# See the License for the specific language governing permissions and #
# limitations under the License. #
################################################################################
+
+function wait_for_pods() {
+ echo -n "waiting for $1 pods to run"
+
+ STILL_WAITING=true
+ while $STILL_WAITING; do
+ STILL_WAITING=false
+ PODS=$(kubectl get pods -n $2 2>/dev/null | grep $1 | awk '{print $1}')
+ if [ -z $PODS ]; then
+ STILL_WAITING=true
+ sleep 1
+ echo -n "."
+ fi
+ for POD in ${PODS}; do
+ if [[ $(kubectl get pod ${POD} -n $2 -o go-template --template "{{.status.phase}}") != "Running" ]]; then
+ STILL_WAITING=true
+ sleep 1
+ echo -n "."
+ break
+ fi
+ done
+ done
+
+ echo
+}
+
+function wait_for_cats() {
+ echo -n "waiting for $1 daemonset to complete"
+
+ STILL_WAITING=true
+ while $STILL_WAITING; do
+ STILL_WAITING=false
+ PODS=$(kubectl get pods -n $2 | grep $1 | awk '{print $1}')
+ for POD in ${PODS}; do
+ if [[ $(kubectl logs ${POD} -n $2 --tail 1) != "done" ]]; then
+ STILL_WAITING=true
+ sleep 1
+ echo -n "."
+ break
+ fi
+ done
+ done
+
+ echo
+}
+
+KERNEL_OPTIMIZATION=false
+
while [ -n "$1" ]; do # while loop starts
case "$1" in
-c) LIST_OF_COMPONENTS=$2
shift
;;
+ -o) KERNEL_OPTIMIZATION=true
+ ;;
*) echo "Option $1 not recognized" ;; # In case you typed a different option other than a,b,c
esac
exit 1
fi
-
-
-
-
-
-
-
-
-
-
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
-COMMON_BLOCK=$(cat $OVERRIDEYAML | awk '/^common:/{getline; while ($0 ~ /^ +.*|^ *$/) {print $0; if (getline == 0) {break}}}')
-NAMESPACE_BLOCK=$(cat $OVERRIDEYAML | awk '/^ namespace:/{getline; while ($0 ~ /^ .*|^ *$/) {print $0; if (getline == 0) {break}}}')
+COMMON_BLOCK=$(cat $OVERRIDEYAML | awk '/^common:/{getline; while ($0 ~ /^ +.*|^ *|^ *#.*$/) {print $0; if (getline == 0) {break}}}')
+NAMESPACE_BLOCK=$(cat $OVERRIDEYAML | awk '/^ namespace:/{getline; while ($0 ~ /^ +.*|^ *|^ *#.*$/) {print $0; if (getline == 0) {break}}}')
PLTNAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *platform:/{print $2}')
INFRANAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *infra:/{print $2}')
XAPPNAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *xapp:/{print $2}')
RELEASE_PREFIX=$(echo "$COMMON_BLOCK" | awk '/^ *releasePrefix:/{print $2}')
+LOCAL_REPOSITORY=$(echo "$COMMON_BLOCK" | awk '/^ *localregistry:/{print $2}')
+
# replace the dbaasha with dbaas1 if deploying non HA DBaaS
-COMPONENTS=${LIST_OF_COMPONENTS:-"infrastructure xapp-onboarder appmgr rtmgr dbaas1 e2mgr e2term a1mediator submgr vespamgr jaegeradapter o1mediator alarmadapter"}
+COMPONENTS=${LIST_OF_COMPONENTS:-"infrastructure dbaas xapp-onboarder appmgr rtmgr e2mgr e2term a1mediator submgr vespamgr jaegeradapter o1mediator alarmadapter"}
echo "Deploying RIC infra components [$COMPONENTS]"
if ! kubectl get ns ${XAPPNAMESPACE:-ricxapp}> /dev/null 2>&1; then
kubectl create ns ${XAPPNAMESPACE:-ricxapp}
fi
-
+FOUND_RECIPE=$(kubectl get configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe 2>/dev/null )
+if [ ! -z "$FOUND_RECIPE" ]; then
+ kubectl delete configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe
+fi
kubectl create configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe --from-file=recipe=$OVERRIDEYAML
+if [ ! -z "$LOCAL_REPOSITORY" ]; then
+ LOCAL_REPOSITORY="$LOCAL_REPOSITORY/"
+fi
+
+
+echo Add cluster roles
+ cat >ricplt-role.yaml <<EOF
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: ricplt-system-tiller
+rules:
+ - apiGroups: [""]
+ resources: ["deployments"]
+ verbs: ["get", "list", "create", "delete"]
+ - apiGroups: ["apiextensions.k8s.io"]
+ resources: ["customresourcedefinitions"]
+ verbs: ["get", "list", "create", "delete"]
+ - apiGroups: ["rbac.authorization.k8s.io"]
+ resources: ["clusterroles", "clusterrolebindings"]
+ verbs: ["get", "list", "create", "delete"]
+ - apiGroups: [""]
+ resources: ["events"]
+ verbs: ["create", "patch"]
+ - apiGroups: [""]
+ resources: ["nodes"]
+ verbs: ["list", "watch", "get"]
+ - apiGroups: [""]
+ resources: ["nodes/metrics"]
+ verbs: ["list", "watch", "get"]
+ - apiGroups: [""]
+ resources: ["nodes/proxy"]
+ verbs: ["list", "watch", "get"]
+ - apiGroups: ["configuration.konghq.com"]
+ resources: ["kongconsumers"]
+ verbs: ["get", "list", "watch"]
+ - apiGroups: ["configuration.konghq.com"]
+ resources: ["kongcredentials"]
+ verbs: ["get", "list", "watch"]
+ - apiGroups: ["configuration.konghq.com"]
+ resources: ["kongingresses"]
+ verbs: ["get", "list", "watch"]
+ - apiGroups: ["configuration.konghq.com"]
+ resources: ["kongplugins"]
+ verbs: ["get", "list", "watch"]
+ - apiGroups: ["networking.k8s.io"]
+ resources: ["ingresses"]
+ verbs: ["watch", "list", "get", "create", "delete", "update"]
+ - apiGroups: [""]
+ resources: ["ingresses"]
+ verbs: ["watch", "list", "get", "create", "delete", "update"]
+ - apiGroups: [""]
+ resources: ["persistentvolumes"]
+ verbs: ["watch", "list", "get", "create", "delete"]
+ - apiGroups: ["danm.k8s.io"]
+ resources: ["clusternetworks"]
+ verbs: ["watch", "list", "get", "create", "delete"]
+ - apiGroups: ["extensions"]
+ resources: ["ingresses/status"]
+ verbs: ["update", "get", "list", "watch"]
+ - apiGroups: ["networking.k8s.io"]
+ resources: ["ingresses/status"]
+ verbs: ["update", "get", "list", "watch"]
+ - apiGroups: ["certificates.k8s.io"]
+ resources: ["certificatesigningrequests"]
+ verbs: ["list", "watch"]
+ - apiGroups: ["storage.k8s.io"]
+ resources: ["storageclasses"]
+ verbs: ["list", "watch"]
+ - nonResourceURLs: ["/metrics"]
+ verbs: ["get"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: ricplt-system-tiller
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: ricplt-system-tiller
+subjects:
+ - kind: ServiceAccount
+ name: tiller
+ namespace: kube-system
+EOF
+kubectl apply -f ricplt-role.yaml
+rm ricplt-role.yaml
+
+
+# Add kernel optimization for radis services
+if $KERNEL_OPTIMIZATION; then
+ cat >kernel_optimizer.yaml <<EOF
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ namespace: ${INFRANAMESPACE:-ricinfra}
+ name: redis-kernel-optimizer
+spec:
+ selector:
+ matchLabels:
+ app: redis-kernel-optimizer
+ template:
+ metadata:
+ labels:
+ app: redis-kernel-optimizer
+ spec:
+ volumes:
+ - name: sys
+ hostPath:
+ path: /sys
+ containers:
+ - name: disable-thp
+ image: ${LOCAL_REPOSITORY}busybox
+ securityContext:
+ runAsNonRoot: false
+ privileged: true
+ runAsUser: 0
+ command: ["sh", "-c"]
+ args:
+ - |-
+ set -e
+ set -o pipefail
+ trap 'exit' TERM
+ echo never > /rootfs/sys/kernel/mm/transparent_hugepage/enabled
+ echo never > /rootfs/sys/kernel/mm/transparent_hugepage/defrag
+ sysctl -w net.core.somaxconn=511
+ grep -q -F [never] /sys/kernel/mm/transparent_hugepage/enabled
+ grep -q -F [never] /sys/kernel/mm/transparent_hugepage/defrag
+ sysctl -n net.core.somaxconn | grep 511 -q
+ echo "done"
+ while true; do sleep 1; done
+ volumeMounts:
+ - name: sys
+ mountPath: /rootfs/sys
+EOF
+kubectl apply -f kernel_optimizer.yaml
+wait_for_pods redis-kernel-optimizer ${INFRANAMESPACE:-ricinfra}
+wait_for_cats redis-kernel-optimizer ${INFRANAMESPACE:-ricinfra}
+kubectl delete -f kernel_optimizer.yaml
+rm kernel_optimizer.yaml
+fi
+
for component in $COMPONENTS; do
helm dep up $DIR/../helm/$component
helm install -f $OVERRIDEYAML --namespace "${PLTNAMESPACE:-ricplt}" --name "${RELEASE_PREFIX}-$component" $DIR/../helm/$component
- sleep 3
+ sleep 8
done
+
+
+
+