3 # ============LICENSE_START===============================================
4 # Copyright (C) 2023 Nordix Foundation. All rights reserved.
5 # ========================================================================
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
10 # http://www.apache.org/licenses/LICENSE-2.0
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
17 # ============LICENSE_END=================================================
20 . scripts/kube_get_controlplane_host.sh
21 . scripts/kube_get_nodeport.sh
22 . scripts/wait_for_server_ok.sh
23 . scripts/get_influxdb2_token.sh
24 . scripts/create_topic.sh
30 export KUBERNETESHOST=$(kube_get_controlplane_host)
37 echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
38 echo "Kubernetes control plane host: $KUBERNETESHOST"
39 echo "Host obtained from current kubectl context"
40 echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
42 echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
43 echo "Checking requirements"
44 echo " Checking if istio is installed"
45 kubectl $KUBECONF get authorizationpolicies -A &> /dev/null
47 echo " Istio api: kubectl get authorizationpolicies is not installed"
52 echo " Checking if jq is installed"
55 echo " Command utility jq (cmd-line json processor) is not installed"
60 echo " Checking if envsubst is installed"
63 echo " Command utility envsubst (env var substitution in files) is not installed"
69 echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
70 echo "Restarting istiod, workaround to refresh jwks cache"
71 kubectl rollout restart deployments/istiod -n istio-system
72 echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
74 # Generic error printout function
75 # args: <numeric-response-code> <descriptive-string>
84 ##################################################################################
85 echo "##### Installing chart: namespaces"
86 ##################################################################################
88 helm install --wait namespaces helm/namespaces
92 ##################################################################################
93 echo "##### Installing chart: nrt-base-0"
94 ##################################################################################
95 helm install --wait -n nonrtric nrt-base-0 helm/nrt-base-0
97 # Create realm in keycloak
99 . scripts/populate_keycloak.sh
101 create_realms nonrtric-realm
102 while [ $? -ne 0 ]; do
103 create_realms nonrtric-realm
106 # Create client for admin calls
108 create_clients nonrtric-realm $cid
110 generate_client_secrets nonrtric-realm $cid
117 TOKEN=$(get_client_token nonrtric-realm $cid)
119 ##################################################################################
120 echo "##### Installing charts: strimzi and nrt-base-1"
121 ##################################################################################
123 helm repo add strimzi https://strimzi.io/charts/
125 helm install --wait strimzi-kafka-crds -n nonrtric strimzi/strimzi-kafka-operator
128 cp opa-rules/bundle.tar.gz helm/nrt-base-1/charts/opa-rule-db/data
130 helm install -n nonrtric nrt-base-1 helm/nrt-base-1
132 echo "Waiting for influx db - there may be error messages while trying..."
134 while [ $retcode -eq 1 ]; do
136 CONFIG=$(kubectl exec -n nonrtric influxdb2-0 -- influx config ls --json)
137 if [ $? -ne 0 ]; then
140 elif [ "$CONFIG" == "{}" ]; then
141 echo "Configuring db"
142 kubectl exec -n nonrtric influxdb2-0 -- influx setup -u admin -p mySuP3rS3cr3tT0keN -o est -b pm-bucket -f
143 if [ $? -ne 0 ]; then
148 echo "Db user configured, skipping"
152 # Save influx user api-token to secret
155 darwin*) B64FLAG="" ;;
157 INFLUXDB2_TOKEN=$(get_influxdb2_token influxdb2-0 nonrtric | base64 $B64FLAG)
158 PATCHDATA='[{"op": "add", "path": "/data/token", "value": "'$INFLUXDB2_TOKEN'"}]'
159 kubectl patch secret influxdb-api-token -n nonrtric --type json -p "$PATCHDATA"
161 echo "Wait for kafka"
163 until $(kubectl exec -n nonrtric kafka-client -- kafka-topics --list --bootstrap-server kafka-1-kafka-bootstrap.nonrtric:9092 1> /dev/null 2> /dev/null); do
164 echo -ne " $(($SECONDS-$_ts)) sec, retrying at $(($SECONDS-$_ts+5)) sec $SAMELINE"
169 # Pre-create known topic to avoid losing data when autocreated by apps
170 __topics_list="file-ready collected-file json-file-ready-kp json-file-ready-kpadp pmreports"
171 for __topic in $__topics_list; do
172 create_topic kafka-1-kafka-bootstrap.nonrtric:9092 $__topic 10
177 ##################################################################################
178 echo "##### Installing: chart ran"
179 ##################################################################################
181 ./helm/ran/certs/gen-certs.sh 10
184 helm install --wait -f helm/global-values.yaml -n ran ran helm/ran
188 ##################################################################################
189 echo "##### Installing chart: nrt-pm"
190 ##################################################################################
194 echo "Updating dfc truststore"
195 cd helm/nrt-pm/charts/dfc/truststore
196 cp template-truststore.jks truststore.jks
199 echo " Adding https ca cert to dfc truststore"
200 cat <<__EOF__ | keytool -importcert -alias pm-https -file $cwd/helm/ran/certs/httpsca.crt -keystore truststore.jks -storetype JKS -storepass $(< truststore.pass)
205 cid="kafka-producer-pm-xml2json"
206 create_clients nonrtric-realm $cid
208 generate_client_secrets nonrtric-realm $cid
211 export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
213 envsubst < helm/nrt-pm/charts/kafka-producer-pm-xml2json/values-template.yaml > helm/nrt-pm/charts/kafka-producer-pm-xml2json/values.yaml
216 cid="kafka-producer-pm-json2kafka"
217 create_clients nonrtric-realm $cid
219 generate_client_secrets nonrtric-realm $cid
222 export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
224 envsubst < helm/nrt-pm/charts/kafka-producer-pm-json2kafka/values-template.yaml > helm/nrt-pm/charts/kafka-producer-pm-json2kafka/values.yaml
227 cid="kafka-producer-pm-json2influx"
228 create_clients nonrtric-realm $cid
230 generate_client_secrets nonrtric-realm $cid
233 export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
235 envsubst < helm/nrt-pm/charts/kafka-producer-pm-json2influx/values-template.yaml > helm/nrt-pm/charts/kafka-producer-pm-json2influx/values.yaml
238 cid="pm-producer-json2kafka"
239 create_clients nonrtric-realm $cid
241 generate_client_secrets nonrtric-realm $cid
244 export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
246 envsubst < helm/nrt-pm/charts/pm-producer-json2kafka/values-template.yaml > helm/nrt-pm/charts/pm-producer-json2kafka/values.yaml
250 create_clients nonrtric-realm $cid
252 generate_client_secrets nonrtric-realm $cid
255 export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
257 envsubst < helm/nrt-pm/charts/dfc/values-template.yaml > helm/nrt-pm/charts/dfc/values.yaml
259 helm install --wait -f helm/global-values.yaml -n nonrtric nrt-pm helm/nrt-pm
263 echo "######################################################################"
264 echo "ranpm installed"
265 echo "Wait until all pods are running before installation additional charts"
266 echo "Do: 'kubectl get po -n nonrtric' and verify that all pods are in status Running"
267 echo " and all included containers are Ready"
268 echo "######################################################################"