Added script to install the dependent components for Rapp Manager.
Issue-ID: NONRTRIC-898
Signed-off-by: aravind.est <aravindhan.a@est.tech>
Change-Id: I2c18f509c76a58fdc4ef7620b0fab28378664688
--- /dev/null
+## Installation of Rapp Manager
+
+Rapp Manager application requires the following components,
+
+* ONAP ACM
+* OSC SME
+
+
+### Pre-requisites
+
+The installation scripts do not handle the required installations listed below.
+
+* Kubernetes cluster(v1.24.6)
+* GIT
+
+### Installation
+
+All the components can be installed as shown below,
+```
+./install-all.sh
+```
+
+Individual components can be installed using the commands below,
+
+```./install-base.sh``` - Installs the tools required for other installer scripts.
+
+```./install-acm.sh``` - Installs the ACM, and it's related components.
+
+```./install-kserve.sh``` - Installs the Kserve, and it's related components.
+
+```./install-nonrtric.sh``` - Installs the NONRTRIC components.
+
+> **These scripts are specifically designed for a fresh environment.**
+
+### Uninstallation
+
+```./uninstall-all.sh``` - Uninstalls all the components
+
+
+
--- /dev/null
+#!/bin/bash
+
+# ============LICENSE_START===============================================
+# Copyright (C) 2023 Nordix Foundation. All rights reserved.
+# ========================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=================================================
+#
+
+echo "######### Installing ACM components #########"
+
+ENABLE_COMPONENTS=(policy-models-simulator policy-clamp-runtime-acm policy-clamp-ac-kserve-ppnt policy-clamp-ac-k8s-ppnt policy-clamp-ac-a1pms-ppnt)
+DISABLE_COMPONENTS=(policy-api policy-pap policy-apex-pdp policy-pdpd-cl policy-xacml-pdp policy-distribution policy-clamp-ac-pf-ppnt policy-clamp-ac-http-ppnt)
+
+ACM_VALUES_FILE="docker/helm/policy/values.yaml"
+A1PMS_CONFIGURATION_FILE="docker/helm/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/A1pmsParticipantParameters.yaml"
+K8S_CONFIGURATION_FILE="docker/helm/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml"
+
+IP_ADDRESS=$(hostname -I | awk '{print $1}')
+echo "IP Address : $IP_ADDRESS"
+
+git clone -b london "https://gerrit.onap.org/r/policy/docker"
+
+CWD=$(pwd)
+export WORKSPACE="$CWD/docker"
+
+echo "Updating policy docker image versions..."
+bash docker/compose/get-k8s-versions.sh
+
+echo "Enabling the access for the clusterroles..."
+kubectl apply -f resources/acm-role-binding.yaml
+
+for element in "${ENABLE_COMPONENTS[@]}"; do
+ echo "Enabling component $element"
+ yq eval ".$element.enabled"="true" -i $ACM_VALUES_FILE
+done
+
+for element in "${DISABLE_COMPONENTS[@]}"; do
+ echo "Disabling component $element"
+ yq eval ".$element.enabled"="false" -i $ACM_VALUES_FILE
+done
+
+echo "Updating A1PMS Participant"
+yq eval '.a1pms.baseUrl="http://policymanagementservice.nonrtric:9080"' -i $A1PMS_CONFIGURATION_FILE
+
+echo "Updating the k8s participant repo list"
+yq eval '.repoList.helm.repos += {"repoName":"local","address":"http://'$IP_ADDRESS':8879/charts"}' -i $K8S_CONFIGURATION_FILE
+
+echo "Building policy helm charts..."
+helm dependency build docker/helm/policy/
+
+echo "Installing policy helm charts..."
+helm install csit-policy docker/helm/policy/ -n default
+
+while [[ $TIME -lt 2000 ]]; do
+ NONRTRIC_PODS=$(kubectl get pods -n default --field-selector=status.phase!=Running,status.phase!=Succeeded --no-headers)
+ if [[ -z "$NONRTRIC_PODS" ]]; then
+ echo "All ACM Components are running."
+ kubectl get pods -n default
+ break
+ fi
+
+ echo "Waiting for ACM Components to be running..."
+ echo "These pods are not running"
+ echo "$NONRTRIC_PODS"
+ TIME=$(expr $TIME + 5)
+ sleep 5
+done
+
+echo "ACM Components Installation Completed."
\ No newline at end of file
--- /dev/null
+#!/bin/bash
+
+# ============LICENSE_START===============================================
+# Copyright (C) 2023 Nordix Foundation. All rights reserved.
+# ========================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=================================================
+#
+
+echo "######### Installing Rapp Manager #########"
+
+./install-base.sh
+
+echo "Installing Kserve components..."
+./install-kserve.sh
+
+echo "Installing NONRTRIC components..."
+./install-nonrtric.sh
+
+echo "Installing ACM components..."
+./install-acm.sh
+
+# Install rapp manager
+
+echo "Rapp Manager installation completed."
\ No newline at end of file
--- /dev/null
+#!/bin/bash
+
+# ============LICENSE_START===============================================
+# Copyright (C) 2023 Nordix Foundation. All rights reserved.
+# ========================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=================================================
+#
+
+echo "######### Installing base components #########"
+
+echo "Installing helm..."
+snap install helm --classic
+HELM_VERSION=$(helm version --short)
+echo "Helm version $HELM_VERSION installed."
+
+echo "Installing chartmuseum..."
+curl https://raw.githubusercontent.com/helm/chartmuseum/main/scripts/get-chartmuseum | bash
+CHART_MUSEUM_VERSION=$(helm version --short)
+echo "Chartmuseum version $CHART_MUSEUM_VERSION is installed."
+
+echo "Install yq..."
+snap install yq
+
--- /dev/null
+#!/bin/bash
+
+# ============LICENSE_START===============================================
+# Copyright (C) 2023 Nordix Foundation. All rights reserved.
+# ========================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=================================================
+#
+
+echo "######### Installing Kserve #########"
+
+KSERVE_CRD_RESPONSE=$(kubectl get crd inferenceservice.serving.kserve.io)
+if [ -z "$KSERVE_CRD_RESPONSE" ]; then
+ echo "Adding istio helm repository"
+ helm repo add istio https://istio-release.storage.googleapis.com/charts
+ helm repo update
+
+ echo "Installing Istio..."
+ kubectl create namespace istio-system
+ helm install istio-base istio/base -n istio-system --set defaultRevision=default
+ helm install istiod istio/istiod -n istio-system --wait
+
+ echo "Installing Istio Kserve ingress..."
+ kubectl apply -f resources/kserve-istio-ingress.yaml
+
+ echo "Installing Cert Manager v1.12.0 ..."
+ kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml
+
+ while [[ $TIME -lt 20 ]]; do
+ CERT_MANAGER_PODS=$(kubectl get pods -n cert-manager --field-selector=status.phase!=Running --no-headers)
+ if [[ -z "$CERT_MANAGER_PODS" ]]; then
+ echo "Cert manager is running."
+ break
+ fi
+
+ echo "Waiting for cert manager to be running..."
+ echo "These pods are not running"
+ echo "$CERT_MANAGER_PODS"
+ TIME=$(expr $TIME + 3)
+ sleep 3
+ done
+ echo "Waiting for cert-manager to get initialized..."
+
+ echo "Installing Kserve v0.10.0 ..."
+ kubectl apply -f https://github.com/kserve/kserve/releases/download/v0.10.0/kserve.yaml
+ kubectl apply -f https://github.com/kserve/kserve/releases/download/v0.10.0/kserve-runtimes.yaml
+ echo "Patching Kserve ..."
+ kubectl patch configmap/inferenceservice-config -n kserve --type=strategic -p '{"data": {"deploy": "{\"defaultDeploymentMode\": \"RawDeployment\"}"}}'
+ echo "Kserve installation completed."
+else
+ echo "Kserve already installed."
+fi
--- /dev/null
+#!/bin/bash
+
+# ============LICENSE_START===============================================
+# Copyright (C) 2023 Nordix Foundation. All rights reserved.
+# ========================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=================================================
+#
+
+echo "######### Installing NONRTRIC components #########"
+
+git clone "https://gerrit.o-ran-sc.org/r/it/dep"
+
+ENABLED_SERVICES=(installPms installA1controller installA1simulator installInformationservice)
+DISABLED_SERVICES=(installControlpanel installRappcatalogueservice installRappcatalogueenhancedservice installNonrtricgateway installKong installDmaapadapterservice installDmaapmediatorservice installHelmmanager installOrufhrecovery installRansliceassurance)
+
+RECEIPE_FILE="dep/nonrtric/RECIPE_EXAMPLE/example_recipe.yaml"
+
+for element in "${ENABLED_SERVICES[@]}"; do
+ echo "Enabling service $element"
+ yq eval ".nonrtric.$element"="true" -i $RECEIPE_FILE
+done
+
+for element in "${DISABLED_SERVICES[@]}"; do
+ echo "Disabling service $element"
+ yq eval ".nonrtric.$element"="false" -i $RECEIPE_FILE
+done
+
+sudo dep/bin/deploy-nonrtric -f $RECEIPE_FILE
+
+while [[ $TIME -lt 2000 ]]; do
+ NONRTRIC_PODS=$(kubectl get pods -n nonrtric --field-selector=status.phase!=Running --no-headers)
+ if [[ -z "$NONRTRIC_PODS" ]]; then
+ echo "All NONRTRIC Components are running."
+ kubectl get pods -n nonrtric
+ break
+ fi
+
+ echo "Waiting for NONRTRIC Components to be running..."
+ echo "These pods are not running"
+ echo "$NONRTRIC_PODS"
+ TIME=$(expr $TIME + 5)
+ sleep 5
+done
+
+echo "NONRTRIC component installation completed..."
--- /dev/null
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: policy-read-view-binding
+subjects:
+ - kind: ServiceAccount
+ name: policy-read
+ namespace: default
+ - kind: ServiceAccount
+ name: policy-api-read
+ namespace: default
+ - kind: ServiceAccount
+ name: policy-clamp-runtime-acm-read
+ namespace: default
+ - kind: ServiceAccount
+ name: policy-pap-read
+ namespace: default
+roleRef:
+ kind: ClusterRole
+ name: view
+ apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
--- /dev/null
+apiVersion: networking.k8s.io/v1
+kind: IngressClass
+metadata:
+ name: istio
+spec:
+ controller: istio.io/ingress-controller
--- /dev/null
+#!/bin/bash
+
+# ============LICENSE_START===============================================
+# Copyright (C) 2023 Nordix Foundation. All rights reserved.
+# ========================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=================================================
+#
+
+echo "######### Uninstalling Rapp Manager #########"
+
+echo "Uninstalling ACM Components..."
+helm uninstall csit-policy -n default
+
+echo "Uninstalling NONRTRIC Components..."
+sudo dep/bin/undeploy-nonrtric
+
+echo "Uninstalling Kserve Components..."
+kubectl delete -f https://github.com/kserve/kserve/releases/download/v0.10.0/kserve.yaml
+kubectl delete -f https://github.com/kserve/kserve/releases/download/v0.10.0/kserve-runtimes.yaml
+kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml
+kubectl delete ns cert-manager
+helm uninstall istiod -n istio-system
+helm uninstall istio-base -n istio-system
+kubectl delete ns istio-system
+
+rm -rf dep/
+rm -rf docker/
+
+sudo rm -fr /dockerdata-nfs/* /tmp/dockerdata-nfs