expect "Password:" -send "${NPM_PASSWORD}\n" -expect Email: -send "${NPM_EMAIL}\n" -expect eof -EOF - -echo "[WA] for tss package - this package uses already specified repo and dont accept our simulated domain" - -cd $DATA_DIR/npm_tar -tar xvzf tsscmp-1.0.5.tgz -rm -f tsscmp-1.0.5.tgz -sed -i "s|https://registry.npmjs.org|${NPM_REGISTRY}|g" package/package.json -tar -zcvf tsscmp-1.0.5.tgz package -rm -rf package -cd - - -echo "[Step $((CURR++))/$TOTAL Inserting npm packages into local nexus]" -$CTOOLS/upload-npm-pkgs.sh "$LISTS_DIR/npm_list.txt" "$DATA_DIR/npm_tar" "$NEXUS_HOST" - -# onap is using different credentials for docker login which can be conflicted -# with ours so better to clean this-up -rm ~/.docker/config.json - -message info "Loading finished: $(date)" diff --git a/bash/tools/setup_nfs_mount.sh b/bash/tools/setup_nfs_mount.sh deleted file mode 100755 index eee471ba..00000000 --- a/bash/tools/setup_nfs_mount.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -usage () { - echo "Usage:" - echo " ./$(basename $0) nfs_master_ip" - exit 1 -} - -if [ "$#" -ne 1 ]; then - echo "Missing NFS mater node" - usage -fi - -MASTER_IP=$1 - -#Install NFS common -#sudo apt-get update -#sudo apt-get install -y nfs-common - -#Create NFS directory -sudo mkdir -p /dockerdata-nfs - -#Mount the remote NFS directory to the local one -sudo mount $MASTER_IP:/dockerdata-nfs /dockerdata-nfs/ -echo "$MASTER_IP:/dockerdata-nfs /dockerdata-nfs nfs auto,nofail,noatime,nolock,intr,tcp,actimeo=1800 0 0" | sudo tee -a /etc/fstab diff --git a/bash/tools/setup_nfs_server_rhel.sh b/bash/tools/setup_nfs_server_rhel.sh deleted file mode 100755 index 24fe2b59..00000000 --- a/bash/tools/setup_nfs_server_rhel.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -usage () { - echo "Usage:" - echo " ./$(basename $0) node1_ip node2_ip ... nodeN_ip" - exit 1 -} - -if [ "$#" -lt 1 ]; then - echo "Missing NFS slave nodes" - usage -fi - -#Install NFS kernel -#sudo apt-get update -#sudo apt-get install -y nfs-kernel-server - -#Create /dockerdata-nfs and set permissions -sudo mkdir -p /dockerdata-nfs -sudo chmod 777 -R /dockerdata-nfs -sudo chown nobody:nobody /dockerdata-nfs/ - -#Update the /etc/exports -NFS_EXP="" -for i in $@; do - NFS_EXP+="$i(rw,sync,no_root_squash,no_subtree_check) " -done -echo "/dockerdata-nfs "$NFS_EXP | sudo tee -a /etc/exports - -#Restart the NFS service -sudo exportfs -a -sudo systemctl restart nfs-server diff --git a/bash/tools/setup_nfs_server_ubuntu.sh b/bash/tools/setup_nfs_server_ubuntu.sh deleted file mode 100755 index fad3abbd..00000000 --- a/bash/tools/setup_nfs_server_ubuntu.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash - -# COPYRIGHT NOTICE STARTS HERE -# -# Copyright 2018 © Samsung Electronics Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# COPYRIGHT NOTICE ENDS HERE - - -usage () { - echo "Usage:" - echo " ./$(basename $0) node1_ip node2_ip ... nodeN_ip" - exit 1 -} - -if [ "$#" -lt 1 ]; then - echo "Missing NFS slave nodes" - usage -fi - -#Install NFS kernel -#sudo apt-get update -#sudo apt-get install -y nfs-kernel-server - -#Create /dockerdata-nfs and set permissions -sudo mkdir -p /dockerdata-nfs -sudo chmod 777 -R /dockerdata-nfs -sudo chown nobody:nogroup /dockerdata-nfs/ - -#Update the /etc/exports -NFS_EXP="" -for i in $@; do - NFS_EXP+="$i(rw,sync,no_root_squash,no_subtree_check) " -done -echo "/dockerdata-nfs "$NFS_EXP | sudo tee -a /etc/exports - -#Restart the NFS service -sudo exportfs -a -sudo systemctl restart nfs-kernel-server diff --git a/build/common-functions.sh b/build/common-functions.sh new file mode 100755 index 00000000..e39c4778 --- /dev/null +++ b/build/common-functions.sh @@ -0,0 +1,92 @@ +# COPYRIGHT NOTICE STARTS HERE +# +# Copyright 2018 © Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# COPYRIGHT NOTICE ENDS HERE + +# +# this file contains shared variables and functions for the onap installer +# + +# any script which needs this file can check this variable +# and it will know immediately if the functions and variables +# are loaded and usable +IS_COMMON_FUNCTIONS_SOURCED=YES + +PATH="${PATH}:/usr/local/bin:/usr/local/sbin" +export PATH + +# just self-defense against locale +LANG=C +export LANG + +# default credentials to the repository +NEXUS_USERNAME=admin +NEXUS_PASSWORD=admin123 +NEXUS_EMAIL=admin@onap.org + +# this function is intended to unify the installer output +message() { + case "$1" in + info) + echo 'INFO:' "$@" + ;; + debug) + echo 'DEBUG:' "$@" >&2 + ;; + warning) + echo 'WARNING [!]:' "$@" >&2 + ;; + error) + echo 'ERROR [!!]:' "$@" >&2 + return 1 + ;; + *) + echo 'UNKNOWN [?!]:' "$@" >&2 + return 2 + ;; + esac + return 0 +} +export message + +# if the environment variable DEBUG is set to DEBUG-ONAP -> +# -> this function will print its arguments +# otherwise nothing is done +debug() { + [ "$DEBUG" = DEBUG-ONAP ] && message debug "$@" +} +export debug + +fail() { + message error "$@" + exit 1 +} + +retry() { + local n=1 + local max=5 + while ! "$@"; do + if [ $n -lt $max ]; then + n=$((n + 1)) + message warning "Command ${@} failed. Attempt: $n/$max" + message info "waiting 10s for another try..." + sleep 10s + else + fail "Command ${@} failed after $n attempts. Better to abort now." + fi + done +} + diff --git a/bash/tools/creating_data/create_nginx_image/01create-image.sh b/build/creating_data/create_nginx_image/01create-image.sh index 86d96cf2..86d96cf2 100755 --- a/bash/tools/creating_data/create_nginx_image/01create-image.sh +++ b/build/creating_data/create_nginx_image/01create-image.sh diff --git a/bash/tools/creating_data/create_nginx_image/Dockerfile b/build/creating_data/create_nginx_image/Dockerfile index 412d4edb..6a14f221 100644 --- a/bash/tools/creating_data/create_nginx_image/Dockerfile +++ b/build/creating_data/create_nginx_image/Dockerfile @@ -20,13 +20,8 @@ FROM nginx:alpine RUN apk add --no-cache --update fcgiwrap git git-daemon spawn-fcgi -#RUN mkdir /srv/http -#VOLUME ["/var/log/nginx"] - COPY gitconfig /etc/ -#COPY nginx.conf /etc/nginx/nginx.conf CMD spawn-fcgi -M 666 -s /var/run/fcgiwrap.socket /usr/bin/fcgiwrap && \ nginx -g "daemon off;" -#CMD ["spawn-fcgi","-M 666","-s /var/run/fcgiwrap.socket","/usr/sbin/fcgiwrap"] diff --git a/bash/tools/creating_data/create_nginx_image/gitconfig b/build/creating_data/create_nginx_image/gitconfig index 0c6ab113..0c6ab113 100644 --- a/bash/tools/creating_data/create_nginx_image/gitconfig +++ b/build/creating_data/create_nginx_image/gitconfig diff --git a/bash/tools/creating_data/download-bin-tools.sh b/build/creating_data/download-bin-tools.sh index b48cd2df..a0087517 100755 --- a/bash/tools/creating_data/download-bin-tools.sh +++ b/build/creating_data/download-bin-tools.sh @@ -34,9 +34,6 @@ download() { curl --retry 5 -y 10 -Y 10 --location "$url" -o "$file" } -download "https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64" -mv ./jq-linux64 ./jq - download "https://storage.googleapis.com/kubernetes-release/release/v1.8.10/bin/linux/amd64/kubectl" download "https://storage.googleapis.com/kubernetes-helm/helm-v2.8.2-linux-amd64.tar.gz" @@ -48,4 +45,4 @@ tar -xf ./rancher-linux-amd64-v0.6.7.tar.gz ./rancher-v0.6.7/rancher -O > ranche rm ./rancher-linux-amd64-v0.6.7.tar.gz -chmod a+x ./helm ./jq ./kubectl ./rancher +chmod a+x ./helm ./kubectl ./rancher diff --git a/bash/tools/creating_data/download-docker-images.sh b/build/creating_data/download-docker-images.sh index 121cd5af..121cd5af 100755 --- a/bash/tools/creating_data/download-docker-images.sh +++ b/build/creating_data/download-docker-images.sh diff --git a/bash/tools/creating_data/download-files.sh b/build/creating_data/download-files.sh index 89e2026c..89e2026c 100755 --- a/bash/tools/creating_data/download-files.sh +++ b/build/creating_data/download-files.sh diff --git a/bash/tools/creating_data/download-git-repos.sh b/build/creating_data/download-git-repos.sh index 9d651d93..9d651d93 100755 --- a/bash/tools/creating_data/download-git-repos.sh +++ b/build/creating_data/download-git-repos.sh diff --git a/bash/tools/creating_data/download-http-files.sh b/build/creating_data/download-http-files.sh index 06f41354..06f41354 100755 --- a/bash/tools/creating_data/download-http-files.sh +++ b/build/creating_data/download-http-files.sh diff --git a/bash/tools/creating_data/download-npm-pkgs.sh b/build/creating_data/download-npm-pkgs.sh index 9e8847c9..9e8847c9 100755 --- a/bash/tools/creating_data/download-npm-pkgs.sh +++ b/build/creating_data/download-npm-pkgs.sh diff --git a/bash/tools/creating_data/download-oom.sh b/build/creating_data/download-oom.sh index 010eeec1..010eeec1 100755 --- a/bash/tools/creating_data/download-oom.sh +++ b/build/creating_data/download-oom.sh diff --git a/bash/tools/creating_data/download-pip.sh b/build/creating_data/download-pip.sh index dea60b52..dea60b52 100755 --- a/bash/tools/creating_data/download-pip.sh +++ b/build/creating_data/download-pip.sh diff --git a/bash/tools/creating_data/download-pkg.sh b/build/creating_data/download-pkg.sh index 03bfe07f..03bfe07f 100755 --- a/bash/tools/creating_data/download-pkg.sh +++ b/build/creating_data/download-pkg.sh diff --git a/bash/tools/creating_data/make-docker-images-list.sh b/build/creating_data/make-docker-images-list.sh index b925d91d..b925d91d 100755 --- a/bash/tools/creating_data/make-docker-images-list.sh +++ b/build/creating_data/make-docker-images-list.sh diff --git a/bash/tools/creating_data/make-git-http-list.sh b/build/creating_data/make-git-http-list.sh index a724d6f0..a724d6f0 100755 --- a/bash/tools/creating_data/make-git-http-list.sh +++ b/build/creating_data/make-git-http-list.sh diff --git a/bash/tools/creating_data/make-npm-list.sh b/build/creating_data/make-npm-list.sh index 5901d54d..5901d54d 100755 --- a/bash/tools/creating_data/make-npm-list.sh +++ b/build/creating_data/make-npm-list.sh diff --git a/bash/tools/creating_data/remote-list-gathering.sh b/build/creating_data/remote-list-gathering.sh index 73fb164a..dde1e0f5 100755 --- a/bash/tools/creating_data/remote-list-gathering.sh +++ b/build/creating_data/remote-list-gathering.sh @@ -18,7 +18,6 @@ if [[ -z "$ONAP_SERVERS" ]]; then -# ONAP_SERVERS="oom-beijing-postRC2-master oom-beijing-postRC2-compute1 oom-beijing-postRC2-compute2" echo "Missing environment ONAP_SERVERS" exit 1 fi diff --git a/bash/tools/creating_data/save-docker-images.sh b/build/creating_data/save-docker-images.sh index f4a5d3c7..f4a5d3c7 100755 --- a/bash/tools/creating_data/save-docker-images.sh +++ b/build/creating_data/save-docker-images.sh diff --git a/bash/tools/data_list/docker_image_list.txt b/build/data_list/docker_image_list.txt index 2a039bc1..2a039bc1 100644 --- a/bash/tools/data_list/docker_image_list.txt +++ b/build/data_list/docker_image_list.txt diff --git a/bash/tools/data_list/docker_manual_image_list.txt b/build/data_list/docker_manual_image_list.txt index c4873487..c4873487 100644 --- a/bash/tools/data_list/docker_manual_image_list.txt +++ b/build/data_list/docker_manual_image_list.txt diff --git a/bash/tools/data_list/git_manual_list b/build/data_list/git_manual_list index 43273678..43273678 100644 --- a/bash/tools/data_list/git_manual_list +++ b/build/data_list/git_manual_list diff --git a/bash/tools/data_list/git_repos_list b/build/data_list/git_repos_list index fbfeaaf5..fbfeaaf5 100644 --- a/bash/tools/data_list/git_repos_list +++ b/build/data_list/git_repos_list diff --git a/bash/tools/data_list/http_manual_list.txt b/build/data_list/http_manual_list.txt index c7486b7f..c7486b7f 100644 --- a/bash/tools/data_list/http_manual_list.txt +++ b/build/data_list/http_manual_list.txt diff --git a/bash/tools/data_list/npm_list.txt b/build/data_list/npm_list.txt index 84528569..84528569 100644 --- a/bash/tools/data_list/npm_list.txt +++ b/build/data_list/npm_list.txt diff --git a/bash/tools/data_list/pip_list.txt b/build/data_list/pip_list.txt index a4b09092..a4b09092 100644 --- a/bash/tools/data_list/pip_list.txt +++ b/build/data_list/pip_list.txt diff --git a/bash/tools/data_list/pkg_list.txt b/build/data_list/pkg_list.txt index 43f5aac5..43f5aac5 100644 --- a/bash/tools/data_list/pkg_list.txt +++ b/build/data_list/pkg_list.txt diff --git a/bash/tools/delete-local-images.sh b/build/delete-local-images.sh index 5e481c31..5e481c31 100755 --- a/bash/tools/delete-local-images.sh +++ b/build/delete-local-images.sh diff --git a/bash/tools/download_offline_data_by_lists.sh b/build/download_offline_data_by_lists.sh index 24cd5789..ff519212 100755 --- a/bash/tools/download_offline_data_by_lists.sh +++ b/build/download_offline_data_by_lists.sh @@ -32,7 +32,7 @@ fi CTOOLS="${LOCAL_PATH}/creating_data" LISTS_DIR="${LOCAL_PATH}/data_list" -DATA_DIR="${LOCAL_PATH}/../../resources" +DATA_DIR="${LOCAL_PATH}/../resources" TOTAL=12 CURR=1 @@ -71,7 +71,7 @@ echo "[Step $((CURR++))/$TOTAL Download rhel pkgs]" $CTOOLS/download-pkg.sh "$DATA_DIR/pkg/rhel" echo "[Step $((CURR++))/$TOTAL Download oom]" -$CTOOLS/download-oom.sh "$DATA_DIR" "${LOCAL_PATH}/../../patches/offline-changes.patch" +$CTOOLS/download-oom.sh "$DATA_DIR" "${LOCAL_PATH}/../patches/offline-changes.patch" echo "[Step $((CURR++))/$TOTAL Download sdnc-ansible-server packages]" $CTOOLS/download-pip.sh "$LISTS_DIR/pip_list.txt" "$DATA_DIR/pkg/ubuntu/ansible_pkg" diff --git a/cfg/cacert.cnf b/cfg/cacert.cnf deleted file mode 100644 index a6917ca9..00000000 --- a/cfg/cacert.cnf +++ /dev/null @@ -1,113 +0,0 @@ -[ ca ] -# `man ca` -default_ca = CA_default - -[ CA_default ] -# Directory and file locations. -dir = ./ -certs = $dir/certs -crl_dir = $dir/crl -new_certs_dir = $dir/newcerts -database = $dir/index.txt -serial = $dir/serial -RANDFILE = $dir/private/.rand - -# The root key and root certificate. -private_key = $dir/private/ca.key.pem -certificate = $dir/certs/ca.cert.pem - -# For certificate revocation lists. -crlnumber = $dir/crlnumber -crl = $dir/crl/ca.crl.pem -crl_extensions = crl_ext -default_crl_days = 30 - -# SHA-1 is deprecated, so use SHA-2 instead. -default_md = sha256 - -name_opt = ca_default -cert_opt = ca_default -default_days = 3750 -preserve = no -policy = policy_strict - -[ policy_strict ] -# The root CA should only sign intermediate certificates that match. -# See the POLICY FORMAT section of `man ca`. -countryName = match -organizationName = match -commonName = supplied - -[ policy_loose ] -# Allow the intermediate CA to sign a more diverse range of certificates. -# See the POLICY FORMAT section of the `ca` man page. -countryName = optional -localityName = optional -organizationName = optional -commonName = supplied - -[ req ] -# Options for the `req` tool (`man req`). -default_bits = 4096 -distinguished_name = req_distinguished_name -string_mask = utf8only -prompt = no - -# SHA-1 is deprecated, so use SHA-2 instead. -default_md = sha256 - -# Extension to add when the -x509 option is used. -x509_extensions = v3_ca - -[ req_distinguished_name ] -# Optionally, specify some defaults. -countryName = PL -localityName = Krakow -organizationName = Samsung -commonName = onap - -[ v3_ca ] -# Extensions for a typical CA (`man x509v3_config`). -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid:always,issuer -basicConstraints = critical, CA:true -keyUsage = critical, digitalSignature, cRLSign, keyCertSign - -[ v3_intermediate_ca ] -# Extensions for a typical intermediate CA (`man x509v3_config`). -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid:always,issuer -basicConstraints = critical, CA:true, pathlen:0 -keyUsage = critical, digitalSignature, cRLSign, keyCertSign - -[ usr_cert ] -# Extensions for client certificates (`man x509v3_config`). -basicConstraints = CA:FALSE -nsCertType = client, email -nsComment = "OpenSSL Generated Client Certificate" -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid,issuer -keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment -extendedKeyUsage = clientAuth, emailProtection - -[ server_cert ] -# Extensions for server certificates (`man x509v3_config`). -basicConstraints = CA:FALSE -nsCertType = server -nsComment = "OpenSSL Generated Server Certificate" -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid,issuer:always -keyUsage = critical, digitalSignature, keyEncipherment -extendedKeyUsage = serverAuth - -[ crl_ext ] -# Extension for CRLs (`man x509v3_config`). -authorityKeyIdentifier=keyid:always - -[ ocsp ] -# Extension for OCSP signing certificates (`man ocsp`). -basicConstraints = CA:FALSE -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid,issuer -keyUsage = critical, digitalSignature -extendedKeyUsage = critical, OCSPSigning diff --git a/cfg/full_depl_values.yaml b/cfg/full_depl_values.yaml deleted file mode 100644 index b16354e9..00000000 --- a/cfg/full_depl_values.yaml +++ /dev/null @@ -1,158 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration overrides. -# -# These overrides will affect all helm charts (ie. applications) -# that are listed below and are 'enabled'. -################################################################# -global: - # Change to an unused port prefix range to prevent port conflicts - # with other instances running within the same k8s cluster - nodePortPrefix: 302 - - # ONAP Repository - # Uncomment the following to enable the use of a single docker - # repository but ONLY if your repository mirrors all ONAP - # docker images. This includes all images from dockerhub and - # any other repository that hosts images for ONAP components. - #repository: nexus3.onap.org:10001 - repositoryCred: - user: docker - password: docker - - # readiness check - temporary repo until images migrated to nexus3 - readinessRepository: oomk8s - # logging agent - temporary repo until images migrated to nexus3 - loggingRepository: docker.elastic.co - - # image pull policy - #pullPolicy: Always - pullPolicy: IfNotPresent - - # default mount path root directory referenced - # by persistent volumes and log files - persistence: - mountPath: /dockerdata-nfs - - # flag to enable debugging - application support required - debugEnabled: false - -# Repository for creation of nexus3.onap.org secret -repository: nexus3.onap.org:10001 - - -################################################################# -# Enable/disable and configure helm charts (ie. applications) -# to customize the ONAP deployment. -################################################################# -aaf: - enabled: true -aai: - enabled: true -appc: - enabled: true - config: - openStackType: OpenStackProvider - openStackName: OpenStack - openStackKeyStoneUrl: FILL-ME - openStackServiceTenantName: FILL-ME - openStackDomain: FILL-ME - openStackUserName: FILL-ME - openStackEncryptedPassword: FILL-ME -clamp: - enabled: true -cli: - enabled: true -consul: - enabled: true -dcaegen2: - enabled: true -dmaap: - enabled: true -esr: - enabled: true -log: - enabled: true -sniro-emulator: - enabled: true -oof: - enabled: true -msb: - enabled: true -multicloud: - enabled: true -nbi: - enabled: true - config: - # openstack configuration - openStackUserName: "FILL-ME" - openStackRegion: "FILL-ME" - openStackKeyStoneUrl: "FILL-ME" - openStackServiceTenantName: "FILL-ME" - openStackEncryptedPasswordHere: "FILL-ME" -policy: - enabled: true -portal: - enabled: true -robot: - enabled: true -sdc: - enabled: true -sdnc: - enabled: true - - replicaCount: 1 - - config: - enableClustering: false - - mysql: - disableNfsProvisioner: true - replicaCount: 1 -so: - enabled: true - - replicaCount: 1 - - liveness: - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - - # so server configuration - config: - # message router configuration - dmaapTopic: "AUTO" - # openstack configuration - openStackUserName: "FILL-ME" - openStackRegion: "FILL-ME" - openStackKeyStoneUrl: "FILL-ME" - openStackServiceTenantName: "FILL-ME" - openStackEncryptedPasswordHere: "FILL-ME" - - # configure embedded mariadb - mariadb: - config: - mariadbRootPassword: password -uui: - enabled: true -vfc: - enabled: true -vid: - enabled: true -vnfsdk: - enabled: true - diff --git a/cfg/nexus_cert.cnf b/cfg/nexus_cert.cnf deleted file mode 100644 index ab8d5477..00000000 --- a/cfg/nexus_cert.cnf +++ /dev/null @@ -1,33 +0,0 @@ -[ req ] -default_bits = 4096 -default_keyfile = server-key.pem -distinguished_name = dn -#req_extensions = v3_req -x509_extensions = v3_req -string_mask = utf8only -prompt = no -default_md = sha256 - -[ dn ] - -countryName = PL -localityName = Krakow -organizationName = Samsung -commonName = registry-1.docker.io -#emailAddress - -[ v3_req ] - -#subjectKeyIdentifier = hash -#authorityKeyIdentifier = keyid,issuer - -basicConstraints = CA:FALSE -keyUsage = critical, keyAgreement, nonRepudiation, digitalSignature, keyEncipherment -extendedKeyUsage = serverAuth -# does not work here because of bug in openssl -#subjectAltName = @alternate_names -nsComment = "OpenSSL Generated Certificate" - -#[ alternate_names ] - -#DNS.4 = ftp.example.com diff --git a/cfg/nginx.conf b/cfg/nginx.conf deleted file mode 100644 index 7317d3f2..00000000 --- a/cfg/nginx.conf +++ /dev/null @@ -1,110 +0,0 @@ -worker_processes 2; - -events { - worker_connections 1024; -} - -http { - error_log /var/log/nginx/error.log debug; - access_log /var/log/nginx/access.log; - - proxy_intercept_errors on; - proxy_send_timeout 120; - proxy_read_timeout 300; - - upstream nexus { - server nexus:8081; - } - - upstream registry { - server nexus:8082; - } - -# http simulations - server { - listen 80; - listen 443 ssl; - server_name _; - ssl_certificate /etc/nginx/certs/nexus_server.crt; - ssl_certificate_key /etc/nginx/certs/nexus_server.key; - - keepalive_timeout 5 5; - - location / { - root /srv/http/$host; - index index.html; - } - } - -# nexus simulations - server { - listen 80; - listen 443 ssl; - server_name nexus.student12 gcr.io registry-1.docker.io docker.io registry.npmjs.org nexus3.onap.org docker.elastic.co registry.hub.docker.com; - ssl_certificate /etc/nginx/certs/nexus_server.crt; - ssl_certificate_key /etc/nginx/certs/nexus_server.key; - - keepalive_timeout 5 5; - proxy_buffering off; - - # allow large uploads - client_max_body_size 3G; - - location /maven2 { - rewrite /maven2/(.*) /repository/maven2/$1 break; - # redirect to docker registry - proxy_pass http://nexus; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - - location / { - # redirect to docker registry - if ($http_user_agent ~ docker ) { - proxy_pass http://registry; - } - proxy_pass http://nexus; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - } - -# git simulations - server { - listen 80; - listen 443 ssl; - server_name gerrit.onap.org git.rancher.io github.com; - ssl_certificate /etc/nginx/certs/nexus_server.crt; - ssl_certificate_key /etc/nginx/certs/nexus_server.key; - - keepalive_timeout 5 5; - proxy_buffering off; - - location / { - try_files $uri $uri/ @git; - } - - location @git { - - # Set chunks to unlimited, as the body's can be huge - client_max_body_size 0; - - fastcgi_param SCRIPT_FILENAME /usr/libexec/git-core/git-http-backend; - fastcgi_param QUERY_STRING $args; - fastcgi_param HTTP_HOST $server_name; - fastcgi_param PATH_INFO $uri; - - include fastcgi_params; - - fastcgi_param GIT_HTTP_EXPORT_ALL ""; - fastcgi_param GIT_PROJECT_ROOT /srv/git/$host/; - - # Forward REMOTE_USER as we want to know when we are authenticated - fastcgi_param REMOTE_USER $remote_user; - - fastcgi_pass unix:/var/run/fcgiwrap.socket; - } - } -} diff --git a/cfg/v3.ext b/cfg/v3.ext deleted file mode 100644 index b4a6e433..00000000 --- a/cfg/v3.ext +++ /dev/null @@ -1,24 +0,0 @@ -authorityKeyIdentifier=keyid,issuer -basicConstraints=CA:FALSE -keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment -subjectAltName = @alt_names - -[alt_names] -DNS.1 = nexus.student12 -DNS.2 = gcr.io -DNS.3 = git.rancher.io -DNS.4 = gerrit.onap.org -DNS.5 = registry-1.docker.io -DNS.6 = docker.io -DNS.7 = registry.npmjs.org -DNS.8 = nexus3.onap.org -DNS.9 = nexus.onap.org -DNS.10 = docker.elastic.co -DNS.11 = www.getcloudify.org -DNS.12 = registry.hub.docker.com -DNS.13 = github.com -DNS.14 = repo.maven.apache.org -DNS.15 = www.springframework.org -DNS.16 = repo1.maven.org -DNS.17 = git.onap.org - |