From acf8cd8ecb9a69399b2cece93bce54c3cff00052 Mon Sep 17 00:00:00 2001 From: Brian Freeman Date: Thu, 11 Jul 2019 21:52:46 -0500 Subject: Update for Keystone v3 Updates for new variables to init cloud in SO Issue-ID: OOM-1982 Change-Id: Icf4f6bafb1884bc3758fabe4072733526c79cc42 Signed-off-by: Brian Freeman --- docs/example-integration-override-v3.yaml | 64 +++++++++++++++++++++++++++++++ docs/oom_quickstart_guide.rst | 48 +++++++++++++++++++++-- 2 files changed, 109 insertions(+), 3 deletions(-) create mode 100644 docs/example-integration-override-v3.yaml (limited to 'docs') diff --git a/docs/example-integration-override-v3.yaml b/docs/example-integration-override-v3.yaml new file mode 100644 index 0000000000..659389a920 --- /dev/null +++ b/docs/example-integration-override-v3.yaml @@ -0,0 +1,64 @@ +global: + repository: 10.12.5.2:5000 + pullPolicy: IfNotPresent +################################################################# +# This override file configures openstack parameters for ONAP +################################################################# +robot: + enabled: true + flavor: large + appcUsername: "appc@appc.onap.org" + appcPassword: "demo123456!" + # KEYSTONE Version 3 Required for Rocky and beyond + openStackKeystoneAPIVersion: "v3" + # OS_AUTH_URL without the /v3 from the openstack .RC file + openStackKeyStoneUrl: "http://10.12.25.2:5000" + # OS_PROJECT_ID from the openstack .RC file + openStackTenantId: "09d8566ea45e43aa974cf447ed591d77" + # OS_USERNAME from the openstack .RC file + openStackUserName: "OS_USERNAME_HERE" + # OS_PROJECT_DOMAIN_ID from the openstack .RC file + # in some environments it is a string but in other environmens it may be a numeric + openStackDomainId: "default" + # OS_USER_DOMAIN_NAME from the openstack .RC file + openStackUserDomain: "Default" + openStackProjectName: "OPENSTACK_PROJECT_NAME_HERE" + ubuntu14Image: "ubuntu-14-04-cloud-amd64" + ubuntu16Image: "ubuntu-16-04-cloud-amd64" + openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4" + openStackPrivateNetId: "83c84b68-80be-4990-8d7f-0220e3c6e5c8" + openStackPrivateSubnetId: "e571c1d1-8ac0-4744-9b40-c3218d0a53a0" + openStackPrivateNetCidr: "10.0.0.0/16" + openStackOamNetworkCidrPrefix: "10.0" + openStackSecurityGroup: "bbe028dc-b64f-4f11-a10f-5c6d8d26dc89" + dcaeCollectorIp: "10.12.6.109" + vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh" + demoArtifactsVersion: "1.4.0" + demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" + scriptVersion: "1.4.0" + rancherIpAddress: "10.12.6.160" + config: + # use the python utility to encrypt the OS_PASSWORD for the OS_USERNAME + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PYTHON_PASSWORD_HERE_XXXXXXXXXXXXXXXX" + openStackSoEncryptedPassword: "YYYYYYYYYYYYYYYYYYYYYYYY_OPENSTACK_JAVA_PASSWORD_HERE_YYYYYYYYYYYYYYYY" +so: + enabled: true + so-catalog-db-adapter: + config: + openStackUserName: "OS_USERNAME_HERE" + # OS_AUTH_URL (keep the /v3) from the openstack .RC file + openStackKeyStoneUrl: "http://10.12.25.2:5000/v3" + # use the SO Java utility to encrypt the OS_PASSWORD for the OS_USERNAME + openStackEncryptedPasswordHere: "YYYYYYYYYYYYYYYYYYYYYYYY_OPENSTACK_JAVA_PASSWORD_HERE_YYYYYYYYYYYYYYYY" +appc: + enabled: true + replicaCount: 3 + config: + enableClustering: true + openStackType: "OpenStackProvider" + openStackName: "OpenStack" + openStackKeyStoneUrl: "http://10.12.25.2:5000/v3" + openStackServiceTenantName: "OPENSTACK_PROJECT_NAME_HERE" + openStackDomain: "OPEN_STACK_DOMAIN_NAME_HERE" + openStackUserName: "OS_USER_NAME_HERE" + openStackEncryptedPassword: "OPENSTACK_CLEAR_TEXT_PASSWORD_HERE" diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index a641fabf60..bd5e3eeee6 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -30,7 +30,7 @@ file like onap-all.yaml, onap-vfw.yaml or openstack.yaml file to suit your deplo OpenStack tenant information. .. note:: - Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in + Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in the oom/kubernetes/onap/resources/overrides/ directory. @@ -77,23 +77,65 @@ Java encryption library is not easy to integrate with openssl/python that ROBOT uses in Dublin. .. note:: - To generate SO openStackEncryptedPasswordHere : + To generate SO openStackEncryptedPasswordHere and openStackSoEncryptedPassword: + + SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key` - SO_ENCRYPTION_KEY=`cat ~/oom/kubenertes/so/resources/config/mso/encrypt.key` OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX git clone http://gerrit.onap.org/r/integration cd integration/deployment/heat/onap-rke/scripts + + javac Crypto.java + + [ if javac is not installed 'apt-get update ; apt-get install default-jdk' ] + java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY" d. Update the OpenStack parameters: +There are assumptions in the demonstration VNF heat templates about the networking +available in the environment. To get the most value out of these templates and the +automation that can help confirm the setup is correct, please observe the following +constraints. + +openStackPublicNetId: + +This network should allow heat templates to add interfaces. +This need not be an external network, floating IPs can be assigned to the ports on +the VMs that are created by the heat template but its important that neutron allow +ports to be created on them. + +openStackPrivateNetCidr: "10.0.0.0/16" + +This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity. +The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the +demonstration ip addressing plan embodied in the preload template prevent conflicts when +instantiating the various VNFs. If you need to change this, you will need to modify the preload +data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data +in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect +to create. + +openStackOamNetworkCidrPrefix: "10.0" + +This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the +robot scripts for demonstration. A production deployment need not worry about this +setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix. + + +Example Keystone v2.0 .. literalinclude:: example-integration-override.yaml :language: yaml +Example Keystone v3 (required for Rocky and later releases) +.. literalinclude:: example-integration-override-v3.yaml + :language: yaml + + + **Step 4.** To setup a local Helm server to server up the ONAP charts:: > helm serve & -- cgit 1.2.3-korg