X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=ric-aux%2Fbin%2Finstall;h=8a1e8494160a27b860b73b4d6e3f63bea4cfab05;hb=d052a253e88bd1d15557b21e8c97334092d0771a;hp=da9bc36227d5192b2132aecebd04128e893cc53c;hpb=6e1a341bd8185cf69b16541f36f2a366d5cf111d;p=it%2Fdep.git

diff --git a/ric-aux/bin/install b/ric-aux/bin/install
index da9bc362..8a1e8494 100755
--- a/ric-aux/bin/install
+++ b/ric-aux/bin/install
@@ -86,10 +86,11 @@ for f in $NODENAME; do
     LABEL=$(kubectl describe node $f | grep "local-storage=enable")
     if [ ! -z "$LABEL" ]; then
         LABELFOUND=true
+	echo "Found lable \"local-storage=enable\" at node $f"
     fi
 done
   
-FOUND_STORAGECLASS=$(grep storageclass $OVERRIDEYAML)
+FOUND_STORAGECLASS=$(grep -w storageclass $OVERRIDEYAML)
 
 
 if  ! $LABELFOUND && [ -z "$FOUND_STORAGECLASS" ]; then
@@ -138,6 +139,7 @@ for f in $NODENAME; do
     LABEL=$(kubectl describe node $f | grep "portal-storage=enable")
     if [ ! -z "$LABEL" ]; then
         LABELFOUND=true
+	echo "Found lable \"portal-storage=enable\" at node $f"
     fi
 done
 
@@ -165,10 +167,6 @@ if ! kubectl get ns onap > /dev/null 2>&1; then
     kubectl create ns onap
 fi
 
-HTTP response body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"jobs.batch \"ricaux-portal-db-config\" is forbidden: User \"system:serviceaccount:ricaux:default\" cannot get resource \"jobs/status\" in API group \"batch\" in the namespace \"ricaux\"","reason":"Forbidden","details":{"name":"ricaux-portal-db-config","group":"batch","kind":"jobs"},"code":403}
-
-
-HTTP response body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"pods is forbidden: User \"system:serviceaccount:onap:default\" cannot list resource \"pods\" in API group \"\" in the namespace \"onap\"","reason":"Forbidden","details":{"kind":"pods"},"code":403}
 
 
 
@@ -232,6 +230,73 @@ subjects:
   - kind: ServiceAccount
     name: default
     namespace: onap
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: ricaux-system-tiller
+rules:
+  - apiGroups: [""]
+    resources: ["deployments"]
+    verbs: ["get", "list", "create", "delete"]
+  - apiGroups: ["apiextensions.k8s.io"]
+    resources: ["customresourcedefinitions"]
+    verbs: ["get", "list", "create", "delete"]
+  - apiGroups: ["rbac.authorization.k8s.io"]
+    resources: ["clusterroles", "clusterrolebindings"]
+    verbs: ["get", "list", "create", "delete"]
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs: ["create", "patch"]
+  - apiGroups: [""]
+    resources: ["nodes"]
+    verbs: ["list", "watch", "get"]
+  - apiGroups: ["configuration.konghq.com"]
+    resources: ["kongconsumers"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["configuration.konghq.com"]
+    resources: ["kongcredentials"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["configuration.konghq.com"]
+    resources: ["kongingresses"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["configuration.konghq.com"]
+    resources: ["kongplugins"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["extensions"]
+    resources: ["ingresses/status"]
+    verbs: ["update"]
+  - apiGroups: ["networking.k8s.io"]
+    resources: ["ingresses/status"]
+    verbs: ["update"]
+  - apiGroups: ["networking.k8s.io"]
+    resources: ["ingresses"]
+    verbs: ["get", "list", "create", "delete", "watch"]
+  - apiGroups: ["danm.k8s.io"]
+    resources: ["clusternetworks"]
+    verbs: ["get", "list", "create", "delete"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["storageclasses"]
+    verbs: ["get", "list", "create", "delete"]
+  - apiGroups: [""]
+    resources: ["persistentvolumes"]
+    verbs: ["get", "list", "create", "delete"]
+
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ricaux-system-tiller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: ricaux-system-tiller
+subjects:
+  - kind: ServiceAccount
+    name: tiller
+    namespace: kube-system
 EOF
 kubectl apply -f ricaux-role.yaml
 rm ricaux-role.yaml
@@ -241,7 +306,7 @@ kubectl create configmap -n ${AUXNAMESPACE:-ricaux} aux-recipe --from-file=recip
 
 
 echo "Clean up dockerdata-nfs directory"
-rm -rf /dockerdata-nfs
+rm -rf /dockerdata-nfs/*
 
 
 echo "Deploying AUX components [$COMPONENTS]"
@@ -258,6 +323,7 @@ for component in $COMPONENTS; do
                     LABEL=$(kubectl describe node $f | grep "aaf-storage=enable")
                     if [ ! -z "$LABEL" ]; then
                         LABELFOUND=true
+	                echo "Found lable \"aaf-storage=enable\" at node $f"
                     fi
                 done
                 
@@ -275,7 +341,7 @@ for component in $COMPONENTS; do
             ;;
             *)
                 helm install -f $OVERRIDEYAML --namespace "${AUXNAMESPACE:-ricaux}" --name "${RELEASE_PREFIX}-$component" $DIR/../helm/$component
- 
+		sleep 8 
     esac
 
 done