version: 0.1.0
releaseName: oru-app
# repository can point to a helm repo or a path in local file system where chart is stored
- repository: local
+ repository: chartmuseum
namespace: nonrtric
org.onap.domain.linkmonitor.MessageGeneratorK8SMicroserviceControlLoopElement:
version: 1.2.3
version: 0.1.0
releaseName: message-generator
# repository can point to a helm repo or a path in local file system where chart is stored
- repository: local
+ repository: chartmuseum
namespace: nonrtric
overrideParams:
image.tag: v2
version: 0.1.0
releaseName: sdnr-simulator
# repository can point to a helm repo or a path in local file system where chart is stored
- repository: local
+ repository: chartmuseum
namespace: nonrtric
org.onap.domain.linkmonitor.DmaapMrK8SMicroserviceControlLoopElement:
version: 1.2.3
version: 0.1.0
releaseName: dmaap-mr
# repository can point to a helm repo or a path in local file system where chart is stored
- repository: local
+ repository: chartmuseum
namespace: nonrtric
\ No newline at end of file
--- /dev/null
+This docker-compose will create a control loop that will deploy all components of the closed loop recovery use case into a k8s cluster using the k8s participant from CLAMP in ONAP.
+
+It will also bring up the chartmuseum registry that will be used by helm when deploying the charts.
+The script named chartmuseum_init.sh will push all the charts into the chartmuseum.
+This script is mounted into the k8s-participant docker container but can also be run locally.
+
+Depending on the type of k8s cluster and the operating system being used, different settings might need to be done for the k8s-participant docker container. For example, in case of minikube, the following should be added under k8s-participant (assuming that kube-config file of the host machine has been copied into the config directory):
+
+volumes:
+ - ./config/kube-config:/home/policy/.kube/config:ro
+ - ~/.minikube/profiles/minikube:/home/policy/.minikube/profiles/minikube
+
+This will mount the kube-config file into the k8s-participant docker container so that it is able to deploy services into the minikube instance running in the host machine. The minikube directory contains the client-certificate and client-key.
+
+Since the kube-api server is running in the host machine instead of the k8s-participant docker container, some extra steps are needed:
+
+1) Linux
+
+Run the following command in the host machine so that the localhost referred to in the kube-config file points to the host machine:
+
+iptables -A INPUT -i docker0 -j ACCEPT
+
+2) Mac
+
+Mac OS does not seem to have the iptables command. However, in order to refer to the host machine from inside the docker container, one may use "host.docker.internal" but this gives rise to another problem:
+
+Unable to connect to the server: x509: certificate is valid for minikubeCA, control-plane.minikube.internal, kubernetes.default.svc.cluster.local, kubernetes.default.svc, kubernetes.default, kubernetes, localhost, not host.docker.internal
+
+As a workaround, the TLS can be disabled. So, the following part should be modified in the kube-config file:
+
+- cluster:
+ server: https://host.docker.internal:<PORT>
+ insecure-skip-tls-verify: true
+
+
+## License
+
+Copyright (C) 2021 Nordix Foundation.
+Licensed under the Apache License, Version 2.0 (the "License")
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
--- /dev/null
+#!/bin/sh
+
+###
+# ============LICENSE_START=======================================================
+# ONAP CLAMP
+# ================================================================================
+# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright (C) 2021 Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END============================================
+# ===================================================================
+#
+###
+
+mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < /docker-entrypoint-initdb.d/create-db.sql
+mysql -uroot -p$MYSQL_ROOT_PASSWORD --execute "CREATE USER 'policy'@'%' IDENTIFIED BY 'P01icY';"
+mysql -uroot -p$MYSQL_ROOT_PASSWORD --execute "GRANT ALL PRIVILEGES ON controlloop.* TO 'policy'@'%';"
\ No newline at end of file
--- /dev/null
+#
+# Create CLDS database objects (tables, etc.)
+#
+#
+CREATE DATABASE IF NOT EXISTS `cldsdb4`;
+CREATE DATABASE IF NOT EXISTS `policyadmin`;
+CREATE DATABASE IF NOT EXISTS `controlloop`;
+USE `cldsdb4`;
+DROP USER 'clds';
+CREATE USER 'clds';
+GRANT ALL on cldsdb4.* to 'clds' identified by 'sidnnd83K' with GRANT OPTION;
+FLUSH PRIVILEGES;
+
--- /dev/null
+#
+# ===========LICENSE_START====================================================
+# Copyright (C) 2021 Nordix Foundation. All rights reserved.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=====================================================
+#
+version: '2'
+networks:
+ default:
+ driver: bridge
+ name: nonrtric-docker-net
+services:
+ mariadb:
+ image: nexus3.onap.org:10001/mariadb:10.5.8
+ container_name: mariadb
+ hostname: mariadb
+ volumes:
+ - db-vol:/var/lib/mysql
+ - "./config/db/:/docker-entrypoint-initdb.d:rw"
+ environment:
+ - MYSQL_ROOT_PASSWORD=strong_pitchou
+ ports:
+ - "3306:3306"
+ expose:
+ - 3306
+ controlloop-runtime:
+ image: nexus3.onap.org:10001/onap/policy-controlloop-runtime:6.1.2-SNAPSHOT
+ container_name: controlloop-runtime
+ depends_on:
+ - mariadb
+ hostname: controlloop-runtime
+ ports:
+ - "6969:6969"
+ expose:
+ - 6969
+ volumes:
+ - ./config/ks.jks:/opt/app/policy/clamp/etc/ssl/policy-keystore.jks:ro
+ environment:
+ - TOPICSERVER=onap-dmaap
+ - MARIADB_HOST=mariadb
+ - MARIADB_PORT=3306
+ k8s-participant:
+ image: nexus3.onap.org:10001/onap/kubernetes-participant:6.1.2-SNAPSHOT
+ container_name: k8s-participant
+ depends_on:
+ - mariadb
+ - controlloop-runtime
+ - chartmuseum
+ hostname: k8s-participant
+ volumes:
+ - ./config/ks.jks:/opt/app/policy/clamp/etc/ssl/policy-keystore.jks:ro
+ - ./../helm:/home/policy/helm
+ - <PATH TO kube-config>:/home/policy/.kube/config:ro
+ environment:
+ - TOPICSERVER=onap-dmaap
+ - KEYSTORE=/opt/app/policy/clamp/etc/ssl/policy-keystore.jks
+ - KEYSTORE_PASSWD=Pol1cy_0nap
+ entrypoint: sh -c "/home/policy/helm/chartmuseum_init.sh && /opt/app/policy/clamp/bin/kubernetes-participant.sh"
+ chartmuseum:
+ image: ghcr.io/helm/chartmuseum:v0.13.1
+ container_name: chartmuseum
+ hostname: chartmuseum
+ volumes:
+ - ./charts:/charts
+ environment:
+ - STORAGE=local
+ - STORAGE_LOCAL_ROOTDIR=/charts
+volumes:
+ db-vol:
\ No newline at end of file
--- /dev/null
+# Copyright (C) 2021 Nordix Foundation. All rights reserved.
+# ========================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=================================================
+#
+
+SHELL_FOLDER=$(cd "$(dirname "$0")";pwd)
+cd ${SHELL_FOLDER}
+
+# build dmaap-mr helm chart & push to chartmuseum
+cd ${SHELL_FOLDER}/dmaap-mr/
+helm package .
+curl --data-binary "@dmaap-mr-0.1.0.tgz" http://chartmuseum:8080/api/charts
+
+# build message-generator helm chart & push to chartmuseum
+cd ${SHELL_FOLDER}/message-generator/
+helm package .
+curl --data-binary "@message-generator-0.1.0.tgz" http://chartmuseum:8080/api/charts
+
+# build oru-app helm chart & push to chartmuseum
+cd ${SHELL_FOLDER}/oru-app/
+helm package .
+curl --data-binary "@oru-app-0.1.0.tgz" http://chartmuseum:8080/api/charts
+
+# build sdnr-simulator helm chart & push to chartmuseum
+cd ${SHELL_FOLDER}/sdnr-simulator/
+helm package .
+curl --data-binary "@sdnr-simulator-0.1.0.tgz" http://chartmuseum:8080/api/charts
+
+# add chartmuseum repo to helm
+helm repo add chartmuseum http://chartmuseum:8080
\ No newline at end of file
Code Review / nonrtric.git / commitdiff