bin/install

   1 #!/bin/bash
   2 ################################################################################
   3 #   Copyright (c) 2019 AT&T Intellectual Property.                             #
   4 #   Copyright (c) 2019 Nokia.                                                  #
   5 #   Copyright (c) 2021 HCL Technologies Limited.                               #
   6 #                                                                              #
   7 #   Licensed under the Apache License, Version 2.0 (the "License");            #
   8 #   you may not use this file except in compliance with the License.           #
   9 #   You may obtain a copy of the License at                                    #
  10 #                                                                              #
  11 #       http://www.apache.org/licenses/LICENSE-2.0                             #
  12 #                                                                              #
  13 #   Unless required by applicable law or agreed to in writing, software        #
  14 #   distributed under the License is distributed on an "AS IS" BASIS,          #
  15 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
  16 #   See the License for the specific language governing permissions and        #
  17 #   limitations under the License.                                             #
  18 ################################################################################
  19
  20 function wait_for_pods() {
  21   echo -n "waiting for $1 pods to run"
  22
  23   STILL_WAITING=true
  24   while $STILL_WAITING; do
  25       STILL_WAITING=false
  26       PODS=$(kubectl get pods -n $2 2>/dev/null | grep $1 | awk '{print $1}')
  27       if [ -z $PODS ]; then
  28         STILL_WAITING=true
  29         sleep 1
  30         echo -n "."
  31       fi
  32       for POD in ${PODS}; do
  33         if [[ $(kubectl get pod ${POD} -n $2 -o go-template --template "{{.status.phase}}") != "Running" ]]; then
  34             STILL_WAITING=true
  35             sleep 1
  36             echo -n "."
  37             break
  38         fi
  39       done
  40   done
  41
  42   echo
  43 }
  44
  45 function wait_for_cats() {
  46   echo -n "waiting for $1 daemonset to complete"
  47
  48   STILL_WAITING=true
  49   while $STILL_WAITING; do
  50       STILL_WAITING=false
  51       PODS=$(kubectl get pods -n $2 | grep $1 | awk '{print $1}')
  52       for POD in ${PODS}; do
  53         if [[ $(kubectl logs ${POD} -n $2 --tail 1) != "done" ]]; then
  54             STILL_WAITING=true
  55             sleep 1
  56             echo -n "."
  57             break
  58         fi
  59       done
  60   done
  61
  62   echo
  63 }
  64
  65 KERNEL_OPTIMIZATION=false
  66 IS_HELM3=$(helm version --short|grep -e "^v3")
  67
  68 while [ -n "$1" ]; do # while loop starts
  69
  70     case "$1" in
  71
  72     -f) OVERRIDEYAML=$2
  73         shift
  74         ;;
  75     -c) LIST_OF_COMPONENTS=$2
  76         shift
  77         ;;
  78     -o) KERNEL_OPTIMIZATION=true
  79         ;;
  80     *) echo "Option $1 not recognized" ;; # In case you typed a different option other than a,b,c
  81
  82     esac
  83
  84     shift
  85
  86 done
  87
  88 if [ -z "$OVERRIDEYAML" ];then
  89     echo "****************************************************************************************************************"
  90     echo "                                                     ERROR                                                      "
  91     echo "****************************************************************************************************************"
  92     echo "RIC deployment without deployment recipe is currently disabled. Please specify an recipe with the -f option."
  93     echo "****************************************************************************************************************"
  94     exit 1
  95 fi
  96
  97 if [ -z $IS_HELM3 ]
  98 then
  99   HAS_COMMON_PACKAGE=$(helm search local/ric-common | grep ric-common)
 100 else
 101   HAS_COMMON_PACKAGE=$(helm search repo local/ric-common | grep ric-common)
 102 fi
 103
 104 if [ -z "$HAS_COMMON_PACKAGE" ];then
 105     echo "****************************************************************************************************************"
 106     echo "                                                     ERROR                                                      "
 107     echo "****************************************************************************************************************"
 108     echo "Can't locate the ric-common helm package in the local repo. Please make sure that it is properly installed."
 109     echo "****************************************************************************************************************"
 110     exit 1
 111 fi
 112
 113 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
 114 COMMON_BLOCK=$(cat $OVERRIDEYAML | awk '/^common:/{getline; while ($0 ~ /^ +.*|^ *|^ *#.*$/) {print $0; if (getline == 0) {break}}}')
 115 NAMESPACE_BLOCK=$(cat $OVERRIDEYAML | awk '/^  namespace:/{getline; while ($0 ~ /^ +.*|^ *|^ *#.*$/) {print $0; if (getline == 0) {break}}}')
 116 PLTNAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *platform:/{print $2}')
 117 INFRANAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *infra:/{print $2}')
 118 XAPPNAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *xapp:/{print $2}')
 119 RELEASE_PREFIX=$(echo "$COMMON_BLOCK" | awk '/^ *releasePrefix:/{print $2}')
 120 LOCAL_REPOSITORY=$(echo "$COMMON_BLOCK" | awk '/^ *localregistry:/{print $2}')
 121
 122 # replace the dbaasha with dbaas1 if deploying non HA DBaaS
 123 COMPONENTS=${LIST_OF_COMPONENTS:-"infrastructure dbaas xapp-onboarder appmgr rtmgr e2mgr e2term a1mediator submgr vespamgr jaegeradapter o1mediator alarmmanager influxdb"}
 124 echo "Deploying RIC infra components [$COMPONENTS]"
 125
 126
 127 if ! kubectl get ns ${PLTNAMESPACE:-ricplt}> /dev/null 2>&1; then
 128     kubectl create ns ${PLTNAMESPACE:-ricplt}
 129 fi
 130 if ! kubectl get ns ${INFRANAMESPACE:-ricinfra}> /dev/null 2>&1; then
 131     kubectl create ns ${INFRANAMESPACE:-ricinfra}
 132 fi
 133 if ! kubectl get ns ${XAPPNAMESPACE:-ricxapp}> /dev/null 2>&1; then
 134     kubectl create ns ${XAPPNAMESPACE:-ricxapp}
 135 fi
 136 FOUND_RECIPE=$(kubectl get configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe 2>/dev/null )
 137 if [ ! -z "$FOUND_RECIPE" ]; then
 138     kubectl delete configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe
 139 fi
 140 kubectl create configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe --from-file=recipe=$OVERRIDEYAML
 141
 142 if [ ! -z "$LOCAL_REPOSITORY" ]; then
 143     LOCAL_REPOSITORY="$LOCAL_REPOSITORY/"
 144 fi
 145
 146
 147 echo Add cluster roles
 148     cat >ricplt-role.yaml <<EOF
 149 ---
 150 apiVersion: rbac.authorization.k8s.io/v1
 151 kind: ClusterRole
 152 metadata:
 153   name: ricplt-system-tiller
 154 rules:
 155   - apiGroups: [""]
 156     resources: ["deployments"]
 157     verbs: ["get", "list", "create", "delete"]
 158   - apiGroups: ["apiextensions.k8s.io"]
 159     resources: ["customresourcedefinitions"]
 160     verbs: ["get", "list", "create", "delete"]
 161   - apiGroups: ["rbac.authorization.k8s.io"]
 162     resources: ["clusterroles", "clusterrolebindings"]
 163     verbs: ["get", "list", "create", "delete"]
 164   - apiGroups: [""]
 165     resources: ["events"]
 166     verbs: ["create", "patch"]
 167   - apiGroups: [""]
 168     resources: ["nodes"]
 169     verbs: ["list", "watch", "get"]
 170   - apiGroups: [""]
 171     resources: ["nodes/metrics"]
 172     verbs: ["list", "watch", "get"]
 173   - apiGroups: [""]
 174     resources: ["nodes/proxy"]
 175     verbs: ["list", "watch", "get"]
 176   - apiGroups: ["configuration.konghq.com"]
 177     resources: ["kongconsumers"]
 178     verbs: ["get", "list", "watch"]
 179   - apiGroups: ["configuration.konghq.com"]
 180     resources: ["kongcredentials"]
 181     verbs: ["get", "list", "watch"]
 182   - apiGroups: ["configuration.konghq.com"]
 183     resources: ["kongingresses"]
 184     verbs: ["get", "list", "watch"]
 185   - apiGroups: ["configuration.konghq.com"]
 186     resources: ["kongplugins"]
 187     verbs: ["get", "list", "watch"]
 188   - apiGroups: ["networking.k8s.io"]
 189     resources: ["ingresses"]
 190     verbs: ["watch", "list", "get", "create", "delete", "update"]
 191   - apiGroups: [""]
 192     resources: ["ingresses"]
 193     verbs: ["watch", "list", "get", "create", "delete", "update"]
 194   - apiGroups: [""]
 195     resources: ["persistentvolumes"]
 196     verbs: ["watch", "list", "get", "create", "delete"]
 197   - apiGroups: ["danm.k8s.io"]
 198     resources: ["clusternetworks"]
 199     verbs: ["watch", "list", "get", "create", "delete"]
 200   - apiGroups: ["extensions"]
 201     resources: ["ingresses/status"]
 202     verbs: ["update", "get", "list", "watch"]
 203   - apiGroups: ["networking.k8s.io"]
 204     resources: ["ingresses/status"]
 205     verbs: ["update", "get", "list", "watch"]
 206   - apiGroups: ["certificates.k8s.io"]
 207     resources: ["certificatesigningrequests"]
 208     verbs: ["list", "watch"]
 209   - apiGroups: ["storage.k8s.io"]
 210     resources: ["storageclasses"]
 211     verbs: ["list", "watch"]
 212   - nonResourceURLs: ["/metrics"]
 213     verbs: ["get"]
 214 ---
 215 apiVersion: rbac.authorization.k8s.io/v1
 216 kind: ClusterRoleBinding
 217 metadata:
 218   name: ricplt-system-tiller
 219 roleRef:
 220   apiGroup: rbac.authorization.k8s.io
 221   kind: ClusterRole
 222   name: ricplt-system-tiller
 223 subjects:
 224   - kind: ServiceAccount
 225     name: tiller
 226     namespace: kube-system
 227 EOF
 228
 229 if [ -z $IS_HELM3 ]
 230 then
 231    kubectl apply -f ricplt-role.yaml
 232    rm ricplt-role.yaml
 233 fi
 234
 235
 236 # Add kernel optimization for radis services
 237 if $KERNEL_OPTIMIZATION; then
 238     cat >kernel_optimizer.yaml <<EOF
 239 apiVersion: apps/v1
 240 kind: DaemonSet
 241 metadata:
 242   namespace: ${INFRANAMESPACE:-ricinfra}
 243   name: redis-kernel-optimizer
 244 spec:
 245   selector:
 246     matchLabels:
 247       app: redis-kernel-optimizer
 248   template:
 249     metadata:
 250       labels:
 251         app: redis-kernel-optimizer
 252     spec:
 253       volumes:
 254       - name: sys
 255         hostPath:
 256           path: /sys
 257       containers:
 258       - name: disable-thp
 259         image: ${LOCAL_REPOSITORY}busybox
 260         securityContext:
 261           runAsNonRoot: false
 262           privileged: true
 263           runAsUser: 0
 264         command: ["sh", "-c"]
 265         args:
 266         - |-
 267           set -e
 268           set -o pipefail
 269           trap 'exit' TERM
 270           echo never > /rootfs/sys/kernel/mm/transparent_hugepage/enabled
 271           echo never > /rootfs/sys/kernel/mm/transparent_hugepage/defrag
 272           sysctl -w net.core.somaxconn=511
 273           grep -q -F [never] /sys/kernel/mm/transparent_hugepage/enabled
 274           grep -q -F [never] /sys/kernel/mm/transparent_hugepage/defrag
 275           sysctl -n net.core.somaxconn | grep 511 -q
 276           echo "done"
 277           while true; do sleep 1; done
 278         volumeMounts:
 279         - name: sys
 280           mountPath: /rootfs/sys
 281 EOF
 282 kubectl apply -f kernel_optimizer.yaml
 283 wait_for_pods redis-kernel-optimizer ${INFRANAMESPACE:-ricinfra}
 284 wait_for_cats redis-kernel-optimizer ${INFRANAMESPACE:-ricinfra}
 285 kubectl delete -f kernel_optimizer.yaml
 286 rm kernel_optimizer.yaml
 287 fi
 288
 289
 290 for component in $COMPONENTS; do
 291     helm dep up $DIR/../helm/$component
 292     COMPONENT="${RELEASE_PREFIX}-$component"
 293     if [ -z $IS_HELM3 ]
 294     then
 295       COMPONENT=" --name $COMPONENT"
 296     fi
 297     helm install -f $OVERRIDEYAML --namespace "${PLTNAMESPACE:-ricplt}" $COMPONENT $DIR/../helm/$component
 298     sleep 8
 299 done
 300
 301
 302
 303