3 # ============LICENSE_START===============================================
4 # Copyright (C) 2023 Nordix Foundation. All rights reserved.
5 # Copyright (C) 2024 OpenInfra Foundation Europe. All rights reserved.
6 # ========================================================================
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
18 # ============LICENSE_END=================================================
21 . scripts/kube_get_controlplane_host.sh
22 . scripts/kube_get_nodeport.sh
23 . scripts/wait_for_server_ok.sh
24 . scripts/get_influxdb2_token.sh
25 . scripts/create_topic.sh
29 EXPECTEDMAJORKUBERNETESVERSION="1"
30 EXPECTEDMINORKUBERNETESVERSION="21"
31 STRIMZIKAFKAOPERATORVERSION="0.39.0"
34 export KUBERNETESHOST=$(kube_get_controlplane_host)
41 KUBERNETESVERSIONINFO=$(kubectl version --short 2>/dev/null || kubectl version 2>/dev/null)
42 export KUBERNETESVERSION=$(echo $KUBERNETESVERSIONINFO | grep 'Server Version' | awk '{print $3}')
44 echo $KUBERNETESVERSION
49 KUBERNETESMAJORVERSION=$(echo ${KUBERNETESVERSION#v} | cut -d. -f1)
50 KUBERNETESMINORVERSION=$(echo $KUBERNETESVERSION | cut -d. -f2)
51 echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
52 echo "Kubernetes control plane host: $KUBERNETESHOST"
53 echo "Host obtained from current kubectl context"
54 echo "Kubernetes version : $KUBERNETESVERSION"
55 if ((KUBERNETESMAJORVERSION < EXPECTEDMAJORKUBERNETESVERSION)) || ((KUBERNETESMINORVERSION < EXPECTEDMINORKUBERNETESVERSION)); then
56 echo "Required minimum Kubernetes version : $EXPECTEDMAJORKUBERNETESVERSION.$EXPECTEDMINORKUBERNETESVERSION"
60 echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
62 echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
63 echo "Checking requirements"
64 echo " Checking if istio is installed"
65 kubectl $KUBECONF get authorizationpolicies -A &> /dev/null
67 echo " Istio api: kubectl get authorizationpolicies is not installed"
72 echo " Checking if jq is installed"
75 echo " Command utility jq (cmd-line json processor) is not installed"
80 echo " Checking if envsubst is installed"
83 echo " Command utility envsubst (env var substitution in files) is not installed"
89 echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
90 echo "Restarting istiod, workaround to refresh jwks cache"
91 kubectl rollout restart deployments/istiod -n istio-system
92 echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
94 # Generic error printout function
95 # args: <numeric-response-code> <descriptive-string>
104 ##################################################################################
105 echo "##### Installing chart: nrt-base-0"
106 ##################################################################################
107 helm install --wait --create-namespace -n nonrtric nrt-base-0 helm/nrt-base-0
109 # Create realm in keycloak
111 . scripts/populate_keycloak.sh
113 create_realms nonrtric-realm
114 while [ $? -ne 0 ]; do
115 create_realms nonrtric-realm
118 # Create client for admin calls
120 create_clients nonrtric-realm $cid
122 generate_client_secrets nonrtric-realm $cid
129 TOKEN=$(get_client_token nonrtric-realm $cid)
131 ##################################################################################
132 echo "##### Installing charts: strimzi and nrt-base-1"
133 ##################################################################################
135 helm repo add strimzi https://strimzi.io/charts/
137 echo "Installing Strimzi Kafka operator version: $STRIMZIKAFKAOPERATORVERSION"
138 helm install --wait strimzi-kafka-crds -n nonrtric strimzi/strimzi-kafka-operator --version $STRIMZIKAFKAOPERATORVERSION
141 cp opa-rules/bundle.tar.gz helm/nrt-base-1/charts/opa-rule-db/data
143 helm install -n nonrtric nrt-base-1 helm/nrt-base-1
145 echo "Waiting for influx db - there may be error messages while trying..."
147 while [ $retcode -eq 1 ]; do
149 CONFIG=$(kubectl exec -n nonrtric influxdb2-0 -- influx config ls --json)
150 if [ $? -ne 0 ]; then
153 elif [ "$CONFIG" == "{}" ]; then
154 echo "Configuring db"
155 kubectl exec -n nonrtric influxdb2-0 -- influx setup -u admin -p mySuP3rS3cr3tT0keN -o est -b pm-bucket -f
156 if [ $? -ne 0 ]; then
161 echo "Db user configured, skipping"
165 # Save influx user api-token to secret
168 darwin*) B64FLAG="" ;;
170 INFLUXDB2_TOKEN=$(get_influxdb2_token influxdb2-0 nonrtric | base64 $B64FLAG)
171 PATCHDATA='[{"op": "add", "path": "/data/token", "value": "'$INFLUXDB2_TOKEN'"}]'
172 kubectl patch secret influxdb-api-token -n nonrtric --type json -p "$PATCHDATA"
174 echo "Wait for kafka"
176 until $(kubectl exec -n nonrtric kafka-client -- kafka-topics --list --bootstrap-server kafka-1-kafka-bootstrap.nonrtric:9092 1> /dev/null 2> /dev/null); do
177 echo -ne " $(($SECONDS-$_ts)) sec, retrying at $(($SECONDS-$_ts+5)) sec $SAMELINE"
182 # Pre-create known topic to avoid losing data when autocreated by apps
183 __topics_list="file-ready collected-file json-file-ready-kp json-file-ready-kpadp pmreports"
184 for __topic in $__topics_list; do
185 create_topic kafka-1-kafka-bootstrap.nonrtric:9092 $__topic 10
190 ##################################################################################
191 echo "##### Installing: chart nonrtricgateway"
192 ##################################################################################
194 helm install --wait -n nonrtric nonrtricgateway helm/nonrtricgateway
197 ##################################################################################
198 echo "##### Installing: chart controlpanel"
199 ##################################################################################
201 helm install --wait -n nonrtric controlpanel helm/controlpanel
204 ##################################################################################
205 echo "##### Installing: chart ran"
206 ##################################################################################
208 ./helm/ran/certs/gen-certs.sh 10
211 helm install --wait --create-namespace -n ran -f helm/global-values.yaml ran helm/ran
215 ##################################################################################
216 echo "##### Installing chart: nrt-pm"
217 ##################################################################################
221 echo "Updating dfc truststore"
222 cd helm/nrt-pm/charts/dfc/truststore
223 cp template-truststore.jks truststore.jks
226 echo " Adding https ca cert to dfc truststore"
227 cat <<__EOF__ | keytool -importcert -alias pm-https -file $cwd/helm/ran/certs/httpsca.crt -keystore truststore.jks -storetype JKS -storepass $(< truststore.pass)
232 cid="kafka-producer-pm-xml2json"
233 create_clients nonrtric-realm $cid
235 generate_client_secrets nonrtric-realm $cid
238 export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
240 envsubst < helm/nrt-pm/charts/kafka-producer-pm-xml2json/values-template.yaml > helm/nrt-pm/charts/kafka-producer-pm-xml2json/values.yaml
243 cid="kafka-producer-pm-json2kafka"
244 create_clients nonrtric-realm $cid
246 generate_client_secrets nonrtric-realm $cid
249 export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
251 envsubst < helm/nrt-pm/charts/kafka-producer-pm-json2kafka/values-template.yaml > helm/nrt-pm/charts/kafka-producer-pm-json2kafka/values.yaml
254 cid="kafka-producer-pm-json2influx"
255 create_clients nonrtric-realm $cid
257 generate_client_secrets nonrtric-realm $cid
260 export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
262 envsubst < helm/nrt-pm/charts/kafka-producer-pm-json2influx/values-template.yaml > helm/nrt-pm/charts/kafka-producer-pm-json2influx/values.yaml
265 cid="pm-producer-json2kafka"
266 create_clients nonrtric-realm $cid
268 generate_client_secrets nonrtric-realm $cid
271 export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
273 envsubst < helm/nrt-pm/charts/pm-producer-json2kafka/values-template.yaml > helm/nrt-pm/charts/pm-producer-json2kafka/values.yaml
277 create_clients nonrtric-realm $cid
279 generate_client_secrets nonrtric-realm $cid
282 export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
284 envsubst < helm/nrt-pm/charts/dfc/values-template.yaml > helm/nrt-pm/charts/dfc/values.yaml
286 helm install --wait -f helm/global-values.yaml -n nonrtric nrt-pm helm/nrt-pm
290 echo "######################################################################"
291 echo "ranpm installed"
292 echo "Wait until all pods are running before installation additional charts"
293 echo "Do: 'kubectl get po -n nonrtric' and verify that all pods are in status Running"
294 echo " and all included containers are Ready"
295 echo "######################################################################"