From ed5ff714fac29651318868a65267030e3c31c3ee Mon Sep 17 00:00:00 2001 From: Mike Elliott Date: Wed, 7 Nov 2018 15:47:19 -0500 Subject: Update OOM docs for Casablanca Updating release notes, Helm and K8s versions and started documenting use of (un)deploy plugins. Change-Id: Ia51db5f1489e8d63fd7e1f10e80174eb9f182f0f Issue-ID: OOM-1497 Signed-off-by: Mike Elliott --- docs/onap_values.yaml | 104 -------------------------- docs/oom_cloud_setup_guide.rst | 29 ++++---- docs/oom_quickstart_guide.rst | 133 ++++------------------------------ docs/oom_setup_kubernetes_rancher.rst | 9 ++- docs/oom_user_guide.rst | 16 ++-- docs/openstack-k8s-node.sh | 2 +- docs/openstack-rancher.sh | 4 +- docs/release-notes.rst | 31 ++++++++ 8 files changed, 76 insertions(+), 252 deletions(-) delete mode 100644 docs/onap_values.yaml (limited to 'docs') diff --git a/docs/onap_values.yaml b/docs/onap_values.yaml deleted file mode 100644 index 663b05fb84..0000000000 --- a/docs/onap_values.yaml +++ /dev/null @@ -1,104 +0,0 @@ -################################################################# -# Global configuration overrides. -# -# These overrides will affect all helm charts (ie. applications) -# that are listed below and are 'enabled'. -################################################################# -global: - # Change to an unused port prefix range to prevent port conflicts - # with other instances running within the same k8s cluster - nodePortPrefix: 302 - - # image repositories - repository: nexus3.onap.org:10001 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== - # readiness check - readinessRepository: oomk8s - # logging agent - loggingRepository: docker.elastic.co - - # image pull policy - pullPolicy: Always - - # default mount path root directory referenced - # by persistent volumes and log files - persistence: - mountPath: /dockerdata-nfs - - # flag to enable debugging - application support required - debugEnabled: false - - -################################################################# -# Enable/disable and configure helm charts (ie. applications) -# to customize the ONAP deployment. -################################################################# -aaf: - enabled: true -aai: - enabled: true -appc: - enabled: true -clamp: - enabled: true -cli: - enabled: true -consul: # Consul Health Check Monitoring - enabled: true -dcaegen2: - enabled: true -esr: - enabled: true -log: # ONAP Logging ElasticStack - enabled: true -message-router: - enabled: true -mock: - enabled: true -msb: - enabled: true -multicloud: - enabled: true -policy: - enabled: true -portal: - enabled: true -robot: # Robot Health Check - enabled: true -sdc: - enabled: true -sdnc: - enabled: true -so: # Service Orchestrator - enabled: true - - replicaCount: 1 - - liveness: - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - - # so server configuration - config: - # message router configuration - dmaapTopic: "AUTO" - # openstack configuration - openStackUserName: "vnf_user" - openStackRegion: "RegionOne" - openStackKeyStoneUrl: "http://1.2.3.4:5000" - openStackServiceTenantName: "service" - openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" - - # configure embedded mariadb - mariadb: - config: - mariadbRootPassword: password -uui: - enabled: true -vfc: - enabled: true -vid: - enabled: true -vnfsdk: - enabled: true diff --git a/docs/oom_cloud_setup_guide.rst b/docs/oom_cloud_setup_guide.rst index 4fe943cf18..9fb3ab73b1 100644 --- a/docs/oom_cloud_setup_guide.rst +++ b/docs/oom_cloud_setup_guide.rst @@ -45,34 +45,33 @@ The versions of Kubernetes that are supported by OOM are as follows: .. table:: OOM Software Requirements - ============== ========== ===== ======= ======== - Release Kubernetes Helm kubectl Docker - ============== ========== ===== ======= ======== - amsterdam 1.7.x 2.3.x 1.7.x 1.12.x - beijing 1.8.10 2.8.2 1.8.10 17.03.x - casablanca/master 1.8.10 2.9.1 1.8.10 17.03.x - ============== ========== ===== ======= ======== + ============== =========== ===== ======== ======== + Release Kubernetes Helm kubectl Docker + ============== =========== ===== ======== ======== + amsterdam 1.7.x 2.3.x 1.7.x 1.12.x + beijing 1.8.10 2.8.2 1.8.10 17.03.x + casablanca 1.11.2 2.9.1 1.11.2 17.03.x + ============== =========== ===== ======== ======== Minimum Hardware Configuration ============================== -The minimum hardware requirements are provided below. Note that although ONAP -may operate on a single node as described production deployments will need at -least three if not six nodes to ensure there is no single point of failure. +The hardware requirements are provided below. Note that this is for a +full ONAP deployment (all components). Customizing ONAP to deploy only +components that are needed will drastically reduce the requirements. .. table:: OOM Hardware Requirements ===== ===== ====== ==================== RAM HD vCores Ports ===== ===== ====== ==================== - 128GB 160GB 32 0.0.0.0/0 (all open) + 224GB 160GB 112 0.0.0.0/0 (all open) ===== ===== ====== ==================== .. note:: - Kubernetes supports a maximum of 110 pods per node which forces one to use at - least two nodes to deploy all of ONAP although at least three are recommended - (for example 4x32GB - 8 vCores each). Subsets of ONAP may still be deployed - on a single node. + Kubernetes supports a maximum of 110 pods per node. The use of many small + nodes is preferred over a few larger nodes (for example 14x16GB - 8 vCores each). + Subsets of ONAP may still be deployed on a single node. Cloud Installation ================== diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index 077e7e7e1c..0029d5fb9a 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -16,119 +16,18 @@ available), follow the following instructions to deploy ONAP. **Step 1.** Clone the OOM repository from ONAP gerrit:: - > git clone -b beijing http://gerrit.onap.org/r/oom + > git clone -b casablanca http://gerrit.onap.org/r/oom > cd oom/kubernetes +**Step 2.** Install Helm Plugins required to deploy the ONAP Casablanca release:: + sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm -**Step 2.** Customize the onap/values.yaml file to suit your deployment. You +**Step 3.** Customize the onap/values.yaml file to suit your deployment. You may want to selectively enable or disable ONAP components by changing the `enabled: true/false` flags as shown below: -.. code-block:: yaml - - ################################################################# - # Global configuration overrides. - # - # These overrides will affect all helm charts (ie. applications) - # that are listed below and are 'enabled'. - ################################################################# - global: - # Change to an unused port prefix range to prevent port conflicts - # with other instances running within the same k8s cluster - nodePortPrefix: 302 - - # image repositories - repository: nexus3.onap.org:10001 - repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== - # readiness check - readinessRepository: oomk8s - # logging agent - loggingRepository: docker.elastic.co - - # image pull policy - pullPolicy: Always - - # default mount path root directory referenced - # by persistent volumes and log files - persistence: - mountPath: /dockerdata-nfs - - # flag to enable debugging - application support required - debugEnabled: false - - ################################################################# - # Enable/disable and configure helm charts (ie. applications) - # to customize the ONAP deployment. - ################################################################# - aaf: - enabled: true - aai: - enabled: true - appc: - enabled: true - clamp: - enabled: true - cli: - enabled: true - consul: # Consul Health Check Monitoring - enabled: true - dcaegen2: - enabled: true - esr: - enabled: true - log: - enabled: true - message-router: - enabled: true - mock: - enabled: true - msb: - enabled: true - multicloud: - enabled: true - policy: - enabled: true - portal: - enabled: true - robot: # Robot Health Check - enabled: true - sdc: - enabled: true - sdnc: - enabled: true - so: # Service Orchestrator - enabled: true - - replicaCount: 1 - - liveness: - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - - # so server configuration - config: - # message router configuration - dmaapTopic: "AUTO" - # openstack configuration - openStackUserName: "vnf_user" - openStackRegion: "RegionOne" - openStackKeyStoneUrl: "http://1.2.3.4:5000" - openStackServiceTenantName: "service" - openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" - - # configure embedded mariadb - mariadb: - config: - mariadbRootPassword: password - uui: - enabled: true - vfc: - enabled: true - vid: - enabled: true - vnfsdk: - enabled: true +.. literalinclude:: onap-values.yaml + :language: yaml .. note:: To generate openStackEncryptedPasswordHere : @@ -154,18 +53,12 @@ follows:: **Step 5.** Build a local Helm repository (from the kubernetes directory):: - > make all + > make all; make onap **Step 6.** Display the charts that available to be deployed:: > helm search -l - NAME VERSION DESCRIPTION - local/appc 2.0.0 Application Controller - local/clamp 2.0.0 ONAP Clamp - local/common 2.0.0 Common templates for inclusion in other charts - local/onap 2.0.0 Open Network Automation Platform (ONAP) - local/robot 2.0.0 A helm Chart for kubernetes-ONAP Robot - local/so 2.0.0 ONAP Service Orchestrator +.. literalinclude:: helm-search.txt .. note:: The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository. @@ -173,11 +66,15 @@ follows:: **Step 7.** Once the repo is setup, installation of ONAP can be done with a single command:: - > helm install local/onap -n dev --namespace onap + > helm deploy dev local/onap --namespace onap -.. note:: - The requirement for the use of the `onap` namespace will be lifted once the OOM team completes their Beijing deveivers. Use the following to monitor your deployment and determine when ONAP is ready for use:: > kubectl get pods --all-namespaces -o=wide + +Undeploying onap can be done using the following command:: + > helm undeploy dev --purge + + +More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins \ No newline at end of file diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst index a20c0dfe96..fddccf8068 100644 --- a/docs/oom_setup_kubernetes_rancher.rst +++ b/docs/oom_setup_kubernetes_rancher.rst @@ -48,7 +48,7 @@ Select "No" on "Create New Volume" Select Flavor ------------- Known issues exist if flavor is too small for Rancher. Please select a flavor -with at least 4 vCPU and 8GB ram. +with at least 4 vCPU and 8GB ram. A size of 8 vCPU and 16GB ram is recommended. .. image:: Rancher-Select_Flavor.jpeg @@ -88,7 +88,7 @@ This customization script will: * install nfs server .. note:: - The Beijing release of OOM only supports Helm 2.8.2 not the 2.7.2 shown in + The Casablanca release of OOM only supports Helm 2.9.1 not the 2.7.2 shown in the screen capture below. The supported versions of all the software components are listed in the :ref:`cloud-setup-guide-label`. @@ -133,8 +133,9 @@ Select Flavor The size of a Kubernetes host depends on the size of the ONAP deployment that will be installed. -As of the Beijing release a minimum of 3 x 32GB hosts will be needed to run a -full ONAP deployment (all components). +As of the Casablanca release a minimum 224GB will be needed to run a +full ONAP deployment (all components). It is recommended that more hosts are used +with fewer resources instead of only a few large hosts. For example 14 x 16GB hosts. If a small subset of ONAP components are being deployed for testing purposes, then a single 16GB or 32GB host should suffice. diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index db410a69aa..cac2710869 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -108,7 +108,7 @@ stable which should be removed to avoid confusion:: To prepare your system for an installation of ONAP, you'll need to:: - > git clone -b beijing http://gerrit.onap.org/r/oom + > git clone -b casablanca http://gerrit.onap.org/r/oom > cd oom/kubernetes @@ -282,7 +282,7 @@ value for the vnfDeployment/openstack/oam_network_cidr key as shown below. To deploy ONAP with this environment file, enter:: - > helm install local/onap -n beijing -f environments/onap-production.yaml + > helm deploy local/onap -n casablanca -f environments/onap-production.yaml .. include:: environments_onap_demo.yaml :code: yaml @@ -572,14 +572,14 @@ sequence of events described in the previous paragraph would be initiated. For example, to upgrade a container by changing configuration, specifically an environment value:: - > helm upgrade beijing onap/so --version 2.0.1 --set enableDebug=true + > helm deploy casablanca onap/so --version 2.0.1 --set enableDebug=true Issuing this command will result in the appropriate container being stopped by Kubernetes and replaced with a new container with the new environment value. To upgrade a component to a new version with a new configuration file enter:: - > helm upgrade beijing onap/so --version 2.0.2 -f environments/demo.yaml + > helm deploy casablanca onap/so --version 2.0.2 -f environments/demo.yaml To fetch release history enter:: @@ -672,18 +672,18 @@ from a running deployment the operator perform a 'dry-run' to display exactly what will happen with a given command prior to actually deleting anything. For example:: - > helm delete --dry-run beijing + > helm undeploy casablanca --dry-run -will display the outcome of deleting the 'beijing' release from the deployment. +will display the outcome of deleting the 'casablanca' release from the deployment. To completely delete a release and remove it from the internal store enter:: - > helm delete --purge beijing + > helm undeploy casablanca --purge One can also remove individual components from a deployment by changing the ONAP configuration values. For example, to remove `so` from a running deployment enter:: - > helm upgrade beijing osn/onap --set so.enabled=false + > helm undeploy casablanca-so --purge will remove `so` as the configuration indicates it's no longer part of the deployment. This might be useful if a one wanted to replace just `so` by diff --git a/docs/openstack-k8s-node.sh b/docs/openstack-k8s-node.sh index 66dc629398..b8462aa5e9 100644 --- a/docs/openstack-k8s-node.sh +++ b/docs/openstack-k8s-node.sh @@ -1,7 +1,7 @@ #!/bin/bash DOCKER_VERSION=17.03 -KUBECTL_VERSION=1.8.10 +KUBECTL_VERSION=1.11.2 HELM_VERSION=2.9.1 # setup root access - default login: oom/oom - comment out to restrict access too ssh key only diff --git a/docs/openstack-rancher.sh b/docs/openstack-rancher.sh index 1f1d2e4639..bcf542aedc 100644 --- a/docs/openstack-rancher.sh +++ b/docs/openstack-rancher.sh @@ -1,8 +1,8 @@ #!/bin/bash DOCKER_VERSION=17.03 -RANCHER_VERSION=1.6.18 -KUBECTL_VERSION=1.8.10 +RANCHER_VERSION=1.6.22 +KUBECTL_VERSION=1.11.2 HELM_VERSION=2.9.1 # setup root access - default login: oom/oom - comment out to restrict access too ssh key only diff --git a/docs/release-notes.rst b/docs/release-notes.rst index c87eee0114..a54dd79744 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -8,6 +8,37 @@ Release Notes ============= +Version 3.0.0 Casablanca Release +-------------------------------- + +:Release Date: 2018-11-30 + +Summary +======= + +The focus of this release was on incremental improvements in the following areas: +- Pluggable persistent storage with support for GlusterFS as the first storage class provisioner +- CPU and Memory limits in Helm Charts to improve Pod placement based on resource availablity in Kubernetes Cluster +- Support of Node Selectors for Pod placement +- Common "shared" Helm Charts referencing common images + - mariadb-galera cluster + - postgres cluster + - cassandra + - mysql + - mongodb +- Integration of ARK Backup and Restore solution +- Introduction of Helm deploy and undeploy plugins to better manage ONAP deployments + + +**Security Notes** + +OOM code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found. + +Quick Links: + - `OOM project page `_ + + - `Passing Badge information for OOM `_ + Version 2.0.0 Beijing Release ----------------------------- -- cgit 1.2.3-korg From a4007dd6135b3d2fe02d5ce7e88ded68155403cd Mon Sep 17 00:00:00 2001 From: andreasgeissler Date: Thu, 29 Nov 2018 11:44:29 +0000 Subject: Added Known Issue Added Workaround for known Kubernetes problem Issue-ID: OOM-1532 Change-Id: Idc0d9c882c4992a6db68e66ac43bad25566a8270 Signed-off-by: andreasgeissler --- docs/release-notes.rst | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'docs') diff --git a/docs/release-notes.rst b/docs/release-notes.rst index a54dd79744..77929b7ff4 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -39,6 +39,15 @@ Quick Links: - `Passing Badge information for OOM `_ + +**Known Issues** + +Problem: kubectl connections to pods (kubectl exec|logs) will fail after a while due to a known bug in Kubernetes +Workaround: Restart of the kubelet daemons on the k8s hosts +Fix: Will be delivered in the next release via a new Kubernetes version +- `OOM-1532 `_ + + Version 2.0.0 Beijing Release ----------------------------- -- cgit 1.2.3-korg From f92f643cccdf90ab3cc92c16e8ff89061e280a0a Mon Sep 17 00:00:00 2001 From: andreasgeissler Date: Thu, 29 Nov 2018 14:45:24 +0000 Subject: Update Known Issue Updated the workaround and added links to k8s ticket and OOM issues related Issue-ID: OOM-1532 Change-Id: I43c1e23b1310dac4ae19d0b9c7fc07167da4f053 Signed-off-by: andreasgeissler --- docs/release-notes.rst | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 77929b7ff4..b8e52fe9d1 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -42,10 +42,13 @@ Quick Links: **Known Issues** -Problem: kubectl connections to pods (kubectl exec|logs) will fail after a while due to a known bug in Kubernetes +Problem: kubectl connections to pods (kubectl exec|logs) will fail after a while due to a known bug in Kubernetes (1.11.2) Workaround: Restart of the kubelet daemons on the k8s hosts -Fix: Will be delivered in the next release via a new Kubernetes version +Fix: Will be delivered in the next release via a new Kubernetes version (1.12) +- `K8S Bug Report `_ - `OOM-1532 `_ +- `OOM-1516 `_ +- `OOM-1520 `_ Version 2.0.0 Beijing Release -- cgit 1.2.3-korg From 3c8ecaca5fa50a8ee1fe26f6f59be8feff4dc343 Mon Sep 17 00:00:00 2001 From: Mike Elliott Date: Thu, 29 Nov 2018 13:25:57 -0500 Subject: Update format of release summary Change-Id: Ic0f0d402aee990ebe65d11c1b64e3beb7e1f9257 Issue-ID: OOM-1498 Signed-off-by: Mike Elliott --- docs/release-notes.rst | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'docs') diff --git a/docs/release-notes.rst b/docs/release-notes.rst index b8e52fe9d1..3e8a1be1b7 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -17,17 +17,17 @@ Summary ======= The focus of this release was on incremental improvements in the following areas: -- Pluggable persistent storage with support for GlusterFS as the first storage class provisioner -- CPU and Memory limits in Helm Charts to improve Pod placement based on resource availablity in Kubernetes Cluster -- Support of Node Selectors for Pod placement -- Common "shared" Helm Charts referencing common images - - mariadb-galera cluster - - postgres cluster +* Pluggable persistent storage with support for GlusterFS as the first storage class provisioner +* CPU and Memory limits in Helm Charts to improve Pod placement based on resource availablity in Kubernetes Cluster +* Support of Node Selectors for Pod placement +* Common "shared" Helm Charts referencing common images + - mariadb-galera + - postgres - cassandra - mysql - - mongodb -- Integration of ARK Backup and Restore solution -- Introduction of Helm deploy and undeploy plugins to better manage ONAP deployments + - mongo +* Integration of ARK Backup and Restore solution +* Introduction of Helm deploy and undeploy plugins to better manage ONAP deployments **Security Notes** -- cgit 1.2.3-korg From 4a618bad8be5ab9936e440f147bef538fdf8879b Mon Sep 17 00:00:00 2001 From: andreasgeissler Date: Fri, 30 Nov 2018 14:20:46 +0000 Subject: Add missing notes to etc/hosts Added missing entries in the /etc/hosts to use the portal and hints to use the HTTPS URL Issue-ID: OOM-1368 Change-Id: I48b1c88cec7b91bf37cb696b11c6de29e4c7458d Signed-off-by: andreasgeissler --- docs/oom_user_guide.rst | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index cac2710869..ea658f0893 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -381,16 +381,31 @@ below:: 10.12.6.155 portal.api.simpledemo.onap.org 10.12.6.155 vid.api.simpledemo.onap.org 10.12.6.155 sdc.api.fe.simpledemo.onap.org + 10.12.6.155 sdc.workflow.plugin.simpledemo.onap.org + 10.12.6.155 sdc.dcae.plugin.simpledemo.onap.org 10.12.6.155 portal-sdk.simpledemo.onap.org 10.12.6.155 policy.api.simpledemo.onap.org 10.12.6.155 aai.api.sparky.simpledemo.onap.org 10.12.6.155 cli.api.simpledemo.onap.org 10.12.6.155 msb.api.discovery.simpledemo.onap.org + 10.12.6.155 msb.api.simpledemo.onap.org + 10.12.6.155 clamp.api.simpledemo.onap.org + 10.12.6.155 so.api.simpledemo.onap.org Ensure you've disabled any proxy settings the browser you are using to access -the portal and then simply access the familiar URL: -http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/login.htm +the portal and then simply access now the new ssl-encrypted URL: +https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm +.. note:: + Using the HTTPS based Portal URL the Browser needs to be configured to accept + unsecure credentials. + Additionally when opening an Application inside the Portal, the Browser + might block the content, which requires to disable the blocking and reloading + of the page + +.. note:: + Besides the ONAP Portal the Components can deliver additional user interfaces, + please check the Component specific documentation. .. note:: -- cgit 1.2.3-korg