bin/install

   1 #!/bin/bash
   2 ################################################################################
   3 #   Copyright (c) 2019 AT&T Intellectual Property.                             #
   4 #   Copyright (c) 2019 Nokia.                                                  #
   5 #                                                                              #
   6 #   Licensed under the Apache License, Version 2.0 (the "License");            #
   7 #   you may not use this file except in compliance with the License.           #
   8 #   You may obtain a copy of the License at                                    #
   9 #                                                                              #
  10 #       http://www.apache.org/licenses/LICENSE-2.0                             #
  11 #                                                                              #
  12 #   Unless required by applicable law or agreed to in writing, software        #
  13 #   distributed under the License is distributed on an "AS IS" BASIS,          #
  14 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
  15 #   See the License for the specific language governing permissions and        #
  16 #   limitations under the License.                                             #
  17 ################################################################################
  18
  19 function wait_for_pods() {
  20   echo -n "waiting for $1 pods to run"
  21
  22   STILL_WAITING=true
  23   while $STILL_WAITING; do
  24       STILL_WAITING=false
  25       PODS=$(kubectl get pods -n $2 2>/dev/null | grep $1 | awk '{print $1}')
  26       if [ -z $PODS ]; then
  27         STILL_WAITING=true
  28         sleep 1
  29         echo -n "."
  30       fi
  31       for POD in ${PODS}; do
  32         if [[ $(kubectl get pod ${POD} -n $2 -o go-template --template "{{.status.phase}}") != "Running" ]]; then
  33             STILL_WAITING=true
  34             sleep 1
  35             echo -n "."
  36             break
  37         fi
  38       done
  39   done
  40
  41   echo
  42 }
  43
  44 function wait_for_cats() {
  45   echo -n "waiting for $1 daemonset to complete"
  46
  47   STILL_WAITING=true
  48   while $STILL_WAITING; do
  49       STILL_WAITING=false
  50       PODS=$(kubectl get pods -n $2 | grep $1 | awk '{print $1}')
  51       for POD in ${PODS}; do
  52         if [[ $(kubectl logs ${POD} -n $2 --tail 1) != "done" ]]; then
  53             STILL_WAITING=true
  54             sleep 1
  55             echo -n "."
  56             break
  57         fi
  58       done
  59   done
  60
  61   echo
  62 }
  63
  64 KERNEL_OPTIMIZATION=false
  65
  66 while [ -n "$1" ]; do # while loop starts
  67
  68     case "$1" in
  69
  70     -f) OVERRIDEYAML=$2
  71         shift
  72         ;;
  73     -c) LIST_OF_COMPONENTS=$2
  74         shift
  75         ;;
  76     -o) KERNEL_OPTIMIZATION=true
  77         ;;
  78     *) echo "Option $1 not recognized" ;; # In case you typed a different option other than a,b,c
  79
  80     esac
  81
  82     shift
  83
  84 done
  85
  86 if [ -z "$OVERRIDEYAML" ];then
  87     echo "****************************************************************************************************************"
  88     echo "                                                     ERROR                                                      "
  89     echo "****************************************************************************************************************"
  90     echo "RIC deployment without deployment recipe is currently disabled. Please specify an recipe with the -f option."
  91     echo "****************************************************************************************************************"
  92     exit 1
  93 fi
  94
  95 HAS_COMMON_PACKAGE=$(helm search local/ric-common | grep ric-common)
  96
  97 if [ -z "$HAS_COMMON_PACKAGE" ];then
  98     echo "****************************************************************************************************************"
  99     echo "                                                     ERROR                                                      "
 100     echo "****************************************************************************************************************"
 101     echo "Can't locate the ric-common helm package in the local repo. Please make sure that it is properly installed."
 102     echo "****************************************************************************************************************"
 103     exit 1
 104 fi
 105
 106 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
 107 COMMON_BLOCK=$(cat $OVERRIDEYAML | awk '/^common:/{getline; while ($0 ~ /^ +.*|^ *|^ *#.*$/) {print $0; if (getline == 0) {break}}}')
 108 NAMESPACE_BLOCK=$(cat $OVERRIDEYAML | awk '/^  namespace:/{getline; while ($0 ~ /^ +.*|^ *|^ *#.*$/) {print $0; if (getline == 0) {break}}}')
 109 PLTNAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *platform:/{print $2}')
 110 INFRANAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *infra:/{print $2}')
 111 XAPPNAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *xapp:/{print $2}')
 112 RELEASE_PREFIX=$(echo "$COMMON_BLOCK" | awk '/^ *releasePrefix:/{print $2}')
 113 LOCAL_REPOSITORY=$(echo "$COMMON_BLOCK" | awk '/^ *localregistry:/{print $2}')
 114
 115 # replace the dbaasha with dbaas1 if deploying non HA DBaaS
 116 COMPONENTS=${LIST_OF_COMPONENTS:-"infrastructure dbaas xapp-onboarder appmgr rtmgr e2mgr e2term a1mediator submgr vespamgr jaegeradapter o1mediator alarmadapter"}
 117 echo "Deploying RIC infra components [$COMPONENTS]"
 118
 119
 120 if ! kubectl get ns ${PLTNAMESPACE:-ricplt}> /dev/null 2>&1; then
 121     kubectl create ns ${PLTNAMESPACE:-ricplt}
 122 fi
 123 if ! kubectl get ns ${INFRANAMESPACE:-ricinfra}> /dev/null 2>&1; then
 124     kubectl create ns ${INFRANAMESPACE:-ricinfra}
 125 fi
 126 if ! kubectl get ns ${XAPPNAMESPACE:-ricxapp}> /dev/null 2>&1; then
 127     kubectl create ns ${XAPPNAMESPACE:-ricxapp}
 128 fi
 129 FOUND_RECIPE=$(kubectl get configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe 2>/dev/null )
 130 if [ ! -z "$FOUND_RECIPE" ]; then
 131     kubectl delete configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe
 132 fi
 133 kubectl create configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe --from-file=recipe=$OVERRIDEYAML
 134
 135 if [ ! -z "$LOCAL_REPOSITORY" ]; then
 136     LOCAL_REPOSITORY="$LOCAL_REPOSITORY/"
 137 fi
 138
 139
 140 echo Add cluster roles
 141     cat >ricplt-role.yaml <<EOF
 142 ---
 143 apiVersion: rbac.authorization.k8s.io/v1
 144 kind: ClusterRole
 145 metadata:
 146   name: ricplt-system-tiller
 147 rules:
 148   - apiGroups: [""]
 149     resources: ["deployments"]
 150     verbs: ["get", "list", "create", "delete"]
 151   - apiGroups: ["apiextensions.k8s.io"]
 152     resources: ["customresourcedefinitions"]
 153     verbs: ["get", "list", "create", "delete"]
 154   - apiGroups: ["rbac.authorization.k8s.io"]
 155     resources: ["clusterroles", "clusterrolebindings"]
 156     verbs: ["get", "list", "create", "delete"]
 157   - apiGroups: [""]
 158     resources: ["events"]
 159     verbs: ["create", "patch"]
 160   - apiGroups: [""]
 161     resources: ["nodes"]
 162     verbs: ["list", "watch", "get"]
 163   - apiGroups: [""]
 164     resources: ["nodes/metrics"]
 165     verbs: ["list", "watch", "get"]
 166   - apiGroups: [""]
 167     resources: ["nodes/proxy"]
 168     verbs: ["list", "watch", "get"]
 169   - apiGroups: ["configuration.konghq.com"]
 170     resources: ["kongconsumers"]
 171     verbs: ["get", "list", "watch"]
 172   - apiGroups: ["configuration.konghq.com"]
 173     resources: ["kongcredentials"]
 174     verbs: ["get", "list", "watch"]
 175   - apiGroups: ["configuration.konghq.com"]
 176     resources: ["kongingresses"]
 177     verbs: ["get", "list", "watch"]
 178   - apiGroups: ["configuration.konghq.com"]
 179     resources: ["kongplugins"]
 180     verbs: ["get", "list", "watch"]
 181   - apiGroups: ["networking.k8s.io"]
 182     resources: ["ingresses"]
 183     verbs: ["watch", "list", "get", "create", "delete", "update"]
 184   - apiGroups: [""]
 185     resources: ["ingresses"]
 186     verbs: ["watch", "list", "get", "create", "delete", "update"]
 187   - apiGroups: [""]
 188     resources: ["persistentvolumes"]
 189     verbs: ["watch", "list", "get", "create", "delete"]
 190   - apiGroups: ["danm.k8s.io"]
 191     resources: ["clusternetworks"]
 192     verbs: ["watch", "list", "get", "create", "delete"]
 193   - apiGroups: ["extensions"]
 194     resources: ["ingresses/status"]
 195     verbs: ["update", "get", "list", "watch"]
 196   - apiGroups: ["networking.k8s.io"]
 197     resources: ["ingresses/status"]
 198     verbs: ["update", "get", "list", "watch"]
 199   - apiGroups: ["certificates.k8s.io"]
 200     resources: ["certificatesigningrequests"]
 201     verbs: ["list", "watch"]
 202   - apiGroups: ["storage.k8s.io"]
 203     resources: ["storageclasses"]
 204     verbs: ["list", "watch"]
 205   - nonResourceURLs: ["/metrics"]
 206     verbs: ["get"]
 207 ---
 208 apiVersion: rbac.authorization.k8s.io/v1
 209 kind: ClusterRoleBinding
 210 metadata:
 211   name: ricplt-system-tiller
 212 roleRef:
 213   apiGroup: rbac.authorization.k8s.io
 214   kind: ClusterRole
 215   name: ricplt-system-tiller
 216 subjects:
 217   - kind: ServiceAccount
 218     name: tiller
 219     namespace: kube-system
 220 EOF
 221 kubectl apply -f ricplt-role.yaml
 222 rm ricplt-role.yaml
 223
 224
 225 # Add kernel optimization for radis services
 226 if $KERNEL_OPTIMIZATION; then
 227     cat >kernel_optimizer.yaml <<EOF
 228 apiVersion: apps/v1
 229 kind: DaemonSet
 230 metadata:
 231   namespace: ${INFRANAMESPACE:-ricinfra}
 232   name: redis-kernel-optimizer
 233 spec:
 234   selector:
 235     matchLabels:
 236       app: redis-kernel-optimizer
 237   template:
 238     metadata:
 239       labels:
 240         app: redis-kernel-optimizer
 241     spec:
 242       volumes:
 243       - name: sys
 244         hostPath:
 245           path: /sys
 246       containers:
 247       - name: disable-thp
 248         image: ${LOCAL_REPOSITORY}busybox
 249         securityContext:
 250           runAsNonRoot: false
 251           privileged: true
 252           runAsUser: 0
 253         command: ["sh", "-c"]
 254         args:
 255         - |-
 256           set -e
 257           set -o pipefail
 258           trap 'exit' TERM
 259           echo never > /rootfs/sys/kernel/mm/transparent_hugepage/enabled
 260           echo never > /rootfs/sys/kernel/mm/transparent_hugepage/defrag
 261           sysctl -w net.core.somaxconn=511
 262           grep -q -F [never] /sys/kernel/mm/transparent_hugepage/enabled
 263           grep -q -F [never] /sys/kernel/mm/transparent_hugepage/defrag
 264           sysctl -n net.core.somaxconn | grep 511 -q
 265           echo "done"
 266           while true; do sleep 1; done
 267         volumeMounts:
 268         - name: sys
 269           mountPath: /rootfs/sys
 270 EOF
 271 kubectl apply -f kernel_optimizer.yaml
 272 wait_for_pods redis-kernel-optimizer ${INFRANAMESPACE:-ricinfra}
 273 wait_for_cats redis-kernel-optimizer ${INFRANAMESPACE:-ricinfra}
 274 kubectl delete -f kernel_optimizer.yaml
 275 rm kernel_optimizer.yaml
 276 fi
 277
 278
 279 for component in $COMPONENTS; do
 280     helm dep up $DIR/../helm/$component
 281     helm install -f $OVERRIDEYAML --namespace "${PLTNAMESPACE:-ricplt}" --name "${RELEASE_PREFIX}-$component" $DIR/../helm/$component
 282     sleep 8
 283 done
 284
 285
 286
 287