From 0fb3b8f4d48a066259b8a9ea2a18d68d7644f8e5 Mon Sep 17 00:00:00 2001 From: efiacor Date: Fri, 28 Oct 2022 15:29:26 +0100 Subject: [RDT] Refactoring RTD Major refactor Moved some old docs etc to archived dir Added sub section for guides Added section for deployment options etc Signed-off-by: efiacor Change-Id: I5832c7a94d58c3110655f0c676a5f2a19172dc68 Issue-ID: OOM-3028 --- .../guides/access_guides/oom_access_info.rst | 21 + .../guides/access_guides/oom_ingress_access.rst | 18 + .../deployment_guides/oom_customize_overrides.rst | 48 ++ .../guides/deployment_guides/oom_deployment.rst | 42 ++ .../oom_dev_testing_local_deploy.rst | 87 +++ .../oom_helm_release_repo_deploy.rst | 44 ++ .../oom_helm_testing_repo_deploy.rst | 46 ++ .../oom_dev_config_management.rst | 444 ++++++++++++++ .../oom_dev_container_orchestration.rst | 366 ++++++++++++ .../development_guides/oom_dev_helm_chart_info.rst | 172 ++++++ .../guides/development_guides/oom_development.rst | 64 ++ .../guides/infra_guides/oom_base_config_setup.rst | 187 ++++++ .../infra_guides/oom_base_optional_addons.rst | 41 ++ .../guides/infra_guides/oom_infra_setup.rst | 72 +++ .../infra_guides/oom_setup_ingress_controller.rst | 176 ++++++ .../sections/guides/user_guides/oom_user_guide.rst | 651 +++++++++++++++++++++ docs/sections/oom_project_description.rst | 106 ++++ .../release_notes/release-notes-amsterdam.rst | 75 +++ .../release_notes/release-notes-beijing.rst | 427 ++++++++++++++ .../release_notes/release-notes-casablanca.rst | 78 +++ .../release_notes/release-notes-dublin.rst | 83 +++ .../release_notes/release-notes-elalto.rst | 84 +++ .../release_notes/release-notes-frankfurt.rst | 152 +++++ .../release_notes/release-notes-guilin.rst | 142 +++++ .../release_notes/release-notes-honolulu.rst | 155 +++++ .../release_notes/release-notes-isntanbul.rst | 124 ++++ .../release_notes/release-notes-jakarta.rst | 124 ++++ docs/sections/release_notes/release-notes.rst | 130 ++++ docs/sections/resources/helm/helm-search.txt | 42 ++ .../resources/images/consul/consulHealth.png | Bin 0 -> 301016 bytes .../resources/images/k8s/kubernetes_objects.png | Bin 0 -> 41593 bytes .../resources/images/msb/MSB-OOM-Diagram.png | Bin 0 -> 77338 bytes .../images/oom_logo/oomLogoV2-Configure.png | Bin 0 -> 50668 bytes .../resources/images/oom_logo/oomLogoV2-Delete.png | Bin 0 -> 48038 bytes .../resources/images/oom_logo/oomLogoV2-Deploy.png | Bin 0 -> 48500 bytes .../resources/images/oom_logo/oomLogoV2-Heal.png | Bin 0 -> 48092 bytes .../images/oom_logo/oomLogoV2-Monitor.png | Bin 0 -> 50051 bytes .../resources/images/oom_logo/oomLogoV2-Scale.png | Bin 0 -> 49430 bytes .../images/oom_logo/oomLogoV2-Upgrade.png | Bin 0 -> 49259 bytes .../resources/images/oom_logo/oomLogoV2-medium.png | Bin 0 -> 31090 bytes .../resources/yaml/environments_onap_demo.yaml | 103 ++++ 41 files changed, 4304 insertions(+) create mode 100644 docs/sections/guides/access_guides/oom_access_info.rst create mode 100644 docs/sections/guides/access_guides/oom_ingress_access.rst create mode 100644 docs/sections/guides/deployment_guides/oom_customize_overrides.rst create mode 100644 docs/sections/guides/deployment_guides/oom_deployment.rst create mode 100644 docs/sections/guides/deployment_guides/oom_dev_testing_local_deploy.rst create mode 100644 docs/sections/guides/deployment_guides/oom_helm_release_repo_deploy.rst create mode 100644 docs/sections/guides/deployment_guides/oom_helm_testing_repo_deploy.rst create mode 100644 docs/sections/guides/development_guides/oom_dev_config_management.rst create mode 100644 docs/sections/guides/development_guides/oom_dev_container_orchestration.rst create mode 100644 docs/sections/guides/development_guides/oom_dev_helm_chart_info.rst create mode 100644 docs/sections/guides/development_guides/oom_development.rst create mode 100644 docs/sections/guides/infra_guides/oom_base_config_setup.rst create mode 100644 docs/sections/guides/infra_guides/oom_base_optional_addons.rst create mode 100644 docs/sections/guides/infra_guides/oom_infra_setup.rst create mode 100644 docs/sections/guides/infra_guides/oom_setup_ingress_controller.rst create mode 100644 docs/sections/guides/user_guides/oom_user_guide.rst create mode 100644 docs/sections/oom_project_description.rst create mode 100644 docs/sections/release_notes/release-notes-amsterdam.rst create mode 100644 docs/sections/release_notes/release-notes-beijing.rst create mode 100644 docs/sections/release_notes/release-notes-casablanca.rst create mode 100644 docs/sections/release_notes/release-notes-dublin.rst create mode 100644 docs/sections/release_notes/release-notes-elalto.rst create mode 100644 docs/sections/release_notes/release-notes-frankfurt.rst create mode 100644 docs/sections/release_notes/release-notes-guilin.rst create mode 100644 docs/sections/release_notes/release-notes-honolulu.rst create mode 100644 docs/sections/release_notes/release-notes-isntanbul.rst create mode 100644 docs/sections/release_notes/release-notes-jakarta.rst create mode 100644 docs/sections/release_notes/release-notes.rst create mode 100644 docs/sections/resources/helm/helm-search.txt create mode 100644 docs/sections/resources/images/consul/consulHealth.png create mode 100644 docs/sections/resources/images/k8s/kubernetes_objects.png create mode 100644 docs/sections/resources/images/msb/MSB-OOM-Diagram.png create mode 100644 docs/sections/resources/images/oom_logo/oomLogoV2-Configure.png create mode 100644 docs/sections/resources/images/oom_logo/oomLogoV2-Delete.png create mode 100644 docs/sections/resources/images/oom_logo/oomLogoV2-Deploy.png create mode 100644 docs/sections/resources/images/oom_logo/oomLogoV2-Heal.png create mode 100644 docs/sections/resources/images/oom_logo/oomLogoV2-Monitor.png create mode 100644 docs/sections/resources/images/oom_logo/oomLogoV2-Scale.png create mode 100644 docs/sections/resources/images/oom_logo/oomLogoV2-Upgrade.png create mode 100644 docs/sections/resources/images/oom_logo/oomLogoV2-medium.png create mode 100644 docs/sections/resources/yaml/environments_onap_demo.yaml (limited to 'docs/sections') diff --git a/docs/sections/guides/access_guides/oom_access_info.rst b/docs/sections/guides/access_guides/oom_access_info.rst new file mode 100644 index 0000000000..2e779105f2 --- /dev/null +++ b/docs/sections/guides/access_guides/oom_access_info.rst @@ -0,0 +1,21 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. _oom_access_info_guide: + +OOM Access Info +--------------- + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-medium.png + :align: right + +Some relevant information regarding accessing OOM from outside the cluster etc + + +.. toctree:: + :maxdepth: 1 + + oom_ingress_access.rst + diff --git a/docs/sections/guides/access_guides/oom_ingress_access.rst b/docs/sections/guides/access_guides/oom_ingress_access.rst new file mode 100644 index 0000000000..0c64375098 --- /dev/null +++ b/docs/sections/guides/access_guides/oom_ingress_access.rst @@ -0,0 +1,18 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. Links + + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-medium.png + :align: right + +.. _oom_ingress_access: + + +Ingress access to OOM +##################### + +TBD diff --git a/docs/sections/guides/deployment_guides/oom_customize_overrides.rst b/docs/sections/guides/deployment_guides/oom_customize_overrides.rst new file mode 100644 index 0000000000..3acb8b6ee6 --- /dev/null +++ b/docs/sections/guides/deployment_guides/oom_customize_overrides.rst @@ -0,0 +1,48 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. Links +.. _helm deploy: https://github.com/onap/oom/blob/master/kubernetes/helm/plugins/deploy/deploy.sh + +.. _oom_customize_overrides: + +OOM Custom Overrides +#################### + +The OOM `helm deploy`_ plugin requires deployment configuration as input, usually in the form of override yaml files. +These input files determine what ONAP components get deployed, and the configuration of the OOM deployment. + +Other helm config options like `--set log.enabled=true|false` are available. + +See the `helm deploy`_ plugin usage section for more detail, or it the plugin has already been installed, execute the following:: + + > helm deploy --help + +Users can customize the override files to suit their required deployment. + +.. note:: + Standard and example override files (e.g. `onap-all.yaml`, `onap-all-ingress-istio.yaml`) + can be found in the `oom/kubernetes/onap/resources/overrides/` directory. + + * Users can selectively enable or disable ONAP components by changing the ``enabled: true/false`` flags. + + * Add to the command line a value for the global master password (ie. --set global.masterPassword=My_superPassw0rd). + + +Enabling/Disabling Components +----------------------------- +Here is an example of the nominal entries that need to be provided. +Different values files are available for different contexts. + +.. collapse:: Default ONAP values.yaml + + .. include:: ../../../../kubernetes/onap/values.yaml + :code: yaml + +| + +Some other heading +------------------ +adva \ No newline at end of file diff --git a/docs/sections/guides/deployment_guides/oom_deployment.rst b/docs/sections/guides/deployment_guides/oom_deployment.rst new file mode 100644 index 0000000000..110736939e --- /dev/null +++ b/docs/sections/guides/deployment_guides/oom_deployment.rst @@ -0,0 +1,42 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. Links +.. _ONAP Release Long Term Roadmap: https://wiki.onap.org/display/DW/Long+Term+Roadmap + +.. _oom_deploy_guide: + +OOM Deployment Guide +-------------------- + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-medium.png + :align: right + +ONAP OOM supports several options for the deployment of ONAP using it's helm charts. + + * :ref:`oom_helm_release_repo_deploy` + * :ref:`oom_helm_testing_repo_deploy` + * :ref:`oom_dev_testing_local_deploy` + +.. warning:: + | **Pre-requisites** + | The following sections must be completed before continuing with deployment: + + | :ref:`Set up your base platform` + + +Each deployment method can be customized to deploy a subset of ONAP component applications. +See the :ref:`oom_customize_overrides` section for more details. + + +.. toctree:: + :hidden: + + oom_customize_overrides.rst + oom_helm_release_repo_deploy.rst + oom_helm_testing_repo_deploy.rst + oom_dev_testing_local_deploy.rst + + diff --git a/docs/sections/guides/deployment_guides/oom_dev_testing_local_deploy.rst b/docs/sections/guides/deployment_guides/oom_dev_testing_local_deploy.rst new file mode 100644 index 0000000000..50701dd597 --- /dev/null +++ b/docs/sections/guides/deployment_guides/oom_dev_testing_local_deploy.rst @@ -0,0 +1,87 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. Links + +.. _oom_dev_testing_local_deploy: + +OOM Developer Testing Deployment +================================ + +Developing and testing changes to the existing OOM project can be done locally by setting up some additional +tools to host the updated helm charts. + +**Step 1.** Clone the OOM repository from ONAP gerrit:: + + > git clone http://gerrit.onap.org/r/oom + + > cd oom/kubernetes + + +**Step 2.** Install Helm Plugin required to push helm charts to local repo:: + + > helm plugin install https://github.com/chartmuseum/helm-push.git --version 0.9.0 + +.. note:: + The ``--version 0.9.0`` is required as new version of helm (3.7.0 and up) is + now using ``push`` directly and helm-push is using ``cm-push`` starting + version ``0.10.0`` and up. + +**Step 3.** Install Chartmuseum + +Chart museum is required to host the helm charts locally when deploying in a development environment:: + + > curl -LO https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum + + > chmod +x ./chartmuseum + + > mv ./chartmuseum /usr/local/bin + +**Step 4.** To setup a local Helm server to store the ONAP charts:: + + > mkdir -p ~/helm3-storage + + > chartmuseum --storage local --storage-local-rootdir ~/helm3-storage -port 8879 & + +Note the port number that is listed and use it in the Helm repo add as follows:: + + > helm repo add local http://127.0.0.1:8879 + +**Step 5.** Verify your Helm repository setup with:: + + > helm repo list + NAME URL + local http://127.0.0.1:8879 + +**Step 6.** Build a local Helm repository (from the kubernetes directory):: + + > make SKIP_LINT=TRUE [HELM_BIN=] all + +`HELM_BIN` + Sets the helm binary to be used. The default value use helm from PATH + + +**Step 7.** Display the onap charts that are available to be deployed:: + + > helm repo update + + > helm search repo local + + +.. collapse:: Helm search repo output + + .. include:: ../../resources/helm/helm-search.txt + :code: yaml + +| + +.. note:: + The setup of the Helm repository is a one time activity. If you make changes + to your deployment charts or values be sure to use ``make`` to update your + local Helm repository. + + + + diff --git a/docs/sections/guides/deployment_guides/oom_helm_release_repo_deploy.rst b/docs/sections/guides/deployment_guides/oom_helm_release_repo_deploy.rst new file mode 100644 index 0000000000..f932360e44 --- /dev/null +++ b/docs/sections/guides/deployment_guides/oom_helm_release_repo_deploy.rst @@ -0,0 +1,44 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. Links +.. _ONAP helm release repository: https://nexus3.onap.org/service/rest/repository/browse/onap-helm-release/ +.. _ONAP Release Long Term Roadmap: https://wiki.onap.org/display/DW/Long+Term+Roadmap + +.. _oom_helm_release_repo_deploy: + +OOM Helm Release Deployment +=========================== + +ONAP hosts the OOM release helm charts in it's `ONAP helm release repository`_. + +This is the officially supported repository for the deployment of OOM. + +.. note:: + ONAP supports up to N-1 releases. See `ONAP Release Long Term Roadmap`_ for more details. + +Add the OOM release repo & Deploy +--------------------------------- +Add the repository: + +- To add the onap release helm repo, execute the following:: + + > helm repo add onap-release https://nexus3.onap.org/repository/onap-helm-release/ + +.. note:: + The following helm command will deploy ONAP charts, with `all` OOM components enabled as per the onap-all.yml overrides file provided to the `-f` flag. + + To customize what applications are deployed, see the :ref:`oom_customize_overrides` section for more details, to provide your own custom overrides yaml file. + +- To deploy a release, execute the following, substituting the tag with your preferred release (ie. 11.0.0):: + + > helm deploy dev onap-release/onap --namespace onap --create-namespace --set global.masterPassword=myAwesomePasswordThatINeedToChange --version -f oom/kubernetes/onap/resources/overrides/onap-all.yaml + + + + + + + diff --git a/docs/sections/guides/deployment_guides/oom_helm_testing_repo_deploy.rst b/docs/sections/guides/deployment_guides/oom_helm_testing_repo_deploy.rst new file mode 100644 index 0000000000..a0dafcef9b --- /dev/null +++ b/docs/sections/guides/deployment_guides/oom_helm_testing_repo_deploy.rst @@ -0,0 +1,46 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. Links +.. _ONAP helm testing repository: https://nexus3.onap.org/service/rest/repository/browse/onap-helm-testing/ +.. _OOM: https://github.com/onap/oom + +.. _oom_helm_testing_repo_deploy: + +OOM Helm Testing Deployment +=========================== + +ONAP hosts the OOM `testing` helm charts in it's `ONAP helm testing repository`_. + +This is helm repo contains: + + * The `latest` charts built from the head of the `OOM`_ project's master + branch, tagged with the version number of the current development cycle (ie. 11.0.0). + + +Add the OOM testing repo & Deploy +--------------------------------- +.. note:: + The testing helm charts for earlier releases are not fully supported. Test at your own risk. + +Add the repository: + +- To add the onap testing helm repo, execute the following:: + + > helm repo add onap-testing https://nexus3.onap.org/repository/onap-helm-testing/ + +.. note:: + The following helm command will deploy ONAP charts, with `all` OOM components enabled as per the onap-all.yml overrides file provided to the `-f` flag. + + To customize what applications are deployed, see the :ref:`oom_customize_overrides` section for more details, to provide your own custom overrides yaml file. + +- To deploy the latest charts, we need to target the repo added previously:: + + > helm deploy dev onap-testing/onap --namespace onap --create-namespace --set global.masterPassword=myAwesomePasswordThatINeedToChange -f oom/kubernetes/onap/resources/overrides/onap-all.yaml + +This will deploy the latest testing version of the OOM helm charts. + + + diff --git a/docs/sections/guides/development_guides/oom_dev_config_management.rst b/docs/sections/guides/development_guides/oom_dev_config_management.rst new file mode 100644 index 0000000000..36a02dc85d --- /dev/null +++ b/docs/sections/guides/development_guides/oom_dev_config_management.rst @@ -0,0 +1,444 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2018-2020 Amdocs, Bell Canada, Orange, Samsung +.. Modification copyright (C) 2022 Nordix Foundation + +.. Links + +.. _oom_dev_config_management: + + +Configuration Management +######################## + +ONAP is a large system composed of many components - each of which are complex +systems in themselves - that needs to be deployed in a number of different +ways. For example, within a single operator's network there may be R&D +deployments under active development, pre-production versions undergoing system +testing and production systems that are operating live networks. Each of these +deployments will differ in significant ways, such as the version of the +software images deployed. In addition, there may be a number of application +specific configuration differences, such as operating system environment +variables. The following describes how the Helm configuration management +system is used within the OOM project to manage both ONAP infrastructure +configuration as well as ONAP components configuration. + +One of the artifacts that OOM/Kubernetes uses to deploy ONAP components is the +deployment specification, yet another yaml file. Within these deployment specs +are a number of parameters as shown in the following example: + +.. code-block:: yaml + + apiVersion: apps/v1 + kind: StatefulSet + metadata: + labels: + app.kubernetes.io/name: zookeeper + helm.sh/chart: zookeeper + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: onap-oof + name: onap-oof-zookeeper + namespace: onap + spec: + <...> + replicas: 3 + selector: + matchLabels: + app.kubernetes.io/name: zookeeper + app.kubernetes.io/component: server + app.kubernetes.io/instance: onap-oof + serviceName: onap-oof-zookeeper-headless + template: + metadata: + labels: + app.kubernetes.io/name: zookeeper + helm.sh/chart: zookeeper + app.kubernetes.io/component: server + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: onap-oof + spec: + <...> + affinity: + containers: + - name: zookeeper + <...> + image: gcr.io/google_samples/k8szk:v3 + imagePullPolicy: Always + <...> + ports: + - containerPort: 2181 + name: client + protocol: TCP + - containerPort: 3888 + name: election + protocol: TCP + - containerPort: 2888 + name: server + protocol: TCP + <...> + +Note that within the statefulset specification, one of the container arguments +is the key/value pair image: gcr.io/google_samples/k8szk:v3 which +specifies the version of the zookeeper software to deploy. Although the +statefulset specifications greatly simplify statefulset, maintenance of the +statefulset specifications themselves become problematic as software versions +change over time or as different versions are required for different +statefulsets. For example, if the R&D team needs to deploy a newer version of +mariadb than what is currently used in the production environment, they would +need to clone the statefulset specification and change this value. Fortunately, +this problem has been solved with the templating capabilities of Helm. + +The following example shows how the statefulset specifications are modified to +incorporate Helm templates such that key/value pairs can be defined outside of +the statefulset specifications and passed during instantiation of the component. + +.. code-block:: yaml + + apiVersion: apps/v1 + kind: StatefulSet + metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: {{- include "common.labels" . | nindent 4 }} + spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: {{- include "common.matchLabels" . | nindent 6 }} + # serviceName is only needed for StatefulSet + # put the postfix part only if you have add a postfix on the service name + serviceName: {{ include "common.servicename" . }}-{{ .Values.service.postfix }} + <...> + template: + metadata: + labels: {{- include "common.labels" . | nindent 8 }} + annotations: {{- include "common.tplValue" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} + name: {{ include "common.name" . }} + spec: + <...> + containers: + - name: {{ include "common.name" . }} + image: {{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + {{- range $index, $port := .Values.service.ports }} + - containerPort: {{ $port.port }} + name: {{ $port.name }} + {{- end }} + {{- range $index, $port := .Values.service.headlessPorts }} + - containerPort: {{ $port.port }} + name: {{ $port.name }} + {{- end }} + <...> + +This version of the statefulset specification has gone through the process of +templating values that are likely to change between statefulsets. Note that the +image is now specified as: image: {{ .Values.image }} instead of a +string used previously. During the statefulset phase, Helm (actually the Helm +sub-component Tiller) substitutes the {{ .. }} entries with a variable defined +in a values.yaml file. The content of this file is as follows: + +.. code-block:: yaml + + <...> + image: gcr.io/google_samples/k8szk:v3 + replicaCount: 3 + <...> + + +Within the values.yaml file there is an image key with the value +`gcr.io/google_samples/k8szk:v3` which is the same value used in +the non-templated version. Once all of the substitutions are complete, the +resulting statefulset specification ready to be used by Kubernetes. + +When creating a template consider the use of default values if appropriate. +Helm templating has built in support for DEFAULT values, here is +an example: + +.. code-block:: yaml + + imagePullSecrets: + - name: "{{ .Values.nsPrefix | default "onap" }}-docker-registry-key" + +The pipeline operator ("|") used here hints at that power of Helm templates in +that much like an operating system command line the pipeline operator allow +over 60 Helm functions to be embedded directly into the template (note that the +Helm template language is a superset of the Go template language). These +functions include simple string operations like upper and more complex flow +control operations like if/else. + +OOM is mainly helm templating. In order to have consistent deployment of the +different components of ONAP, some rules must be followed. + +Templates are provided in order to create Kubernetes resources (Secrets, +Ingress, Services, ...) or part of Kubernetes resources (names, labels, +resources requests and limits, ...). + +a full list and simple description is done in +`kubernetes/common/common/documentation.rst`. + +Service template +---------------- + +In order to create a Service for a component, you have to create a file (with +`service` in the name. +For normal service, just put the following line: + +.. code-block:: yaml + + {{ include "common.service" . }} + +For headless service, the line to put is the following: + +.. code-block:: yaml + + {{ include "common.headlessService" . }} + +The configuration of the service is done in component `values.yaml`: + +.. code-block:: yaml + + service: + name: NAME-OF-THE-SERVICE + postfix: MY-POSTFIX + type: NodePort + annotations: + someAnnotationsKey: value + ports: + - name: tcp-MyPort + port: 5432 + nodePort: 88 + - name: http-api + port: 8080 + nodePort: 89 + - name: https-api + port: 9443 + nodePort: 90 + +`annotations` and `postfix` keys are optional. +if `service.type` is `NodePort`, then you have to give `nodePort` value for your +service ports (which is the end of the computed nodePort, see example). + +It would render the following Service Resource (for a component named +`name-of-my-component`, with version `x.y.z`, helm deployment name +`my-deployment` and `global.nodePortPrefix` `302`): + +.. code-block:: yaml + + apiVersion: v1 + kind: Service + metadata: + annotations: + someAnnotationsKey: value + name: NAME-OF-THE-SERVICE-MY-POSTFIX + labels: + app.kubernetes.io/name: name-of-my-component + helm.sh/chart: name-of-my-component-x.y.z + app.kubernetes.io/instance: my-deployment-name-of-my-component + app.kubernetes.io/managed-by: Tiller + spec: + ports: + - port: 5432 + targetPort: tcp-MyPort + nodePort: 30288 + - port: 8080 + targetPort: http-api + nodePort: 30289 + - port: 9443 + targetPort: https-api + nodePort: 30290 + selector: + app.kubernetes.io/name: name-of-my-component + app.kubernetes.io/instance: my-deployment-name-of-my-component + type: NodePort + +In the deployment or statefulSet file, you needs to set the good labels in +order for the service to match the pods. + +here's an example to be sure it matches (for a statefulSet): + +.. code-block:: yaml + + apiVersion: apps/v1 + kind: StatefulSet + metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: {{- include "common.labels" . | nindent 4 }} + spec: + selector: + matchLabels: {{- include "common.matchLabels" . | nindent 6 }} + # serviceName is only needed for StatefulSet + # put the postfix part only if you have add a postfix on the service name + serviceName: {{ include "common.servicename" . }}-{{ .Values.service.postfix }} + <...> + template: + metadata: + labels: {{- include "common.labels" . | nindent 8 }} + annotations: {{- include "common.tplValue" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} + name: {{ include "common.name" . }} + spec: + <...> + containers: + - name: {{ include "common.name" . }} + ports: + {{- range $index, $port := .Values.service.ports }} + - containerPort: {{ $port.port }} + name: {{ $port.name }} + {{- end }} + {{- range $index, $port := .Values.service.headlessPorts }} + - containerPort: {{ $port.port }} + name: {{ $port.name }} + {{- end }} + <...> + +The configuration of the service is done in component `values.yaml`: + +.. code-block:: yaml + + service: + name: NAME-OF-THE-SERVICE + headless: + postfix: NONE + annotations: + anotherAnnotationsKey : value + publishNotReadyAddresses: true + headlessPorts: + - name: tcp-MyPort + port: 5432 + - name: http-api + port: 8080 + - name: https-api + port: 9443 + +`headless.annotations`, `headless.postfix` and +`headless.publishNotReadyAddresses` keys are optional. + +If `headless.postfix` is not set, then we'll add `-headless` at the end of the +service name. + +If it set to `NONE`, there will be not postfix. + +And if set to something, it will add `-something` at the end of the service +name. + +It would render the following Service Resource (for a component named +`name-of-my-component`, with version `x.y.z`, helm deployment name +`my-deployment` and `global.nodePortPrefix` `302`): + +.. code-block:: yaml + + apiVersion: v1 + kind: Service + metadata: + annotations: + anotherAnnotationsKey: value + name: NAME-OF-THE-SERVICE + labels: + app.kubernetes.io/name: name-of-my-component + helm.sh/chart: name-of-my-component-x.y.z + app.kubernetes.io/instance: my-deployment-name-of-my-component + app.kubernetes.io/managed-by: Tiller + spec: + clusterIP: None + ports: + - port: 5432 + targetPort: tcp-MyPort + nodePort: 30288 + - port: 8080 + targetPort: http-api + nodePort: 30289 + - port: 9443 + targetPort: https-api + nodePort: 30290 + publishNotReadyAddresses: true + selector: + app.kubernetes.io/name: name-of-my-component + app.kubernetes.io/instance: my-deployment-name-of-my-component + type: ClusterIP + +Previous example of StatefulSet would also match (except for the `postfix` part +obviously). + +Creating Deployment or StatefulSet +---------------------------------- + +Deployment and StatefulSet should use the `apps/v1` (which has appeared in +v1.9). +As seen on the service part, the following parts are mandatory: + +.. code-block:: yaml + + apiVersion: apps/v1 + kind: StatefulSet + metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: {{- include "common.labels" . | nindent 4 }} + spec: + selector: + matchLabels: {{- include "common.matchLabels" . | nindent 6 }} + # serviceName is only needed for StatefulSet + # put the postfix part only if you have add a postfix on the service name + serviceName: {{ include "common.servicename" . }}-{{ .Values.service.postfix }} + <...> + template: + metadata: + labels: {{- include "common.labels" . | nindent 8 }} + annotations: {{- include "common.tplValue" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} + name: {{ include "common.name" . }} + spec: + <...> + containers: + - name: {{ include "common.name" . }} + +Dependency Management +--------------------- +These Helm charts describe the desired state +of an ONAP deployment and instruct the Kubernetes container manager as to how +to maintain the deployment in this state. These dependencies dictate the order +in-which the containers are started for the first time such that such +dependencies are always met without arbitrary sleep times between container +startups. For example, the SDC back-end container requires the Elastic-Search, +Cassandra and Kibana containers within SDC to be ready and is also dependent on +DMaaP (or the message-router) to be ready - where ready implies the built-in +"readiness" probes succeeded - before becoming fully operational. When an +initial deployment of ONAP is requested the current state of the system is NULL +so ONAP is deployed by the Kubernetes manager as a set of Docker containers on +one or more predetermined hosts. The hosts could be physical machines or +virtual machines. When deploying on virtual machines the resulting system will +be very similar to "Heat" based deployments, i.e. Docker containers running +within a set of VMs, the primary difference being that the allocation of +containers to VMs is done dynamically with OOM and statically with "Heat". +Example SO deployment descriptor file shows SO's dependency on its mariadb +data-base component: + +SO deployment specification excerpt: + +.. code-block:: yaml + + apiVersion: apps/v1 + kind: Deployment + metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: {{- include "common.labels" . | nindent 4 }} + spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: {{- include "common.matchLabels" . | nindent 6 }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /app/ready.py + args: + - --container-name + - so-mariadb + env: + ... \ No newline at end of file diff --git a/docs/sections/guides/development_guides/oom_dev_container_orchestration.rst b/docs/sections/guides/development_guides/oom_dev_container_orchestration.rst new file mode 100644 index 0000000000..b137bff8b6 --- /dev/null +++ b/docs/sections/guides/development_guides/oom_dev_container_orchestration.rst @@ -0,0 +1,366 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2018-2020 Amdocs, Bell Canada, Orange, Samsung +.. Modification copyright (C) 2022 Nordix Foundation + +.. Links +.. _Kubernetes: https://Kubernetes.io/ +.. _AWS Elastic Block Store: https://aws.amazon.com/ebs/ +.. _Azure File: https://docs.microsoft.com/en-us/azure/storage/files/storage-files-introduction +.. _GCE Persistent Disk: https://cloud.google.com/compute/docs/disks/ +.. _Gluster FS: https://www.gluster.org/ +.. _Kubernetes Storage Class: https://Kubernetes.io/docs/concepts/storage/storage-classes/ +.. _Assigning Pods to Nodes: https://Kubernetes.io/docs/concepts/configuration/assign-pod-node/ + + +.. _oom_dev_container_orch: + +Kubernetes Container Orchestration +################################## + +The ONAP components are managed by the Kubernetes_ container management system +which maintains the desired state of the container system as described by one +or more deployment descriptors - similar in concept to OpenStack HEAT +Orchestration Templates. The following sections describe the fundamental +objects managed by Kubernetes, the network these components use to communicate +with each other and other entities outside of ONAP and the templates that +describe the configuration and desired state of the ONAP components. + +**Name Spaces** + +Within the namespaces are Kubernetes services that provide external +connectivity to pods that host Docker containers. + +ONAP Components to Kubernetes Object Relationships +-------------------------------------------------- +Kubernetes deployments consist of multiple objects: + +- **nodes** - a worker machine - either physical or virtual - that hosts + multiple containers managed by Kubernetes. +- **services** - an abstraction of a logical set of pods that provide a + micro-service. +- **pods** - one or more (but typically one) container(s) that provide specific + application functionality. +- **persistent volumes** - One or more permanent volumes need to be established + to hold non-ephemeral configuration and state data. + +The relationship between these objects is shown in the following figure: + +.. .. uml:: +.. +.. @startuml +.. node PH { +.. component Service { +.. component Pod0 +.. component Pod1 +.. } +.. } +.. +.. database PV +.. @enduml + +.. figure:: ../../resources/images/k8s/kubernetes_objects.png + +OOM uses these Kubernetes objects as described in the following sections. + +Nodes +~~~~~ +OOM works with both physical and virtual worker machines. + +* Virtual Machine Deployments - If ONAP is to be deployed onto a set of virtual + machines, the creation of the VMs is outside of the scope of OOM and could be + done in many ways, such as + + * manually, for example by a user using the OpenStack Horizon dashboard or + AWS EC2, or + * automatically, for example with the use of a OpenStack Heat Orchestration + Template which builds an ONAP stack, Azure ARM template, AWS CloudFormation + Template, or + * orchestrated, for example with Cloudify creating the VMs from a TOSCA + template and controlling their life cycle for the life of the ONAP + deployment. + +* Physical Machine Deployments - If ONAP is to be deployed onto physical + machines there are several options but the recommendation is to use Rancher + along with Helm to associate hosts with a Kubernetes cluster. + +Pods +~~~~ +A group of containers with shared storage and networking can be grouped +together into a Kubernetes pod. All of the containers within a pod are +co-located and co-scheduled so they operate as a single unit. Within ONAP +Amsterdam release, pods are mapped one-to-one to docker containers although +this may change in the future. As explained in the Services section below the +use of Pods within each ONAP component is abstracted from other ONAP +components. + +Services +~~~~~~~~ +OOM uses the Kubernetes service abstraction to provide a consistent access +point for each of the ONAP components independent of the pod or container +architecture of that component. For example, the SDNC component may introduce +OpenDaylight clustering as some point and change the number of pods in this +component to three or more but this change will be isolated from the other ONAP +components by the service abstraction. A service can include a load balancer +on its ingress to distribute traffic between the pods and even react to dynamic +changes in the number of pods if they are part of a replica set. + +Persistent Volumes +~~~~~~~~~~~~~~~~~~ +To enable ONAP to be deployed into a wide variety of cloud infrastructures a +flexible persistent storage architecture, built on Kubernetes persistent +volumes, provides the ability to define the physical storage in a central +location and have all ONAP components securely store their data. + +When deploying ONAP into a public cloud, available storage services such as +`AWS Elastic Block Store`_, `Azure File`_, or `GCE Persistent Disk`_ are +options. Alternatively, when deploying into a private cloud the storage +architecture might consist of Fiber Channel, `Gluster FS`_, or iSCSI. Many +other storage options existing, refer to the `Kubernetes Storage Class`_ +documentation for a full list of the options. The storage architecture may vary +from deployment to deployment but in all cases a reliable, redundant storage +system must be provided to ONAP with which the state information of all ONAP +components will be securely stored. The Storage Class for a given deployment is +a single parameter listed in the ONAP values.yaml file and therefore is easily +customized. Operation of this storage system is outside the scope of the OOM. + +.. code-block:: yaml + + Insert values.yaml code block with storage block here + +Once the storage class is selected and the physical storage is provided, the +ONAP deployment step creates a pool of persistent volumes within the given +physical storage that is used by all of the ONAP components. ONAP components +simply make a claim on these persistent volumes (PV), with a persistent volume +claim (PVC), to gain access to their storage. + +The following figure illustrates the relationships between the persistent +volume claims, the persistent volumes, the storage class, and the physical +storage. + +.. graphviz:: + + digraph PV { + label = "Persistance Volume Claim to Physical Storage Mapping" + { + node [shape=cylinder] + D0 [label="Drive0"] + D1 [label="Drive1"] + Dx [label="Drivex"] + } + { + node [shape=Mrecord label="StorageClass:ceph"] + sc + } + { + node [shape=point] + p0 p1 p2 + p3 p4 p5 + } + subgraph clusterSDC { + label="SDC" + PVC0 + PVC1 + } + subgraph clusterSDNC { + label="SDNC" + PVC2 + } + subgraph clusterSO { + label="SO" + PVCn + } + PV0 -> sc + PV1 -> sc + PV2 -> sc + PVn -> sc + + sc -> {D0 D1 Dx} + PVC0 -> PV0 + PVC1 -> PV1 + PVC2 -> PV2 + PVCn -> PVn + + # force all of these nodes to the same line in the given order + subgraph { + rank = same; PV0;PV1;PV2;PVn;p0;p1;p2 + PV0->PV1->PV2->p0->p1->p2->PVn [style=invis] + } + + subgraph { + rank = same; D0;D1;Dx;p3;p4;p5 + D0->D1->p3->p4->p5->Dx [style=invis] + } + + } + +In-order for an ONAP component to use a persistent volume it must make a claim +against a specific persistent volume defined in the ONAP common charts. Note +that there is a one-to-one relationship between a PVC and PV. The following is +an excerpt from a component chart that defines a PVC: + +.. code-block:: yaml + + Insert PVC example here + +OOM Networking with Kubernetes +------------------------------ + +- DNS +- Ports - Flattening the containers also expose port conflicts between the + containers which need to be resolved. + + +Pod Placement Rules +------------------- +OOM will use the rich set of Kubernetes node and pod affinity / +anti-affinity rules to minimize the chance of a single failure resulting in a +loss of ONAP service. Node affinity / anti-affinity is used to guide the +Kubernetes orchestrator in the placement of pods on nodes (physical or virtual +machines). For example: + +- if a container used Intel DPDK technology the pod may state that it as + affinity to an Intel processor based node, or +- geographical based node labels (such as the Kubernetes standard zone or + region labels) may be used to ensure placement of a DCAE complex close to the + VNFs generating high volumes of traffic thus minimizing networking cost. + Specifically, if nodes were pre-assigned labels East and West, the pod + deployment spec to distribute pods to these nodes would be: + +.. code-block:: yaml + + nodeSelector: + failure-domain.beta.Kubernetes.io/region: {{ .Values.location }} + +- "location: West" is specified in the `values.yaml` file used to deploy + one DCAE cluster and "location: East" is specified in a second `values.yaml` + file (see OOM Configuration Management for more information about + configuration files like the `values.yaml` file). + +Node affinity can also be used to achieve geographic redundancy if pods are +assigned to multiple failure domains. For more information refer to `Assigning +Pods to Nodes`_. + +.. note:: + One could use Pod to Node assignment to totally constrain Kubernetes when + doing initial container assignment to replicate the Amsterdam release + OpenStack Heat based deployment. Should one wish to do this, each VM would + need a unique node name which would be used to specify a node constaint + for every component. These assignment could be specified in an environment + specific values.yaml file. Constraining Kubernetes in this way is not + recommended. + +Kubernetes has a comprehensive system called Taints and Tolerations that can be +used to force the container orchestrator to repel pods from nodes based on +static events (an administrator assigning a taint to a node) or dynamic events +(such as a node becoming unreachable or running out of disk space). There are +no plans to use taints or tolerations in the ONAP Beijing release. Pod +affinity / anti-affinity is the concept of creating a spacial relationship +between pods when the Kubernetes orchestrator does assignment (both initially +an in operation) to nodes as explained in Inter-pod affinity and anti-affinity. +For example, one might choose to co-located all of the ONAP SDC containers on a +single node as they are not critical runtime components and co-location +minimizes overhead. On the other hand, one might choose to ensure that all of +the containers in an ODL cluster (SDNC and APPC) are placed on separate nodes +such that a node failure has minimal impact to the operation of the cluster. +An example of how pod affinity / anti-affinity is shown below: + +Pod Affinity / Anti-Affinity + +.. code-block:: yaml + + apiVersion: v1 + kind: Pod + metadata: + name: with-pod-affinity + spec: + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: security + operator: In + values: + - S1 + topologyKey: failure-domain.beta.Kubernetes.io/zone + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: security + operator: In + values: + - S2 + topologyKey: Kubernetes.io/hostname + containers: + - name: with-pod-affinity + image: gcr.io/google_containers/pause:2.0 + +This example contains both podAffinity and podAntiAffinity rules, the first +rule is is a must (requiredDuringSchedulingIgnoredDuringExecution) while the +second will be met pending other considerations +(preferredDuringSchedulingIgnoredDuringExecution). Preemption Another feature +that may assist in achieving a repeatable deployment in the presence of faults +that may have reduced the capacity of the cloud is assigning priority to the +containers such that mission critical components have the ability to evict less +critical components. Kubernetes provides this capability with Pod Priority and +Preemption. Prior to having more advanced production grade features available, +the ability to at least be able to re-deploy ONAP (or a subset of) reliably +provides a level of confidence that should an outage occur the system can be +brought back on-line predictably. + +Health Checks +------------- + +Monitoring of ONAP components is configured in the agents within JSON files and +stored in gerrit under the consul-agent-config, here is an example from the AAI +model loader (aai-model-loader-health.json): + +.. code-block:: json + + { + "service": { + "name": "A&AI Model Loader", + "checks": [ + { + "id": "model-loader-process", + "name": "Model Loader Presence", + "script": "/consul/config/scripts/model-loader-script.sh", + "interval": "15s", + "timeout": "1s" + } + ] + } + } + +Liveness Probes +--------------- + +These liveness probes can simply check that a port is available, that a +built-in health check is reporting good health, or that the Consul health check +is positive. For example, to monitor the SDNC component has following liveness +probe can be found in the SDNC DB deployment specification: + +.. code-block:: yaml + + sdnc db liveness probe + + livenessProbe: + exec: + command: ["mysqladmin", "ping"] + initialDelaySeconds: 30 periodSeconds: 10 + timeoutSeconds: 5 + +The 'initialDelaySeconds' control the period of time between the readiness +probe succeeding and the liveness probe starting. 'periodSeconds' and +'timeoutSeconds' control the actual operation of the probe. Note that +containers are inherently ephemeral so the healing action destroys failed +containers and any state information within it. To avoid a loss of state, a +persistent volume should be used to store all data that needs to be persisted +over the re-creation of a container. Persistent volumes have been created for +the database components of each of the projects and the same technique can be +used for all persistent state information. \ No newline at end of file diff --git a/docs/sections/guides/development_guides/oom_dev_helm_chart_info.rst b/docs/sections/guides/development_guides/oom_dev_helm_chart_info.rst new file mode 100644 index 0000000000..533f60e29b --- /dev/null +++ b/docs/sections/guides/development_guides/oom_dev_helm_chart_info.rst @@ -0,0 +1,172 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2018-2020 Amdocs, Bell Canada, Orange, Samsung +.. Modification copyright (C) 2022 Nordix Foundation + +.. Links +.. _Helm Charts: https://artifacthub.io/packages/search +.. _aai: https://github.com/onap/oom/tree/master/kubernetes/aai +.. _name.tpl: https://github.com/onap/oom/blob/master/kubernetes/common/common/templates/_name.tpl +.. _namespace.tpl: https://github.com/onap/oom/blob/master/kubernetes/common/common/templates/_namespace.tpl + +.. _oom_helm_chart_info: + +Helm Charts +########### + +A Helm chart is a collection of files that describe a related set of Kubernetes +resources. A simple chart might be used to deploy something simple, like a +memcached pod, while a complex chart might contain many micro-service arranged +in a hierarchy as found in the `aai`_ ONAP component. + +Charts are created as files laid out in a particular directory tree, then they +can be packaged into versioned archives to be deployed. There is a public +archive of `Helm Charts`_ on ArtifactHUB that includes many technologies applicable +to ONAP. Some of these charts have been used in ONAP and all of the ONAP charts +have been created following the guidelines provided. + +An example structure of the OOM common helm charts is shown below: + +.. code-block:: bash + + common + ├── cassandra + │   ├── Chart.yaml + │   ├── resources + │   │   ├── config + │   │   │   └── docker-entrypoint.sh + │   │   ├── exec.py + │   │   └── restore.sh + │   ├── templates + │   │   ├── backup + │   │   │   ├── configmap.yaml + │   │   │   ├── cronjob.yaml + │   │   │   ├── pv.yaml + │   │   │   └── pvc.yaml + │   │   ├── configmap.yaml + │   │   ├── pv.yaml + │   │   ├── service.yaml + │   │   └── statefulset.yaml + │   └── values.yaml + ├── common + │   ├── Chart.yaml + │   ├── templates + │   │   ├── _createPassword.tpl + │   │   ├── _ingress.tpl + │   │   ├── _labels.tpl + │   │   ├── _mariadb.tpl + │   │   ├── _name.tpl + │   │   ├── _namespace.tpl + │   │   ├── _repository.tpl + │   │   ├── _resources.tpl + │   │   ├── _secret.yaml + │   │   ├── _service.tpl + │   │   ├── _storage.tpl + │   │   └── _tplValue.tpl + │   └── values.yaml + ├── ... + └── postgres-legacy +    ├── Chart.yaml + ├── charts + └── configs + +The common section of charts consists of a set of templates that assist with +parameter substitution (`name.tpl`_, `namespace.tpl`_, etc) and a set of +charts for components used throughout ONAP. When the common components are used +by other charts they are instantiated each time or we can deploy a shared +instances for several components. + +All of the ONAP components have charts that follow the pattern shown below: + +.. code-block:: bash + + name-of-my-component + ├── Chart.yaml + ├── component + │   └── subcomponent-folder + ├── charts + │   └── subchart-folder + ├── resources + │   ├── folder1 + │   │   ├── file1 + │   │   └── file2 + │   └── folder1 + │   ├── file3 + │   └── folder3 + │      └── file4 + ├── templates + │   ├── NOTES.txt + │   ├── configmap.yaml + │   ├── deployment.yaml + │   ├── ingress.yaml + │   ├── job.yaml + │   ├── secrets.yaml + │   └── service.yaml + └── values.yaml + +Note that the /components sub dir may include a hierarchy of sub +components and in themselves can be quite complex. + +You can use either `charts` or `components` folder for your subcomponents. +`charts` folder means that the subcomponent will always been deployed. + +`components` folders means we can choose if we want to deploy the subcomponent. + +This choice is done in root `values.yaml`: + +.. code-block:: yaml + + --- + global: + key: value + + component1: + enabled: true + component2: + enabled: true + +Then in `Chart.yaml` dependencies section, you'll use these values: + +.. code-block:: yaml + + --- + dependencies: + - name: common + version: ~x.y-0 + repository: '@local' + - name: component1 + version: ~x.y-0 + repository: 'file://components/component1' + condition: component1.enabled + - name: component2 + version: ~x.y-0 + repository: 'file://components/component2' + condition: component2.enabled + +Configuration of the components varies somewhat from component to component but +generally follows the pattern of one or more `configmap.yaml` files which can +directly provide configuration to the containers in addition to processing +configuration files stored in the `config` directory. It is the responsibility +of each ONAP component team to update these configuration files when changes +are made to the project containers that impact configuration. + +The following section describes how the hierarchical ONAP configuration system +is key to management of such a large system. + + +.. MISC +.. ==== +.. Note that although OOM uses Kubernetes facilities to minimize the effort +.. required of the ONAP component owners to implement a successful rolling +.. upgrade strategy there are other considerations that must be taken into +.. consideration. +.. For example, external APIs - both internal and external to ONAP - should be +.. designed to gracefully accept transactions from a peer at a different +.. software version to avoid deadlock situations. Embedded version codes in +.. messages may facilitate such capabilities. +.. +.. Within each of the projects a new configuration repository contains all of +.. the project specific configuration artifacts. As changes are made within +.. the project, it's the responsibility of the project team to make appropriate +.. changes to the configuration data. diff --git a/docs/sections/guides/development_guides/oom_development.rst b/docs/sections/guides/development_guides/oom_development.rst new file mode 100644 index 0000000000..169e211450 --- /dev/null +++ b/docs/sections/guides/development_guides/oom_development.rst @@ -0,0 +1,64 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. Links +.. _Helm: https://docs.helm.sh/ +.. _Helm Charts: https://github.com/kubernetes/charts +.. _Kubernetes: https://Kubernetes.io/ +.. _Docker: https://www.docker.com/ +.. _Nexus: https://nexus.onap.org/ + +.. _oom_dev_guide: + +OOM Developer Guide +################### + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-medium.png + :align: right + +ONAP consists of a large number of components, each of which are substantial +projects within themselves, which results in a high degree of complexity in +deployment and management. To cope with this complexity the ONAP Operations +Manager (OOM) uses a Helm_ model of ONAP - Helm being the primary management +system for Kubernetes_ container systems - to drive all user driven life-cycle +management operations. The Helm model of ONAP is composed of a set of +hierarchical Helm charts that define the structure of the ONAP components and +the configuration of these components. These charts are fully parameterized +such that a single environment file defines all of the parameters needed to +deploy ONAP. A user of ONAP may maintain several such environment files to +control the deployment of ONAP in multiple environments such as development, +pre-production, and production. + + + +.. rubric:: Container Background + +Linux containers allow for an application and all of its operating system +dependencies to be packaged and deployed as a single unit without including a +guest operating system as done with virtual machines. The most popular +container solution is Docker_ which provides tools for container management +like the Docker Host (dockerd) which can create, run, stop, move, or delete a +container. Docker has a very popular registry of containers images that can be +used by any Docker system; however, in the ONAP context, Docker images are +built by the standard CI/CD flow and stored in Nexus_ repositories. OOM uses +the "standard" ONAP docker containers and three new ones specifically created +for OOM. + +Containers are isolated from each other primarily via name spaces within the +Linux kernel without the need for multiple guest operating systems. As such, +multiple containers can be deployed with little overhead such as all of ONAP +can be deployed on a single host. With some optimization of the ONAP components +(e.g. elimination of redundant database instances) it may be possible to deploy +ONAP on a single laptop computer. + +The following sections describe how the ONAP Helm charts are constructed. + +.. toctree:: + :maxdepth: 1 + + oom_dev_helm_chart_info.rst + oom_dev_config_management.rst + oom_dev_container_orchestration.rst + diff --git a/docs/sections/guides/infra_guides/oom_base_config_setup.rst b/docs/sections/guides/infra_guides/oom_base_config_setup.rst new file mode 100644 index 0000000000..d228f5df56 --- /dev/null +++ b/docs/sections/guides/infra_guides/oom_base_config_setup.rst @@ -0,0 +1,187 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. Links +.. _HELM Best Practices Guide: https://docs.helm.sh/chart_best_practices/#requirements +.. _helm installation guide: https://helm.sh/docs/intro/install/ +.. _kubectl installation guide: https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/ +.. _Curated applications for Kubernetes: https://github.com/kubernetes/charts +.. _Cert-Manager Installation documentation: https://cert-manager.io/docs/installation/kubernetes/ +.. _Cert-Manager kubectl plugin documentation: https://cert-manager.io/docs/usage/kubectl-plugin/ +.. _Strimzi Apache Kafka Operator helm Installation documentation: https://strimzi.io/docs/operators/in-development/deploying.html#deploying-cluster-operator-helm-chart-str + +.. _oom_base_setup_guide: + +OOM Base Platform +################# + +As part of the initial base setup of the host Kubernetes cluster, +the following mandatory installation and configuration steps must be completed. + +.. contents:: + :backlinks: top + :depth: 1 + :local: +.. + +For additional platform add-ons, see the :ref:`oom_base_optional_addons` section. + +Install & configure kubectl +*************************** +The Kubernetes command line interface used to manage a Kubernetes cluster needs to be installed +and configured to run as non root. + +For additional information regarding kubectl installation and configuration see the `kubectl installation guide`_ + +To install kubectl, execute the following, replacing the with the version defined +in the :ref:`versions_table` table:: + + > curl -LO https://dl.k8s.io/release/v/bin/linux/amd64/kubectl + + > chmod +x ./kubectl + + > sudo mv ./kubectl /usr/local/bin/kubectl + + > mkdir ~/.kube + + > cp kube_config_cluster.yml ~/.kube/config.onap + + > export KUBECONFIG=~/.kube/config.onap + + > kubectl config use-context onap + +Validate the installation:: + + > kubectl get nodes + +:: + + NAME STATUS ROLES AGE VERSION + onap-control-1 Ready controlplane,etcd 3h53m v1.23.8 + onap-control-2 Ready controlplane,etcd 3h53m v1.23.8 + onap-k8s-1 Ready worker 3h53m v1.23.8 + onap-k8s-2 Ready worker 3h53m v1.23.8 + onap-k8s-3 Ready worker 3h53m v1.23.8 + onap-k8s-4 Ready worker 3h53m v1.23.8 + onap-k8s-5 Ready worker 3h53m v1.23.8 + onap-k8s-6 Ready worker 3h53m v1.23.8 + + +Install & configure helm +************************ +Helm is used for package and configuration management of the relevant helm charts. +For additional information, see the `helm installation guide`_ + +To install helm, execute the following, replacing the with the version defined +in the :ref:`versions_table` table:: + + > wget https://get.helm.sh/helm-v-linux-amd64.tar.gz + + > tar -zxvf helm-v-linux-amd64.tar.gz + + > sudo mv linux-amd64/helm /usr/local/bin/helm + +Verify the helm version with:: + + > helm version + +Helm's default CNCF provided `Curated applications for Kubernetes`_ repository called +*stable* can be removed to avoid confusion:: + + > helm repo remove stable + +Install the additional OOM plugins required to un/deploy the OOM helm charts:: + + > git clone http://gerrit.onap.org/r/oom + + > cp -R ~/oom/kubernetes/helm/plugins/ /usr/local/bin/helm/plugins + +Verify the plugins are installed:: + + > helm plugin ls + +:: + + NAME VERSION DESCRIPTION + deploy 1.0.0 install (upgrade if release exists) parent charty and all subcharts as separate but related releases + undeploy 1.0.0 delete parent chart and subcharts that were deployed as separate releases + + +Install the strimzi kafka operator +********************************** +Strimzi Apache Kafka provides a way to run an Apache Kafka cluster on Kubernetes +in various deployment configurations by using kubernetes operators. +Operators are a method of packaging, deploying, and managing Kubernetes applications. + +Strimzi Operators extend the Kubernetes functionality, automating common +and complex tasks related to a Kafka deployment. By implementing +knowledge of Kafka operations in code, the Kafka administration +tasks are simplified and require less manual intervention. + +The Strimzi cluster operator is deployed using helm to install the parent chart +containing all of the required custom resource definitions. This should be done +by a kubernetes administrator to allow for deployment of custom resources in to +any kubernetes namespace within the cluster. + +Full installation instructions can be found in the +`Strimzi Apache Kafka Operator helm Installation documentation`_. + +To add the required helm repository, execute the following:: + + > helm repo add strimzi https://strimzi.io/charts/ + +To install the strimzi kafka operator, execute the following, replacing the with the version defined +in the :ref:`versions_table` table:: + + > helm install strimzi-kafka-operator strimzi/strimzi-kafka-operator --namespace strimzi-system --version --set watchAnyNamespace=true --create-namespace + +Verify the installation:: + + > kubectl get po -n strimzi-system + +:: + + NAME READY STATUS RESTARTS AGE + strimzi-cluster-operator-7f7d6b46cf-mnpjr 1/1 Running 0 2m + + +Install Cert-Manager +******************** + +Cert-Manager is a native Kubernetes certificate management controller. +It can help with issuing certificates from a variety of sources, such as +Let’s Encrypt, HashiCorp Vault, Venafi, a simple signing key pair, self +signed or external issuers. It ensures certificates are valid and up to +date, and attempt to renew certificates at a configured time before expiry. + +Cert-Manager is deployed using regular YAML manifests which include all +the needed resources (the CustomResourceDefinitions, cert-manager, +namespace, and the webhook component). + +Full installation instructions, including details on how to configure extra +functionality in Cert-Manager can be found in the +`Cert-Manager Installation documentation`_. + +There is also a kubectl plugin (kubectl cert-manager) that can help you +to manage cert-manager resources inside your cluster. For installation +steps, please refer to `Cert-Manager kubectl plugin documentation`_. + + +To install cert-manager, execute the following, replacing the with the version defined +in the :ref:`versions_table` table:: + + > kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v/cert-manager.yaml + +Verify the installation:: + + > kubectl get po -n cert-manager + +:: + + NAME READY STATUS RESTARTS AGE + cert-manager-776c4cfcb6-vgnpw 1/1 Running 0 2m + cert-manager-cainjector-7d9668978d-hdxf7 1/1 Running 0 2m + cert-manager-webhook-66c8f6c75-dxmtz 1/1 Running 0 2m + diff --git a/docs/sections/guides/infra_guides/oom_base_optional_addons.rst b/docs/sections/guides/infra_guides/oom_base_optional_addons.rst new file mode 100644 index 0000000000..4b4fbf7883 --- /dev/null +++ b/docs/sections/guides/infra_guides/oom_base_optional_addons.rst @@ -0,0 +1,41 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. Links +.. _Prometheus stack README: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#readme + +.. _oom_base_optional_addons: + +OOM Optional Addons +################### + +The following optional applications can be added to your kubernetes environment. + +Install Prometheus Stack +************************ + +Prometheus is an open-source systems monitoring and alerting toolkit with +an active ecosystem. + +Kube Prometheus Stack is a collection of Kubernetes manifests, Grafana +dashboards, and Prometheus rules combined with documentation and scripts to +provide easy to operate end-to-end Kubernetes cluster monitoring with +Prometheus using the Prometheus Operator. As it includes both Prometheus +Operator and Grafana dashboards, there is no need to set up them separately. +See the `Prometheus stack README`_ for more information. + +To install the prometheus stack, execute the following: + +- Add the prometheus-community Helm repository:: + + > helm repo add prometheus-community https://prometheus-community.github.io/helm-charts + +- Update your local Helm chart repository cache:: + + > helm repo update + +- To install prometheus, execute the following, replacing the with the version defined in the :ref:`versions_table` table:: + + > helm install prometheus prometheus-community/kube-prometheus-stack --namespace=prometheus --create-namespace --version= diff --git a/docs/sections/guides/infra_guides/oom_infra_setup.rst b/docs/sections/guides/infra_guides/oom_infra_setup.rst new file mode 100644 index 0000000000..d8fb743f42 --- /dev/null +++ b/docs/sections/guides/infra_guides/oom_infra_setup.rst @@ -0,0 +1,72 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. Links +.. _Kubernetes: https://kubernetes.io/ +.. _Kubernetes best practices: https://kubernetes.io/docs/setup/best-practices/cluster-large/ +.. _kubelet confg guide: https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/ + +.. _oom_infra_setup_guide: + +OOM Infrastructure Guide +######################## + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-medium.png + :align: right + +OOM deploys and manages ONAP on a pre-established Kubernetes_ cluster - the +creation of this cluster is outside of the scope of the OOM project as there +are many options including public clouds with pre-established environments. +If creation of a Kubernetes cluster is required, the life-cycle of this +cluster is independent of the life-cycle of the ONAP components themselves. + +.. rubric:: Minimum Hardware Configuration + +Some recommended hardware requirements are provided below. Note that this is for a +full ONAP deployment (all components). + +.. table:: OOM Hardware Requirements + + ===== ===== ====== ==================== + RAM HD vCores Ports + ===== ===== ====== ==================== + 224GB 160GB 112 0.0.0.0/0 (all open) + ===== ===== ====== ==================== + +Customizing ONAP to deploy only components that are needed will drastically reduce these requirements. +See the :ref:`OOM customized deployment` section for more details. + +.. note:: + | Kubernetes supports a maximum of 110 pods per node - this can be overcome by modifying your kubelet config. + | See the `kubelet confg guide`_ for more information. + + | The use of many small nodes is preferred over a few larger nodes (for example 14 x 16GB - 8 vCores each). + + | OOM can be deployed on a private set of physical hosts or VMs (or even a combination of the two). + +.. rubric:: Software Requirements + +The versions of software that are supported by OOM are as follows: + +.. _versions_table: + +.. table:: OOM Software Requirements + + ============== =========== ======= ======== ======== ============ ================= ======= + Release Kubernetes Helm kubectl Docker Cert-Manager Prometheus Stack Strimzi + ============== =========== ======= ======== ======== ============ ================= ======= + Jakarta 1.22.4 3.6.3 1.22.4 20.10.x 1.8.0 35.x 0.28.0 + Kohn 1.23.8 3.8.2 1.23.8 20.10.x 1.8.0 35.x 0.31.1 + ============== =========== ======= ======== ======== ============ ================= ======= + + +.. toctree:: + :hidden: + + oom_base_config_setup.rst + oom_base_optional_addons.rst + oom_setup_ingress_controller.rst + + diff --git a/docs/sections/guides/infra_guides/oom_setup_ingress_controller.rst b/docs/sections/guides/infra_guides/oom_setup_ingress_controller.rst new file mode 100644 index 0000000000..8c261fdfd7 --- /dev/null +++ b/docs/sections/guides/infra_guides/oom_setup_ingress_controller.rst @@ -0,0 +1,176 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2020, Samsung Electronics +.. Modification copyright (C) 2022 Nordix Foundation + +.. Links +.. _metallb Metal Load Balancer installation: https://metallb.universe.tf/installation/ + +.. _oom_setup_ingress_controller: + +OOM Ingress controller setup +############################ + +.. warning:: + This guide should prob go in the Optional addons section + +This optional guide provides instruction how to setup experimental ingress controller +feature. For this, we are hosting our cluster on OpenStack VMs and using the +Rancher Kubernetes Engine (RKE) to deploy and manage our Kubernetes Cluster and +ingress controller + +.. contents:: + :backlinks: top + :depth: 1 + :local: +.. + +The result at the end of this tutorial will be: + +#. Customization of the cluster.yaml file for ingress controller support + +#. Installation and configuration test DNS server for ingress host resolution + on testing machines + +#. Installation and configuration MLB (Metal Load Balancer) required for + exposing ingress service + +#. Installation and configuration NGINX ingress controller + +#. Additional info how to deploy ONAP with services exposed via Ingress + controller + +Customize cluster.yml file +************************** +Before setup cluster for ingress purposes DNS cluster IP and ingress provider +should be configured and following: + +.. code-block:: yaml + + --- + <...> + restore: + restore: false + snapshot_name: "" + ingress: + provider: none + dns: + provider: coredns + upstreamnameservers: + - :31555 + +Where the should be set to the same IP as the CONTROLPANE +node. + +For external load balancer purposes, minimum one of the worker node should be +configured with external IP address accessible outside the cluster. It can be +done using the following example node configuration: + +.. code-block:: yaml + + --- + <...> + - address: + internal_address: + port: "22" + role: + - worker + hostname_override: "onap-worker-0" + user: ubuntu + ssh_key_path: "~/.ssh/id_rsa" + <...> + +Where the is external worker node IP address, and +is internal node IP address if it is required. + + +DNS server configuration and installation +***************************************** +DNS server deployed on the Kubernetes cluster makes it easy to use services +exposed through ingress controller because it resolves all subdomain related to +the ONAP cluster to the load balancer IP. Testing ONAP cluster requires a lot +of entries on the target machines in the /etc/hosts. Adding many entries into +the configuration files on testing machines is quite problematic and error +prone. The better wait is to create central DNS server with entries for all +virtual host pointed to simpledemo.onap.org and add custom DNS server as a +target DNS server for testing machines and/or as external DNS for Kubernetes +cluster. + +DNS server has automatic installation and configuration script, so installation +is quite easy:: + + > cd kubernetes/contrib/dns-server-for-vhost-ingress-testing + + > ./deploy\_dns.sh + +After DNS deploy you need to setup DNS entry on the target testing machine. +Because DNS listen on non standard port configuration require iptables rules +on the target machine. Please follow the configuration proposed by the deploy +scripts. +Example output depends on the IP address and example output looks like bellow:: + + DNS server already deployed: + 1. You can add the DNS server to the target machine using following commands: + sudo iptables -t nat -A OUTPUT -p tcp -d 192.168.211.211 --dport 53 -j DNAT --to-destination 10.10.13.14:31555 + sudo iptables -t nat -A OUTPUT -p udp -d 192.168.211.211 --dport 53 -j DNAT --to-destination 10.10.13.14:31555 + sudo sysctl -w net.ipv4.conf.all.route_localnet=1 + sudo sysctl -w net.ipv4.ip_forward=1 + 2. Update /etc/resolv.conf file with nameserver 192.168.211.211 entry on your target machine + + +MetalLB Load Balancer installation and configuration +**************************************************** + +By default pure Kubernetes cluster requires external load balancer if we want +to expose external port using LoadBalancer settings. For this purpose MetalLB +can be used. Before installing the MetalLB you need to ensure that at least one +worker has assigned IP accessible outside the cluster. + +MetalLB Load balancer can be easily installed using automatic install script:: + + > cd kubernetes/contrib/metallb-loadbalancer-inst + + > ./install-metallb-on-cluster.sh + + +Configuration of the Nginx ingress controller +********************************************* + +After installation of the DNS server and ingress controller, we can install and +configure ingress controller. +It can be done using the following commands:: + + > cd kubernetes/contrib/ingress-nginx-post-inst + + > kubectl apply -f nginx_ingress_cluster_config.yaml + + > kubectl apply -f nginx_ingress_enable_optional_load_balacer_service.yaml + +After deploying the NGINX ingress controller, you can ensure that the ingress port is +exposed as load balancer service with an external IP address:: + + > kubectl get svc -n ingress-nginx + NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE + default-http-backend ClusterIP 10.10.10.10 80/TCP 25h + ingress-nginx LoadBalancer 10.10.10.11 10.12.13.14 80:31308/TCP,443:30314/TCP 24h + + +ONAP with ingress exposed services +********************************** +If you want to deploy onap with services exposed through ingress controller you +can use full onap deploy yaml:: + + > onap/resources/overrides/onap-all-ingress-nginx-vhost.yaml + +Ingress also can be enabled on any onap setup override using following code: + +.. code-block:: yaml + + --- + <...> + global: + <...> + ingress: + enabled: true + diff --git a/docs/sections/guides/user_guides/oom_user_guide.rst b/docs/sections/guides/user_guides/oom_user_guide.rst new file mode 100644 index 0000000000..c0f4f6ef73 --- /dev/null +++ b/docs/sections/guides/user_guides/oom_user_guide.rst @@ -0,0 +1,651 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright (C) 2022 Nordix Foundation + +.. Links +.. _Curated applications for Kubernetes: https://github.com/kubernetes/charts +.. _Services: https://kubernetes.io/docs/concepts/services-networking/service/ +.. _ReplicaSet: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ +.. _StatefulSet: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ +.. _Helm Documentation: https://docs.helm.sh/helm/ +.. _Helm: https://docs.helm.sh/ +.. _Kubernetes: https://Kubernetes.io/ +.. _Kubernetes LoadBalancer: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer +.. _user-guide-label: + + +.. _oom_user_guide: + + +OOM User Guide +############## + +.. warning:: + + **THIS PAGE NEEDS TO BE EITHER REWRITTEN OR SOMETING AS SOME INFO IS NO LONGER RELEVANT** + +The ONAP Operations Manager (OOM) provide the ability to manage the entire +life-cycle of an ONAP installation, from the initial deployment to final +decommissioning. This guide provides instructions for users of ONAP to +use the Kubernetes_/Helm_ system as a complete ONAP management system. + +This guide provides many examples of Helm command line operations. For a +complete description of these commands please refer to the `Helm +Documentation`_. + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-medium.png + :align: right + +The following sections describe the life-cycle operations: + +- Deploy_ - with built-in component dependency management +- Configure_ - unified configuration across all ONAP components +- Monitor_ - real-time health monitoring feeding to a Consul UI and Kubernetes +- Heal_- failed ONAP containers are recreated automatically +- Scale_ - cluster ONAP services to enable seamless scaling +- Upgrade_ - change-out containers or configuration with little or no service impact +- Delete_ - cleanup individual containers or entire deployments + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-Deploy.png + :align: right + +Deploy +====== + +The OOM team with assistance from the ONAP project teams, have built a +comprehensive set of Helm charts, yaml files very similar to TOSCA files, that +describe the composition of each of the ONAP components and the relationship +within and between components. Using this model Helm is able to deploy all of +ONAP with a few simple commands. + +Please refer to the :ref:`oom_deploy_guide` for deployment pre-requisites and options + +.. note:: + Refer to the :ref:`oom_customize_overrides` section on how to update overrides.yaml and values.yaml + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-Configure.png + :align: right + +Configure +========= + +Each project within ONAP has its own configuration data generally consisting +of: environment variables, configuration files, and database initial values. +Many technologies are used across the projects resulting in significant +operational complexity and an inability to apply global parameters across the +entire ONAP deployment. OOM solves this problem by introducing a common +configuration technology, Helm charts, that provide a hierarchical +configuration with the ability to override values with higher +level charts or command line options. + +The structure of the configuration of ONAP is shown in the following diagram. +Note that key/value pairs of a parent will always take precedence over those +of a child. Also note that values set on the command line have the highest +precedence of all. + +.. graphviz:: + + digraph config { + { + node [shape=folder] + oValues [label="values.yaml"] + demo [label="onap-demo.yaml"] + prod [label="onap-production.yaml"] + oReq [label="Chart.yaml"] + soValues [label="values.yaml"] + soReq [label="Chart.yaml"] + mdValues [label="values.yaml"] + } + { + oResources [label="resources"] + } + onap -> oResources + onap -> oValues + oResources -> environments + oResources -> oReq + oReq -> so + environments -> demo + environments -> prod + so -> soValues + so -> soReq + so -> charts + charts -> mariadb + mariadb -> mdValues + + } + +The top level onap/values.yaml file contains the values required to be set +before deploying ONAP. Here is the contents of this file: + +.. collapse:: Default ONAP values.yaml + + .. include:: ../../../../kubernetes/onap/values.yaml + :code: yaml + +| + + +One may wish to create a value file that is specific to a given deployment such +that it can be differentiated from other deployments. For example, a +onap-development.yaml file may create a minimal environment for development +while onap-production.yaml might describe a production deployment that operates +independently of the developer version. + +For example, if the production OpenStack instance was different from a +developer's instance, the onap-production.yaml file may contain a different +value for the vnfDeployment/openstack/oam_network_cidr key as shown below. + +.. code-block:: yaml + + nsPrefix: onap + nodePortPrefix: 302 + apps: consul msb mso message-router sdnc vid robot portal policy appc aai + sdc dcaegen2 log cli multicloud clamp vnfsdk aaf kube2msb + dataRootDir: /dockerdata-nfs + + # docker repositories + repository: + onap: nexus3.onap.org:10001 + oom: oomk8s + aai: aaionap + filebeat: docker.elastic.co + + image: + pullPolicy: Never + + # vnf deployment environment + vnfDeployment: + openstack: + ubuntu_14_image: "Ubuntu_14.04.5_LTS" + public_net_id: "e8f51956-00dd-4425-af36-045716781ffc" + oam_network_id: "d4769dfb-c9e4-4f72-b3d6-1d18f4ac4ee6" + oam_subnet_id: "191f7580-acf6-4c2b-8ec0-ba7d99b3bc4e" + oam_network_cidr: "192.168.30.0/24" + <...> + + +To deploy ONAP with this environment file, enter:: + + > helm deploy local/onap -n onap -f onap/resources/environments/onap-production.yaml --set global.masterPassword=password + + +.. collapse:: Default ONAP values.yaml + + .. include:: ../../resources/yaml/environments_onap_demo.yaml + :code: yaml + +| + +When deploying all of ONAP, the dependencies section of the Chart.yaml file +controls which and what version of the ONAP components are included. +Here is an excerpt of this file: + +.. code-block:: yaml + + dependencies: + <...> + - name: so + version: ~11.0.0 + repository: '@local' + condition: so.enabled + <...> + +The ~ operator in the `so` version value indicates that the latest "10.X.X" +version of `so` shall be used thus allowing the chart to allow for minor +upgrades that don't impact the so API; hence, version 10.0.1 will be installed +in this case. + +The onap/resources/environment/dev.yaml (see the excerpt below) enables +for fine grained control on what components are included as part of this +deployment. By changing this `so` line to `enabled: false` the `so` component +will not be deployed. If this change is part of an upgrade the existing `so` +component will be shut down. Other `so` parameters and even `so` child values +can be modified, for example the `so`'s `liveness` probe could be disabled +(which is not recommended as this change would disable auto-healing of `so`). + +.. code-block:: yaml + + ################################################################# + # Global configuration overrides. + # + # These overrides will affect all helm charts (ie. applications) + # that are listed below and are 'enabled'. + ################################################################# + global: + <...> + + ################################################################# + # Enable/disable and configure helm charts (ie. applications) + # to customize the ONAP deployment. + ################################################################# + aaf: + enabled: false + <...> + so: # Service Orchestrator + enabled: true + + replicaCount: 1 + + liveness: + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + + <...> + +Accessing the ONAP Portal using OOM and a Kubernetes Cluster +------------------------------------------------------------ + +The ONAP deployment created by OOM operates in a private IP network that isn't +publicly accessible (i.e. OpenStack VMs with private internal network) which +blocks access to the ONAP Portal. To enable direct access to this Portal from a +user's own environment (a laptop etc.) the portal application's port 8989 is +exposed through a `Kubernetes LoadBalancer`_ object. + +Typically, to be able to access the Kubernetes nodes publicly a public address +is assigned. In OpenStack this is a floating IP address. + +When the `portal-app` chart is deployed a Kubernetes service is created that +instantiates a load balancer. The LB chooses the private interface of one of +the nodes as in the example below (10.0.0.4 is private to the K8s cluster only). +Then to be able to access the portal on port 8989 from outside the K8s & +OpenStack environment, the user needs to assign/get the floating IP address that +corresponds to the private IP as follows:: + + > kubectl -n onap get services|grep "portal-app" + portal-app LoadBalancer 10.43.142.201 10.0.0.4 8989:30215/TCP,8006:30213/TCP,8010:30214/TCP 1d app=portal-app,release=dev + + +In this example, use the 11.0.0.4 private address as a key find the +corresponding public address which in this example is 10.12.6.155. If you're +using OpenStack you'll do the lookup with the horizon GUI or the OpenStack CLI +for your tenant (openstack server list). That IP is then used in your +`/etc/hosts` to map the fixed DNS aliases required by the ONAP Portal as shown +below:: + + 10.12.6.155 portal.api.simpledemo.onap.org + 10.12.6.155 vid.api.simpledemo.onap.org + 10.12.6.155 sdc.api.fe.simpledemo.onap.org + 10.12.6.155 sdc.workflow.plugin.simpledemo.onap.org + 10.12.6.155 sdc.dcae.plugin.simpledemo.onap.org + 10.12.6.155 portal-sdk.simpledemo.onap.org + 10.12.6.155 policy.api.simpledemo.onap.org + 10.12.6.155 aai.api.sparky.simpledemo.onap.org + 10.12.6.155 cli.api.simpledemo.onap.org + 10.12.6.155 msb.api.discovery.simpledemo.onap.org + 10.12.6.155 msb.api.simpledemo.onap.org + 10.12.6.155 clamp.api.simpledemo.onap.org + 10.12.6.155 so.api.simpledemo.onap.org + 10.12.6.155 sdc.workflow.plugin.simpledemo.onap.org + +Ensure you've disabled any proxy settings the browser you are using to access +the portal and then simply access now the new ssl-encrypted URL: +``https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm`` + +.. note:: + Using the HTTPS based Portal URL the Browser needs to be configured to accept + unsecure credentials. + Additionally when opening an Application inside the Portal, the Browser + might block the content, which requires to disable the blocking and reloading + of the page + +.. note:: + Besides the ONAP Portal the Components can deliver additional user interfaces, + please check the Component specific documentation. + +.. note:: + + | Alternatives Considered: + + - Kubernetes port forwarding was considered but discarded as it would + require the end user to run a script that opens up port forwarding tunnels + to each of the pods that provides a portal application widget. + + - Reverting to a VNC server similar to what was deployed in the Amsterdam + release was also considered but there were many issues with resolution, + lack of volume mount, /etc/hosts dynamic update, file upload that were + a tall order to solve in time for the Beijing release. + + Observations: + + - If you are not using floating IPs in your Kubernetes deployment and + directly attaching a public IP address (i.e. by using your public provider + network) to your K8S Node VMs' network interface, then the output of + 'kubectl -n onap get services | grep "portal-app"' + will show your public IP instead of the private network's IP. Therefore, + you can grab this public IP directly (as compared to trying to find the + floating IP first) and map this IP in /etc/hosts. + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-Monitor.png + :align: right + +Monitor +======= + +All highly available systems include at least one facility to monitor the +health of components within the system. Such health monitors are often used as +inputs to distributed coordination systems (such as etcd, Zookeeper, or Consul) +and monitoring systems (such as Nagios or Zabbix). OOM provides two mechanisms +to monitor the real-time health of an ONAP deployment: + +- a Consul GUI for a human operator or downstream monitoring systems and + Kubernetes liveness probes that enable automatic healing of failed + containers, and +- a set of liveness probes which feed into the Kubernetes manager which + are described in the Heal section. + +Within ONAP, Consul is the monitoring system of choice and deployed by OOM in +two parts: + +- a three-way, centralized Consul server cluster is deployed as a highly + available monitor of all of the ONAP components, and +- a number of Consul agents. + +The Consul server provides a user interface that allows a user to graphically +view the current health status of all of the ONAP components for which agents +have been created - a sample from the ONAP Integration labs follows: + +.. figure:: ../../resources/images/consul/consulHealth.png + :align: center + +To see the real-time health of a deployment go to: ``http://:30270/ui/`` +where a GUI much like the following will be found: + +.. note:: + If Consul GUI is not accessible, you can refer this + `kubectl port-forward `_ method to access an application + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-Heal.png + :align: right + +Heal +==== + +The ONAP deployment is defined by Helm charts as mentioned earlier. These Helm +charts are also used to implement automatic recoverability of ONAP components +when individual components fail. Once ONAP is deployed, a "liveness" probe +starts checking the health of the components after a specified startup time. + +Should a liveness probe indicate a failed container it will be terminated and a +replacement will be started in its place - containers are ephemeral. Should the +deployment specification indicate that there are one or more dependencies to +this container or component (for example a dependency on a database) the +dependency will be satisfied before the replacement container/component is +started. This mechanism ensures that, after a failure, all of the ONAP +components restart successfully. + +To test healing, the following command can be used to delete a pod:: + + > kubectl delete pod [pod name] -n [pod namespace] + +One could then use the following command to monitor the pods and observe the +pod being terminated and the service being automatically healed with the +creation of a replacement pod:: + + > kubectl get pods --all-namespaces -o=wide + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-Scale.png + :align: right + +Scale +===== + +Many of the ONAP components are horizontally scalable which allows them to +adapt to expected offered load. During the Beijing release scaling is static, +that is during deployment or upgrade a cluster size is defined and this cluster +will be maintained even in the presence of faults. The parameter that controls +the cluster size of a given component is found in the values.yaml file for that +component. Here is an excerpt that shows this parameter: + +.. code-block:: yaml + + # default number of instances + replicaCount: 1 + +In order to change the size of a cluster, an operator could use a helm upgrade +(described in detail in the next section) as follows:: + + > helm upgrade [RELEASE] [CHART] [flags] + +The RELEASE argument can be obtained from the following command:: + + > helm list + +Below is the example for the same:: + + > helm list + NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE + dev 1 Wed Oct 14 13:49:52 2020 DEPLOYED onap-11.0.0 Kohn onap + dev-cassandra 5 Thu Oct 15 14:45:34 2020 DEPLOYED cassandra-11.0.0 onap + dev-contrib 1 Wed Oct 14 13:52:53 2020 DEPLOYED contrib-11.0.0 onap + dev-mariadb-galera 1 Wed Oct 14 13:55:56 2020 DEPLOYED mariadb-galera-11.0.0 onap + +Here the Name column shows the RELEASE NAME, In our case we want to try the +scale operation on cassandra, thus the RELEASE NAME would be dev-cassandra. + +Now we need to obtain the chart name for cassandra. Use the below +command to get the chart name:: + + > helm search cassandra + +Below is the example for the same:: + + > helm search cassandra + NAME CHART VERSION APP VERSION DESCRIPTION + local/cassandra 11.0.0 ONAP cassandra + local/portal-cassandra 11.0.0 Portal cassandra + local/aaf-cass 11.0.0 ONAP AAF cassandra + local/sdc-cs 11.0.0 ONAP Service Design and Creation Cassandra + +Here the Name column shows the chart name. As we want to try the scale +operation for cassandra, thus the corresponding chart name is local/cassandra + + +Now we have both the command's arguments, thus we can perform the +scale operation for cassandra as follows:: + + > helm upgrade dev-cassandra local/cassandra --set replicaCount=3 + +Using this command we can scale up or scale down the cassandra db instances. + + +The ONAP components use Kubernetes provided facilities to build clustered, +highly available systems including: Services_ with load-balancers, ReplicaSet_, +and StatefulSet_. Some of the open-source projects used by the ONAP components +directly support clustered configurations, for example ODL and MariaDB Galera. + +The Kubernetes Services_ abstraction to provide a consistent access point for +each of the ONAP components, independent of the pod or container architecture +of that component. For example, SDN-C uses OpenDaylight clustering with a +default cluster size of three but uses a Kubernetes service to and change the +number of pods in this abstract this cluster from the other ONAP components +such that the cluster could change size and this change is isolated from the +other ONAP components by the load-balancer implemented in the ODL service +abstraction. + +A ReplicaSet_ is a construct that is used to describe the desired state of the +cluster. For example 'replicas: 3' indicates to Kubernetes that a cluster of 3 +instances is the desired state. Should one of the members of the cluster fail, +a new member will be automatically started to replace it. + +Some of the ONAP components many need a more deterministic deployment; for +example to enable intra-cluster communication. For these applications the +component can be deployed as a Kubernetes StatefulSet_ which will maintain a +persistent identifier for the pods and thus a stable network id for the pods. +For example: the pod names might be web-0, web-1, web-{N-1} for N 'web' pods +with corresponding DNS entries such that intra service communication is simple +even if the pods are physically distributed across multiple nodes. An example +of how these capabilities can be used is described in the Running Consul on +Kubernetes tutorial. + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-Upgrade.png + :align: right + +Upgrade +======= + +Helm has built-in capabilities to enable the upgrade of pods without causing a +loss of the service being provided by that pod or pods (if configured as a +cluster). As described in the OOM Developer's Guide, ONAP components provide +an abstracted 'service' end point with the pods or containers providing this +service hidden from other ONAP components by a load balancer. This capability +is used during upgrades to allow a pod with a new image to be added to the +service before removing the pod with the old image. This 'make before break' +capability ensures minimal downtime. + +Prior to doing an upgrade, determine of the status of the deployed charts:: + + > helm list + NAME REVISION UPDATED STATUS CHART NAMESPACE + so 1 Mon Feb 5 10:05:22 2020 DEPLOYED so-11.0.0 onap + +When upgrading a cluster a parameter controls the minimum size of the cluster +during the upgrade while another parameter controls the maximum number of nodes +in the cluster. For example, SNDC configured as a 3-way ODL cluster might +require that during the upgrade no fewer than 2 pods are available at all times +to provide service while no more than 5 pods are ever deployed across the two +versions at any one time to avoid depleting the cluster of resources. In this +scenario, the SDNC cluster would start with 3 old pods then Kubernetes may add +a new pod (3 old, 1 new), delete one old (2 old, 1 new), add two new pods (2 +old, 3 new) and finally delete the 2 old pods (3 new). During this sequence +the constraints of the minimum of two pods and maximum of five would be +maintained while providing service the whole time. + +Initiation of an upgrade is triggered by changes in the Helm charts. For +example, if the image specified for one of the pods in the SDNC deployment +specification were to change (i.e. point to a new Docker image in the nexus3 +repository - commonly through the change of a deployment variable), the +sequence of events described in the previous paragraph would be initiated. + +For example, to upgrade a container by changing configuration, specifically an +environment value:: + + > helm upgrade so onap/so --version 11.0.1 --set enableDebug=true + +Issuing this command will result in the appropriate container being stopped by +Kubernetes and replaced with a new container with the new environment value. + +To upgrade a component to a new version with a new configuration file enter:: + + > helm upgrade so onap/so --version 11.0.1 -f environments/demo.yaml + +To fetch release history enter:: + + > helm history so + REVISION UPDATED STATUS CHART DESCRIPTION + 1 Mon Jul 5 10:05:22 2022 SUPERSEDED so-11.0.0 Install complete + 2 Mon Jul 5 10:10:55 2022 DEPLOYED so-11.0.1 Upgrade complete + +Unfortunately, not all upgrades are successful. In recognition of this the +lineup of pods within an ONAP deployment is tagged such that an administrator +may force the ONAP deployment back to the previously tagged configuration or to +a specific configuration, say to jump back two steps if an incompatibility +between two ONAP components is discovered after the two individual upgrades +succeeded. + +This rollback functionality gives the administrator confidence that in the +unfortunate circumstance of a failed upgrade the system can be rapidly brought +back to a known good state. This process of rolling upgrades while under +service is illustrated in this short YouTube video showing a Zero Downtime +Upgrade of a web application while under a 10 million transaction per second +load. + +For example, to roll-back back to previous system revision enter:: + + > helm rollback so 1 + + > helm history so + REVISION UPDATED STATUS CHART DESCRIPTION + 1 Mon Jul 5 10:05:22 2022 SUPERSEDED so-11.0.0 Install complete + 2 Mon Jul 5 10:10:55 2022 SUPERSEDED so-11.0.1 Upgrade complete + 3 Mon Jul 5 10:14:32 2022 DEPLOYED so-11.0.0 Rollback to 1 + +.. note:: + + The description field can be overridden to document actions taken or include + tracking numbers. + +Many of the ONAP components contain their own databases which are used to +record configuration or state information. The schemas of these databases may +change from version to version in such a way that data stored within the +database needs to be migrated between versions. If such a migration script is +available it can be invoked during the upgrade (or rollback) by Container +Lifecycle Hooks. Two such hooks are available, PostStart and PreStop, which +containers can access by registering a handler against one or both. Note that +it is the responsibility of the ONAP component owners to implement the hook +handlers - which could be a shell script or a call to a specific container HTTP +endpoint - following the guidelines listed on the Kubernetes site. Lifecycle +hooks are not restricted to database migration or even upgrades but can be used +anywhere specific operations need to be taken during lifecycle operations. + +OOM uses Helm K8S package manager to deploy ONAP components. Each component is +arranged in a packaging format called a chart - a collection of files that +describe a set of k8s resources. Helm allows for rolling upgrades of the ONAP +component deployed. To upgrade a component Helm release you will need an +updated Helm chart. The chart might have modified, deleted or added values, +deployment yamls, and more. To get the release name use:: + + > helm ls + +To easily upgrade the release use:: + + > helm upgrade [RELEASE] [CHART] + +To roll back to a previous release version use:: + + > helm rollback [flags] [RELEASE] [REVISION] + +For example, to upgrade the onap-so helm release to the latest SO container +release v1.1.2: + +- Edit so values.yaml which is part of the chart +- Change "so: nexus3.onap.org:10001/openecomp/so:v1.1.1" to + "so: nexus3.onap.org:10001/openecomp/so:v1.1.2" +- From the chart location run:: + + > helm upgrade onap-so + +The previous so pod will be terminated and a new so pod with an updated so +container will be created. + +.. figure:: ../../resources/images/oom_logo/oomLogoV2-Delete.png + :align: right + +Delete +====== + +Existing deployments can be partially or fully removed once they are no longer +needed. To minimize errors it is recommended that before deleting components +from a running deployment the operator perform a 'dry-run' to display exactly +what will happen with a given command prior to actually deleting anything. +For example:: + + > helm undeploy onap --dry-run + +will display the outcome of deleting the 'onap' release from the +deployment. +To completely delete a release and remove it from the internal store enter:: + + > helm undeploy onap + +Once complete undeploy is done then delete the namespace as well +using following command:: + + > kubectl delete namespace + +.. note:: + You need to provide the namespace name which you used during deployment, + below is the example:: + + > kubectl delete namespace onap + +One can also remove individual components from a deployment by changing the +ONAP configuration values. For example, to remove `so` from a running +deployment enter:: + + > helm undeploy onap-so + +will remove `so` as the configuration indicates it's no longer part of the +deployment. This might be useful if a one wanted to replace just `so` by +installing a custom version. diff --git a/docs/sections/oom_project_description.rst b/docs/sections/oom_project_description.rst new file mode 100644 index 0000000000..404a410931 --- /dev/null +++ b/docs/sections/oom_project_description.rst @@ -0,0 +1,106 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 +.. International License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2018-2020 Amdocs, Bell Canada, Orange, Samsung +.. Modification copyright (C) 2022 Nordix Foundation + +.. _oom_project_description: + +ONAP Operations Manager Project +############################### + +.. warning:: + + THIS PAGE PROB NEEDS A REWRITE ALSO + +The ONAP Operations Manager (OOM) is responsible for life-cycle management of +the ONAP platform itself; components such as SO, SDNC, etc. It is not +responsible for the management of services, VNFs or infrastructure instantiated +by ONAP or used by ONAP to host such services or VNFs. OOM uses the open-source +Kubernetes container management system as a means to manage the Docker +containers that compose ONAP where the containers are hosted either directly on +bare-metal servers or on VMs hosted by a 3rd party management system. OOM +ensures that ONAP is easily deployable and maintainable throughout its life +cycle while using hardware resources efficiently. + +.. figure:: resources/images/oom_logo/oomLogoV2-medium.png + :align: right + +In summary OOM provides the following capabilities: + +- **Deploy** - with built-in component dependency management +- **Configure** - unified configuration across all ONAP components +- **Monitor** - real-time health monitoring feeding to a Consul UI and + Kubernetes +- **Heal**- failed ONAP containers are recreated automatically +- **Scale** - cluster ONAP services to enable seamless scaling +- **Upgrade** - change-out containers or configuration with little or no + service impact +- **Delete** - cleanup individual containers or entire deployments + +OOM supports a wide variety of Kubernetes private clouds - built with Rancher, +Kubeadm or Cloudify - and public cloud infrastructures such as: Microsoft +Azure, Amazon AWS, Google GCD, VMware VIO, and OpenStack. + +The OOM documentation is broken into four different areas each targeted at a +different user: + +- :ref:`oom_dev_guide` - a guide for developers of OOM +- :ref:`oom_infra_setup_guide` - a guide for those setting up the environments that OOM will use +- :ref:`oom_deploy_guide` - a guide for those deploying OOM on an existing cloud +- :ref:`oom_user_guide` - a guide for operators of an OOM instance +- :ref:`oom_access_info_guide` - a guide for operators who require access to OOM applications + + + +The :ref:`release_notes` for OOM describe the incremental features per release. + +Component Orchestration Overview +================================ +Multiple technologies, templates, and extensible plug-in frameworks are used in +ONAP to orchestrate platform instances of software component artifacts. A few +standard configurations are provide that may be suitable for test, development, +and some production deployments by substitution of local or platform wide +parameters. Larger and more automated deployments may require integration the +component technologies, templates, and frameworks with a higher level of +automated orchestration and control software. Design guidelines are provided to +insure the component level templates and frameworks can be easily integrated +and maintained. The following diagram provides an overview of these with links +to examples and templates for describing new ones. + +.. graphviz:: + + digraph COO { + rankdir="LR"; + + { + node [shape=folder] + oValues [label="values"] + cValues [label="values"] + comValues [label="values"] + sValues [label="values"] + oCharts [label="charts"] + cCharts [label="charts"] + comCharts [label="charts"] + sCharts [label="charts"] + blueprint [label="TOSCA blueprint"] + } + {oom [label="ONAP Operations Manager"]} + {hlo [label="High Level Orchestrator"]} + + + hlo -> blueprint + hlo -> oom + oom -> oValues + oom -> oCharts + oom -> component + oom -> common + common -> comValues + common -> comCharts + component -> cValues + component -> cCharts + component -> subcomponent + subcomponent -> sValues + subcomponent -> sCharts + blueprint -> component + } diff --git a/docs/sections/release_notes/release-notes-amsterdam.rst b/docs/sections/release_notes/release-notes-amsterdam.rst new file mode 100644 index 0000000000..6fc229696c --- /dev/null +++ b/docs/sections/release_notes/release-notes-amsterdam.rst @@ -0,0 +1,75 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International +.. License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights +.. reserved. +.. _release_notes_amsterdam: + +:orphan: + +ONAP Operations Manager Release Notes +===================================== + +Version: 1.1.0 +-------------- + +:Release Date: 2017-11-16 + +**New Features** + +The Amsterdam release is the first release of the ONAP Operations Manager +(OOM). + +The main goal of the Amsterdam release was to: + + - Support Flexible Platform Deployment via Kubernetes of fully + containerized ONAP components - on any type of environment. + - Support State Management of ONAP platform components. + - Support full production ONAP deployment and any variation of component + level deployment for development. + - Platform Operations Orchestration / Control Loop Actions. + - Platform centralized logging with ELK stack. + +**Bug Fixes** + + The full list of implemented user stories and epics is available on + `JIRA `_ + This is the first release of OOM, the defects fixed in this release were + raised during the course of the release. + Anything not closed is captured below under Known Issues. If you want to + review the defects fixed in the Amsterdam release, refer to Jira link + above. + +**Known Issues** + - `OOM-6 `_ Automated platform deployment on Docker/Kubernetes + + VFC, AAF, MSB minor issues. + + Workaround: Manual configuration changes - however the reference + vFirewall use case does not currently require these components. + + - `OOM-10 `_ Platform configuration management. + + OOM ONAP Configuration Management - Handling of Secrets. + + Workaround: Automated workaround to be able to pull from protected + docker repositories. + + +**Security Issues** + N/A + + +**Upgrade Notes** + + N/A + +**Deprecation Notes** + + N/A + +**Other** + + N/A + +End of Release Notes diff --git a/docs/sections/release_notes/release-notes-beijing.rst b/docs/sections/release_notes/release-notes-beijing.rst new file mode 100644 index 0000000000..84f86c100d --- /dev/null +++ b/docs/sections/release_notes/release-notes-beijing.rst @@ -0,0 +1,427 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International +.. License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights +.. reserved. +.. _release_notes_beijing: + +:orphan: + +ONAP Operations Manager Release Notes +===================================== + +Version 2.0.0 Beijing Release +----------------------------- + +:Release Date: 2018-06-07 + +Previous Release Notes +********************** + +- :ref:`Amsterdam ` + +Epic +**** + +* [`OOM-6 `_] - Automated platform deployment on Docker/Kubernetes +* [`OOM-7 `_] - Platform monitoring and auto-healing +* [`OOM-8 `_] - Automated platform scalability +* [`OOM-9 `_] - Platform upgradability & rollbacks +* [`OOM-10 `_] - Platform configuration management +* [`OOM-46 `_] - Platform infrastructure deployment with TOSCA +* [`OOM-109 `_] - Platform Centralized Logging +* [`OOM-138 `_] - Using Optimization framework +* [`OOM-346 `_] - Platform Resiliency (including Recoverability, High-Availability, Backup/Restore, Geo-Redundancy) +* [`OOM-376 `_] - ONAP deployment options standardization +* [`OOM-486 `_] - HELM upgrade from 2.3 to 2.8.0 +* [`OOM-535 `_] - Upgrade Kubernetes from 1.8.6 to 1.9.2 +* [`OOM-590 `_] - OOM Wiki documentation of deployment options + +Story +***** + +* [`OOM-11 `_] - Add AAF containers to ONAP Kubernetes +* [`OOM-13 `_] - Add CLI containers to ONAP Kubernetes +* [`OOM-15 `_] - Add DMAAP containers to ONAP Kubernetes +* [`OOM-20 `_] - State Monitoring: MSO/mso +* [`OOM-21 `_] - State Monitoring: A&AI/aai-service +* [`OOM-22 `_] - State Monitoring: SDNC/sdc-be +* [`OOM-24 `_] - State Monitoring: message-router +* [`OOM-25 `_] - State Monitoring: MSB +* [`OOM-29 `_] - State Monitoring: VID +* [`OOM-31 `_] - State Monitoring: APPC/dbhost +* [`OOM-32 `_] - State Monitoring: VFC +* [`OOM-33 `_] - State Monitoring: Multi-VIM +* [`OOM-34 `_] - Auto-Restart on failure: ... +* [`OOM-35 `_] - State Monitoring: A&AI/hbase +* [`OOM-36 `_] - State Monitoring: A&AI/model-loader-service +* [`OOM-37 `_] - State Monitoring: APPC/dgbuilder +* [`OOM-38 `_] - State Monitoring: APPC/sdnctldb01 +* [`OOM-39 `_] - State Monitoring: APPC/sdnctldb02 +* [`OOM-40 `_] - State Monitoring: APPC/sdnhost +* [`OOM-41 `_] - State Monitoring: MSO/mariadb +* [`OOM-42 `_] - State Monitoring: SDNC/dbhost +* [`OOM-43 `_] - State Monitoring: SDNC/sdnc-dgbuilder +* [`OOM-44 `_] - State Monitoring: SDNC/sdnc-portal +* [`OOM-45 `_] - State Monitoring: SDNC/sdnctldb01 +* [`OOM-51 `_] - OOM ONAP Configuration Management - Externalize hardwired values +* [`OOM-52 `_] - OOM ONAP Configuration Management - Parameterization of docker images +* [`OOM-53 `_] - OOM ONAP Configuration Management - Parameterization for Sizing +* [`OOM-63 `_] - Kubernetes cluster created by TOSCA description +* [`OOM-85 `_] - Test the code in the "Lab" project environment +* [`OOM-86 `_] - Monitoring the health status of ONAP components +* [`OOM-87 `_] - Configure TOSCA description via dashboard +* [`OOM-88 `_] - Deploy Holmes on K8S cluster by TOSCA description +* [`OOM-89 `_] - Deploy CLAMP on K8S cluster by TOSCA description +* [`OOM-91 `_] - Deploy MSB on K8S cluster by TOSCA description +* [`OOM-92 `_] - Deploy AAF on K8S cluster by TOSCA description +* [`OOM-93 `_] - Deploy VF-C on K8S cluster by TOSCA description +* [`OOM-94 `_] - Deploy Multi-VIM on K8S cluster by TOSCA description +* [`OOM-95 `_] - Deploy DCAEGen2 on K8S cluster by TOSCA description +* [`OOM-96 `_] - Deploy AAI on K8S cluster by TOSCA description +* [`OOM-97 `_] - Deploy APPC on K8S cluster by TOSCA description +* [`OOM-98 `_] - Deploy MSO on K8S cluster by TOSCA description +* [`OOM-99 `_] - Deploy Policy on K8S cluster by TOSCA description +* [`OOM-100 `_] - Deploy SDC on K8S cluster by TOSCA description +* [`OOM-102 `_] - Deploy VID on K8S cluster by TOSCA description +* [`OOM-110 `_] - OOM ONAP Logging - Elastic Stack components deployment +* [`OOM-111 `_] - OOM ONAP Logging - FileBeat deployment aside ONAP components +* [`OOM-112 `_] - OOM ONAP Logging - Configuration of all ONAP components to emit canonical logs +* [`OOM-116 `_] - ignore intellj files +* [`OOM-145 `_] - update directory path from dockerdata-nfs to configured directory name (make it configurable) +* [`OOM-235 `_] - Service endpoint annotation for Usecase UI +* [`OOM-242 `_] - Modify DCAE seed for Helm +* [`OOM-262 `_] - Remove "oneclick" kubectl scripts. +* [`OOM-265 `_] - Top level helm chart for ONAP +* [`OOM-268 `_] - Persist and externalize database directories via persistent volumes +* [`OOM-271 `_] - Copy app config files from source +* [`OOM-272 `_] - Set application environment variables from source +* [`OOM-277 `_] - add automatic ONAP config parameter substitution +* [`OOM-280 `_] - MSB automatically re-synch service data on restart. +* [`OOM-292 `_] - Expose LOG Volume via /dockerdata-nfs +* [`OOM-293 `_] - OOM ONAP Configuration Management - Handling of Secrets +* [`OOM-298 `_] - Provide script to cleanup configuration data created by createConfig.sh +* [`OOM-322 `_] - Clean-up config files that are generated at system startup +* [`OOM-341 `_] - Provide an example of a partial deployment of ONAP components (e.g. no VFC) +* [`OOM-342 `_] - Add pointer to Wiki page on the readme file. +* [`OOM-344 `_] - Break the configuration tarball per appplication +* [`OOM-345 `_] - Re-validate # of containers and configuration for DCAEgen2 +* [`OOM-356 `_] - Add 'Usecase UI' containers to ONAP Kubernetes +* [`OOM-359 `_] - SDC logback chef failure +* [`OOM-375 `_] - F2F: ONAP/OOM for Developers +* [`OOM-382 `_] - Robot Version 1.1 OpenO tests +* [`OOM-406 `_] - In Kubernetes 1.8, the annotations are no longer supported and must be converted to the PodSpec field. +* [`OOM-457 `_] - In Kubernetes 1.8, init-container annotations to be converted to PodSpec field for aaf, clamp and vfc +* [`OOM-460 `_] - Segregating configuration of ONAP components +* [`OOM-476 `_] - Parameterize values.yaml docker image repos into global config variables +* [`OOM-528 `_] - Confirm k8s context with a prompt for deleteAll.bash +* [`OOM-534 `_] - Need to provide support for creating different sized OOM deployments +* [`OOM-546 `_] - Provide option to collect ONAP env details for issue investigations +* [`OOM-569 `_] - Investigate containerizing Cloudify Manager +* [`OOM-579 `_] - Document a Cloudify deployment of OOM Beijing +* [`OOM-633 `_] - Provide direct access to ONAP Portal without the need to use VNC +* [`OOM-677 `_] - Update all source code files with the Apache 2 License header +* [`OOM-678 `_] - Enforce MSB dockers dependencies using init-container +* [`OOM-681 `_] - updating docker images/components to latest code +* [`OOM-682 `_] - deployment of sdc workflow designer +* [`OOM-695 `_] - Improve Readiness-check prob +* [`OOM-722 `_] - OOM - Run all ONAP components in one namespace +* [`OOM-725 `_] - Use Blueprint to install Helm and k8s dashboard while creating k8s cluster +* [`OOM-727 `_] - Add Standardized Configuration to SO +* [`OOM-728 `_] - Add Standardized Configuration to ROBOT +* [`OOM-729 `_] - Add Standardized Configuration to VID +* [`OOM-730 `_] - Add Standardized Configuration to Consul +* [`OOM-731 `_] - Add Standardized Configuration to DMaaP Message Router +* [`OOM-732 `_] - Add Standardized Configuration to AAF +* [`OOM-733 `_] - Add Standardized Configuration to APPC +* [`OOM-734 `_] - Add Standardized Configuration to AAI +* [`OOM-735 `_] - Add Standardized Configuration to CLAMP +* [`OOM-736 `_] - Add Standardized Configuration to CLI +* [`OOM-737 `_] - Add Standardized Configuration to DCAEGEN2 +* [`OOM-738 `_] - Add Standardized Configuration to ESR +* [`OOM-739 `_] - Add Standardized Configuration to KUBE2MSB +* [`OOM-740 `_] - Add Standardized Configuration to LOG +* [`OOM-742 `_] - Add Standardized Configuration to MSB +* [`OOM-743 `_] - Replace deprecated MSO Helm Chart with Standardized SO Helm Chart +* [`OOM-744 `_] - Add Standardized Configuration to MULTICLOUD +* [`OOM-746 `_] - Add Standardized Configuration to PORTAL +* [`OOM-747 `_] - Add Standardized Configuration to SDC +* [`OOM-748 `_] - Add Standardized Configuration to SDNC +* [`OOM-749 `_] - Add Standardized Configuration to UUI +* [`OOM-750 `_] - Add Standardized Configuration to VFC +* [`OOM-751 `_] - Add Standardized Configuration to VNFSDK +* [`OOM-758 `_] - Common Mariadb Galera Helm Chart to be reused by many applications +* [`OOM-771 `_] - OOM - update master with new policy db deployment +* [`OOM-777 `_] - Add Standardized Configuration Helm Starter Chart +* [`OOM-779 `_] - OOM APPC ODL (MDSAL) persistent storage +* [`OOM-780 `_] - Update MSO to latest working version. +* [`OOM-786 `_] - Re-add support for multiple instances of ONAP +* [`OOM-788 `_] - Abstract docker secrets +* [`OOM-789 `_] - Abstract cluster role binding +* [`OOM-811 `_] - Make kube2msb use secret instead of passing token as environment variable +* [`OOM-822 `_] - Update Documentation for the Beijing Release +* [`OOM-823 `_] - Add CDT image to APPC chart +* [`OOM-827 `_] - Add quick start documentation README +* [`OOM-828 `_] - Remove oneclick scripts +* [`OOM-857 `_] - kube2msb fails to start +* [`OOM-914 `_] - Add LOG component robot healthcheck +* [`OOM-960 `_] - OOM Healthcheck lockdown - currently 32/39 : 20180421 +* [`OOM-979 `_] - Enhance OOM TOSCA solution to support standardized Helm Chart +* [`OOM-1006 `_] - VNFSDK healthcheck fails +* [`OOM-1073 `_] - Change the Repository location in the image oomk8s/config-init:2.0.0-SNAPSHOT +* [`OOM-1078 `_] - Update Kubectl, docker, helm version + +Task +**** + +* [`OOM-57 `_] - Agree on configuration contract/YAML with each of the project teams +* [`OOM-105 `_] - TOSCA based orchestration demo +* [`OOM-257 `_] - DevOps: OOM config reset procedure for new /dockerdata-nfs content +* [`OOM-305 `_] - Rename MSO to SO in OOM +* [`OOM-332 `_] - Add AAI filebeat container - blocked by LOG-67 +* [`OOM-428 `_] - Add log container healthcheck to mark failed creations - see OOM-427 +* [`OOM-429 `_] - DOC: Document HELM server version 2.7.2 required for tpl usage +* [`OOM-489 `_] - Update values.yaml files for tag name changes for docker images and versions. +* [`OOM-543 `_] - SDNC adjust docker pullPolicy to IfNotPresent to speed up initial deployment slowdown introduced by SDNC-163 +* [`OOM-604 `_] - Update OOM and HEAT AAI sparky master from v1.1.0 to v1.1.1 - match INT-288 +* [`OOM-614 `_] - SDC, SDNC, AAI Healthcheck failures last 12 hours 20180124:1100EST +* [`OOM-624 `_] - CII security badging: cleartext password for keystone and docker repo creds +* [`OOM-726 `_] - Mirror AAI docker version changes into OOM from AAI-791 +* [`OOM-772 `_] - Remove old DCAE from Release +* [`OOM-801 `_] - Policy docker images rename - key off new name in POLICY-674 +* [`OOM-810 `_] - Improve emsdriver code +* [`OOM-819 `_] - expose log/logstash 5044 as nodeport for external log producers outside of the kubernetes cluster +* [`OOM-820 `_] - Bypass vnc-portal for ONAP portal access +* [`OOM-943 `_] - Upgrade prepull_docker.sh to work with new helm based master refactor - post OOM-328 +* [`OOM-947 `_] - Update AAI to latest images +* [`OOM-975 `_] - Notes are missing in multicloud +* [`OOM-1031 `_] - Config Changes for consul to make vid, so, log health checks pass +* [`OOM-1032 `_] - Making consul Stateful +* [`OOM-1122 `_] - Update APPC OOM chart to use Beijing release artifacts + +Bug +*** + +* [`OOM-4 `_] - deleteAll.bash fails to properly delete services and ports +* [`OOM-153 `_] - test - Sample Bug +* [`OOM-212 `_] - deleteAll script does not have an option to delete the services +* [`OOM-215 `_] - configure_app for helm apps is not correct +* [`OOM-218 `_] - createConfig.sh needs a chmod 755 in release-1.0.0 only +* [`OOM-239 `_] - mso.tar created in dockerdatanfs +* [`OOM-258 `_] - AAI logs are not being written outside the pods +* [`OOM-282 `_] - vnc-portal requires /etc/hosts url fix for SDC sdc.ui should be sdc.api +* [`OOM-283 `_] - No longer able to deploy instances in specified namespace +* [`OOM-290 `_] - config_init pod fails when /dockerdata-nfs is nfs-mounted +* [`OOM-300 `_] - cat: /config-init/onap/mso/mso/encryption.key: No such file or directory +* [`OOM-333 `_] - vfc-workflow fails [VFC BUG] - fixed - 20180117 vfc-ztevnfmdriver has docker pull issue +* [`OOM-334 `_] - Change kubernetes startup user +* [`OOM-351 `_] - Apply standard convention across the "template deployment YML" file +* [`OOM-352 `_] - failed to start VFC containers +* [`OOM-363 `_] - DCAE tests NOK with Robot E2E tests +* [`OOM-366 `_] - certificates in consul agent config are not in the right directory +* [`OOM-389 `_] - sdc-be and sdc-fe do not initialize correctly on latest master +* [`OOM-409 `_] - Update Vid yaml file to point to the ONAPPORTAL URL +* [`OOM-413 `_] - In portal VNC pod refresh /etc/hosts entries +* [`OOM-414 `_] - MSB Healtcheck failure on $*_ENDPOINT variables +* [`OOM-424 `_] - DCAE installation is not possible today +* [`OOM-430 `_] - Portal healthcheck passing on vnc-portal down +* [`OOM-467 `_] - Optimize config-init process +* [`OOM-493 `_] - Kubernetes infrastructure for ESR +* [`OOM-496 `_] - Readiness check is marking full availability of some components like SDC and SDNC before they would pass healthcheck +* [`OOM-514 `_] - Readiness prob fails sometimes even though the relevant pods are running +* [`OOM-539 `_] - Kube2MSB registrator doesn't support https REST service registration +* [`OOM-570 `_] - Wrong value is assigned to kube2msb AUTH_TOKEN environment variable +* [`OOM-574 `_] - OOM configuration for robot does not copy heat templatese in dockerdata-nfs +* [`OOM-577 `_] - Incorrect evaluation of bash command in yaml template file (portal-vnc-dep.yaml) +* [`OOM-578 `_] - Hard coded token in oom/kubernetes/kube2msb/values.yaml file +* [`OOM-589 `_] - Can not acces CLI in vnc-portal +* [`OOM-598 `_] - createAll.bash base64: invalid option -- d +* [`OOM-600 `_] - Unable to open CLI by clicking CLI application icon +* [`OOM-630 `_] - Red herring config pod deletion error on deleteAll - after we started deleting onap-config automatically +* [`OOM-645 `_] - Kube2MSB RBAC security issues +* [`OOM-653 `_] - sdnc-dbhost-0 deletion failure +* [`OOM-657 `_] - Look into DCAEGEN2 failure on duplicate servicePort +* [`OOM-672 `_] - hardcoded clusterIP for aai breaks auto installation +* [`OOM-680 `_] - ONAP Failure install with kubernetes 1.8+ +* [`OOM-687 `_] - Typo in README_HELM +* [`OOM-724 `_] - License Update in TOSCA +* [`OOM-767 `_] - data-router-logs and elasticsearch-data mapped to same folder +* [`OOM-768 `_] - Hardcoded onap in config files +* [`OOM-769 `_] - sdc-es data mapping in sdc-be and sdc-fe redundant +* [`OOM-783 `_] - UUI health check is failing +* [`OOM-784 `_] - make new so chart one namespace compatible +* [`OOM-791 `_] - After OOM-722 merge - docker pulls are timing out - switch to pullPolicy IfNotPresent +* [`OOM-794 `_] - demo-k8s.sh name not modified in the usage string +* [`OOM-795 `_] - HEAT templates for robot instantiateVFW missing +* [`OOM-796 `_] - robot asdc/sdngc interface in synch for Master +* [`OOM-797 `_] - GLOBAL_INJECTED_SCRIPT_VERSION missing from vm_properties.py +* [`OOM-804 `_] - VFC vfc-ztevnfmdriver container failure +* [`OOM-815 `_] - OOM Robot container helm failure after OOM-728 35909 merge +* [`OOM-829 `_] - Can not make multicloud helm chart +* [`OOM-830 `_] - Fix OOM build dependencies +* [`OOM-835 `_] - CLAMP mariadb pv is pointing to a wrong location +* [`OOM-836 `_] - champ and gizmo yaml validation issue +* [`OOM-845 `_] - Global repository should not be set by default +* [`OOM-846 `_] - Add liveness enabled fix to helm starter +* [`OOM-847 `_] - log-elasticsearch external ports are not externally accessible +* [`OOM-848 `_] - log-logstash logstash pipeline fails to start after oom standard config changes +* [`OOM-851 `_] - sdc chart validation error +* [`OOM-856 `_] - appc mysql fails deployment +* [`OOM-858 `_] - Fail to deploy onap chart due to config map size +* [`OOM-870 `_] - Missing CLAMP configuration +* [`OOM-871 `_] - log kibana container fails to start after oom standard config changes +* [`OOM-872 `_] - APPC-helm Still need config pod +* [`OOM-873 `_] - OOM doc typo +* [`OOM-874 `_] - Inconsistent repository references in ONAP charts +* [`OOM-875 `_] - Cannot retrieve robot logs +* [`OOM-876 `_] - Some containers ignore the repository setting +* [`OOM-878 `_] - MySQL slave nodes don't deploy when mysql.replicaCount > 1 +* [`OOM-881 `_] - SDN-C Portal pod fails to come up +* [`OOM-882 `_] - Some SDNC service names should be prefixed with the helm release name +* [`OOM-884 `_] - VID-VID mariadb pv is pointing to a wrong location +* [`OOM-885 `_] - Beijing oom component log messages missing in Elasticsearch +* [`OOM-886 `_] - kube2msb not starting up +* [`OOM-887 `_] - SDN-C db schema and sdnctl db user not reliably being created +* [`OOM-888 `_] - aaf-cs mapping wrong +* [`OOM-889 `_] - restore pv&pvc for mysql when NFS provisioner is disabled +* [`OOM-898 `_] - Multicloud-framework config file is not volume-mounted +* [`OOM-899 `_] - SDNC main pod does not come up +* [`OOM-900 `_] - portal-cassandra missing pv and pvc +* [`OOM-904 `_] - OOM problems bringing up components and passing healthchecks +* [`OOM-905 `_] - Charts use nsPrefix instead of release namespace +* [`OOM-906 `_] - Make all services independent of helm Release.Name +* [`OOM-907 `_] - Make all persistent volume to be mapped to a location defined by helm Release.Name +* [`OOM-908 `_] - Job portal-db-config fails due to missing image config +* [`OOM-909 `_] - SO Health Check fails +* [`OOM-910 `_] - VID Health Check fails +* [`OOM-911 `_] - VFC Health Check fails for 9 components +* [`OOM-912 `_] - Multicloud Health Check fails for 1 of its components +* [`OOM-913 `_] - Consul agent pod is failing +* [`OOM-916 `_] - Used to fix testing issues related to usability +* [`OOM-918 `_] - Policy - incorrect configmap mount causes base.conf to disappear +* [`OOM-920 `_] - Issue with CLAMP configuration +* [`OOM-921 `_] - align onap/values.yaml and onap/resources/environments/dev.yaml - different /dockerdata-nfs +* [`OOM-926 `_] - Disable clustering for APP-C out-of-the-box +* [`OOM-927 `_] - Need a production grade configuration override file of ONAP deployment +* [`OOM-928 `_] - Some charts use /dockerdata-nfs by default +* [`OOM-929 `_] - DMaaP message router docker image fails to pull +* [`OOM-930 `_] - New AAF Helm Charts required +* [`OOM-931 `_] - Reintroduce VNC pod into OOM +* [`OOM-932 `_] - Unblock integration testing +* [`OOM-935 `_] - sdc-cassandra pod fails to delete using helm delete - forced kubectl delete +* [`OOM-936 `_] - Readiness-check prob version is inconsistent across components +* [`OOM-937 `_] - Portal Cassandra config map points to wrong directory +* [`OOM-938 `_] - Can't install aai alone using helm +* [`OOM-945 `_] - SDNC some bundles failing to start cleanly +* [`OOM-948 `_] - make vfc got an error +* [`OOM-951 `_] - Update APPC charts based on on changes for ccsdk and Nitrogen ODL +* [`OOM-953 `_] - switch aai haproxy/hbase repo from hub.docker.com to nexus3 +* [`OOM-958 `_] - SDC-be deployment missing environment parameter +* [`OOM-964 `_] - SDC Healthcheck failure on sdc-be and sdc-kb containers down +* [`OOM-968 `_] - warning on default deployment values.yaml +* [`OOM-969 `_] - oomk8s images have no Dockerfile's +* [`OOM-971 `_] - Common service name template should allow for chart name override +* [`OOM-974 `_] - Cassandra bootstrap is done incorrectly +* [`OOM-977 `_] - The esr-gui annotations should include a "path" param when register to MSB +* [`OOM-985 `_] - DMAAP Redis fails to start +* [`OOM-986 `_] - SDC BE and FE logs are missing +* [`OOM-989 `_] - Sync ete-k8.sh and ete.sh for new log file numbering +* [`OOM-990 `_] - AUTO.json in SDC has unreachable addresses +* [`OOM-993 `_] - AAI model-loader.properties not in sync with project file +* [`OOM-994 `_] - DCAE cloudify controller docker image 1.1.0 N/A - use 1.2.0/1.3.0 +* [`OOM-1003 `_] - dcae-cloudify-manager chart references obsolete image version +* [`OOM-1004 `_] - aai-resources constantly fails due to cassandra hostname +* [`OOM-1005 `_] - AAI Widgets not loading due to duplicate volumes +* [`OOM-1007 `_] - Update dcae robot health check config +* [`OOM-1008 `_] - Set default consul server replica count to 1 +* [`OOM-1010 `_] - Fix broken property names in DCAE input files +* [`OOM-1011 `_] - Policy config correction after Service Name changes because of OOM-906 +* [`OOM-1013 `_] - Update DCAE container versions +* [`OOM-1014 `_] - Portal login not working due to inconsistent zookeeper naming +* [`OOM-1015 `_] - Champ fails to start +* [`OOM-1016 `_] - DOC-OPS Review: Helm install command is wrong on oom_user_guide - missing namespace +* [`OOM-1017 `_] - DOC-OPS review: Docker/Kubernetes versions wrong for master in oom_cloud_setup_guide +* [`OOM-1018 `_] - DOC-OPS review: global repo override does not match git in oom quick start guide +* [`OOM-1019 `_] - DOC-OPS review: Add Ubuntu 16.04 reference to oom_user_guide to avoid 14/16 confusion +* [`OOM-1021 `_] - Update APPC resources for Nitrogen ODL +* [`OOM-1022 `_] - Fix SDC startup dependencies +* [`OOM-1023 `_] - "spring.datasource.cldsdb.url" in clamp has wrong clampdb name +* [`OOM-1024 `_] - Cassandra data not persisted +* [`OOM-1033 `_] - helm error during deployment 20180501:1900 - all builds under 2.7.2 +* [`OOM-1034 `_] - VID Ports incorrect in deployment.yaml +* [`OOM-1037 `_] - Enable CLI health check +* [`OOM-1039 `_] - Service distribution to SO fails +* [`OOM-1041 `_] - aai-service was renamed, but old references remain +* [`OOM-1042 `_] - portalapps service was renamed, but old references remain +* [`OOM-1045 `_] - top level values.yaml missing entry for dmaap chart +* [`OOM-1049 `_] - SDNC_UEB_LISTENER db +* [`OOM-1050 `_] - Impossible to deploy consul using cache docker registry +* [`OOM-1051 `_] - Fix aaf deployment +* [`OOM-1052 `_] - SO cloud config file points to Rackspace cloud +* [`OOM-1054 `_] - Portal LoadBalancer Ingress IP is on the wrong network +* [`OOM-1060 `_] - Incorrect MR Kafka references prevent aai champ from starting +* [`OOM-1061 `_] - ConfigMap size limit exceeded +* [`OOM-1064 `_] - Improve docker registry secret management +* [`OOM-1066 `_] - Updating TOSCA blueprint to sync up with helm configuration changes (add dmaap and oof/delete message-router) +* [`OOM-1068 `_] - Update SO with new AAI cert +* [`OOM-1076 `_] - some charts still using readiness check image from amsterdam 1.x +* [`OOM-1077 `_] - AAI resources and traversal deployment failure on non-rancher envs +* [`OOM-1079 `_] - Robot charts do not allow over ride of pub_key, dcae_collector_ip and dcae_collector_port +* [`OOM-1081 `_] - Remove component 'mock' from TOSCA deployment +* [`OOM-1082 `_] - Wrong pv location of dcae postgres +* [`OOM-1085 `_] - appc hostname is incorrect in url +* [`OOM-1086 `_] - clamp deployment changes /dockerdata-nfs/ReleaseName dir permissions +* [`OOM-1088 `_] - APPC returns error for vCPE restart message from Policy +* [`OOM-1089 `_] - DCAE pods are not getting purged +* [`OOM-1093 `_] - Line wrapping issue in redis-cluster-config.sh script +* [`OOM-1094 `_] - Fix postgres startup +* [`OOM-1095 `_] - common makefile builds out of order +* [`OOM-1096 `_] - node port conflict SDNC (Geo enabled) & other charts +* [`OOM-1097 `_] - Nbi needs dep-nbi - crash on make all +* [`OOM-1099 `_] - Add External Interface NBI project into OOM TOSCA +* [`OOM-1102 `_] - Incorrect AAI services +* [`OOM-1103 `_] - Cannot disable NBI +* [`OOM-1104 `_] - Policy DROOLS configuration across container restarts +* [`OOM-1110 `_] - Clamp issue when connecting Policy +* [`OOM-1111 `_] - Please revert to using VNFSDK Postgres container +* [`OOM-1114 `_] - APPC is broken in latest helm chart +* [`OOM-1115 `_] - SDNC DGBuilder cant operate on DGs in database - need NodePort +* [`OOM-1116 `_] - Correct values needed by NBI chart +* [`OOM-1124 `_] - Update OOM APPC chart to enhance AAF support +* [`OOM-1126 `_] - Incorrect Port mapping between CDT Application and APPC main application +* [`OOM-1127 `_] - SO fails healthcheck +* [`OOM-1128 `_] - AAF CS fails to start in OpenLab + +Sub-task +******** + +* [`OOM-304 `_] - Service endpoint annotation for Data Router +* [`OOM-306 `_] - Handle mariadb secrets +* [`OOM-510 `_] - Increase vm.max_map_count to 262144 when running Rancher 1.6.11+ via helm 2.6+ - for elasticsearch log mem failure +* [`OOM-512 `_] - Push the reviewed and merged ReadMe content to RTD +* [`OOM-641 `_] - Segregating of configuration for SDNC-UEB component +* [`OOM-655 `_] - Create alternate prepull script which provides more user feedback and logging +* [`OOM-753 `_] - Create Helm Sub-Chart for SO's embedded mariadb +* [`OOM-754 `_] - Create Helm Chart for SO +* [`OOM-774 `_] - Create Helm Sub-Chart for APPC's embedded mySQL database +* [`OOM-775 `_] - Create Helm Chart for APPC +* [`OOM-778 `_] - Replace NFS Provisioner with configurable PV storage solution +* [`OOM-825 `_] - Apache 2 License updation for All sqls and .js file +* [`OOM-849 `_] - Policy Nexus component needs persistent volume for /sonatype-work +* [`OOM-991 `_] - Adjust SDC-BE init job timing from 10 to 30s to avoid restarts on single node systems +* [`OOM-1036 `_] - update helm from 2.7.2 to 2.8.2 wiki/rtd +* [`OOM-1063 `_] - Document Portal LoadBalancer Ingress IP Settings + +**Security Notes** + +OOM code has been formally scanned during build time using NexusIQ and no +Critical vulnerability was found. + +Quick Links: + - `OOM project page `_ + + - `Passing Badge information for OOM `_ + + + +End of Release Notes diff --git a/docs/sections/release_notes/release-notes-casablanca.rst b/docs/sections/release_notes/release-notes-casablanca.rst new file mode 100644 index 0000000000..6b857309aa --- /dev/null +++ b/docs/sections/release_notes/release-notes-casablanca.rst @@ -0,0 +1,78 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International +.. License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights +.. reserved. +.. _release_notes_casablanca: + +:orphan: + +ONAP Operations Manager Release Notes +===================================== + +Version 3.0.0 Casablanca Release +-------------------------------- + +:Release Date: 2018-11-30 + +**Previous Release Notes** + +- :ref:`Beijing ` +- :ref:`Amsterdam ` + +Summary +------- + +The focus of this release was on incremental improvements in the following +areas: + +* Pluggable persistent storage with support for GlusterFS as the first storage + class provisioner + +* CPU and Memory limits in Helm Charts to improve Pod placement based on + resource availability in Kubernetes Cluster + +* Support of Node Selectors for Pod placement + +* Common "shared" Helm Charts referencing common images + + - mariadb-galera + - postgres + - cassandra + - mysql + - mongo + +* Integration of ARK Backup and Restore solution + +* Introduction of Helm deploy and undeploy plugins to better manage ONAP + deployments + + +**Security Notes** + +OOM code has been formally scanned during build time using NexusIQ and no +Critical vulnerability was found. + +Quick Links: + + - `OOM project page `_ + + - `Passing Badge information for OOM `_ + + +**Known Issues** + + * **Problem**: kubectl connections to pods (kubectl exec|logs) will + fail after a while due to a known bug in Kubernetes (1.11.2) + + **Workaround**: Restart of the kubelet daemons on the k8s hosts + + **Fix**: Will be delivered in the next release via a new + Kubernetes version (1.12) + + - `K8S Bug Report `_ + - `OOM-1532 `_ + - `OOM-1516 `_ + - `OOM-1520 `_ + +End of Release Notes diff --git a/docs/sections/release_notes/release-notes-dublin.rst b/docs/sections/release_notes/release-notes-dublin.rst new file mode 100644 index 0000000000..7a32297210 --- /dev/null +++ b/docs/sections/release_notes/release-notes-dublin.rst @@ -0,0 +1,83 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International +.. License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights +.. reserved. +.. _release_notes_dublin: + +:orphan: + +ONAP Operations Manager Release Notes +===================================== + +Version 4.0.0 (Dublin Release) +------------------------------ + +:Release Date: 2019-06-26 + +**Previous Release Notes** + +- :ref:`Casablanca ` +- :ref:`Beijing ` +- :ref:`Amsterdam ` + + +Summary +------- + +**Platform Resiliency** + +* Documentation of a Highly-Available Kubernetes Cluster Deployment +* Availability of a Default Storage Class Provisioner for improved Persistent + Storage resiliency +* Availability of a CNI reference integration for Multi-site support + + * applications can take advantage of multi-site by using POD and/or Node + (anti)affinity, taints/tolerations, labels per application + +**Footprint Optimization** + +* Shared MariaDB-Galera Cluster - current clients in Dublin: SO, SDNC +* Shared Cassandra Cluster - current clients in Dublin: AAI, SDC +* Optional deployment of independent clusters (backward compatibility) + +**Platform Upgradability** + +* Introduction of an Upgrade Framework supporting: + + * Automated rolling upgrades for applications + * In-place schema and data migrations + * Blue-Green deployment environment migration (e.g. Pre-prod to Prod) + * Upgrades from embedded database instance into shared database instance + +* Release-to-release upgrade support delivered for the following projects + + * A&AI + * SDNC + * SO + +**Security Notes** + +*Fixed Security Issues* + +*Known Security Issues* + +* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 `_] +* Hard coded password used for all oom deployments [`OJSI-188 `_] +* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 `_] + +*Known Vulnerabilities in Used Modules* + +OOM code has been formally scanned during build time using NexusIQ and no +Critical vulnerability was found. + +Quick Links: + + - `OOM project page `_ + + - `Passing Badge information for OOM `_ + + +**Known Issues** + +End of Release Notes diff --git a/docs/sections/release_notes/release-notes-elalto.rst b/docs/sections/release_notes/release-notes-elalto.rst new file mode 100644 index 0000000000..b4059028e5 --- /dev/null +++ b/docs/sections/release_notes/release-notes-elalto.rst @@ -0,0 +1,84 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International +.. License. +.. http://creativecommons.org/licenses/by/4.0 +.. Copyright 2017 Bell Canada & Amdocs Intellectual Property. All rights +.. reserved. +.. _release_notes_elalto: + +:orphan: + +ONAP Operations Manager Release Notes +===================================== + +Version 5.0.1 (El Alto Release) +------------------------------- + +:Release Date: 2019-10-10 + +**Previous Release Notes** + +- :ref:`Dublin ` +- :ref:`Casablanca ` +- :ref:`Beijing ` +- :ref:`Amsterdam ` + + +Summary +------- + +The focus of this release was on maintenance and as such no new features were +delivered. +A list of issues resolved in this release can be found here: https://jira.onap.org/projects/OOM/versions/10726 + +**New Features** + +**Bug Fixes** + +* 25 defects addressed (see link above) + +**Known Issues** + +The following known issues will be addressed in a future release: + +* [`OOM-1480 `_] - postgres chart does not set root password when installing on an existing database instances +* [`OOM-1966 `_] - ONAP on HA Kubernetes Cluster - Documentation update +* [`OOM-1995 `_] - Mariadb Galera cluster pods keep failing +* [`OOM-2061 `_] - Details Missing for installing the kubectl section +* [`OOM-2075 `_] - Invalid MTU for Canal CNI interfaces +* [`OOM-2080 `_] - Need for "ReadWriteMany" access on storage when deploying on Kubernetes? +* [`OOM-2091 `_] - incorrect release deployed +* [`OOM-2132 `_] - Common Galera server.cnf does not contain Camunda required settings + +**Security Notes** + +*Fixed Security Issues* + +*Known Security Issues* + +* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 `_] +* Hard coded password used for all oom deployments [`OJSI-188 `_] +* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 `_] + +*Known Vulnerabilities in Used Modules* + +OOM code has been formally scanned during build time using NexusIQ and no +Critical vulnerability was found. + +Quick Links: + + - `OOM project page `_ + + - `Passing Badge information for OOM `_ + + +Version 5.0.0 (El Alto Early Drop) +---------------------------------- + +:Release Date: 2019-08-19 + +Summary +------- + +**Software Requirements** + +* Upgraded to Kubernetes 1.15.x and Helm 1.14.x diff --git a/docs/sections/release_notes/release-notes-frankfurt.rst b/docs/sections/release_notes/release-notes-frankfurt.rst new file mode 100644 index 0000000000..c0374a6dd8 --- /dev/null +++ b/docs/sections/release_notes/release-notes-frankfurt.rst @@ -0,0 +1,152 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 + International License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) ONAP Project and its contributors +.. _release_notes_frankfurt: + +:orphan: + +************************************* +ONAP Operations Manager Release Notes +************************************* + +Previous Release Notes +====================== + +- :ref:`El Alto ` +- :ref:`Dublin ` +- :ref:`Casablanca ` +- :ref:`Beijing ` +- :ref:`Amsterdam ` + +Abstract +======== + +This document provides the release notes for the Frankfurt release. + +Summary +======= + +The focus of this release is to strengthen the foundation of OOM installer. + +Release Data +============ + ++--------------------------------------+--------------------------------------+ +| **Project** | OOM | +| | | ++--------------------------------------+--------------------------------------+ +| **Docker images** | N/A | +| | | ++--------------------------------------+--------------------------------------+ +| **Release designation** | Frankfurt | +| | | ++--------------------------------------+--------------------------------------+ +| **Release date** | 2020/06/15 | +| | | ++--------------------------------------+--------------------------------------+ + +New features +------------ + +* Ingress deployment is getting more and more usable +* Use of dynamic Persistent Volume is available + +**Bug fixes** + +A list of issues resolved in this release can be found here: +https://jira.onap.org/projects/OOM/versions/10826 + +**Known Issues** + +- `OOM-1237 `_ Source Helm Charts from + ONAP Repo. Having helm charts repo is not possible for Frankfurt release. +- `OOM-1720 `_ galera container is + outdated. containers used for mariadb are outdated and not supported anymore. +- `OOM-1817 `_ Use of global.repository + inconsistent across Helm Charts. it's then may be hard to retrieve some + containers when deploying in constrained environment. +- `OOM-2075 `_ Invalid MTU for Canal CNI + interfaces +- `OOM-2227 `_ Cassandra Backup Mechanism + works only on "static PV" mode. +- `OOM-2230 `_ Missing requests/limits + for some PODS. This can lead to "memory bombing" so cautious monitoring of + Kubernetes resources usage must be set up. +- `OOM-2279 `_ OOM El Alto and master + clamp mariadb resources doesn't match chart. +- `OOM-2285 `_ deploy.sh does not work + for mariadb-galera. deploy script doesn't behave well with "-" in the + component name. +- `OOM-2369 `_ DMAAP Helm install takes + too long and often fails. +- `OOM-2418 `_ Readiness-check 2.0.2 not + working properly for stateful set. +- `OOM-2421 `_ OOM NBI chart deployment + error. In some case, NBI deployment fails. +- `OOM-2422 `_ Portal App is unreachable + when deploying without HTTPs + + +Deliverables +------------ + +Software Deliverables +~~~~~~~~~~~~~~~~~~~~~ + + +Documentation Deliverables +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Known Limitations, Issues and Workarounds +========================================= + +Known Vulnerabilities +--------------------- + +Workarounds +----------- + +- `OOM-1237 `_ Workaround is to generate + them as explained in documentation. +- `OOM-1817 `_ Workaround is to use + offline installer if needed. +- `OOM-2227 `_ Workaround is to stick to + "static PV" (so, not using storage class) if backup is needed. +- `OOM-2285 `_ Workaround is to use + directly helm upgrade if needed. +- `OOM-2369 `_ Workaround is to play + postinstall jobs by hand. +- `OOM-2418 `_ Workaround is to use + version 2.2.2 in global part of override file if the new check is needed. +- `OOM-2421 `_ Workaround is to + undeploy/redeploy NBI. +- `OOM-2422 `_ Workaround is to create + first portal app service with service type Cluster IP then changing it to + NodePort or LoadBalancer so all the port are available. + +Security Notes +-------------- + +**Fixed Security Issues** + +- In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside + of cluster. [`OJSI-134 `_] +- CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 + [`OJSI-202 `_] + +References +========== + +For more information on the ONAP Frankfurt release, please see: + +#. `ONAP Home Page`_ +#. `ONAP Documentation`_ +#. `ONAP Release Downloads`_ +#. `ONAP Wiki Page`_ + + +.. _`ONAP Home Page`: https://www.onap.org +.. _`ONAP Wiki Page`: https://wiki.onap.org +.. _`ONAP Documentation`: https://docs.onap.org +.. _`ONAP Release Downloads`: https://git.onap.org diff --git a/docs/sections/release_notes/release-notes-guilin.rst b/docs/sections/release_notes/release-notes-guilin.rst new file mode 100644 index 0000000000..e8fda544c2 --- /dev/null +++ b/docs/sections/release_notes/release-notes-guilin.rst @@ -0,0 +1,142 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 + International License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) ONAP Project and its contributors +.. _release_notes_guilin: + +:orphan: + +************************************* +ONAP Operations Manager Release Notes +************************************* + +Previous Release Notes +====================== + +- :ref:`Frankfurt ` +- :ref:`El Alto ` +- :ref:`Dublin ` +- :ref:`Casablanca ` +- :ref:`Beijing ` +- :ref:`Amsterdam ` + +Abstract +======== + +This document provides the release notes for the Guilin release. + +Summary +======= + +The focus of this release is to strengthen the foundation of OOM installer. + +Release Data +============ + ++--------------------------------------+--------------------------------------+ +| **Project** | OOM | +| | | ++--------------------------------------+--------------------------------------+ +| **Docker images** | N/A | +| | | ++--------------------------------------+--------------------------------------+ +| **Release designation** | Guilin | +| | | ++--------------------------------------+--------------------------------------+ +| **Release date** | 2020/12/03 | +| | | ++--------------------------------------+--------------------------------------+ + +New features +------------ + +* Kubernetes support for version up to 1.19 +* Helm (experimental) support for version up to 3.3 +* Limits are set for most of the components + +**Bug fixes** + +A list of issues resolved in this release can be found here: +https://jira.onap.org/projects/OOM/versions/10826 + +**Known Issues** + +- `OOM-1237 `_ Source Helm Charts from + ONAP Repo. Having helm charts repo is not possible for Frankfurt release. +- `OOM-1720 `_ galera container is + outdated. containers used for mariadb are outdated and not supported anymore. +- `OOM-1817 `_ Use of global.repository + inconsistent across Helm Charts. it's then may be hard to retrieve some + containers when deploying in constrained environment. +- `OOM-2227 `_ Cassandra Backup Mechanism + works only on "static PV" mode. +- `OOM-2285 `_ deploy.sh does not work + for mariadb-galera. deploy script doesn't behave well with "-" in the + component name. +- `OOM-2421 `_ OOM nbi chart deployment + error +- `OOM-2534 `_ Cert-Service leverages + runtime external dependency +- `OOM-2554 `_ Common pods have java 8 +- `OOM-2588 `_ Various subcharts not + installing due to helm size issues +- `OOM-2629 `_ NetBox demo entry setup + not complete + + +Deliverables +------------ + +Software Deliverables +~~~~~~~~~~~~~~~~~~~~~ + +OOM provides `Helm charts `_ that needs to be +"compiled". + +Documentation Deliverables +~~~~~~~~~~~~~~~~~~~~~~~~~~ + + +Known Limitations, Issues and Workarounds +========================================= + +Known Vulnerabilities +--------------------- + +- Hard coded password used for all OOM deployments + [`OJSI-188 `_] + +Workarounds +----------- + +- `OOM-1237 `_ Workaround is to generate + them as explained in documentation. +- `OOM-1817 `_ Workaround is to use + offline installer if needed. +- `OOM-2227 `_ Workaround is to stick to + "static PV" (so, not using storage class) if backup is needed. +- `OOM-2285 `_ Workaround is to use + directly helm upgrade if needed. +- `OOM-2534 `_ Workaround is to download + in advance docker.io/openjdk:11-jre-slim where you will generate the charts + +Security Notes +-------------- + +**Fixed Security Issues** + +References +========== + +For more information on the ONAP Frankfurt release, please see: + +#. `ONAP Home Page`_ +#. `ONAP Documentation`_ +#. `ONAP Release Downloads`_ +#. `ONAP Wiki Page`_ + + +.. _`ONAP Home Page`: https://www.onap.org +.. _`ONAP Wiki Page`: https://wiki.onap.org +.. _`ONAP Documentation`: https://docs.onap.org +.. _`ONAP Release Downloads`: https://git.onap.org diff --git a/docs/sections/release_notes/release-notes-honolulu.rst b/docs/sections/release_notes/release-notes-honolulu.rst new file mode 100644 index 0000000000..3a7891a1ba --- /dev/null +++ b/docs/sections/release_notes/release-notes-honolulu.rst @@ -0,0 +1,155 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 + International License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) ONAP Project and its contributors +.. _release_notes_honolulu: + +:orphan: + +************************************* +ONAP Operations Manager Release Notes +************************************* + +Previous Release Notes +====================== + +- :ref:`Guilin ` +- :ref:`Frankfurt ` +- :ref:`El Alto ` +- :ref:`Dublin ` +- :ref:`Casablanca ` +- :ref:`Beijing ` +- :ref:`Amsterdam ` + +Abstract +======== + +This document provides the release notes for the Honolulu release. + +Summary +======= + +The focus of this release is to strengthen the foundation of OOM installer. + +Release Data +============ + ++--------------------------------------+--------------------------------------+ +| **Project** | OOM | +| | | ++--------------------------------------+--------------------------------------+ +| **Docker images** | N/A | +| | | ++--------------------------------------+--------------------------------------+ +| **Release designation** | Honolulu | +| | | ++--------------------------------------+--------------------------------------+ +| **Release date** | 2021/04/29 | +| | | ++--------------------------------------+--------------------------------------+ + +New features +------------ + +* Kubernetes support for version up to 1.20 +* Helm support for version up to 3.5 +* Limits are set for most of the components +* Portal-Cassandra image updated to Bitnami, supporting IPv4/IPv6 Dual Stack +* CMPv2 external issuer implemented which extends Cert-Manager with ability to + enroll X.509 certificates from CMPv2 servers +* New version for mariadb galera using Bitnami image, supporting IPv4/IPv6 Dual + Stack +* Bump version of common PostgreSQL and ElasticSearch +* Move to automatic certificates retrieval for 80% of the components +* Consistent retrieval of docker images, with ability to configure proxy for + the 4 repositories used by ONAP + +**Bug fixes** + +A list of issues resolved in this release can be found here: +https://jira.onap.org/projects/OOM/versions/11073 + +major issues solved: + +* Better handling of persistence on PostgreSQL +* Better Ingress templating +* Better Service templating + +**Known Issues** + +- `OOM-2554 `_ Common pods have java 8 +- `OOM-2435 `_ SDNC karaf shell: + log:list: Error executing command: Unrecognized configuration +- `OOM-2629 `_ NetBox demo entry setup + not complete +- `OOM-2706 `_ CDS Blueprint Processor + does not work with local DB +- `OOM-2713 `_ Problem on onboarding + custom cert to SDNC ONAP during deployment +- `OOM-2698 `_ SO helm override fails in + for value with multi-level replacement +- `OOM-2697 `_ SO with local MariaDB + deployment fails +- `OOM-2538 `_ strange error with + CertInitializer template +- `OOM-2547 `_ Health Check failures + seen after bringing down/up control plane & worker node VM instances on which + ONAP hosted +- `OOM-2699 `_ SO so-mariadb + readinessCheck fails for local MariaDB instance +- `OOM-2705 `_ SDNC DB installation fails + on local MariaDB instance +- `OOM-2603 `_ [SDNC] allign password for + scaleoutUser/restconfUser/odlUser + +Deliverables +------------ + +Software Deliverables +~~~~~~~~~~~~~~~~~~~~~ + +OOM provides `Helm charts `_ that needs to be +"compiled". + +Documentation Deliverables +~~~~~~~~~~~~~~~~~~~~~~~~~~ + + +Known Limitations, Issues and Workarounds +========================================= + +Known Vulnerabilities +--------------------- + +- Hard coded password used for all OOM deployments + [`OJSI-188 `_] +- `Hard coded certificates <../oom_hardcoded_certificates>` in Helm packages + +Workarounds +----------- + +- ``_ + Workaround is to generate a password with "short" strength or pregenerate + passwords without single quote in it. Default deployment is using "short" + password generation for mariadb. + +Security Notes +-------------- + +**Fixed Security Issues** + +References +========== + +For more information on the ONAP Frankfurt release, please see: + +#. `ONAP Home Page`_ +#. `ONAP Documentation`_ +#. `ONAP Release Downloads`_ +#. `ONAP Wiki Page`_ + + +.. _`ONAP Home Page`: https://www.onap.org +.. _`ONAP Wiki Page`: https://wiki.onap.org +.. _`ONAP Documentation`: https://docs.onap.org +.. _`ONAP Release Downloads`: https://git.onap.org diff --git a/docs/sections/release_notes/release-notes-isntanbul.rst b/docs/sections/release_notes/release-notes-isntanbul.rst new file mode 100644 index 0000000000..8cfbc16210 --- /dev/null +++ b/docs/sections/release_notes/release-notes-isntanbul.rst @@ -0,0 +1,124 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 + International License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) ONAP Project and its contributors +.. _release_notes_istanbul: + +:orphan: + +************************************* +ONAP Operations Manager Release Notes +************************************* + +Previous Release Notes +====================== + +- :ref:`Honolulu ` +- :ref:`Guilin ` +- :ref:`Frankfurt ` +- :ref:`El Alto ` +- :ref:`Dublin ` +- :ref:`Casablanca ` +- :ref:`Beijing ` +- :ref:`Amsterdam ` + +Abstract +======== + +This document provides the release notes for the Istanbul release. + +Summary +======= + + + +Release Data +============ + ++--------------------------------------+--------------------------------------+ +| **Project** | OOM | +| | | ++--------------------------------------+--------------------------------------+ +| **Docker images** | N/A | +| | | ++--------------------------------------+--------------------------------------+ +| **Release designation** | Istanbul | +| | | ++--------------------------------------+--------------------------------------+ +| **Release date** | | +| | | ++--------------------------------------+--------------------------------------+ + +New features +------------ + + +**Bug fixes** + +A list of issues resolved in this release can be found here: +https://jira.onap.org/projects/OOM/versions/11074 + + +**Known Issues** + + +Deliverables +------------ + +Software Deliverables +~~~~~~~~~~~~~~~~~~~~~ + +OOM provides `Helm charts `_ + + +Documentation Deliverables +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Known Limitations, Issues and Workarounds +========================================= + +Known Vulnerabilities +--------------------- + + +Workarounds +----------- + +- `OOM-2754 `_ + Because of *updateEndpoint* property added to *cmpv2issuer* CRD + it is impossible to upgrade platform component from Honolulu to Istanbul + release without manual steps. Actions that should be performed: + + #. Update the CRD definition:: + + > kubectl -n onap apply -f oom/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml + #. Upgrade the component:: + + > helm -n onap upgrade dev-platform oom/kubernetes/platform + #. Make sure that *cmpv2issuer* contains correct value for + *spec.updateEndpoint*. The value should be: *v1/certificate-update*. + If it's not, edit the resource:: + + > kubectl -n onap edit cmpv2issuer cmpv2-issuer-onap + + +Security Notes +-------------- + +**Fixed Security Issues** + +References +========== + +For more information on the ONAP Istanbul release, please see: + +#. `ONAP Home Page`_ +#. `ONAP Documentation`_ +#. `ONAP Release Downloads`_ +#. `ONAP Wiki Page`_ + + +.. _`ONAP Home Page`: https://www.onap.org +.. _`ONAP Wiki Page`: https://wiki.onap.org +.. _`ONAP Documentation`: https://docs.onap.org +.. _`ONAP Release Downloads`: https://git.onap.org diff --git a/docs/sections/release_notes/release-notes-jakarta.rst b/docs/sections/release_notes/release-notes-jakarta.rst new file mode 100644 index 0000000000..97621fa657 --- /dev/null +++ b/docs/sections/release_notes/release-notes-jakarta.rst @@ -0,0 +1,124 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 + International License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) ONAP Project and its contributors +.. _release_notes_jakarta: + +:orphan: + +************************************* +ONAP Operations Manager Release Notes +************************************* + +Previous Release Notes +====================== + +- :ref:`Istanbul ` +- :ref:`Honolulu ` +- :ref:`Guilin ` +- :ref:`Frankfurt ` +- :ref:`El Alto ` +- :ref:`Dublin ` +- :ref:`Casablanca ` +- :ref:`Beijing ` +- :ref:`Amsterdam ` + +Abstract +======== + +This document provides the release notes for the Jakarta release. + +Summary +======= + + + +Release Data +============ + ++--------------------------------------+--------------------------------------+ +| **Project** | OOM | +| | | ++--------------------------------------+--------------------------------------+ +| **Docker images** | N/A | +| | | ++--------------------------------------+--------------------------------------+ +| **Release designation** | Jakarta | +| | | ++--------------------------------------+--------------------------------------+ +| **Release date** | | +| | | ++--------------------------------------+--------------------------------------+ + +New features +------------ + + +**Bug fixes** + +A list of issues resolved in this release can be found here: +https://jira.onap.org/projects/OOM/versions/11498 + + +**Known Issues** + + +Deliverables +------------ + +Software Deliverables +~~~~~~~~~~~~~~~~~~~~~ + +OOM provides `Helm charts `_ + +Documentation Deliverables +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Known Limitations, Issues and Workarounds +========================================= + +Known Vulnerabilities +--------------------- + + +Workarounds +----------- + +- `OOM-2754 `_ + Because of *updateEndpoint* property added to *cmpv2issuer* CRD + it is impossible to upgrade platform component from Istanbul to Jakarta + release without manual steps. Actions that should be performed: + + #. Update the CRD definition:: + + > kubectl -n onap apply -f oom/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml + #. Upgrade the component:: + + > helm -n onap upgrade dev-platform oom/kubernetes/platform + #. Make sure that *cmpv2issuer* contains correct value for + *spec.updateEndpoint*. The value should be: *v1/certificate-update*. + If it's not, edit the resource:: + + > kubectl -n onap edit cmpv2issuer cmpv2-issuer-onap + + +Security Notes +-------------- + +**Fixed Security Issues** + +References +========== + +For more information on the ONAP Istanbul release, please see: + +#. `ONAP Home Page`_ +#. `ONAP Documentation`_ +#. `ONAP Release Downloads`_ +#. `ONAP Wiki Page`_ + + +.. _`ONAP Home Page`: https://www.onap.org +.. _`ONAP Wiki Page`: https://wiki.onap.org +.. _`ONAP Documentation`: https://docs.onap.org +.. _`ONAP Release Downloads`: https://git.onap.org diff --git a/docs/sections/release_notes/release-notes.rst b/docs/sections/release_notes/release-notes.rst new file mode 100644 index 0000000000..c26593675d --- /dev/null +++ b/docs/sections/release_notes/release-notes.rst @@ -0,0 +1,130 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 + International License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) ONAP Project and its contributors +.. _release_notes: + +************************************* +ONAP Operations Manager Release Notes +************************************* + +Previous Release Notes +====================== + +- :ref:`Jakarta ` +- :ref:`Istanbul ` +- :ref:`Honolulu ` +- :ref:`Guilin ` +- :ref:`Frankfurt ` +- :ref:`El Alto ` +- :ref:`Dublin ` +- :ref:`Casablanca ` +- :ref:`Beijing ` +- :ref:`Amsterdam ` + +Abstract +======== + +This document provides the release notes for the Jakarta release. + +Summary +======= + + + +Release Data +============ + ++--------------------------------------+--------------------------------------+ +| **Project** | OOM | +| | | ++--------------------------------------+--------------------------------------+ +| **Docker images** | N/A | +| | | ++--------------------------------------+--------------------------------------+ +| **Release designation** | Jakarta | +| | | ++--------------------------------------+--------------------------------------+ +| **Release date** | | +| | | ++--------------------------------------+--------------------------------------+ + +New features +------------ + + +**Bug fixes** + +A list of issues resolved in this release can be found here: +https://jira.onap.org/projects/OOM/versions/11498 + + +**Known Issues** + + +Deliverables +------------ + +Software Deliverables +~~~~~~~~~~~~~~~~~~~~~ + +OOM provides `Helm charts `_ + +Documentation Deliverables +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- :ref:`Project Description ` - a guide for developers of OOM +- :ref:`oom_dev_guide` - a guide for developers of OOM +- :ref:`oom_infra_setup_guide` - a guide for those setting up the environments that OOM will use +- :ref:`oom_deploy_guide` - a guide for those deploying OOM on an existing cloud +- :ref:`oom_user_guide` - a guide for operators of an OOM instance +- :ref:`oom_access_info_guide` - a guide for operators who require access to OOM applications + +Known Limitations, Issues and Workarounds +========================================= + +Known Vulnerabilities +--------------------- + + +Workarounds +----------- + +- `OOM-2754 `_ + Because of *updateEndpoint* property added to *cmpv2issuer* CRD + it is impossible to upgrade platform component from Istanbul to Jakarta + release without manual steps. Actions that should be performed: + + #. Update the CRD definition:: + + > kubectl -n onap apply -f oom/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml + #. Upgrade the component:: + + > helm -n onap upgrade dev-platform oom/kubernetes/platform + #. Make sure that *cmpv2issuer* contains correct value for + *spec.updateEndpoint*. The value should be: *v1/certificate-update*. + If it's not, edit the resource:: + + > kubectl -n onap edit cmpv2issuer cmpv2-issuer-onap + + +Security Notes +-------------- + +**Fixed Security Issues** + +References +========== + +For more information on the ONAP Istanbul release, please see: + +#. `ONAP Home Page`_ +#. `ONAP Documentation`_ +#. `ONAP Release Downloads`_ +#. `ONAP Wiki Page`_ + + +.. _`ONAP Home Page`: https://www.onap.org +.. _`ONAP Wiki Page`: https://wiki.onap.org +.. _`ONAP Documentation`: https://docs.onap.org +.. _`ONAP Release Downloads`: https://git.onap.org diff --git a/docs/sections/resources/helm/helm-search.txt b/docs/sections/resources/helm/helm-search.txt new file mode 100644 index 0000000000..75c274957b --- /dev/null +++ b/docs/sections/resources/helm/helm-search.txt @@ -0,0 +1,42 @@ +NAME CHART VERSION APP VERSION DESCRIPTION +local/onap 11.0.0 Kohn Open Network Automation Platform (ONAP) +local/aaf 11.0.0 ONAP Application Authorization Framework +local/aai 11.0.0 ONAP Active and Available Inventory +local/appc 11.0.0 Application Controller +local/cassandra 11.0.0 ONAP cassandra +local/cds 11.0.0 ONAP Controller Design Studio (CDS) +local/clamp 11.0.0 ONAP Clamp +local/cli 11.0.0 ONAP Command Line Interface +local/common 11.0.0 Common templates for inclusion in other charts +local/consul 11.0.0 ONAP Consul Agent +local/contrib 11.0.0 ONAP optional tools +local/cps 11.0.0 ONAP Configuration Persistene Service (CPS) +local/dcaegen2 11.0.0 ONAP DCAE Gen2 +local/dgbuilder 11.0.0 D.G. Builder application +local/dmaap 11.0.0 ONAP DMaaP components +local/log 11.0.0 ONAP Logging ElasticStack +local/mariadb-galera 11.0.0 Chart for MariaDB Galera cluster +local/mongo 11.0.0 MongoDB Server +local/msb 11.0.0 ONAP MicroServices Bus +local/multicloud 11.0.0 ONAP multicloud broker +local/music 11.0.0 MUSIC - Multi-site State Coordination Service +local/mysql 11.0.0 MySQL Server +local/nbi 11.0.0 ONAP Northbound Interface +local/network-name-gen 11.0.0 Name Generation Micro Service +local/nfs-provisioner 11.0.0 NFS provisioner +local/oof 11.0.0 ONAP Optimization Framework +local/policy 11.0.0 ONAP Policy Administration Point +local/pomba 11.0.0 ONAP Post Orchestration Model Based Audit +local/portal 11.0.0 ONAP Web Portal +local/postgres 11.0.0 ONAP Postgres Server +local/robot 11.0.0 A helm Chart for kubernetes-ONAP Robot +local/sdc 11.0.0 Service Design and Creation Umbrella Helm charts +local/sdnc 11.0.0 SDN Controller +local/sdnc-prom 11.0.0 ONAP SDNC Policy Driven Ownership Management +local/sniro-emulator 11.0.0 ONAP Mock Sniro Emulator +local/so 11.0.0 ONAP Service Orchestrator +local/strimzi 11.0.0 ONAP Strimzi Apache Kafka +local/uui 11.0.0 ONAP uui +local/vfc 11.0.0 ONAP Virtual Function Controller (VF-C) +local/vid 11.0.0 ONAP Virtual Infrastructure Deployment +local/vnfsdk 11.0.0 ONAP VNF SDK diff --git a/docs/sections/resources/images/consul/consulHealth.png b/docs/sections/resources/images/consul/consulHealth.png new file mode 100644 index 0000000000..cd7e730c39 Binary files /dev/null and b/docs/sections/resources/images/consul/consulHealth.png differ diff --git a/docs/sections/resources/images/k8s/kubernetes_objects.png b/docs/sections/resources/images/k8s/kubernetes_objects.png new file mode 100644 index 0000000000..768a3adb99 Binary files /dev/null and b/docs/sections/resources/images/k8s/kubernetes_objects.png differ diff --git a/docs/sections/resources/images/msb/MSB-OOM-Diagram.png b/docs/sections/resources/images/msb/MSB-OOM-Diagram.png new file mode 100644 index 0000000000..4ee878d833 Binary files /dev/null and b/docs/sections/resources/images/msb/MSB-OOM-Diagram.png differ diff --git a/docs/sections/resources/images/oom_logo/oomLogoV2-Configure.png b/docs/sections/resources/images/oom_logo/oomLogoV2-Configure.png new file mode 100644 index 0000000000..bdb1ece10c Binary files /dev/null and b/docs/sections/resources/images/oom_logo/oomLogoV2-Configure.png differ diff --git a/docs/sections/resources/images/oom_logo/oomLogoV2-Delete.png b/docs/sections/resources/images/oom_logo/oomLogoV2-Delete.png new file mode 100644 index 0000000000..10c43d2fb3 Binary files /dev/null and b/docs/sections/resources/images/oom_logo/oomLogoV2-Delete.png differ diff --git a/docs/sections/resources/images/oom_logo/oomLogoV2-Deploy.png b/docs/sections/resources/images/oom_logo/oomLogoV2-Deploy.png new file mode 100644 index 0000000000..706097cd6c Binary files /dev/null and b/docs/sections/resources/images/oom_logo/oomLogoV2-Deploy.png differ diff --git a/docs/sections/resources/images/oom_logo/oomLogoV2-Heal.png b/docs/sections/resources/images/oom_logo/oomLogoV2-Heal.png new file mode 100644 index 0000000000..97ac58e9ec Binary files /dev/null and b/docs/sections/resources/images/oom_logo/oomLogoV2-Heal.png differ diff --git a/docs/sections/resources/images/oom_logo/oomLogoV2-Monitor.png b/docs/sections/resources/images/oom_logo/oomLogoV2-Monitor.png new file mode 100644 index 0000000000..c9a184ac37 Binary files /dev/null and b/docs/sections/resources/images/oom_logo/oomLogoV2-Monitor.png differ diff --git a/docs/sections/resources/images/oom_logo/oomLogoV2-Scale.png b/docs/sections/resources/images/oom_logo/oomLogoV2-Scale.png new file mode 100644 index 0000000000..140e5ca54f Binary files /dev/null and b/docs/sections/resources/images/oom_logo/oomLogoV2-Scale.png differ diff --git a/docs/sections/resources/images/oom_logo/oomLogoV2-Upgrade.png b/docs/sections/resources/images/oom_logo/oomLogoV2-Upgrade.png new file mode 100644 index 0000000000..d51f6cfcde Binary files /dev/null and b/docs/sections/resources/images/oom_logo/oomLogoV2-Upgrade.png differ diff --git a/docs/sections/resources/images/oom_logo/oomLogoV2-medium.png b/docs/sections/resources/images/oom_logo/oomLogoV2-medium.png new file mode 100644 index 0000000000..20aea693e0 Binary files /dev/null and b/docs/sections/resources/images/oom_logo/oomLogoV2-medium.png differ diff --git a/docs/sections/resources/yaml/environments_onap_demo.yaml b/docs/sections/resources/yaml/environments_onap_demo.yaml new file mode 100644 index 0000000000..8b697cbda2 --- /dev/null +++ b/docs/sections/resources/yaml/environments_onap_demo.yaml @@ -0,0 +1,103 @@ +################################################################# +# Global configuration overrides. +# +# These overrides will affect all helm charts (ie. applications) +# that are listed below and are 'enabled'. +################################################################# +global: + # Change to an unused port prefix range to prevent port conflicts + # with other instances running within the same k8s cluster + nodePortPrefix: 302 + + # image repositories + repository: nexus3.onap.org:10001 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + # readiness check + readinessImage: onap/oom/readiness:3.0.1 + # logging agent + loggingRepository: docker.elastic.co + + # image pull policy + pullPolicy: IfNotPresent + + # override default mount path root directory + # referenced by persistent volumes and log files + persistence: + mountPath: /dockerdata + + # flag to enable debugging - application support required + debugEnabled: true + +################################################################# +# Enable/disable and configure helm charts (ie. applications) +# to customize the ONAP deployment. +################################################################# +aaf: + enabled: false +aai: + enabled: false +appc: + enabled: false +clamp: + enabled: true +cli: + enabled: false +consul: # Consul Health Check Monitoring + enabled: false +cps: + enabled: false +dcaegen2: + enabled: false +log: + enabled: false +message-router: + enabled: false +mock: + enabled: false +msb: + enabled: false +multicloud: + enabled: false +policy: + enabled: false +portal: + enabled: false +robot: # Robot Health Check + enabled: true +sdc: + enabled: false +sdnc: + enabled: false +so: # Service Orchestrator + enabled: true + + replicaCount: 1 + + liveness: + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + + # so server configuration + config: + # message router configuration + dmaapTopic: "AUTO" + # openstack configuration + openStackUserName: "vnf_user" + openStackRegion: "RegionOne" + openStackKeyStoneUrl: "http://1.2.3.4:5000" + openStackServiceTenantName: "service" + openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" + + # configure embedded mariadb + mariadb: + config: + mariadbRootPassword: password +uui: + enabled: false +vfc: + enabled: false +vid: + enabled: false +vnfsdk: + enabled: false -- cgit 1.2.3-korg