blob: 3b198cf1d682d5f43d5685680a3dae0adb73c4ae (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
.. This work is licensed under a Creative Commons Attribution 4.0
.. International License.
.. http://creativecommons.org/licenses/by/4.0
.. Copyright (C) 2022 Nordix Foundation
.. Links
.. _Kubernetes: https://kubernetes.io/
.. _Kubernetes best practices: https://kubernetes.io/docs/setup/best-practices/cluster-large/
.. _kubelet config guide: https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/
ONAP Deployment Options
=======================
OOM supports 2 different deployment options of ONAP.
- Development Setup
- Production Setup
In the following sections describe the different setups.
Development setup
-----------------
The development setup deploys ONAP components exposing its external services
via NodePorts and without TLS termination and internal traffic encryption.
Production setup
----------------
The production setup deploys ONAP components exposing its external services
via Ingress with TLS termination.
Internal traffic encryption will be ensured by using Istio ServiceMesh.
.. figure:: ../../resources/images/servicemesh/ServiceMesh.png
:align: center
For external access we propose to establish Authentication via Oauth2-proxy
and Keycloak which is described in this document.
|
