From 9df729a94661a298020ee2778f92dea0f539f3b5 Mon Sep 17 00:00:00 2001 From: Alexis de Talhouët Date: Thu, 14 Dec 2017 11:52:12 -0500 Subject: Add support for DCAE in Amsterdam MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - add nginx container to reverse proxy hostname coming from DCAE world to OOM world. - create DNS zone in Designate for simpledemo.onap.org. to point to the K8S hosts where dcaegen2 service is running. - add heat stack to deploy DCAE - update SDC configuration file to dynamically inject the UEB servers as those are in reality the k8s nodes ip addresses, as the dmaap service port is exposed by the dcaegen2 service. This is done because the service-change-handler container deployed by DCAE is getting the UEB servers IP list from SDC itself, hence to enable resolution in the DCAE VM, the IP has to be reachable. (Hence this config assume DCAE VMs can route to K8S hosts). Previous config was using dmaap.onap-message-router for UEB servers host, but this is not resolvable by any DNS. - add knob to deploy DCAE or not - add DCAE related parameters in onap-parameters.yaml (initial config) - fix DCAE healthcheck - add support to keystone v2.0 and v3 - fix vm_properties robot file Change-Id: I64ec6faf7b45b293bf7110e9e23e31798bf9b841 Signed-off-by: Alexis de Talhouët Issue-ID: OOM-508 --- kubernetes/config/docker/init/config-init.sh | 165 ++++++- .../init/src/config/dcaegen2/heat/OOM-openrc-v2.sh | 34 ++ .../init/src/config/dcaegen2/heat/OOM-openrc-v3.sh | 41 ++ .../init/src/config/dcaegen2/heat/entrypoint.sh | 158 +++++++ .../init/src/config/dcaegen2/heat/onap_dcae.env | 100 +++++ .../init/src/config/dcaegen2/heat/onap_dcae.yaml | 483 +++++++++++++++++++++ .../dcaegen2/nginx/certs/aai-service.onap.org.key | 32 ++ .../dcaegen2/nginx/certs/aai-service.onap.org.pem | 70 +++ .../dcaegen2/nginx/certs/sdc-be.onap.org.key | 32 ++ .../dcaegen2/nginx/certs/sdc-be.onap.org.pem | 74 ++++ .../nginx/config/aai-service.onap.org.conf | 19 + .../dcaegen2/nginx/config/dmaap.onap.org.conf | 17 + .../dcaegen2/nginx/config/open.onap.org.conf | 17 + .../config/dcaegen2/nginx/config/pdp.onap.org.conf | 17 + .../dcaegen2/nginx/config/sdc-be.onap.org.conf | 20 + .../config/robot/eteshare/config/vm_properties.py | 45 +- .../init/src/config/sdc/environments/AUTO.json | 4 +- kubernetes/config/onap-parameters-sample.yaml | 115 ++++- kubernetes/config/onap-parameters.yaml | 105 ++++- kubernetes/dcaegen2/dcae-parameters-sample.yaml | 41 -- .../dcaegen2/templates/heat-bootstrap-dep.yaml | 46 ++ kubernetes/dcaegen2/templates/nginx-dep.yaml | 53 +++ kubernetes/dcaegen2/templates/nginx-service.yaml | 35 ++ kubernetes/dcaegen2/templates/pod.yaml | 30 -- kubernetes/dcaegen2/values.yaml | 13 +- kubernetes/oneclick/createAll.bash | 34 -- 26 files changed, 1627 insertions(+), 173 deletions(-) create mode 100755 kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v2.sh create mode 100755 kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v3.sh create mode 100755 kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh create mode 100644 kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env create mode 100644 kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.yaml create mode 100644 kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/aai-service.onap.org.key create mode 100755 kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/aai-service.onap.org.pem create mode 100644 kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/sdc-be.onap.org.key create mode 100644 kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/sdc-be.onap.org.pem create mode 100644 kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf create mode 100644 kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf create mode 100644 kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf create mode 100644 kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf create mode 100644 kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf delete mode 100644 kubernetes/dcaegen2/dcae-parameters-sample.yaml create mode 100644 kubernetes/dcaegen2/templates/heat-bootstrap-dep.yaml create mode 100644 kubernetes/dcaegen2/templates/nginx-dep.yaml create mode 100644 kubernetes/dcaegen2/templates/nginx-service.yaml delete mode 100644 kubernetes/dcaegen2/templates/pod.yaml diff --git a/kubernetes/config/docker/init/config-init.sh b/kubernetes/config/docker/init/config-init.sh index e551b6deaa..0c72354499 100755 --- a/kubernetes/config/docker/init/config-init.sh +++ b/kubernetes/config/docker/init/config-init.sh @@ -1,21 +1,61 @@ #!/bin/bash -x echo "Validating onap-parameters.yaml has been populated" -[[ -z "$OPENSTACK_UBUNTU_14_IMAGE" ]] && { echo "Error: OPENSTACK_UBUNTU_14_IMAGE must be set in onap-parameters.yaml"; exit 1; } + +[[ -z "$DEPLOY_DCAE" ]] && { echo "Error: DEPLOY_DCAE must be set in onap-parameters.yaml"; exit 1; } + +[[ -z "$NEXUS_HTTP_REPO" ]] && { echo "Error: NEXUS_HTTP_REPO must be set in onap-parameters.yaml"; exit 1; } +[[ -z "$NEXUS_DOCKER_REPO" ]] && { echo "Error: NEXUS_DOCKER_REPO must be set in onap-parameters.yaml"; exit 1; } +[[ -z "$NEXUS_USERNAME" ]] && { echo "Error: NEXUS_USERNAME must be set in onap-parameters.yaml"; exit 1; } +[[ -z "$NEXUS_PASSWORD" ]] && { echo "Error: NEXUS_PASSWORD must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$OPENSTACK_PUBLIC_NET_ID" ]] && { echo "Error: OPENSTACK_PUBLIC_NET_ID must be set in onap-parameters.yaml"; exit 1; } -[[ -z "$OPENSTACK_OAM_NETWORK_ID" ]] && { echo "Error: OPENSTACK_OAM_NETWORK_ID must be set in onap-parameters.yaml"; exit 1; } -[[ -z "$OPENSTACK_OAM_SUBNET_ID" ]] && { echo "Error: OPENSTACK_OAM_SUBNET_ID must be set in onap-parameters.yaml"; exit 1; } +[[ -z "$OPENSTACK_PUBLIC_NET_NAME" ]] && { echo "Error: OPENSTACK_PUBLIC_NET_NAME must be set in onap-parameters.yaml"; exit 1; } [[ -z "$OPENSTACK_OAM_NETWORK_CIDR" ]] && { echo "Error: OPENSTACK_OAM_NETWORK_CIDR must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$OPENSTACK_USERNAME" ]] && { echo "Error: OPENSTACK_USERNAME must be set in onap-parameters.yaml"; exit 1; } -[[ -z "$OPENSTACK_TENANT_ID" ]] && { echo "Error: OPENSTACK_TENANT_ID must be set in onap-parameters.yaml"; exit 1; } [[ -z "$OPENSTACK_API_KEY" ]] && { echo "Error: OPENSTACK_API_KEY must be set in onap-parameters.yaml"; exit 1; } +[[ -z "$OPENSTACK_TENANT_NAME" ]] && { echo "Error: OPENSTACK_TENANT_NAME must be set in onap-parameters.yaml"; exit 1; } +[[ -z "$OPENSTACK_TENANT_ID" ]] && { echo "Error: OPENSTACK_TENANT_ID must be set in onap-parameters.yaml"; exit 1; } [[ -z "$OPENSTACK_REGION" ]] && { echo "Error: OPENSTACK_REGION must be set in onap-parameters.yaml"; exit 1; } +[[ -z "$OPENSTACK_API_VERSION" ]] && { echo "Error: OPENSTACK_API_VERSION must be set in onap-parameters.yaml"; exit 1; } [[ -z "$OPENSTACK_KEYSTONE_URL" ]] && { echo "Error: OPENSTACK_KEYSTONE_URL must be set in onap-parameters.yaml"; exit 1; } -[[ -z "$OPENSTACK_FLAVOUR_MEDIUM" ]] && { echo "Error: OPENSTACK_FLAVOUR_MEDIUM must be set in onap-parameters.yaml"; exit 1; } [[ -z "$OPENSTACK_SERVICE_TENANT_NAME" ]] && { echo "Error: OPENSTACK_SERVICE_TENANT_NAME must be set in onap-parameters.yaml"; exit 1; } + +[[ -z "$OPENSTACK_FLAVOUR_SMALL" ]] && { echo "Error: OPENSTACK_FLAVOUR_SMALL must be set in onap-parameters.yaml"; exit 1; } +[[ -z "$OPENSTACK_FLAVOUR_MEDIUM" ]] && { echo "Error: OPENSTACK_FLAVOUR_MEDIUM must be set in onap-parameters.yaml"; exit 1; } +[[ -z "$OPENSTACK_FLAVOUR_LARGE" ]] && { echo "Error: OPENSTACK_FLAVOUR_LARGE must be set in onap-parameters.yaml"; exit 1; } + +[[ -z "$OPENSTACK_UBUNTU_14_IMAGE" ]] && { echo "Error: OPENSTACK_UBUNTU_14_IMAGE must be set in onap-parameters.yaml"; exit 1; } +[[ -z "$OPENSTACK_UBUNTU_16_IMAGE" ]] && { echo "Error: OPENSTACK_UBUNTU_16_IMAGE must be set in onap-parameters.yaml"; exit 1; } +[[ -z "$OPENSTACK_CENTOS_7_IMAGE" ]] && { echo "Error: OPENSTACK_CENTOS_7_IMAGE must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$DMAAP_TOPIC" ]] && { echo "Error: DMAAP_TOPIC must be set in onap-parameters.yaml"; exit 1; } [[ -z "$DEMO_ARTIFACTS_VERSION" ]] && { echo "Error: DEMO_ARTIFACTS_VERSION must be set in onap-parameters.yaml"; exit 1; } -[[ -z "$OPENSTACK_TENANT_NAME" ]] && { echo "Error: OPENSTACK_TENANT_NAME must be set in onap-parameters.yaml"; exit 1; } + +if [ "$DEPLOY_DCAE" = "true" ] +then + [[ -z "$DCAE_IP_ADDR" ]] && { echo "Error: DCAE_IP_ADDR must be set in onap-parameters.yaml"; exit 1; } + + [[ -z "$DCAE_VM_BASE_NAME" ]] && { echo "Error: DCAE_VM_BASE_NAME must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$DCAE_DOCKER_VERSION" ]] && { echo "Error: DCAE_DOCKER_VERSION must be set in onap-parameters.yaml"; exit 1; } + + [[ -z "$OPENSTACK_KEY_NAME" ]] && { echo "Error: OPENSTACK_KEY_NAME must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$OPENSTACK_PUB_KEY" ]] && { echo "Error: OPENSTACK_PUB_KEY must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$OPENSTACK_PRIVATE_KEY" ]] && { echo "Error: OPENSTACK_PRIVATE_KEY must be set in onap-parameters.yaml"; exit 1; } + + [[ -z "$DNS_LIST" ]] && { echo "Error: DNS_LIST must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$EXTERNAL_DNS" ]] && { echo "Error: EXTERNAL_DNS must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$OPENSTACK_TENANT_NAME" ]] && { echo "Error: OPENSTACK_TENANT_NAME must be set in onap-parameters.yaml"; exit 1; } + + [[ -z "$DNSAAS_PROXY_ENABLE" ]] && { echo "Error: DNSAAS_PROXY_ENABLE must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$DNSAAS_REGION" ]] && { echo "Error: DNSAAS_REGION must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$DNSAAS_KEYSTONE_URL" ]] && { echo "Error: DNSAAS_KEYSTONE_URL must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$DNSAAS_TENANT_NAME" ]] && { echo "Error: DNSAAS_TENANT_NAME must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$DNSAAS_USERNAME" ]] && { echo "Error: DNSAAS_USERNAME must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$DNSAAS_PASSWORD" ]] && { echo "Error: DNSAAS_PASSWORD must be set in onap-parameters.yaml"; exit 1; } + [[ -z "$DCAE_DOMAIN" ]] && { echo "Error: DCAE_DOMAIN must be set in onap-parameters.yaml"; exit 1; } +fi #make NAMESPACE directory echo "Creating $NAMESPACE directory if it doesn't exist" @@ -76,44 +116,127 @@ echo "Substituting configuration parameters" # replace the default 'onap' namespace qualification of K8s hostnames within the config files find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/\.onap-/\.$NAMESPACE-/g" {} \; find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/kubectl -n onap/kubectl -n $NAMESPACE/g" {} \; -# set the ubuntu 14 image + +######### +# NEXUS # +######### +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s,NEXUS_HTTP_REPO_HERE,$NEXUS_HTTP_REPO,g" {} \; +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s,NEXUS_DOCKER_REPO_HERE,$NEXUS_DOCKER_REPO,g" {} \; +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/NEXUS_USERNAME_HERE/$NEXUS_USERNAME/g" {} \; +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/NEXUS_PASSWORD_HERE/$NEXUS_PASSWORD/g" {} \; + +########## +# Images # +########## find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/UBUNTU_14_IMAGE_NAME_HERE/$OPENSTACK_UBUNTU_14_IMAGE/g" {} \; -# set the openstack public network uuid -find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_PUBLIC_NET_ID_HERE/$OPENSTACK_PUBLIC_NET_ID/g" {} \; +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/UBUNTU_16_IMAGE_NAME_HERE/$OPENSTACK_UBUNTU_16_IMAGE/g" {} \; +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_CENTOS_7_IMAGE_HERE/$OPENSTACK_CENTOS_7_IMAGE/g" {} \; +############## +# Networking # +############## +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_PUBLIC_NET_ID_HERE/$OPENSTACK_PUBLIC_NET_ID/g" {} \; +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_PUBLIC_NET_NAME_HERE/$OPENSTACK_PUBLIC_NET_NAME/g" {} \; find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_NETWORK_ID_WITH_ONAP_ROUTE_HERE/$OPENSTACK_OAM_NETWORK_ID/g" {} \; - find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_SUBNET_ID_WITH_ONAP_ROUTE_HERE/$OPENSTACK_OAM_SUBNET_ID/g" {} \; - find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s,NETWORK_CIDR_WITH_ONAP_ROUTE_HERE,$OPENSTACK_OAM_NETWORK_CIDR,g" {} \; +################## +# Authentication # +################## find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_USERNAME_HERE/$OPENSTACK_USERNAME/g" {} \; - find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_TENANT_ID_HERE/$OPENSTACK_TENANT_ID/g" {} \; - +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_TENANT_NAME_HERE/$OPENSTACK_TENANT_NAME/g" {} \; find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_PASSWORD_HERE/$OPENSTACK_API_KEY/g" {} \; - find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_REGION_HERE/$OPENSTACK_REGION/g" {} \; - find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s,OPENSTACK_KEYSTONE_IP_HERE,$OPENSTACK_KEYSTONE_URL,g" {} \; +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s,OPENSTACK_API_VERSION_HERE,$OPENSTACK_API_VERSION,g" {} \; +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_SERVICE_TENANT_NAME_HERE/$OPENSTACK_SERVICE_TENANT_NAME/g" {} \; +########### +# Flavors # +########### +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_FLAVOUR_SMALL_HERE/$OPENSTACK_FLAVOUR_SMALL/g" {} \; find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_FLAVOUR_MEDIUM_HERE/$OPENSTACK_FLAVOUR_MEDIUM/g" {} \; +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_FLAVOUR_LARGE_HERE/$OPENSTACK_FLAVOUR_LARGE/g" {} \; +######## +# ONAP # +######## find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DMAAP_TOPIC_HERE/$DMAAP_TOPIC/g" {} \; - -find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_SERVICE_TENANT_NAME_HERE/$OPENSTACK_SERVICE_TENANT_NAME/g" {} \; - find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DEMO_ARTIFACTS_VERSION_HERE/$DEMO_ARTIFACTS_VERSION/g" {} \; - # SDNC/Robot preload files manipulation OPENSTACK_OAM_NETWORK_CIDR_PREFIX=`cut -d. -f1-3 <<<"$OPENSTACK_OAM_NETWORK_CIDR"` find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_OAM_NETWORK_CIDR_PREFIX_HERE/$OPENSTACK_OAM_NETWORK_CIDR_PREFIX/g" {} \; - # MSO post install steps to encrypt openstack password MSO_ENCRYPTION_KEY=$(cat /config-init/$NAMESPACE/mso/mso/encryption.key) OPENSTACK_API_ENCRYPTED_KEY=`echo -n "$OPENSTACK_API_KEY" | openssl aes-128-ecb -e -K $MSO_ENCRYPTION_KEY -nosalt | xxd -c 256 -p` find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_ENCRYPTED_PASSWORD_HERE/$OPENSTACK_API_ENCRYPTED_KEY/g" {} \; -find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_TENANT_NAME_HERE/$OPENSTACK_TENANT_NAME/g" {} \; + +find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DEPLOY_DCAE_HERE/$DEPLOY_DCAE/g" {} \; +if [ "$DEPLOY_DCAE" = "true" ] +then + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DCAE_IP_ADDR_HERE/$DCAE_IP_ADDR/g" {} \; + + ######## + # DCAE # + ######## + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DCAE_VM_BASE_NAME_HERE/$DCAE_VM_BASE_NAME/g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s,DCAE_KEYSTONE_URL_HERE,$DCAE_KEYSTONE_URL,g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s,DCAE_DOMAIN_HERE,$DCAE_DOMAIN,g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s,DCAE_DOCKER_VERSION_HERE,$DCAE_DOCKER_VERSION,g" {} \; + + ########### + # KeyPair # + ########### + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/OPENSTACK_KEY_NAME_HERE/$OPENSTACK_KEY_NAME/g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s,OPENSTACK_PUB_KEY_HERE,$OPENSTACK_PUB_KEY,g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s,OPENSTACK_PRIVATE_KEY_HERE,$OPENSTACK_PRIVATE_KEY,g" {} \; + + ####### + # DNS # + ####### + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DNS_LIST_HERE/$DNS_LIST/g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/EXTERNAL_DNS_HERE/$EXTERNAL_DNS/g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DNS_FORWARDER_HERE/$DNS_FORWARDER/g" {} \; + + ################# + # DNS Designate # + ################# + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DNSAAS_PROXY_ENABLE_HERE/$DNSAAS_PROXY_ENABLE/g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DNSAAS_REGION_HERE/$DNSAAS_REGION/g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s,DNSAAS_KEYSTONE_URL_HERE,$DNSAAS_KEYSTONE_URL,g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DNSAAS_TENANT_NAME_HERE/$DNSAAS_TENANT_NAME/g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DNSAAS_USERNAME_HERE/$DNSAAS_USERNAME/g" {} \; + find /config-init/$NAMESPACE/ -type f -exec sed -i -e "s/DNSAAS_PASSWORD_HERE/$DNSAAS_PASSWORD/g" {} \; +fi + + +# Instal kubectl commands +apt -y install curl +curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl +chmod +x ./kubectl +mv ./kubectl /usr/local/bin/kubectl + + +# Inject node ip for UEB config +# There is actually two places where we need to inject this list, and one required to list to be comma seperated and quote separated, +# and one requires to be only quote seperated. +UEB_ADDR_IP=$(kubectl get nodes -o jsonpath='{ $.items[*].status.addresses[?(@.type=="ExternalIP")].address }') + +# As SDC is expecting a cluster of UEB, there is a need to have at least two entries. If we have only one, we duplicate it. +# Also, this list has to be comma seperated. +if [ `echo $UEB_ADDR_IP | wc -w` -gt "1" ] +then + UEB_ADDR_IP_COMMA_AND_QUOTE_SEPERATED=`echo $UEB_ADDR_IP | sed 's/ /","/'` + UEB_ADDR_IP_COMMA_SEPERATED=`echo $UEB_ADDR_IP | sed 's/ /,/'` +else + UEB_ADDR_IP_COMMA_AND_QUOTE_SEPERATED="$UEB_ADDR_IP\",\"$UEB_ADDR_IP" + UEB_ADDR_IP_COMMA_SEPERATED="$UEB_ADDR_IP,$UEB_ADDR_IP" +fi + +sed -i -e "s/UEB_ADDR_IP_COMMA_AND_QUOTE_SEPERATED_HERE/$UEB_ADDR_IP_COMMA_AND_QUOTE_SEPERATED/g" /config-init/$NAMESPACE/sdc/environments/AUTO.json +sed -i -e "s/UEB_ADDR_IP_COMMA_SEPERATE_HERE/$UEB_ADDR_IP_COMMA_SEPERATED/g" /config-init/$NAMESPACE/sdc/environments/AUTO.json echo "Done!" diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v2.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v2.sh new file mode 100755 index 0000000000..3313ef6793 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v2.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash +# To use an OpenStack cloud you need to authenticate against the Identity +# service named keystone, which returns a **Token** and **Service Catalog**. +# The catalog contains the endpoints for all services the user/tenant has +# access to - such as Compute, Image Service, Identity, Object Storage, Block +# Storage, and Networking (code-named nova, glance, keystone, swift, +# cinder, and neutron). +# +# *NOTE*: Using the 2.0 *Identity API* does not necessarily mean any other +# OpenStack API is version 2.0. For example, your cloud provider may implement +# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is +# only for the Identity API served through keystone. +export OS_AUTH_URL=OPENSTACK_KEYSTONE_IP_HERE/v2.0 +# With the addition of Keystone we have standardized on the term **tenant** +# as the entity that owns the resources. +export OS_TENANT_ID=OPENSTACK_TENANT_ID_HERE +export OS_TENANT_NAME="OPENSTACK_TENANT_NAME_HERE" +# unsetting v3 items in case set +unset OS_PROJECT_ID +unset OS_PROJECT_NAME +unset OS_USER_DOMAIN_NAME +unset OS_INTERFACE +# In addition to the owning entity (tenant), OpenStack stores the entity +# performing the action as the **user**. +export OS_USERNAME="OPENSTACK_USERNAME_HERE" +# With Keystone you pass the keystone password. +export OS_PASSWORD=OPENSTACK_PASSWORD_HERE +# If your configuration has multiple regions, we set that information here. +# OS_REGION_NAME is optional and only valid in certain environments. +export OS_REGION_NAME="OPENSTACK_REGION_HERE" +# Don't leave a blank variable, unset it if it was empty +if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi +export OS_ENDPOINT_TYPE=publicURL +export OS_IDENTITY_API_VERSION=2 \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v3.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v3.sh new file mode 100755 index 0000000000..f8d0967fc3 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/OOM-openrc-v3.sh @@ -0,0 +1,41 @@ +#!/usr/bin/env bash + +# To use an OpenStack cloud you need to authenticate against the Identity +# service named keystone, which returns a **Token** and **Service Catalog**. +# The catalog contains the endpoints for all services the user/tenant has +# access to - such as Compute, Image Service, Identity, Object Storage, Block +# Storage, and Networking (code-named nova, glance, keystone, swift, +# cinder, and neutron). +# +# *NOTE*: Using the 3 *Identity API* does not necessarily mean any other +# OpenStack API is version 3. For example, your cloud provider may implement +# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is +# only for the Identity API served through keystone. +export OS_AUTH_URL=OPENSTACK_KEYSTONE_IP_HERE/v3 + +# With the addition of Keystone we have standardized on the term **project** +# as the entity that owns the resources. +export OS_PROJECT_ID=OPENSTACK_TENANT_ID_HERE +export OS_PROJECT_NAME="OPENSTACK_TENANT_NAME_HERE" +export OS_USER_DOMAIN_NAME="Default" +if [ -z "$OS_USER_DOMAIN_NAME" ]; then unset OS_USER_DOMAIN_NAME; fi + +# unset v2.0 items in case set +unset OS_TENANT_ID +unset OS_TENANT_NAME + +# In addition to the owning entity (tenant), OpenStack stores the entity +# performing the action as the **user**. +export OS_USERNAME="OPENSTACK_USERNAME_HERE" + +# With Keystone you pass the keystone password. +export OS_PASSWORD=OPENSTACK_PASSWORD_HERE + +# If your configuration has multiple regions, we set that information here. +# OS_REGION_NAME is optional and only valid in certain environments. +export OS_REGION_NAME="OPENSTACK_REGION_HERE" +# Don't leave a blank variable, unset it if it was empty +if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi + +export OS_INTERFACE=public +export OS_IDENTITY_API_VERSION=3 \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh b/kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh new file mode 100755 index 0000000000..85c5ee2b13 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/entrypoint.sh @@ -0,0 +1,158 @@ +#/bin/bash +set -x + +function configure_dns_designate() { + # Check whether the SIMPLEDEMO_ONAP_ORG_ZONE_ID exists + EXISTING_ZONES=`openstack zone list -f=yaml -c=name | awk ' { print$3 } '` + if [[ $EXISTING_ZONES =~ (^|[[:space:]])$SIMPLEDEMO_ONAP_ORG_ZONE_NAME($|[[:space:]]) ]] + then + echo "Zone $SIMPLEDEMO_ONAP_ORG_ZONE_NAME already exist, retrieving it's ID." + SIMPLEDEMO_ONAP_ORG_ZONE_ID=`openstack zone list -f=yaml --name=simpledemo.onap.org. -c=id | awk ' { print $3 } '` + echo "Zone $SIMPLEDEMO_ONAP_ORG_ZONE_NAME id is: $SIMPLEDEMO_ONAP_ORG_ZONE_ID" + else + echo "Zone $SIMPLEDEMO_ONAP_ORG_ZONE_NAME doens't exist, creating ..." + SIMPLEDEMO_ONAP_ORG_ZONE_ID=`openstack zone create --email=oom@onap.org --description="DNS zone bridging DCAE and OOM" --type=PRIMARY $SIMPLEDEMO_ONAP_ORG_ZONE_NAME -f=yaml -c id | awk '{ print $2} '` + + echo "Create recordSet for $SIMPLEDEMO_ONAP_ORG_ZONE_NAME" + openstack recordset create --type=A --ttl=10 --records=$NODE_IP $SIMPLEDEMO_ONAP_ORG_ZONE_ID vm1.aai + openstack recordset create --type=A --ttl=10 --records=$NODE_IP $SIMPLEDEMO_ONAP_ORG_ZONE_ID vm1.sdc + openstack recordset create --type=A --ttl=10 --records=$NODE_IP $SIMPLEDEMO_ONAP_ORG_ZONE_ID vm1.mr + openstack recordset create --type=A --ttl=10 --records=$NODE_IP $SIMPLEDEMO_ONAP_ORG_ZONE_ID vm1.policy + openstack recordset create --type=A --ttl=10 --records=$NODE_IP $SIMPLEDEMO_ONAP_ORG_ZONE_ID vm1.openo + + echo "Create CNAMEs for $SIMPLEDEMO_ONAP_ORG_ZONE_NAME" + # AAI + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.aai.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c1.vm1.aai.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.aai.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c2.vm1.aai.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.aai.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c3.vm1.aai.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.aai.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID aai.api.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.aai.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID aai.ui.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.aai.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID aai.searchservice.simpledemo.onap.org. + + # SDC + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.sdc.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c1.vm1.sdc.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.sdc.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c2.vm1.sdc.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.sdc.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c3.vm1.sdc.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.sdc.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c4.vm1.sdc.simpledemo.onap.org. + + # Policy + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.policy.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c1.vm1.policy.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.policy.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c2.vm1.policy.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.policy.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c3.vm1.policy.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.policy.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c4.vm1.policy.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.policy.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c5.vm1.policy.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.policy.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c6.vm1.policy.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.policy.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c7.vm1.policy.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.policy.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID c8.vm1.policy.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.policy.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID policy.api.simpledemo.onap.org. + + # MR + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.mr.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID ueb.api.simpledemo.onap.org. + + # Open-O + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.openo.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID msb.api.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.openo.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID mvim.api.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.openo.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID vnfsdk.api.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.openo.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID vfc.api.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.openo.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID uui.api.simpledemo.onap.org. + openstack recordset create --type=CNAME --ttl=86400 --records=vm1.openo.simpledemo.onap.org. $SIMPLEDEMO_ONAP_ORG_ZONE_ID esr.api.simpledemo.onap.org. + fi +} + +function monitor_nginx_node_ip() { + echo "Monitor DCAE nginx host ip..." + while true + do + # Get the Kubernetes Node IP hosting the DCAE NGINX pod + NODE_IP=`kubectl get services dcaegen2 -o jsonpath='{.status.loadBalancer.ingress[0].ip}'` + + # Lookup the IP for the first DNS record entry + # Assumption is made all entried are sharing the same IP, hence if the first one is different + # We update the whole table + CURRENT_NODE_IP=`openstack recordset list $SIMPLEDEMO_ONAP_ORG_ZONE_ID -c records --type=A -f yaml | head -n 1 | awk ' { print $3 } '` + + if [ "$NODE_IP" != "$CURRENT_NODE_IP" ]; then + refresh_dns_records + fi + + # refresh every 10 seconds + sleep 10 + done +} + +function refresh_dns_records() { + echo "DCAE nginx host ip has changed, update DNS records..." + # Get the Kubernetes Node IP hosting the DCAE NGINX pod + NODE_IP=`kubectl get services dcaegen2 -o jsonpath='{.status.loadBalancer.ingress[0].ip}'` + + # Update all the simpledemo record + SIMPLEDEMO_ONAP_ORG_RECORD_TYPE_A_IDS=`openstack recordset list $SIMPLEDEMO_ONAP_ORG_ZONE_ID --type=A -c=id -f=yaml | awk ' { print $3 } '` + for record_id in $SIMPLEDEMO_ONAP_ORG_RECORD_TYPE_A_IDS + do + openstack recordset set --records=$NODE_IP $SIMPLEDEMO_ONAP_ORG_ZONE_ID $record_id + done +} + +############################################################################################################# +# Script starts here # +############################################################################################################# + +# Retrieve the namespace +if [ "$#" -ne 1 ]; then + echo "Usage: $(basename $0) " + exit 1 +fi +NAMESPACE=$1 + +# K8S variable +MR_ZONE="$NAMESPACE-message-router" + +# Heat variable +STACK_NAME="dcae" + +# DNS variables +SIMPLEDEMO_ONAP_ORG_ZONE_NAME="simpledemo.onap.org." +SIMPLEDEMO_ONAP_ORG_ZONE_ID="" + +# Install required packages to interfact with OpenStack CLIs +apt update -y +apt -y install python-pip +pip install python-openstackclient +pip install python-heatclient +pip install python-designateclient + +# Instal kubectl commands +apt -y install curl +curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl +chmod +x ./kubectl +mv ./kubectl /usr/local/bin/kubectl + +# Get the Kubernetes Node IP hosting the DCAE NGINX pod +NODE_IP=`kubectl get services dcaegen2 -o jsonpath='{.status.loadBalancer.ingress[0].ip}'` + +# # Source OpenStack parameters +if [ "OPENSTACK_API_VERSION_HERE" = "v2.0" ] +then + source /opt/heat/OOM-openrc-v2.sh +else + source /opt/heat/OOM-openrc-v3.sh +fi + +# Create stasck if doens't exist +EXISTING_STACKS=`openstack stack list -c 'Stack Name' -f yaml | awk '{ print $4}'` +if ! [[ $EXISTING_STACKS =~ (^|[[:space:]])$STACK_NAME($|[[:space:]]) ]] +then + # create the DCAE stack + openstack stack create -t /opt/heat/onap_dcae.yaml -e /opt/heat/onap_dcae.env $STACK_NAME + + # wait 10 seconds to let the stack start, so the ips have been assigned. + sleep 10 + + # get the DCAE Boostrap VM ip, to configure Robot with it, for Healthcheck + DCAE_CONTROLLER_IP=`openstack stack output show dcae dcae_floating_ip -c output_value -f yaml | awk '{ print $2}'` + sed -i -e "s/DCAE_CONTROLLER_IP_HERE/$DCAE_CONTROLLER_IP/g" /opt/robot/vm_properties.py; +fi + +configure_dns_designate + +monitor_nginx_node_ip \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env b/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env new file mode 100644 index 0000000000..363de40526 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.env @@ -0,0 +1,100 @@ +parameters: + + ############################################## + # # + # Parameters used across all ONAP components # + # # + ############################################## + + public_net_id: OPENSTACK_PUBLIC_NET_ID_HERE + + public_net_name: OPENSTACK_PUBLIC_NET_NAME_HERE + + ubuntu_1404_image: UBUNTU_14_IMAGE_NAME_HERE + + ubuntu_1604_image: UBUNTU_16_IMAGE_NAME_HERE + + flavor_small: OPENSTACK_FLAVOUR_SMALL_HERE + + flavor_medium: OPENSTACK_FLAVOUR_MEDIUM_HERE + + flavor_large: OPENSTACK_FLAVOUR_LARGE_HERE + + vm_base_name: DCAE_VM_BASE_NAME_HERE + + key_name: OPENSTACK_KEY_NAME_HERE + + pub_key: OPENSTACK_PUB_KEY_HERE + + nexus_repo: NEXUS_HTTP_REPO_HERE + + nexus_docker_repo: NEXUS_DOCKER_REPO_HERE + + nexus_username: NEXUS_USERNAME_HERE + + nexus_password: NEXUS_PASSWORD_HERE + + artifacts_version: DEMO_ARTIFACTS_VERSION_HERE + + openstack_tenant_id: OPENSTACK_TENANT_ID_HERE + + openstack_tenant_name: OPENSTACK_TENANT_NAME_HERE + + openstack_username: OPENSTACK_USERNAME_HERE + + openstack_api_key: OPENSTACK_PASSWORD_HERE + + openstack_region: OPENSTACK_REGION_HERE + + keystone_url: OPENSTACK_KEYSTONE_IP_HERE + + cloud_env: openstack + + ###################### + # # + # Network parameters # + # # + ###################### + + dns_list: DNS_LIST_HERE + external_dns: EXTERNAL_DNS_HERE + dns_forwarder: DNS_FORWARDER_HERE + oam_network_cidr: NETWORK_CIDR_WITH_ONAP_ROUTE_HERE + + ### Private IP addresses ### + + dns_ip_addr: DNS_FORWARDER_HERE + dcae_ip_addr: DCAE_IP_ADDR_HERE + + aai1_k8s_ip_addr: vm1.aai.simpledemo.onap.org + aai2_k8s_ip_addr: vm2.aai.simpledemo.onap.org + mr_k8s_ip_addr: vm1.mr.simpledemo.onap.org + sdc_k8s_ip_addr: vm1.sdc.simpledemo.onap.org + policy_k8s_ip_addr: vm1.policy.simpledemo.onap.org + openo_k8s_ip_addr: vm1.openo.simpledemo.onap.org + + ########################### + # # + # Parameters used by DCAE # + # # + ########################### + + dnsaas_config_enabled: DNSAAS_PROXY_ENABLE_HERE + dnsaas_region: DNSAAS_REGION_HERE + dnsaas_keystone_url: DNSAAS_KEYSTONE_URL_HERE + dnsaas_tenant_name: DNSAAS_TENANT_NAME_HERE + dnsaas_username: DNSAAS_USERNAME_HERE + dnsaas_password: DNSAAS_PASSWORD_HERE + dcae_keystone_url: DCAE_KEYSTONE_URL_HERE + dcae_centos_7_image: OPENSTACK_CENTOS_7_IMAGE_HERE + dcae_domain: DCAE_DOMAIN_HERE + dcae_public_key: OPENSTACK_PUB_KEY_HERE + dcae_private_key: OPENSTACK_PRIVATE_KEY_HERE + + ################################ + # # + # Docker versions and branches # + # # + ################################ + + dcae_docker: DCAE_DOCKER_VERSION_HERE diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.yaml b/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.yaml new file mode 100644 index 0000000000..31a81169a6 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/heat/onap_dcae.yaml @@ -0,0 +1,483 @@ +########################################################################## +# +#==================LICENSE_START========================================== +# +# +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +#==================LICENSE_END============================================ +# +# ECOMP is a trademark and service mark of AT&T Intellectual Property. +# +########################################################################## + +heat_template_version: 2015-10-15 + +description: Heat template to install ONAP components + +############## +# # +# PARAMETERS # +# # +############## + +parameters: + + ############################################## + # # + # Parameters used across all ONAP components # + # # + ############################################## + + public_net_id: + type: string + description: The ID of the Public network for floating IP address allocation + + public_net_name: + type: string + description: The name of the Public network referred by public_net_id + + ubuntu_1404_image: + type: string + description: Name of the Ubuntu 14.04 image + + ubuntu_1604_image: + type: string + description: Name of the Ubuntu 16.04 image + + flavor_small: + type: string + description: Name of the Small Flavor supported by the cloud provider + + flavor_medium: + type: string + description: Name of the Medium Flavor supported by the cloud provider + + flavor_large: + type: string + description: Name of the Large Flavor supported by the cloud provider + + vm_base_name: + type: string + description: Base name of ONAP VMs + + key_name: + type: string + description: Public/Private key pair name + + pub_key: + type: string + description: Public key to be installed on the compute instance + + nexus_repo: + type: string + description: Complete URL for the Nexus repository. + + nexus_docker_repo: + type: string + description: Complete URL for the Nexus repository for docker images. + + nexus_username: + type: string + description: Nexus Repository username + + nexus_password: + type: string + description: Nexus Repository Password + + artifacts_version: + type: string + description: Artifacts version of ONAP components + + openstack_tenant_id: + type: string + description: OpenStack tenant ID + + openstack_tenant_name: + type: string + description: OpenStack tenant name (matching with the openstack_tenant_id) + + openstack_username: + type: string + description: OpenStack username + + openstack_api_key: + type: string + description: OpenStack password or API Key + + keystone_url: + type: string + description: URL of OpenStack Keystone + + cloud_env: + type: string + description: Cloud Provider Name in lower case + + openstack_region: + type: string + description: Region where the DCAE controller will spin the VMs + + ###################### + # # + # Network parameters # + # # + ###################### + + dns_list: + type: comma_delimited_list + description: List of External DNS for OAM ONAP network + + external_dns: + type: string + description: Public IP of the external DNS for ONAP network + + dns_forwarder: + type: string + description: the forwarder address for setting up ONAP's private DNS server + + oam_network_cidr: + type: string + description: CIDR of the OAM ONAP network + + ### Private IP addresses ### + dns_ip_addr: + type: string + dcae_ip_addr: + type: string + aai1_k8s_ip_addr: + type: string + aai2_k8s_ip_addr: + type: string + mr_k8s_ip_addr: + type: string + policy_k8s_ip_addr: + type: string + sdc_k8s_ip_addr: + type: string + openo_k8s_ip_addr: + type: string + + ########################### + # # + # Parameters used by DCAE # + # # + ########################### + + dnsaas_config_enabled: + type: string + description: whether the DNSaaS configuration section is enabled + + dnsaas_region: + type: string + description: the region of the cloud instance providing the Designate DNS as a Service + + dnsaas_keystone_url: + type: string + description: the keystone URL of the cloud instance providing the Designate DNS as a Service + + dnsaas_username: + type: string + description: the username of the cloud instance providing the Designate DNS as a Service + + dnsaas_password: + type: string + description: the password of the cloud instance providing the Designate DNS as a Service + + dnsaas_tenant_name: + type: string + description: the name of the tenant in the cloud instance providing the Designate DNS as a Service + + dcae_keystone_url: + type: string + description: the keystone URL for DCAE to use (via MultiCloud) + + dcae_private_key: + type: string + description: the private key of the key-apir used between the DCAE bootstrap container and DCAE VMs + + dcae_public_key: + type: string + description: the prublic key of the key-apir used between the DCAE bootstrap container and DCAE VMs + + dcae_centos_7_image: + type: string + description: the id/name of the CentOS 7 VM imange + + dcae_domain: + type: string + description: the top level domain to register DCAE VMs (the zone will be random-str.dcae_domain) + + dcae_docker: + type: string + + +############# +# # +# RESOURCES # +# # +############# + +resources: + random-str: + type: OS::Heat::RandomString + properties: + length: 4 + + # Public key used to access ONAP components + vm_key: + type: OS::Nova::KeyPair + properties: + name: + str_replace: + template: base_rand + params: + base: { get_param: key_name } + rand: { get_resource: random-str } + public_key: { get_param: pub_key } + save_private_key: false + + + # ONAP security group + onap_sg: + type: OS::Neutron::SecurityGroup + properties: + name: + str_replace: + template: base_rand + params: + base: onap_sg + rand: { get_resource: random-str } + description: security group used by ONAP + rules: + # All egress traffic + - direction: egress + ethertype: IPv4 + - direction: egress + ethertype: IPv6 + # ingress traffic + # ICMP + - protocol: icmp + - protocol: udp + port_range_min: 1 + port_range_max: 65535 + - protocol: tcp + port_range_min: 1 + port_range_max: 65535 + + # ONAP management private network + oam_onap: + type: OS::Neutron::Net + properties: + name: + str_replace: + template: oam_onap_rand + params: + rand: { get_resource: random-str } + + oam_onap_subnet: + type: OS::Neutron::Subnet + properties: + name: + str_replace: + template: oam_onap_rand + params: + rand: { get_resource: random-str } + network_id: { get_resource: oam_onap } + cidr: { get_param: oam_network_cidr } + dns_nameservers: { get_param: dns_list } + + router: + type: OS::Neutron::Router + properties: + external_gateway_info: + network: { get_param: public_net_id } + + router_interface: + type: OS::Neutron::RouterInterface + properties: + router_id: { get_resource: router } + subnet_id: { get_resource: oam_onap_subnet } + + # DCAE GEN 2 Controller instantiation + dcae_c_private_port: + type: OS::Neutron::Port + properties: + network: { get_resource: oam_onap } + fixed_ips: [{"subnet": { get_resource: oam_onap_subnet }, "ip_address": { get_param: dcae_ip_addr }}] + + dcae_c_floating_ip: + type: OS::Neutron::FloatingIP + properties: + floating_network_id: { get_param: public_net_id } + port_id: { get_resource: dcae_c_private_port } + + dcae_c_vm: + type: OS::Nova::Server + properties: + image: { get_param: ubuntu_1604_image } + flavor: { get_param: flavor_small } + name: + str_replace: + template: base-dcae-bootstrap + params: + base: { get_param: vm_base_name } + key_name: { get_resource: vm_key } + networks: + - port: { get_resource: dcae_c_private_port } + #security_groups: + # - { get_resource: onap_sg } + user_data_format: RAW + user_data: + str_replace: + params: + __rand_str__: { get_resource: random-str } + # repo related + __artifacts_version__: { get_param: artifacts_version } + __docker_version__: { get_param: dcae_docker } + __nexus_repo__: { get_param: nexus_repo } + __nexus_docker_repo__: { get_param: nexus_docker_repo } + __nexus_username__: { get_param: nexus_username } + __nexus_password__: { get_param: nexus_password } + # conf for the ONAP environment where the DCAE bootstrap vm/conatiner runs + __mac_addr__: { get_attr: [dcae_c_private_port, mac_address] } + __dcae_ip_addr__: { get_param: dcae_ip_addr } + __dcae_float_ip__: { get_attr: [dcae_c_floating_ip, floating_ip_address] } + __dns_ip_addr__: { get_param: dns_ip_addr } + __external_dns__: { get_param: external_dns } + __dns_forwarder__: { get_param: dns_forwarder } + __dcae_domain__: { get_param: dcae_domain } + # conf for VMs DCAE is to bringup + __openstack_keystone_url__: { get_param: keystone_url } + __dcae_keystone_url__: { get_param: dcae_keystone_url } + __dcaeos_cloud_env__: { get_param: cloud_env } + __dcaeos_keystone_url__: { get_param: dcae_keystone_url } + __dcaeos_region__: { get_param: openstack_region } + __dcaeos_tenant_id__: { get_param: openstack_tenant_id } + __dcaeos_tenant_name__: { get_param: openstack_tenant_name } + __dcaeos_security_group__: + str_replace: + template: 'onap_sg_rand' + params: + rand: { get_resource: random-str } + #__dcaeos_security_group__: { get_attr: [onap_sg, name] } + __dcaeos_username__: { get_param: openstack_username } + __dcaeos_password__: { get_param: openstack_api_key } + __dcaeos_key_name__: { get_resource: vm_key } + __dcaeos_public_key__: { get_param: dcae_public_key } + __dcaeos_private_key__: { get_param: dcae_private_key } + __dcaeos_private_network_name__: { get_attr: [oam_onap, name] } + __dcaeos_public_network_name__: { get_param: public_net_name } + __dcaeos_ubuntu_1604_image__: { get_param: ubuntu_1604_image } + __dcaeos_centos_7_image__: { get_param: dcae_centos_7_image } + __dcaeos_flavor_id__: { get_param: flavor_medium } + __dcaeos_flavor_id_cdap__: { get_param: flavor_large } + __dcaeos_dnsaas_config_enabled__: { get_param: dnsaas_config_enabled } + __dcaeos_dnsaas_region__: { get_param: dnsaas_region } + __dcaeos_dnsaas_keystone_url__: { get_param: dnsaas_keystone_url } + __dnsaas_tenant_name__: { get_param: dnsaas_tenant_name } + __dcaeos_dnsaas_username__: { get_param: dnsaas_username } + __dcaeos_dnsaas_password__: { get_param: dnsaas_password } + # fixed private IPs + __mr_ip_addr__: { get_param: mr_k8s_ip_addr } + __policy_ip_addr__: { get_param: policy_k8s_ip_addr } + __sdc_ip_addr__: { get_param: sdc_k8s_ip_addr } + __openo_ip_addr__: { get_param: openo_k8s_ip_addr } + __aai1_ip_addr__: { get_param: aai1_k8s_ip_addr } + __aai2_ip_addr__: { get_param: aai2_k8s_ip_addr } + # floating IPs + __dns_floating_ip_addr__: { get_param: dns_ip_addr } + __aai1_floating_ip_addr__: { get_param: aai1_k8s_ip_addr } + __aai2_floating_ip_addr__: { get_param: aai1_k8s_ip_addr } + __mrouter_floating_ip_addr__: { get_param: mr_k8s_ip_addr } + __sdc_floating_ip_addr__: { get_param: sdc_k8s_ip_addr } + __policy_floating_ip_addr__: { get_param: policy_k8s_ip_addr } + __openo_floating_ip_addr__: { get_param: openo_k8s_ip_addr } + __dcae_c_floating_ip_addr__: { get_attr: [dcae_c_floating_ip, floating_ip_address] } + + template: | + #!/bin/bash + + # Create configuration files + mkdir -p /opt/config + echo "__rand_str__" > /opt/config/dcae_zone.txt + echo "__rand_str__" > /opt/config/rand_str.txt + # repo related + echo "__docker_version__" > /opt/config/docker_version.txt + echo "__artifacts_version__" > /opt/config/artifacts_version.txt + echo "__nexus_repo__" > /opt/config/nexus_repo.txt + echo "__nexus_docker_repo__" > /opt/config/nexus_docker_repo.txt + echo "__nexus_username__" > /opt/config/nexus_username.txt + echo "__nexus_password__" > /opt/config/nexus_password.txt + echo "__gerrit_branch__" > /opt/config/gerrit_branch.txt + # conf for the ONAP environment where the DCAE bootstrap vm/conatiner runs + echo "__mac_addr__" > /opt/config/mac_addr.txt + echo "__dcae_ip_addr__" > /opt/config/dcae_ip_addr.txt + echo "__dcae_float_ip__" > /opt/config/dcae_float_ip.txt + echo "__dns_ip_addr__" > /opt/config/dns_ip_addr.txt + echo "__external_dns__" > /opt/config/external_dns.txt + echo "__dns_forwarder__" > /opt/config/dns_forwarder.txt + echo "__dcae_domain__" > /opt/config/dcae_domain.txt + # conf for the OpenStack env where DCAE is deployed + echo "__openstack_keystone_url__" > /opt/config/openstack_keystone_url.txt + echo "__dcaeos_cloud_env__" > /opt/config/cloud_env.txt + echo "__dcaeos_keystone_url__" > /opt/config/keystone_url.txt + echo "__dcaeos_region__" > /opt/config/openstack_region.txt + echo "__dcaeos_tenant_id__" > /opt/config/tenant_id.txt + echo "__dcaeos_tenant_name__" > /opt/config/tenant_name.txt + echo "__dcaeos_username__" > /opt/config/openstack_user.txt + echo "__dcaeos_password__" > /opt/config/openstack_password.txt + echo "__dcaeos_key_name__" > /opt/config/key_name.txt + echo "__dcaeos_public_key__" > /opt/config/pub_key.txt + echo "__dcaeos_private_key__" > /opt/config/priv_key + echo "__dcaeos_private_network_name__" > /opt/config/openstack_private_network_name.txt + echo "__dcaeos_public_network_name__" > /opt/config/public_net_name.txt + echo "__dcaeos_public_network_name__" > /opt/config/public_net_id.txt + echo "__dcaeos_ubuntu_1604_image__" > /opt/config/ubuntu_1604_image.txt + echo "__dcaeos_centos_7_image__" > /opt/config/centos_7_image.txt + echo "__dcaeos_security_group__" > /opt/config/security_group.txt + echo "__dcaeos_flavor_id__" > /opt/config/flavor_id.txt + echo "__dcaeos_flavor_id_cdap__" > /opt/config/flavor_id_cdap.txt + echo "__dcaeos_dnsaas_config_enabled__" > /opt/config/dnsaas_config_enabled.txt + echo "__dcaeos_dnsaas_region__" > /opt/config/dnsaas_region.txt + echo "__dcaeos_dnsaas_keystone_url__" > /opt/config/dnsaas_keystone_url.txt + echo "__dnsaas_tenant_name__" > /opt/config/dnsaas_tenant_name.txt + echo "__dcaeos_dnsaas_username__" > /opt/config/dnsaas_username.txt + echo "__dcaeos_dnsaas_password__" > /opt/config/dnsaas_password.txt + # fixed private IP addresses of other ONAP components + echo "__mr_ip_addr__" > /opt/config/mr_ip_addr.txt + echo "__policy_ip_addr__" > /opt/config/policy_ip_addr.txt + echo "__sdc_ip_addr__" > /opt/config/sdc_ip_addr.txt + echo "__openo_ip_addr__" > /opt/config/openo_ip_addr.txt + echo "__aai1_ip_addr__" > /opt/config/aai1_ip_addr.txt + echo "__aai2_ip_addr__" > /opt/config/aai2_ip_addr.txt + # floating IPs + echo "__dns_floating_ip_addr__" > /opt/config/dns_floating_ip_addr.txt + echo "__aai1_floating_ip_addr__" > /opt/config/aai1_floating_ip_addr.txt + echo "__aai2_floating_ip_addr__" > /opt/config/aai2_floating_ip_addr.txt + echo "__mrouter_floating_ip_addr__" > /opt/config/mrouter_floating_ip_addr.txt + echo "__sdc_floating_ip_addr__" > /opt/config/sdc_floating_ip_addr.txt + echo "__policy_floating_ip_addr__" > /opt/config/policy_floating_ip_addr.txt + echo "__openo_floating_ip_addr__" > /opt/config/openo_floating_ip_addr.txt + echo "__dcae_c_floating_ip_addr__" > /opt/config/dcae_c_floating_ip_addr.txt + + # Download and run install script + curl -k __nexus_repo__/org.onap.demo/boot/__artifacts_version__/dcae2_install.sh -o /opt/dcae2_install.sh + cd /opt + chmod +x dcae2_install.sh + ./dcae2_install.sh > /tmp/dcae2_install.log 2>&1 + +outputs: + dcae_floating_ip: + description: DCAE Boostrap container external IP Address + value: { get_attr: [ dcae_c_floating_ip, floating_ip_address ] } \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/aai-service.onap.org.key b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/aai-service.onap.org.key new file mode 100644 index 0000000000..c351eb60c0 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/aai-service.onap.org.key @@ -0,0 +1,32 @@ +Bag Attributes + friendlyName: aaiopenecomp + localKeyID: 54 69 6D 65 20 31 35 31 33 30 31 33 39 36 36 30 34 31 +Key Attributes: +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDBCtCXwDStPQmO +Wiwyv/ssSFPlQ6J/gYY86T7c0IjFPeU6oBtR/531lfJPaNYVGIpa5rTe9D4PFzxz +aHZFG4fwvASI6Jao+NZHE2qwBHNkwjevIcUIUFmHQVymMf2QR4pWUsNi5XryT5m5 +wp02KpQ2frWUPuRuYQbC/MrB/3UWsnT34IEzHU6dYqbeAI0oOoAQUxkI52fYyB6w +lgH/TeXM8FLWMN8FciZdFxMHOmAD7B0IufRwhDV4tZTBLm1SpQk2Hfqcd1XInQ/Z +iN0ku7GEVyYEo7PVKHLI74EG0oE7wQZtTqop+U6LA7DQWyfwuMpysdDnw0+6LnLT +gFRHKl/dAgMBAAECggEBAJko2HkeIW01mUhdWOXnFgR7WjzzXZEmlffr41lVBr7f +rejGsQZs9cms73R7rCdOsi8PDoA6bqaQfADg571K659fvYVWbHqh+3im+iWvUlKm +GYIVG/vNrEq43CZsUU7Qw/xba/QiOFraNxCATTV1sORPwgddouXEi5XW9ZPX9/FJ +wORx4L/K0DfHX1rr+rtOoHCJdZYhn3Ij87kmR8Mwg0fNeWhHqtxUEyM/itRjCvOe +mgt2V8DORhmq12L4+5QJctBrkBVRp9Rh6YSZZBGnKbTSgf4q648BdkJDLSK4cguT +D6BAw3gxj5V4wt5W0wn2JpjadFwnixrTzvMP/yAqfK0CgYEA93nBAoUPw8nzQkwk +8iWBjfJ999Rw92hnnvk3xbcQcGfgUYuB4dxwe6FQTmFIVylt81er1YUvMb3ao7fo +5ZcGnI5p1idjsd27kbZJLxb5Oh919hKu5IfkfYsVgnC0UdKCTgH5CaH0U4ATuXwt +RL6qm0XcLALs5y2OO6z3s+mYhisCgYEAx7EQ8MA45bkXnRQiHBhGcIIcr2sRDfVJ +OhHmGxx3EcYgtsIYKTqtQOyIt/nQxo6iyNL9bzfzBTybFJLuj63ZG1Ef4LosJedl +eAU2NsKv5MlKYDSdNbLAJ0Op9I2Xu/pXQecPwY/3MkIQArdQCLevMLEGywCsuJTn +BjkJNDkb9hcCgYAhoFiaiAwJVYKJSqFmibQd3opBR4uGApi54DE021gPff3b9rHS +R8q88cFgtRVISqfW/d2qaKtt/dcckdvCfo/2a99zqux/+ZoIBZXSITQCMs4rfoRn +JxPj/ycQD1JhH9J22QvGxEvXoLqNZJMeGS5DZO2yyT75dpYyA6Gwv5fq+wKBgQC5 +AhV917lfLELyZurLOLpaFlHZO8rLMcusH1UfHRo7v2IjsGOOHyzRD9QDD1IcA55R +jRj8Z8uhuGq9fvvC5gBVTK3KGPI6E85wifOWfH1V7CAaTeSxEXDxb8EQL/a6U89v +4VE5tdYCHC6VNZzS1staw0hV38QmJt57Z3Bdj+OV9QKBgE/b9fxpo+SVQ37BzNNY +SEKTTijaddz8fdomApg6a2eFJL93Ej/op7N7gnHtPWMivPnRRza9ZjfnG+aZ7n2J +sWyBiZK9xliS2TsF3l3q9Z0Vaq3i1nOlV7Bd20ZS8KjQjDtKnIRfLkQDkvmXbU5L +emwkdsQZbpPFJch3mCGtI7JW +-----END PRIVATE KEY----- diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/aai-service.onap.org.pem b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/aai-service.onap.org.pem new file mode 100755 index 0000000000..9be8cec45f --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/aai-service.onap.org.pem @@ -0,0 +1,70 @@ +Bag Attributes + friendlyName: aaiopenecomp + localKeyID: 54 69 6D 65 20 31 35 31 33 30 31 33 39 36 36 30 34 31 +subject=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=SimpleDemo/CN=aai.api.simpledemo.openecomp.org/emailAddress=aai-host@api.simpledemo.openecomp.org +issuer=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=simpledemo/CN=OpenECOMP simpledemo Server CA X1/emailAddress=simpledemo@openecomp.org +-----BEGIN CERTIFICATE----- +MIIEiTCCA3GgAwIBAgIJAIPKfDLcn3MpMA0GCSqGSIb3DQEBCwUAMIGtMQswCQYD +VQQGEwJVUzELMAkGA1UECAwCTkoxEzARBgNVBAcMCkJlZG1pbnN0ZXIxEjAQBgNV +BAoMCU9wZW5FQ09NUDETMBEGA1UECwwKc2ltcGxlZGVtbzEqMCgGA1UEAwwhT3Bl +bkVDT01QIHNpbXBsZWRlbW8gU2VydmVyIENBIFgxMScwJQYJKoZIhvcNAQkBFhhz +aW1wbGVkZW1vQG9wZW5lY29tcC5vcmcwHhcNMTYxMTMwMTUzODM5WhcNMTcxMTMw +MTUzODM5WjCBuTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5KMRMwEQYDVQQHDApC +ZWRtaW5zdGVyMRIwEAYDVQQKDAlPcGVuRUNPTVAxEzARBgNVBAsMClNpbXBsZURl +bW8xKTAnBgNVBAMMIGFhaS5hcGkuc2ltcGxlZGVtby5vcGVuZWNvbXAub3JnMTQw +MgYJKoZIhvcNAQkBFiVhYWktaG9zdEBhcGkuc2ltcGxlZGVtby5vcGVuZWNvbXAu +b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQrQl8A0rT0Jjlos +Mr/7LEhT5UOif4GGPOk+3NCIxT3lOqAbUf+d9ZXyT2jWFRiKWua03vQ+Dxc8c2h2 +RRuH8LwEiOiWqPjWRxNqsARzZMI3ryHFCFBZh0FcpjH9kEeKVlLDYuV68k+ZucKd +NiqUNn61lD7kbmEGwvzKwf91FrJ09+CBMx1OnWKm3gCNKDqAEFMZCOdn2MgesJYB +/03lzPBS1jDfBXImXRcTBzpgA+wdCLn0cIQ1eLWUwS5tUqUJNh36nHdVyJ0P2Yjd +JLuxhFcmBKOz1ShyyO+BBtKBO8EGbU6qKflOiwOw0Fsn8LjKcrHQ58NPui5y04BU +Rypf3QIDAQABo4GdMIGaMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgO4MB0G +A1UdDgQWBBQyMUOsE2J+CKzK0qd8KFBD2gaWyjBbBgNVHSAEVDBSMFAGBFUdIAAw +SDBGBggrBgEFBQcCAjA6GjhLZWVwIGF3YXkgZnJvbSBjaGlsZHJlbi4gIFRoaXMg +Y2VydGlmaWNhdGUgaXMgbm90IGEgdG95LjANBgkqhkiG9w0BAQsFAAOCAQEAnkoy +2tWJOyyyIQwtVojUxv1GWQPnw3WCUcKpuX4CJhHXLxNErW1fBg7bmo08BNmBPPpq +WrJsy5lbBgUo9kgpViux5Stfy1rRIRsRLfl/icgCvJmUAxkmRCZL7yUvwG4K7s+8 +DwT+nW/XuWNP6Hd/qHccexB6COJ8KwvTdVoxAkCdX8qw4MCb/f7Kb1yle/vwBM5Q +UUONCJ4bEns1vnb9DGlNDUJNwCfwORAaVJpVS38Mv4UnSTmb2KMePtCWcx/dNsYR +2XrSGqLDnTvHwOpyhbfFTmackysGoSuDytORXy8YbwEiF13BwEK8i3rgNN0Z2ojf +cpmE2xxmaa+A2uuN6g== +-----END CERTIFICATE----- +Bag Attributes + friendlyName: root + 2.16.840.1.113894.746875.1.1: +subject=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=simpledemo/CN=OpenECOMP simpledemo Server CA X1/emailAddress=simpledemo@openecomp.org +issuer=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=simpledemo/CN=OpenECOMP simpledemo Root Certification Authority/emailAddress=simpledemo@openecomp.org +-----BEGIN CERTIFICATE----- +MIIFpTCCA42gAwIBAgIJAJqx8dKnCZZoMA0GCSqGSIb3DQEBCwUAMIG9MQswCQYD +VQQGEwJVUzELMAkGA1UECAwCTkoxEzARBgNVBAcMCkJlZG1pbnN0ZXIxEjAQBgNV +BAoMCU9wZW5FQ09NUDETMBEGA1UECwwKc2ltcGxlZGVtbzE6MDgGA1UEAwwxT3Bl +bkVDT01QIHNpbXBsZWRlbW8gUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEn +MCUGCSqGSIb3DQEJARYYc2ltcGxlZGVtb0BvcGVuZWNvbXAub3JnMB4XDTE2MTEy +ODIxMTQyNloXDTIxMTEyNzIxMTQyNlowga0xCzAJBgNVBAYTAlVTMQswCQYDVQQI +DAJOSjETMBEGA1UEBwwKQmVkbWluc3RlcjESMBAGA1UECgwJT3BlbkVDT01QMRMw +EQYDVQQLDApzaW1wbGVkZW1vMSowKAYDVQQDDCFPcGVuRUNPTVAgc2ltcGxlZGVt +byBTZXJ2ZXIgQ0EgWDExJzAlBgkqhkiG9w0BCQEWGHNpbXBsZWRlbW9Ab3BlbmVj +b21wLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALr4rivKQuRk +YNf5Ig40e1nqj6s6LB1vgMOYbKfRziOFpPcUpsHPOhusHowiUsrU1vdFSzPz6Ej7 +PjlmNSg2Qka8YCn9kd6QgM7U0KcPJvIucBp+qjifH3EvP0jgDPhDeVRYxzV454dv +5kQ9uCpswJP7YAnX51dkWeH8nwPUoagt31bOl9LXENSrgxEThxdLYMJnQJWk2CmV +otXM4tT1dxyJxFUrZ6uJCEAYw5VtlplqihHf8lHy+sWQavtsLz/4dc+sGeXSTfoI +voKvoh3uZ5gEhGV8yfJxk1veX5y5/AxP80vQ+smWYjTnQL5QQ57y4bciez4XVBmQ +SWimWtOi4e8CAwEAAaOBtTCBsjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE +AwIBhjAdBgNVHQ4EFgQUTqdsYgGNGubdJHq9tsaJhM9HE5wwcAYDVR0gBGkwZzBl +BgRVHSAAMF0wWwYIKwYBBQUHAgIwTxpNSWYgeW91IHRydXN0IHRoaXMgY2VydCB0 +aGVuIHdlIGhhdmUgYSBicmlkZ2UgdGhhdCB5b3UgbWlnaHQgYmUgaW50ZXJlc3Rl +ZCBpbi4wDQYJKoZIhvcNAQELBQADggIBAKNNlRqFuE/JgV1BHyYK0xoSXH4aZP/7 +IoHtDVcSaZAOOuFOUrwVMUbzRBebbb6RpFwt/X+NLFUGysd+XNLF7W7lzxKtmFNX +n4OpNkBe0y5O7yurus8rERHzu3jiOSgVo+WzDlGpYSRnG3hI2qPWqD+Puzx/WwI8 +XUTuzEQQ3gUSyVFfXHpay3VpYmLZiLJ9WKY5SDw7Ie6Sxrju4Qm1HwnFY8wHZGcs +2KMQzorJ1ZNQf523yUTghbT0rKaSFaD8zugPtI2ONfFG/QgrkQXo78opzPsHnHwa +SxGSiAgeLbwAUCvPNl27zr6k6+7TcNjV0VUivAs0OG3VEAdgi7UWYB+30KfWwHwE +zGmvd4IAGqIqlqLcSVArN5z8JK1B5nfjQn5UrclU1vK+dnuiKE2X4rKuBTRYRFR/ +km+mj4koYFPKFHndmJl1uv2OCJK9l5CSIuKWeI1qv8BASKqgNdoT/SKBXqxgYlCb +o+j4IDjxrxChRO+e5vl9lA7INfRrbljCkUjfLRa+v2q9tWQ3+EQUwwnSrSfihh2T +j0Tksr6b8dDsvMlCdOKG1B+JPcEXORSFKNXVTEfjqpJG8s16kFAocWt3S6xO0k1t +qbQp+3tWQgW2TGnX0rMZzB6NGRNfWhlYmq2zHgXkiCIZ26Ztgt/LNbwEvN3+VlLo +z/Rd+SKtlrfb +-----END CERTIFICATE----- diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/sdc-be.onap.org.key b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/sdc-be.onap.org.key new file mode 100644 index 0000000000..8034303863 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/sdc-be.onap.org.key @@ -0,0 +1,32 @@ +Bag Attributes + friendlyName: 1 + localKeyID: 54 69 6D 65 20 31 35 31 32 37 36 39 37 33 30 39 31 33 +Key Attributes: +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDrqffRX4JNNpcF +7+d+WNRQghPLy+OwSo/eoeraPK18MDfvVvsYlRCIA1yjlgQu1vIhD9rTnUps4t8L +GSIr2hYdsjxrY9c9Gu1rgO8DcNXyReFhq+FRWsR2zAWjzmR2tw/oiHbljx/7ehAh +M3xkUbU7fplQqVfEcfr/6vHdMjtdeLv1gbWxhpSDwyXKxy0Tg54zPppI6hMH6Efa +qqo2yYY1JFLoxjP6lSpt2AIzCGdZXbXkV1HsOMSPxaKOrt4aicG2CCX96381grfn +yMpLQ7Jv3NcPR3F/vEdGpSvdG4wtg+WrrpCH25ocXeDEfTQQB9EhZXkLcEkCzehm +DFXsYVBBAgMBAAECggEBAOkwoYCzIktnFh+Q2R9DpKsZW59QXDfoP95LmAlk+0Gk +sOSKzCHx9o6vzO4uFmuG08Z1WtIElU2TXKMttotv3Gx8Hp8hBy12xLGYvmlIMNvv +2+n62xTWXQs0LOx+4Rg7Yml1Bzl1227KxMUlnhPiahO53NldB/Th2D197OA0wVtl +o3d753CNs+vVk1Z8RTUWrW1ZNHdfQNa1zrNo3Q5/evnlt+mAhFbUIKB3FgMk4N4/ +EjnTH6d+MEUD1sVCNruxqv8PZzRzzJEU/8gzy0WAPFAGOOC7hgU3n7dIEEkjvoIw +HlZD5c6I+3AzYq08CtUwWI09pNVlznqoOY6d548YusUCgYEA9cHOUXiafXFupqpT +HwE18Yk5sqISpPwS8yip4NPPUv+W9qvCpdkFvV3HRMlICWJGoerRsALEQYY5fsvY +7lk1avunprbIa9XLUrvb4ydJYynFhKjXkfTAmyCmbvH8t10BfDNuXT098+4M4HpG +YW2Arl9Db7RoOBwQtPFX2RmYOM8CgYEA9Xx4TbsbT1C6c49aDZmuFeBXDEaMTDYS +CC50MqMQpfoqS5QVyjl7JzP/dIz9CcUExFz7MOmYCp8yocXnLwxGDrZjZMkwEz15 +8WUGj4WMpSpUSRmGEVnoVE5bRazq37vhbOwh8gcKhF1ifVgwm+Rjs+4g6DwmSR8l +4CVK6lWrCe8CgYEA5QR7kR6z0Wywse4N0dnd/D1mIFq6xzcFLcZaMOMR1IXMmAjO +NqF8oNDQjwCH+f60VdWvHLgnTeyYjdnHSa6mghEMVecF9L/iXzIjopaM5DUcFRkG +8sRD7QxLLR6i4/lvFeAT3B3jKvtO0q4AAnD6NwUdoe5cJNW6l/REalNYsK8CgYBw +n7lF2CiwW9YevE7RXIc8rB7jl943/LqLHFzc+mjh7QLIh9jzXSm+E6IIY8KXX9dP +C2WGzDSf8ue0xmnI8PWXPGAfVhoDSboPYI0A/YFIKUJgAyC6ByiKvSQstCdRnA3Q +/giY1Fgj4AAWh4ZNjxua6g4Y3bem5m5nBlT3a3Q76wKBgQDSMFNfVNWautPQvcYB +iu9oQhbXVkjh+ToFWq6pW4VaWhEf/6hqvihc6PcB7FXJ1v1/ybko6cIgVmFUt43s +it1q5aLy3v6GTS/UnDZI3r5oECEuLeUqnHm3qilbatUtwvxghgdwGK+YG0yTfS3y +GqdNDH5YdJJMyiLdQlLIzJb/XQ== +-----END PRIVATE KEY----- diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/sdc-be.onap.org.pem b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/sdc-be.onap.org.pem new file mode 100644 index 0000000000..940231d822 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/certs/sdc-be.onap.org.pem @@ -0,0 +1,74 @@ +Bag Attributes + friendlyName: 1 + localKeyID: 54 69 6D 65 20 31 35 31 32 37 36 39 37 33 30 39 31 33 +subject=/C=US/ST=Michigan/L=Southfield/O=ATT Services, Inc./OU=ASDC/CN=mtanjv9sdcf51.aic.cip.att.com +issuer=/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4 +-----BEGIN CERTIFICATE----- +MIIGDzCCBPegAwIBAgIQfZLBdhhGhkOBcXuI5oF0gTANBgkqhkiG9w0BAQsFADB+ +MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd +BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVj +IENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MB4XDTE1MTIwOTAwMDAwMFoX +DTE2MTIwODIzNTk1OVowgYkxCzAJBgNVBAYTAlVTMREwDwYDVQQIDAhNaWNoaWdh +bjETMBEGA1UEBwwKU291dGhmaWVsZDEbMBkGA1UECgwSQVRUIFNlcnZpY2VzLCBJ +bmMuMQ0wCwYDVQQLDARBU0RDMSYwJAYDVQQDDB1tdGFuanY5c2RjZjUxLmFpYy5j +aXAuYXR0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOup99Ff +gk02lwXv535Y1FCCE8vL47BKj96h6to8rXwwN+9W+xiVEIgDXKOWBC7W8iEP2tOd +Smzi3wsZIivaFh2yPGtj1z0a7WuA7wNw1fJF4WGr4VFaxHbMBaPOZHa3D+iIduWP +H/t6ECEzfGRRtTt+mVCpV8Rx+v/q8d0yO114u/WBtbGGlIPDJcrHLRODnjM+mkjq +EwfoR9qqqjbJhjUkUujGM/qVKm3YAjMIZ1ldteRXUew4xI/Foo6u3hqJwbYIJf3r +fzWCt+fIyktDsm/c1w9HcX+8R0alK90bjC2D5auukIfbmhxd4MR9NBAH0SFleQtw +SQLN6GYMVexhUEECAwEAAaOCAnswggJ3MCgGA1UdEQQhMB+CHW10YW5qdjlzZGNm +NTEuYWljLmNpcC5hdHQuY29tMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0G +A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBhBgNVHSAEWjBYMFYGBmeBDAEC +AjBMMCMGCCsGAQUFBwIBFhdodHRwczovL2Quc3ltY2IuY29tL2NwczAlBggrBgEF +BQcCAjAZGhdodHRwczovL2Quc3ltY2IuY29tL3JwYTAfBgNVHSMEGDAWgBRfYM9h +kFXfhEMUimAqsvV69EMY7zArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vc3Muc3lt +Y2IuY29tL3NzLmNybDBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6 +Ly9zcy5zeW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9zcy5zeW1jYi5jb20v +c3MuY3J0MIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYA3esdK3oNT6Ygi4GtgWhw +fi6OnQHVXIiNPRHEzbbsvswAAAFRh4XRnAAABAMARzBFAiBXZqph5qeHUUnY8OkH +jJLo454/8c9IBB7asjEYWYoBPQIhAKAwvP8KfqilgawBkuRV7r41P8Xd3Yi72RQO +1Dvpi8rkAHcApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFRh4XR +3AAABAMASDBGAiEAon+cZcRpSsuo1aiCtaN3aAG0EqJb/1jJ4m4Q/qo1nEoCIQCr +KrBNyywa4OTmSVSAsyazbnMr5ldimxNORhhtyGeFLDANBgkqhkiG9w0BAQsFAAOC +AQEAG3/Mq8F0wbCpOOMCq4dZwgLENBjor9b9UljQZ+sgt7Nn00bfGdxY4MKtOTiK +9ks/nV9sW0KyvhsZvLPPgdSCnu0MZogWQsKqQDkIkJoHtFRSaYTT1vLAIoKz/dN+ +SBS71EzFH92lMfiFtAjfTrFady0/6z7lp4VZwbXLWjHw6LQESENc29Xw1jpCVkg8 +iB2n/qCFfyw3HuvP+eW2TLmnHOl0tda1vrYKCXT2n7HepiJM3g9yLjb/w3MuxEmw +dj1DqRemXtOUJW0mQXn1mRBjXEunzHoCr3GaeSU6G3RbIzXr34Hsv4IbggkhRula +gQIYidtDmw0PS1kyaFvlhZkd1g== +-----END CERTIFICATE----- +Bag Attributes + friendlyName: CN=Symantec Class 3 Secure Server CA - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US +subject=/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4 +issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 +-----BEGIN CERTIFICATE----- +MIIFODCCBCCgAwIBAgIQUT+5dDhwtzRAQY0wkwaZ/zANBgkqhkiG9w0BAQsFADCB +yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL +ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp +U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW +ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5IC0gRzUwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB+MQsw +CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV +BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVjIENs +YXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAstgFyhx0LbUXVjnFSlIJluhL2AzxaJ+aQihiw6UwU35VEYJb +A3oNL+F5BMm0lncZgQGUWfm893qZJ4Itt4PdWid/sgN6nFMl6UgfRk/InSn4vnlW +9vf92Tpo2otLgjNBEsPIPMzWlnqEIRoiBAMnF4scaGGTDw5RgDMdtLXO637QYqzu +s3sBdO9pNevK1T2p7peYyo2qRA4lmUoVlqTObQJUHypqJuIGOmNIrLRM0XWTUP8T +L9ba4cYY9Z/JJV3zADreJk20KQnNDz0jbxZKgRb78oMQw7jW2FUyPfG9D72MUpVK +Fpd6UiFjdS8W+cRmvvW1Cdj/JwDNRHxvSz+w9wIDAQABo4IBYzCCAV8wEgYDVR0T +AQH/BAgwBgEB/wIBADAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vczEuc3ltY2Iu +Y29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB/wQEAwIBBjAvBggrBgEFBQcBAQQjMCEw +HwYIKwYBBQUHMAGGE2h0dHA6Ly9zMi5zeW1jYi5jb20wawYDVR0gBGQwYjBgBgpg +hkgBhvhFAQc2MFIwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20v +Y3BzMCgGCCsGAQUFBwICMBwaGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20vcnBhMCkG +A1UdEQQiMCCkHjAcMRowGAYDVQQDExFTeW1hbnRlY1BLSS0xLTUzNDAdBgNVHQ4E +FgQUX2DPYZBV34RDFIpgKrL1evRDGO8wHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnz +Qzn6Aq8zMTMwDQYJKoZIhvcNAQELBQADggEBAF6UVkndji1l9cE2UbYD49qecxny +H1mrWH5sJgUs+oHXXCMXIiw3k/eG7IXmsKP9H+IyqEVv4dn7ua/ScKAyQmW/hP4W +Ko8/xabWo5N9Q+l0IZE1KPRj6S7t9/Vcf0uatSDpCr3gRRAMFJSaXaXjS5HoJJtG +QGX0InLNmfiIEfXzf+YzguaoxX7+0AjiJVgIcWjmzaLmFN5OUiQt/eV5E1PnXi8t +TRttQBVSK/eHiXgSgW7ZTaoteNTCLD0IX4eRnh8OsN4wUmSGiaqdZpwOdgyA8nTY +Kvi4Os7X1g8RvmurFPW9QaAiY4nxug9vKWNmLT+sjHLF+8fk1A/yO0+MKcc= +-----END CERTIFICATE----- diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf new file mode 100644 index 0000000000..9cfb221771 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/aai-service.onap.org.conf @@ -0,0 +1,19 @@ +server { + listen 8443 ssl; + listen [::]:8443 ssl; + + root /var/www/html; + + index index.html index.htm index.nginx-debian.html; + + server_name *.aai.simpledemo.onap.org; + + location / { + proxy_pass https://aai-service.onap-aai:8443/; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Proto "https"; + } + + ssl_certificate /etc/certs/aai-service.onap.org.pem; + ssl_certificate_key /etc/certs/aai-service.onap.org.key; +} diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf new file mode 100644 index 0000000000..1015a22063 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/dmaap.onap.org.conf @@ -0,0 +1,17 @@ +server { + listen 3904 ; + listen [::]:3904 ; + + root /var/www/html; + + index index.html index.htm index.nginx-debian.html; + + server_name *.mr.simpledemo.onap.org; + + location / { + proxy_pass http://dmaap.onap-message-router:3904/; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Proto "http"; + } + +} diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf new file mode 100644 index 0000000000..ed62a32f20 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/open.onap.org.conf @@ -0,0 +1,17 @@ +server { + listen 80 ; + listen [::]:80 ; + + root /var/www/html; + + index index.html index.htm index.nginx-debian.html; + + server_name *.openo.simpledemo.onap.org; + + location / { + proxy_pass http://msb-iag.onap-msb:80/; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Proto "http"; + } + +} diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf new file mode 100644 index 0000000000..2bbff5c6d4 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/pdp.onap.org.conf @@ -0,0 +1,17 @@ +server { + listen 8081 ; + listen [::]:8081 ; + + root /var/www/html; + + index index.html index.htm index.nginx-debian.html; + + server_name *.policy.simpledemo.onap.org; + + location / { + proxy_pass http://pdp.onap-policy:8081/; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Proto "http"; + } + +} diff --git a/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf new file mode 100644 index 0000000000..7f15044a97 --- /dev/null +++ b/kubernetes/config/docker/init/src/config/dcaegen2/nginx/config/sdc-be.onap.org.conf @@ -0,0 +1,20 @@ +server { + listen 8443 ssl; + listen [::]:8443 ssl; + + root /var/www/html; + + index index.html index.htm index.nginx-debian.html; + + server_name *.sdc.simpledemo.onap.org; + + location / { + proxy_pass https://sdc-be.onap-sdc:8443/; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Proto "https"; + } + + ssl_certificate /etc/certs/sdc-be.onap.org.pem; + ssl_certificate_key /etc/certs/sdc-be.onap.org.key; + +} diff --git a/kubernetes/config/docker/init/src/config/robot/eteshare/config/vm_properties.py b/kubernetes/config/docker/init/src/config/robot/eteshare/config/vm_properties.py index 387a14451d..02d02ccf27 100755 --- a/kubernetes/config/docker/init/src/config/robot/eteshare/config/vm_properties.py +++ b/kubernetes/config/docker/init/src/config/robot/eteshare/config/vm_properties.py @@ -1,24 +1,22 @@ -# File generated from /opt/config -# GLOBAL_INJECTED_AAI1_IP_ADDR = "aai-service.onap-aai" GLOBAL_INJECTED_AAI2_IP_ADDR = "N/A" GLOBAL_INJECTED_APPC_IP_ADDR = "sdnhost.onap-appc" -GLOBAL_INJECTED_ARTIFACTS_VERSION = "1.1.0-SNAPSHOT" +GLOBAL_INJECTED_ARTIFACTS_VERSION = "DEMO_ARTIFACTS_VERSION_HERE" GLOBAL_INJECTED_CLAMP_IP_ADDR = "clamp.onap-clamp" GLOBAL_INJECTED_CLOUD_ENV = "openstack" -GLOBAL_INJECTED_DCAE_IP_ADDR = "dcae-controller.onap-dcae" -GLOBAL_INJECTED_DNS_IP_ADDR = "10.0.100.1" -GLOBAL_INJECTED_DOCKER_VERSION = "1.1-STAGING-latest" -#GLOBAL_INJECTED_EXTERNAL_DNS = "N/A" -GLOBAL_INJECTED_GERRIT_BRANCH = "master" +GLOBAL_INJECTED_DCAE_IP_ADDR = "DCAE_CONTROLLER_IP_HERE" +GLOBAL_INJECTED_DNS_IP_ADDR = "DNS_IP_ADDR_HERE" +GLOBAL_INJECTED_EXTERNAL_DNS = "EXTERNAL_DNS_HERE" +GLOBAL_INJECTED_DOCKER_VERSION = "DCAE_DOCKER_VERSION_HERE" +GLOBAL_INJECTED_GERRIT_BRANCH = "amsterdam" GLOBAL_INJECTED_KEYSTONE = "OPENSTACK_KEYSTONE_IP_HERE" GLOBAL_INJECTED_MR_IP_ADDR = "dmaap.onap-message-router" GLOBAL_INJECTED_MSO_IP_ADDR = "mso.onap-mso" GLOBAL_INJECTED_NETWORK = "OPENSTACK_NETWORK_ID_WITH_ONAP_ROUTE_HERE" -GLOBAL_INJECTED_NEXUS_DOCKER_REPO = "nexus3.onap.org:10001" -GLOBAL_INJECTED_NEXUS_PASSWORD = "docker" +GLOBAL_INJECTED_NEXUS_DOCKER_REPO = "NEXUS_DOCKER_REPO_HERE" +GLOBAL_INJECTED_NEXUS_PASSWORD = "NEXUS_PASSWORD_HERE" GLOBAL_INJECTED_NEXUS_REPO = "https://nexus.onap.org/content/sites/raw" -GLOBAL_INJECTED_NEXUS_USERNAME = "docker" +GLOBAL_INJECTED_NEXUS_USERNAME = "NEXUS_USERNAME_HERE" GLOBAL_INJECTED_OPENO_IP_ADDR = "msb-iag.onap-msb" GLOBAL_INJECTED_OPENSTACK_PASSWORD = "OPENSTACK_PASSWORD_HERE" GLOBAL_INJECTED_OPENSTACK_TENANT_ID = "OPENSTACK_TENANT_ID_HERE" @@ -28,9 +26,9 @@ GLOBAL_INJECTED_POLICY_HEALTHCHECK_IP_ADDR = "drools.onap-policy" GLOBAL_INJECTED_PORTAL_IP_ADDR = "portalapps.onap-portal" GLOBAL_INJECTED_REGION = "OPENSTACK_REGION_HERE" GLOBAL_INJECTED_REMOTE_REPO = "http://gerrit.onap.org/r/testsuite/properties.git" -GLOBAL_INJECTED_SDC_IP_ADDR = "sdc-be.onap-sdc" GLOBAL_INJECTED_SDC_FE_IP_ADDR = "sdc-fe.onap-sdc" GLOBAL_INJECTED_SDC_BE_IP_ADDR = "sdc-be.onap-sdc" +GLOBAL_INJECTED_SDC_IP_ADDR = "sdc-be.onap-sdc" GLOBAL_INJECTED_SDNC_IP_ADDR = "sdnhost.onap-sdnc" GLOBAL_INJECTED_SDNC_PORTAL_IP_ADDR = "sdnc-portal.onap-sdnc" GLOBAL_INJECTED_SO_IP_ADDR = "mso.onap-mso" @@ -38,25 +36,28 @@ GLOBAL_INJECTED_VID_IP_ADDR = "vid-server.onap-vid" GLOBAL_INJECTED_VM_FLAVOR = "OPENSTACK_FLAVOUR_MEDIUM_HERE" GLOBAL_INJECTED_VM_IMAGE_NAME = "UBUNTU_14_IMAGE_NAME_HERE" GLOBAL_INJECTED_PUBLIC_NET_ID = "OPENSTACK_PUBLIC_NET_ID_HERE" +GLOBAL_INJECTED_SCRIPT_VERSION = "1.1.1" GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_AAI1_IP_ADDR" : "aai-service.onap-aai", + "GLOBAL_INJECTED_AAI2_IP_ADDR" : "N/A", "GLOBAL_INJECTED_APPC_IP_ADDR" : "sdnhost.onap-appc", - "GLOBAL_INJECTED_ARTIFACTS_VERSION" : "1.1.0-SNAPSHOT", + "GLOBAL_INJECTED_ARTIFACTS_VERSION" : "DEMO_ARTIFACTS_VERSION_HERE", "GLOBAL_INJECTED_CLAMP_IP_ADDR" : "clamp.onap-clamp", "GLOBAL_INJECTED_CLOUD_ENV" : "openstack", - "GLOBAL_INJECTED_DCAE_IP_ADDR" : "dcae-controller.onap-dcae", - "GLOBAL_INJECTED_DNS_IP_ADDR" : "10.0.100.1", - "GLOBAL_INJECTED_DOCKER_VERSION" : "1.1-STAGING-latest", - "GLOBAL_INJECTED_GERRIT_BRANCH" : "master", + "GLOBAL_INJECTED_DCAE_IP_ADDR" : "DCAE_CONTROLLER_IP_HERE", + "GLOBAL_INJECTED_DNS_IP_ADDR" : "DNS_IP_ADDR_HERE", + "GLOBAL_INJECTED_EXTERNAL_DNS" : "EXTERNAL_DNS_HERE", + "GLOBAL_INJECTED_DOCKER_VERSION" : "DCAE_DOCKER_VERSION_HERE", + "GLOBAL_INJECTED_GERRIT_BRANCH" : "amsterdam", "GLOBAL_INJECTED_KEYSTONE" : "OPENSTACK_KEYSTONE_IP_HERE", "GLOBAL_INJECTED_MR_IP_ADDR" : "dmaap.onap-message-router", "GLOBAL_INJECTED_MSO_IP_ADDR" : "mso.onap-mso", "GLOBAL_INJECTED_NETWORK" : "OPENSTACK_NETWORK_ID_WITH_ONAP_ROUTE_HERE", - "GLOBAL_INJECTED_NEXUS_DOCKER_REPO" : "nexus3.onap.org:10001", - "GLOBAL_INJECTED_NEXUS_PASSWORD" : "docker", + "GLOBAL_INJECTED_NEXUS_DOCKER_REPO" : "NEXUS_DOCKER_REPO_HERE", + "GLOBAL_INJECTED_NEXUS_PASSWORD" : "NEXUS_PASSWORD_HERE", "GLOBAL_INJECTED_NEXUS_REPO" : "https://nexus.onap.org/content/sites/raw", - "GLOBAL_INJECTED_NEXUS_USERNAME" : "docker", + "GLOBAL_INJECTED_NEXUS_USERNAME" : "NEXUS_USERNAME_HERE", "GLOBAL_INJECTED_OPENO_IP_ADDR" : "msb-iag.onap-msb", "GLOBAL_INJECTED_OPENSTACK_PASSWORD" : "OPENSTACK_PASSWORD_HERE", "GLOBAL_INJECTED_OPENSTACK_TENANT_ID" : "OPENSTACK_TENANT_ID_HERE", @@ -68,6 +69,8 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_REMOTE_REPO" : "http://gerrit.onap.org/r/testsuite/properties.git", "GLOBAL_INJECTED_SDC_FE_IP_ADDR" : "sdc-fe.onap-sdc", "GLOBAL_INJECTED_SDC_BE_IP_ADDR" : "sdc-be.onap-sdc", + "GLOBAL_INJECTED_SDC_IP_ADDR" : "sdc-be.onap-sdc", + "GLOBAL_INJECTED_SCRIPT_VERSION" : "1.1.1", "GLOBAL_INJECTED_SDNC_IP_ADDR" : "sdnhost.onap-sdnc", "GLOBAL_INJECTED_SDNC_PORTAL_IP_ADDR" : "sdnc-portal.onap-sdnc", "GLOBAL_INJECTED_SO_IP_ADDR" : "mso.onap-mso", @@ -75,4 +78,4 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_VM_FLAVOR" : "OPENSTACK_FLAVOUR_MEDIUM_HERE", "GLOBAL_INJECTED_VM_IMAGE_NAME" : "UBUNTU_14_IMAGE_NAME_HERE", "GLOBAL_INJECTED_PUBLIC_NET_ID" : "OPENSTACK_PUBLIC_NET_ID_HERE" -} +} \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/sdc/environments/AUTO.json b/kubernetes/config/docker/init/src/config/sdc/environments/AUTO.json index 5d6eaef94e..8f60c92803 100755 --- a/kubernetes/config/docker/init/src/config/sdc/environments/AUTO.json +++ b/kubernetes/config/docker/init/src/config/sdc/environments/AUTO.json @@ -18,7 +18,7 @@ }, "ECompP": { "ecomp_rest_url": "http://portalapps.onap-portal:8989/ONAPPORTAL/auxapi", - "ueb_url_list": "dmaap.onap-message-router, dmaap.onap-message-router", + "ueb_url_list": "UEB_ADDR_IP_COMMA_SEPERATE_HERE", "app_secret": "XftIATw9Jr3VzAcPqt3NnJOu", "app_key": "x9UfO7JsDn8BESVX", "inbox_name": "ECOMP-PORTAL-INBOX", @@ -29,7 +29,7 @@ "UEB": { "PublicKey": "iPIxkpAMI8qTcQj8", "SecretKey": "Ehq3WyT4bkif4zwgEbvshGal", - "fqdn": ["dmaap.onap-message-router", "dmaap.onap-message-router"] + "fqdn": ["UEB_ADDR_IP_COMMA_AND_QUOTE_SEPERATED_HERE"] }, "Nodes": { "CS": "sdc-cs.onap-sdc", diff --git a/kubernetes/config/onap-parameters-sample.yaml b/kubernetes/config/onap-parameters-sample.yaml index 51d5138c4c..8f9f422b51 100644 --- a/kubernetes/config/onap-parameters-sample.yaml +++ b/kubernetes/config/onap-parameters-sample.yaml @@ -1,15 +1,106 @@ -OPENSTACK_UBUNTU_14_IMAGE: "Ubuntu_14.04.5_LTS" -OPENSTACK_PUBLIC_NET_ID: "e8f51956-00dd-4425-af36-045716781ffc" -OPENSTACK_OAM_NETWORK_ID: "d4769dfb-c9e4-4f72-b3d6-1d18f4ac4ee6" -OPENSTACK_OAM_SUBNET_ID: "191f7580-acf6-4c2b-8ec0-ba7d99b3bc4e" -OPENSTACK_OAM_NETWORK_CIDR: "192.168.30.0/24" -OPENSTACK_USERNAME: "vnf_user" -OPENSTACK_API_KEY: "vnf_password" -OPENSTACK_TENANT_NAME: "vnfs" -OPENSTACK_TENANT_ID: "47899782ed714295b1151681fdfd51f5" +# For information regarding those parameters, please visit http://onap.readthedocs.io/en/latest/submodules/dcaegen2.git/docs/sections/installation_heat.html + +################# +# COMMON CONFIG # +################# + +# NEXUS +NEXUS_HTTP_REPO: https://nexus.onap.org/content/sites/raw +NEXUS_DOCKER_REPO: nexus3.onap.org:10001 +NEXUS_USERNAME: docker +NEXUS_PASSWORD: docker + +# Networking +OPENSTACK_PUBLIC_NET_ID: "af6880a2-3173-430a-aaa2-6229df57ee15" +OPENSTACK_PUBLIC_NET_NAME: "vlan200_net_ext" +# Could be reduced, it needs 15 IPs for DCAE VMs +OPENSTACK_OAM_NETWORK_CIDR: "10.0.0.0/16" + +# Authentication +OPENSTACK_USERNAME: "nso" +OPENSTACK_API_KEY: "Password123" +OPENSTACK_TENANT_NAME: "nso-rancher" +OPENSTACK_TENANT_ID: "5c59f02201d54aa89af1f2207f7be2c1" OPENSTACK_REGION: "RegionOne" -OPENSTACK_KEYSTONE_URL: "http://1.2.3.4:5000" -OPENSTACK_FLAVOUR_MEDIUM: "m1.medium" +# Either v2.0 or v3 +OPENSTACK_API_VERSION: "v2.0" +OPENSTACK_KEYSTONE_URL: "http://10.195.194.216:5000" OPENSTACK_SERVICE_TENANT_NAME: "service" + +# Flavors's name +OPENSTACK_FLAVOUR_SMALL: "m1.small" +OPENSTACK_FLAVOUR_MEDIUM: "m1.medium" +OPENSTACK_FLAVOUR_LARGE: "m1.large" + +# Images' name +OPENSTACK_UBUNTU_14_IMAGE: "trusty" +OPENSTACK_UBUNTU_16_IMAGE: "xenial" +OPENSTACK_CENTOS_7_IMAGE: "centos-7" + +# ONAP config +# Do not change unless you know what you're doing DMAAP_TOPIC: "AUTO" -DEMO_ARTIFACTS_VERSION: "1.1.0-SNAPSHOT" +DEMO_ARTIFACTS_VERSION: "1.1.1" + + +######## +# DCAE # +######## + +# Whether or not to deploy DCAE +# If set to false, all the parameters bellow can be left empty or removed +# If set to false, update ../dcaegen2/values.yaml disableDcae value to true, +# this is to avoid deploying the DCAE deployments and services. +DEPLOY_DCAE: "true" + +DCAE_IP_ADDR: "10.0.4.1" + +# Config +# Do not change unless you know what you're doing +DCAE_DOCKER_VERSION: v1.1.1 +DCAE_VM_BASE_NAME: "dcae" + +# Can be the same as OPENSTACK_KEYSTONE_URL/OPENSTACK_API_VERSION +DCAE_KEYSTONE_URL: "http://10.195.194.216:5000/v2.0" + +# The private key needs to be in a specific format so it's formatted properly +# when ending up in the DCAE HEAT stack. The best way is to do the following: +# - copy paste your key +# - surround it with quote +# - add \n at the end of each line +# - escape the result using https://www.freeformatter.com/java-dotnet-escape.html#ad-output +OPENSTACK_KEY_NAME: "onap_key" +OPENSTACK_PUB_KEY: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7G5MqLJvkchuD/YGS/lUlTXXkPqdBLz8AhF/Dosln4YpVg9oD2X2fH2Nxs6Gz0wjB6w1pIqQm7ypz3kk2920PiRV2W1L0/mTF/9Wmi9ReVJzkC6VoBxL20MhRi0dx/Wxg4vmbAT4NGk+8ufqA45oFB6l0bQIdtmjzZH/WZFVB+rc1CtX6Ia0hrMyeLbzLM7IzLdVeb411hxumsQ1N0L4dQWY0E1SeynS2azQNU61Kbxjmm4b89Kw/y9iNW9GdFUodOFWbhK8XU/duSLS+NpoQ/kPJXuBzgPFCy6B7DCJhqZ20j0oXGPqZzXcKApZUJdgeLGML3q4DyiNkXAP4okaN Generated-by-Nova" +OPENSTACK_PRIVATE_KEY: \"-----BEGIN RSA PRIVATE KEY-----\\n\r\nMIIEpQIBAAKCAQEAuxuTKiyb5HIbg/2Bkv5VJU115D6nQS8/AIRfw6LJZ+GKVYPa\\n\r\nA9l9nx9jcbOhs9MIwesNaSKkJu8qc95JNvdtD4kVdltS9P5kxf/VpovUXlSc5Aul\\n\r\naAcS9tDIUYtHcf1sYOL5mwE+DRpPvLn6gOOaBQepdG0CHbZo82R/1mRVQfq3NQrV\\n\r\n+iGtIazMni28yzOyMy3VXm+NdYcbprENTdC+HUFmNBNUnsp0tms0DVOtSm8Y5puG\\n\r\n/PSsP8vYjVvRnRVKHThVm4SvF1P3bki0vjaaEP5DyV7gc4DxQsugewwiYamdtI9K\\n\r\nFxj6mc13CgKWVCXYHixjC96uA8ojZFwD+KJGjQIDAQABAoIBAG5sLqTEINhoMy7p\\n\r\nLFAowu050qp6A1En5eGTPcUCTCR/aZlgMAj3kPiYmKKgpXyvvcpbwtVaOVA083Pg\\n\r\nKotC6F0zxLPN355wh96GRnt8qD9nZhP7f4luK1X4D1B4hxiRvCVNros453rqHUa+\\n\r\n50SrjdkMFYh9ULNiVHvXws4u9lXx81K+M+FzIcf5GT8Cm9PSG0JiwGG2rmwv++fp\\n\r\nJDH3Z2k+B940ox6RLvoh68CXNYolSnWQ/GI0+o1nv2uncRE9wuAhnVN4JmvWw/zR\\n\r\nqA7k305LgfbeJrma6dE4GOZo5cVbUcVKTD+rilCE13DCYx0yCEhxmDBMizNb83nH\\n\r\nge5AXI0CgYEA3oRVKnTBUSLrLK0ft5LJRz91aaxMUemzCqoQBpM7kaaGSf+gg2Z7\\n\r\nBTRp4fyLrYKyXACZGAXjhw2SVsTjntVACA+pIJQNim4vUNo03hcDVraxUMggvsJx\\n\r\nSKnwDe4zpGbIo7VEJVBgUhWccHKbBo0dB26VOic8xtUI/pDWeR9ryEMCgYEA10M6\\n\r\nrgFhvb4fleS0bzMe+Yv7YsbvEWeHDEgO060n050eIpcvrDtpnc4ag1BFKy9MSqnY\\n\r\n4VUIjIWI9i5Gq7rwxahduJfH/MgjagLtSmvIXA2uYni7unOKarqq75Nko9NG93b7\\n\r\np0nRKxFMm2hCVL7/gy6KzEuLkUhtok8+HOc3cO8CgYEAt/Fs9cvOguP6xNPYhEgz\\n\r\nW1J6HQDxlkU6XHZ5CPZtJ9og6MsIRZdR2tuZK9c5IBYKm0NjSxiTHfF6J4BbKdHf\\n\r\nPMq1ZNj+2JB9TLkVOwKLIAOmUMEfUJIsU4UnjFx9FEpjUfFmg/INrc1vpQUYYjIE\\n\r\n7T/c3FXTSAqThNz2buoqj0ECgYEAx9TiWXxw5vrjSXw5wG0dmR3I7aatcmPAK7eN\\n\r\nBBZfvYPC4Oum1uWEo3kchcBzpaZP1ZQdAPm2aPTh8198PZnaQDOPZXiJr/F/Zr92\\n\r\n1zp9km8k7scTxv/RhEjrvGIA8FCHNd1fuqm9IpT5n99GjHOOsZH4SbTryKALHr0f\\n\r\ndSd0AUMCgYEAi36u1D0Ht40WgGHp+T8AVaYHnXvx+IlH2EXqMDwwv0aINOcHfsUG\\n\r\nG7OrxyJAVaEgwtxgskS7LLp9ANvccyI+F9KLZbBoe2aYcCHjWdtvnc9bJUUs+ERk\\n\r\nJpJwR9NyQ5iObsnAEebILOLP+4yLGAxBz18ZvTRrSz1To456+EO+E+k=\\n\r\n-----END RSA PRIVATE KEY-----\\n\" + + +# This settings allows one to configure the /etc/resolv.conf nameserver resolution for all the DCAE VMs. +# - +# In the HEAT setup, it's meant to be a list, as the HEAT setup deploys a DNS Server VM in addition to DNS Designate +# and this DNS Server is setup to forward request to the DNS Designate backend when it cannot resolve, hence the +# DNS_FORWARDER config here. The DCAE Boostrap requires both inputs, even though they are now similar, we have to pass +# them. +# - +# ATTENTION: Assumption is made the DNS Designate backend is configure to forward request to a public DNS (e.g. 8.8.8.8) +# - +# Put the IP of the DNS Designate backend (e.g. the OpenStack IP supporting DNS Designate) +DNS_LIST : "10.195.194.16" +DNS_FORWARDER: "10.195.194.16" + +# Do not change - Public DNS - not used but required by the DCAE boostrap container +EXTERNAL_DNS: "8.8.8.8" + +# Proxy DNS Designate is only supportted for windriver-multicloud adapter (limitation from DCAE) +# Set to true if you wish to use it (e.g. Integration lab) +DNSAAS_PROXY_ENABLE: "false" + +# Possibility to have DNS Designate installed in another OpenStack, if not, provide the same values +# as the OPENSTACK_* ones above. +DNSAAS_REGION: "RegionOne" +DNSAAS_KEYSTONE_URL: "http://10.195.194.216:5000/v2.0" +DNSAAS_TENANT_NAME: "nso-rancher" +DNSAAS_USERNAME: "nso" +DNSAAS_PASSWORD: "Password123" + +# DNS domain for the DCAE VMs +DCAE_DOMAIN: "dcaeg2.onap.org" diff --git a/kubernetes/config/onap-parameters.yaml b/kubernetes/config/onap-parameters.yaml index 6f84d0f354..11813fff50 100644 --- a/kubernetes/config/onap-parameters.yaml +++ b/kubernetes/config/onap-parameters.yaml @@ -1,15 +1,106 @@ -OPENSTACK_UBUNTU_14_IMAGE: "" +# For information regarding those parameters, please visit http://onap.readthedocs.io/en/latest/submodules/dcaegen2.git/docs/sections/installation_heat.html + +################# +# COMMON CONFIG # +################# + +# NEXUS +NEXUS_HTTP_REPO: https://nexus.onap.org/content/sites/raw +NEXUS_DOCKER_REPO: nexus3.onap.org:10001 +NEXUS_USERNAME: docker +NEXUS_PASSWORD: docker + +# Networking OPENSTACK_PUBLIC_NET_ID: "" -OPENSTACK_OAM_NETWORK_ID: "" -OPENSTACK_OAM_SUBNET_ID: "" +OPENSTACK_PUBLIC_NET_NAME: "" +# Could be reduced, it needs 15 IPs for DCAE VMs OPENSTACK_OAM_NETWORK_CIDR: "" + +# Authentication OPENSTACK_USERNAME: "" OPENSTACK_API_KEY: "" OPENSTACK_TENANT_NAME: "" OPENSTACK_TENANT_ID: "" OPENSTACK_REGION: "" +# Either v2.0 or v3 +OPENSTACK_API_VERSION: "" OPENSTACK_KEYSTONE_URL: "" -OPENSTACK_FLAVOUR_MEDIUM: "" -OPENSTACK_SERVICE_TENANT_NAME: "" -DMAAP_TOPIC: "" -DEMO_ARTIFACTS_VERSION: "" \ No newline at end of file +OPENSTACK_SERVICE_TENANT_NAME: "service" + +# Flavors's name +OPENSTACK_FLAVOUR_SMALL: "m1.small" +OPENSTACK_FLAVOUR_MEDIUM: "m1.medium" +OPENSTACK_FLAVOUR_LARGE: "m1.large" + +# Images' name +OPENSTACK_UBUNTU_14_IMAGE: "trusty" +OPENSTACK_UBUNTU_16_IMAGE: "xenial" +OPENSTACK_CENTOS_7_IMAGE: "centos-7" + +# ONAP config +# Do not change unless you know what you're doing +DMAAP_TOPIC: "AUTO" +DEMO_ARTIFACTS_VERSION: "1.1.1" + + +######## +# DCAE # +######## + +# Whether or not to deploy DCAE +# If set to false, all the parameters bellow can be left empty or removed +# If set to false, update ../dcaegen2/values.yaml disableDcae value to true, +# this is to avoid deploying the DCAE deployments and services. +DEPLOY_DCAE: "true" + + +# Config +# Do not change unless you know what you're doing +DCAE_DOCKER_VERSION: v1.1.1 +DCAE_VM_BASE_NAME: "dcae" +DCAE_IP_ADDR: "10.0.4.1" + +# Can be the same as OPENSTACK_KEYSTONE_URL/OPENSTACK_API_VERSION +DCAE_KEYSTONE_URL: "" + +# The private key needs to be in a specific format so it's formatted properly +# when ending up in the DCAE HEAT stack. The best way is to do the following: +# - copy paste your key +# - surround it with quote +# - add \n at the end of each line +# - escape the result using https://www.freeformatter.com/java-dotnet-escape.html#ad-output +OPENSTACK_KEY_NAME: "onap_key" +OPENSTACK_PUB_KEY: "" +OPENSTACK_PRIVATE_KEY: "" + + +# This settings allows one to configure the /etc/resolv.conf nameserver resolution for all the DCAE VMs. +# - +# In the HEAT setup, it's meant to be a list, as the HEAT setup deploys a DNS Server VM in addition to DNS Designate +# and this DNS Server is setup to forward request to the DNS Designate backend when it cannot resolve, hence the +# DNS_FORWARDER config here. The DCAE Boostrap requires both inputs, even though they are now similar, we have to pass +# them. +# - +# ATTENTION: Assumption is made the DNS Designate backend is configure to forward request to a public DNS (e.g. 8.8.8.8) +# - +# Put the IP of the DNS Designate backend (e.g. the OpenStack IP supporting DNS Designate) +DNS_LIST : "" +DNS_FORWARDER: "" + +# Do not change - Public DNS - not used but required by the DCAE boostrap container +EXTERNAL_DNS: "8.8.8.8" + +# Proxy DNS Designate is only supportted for windriver-multicloud adapter (limitation from DCAE) +# Set to true if you wish to use it (e.g. Integration lab) +DNSAAS_PROXY_ENABLE: "false" + +# Possibility to have DNS Designate installed in another OpenStack, if not, provide the same values +# as the OPENSTACK_* ones above. +DNSAAS_REGION: "" +DNSAAS_KEYSTONE_URL: "" +DNSAAS_TENANT_NAME: "n" +DNSAAS_USERNAME: "" +DNSAAS_PASSWORD: "" + +# DNS domain for the DCAE VMs +DCAE_DOMAIN: "dcaeg2.onap.org" diff --git a/kubernetes/dcaegen2/dcae-parameters-sample.yaml b/kubernetes/dcaegen2/dcae-parameters-sample.yaml deleted file mode 100644 index 1d6c63d8bb..0000000000 --- a/kubernetes/dcaegen2/dcae-parameters-sample.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# UUID of the OpenStack"s CentOS 7 cloud VM image -# If your Openstack does not have a CentOS 7 cloud image, you will have to add one. -centos7image_id: '52d4ea09-cc69-4a9a-9961-938a3282d209' -# UUID of the OpenStack"s Ubuntu 16.04 VM image -# If your Openstack does not have a buntu 16.04 cloud image, you will have to add one. -ubuntu1604image_id: '97bbe637-5d42-419a-a2c7-beff33ffa23c' -# ID of the OpenStack"s VM flavor to be used by DCAEGEN2 VMs (m1.medium/m1.large) -flavor_id: '4' -# UUID of the OpenStack"s security group to be used for DCAEGEN2 VMs -security_group: 'abc0687d-34ab-4d37-8fe8-4b544d94ba71' -# The name of the OpenStack network where public IP addresses and floating IPs are allocated from -# This must use the name and not the UUID. The name must be unique otherwise the installer fails -public_net: 'public' -# The name of the OpenStack network where private IP addresses are allocated from -private_net: 'onap_oam' -# Group header for OpenStack Keystone parameters -openstack: - # User name - username: 'dev' - # Password - password: 'dev' - # Name of the OpenStack tenant/project where DCAEGEN2 VMs are deployed - tenant_name: 'dev' - # Openstack authentication API URL, for example 'https://horizon.playground.onap.org:5000/v2.0' - auth_url: 'http://1.2.3.4:5000/v2.0' - # Name of the OpenStack region where DCAEGEN2 VMs are deployed, for example 'RegionOne' - region: 'RegionOne' -# Name of the public key uploaded to OpenStack in the Prepration step -keypair: 'dcae-g2' -# Path to the private key within the conatiner (!! Do not change!!) -key_filename: '/opt/dcae/key' -# Prefix (location code) of all DCAEGEN2 VMs -location_prefix: 'onapr1' -# Domain name of the OpenStack tenant 'onapr1.playground.onap.org' -location_domain: 'onap-dcaegen2' -# Location of the raw artifact repo hosting additional boot scripts called by DCAEGEN2 VMs" cloud-init, for example: 'https://nexus.onap.org/service/local/repositories/raw/content' -codesource_url: 'https://nexus.onap.org/content/sites/raw' -# Path to the boot scripts within the raw artifact repo, for example: 'org.onap.dcaegen2.deployments.scripts/releases/' -codesource_version: 'org.onap.dcaegen2.deployments/releases/scripts/' - - diff --git a/kubernetes/dcaegen2/templates/heat-bootstrap-dep.yaml b/kubernetes/dcaegen2/templates/heat-bootstrap-dep.yaml new file mode 100644 index 0000000000..194d9c47e5 --- /dev/null +++ b/kubernetes/dcaegen2/templates/heat-bootstrap-dep.yaml @@ -0,0 +1,46 @@ +#{{ if not .Values.disableDcae }} +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: heat-bootstrap + namespace: "{{ .Values.nsPrefix }}-dcaegen2" +spec: + selector: + matchLabels: + app: heat-bootstrap + template: + metadata: + labels: + app: heat-bootstrap + name: heat-bootstrap + spec: + hostname: heat-bootstrap + containers: + - command: + - /bin/bash + - ./opt/heat/entrypoint.sh + args: ["{{ .Values.nsPrefix }}"] + image: "{{ .Values.heat_bootstrap.repository }}:{{ .Values.heat_bootstrap.tag }}" + imagePullPolicy: {{ .Values.pullPolicy }} + name: "heat-bootstrap" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/heat + name: heat-bootstrap-config + - mountPath: /opt/robot + name: robot-config + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: heat-bootstrap-config + hostPath: + path: /dockerdata-nfs/{{ .Values.nsPrefix }}/dcaegen2/heat/ + - name: robot-config + hostPath: + path: /dockerdata-nfs/{{ .Values.nsPrefix }}/robot/eteshare/config/ + imagePullSecrets: + - name: "{{ .Values.nsPrefix }}-docker-registry-key" +#{{ end }} diff --git a/kubernetes/dcaegen2/templates/nginx-dep.yaml b/kubernetes/dcaegen2/templates/nginx-dep.yaml new file mode 100644 index 0000000000..7d8832cbc3 --- /dev/null +++ b/kubernetes/dcaegen2/templates/nginx-dep.yaml @@ -0,0 +1,53 @@ +#{{ if not .Values.disableDcae }} +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: nginx + namespace: "{{ .Values.nsPrefix }}-dcaegen2" +spec: + selector: + matchLabels: + app: nginx + template: + metadata: + labels: + app: nginx + name: nginx + spec: + hostname: nginx + containers: + - image: "{{ .Values.nginx.repository }}:{{ .Values.nginx.tag }}" + imagePullPolicy: {{ .Values.pullPolicy }} + name: "nginx" + ports: + - containerPort: 8443 + name: aai-service + - containerPort: 3904 + name: dmaap + - containerPort: 8443 + name: sdc-be + - containerPort: 8081 + name: pdp + - containerPort: 80 + name: msbapigw + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /etc/nginx/conf.d/ + name: nginx-config + - mountPath: /etc/certs/ + name: nginx-certs + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: nginx-config + hostPath: + path: /dockerdata-nfs/{{ .Values.nsPrefix }}/dcaegen2/nginx/config + - name: nginx-certs + hostPath: + path: /dockerdata-nfs/{{ .Values.nsPrefix }}/dcaegen2/nginx/certs + imagePullSecrets: + - name: "{{ .Values.nsPrefix }}-docker-registry-key" +#{{ end }} diff --git a/kubernetes/dcaegen2/templates/nginx-service.yaml b/kubernetes/dcaegen2/templates/nginx-service.yaml new file mode 100644 index 0000000000..68fe058f89 --- /dev/null +++ b/kubernetes/dcaegen2/templates/nginx-service.yaml @@ -0,0 +1,35 @@ +#{{ if not .Values.disableDcae }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Chart.Name }} + namespace: "{{ .Values.nsPrefix }}-dcaegen2" + labels: + app: nginx +spec: + ports: + - name: aai-service + port: 8443 + targetPort: 8443 + nodePort: 30600 + - name: dmaap + port: 3904 + targetPort: 3904 + nodePort: 30601 + - name: sdc-be + port: 8443 + targetPort: 8443 + nodePort: 30602 + - name: pdp + port: 8081 + targetPort: 8081 + nodePort: 30603 + - name: msbapigw + port: 80 + targetPort: 80 + nodePort: 30604 + selector: + app: nginx + type: LoadBalancer + externalTrafficPolicy: Local +#{{ end }} \ No newline at end of file diff --git a/kubernetes/dcaegen2/templates/pod.yaml b/kubernetes/dcaegen2/templates/pod.yaml deleted file mode 100644 index ffb3716ecf..0000000000 --- a/kubernetes/dcaegen2/templates/pod.yaml +++ /dev/null @@ -1,30 +0,0 @@ -#{{ if not .Values.disableDcaegen2 }} -apiVersion: v1 -kind: Pod -metadata: - name: {{ .Chart.Name }} - namespace: "{{ .Values.nsPrefix }}-dcaegen2" -spec: - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - volumeMounts: - - name: installer-config-mount - mountPath: /opt/app/installer/config - readOnly: true - env: - - name: LOCATION - value: "{{ .Values.location }}" - volumes: - - name: installer-config-mount - projected: - sources: - - secret: - name: "{{ .Chart.Name }}-openstack-ssh-private-key" - - configMap: - name: "{{ .Chart.Name }}-config-inputs" - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" - restartPolicy: Never -#{{ end }} \ No newline at end of file diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml index c892f69e68..d446c6be9f 100644 --- a/kubernetes/dcaegen2/values.yaml +++ b/kubernetes/dcaegen2/values.yaml @@ -1,6 +1,9 @@ nsPrefix: onap -location: dg2 -image: - repository: nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.bootstrap - tag: v1.1.0 - pullPolicy: Always \ No newline at end of file +pullPolicy: Always +disableDcae: false +nginx: + repository: nginx + tag: stable +heat_bootstrap: + repository: ubuntu + tag: xenial \ No newline at end of file diff --git a/kubernetes/oneclick/createAll.bash b/kubernetes/oneclick/createAll.bash index 72d852ded6..4a6ab0065c 100755 --- a/kubernetes/oneclick/createAll.bash +++ b/kubernetes/oneclick/createAll.bash @@ -44,45 +44,11 @@ create_registry_key() { check_return_code $cmd } -configure_dcaegen2() { - if [ ! -s "$OPENSTACK_PRIVATE_KEY_PATH" ] - then - echo "ERROR: $OPENSTACK_PRIVATE_KEY_PATH does not exist or is empty. Cannot launch dcae gen2." - return 1 - fi - - cmd=`echo kubectl --namespace $1-$2 create secret generic $2-openstack-ssh-private-key --from-file=key=${OPENSTACK_PRIVATE_KEY_PATH}` - eval ${cmd} - check_return_code $cmd - - if [ ! -s "$DCAEGEN2_CONFIG_INPUT_FILE_PATH" ] - then - echo "ERROR: $DCAEGEN2_CONFIG_INPUT_FILE_PATH does not exist or is empty. Cannot launch dcae gen2." - return 1 - fi - - cmd=`echo kubectl --namespace $1-$2 create configmap $2-config-inputs --from-file=inputs.yaml=${DCAEGEN2_CONFIG_INPUT_FILE_PATH}` - eval ${cmd} - check_return_code $cmd -} - create_onap_helm() { HELM_VALUES_ADDITION="" if [[ ! -z $HELM_VALUES_FILEPATH ]]; then HELM_VALUES_ADDITION="--values=$HELM_VALUES_FILEPATH" fi - # Have to put a check for dcaegen2 because it requires external files to helm - # which should not be part of the Chart. - if [ "$2" = "dcaegen2" ]; - then - configure_dcaegen2 $1 $2 - local result=$? - if [ $result -ne 0 ] - then - echo "ERROR: dcaegen2 failed to configure: Pre-requisites not met. Skipping deploying it and continue" - return - fi - fi cmd=`echo helm install $LOCATION/$2/ --name $1-$2 --namespace $1 --set nsPrefix=$1,nodePortPrefix=$3 ${HELM_VALUES_ADDITION}` eval ${cmd} -- cgit 1.2.3-korg