NAMESPACE=$RICAUX_NAMESPACE
fi
-RICAUX_COMPONENTS="dashboard"
+RICAUX_COMPONENTS="dashboard ves message-router"
echo "Deploying RIC AUX components [$RICAUX_COMPONENTS]"
echo "Platform Namespace: $NAMESPACE"
NAMESPACE=$RICAUX_NAMESPACE
fi
-RICAUX_COMPONENTS="dashboard"
+RICAUX_COMPONENTS="dashboard message-router ves"
echo "Undeploying RIC AUX components [$RICAUX_COMPONENTS]"
echo "Platform Namespace: $NAMESPACE"
apiVersion: v1
appVersion: "1.0"
-description: Helm chart for the RIC Dashboard web app
+description: Helm Chart for RIC Dashboard
name: dashboard
version: 1.1.0
+icon: https://gerrit.o-ran-sc.org/r/gitweb?p=portal/ric-dashboard.git;a=blob;f=webapp-frontend/src/assets/at_t.png;h=3cced1d5ce4668fbf3b33064aaaa6920bc8130b6;hb=HEAD
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+# Defines a config map for mounting as file application.properties
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "dashboard.fullname" . }}-appconfig
+data:
+ # this key becomes the filename when mounted
+ application.properties: |
+ # appconfig.yaml
+ server.port = {{ .Values.dashboard.server.port }}
+ a1med.url = {{ .Values.dashboard.properties.a1med.url }}
+ anrxapp.url = {{ .Values.dashboard.properties.anrxapp.url }}
+ e2mgr.url = {{ .Values.dashboard.properties.e2mgr.url }}
+ xappmgr.url = {{ .Values.dashboard.properties.xappmgr.url }}
imagePullPolicy: {{ include "common.pullPolicy" . }}
ports:
- name: http
- containerPort: 8080
+ containerPort: {{ .Values.dashboard.server.port }}
protocol: TCP
- env:
- - name: SPRING_APPLICATION_JSON
- valueFrom:
- configMapKeyRef:
- name: dashboard-configmap
- key: springApplication.json
+ volumeMounts:
+ - name: application-config
+ mountPath: /maven/application.properties
+ subPath: application.properties
+ readOnly: true
livenessProbe:
httpGet:
path: /
httpGet:
path: /
port: http
+ volumes:
+ - name: application-config
+ configMap:
+ name: {{ include "dashboard.fullname" . }}-appconfig
spec:
type: {{ .Values.dashboard.service.type }}
ports:
- - port: {{ .Values.dashboard.service.port }}
+ - port: {{ .Values.dashboard.server.port }}
+ nodePort: {{ .Values.dashboard.service.port }}
targetPort: http
protocol: TCP
selector:
# limitations under the License. #
################################################################################
-# Default values for dashboard.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
+# Deployment values for dashboard.
-replicaCount: 1
repository: "nexus3.o-ran-sc.org:10004"
imagePullPolicy: IfNotPresent
repositoryCred: docker-reg-cred
dashboard:
image:
name: ric-dash-be
- tag: 1.0.0-SNAPSHOT
-
-
+ tag: 1.0.4
+ replicaCount: 1
+ server:
+ # Tomcat listens here
+ port: 8080
service:
type: NodePort
- port: 80
-
+ port: 30080
+ name: dashboard-service
+ # config URLs must be specified at deployment
+ properties:
+ a1med:
+ url: http://values-yaml-default-A1-URL
+ anrxapp:
+ url: http://values-yaml-default-ANR-URL
+ e2mgr:
+ url: http://values-yaml-default-E2-URL
+ xappmgr:
+ url: http://values-yaml-default-MGR-URL
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+apiVersion: v1
+description: ONAP Message Router
+name: message-router
+version: 1.1.0
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+apiVersion: v1
+description: ONAP Message Router Kafka Service
+name: message-router-kafka
+version: 1.1.0
+
--- /dev/null
+# Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: policy/v1beta1
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "common.fullname" . }}-pdb
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ maxUnavailable: 1
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- $root := . -}}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }}
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
+ namespace: {{ $root.Release.Namespace }}
+ labels:
+ app: {{ $root.Values.service.name }}
+ chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
+ release: {{ $root.Release.Name }}
+ heritage: {{ $root.Release.Service }}
+spec:
+ capacity:
+ storage: {{ $root.Values.persistence.size }}
+ accessModes:
+ - {{ $root.Values.persistence.accessMode }}
+ hostPath:
+ path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }}
+ persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
+{{ end }}
+{{ end }}
+
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ ports:
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ clusterIP: None
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+
--- /dev/null
+# Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- $root := . -}}
+{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ $root.Values.service.name }}-{{ $i }}
+ namespace: {{ $root.Release.Namespace }}
+ labels:
+ app: {{ $root.Values.service.name }}
+ chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
+ release: {{ $root.Release.Name }}
+ heritage: {{ $root.Release.Service }}
+
+spec:
+ type: {{ $root.Values.service.type }}
+ externalTrafficPolicy: Local
+ selector:
+ statefulset.kubernetes.io/pod-name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
+ ports:
+ - port: {{ $root.Values.service.externalPort }}
+ targetPort: {{ $root.Values.service.externalPort }}
+ nodePort: {{ $root.Values.service.baseNodePort | add $i }}
+ name: {{ $root.Values.service.name }}-{{ $i }}
+{{ end }}
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ serviceName: {{ .Values.service.name }}
+ replicas: {{ .Values.replicaCount }}
+ podManagementPolicy: Parallel
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ podAntiAffinity:
+ {{if eq .Values.podAntiAffinityType "hard" -}}
+ requiredDuringSchedulingIgnoredDuringExecution:
+ {{- else -}}
+ preferredDuringSchedulingIgnoredDuringExecution:
+ {{- end}}
+ - weight: 1
+ podAffinityTerm:
+ labelSelector:
+ matchExpressions:
+ - key: "app"
+ operator: In
+ values:
+ - {{ include "common.name" . }}
+ topologyKey: "kubernetes.io/hostname"
+ {{- if .Values.nodeAffinity }}
+ nodeAffinity:
+ {{ toYaml .Values.nodeAffinity | indent 10 }}
+ {{- end }}
+ initContainers:
+ - name: {{ include "common.name" . }}-initcontainer
+ image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ - command:
+ - sh
+ - -exec
+ - |
+ chown -R 1000:1000 /opt/kafka/data;
+ image: "{{ .Values.busyBoxRepository }}/{{ .Values.busyBoxImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /opt/kafka/data
+ name: kafka-data
+ name: {{ include "common.name" . }}-permission-fixer
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ .Values.onapRepository }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - sh
+ - -exc
+ - |
+ export KAFKA_BROKER_ID=${HOSTNAME##*-} && \
+ export ENDPOINT_PORT=$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )) && \
+ export KAFKA_ADVERTISED_LISTENERS=EXTERNAL_SASL_PLAINTEXT://$(HOST_IP):$(( $KAFKA_BROKER_ID + {{ .Values.service.baseNodePort }} )),INTERNAL_SASL_PLAINTEXT://:{{ .Values.service.internalPort }} && \
+ exec start-kafka.sh
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.externalPort }}
+ {{ if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: HOST_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.hostIP
+ - name: KAFKA_ZOOKEEPER_CONNECT
+ value: "{{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}"
+ - name: KAFKA_LISTENER_SECURITY_PROTOCOL_MAP
+ value: "INTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT,EXTERNAL_SASL_PLAINTEXT:SASL_PLAINTEXT"
+ - name: KAFKA_LISTENERS
+ value: "EXTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.externalPort }},INTERNAL_SASL_PLAINTEXT://0.0.0.0:{{ .Values.service.internalPort }}"
+ - name: KAFKA_INTER_BROKER_LISTENER_NAME
+ value: "INTERNAL_SASL_PLAINTEXT"
+ - name: KAFKA_SASL_ENABLED_MECHANISMS
+ value: "PLAIN"
+ - name: KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL
+ value: "PLAIN"
+ - name: KAFKA_AUTHORIZER_CLASS_NAME
+ value: "{{ .Values.kafkaCustomAuthorizer }}"
+ - name: KAFKA_DELETE_TOPIC_ENABLE
+ value: "{{ .Values.deleteTopicEnable }}"
+ - name: aaf_locate_url
+ value: "https://aaf-locate:8095"
+ - name: KAFKA_LOG_DIRS
+ value: "/opt/kafka/data"
+ - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR
+ value: "{{ .Values.replicaCount }}"
+ - name: KAFKA_DEFAULT_REPLICATION_FACTOR
+ value: "{{ .Values.replicaCount }}"
+ - name: KAFKA_NUM_PARTITIONS
+ value: "{{ .Values.defaultpartitions }}"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /var/run/docker.sock
+ name: docker-socket
+ - mountPath: /opt/kafka/data
+ name: kafka-data
+ {{- if .Values.tolerations }}
+ tolerations:
+ {{ toYaml .Values.tolerations | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: docker-socket
+ hostPath:
+ path: /var/run/docker.sock
+{{ if not .Values.persistence.enabled }}
+ - name: kafka-data
+ emptyDir: {}
+{{ else }}
+ volumeClaimTemplates:
+ - metadata:
+ name: kafka-data
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+ selector:
+ matchLabels:
+ release: "{{ .Release.Name }}"
+ app: {{ .Values.service.name }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ heritage: "{{ .Release.Service }}"
+{{ end }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ persistence: {}
+ ubuntuInitRepository: registry.hub.docker.com
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+onapRepository: nexus3.onap.org:10001
+image: onap/dmaap/kafka111:1.0.0
+pullPolicy: Always
+ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+busyBoxImage: busybox:1.30
+busyBoxRepository: docker.io
+
+
+zookeeper:
+ name: message-router-zookeeper
+ port: 2181
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# default number of instances
+replicaCount: 3
+
+#Kafka custom authorizer class name
+kafkaCustomAuthorizer: org.onap.dmaap.kafkaAuthorize.KafkaCustomAuthorizer
+deleteTopicEnable: true
+
+# To access Kafka outside cluster, this value must be set to hard and the number of nodes in K8S cluster must be equal or greater then replica count
+podAntiAffinityType: soft
+
+# defult partitions
+defaultpartitions: 3
+
+nodeSelector: {}
+
+nodeAffinity: {}
+
+affinity: {}
+
+tolerations: {}
+
+
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 60
+ periodSeconds: 10
+
+## Persist data to a persitent volume
+persistence:
+ enabled: false
+
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ # storageClass: "-"
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountPath: /dockerdata-nfs
+ mountSubPath: message-router/data-kafka
+
+service:
+ type: NodePort
+ name: message-router-kafka
+ portName: message-router-kafka
+ internalPort: 9092
+ externalPort: 9093
+ baseNodePort: 30490
+
+
+
+ingress:
+ enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2000m
+ memory: 4Gi
+ requests:
+ cpu: 100m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4000m
+ memory: 8Gi
+ requests:
+ cpu: 200m
+ memory: 2Gi
+ unlimited: {}
+
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+apiVersion: v1
+description: ONAP Dmaap Message Router Zookeeper Service
+name: message-router-zookeeper
+version: 1.1.0
\ No newline at end of file
--- /dev/null
+{{/*
+# Copyright © 2019 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- /*
+ Calculate the maximum number of zk server down in order to guarantee ZK quorum.
+ For guaranteeing ZK quorum we need half of the server + 1 up.
+
+ div in go template cast return an int64
+ so we need to know if it is an even number or an odd.
+ For this we are doing (n/2)*2=n?
+ if true it is even else it is even
+*/ -}}
+{{- define "zk.maxUnavailable" -}}
+{{- $halfReplica := div .Values.replicaCount 2 -}}
+ {{/* divide by 2 and multiply by 2 in order to know if it is an even number*/}}
+ {{if eq (mul $halfReplica 2) (int .Values.replicaCount) }}
+ {{- toYaml (sub $halfReplica 1) -}}
+ {{else}}
+ {{- toYaml $halfReplica -}}
+ {{end}}
+{{- end -}}
--- /dev/null
+# Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: policy/v1beta1
+kind: PodDisruptionBudget
+metadata:
+ name: {{ include "common.fullname" . }}-pdb
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ maxUnavailable: {{ include "zk.maxUnavailable" . }}
--- /dev/null
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- $root := . -}}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{ range $i, $e := until (atoi (quote $root.Values.replicaCount) | default 3) }}
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: {{ $root.Release.Name }}-{{ $root.Values.service.name }}-{{ $i }}
+ namespace: {{ $root.Release.Namespace }}
+ labels:
+ app: {{ $root.Values.service.name }}
+ chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version | replace "+" "_" }}
+ release: {{ $root.Release.Name }}
+ heritage: {{ $root.Release.Service }}
+spec:
+ capacity:
+ storage: {{ $root.Values.persistence.size }}
+ accessModes:
+ - {{ $root.Values.persistence.accessMode }}
+ hostPath:
+ path: {{ $root.Values.persistence.mountPath }}/{{ $root.Release.Name }}/{{ $root.Values.persistence.mountSubPath }}-{{ $i }}
+ persistentVolumeReclaimPolicy: {{ $root.Values.persistence.volumeReclaimPolicy }}
+{{ end }}
+{{ end }}
+
--- /dev/null
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - port: {{ .Values.service.clientPort }}
+ name: {{ .Values.service.clientPortName }}
+ - port: {{ .Values.service.serverPort }}
+ name: {{ .Values.service.serverPortName }}
+ - port: {{ .Values.service.leaderElectionPort }}
+ name: {{ .Values.service.leaderElectionPortName }}
+ clusterIP: None
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
\ No newline at end of file
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ serviceName: {{ .Values.service.name }}
+ replicas: {{ .Values.replicaCount }}
+ updateStrategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxUnavailable: {{ .Values.maxUnavailable }}
+ podManagementPolicy: Parallel
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ podAntiAffinity:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ - weight: 1
+ podAffinityTerm:
+ labelSelector:
+ matchExpressions:
+ - key: "app"
+ operator: In
+ values:
+ - {{ include "common.name" . }}
+ topologyKey: "kubernetes.io/hostname"
+ {{- if .Values.nodeAffinity }}
+ nodeAffinity:
+ {{ toYaml .Values.nodeAffinity | indent 10 }}
+ {{- end }}
+ initContainers:
+ - name: {{ include "common.name" . }}-permission-fixer
+ command:
+ - sh
+ - -exec
+ - >
+ chown -R 1000:1000 /tmp/zookeeper/apikeys;
+ image: "{{ .Values.busyBoxRepository }}/{{ .Values.busyBoxImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /tmp/zookeeper/apikeys
+ name: zookeeper-data
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ .Values.onapRepository }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ ports:
+ - containerPort: {{ .Values.service.clientPort }}
+ name: {{ .Values.service.clientPortName }}
+ - containerPort: {{ .Values.service.serverPort }}
+ name: {{ .Values.service.serverPortName }}
+ - containerPort: {{ .Values.service.leaderElectionPort }}
+ name: {{ .Values.service.leaderElectionPortName }}
+ {{ if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ exec:
+ command:
+ - sh
+ - -c
+ - "zookeeper-ready.sh 2181"
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ exec:
+ command:
+ - sh
+ - -c
+ - "zookeeper-ready.sh 2181"
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: ZK_REPLICAS
+ value: "{{ .Values.replicaCount }}"
+ - name: ZK_INIT_LIMIT
+ value: "{{ .Values.zk.initLimit }}"
+ - name: ZK_SYNC_LIMIT
+ value: "{{ .Values.zk.syncLimit }}"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /var/lib/zookeeper/data
+ name: zookeeper-data
+ {{- if .Values.tolerations }}
+ tolerations:
+ {{ toYaml .Values.tolerations | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+{{ if not .Values.persistence.enabled }}
+ - name: zookeeper-data
+ emptyDir: {}
+{{ else }}
+ volumeClaimTemplates:
+ - metadata:
+ name: zookeeper-data
+ labels:
+ app: {{ include "common.fullname" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+ selector:
+ matchLabels:
+ release: "{{ .Release.Name }}"
+ app: {{ .Values.service.name }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ heritage: "{{ .Release.Service }}"
+{{ end }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+
+
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ ubuntuInitRepository: registry.hub.docker.com
+ persistence: {}
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+onapRepository: nexus3.onap.org:10001
+image: onap/dmaap/zookeeper:5.0.0
+pullPolicy: Always
+ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+busyBoxImage: busybox:1.30
+busyBoxRepository: docker.io
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config:
+ # gerrit branch where the latest code is checked in
+ gerritBranch: master
+ # gerrit project where the latest code is checked in
+ gerritProject: http://gerrit.onap.org/r/dmaap/messagerouter/messageservice.git
+
+# default number of instances
+replicaCount: 3
+
+nodeSelector: {}
+
+nodeAffinity: {}
+
+affinity: {}
+
+tolerations: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+#Zookeeper properties
+zk:
+ initLimit: 5
+ syncLimit: 2
+
+## Persist data to a persitent volume
+persistence:
+ enabled: false
+
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ # storageClass: "-"
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountPath: /dockerdata-nfs
+ mountSubPath: message-router/data-zookeeper
+
+
+rollingUpdate:
+ maxUnavailable: 1
+service:
+ type: ClusterIP
+ name: message-router-zookeeper
+ portName: message-router-zookeeper
+ clientPortName: client
+ clientPort: 2181
+ serverPortName: server
+ serverPort: 2888
+ leaderElectionPortName: leader-election
+ leaderElectionPort: 3888
+
+ingress:
+ enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2000m
+ memory: 4Gi
+ requests:
+ cpu: 100m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4000m
+ memory: 8Gi
+ requests:
+ cpu: 200m
+ memory: 2Gi
+ unlimited: {}
--- /dev/null
+# LICENSE_START=======================================================
+# org.onap.dmaap
+# ================================================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
+###############################################################################
+###############################################################################
+##
+## Cambria API Server config
+##
+## - Default values are shown as commented settings.
+##
+
+###############################################################################
+##
+## HTTP service
+##
+## - 3904 is standard as of 7/29/14.
+#
+## Zookeeper Connection
+##
+## Both Cambria and Kafka make use of Zookeeper.
+##
+#config.zk.servers=172.18.1.1
+config.zk.servers={{.Values.zookeeper.name}}:{{.Values.zookeeper.port}}
+#config.zk.root=/fe3c/cambria/config
+
+
+###############################################################################
+##
+## Kafka Connection
+##
+## Items below are passed through to Kafka's producer and consumer
+## configurations (after removing "kafka.")
+## if you want to change request.required.acks it can take this one value
+#kafka.metadata.broker.list=localhost:9092,localhost:9093
+kafka.metadata.broker.list={{.Values.kafka.name}}:{{.Values.kafka.port}}
+##kafka.request.required.acks=-1
+#kafka.client.zookeeper=${config.zk.servers}
+consumer.timeout.ms=100
+zookeeper.connection.timeout.ms=6000
+zookeeper.session.timeout.ms=20000
+zookeeper.sync.time.ms=2000
+auto.commit.interval.ms=1000
+fetch.message.max.bytes =1000000
+auto.commit.enable=false
+
+#(backoff*retries > zksessiontimeout)
+kafka.rebalance.backoff.ms=10000
+kafka.rebalance.max.retries=6
+
+
+###############################################################################
+##
+## Secured Config
+##
+## Some data stored in the config system is sensitive -- API keys and secrets,
+## for example. to protect it, we use an encryption layer for this section
+## of the config.
+##
+## The key is a base64 encode AES key. This must be created/configured for
+## each installation.
+#cambria.secureConfig.key=
+##
+## The initialization vector is a 16 byte value specific to the secured store.
+## This must be created/configured for each installation.
+#cambria.secureConfig.iv=
+
+## Southfield Sandbox
+cambria.secureConfig.key=b/7ouTn9FfEw2PQwL0ov/Q==
+cambria.secureConfig.iv=wR9xP5k5vbz/xD0LmtqQLw==
+authentication.adminSecret=fe3cCompound
+#cambria.secureConfig.key[pc569h]=YT3XPyxEmKCTLI2NK+Sjbw==
+#cambria.secureConfig.iv[pc569h]=rMm2jhR3yVnU+u2V9Ugu3Q==
+
+
+###############################################################################
+##
+## Consumer Caching
+##
+## Kafka expects live connections from the consumer to the broker, which
+## obviously doesn't work over connectionless HTTP requests. The Cambria
+## server proxies HTTP requests into Kafka consumer sessions that are kept
+## around for later re-use. Not doing so is costly for setup per request,
+## which would substantially impact a high volume consumer's performance.
+##
+## This complicates Cambria server failover, because we often need server
+## A to close its connection before server B brings up the replacement.
+##
+
+## The consumer cache is normally enabled.
+#cambria.consumer.cache.enabled=true
+
+## Cached consumers are cleaned up after a period of disuse. The server inspects
+## consumers every sweepFreqSeconds and will clean up any connections that are
+## dormant for touchFreqMs.
+#cambria.consumer.cache.sweepFreqSeconds=15
+cambria.consumer.cache.touchFreqMs=120000
+##stickforallconsumerrequests=false
+## The cache is managed through ZK. The default value for the ZK connection
+## string is the same as config.zk.servers.
+#cambria.consumer.cache.zkConnect=${config.zk.servers}
+
+##
+## Shared cache information is associated with this node's name. The default
+## name is the hostname plus the HTTP service port this host runs on. (The
+## hostname is determined via InetAddress.getLocalHost ().getCanonicalHostName(),
+## which is not always adequate.) You can set this value explicitly here.
+##
+#cambria.api.node.identifier=<use-something-unique-to-this-instance>
+
+#cambria.rateLimit.maxEmptyPollsPerMinute=30
+#cambria.rateLimitActual.delay.ms=10
+
+###############################################################################
+##
+## Metrics Reporting
+##
+## This server can report its metrics periodically on a topic.
+##
+#metrics.send.cambria.enabled=true
+#metrics.send.cambria.topic=cambria.apinode.metrics #msgrtr.apinode.metrics.dmaap
+#metrics.send.cambria.sendEverySeconds=60
+
+cambria.consumer.cache.zkBasePath=/fe3c/cambria/consumerCache
+consumer.timeout=17
+default.partitions=3
+default.replicas=3
+##############################################################################
+#100mb
+maxcontentlength=10000
+
+
+##############################################################################
+#AAF Properties
+msgRtr.namespace.aaf=org.onap.dmaap.mr.topic
+msgRtr.topicfactory.aaf=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:
+enforced.topic.name.AAF=org.onap.dmaap.mr
+forceAAF=false
+transidUEBtopicreqd=false
+defaultNSforUEB=org.onap.dmaap.mr
+##############################################################################
+#Mirror Maker Agent
+
+msgRtr.mirrormakeradmin.aaf=org.onap.dmaap.mr.mirrormaker|*|admin
+msgRtr.mirrormakeruser.aaf=org.onap.dmaap.mr.mirrormaker|*|user
+msgRtr.mirrormakeruser.aaf.create=org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:
+msgRtr.mirrormaker.timeout=15000
+msgRtr.mirrormaker.topic=org.onap.dmaap.mr.mirrormakeragent
+msgRtr.mirrormaker.consumergroup=mmagentserver
+msgRtr.mirrormaker.consumerid=1
+
+kafka.max.poll.interval.ms=300000
+kafka.heartbeat.interval.ms=60000
+kafka.session.timeout.ms=240000
+kafka.max.poll.records=1000
+
--- /dev/null
+aaf_locate_url=https://aaf-locate:8095
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
+aaf_env=DEV
+aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm
+
+cadi_truststore=/appl/dmaapMR1/etc/truststoreONAPall.jks
+cadi_truststore_password=changeit
+
+cadi_keyfile=/appl/dmaapMR1/etc/keyfilenew
+
+cadi_alias=dmaapmr@mr.dmaap.onap.org
+cadi_keystore=/appl/dmaapMR1/etc/org.onap.dmaap.mr.p12
+cadi_keystore_password=Messaging for All
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
+
+
+cadi_loglevel=INFO
+cadi_protocols=TLSv1.1,TLSv1.2
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
--- /dev/null
+_sNOLphPzrU7L0L3oWv0pYwgV_ddGF1XoBsQEIAp34jfP-fGJFPfFYaMpDEZ3gwH59rNw6qyMZHk
+k-4irklvVcWk36lC3twNvc0DueRCVrws1bkuhOLCXdxHJx-YG-1xM8EJfRmzh79WPlPkbAdyPmFF
+Ah44V0GjAnInPOFZA6MHP9rNx9B9qECHRfmvzU13vJCcgTsrmOr-CEiWfRsnzPjsICxpq9OaVT_D
+zn6rNaroGm1OiZNCrCgvRkCUHPOOCw3j9G1GeaImoZNYtozbz9u4sj13PU-MxIIAa64b1bMMMjpz
+Upc8lVPI4FnJKg6axMmEGn5zJ6JUq9mtOVyPj__2GEuDgpx5H4AwodXXVjFsVgR8UJwI_BvS2JVp
+JoQk0J1RqXmAXVamlsMAfzmmbARXgmrBfnuhveZnh9ymFVU-YZeujdANniXAwBGI7c6hG_BXkH7i
+Eyf4Fn41_SV78PskP6qgqJahr9r3bqdjNbKBztIKCOEVrE_w3IM5r02l-iStk_NBRkj6cq_7VCpG
+afxZ2CtZMwuZMiypO_wOgbdpCSKNzsL-NH2b4b08OlKiWb263gz634KJmV5WEfCl-6eH-JUFbWOS
+JwQfActLNT2ZQPl2MyZQNBzJEWoJRgS6k7tPRO-zqeUtYYHGHVMCxMuMHGQcoilNNHEFeBCG_fBh
+yAKb9g9F86Cbx9voMLiyTX2T3rwVHiSJFOzfNxGmfN5JWOthIun_c5hEY1tLQ15BomzkDwk7BAj7
+VbRCrVD45B6xrmSTMBSWYmLyr6mnQxQqeh9cMbD-0ZAncE3roxRnRvPKjFFa208ykYUp2V83r_PJ
+fV5I9ZPKSjk9DwFyrjkcQQEYDhdK6IFqcd6nEthjYVkmunu2fsX0bIOm9GGdIbKGqBnpdgBO5hyT
+rBr9HSlZrHcGdti1R823ckDF0Ekcl6kioDr5NLIpLtg9zUEDRm3QrbX2mv5Zs8W0pYnOqglxy3lz
+bJZTN7oR7VasHUtjmp0RT9nLZkUs5TZ6MHhlIq3ZsQ6w_Q9Rv1-ofxfwfCC4EBrWKbWAGCf6By4K
+Ew8321-2YnodhmsK5BrT4zQ1DZlmUvK8BmYjZe7wTljKjgYcsLTBfX4eMhJ7MIW1kpnl8AbiBfXh
+QzN56Mki51Q8PSQWHm0W9tnQ0z6wKdck6zBJ8JyNzewZahFKueDTn-9DOqIDfr3YHvQLLzeXyJ8e
+h4AgjW-hvlLzRGtkCknjLIgXVa3rMTycseAwbW-mgdCqqkw3SdEG8feAcyntmvE8j2jbtSDStQMB
+9JdvyNLuQdNG4pxpusgvVso0-8NQF0YVa9VFwg9U6IPSx5p8FcW68OAHt_fEgT4ZtiH7o9aur4o9
+oYqUh2lALCY-__9QLq1KkNjMKs33Jz9E8LbRerG9PLclkTrxCjYAeUWBjCwSI7OB7xkuaYDSjkjj
+a46NLpdBN1GNcsFFcZ79GFAK0_DsyxGLX8Tq6q0Bvhs8whD8wlSxpTGxYkyqNX-vcb7SDN_0WkCE
+XSdZWkqTHXcYbOvoCOb_e6SFAztuMenuHWY0utX0gBfx_X5lPDFyoYXErxFQHiA7t27keshXNa6R
+ukQRRS8kMjre1U74sc-fRNXkXpl57rG4rgxaEX0eBeowa53KAsVvUAoSac2aC_nfzXrDvoyf9Xi3
+JpEZNhUDLpFCEycV4I7jGQ9wo9qNaosvlsr6kbLDNdb_1xrGVgjT3xEvRNJNPqslSAu-yD-UFhC3
+AmCdYUnugw_eEFqXCHTARcRkdPPvl2XsmEKY2IqEeO5tz4DyXQFaL-5hEVh6lYEU1EOWHk3UGIXe
+Vc5_Ttp82qNLmlJPbZvgmNTJzYTHDQ_27KBcp7IVVZgPDjVKdWqQvZ18KhxvfF3Idgy82LBZniFV
+IbtxllXiPRxoPQriSXMnXjh3XkvSDI2pFxXfEvLRn1tvcFOwPNCz3QfPIzYg8uYXN5bRt3ZOrR_g
+ZhIlrc7HO0VbNbeqEVPKMZ-cjkqGj4VAuDKoQc0eQ6X_wCoAGO78nPpLeIvZPx1X3z5YoqNA
\ No newline at end of file
--- /dev/null
+{
+ "dcaeLocationName": "san-francisco",
+ "fqdn": "message-router",
+ "topicProtocol": "http",
+ "topicPort": "3904"
+}
--- /dev/null
+{
+ "topicName": "PM_MAPPER",
+ "topicDescription": "The PM Mapper will be publishing perf3gpp VES events to this topic",
+ "owner": "pm-mapper",
+ "txenabled": false,
+ "clients": [{
+ "dcaeLocationName": "san-francisco",
+ "clientIdentity": "dcae@dcae.onap.org",
+ "action": [
+ "pub",
+ "view"
+ ]
+ }]
+}
--- /dev/null
+{
+ "topicName": "PNF_READY",
+ "topicDescription": "This topic will be used to publish the PNF_READY events generated by the PNF REgistration Handler service in the DCAE platform.",
+ "owner": "PNFRegistrationHandler",
+ "txenabled": false,
+ "clients": [
+ {
+ "dcaeLocationName": "san-francisco",
+ "clientRole": "org.onap.dmaap.mr.PNF_READY.pub",
+ "action": [
+ "pub",
+ "view"
+ ]
+
+ }
+ ]
+}
--- /dev/null
+{
+ "topicName": "PNF_REGISTRATION",
+ "topicDescription": "the VES collector will be publishing pnfRegistration events in this topic",
+ "owner": "VEScollector",
+ "txenabled": false,
+ "clients": [
+ {
+ "dcaeLocationName": "san-francisco",
+ "clientRole": "org.onap.dmaap.mr.PNF_REGISTRATION.sub",
+ "action": [
+ "sub",
+ "view"
+ ]
+
+ }
+ ]
+}
--- /dev/null
+#
+# Intent of this directory is for it to contain a file for each topic that needs to be provisioned in MR.
+# So, app teams can add files to this directory as needed without impacting each other's code.
--- /dev/null
+{
+ "topicName": "mirrormakeragent",
+ "topicDescription": "the topic used to provision the MM agent whitelist",
+ "replicationCase": "REPLICATION_NONE",
+ "owner": "dmaap",
+ "txenabled": false,
+ "partitionCount": "1",
+ "clients": [
+ {
+ "dcaeLocationName": "san-francisco",
+ "clientIdentity": "dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org",
+ "action": [
+ "pub",
+ "sub",
+ "view"
+ ]
+
+ },
+ {
+ "dcaeLocationName": "san-francisco",
+ "clientIdentity": "dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org",
+ "action": [
+ "pub",
+ "sub",
+ "view"
+ ]
+
+ },
+ {
+ "dcaeLocationName": "san-francisco",
+ "clientIdentity": "demo@people.osaaf.org",
+ "action": [
+ "pub",
+ "sub",
+ "view"
+ ]
+
+ }
+
+ ]
+}
+
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-msgrtrapi-prop-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/dmaap/MsgRtrApi.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-cadi-prop-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/dmaap/cadi.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-dbc-mrclusters
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/mr_clusters/*.json").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-dbc-topics
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/topics/*.json").AsConfig . | indent 2 }}
+
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-secret
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ (.Files.Glob "resources/config/dmaap/mykey").AsSecrets | indent 2 }}
+type: Opaque
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ msb.onap.org/service-info: '[
+ {
+ "serviceName": "{{ include "common.servicename" . }}",
+ "version": "v1",
+ "url": "/",
+ "protocol": "REST",
+ "port": "{{.Values.service.internalPort}}",
+ "visualRange":"1"
+ }
+ ]'
+
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}-{{ .Values.service.externalPort }}
+ - port: {{ .Values.service.externalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName }}-{{ .Values.service.externalPort2 }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ .Values.onapRepository }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.externalPort }}
+ - containerPort: {{ .Values.service.externalPort2 }}
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.externalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.externalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: enableCadi
+ value: "true"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties
+ subPath: MsgRtrApi.properties
+ name: appprops
+ - mountPath: /appl/dmaapMR1/etc/cadi.properties
+ subPath: cadi.properties
+ name: cadi
+ - mountPath: /appl/dmaapMR1/etc/keyfile
+ subPath: mykey
+ name: mykey
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: appprops
+ configMap:
+ name: {{ include "common.fullname" . }}-msgrtrapi-prop-configmap
+ - name: cadi
+ configMap:
+ name: {{ include "common.fullname" . }}-cadi-prop-configmap
+ - name: mykey
+ secret:
+ secretName: {{ include "common.fullname" . }}-secret
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ clientImage: onap/dmaap/dbc-client:1.0.8-STAGING-latest
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+onapRepository: nexus3.onap.org:10001
+image: onap/dmaap/dmaap-mr:1.1.13
+pullPolicy: Always
+
+kafka:
+ name: message-router-kafka
+ port: 9092
+zookeeper:
+ name: message-router-zookeeper
+ port: 2181
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config: {}
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 70
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 70
+ periodSeconds: 10
+
+service:
+ type: NodePort
+ name: message-router
+ portName: message-router
+ externalPort: 3904
+ nodePort: 27
+ externalPort2: 3905
+ nodePort2: 26
+
+ingress:
+ enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2000m
+ memory: 4Gi
+ requests:
+ cpu: 100m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4000m
+ memory: 8Gi
+ requests:
+ cpu: 200m
+ memory: 2Gi
+ unlimited: {}
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: ves
+version: 1.1.0
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "vescollector.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "vescollector.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "vescollector.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
# limitations under the License. #
################################################################################
-# Provides configuration parameters which spring expects as a JSON string
-
+---
apiVersion: v1
kind: ConfigMap
metadata:
- name: dashboard-configmap
+ name: dmaap-configmap
data:
- springApplication.json: |
+ DMaapConfig.json: |
{
- "a1med": {
- "basepath": "http://0.1.2.3:45"
- },
- "e2mgr": {
- "basepath": "http://1.2.3.4:56"
- },
- "xappmgr": {
- "basepath": "http://2.3.4.5:67"
- }
- }
+ "channels": [
+ {
+ "name": "ves-measurement",
+ "cambria.topic": "unauthenticated.SEC_MEASUREMENT_OUTPUT",
+ "class": "HpCambriaOutputStream",
+ "stripHpId": "true",
+ "type": "out",
+ "cambria.hosts": "message-router:3904"
+ }
+ ]
+ }
\ No newline at end of file
--- /dev/null
+################################################################################\r
+# Copyright (c) 2019 AT&T Intellectual Property. #\r
+# Copyright (c) 2019 Nokia. #\r
+# #\r
+# Licensed under the Apache License, Version 2.0 (the "License"); #\r
+# you may not use this file except in compliance with the License. #\r
+# You may obtain a copy of the License at #\r
+# #\r
+# http://www.apache.org/licenses/LICENSE-2.0 #\r
+# #\r
+# Unless required by applicable law or agreed to in writing, software #\r
+# distributed under the License is distributed on an "AS IS" BASIS, #\r
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #\r
+# See the License for the specific language governing permissions and #\r
+# limitations under the License. #\r
+################################################################################\r
+\r
+\r
+\r
+kind: Deployment\r
+apiVersion: extensions/v1beta1\r
+metadata:\r
+ name: {{ include "vescollector.fullname" . }}\r
+ generation: 1\r
+ labels:\r
+ app: dcae-ves-collector\r
+ cfydeployment: ves\r
+ cfynode: ves\r
+ cfynodeinstance: ves_uj48fg\r
+ k8sdeployment: dep-dcae-ves-collector\r
+ annotations:\r
+ deployment.kubernetes.io/revision: '1'\r
+spec:\r
+ replicas: {{ .Values.ves.replicaCount }}\r
+ selector:\r
+ matchLabels:\r
+ app: dcae-ves-collector\r
+ cfydeployment: ves\r
+ cfynode: ves\r
+ cfynodeinstance: ves_uj48fg\r
+ k8sdeployment: dep-dcae-ves-collector\r
+ template:\r
+ metadata:\r
+ labels:\r
+ app: dcae-ves-collector\r
+ cfydeployment: ves\r
+ cfynode: ves\r
+ cfynodeinstance: ves_uj48fg\r
+ k8sdeployment: dep-dcae-ves-collector\r
+ spec:\r
+ volumes:\r
+ - name: component-log\r
+ emptyDir: {}\r
+ - name: dmaap-config-file\r
+ configMap:\r
+ name: dmaap-configmap\r
+ containers:\r
+ - name: {{ include "common.namespace" . }}-{{include "common.name" . }}\r
+ image: {{ .Values.ves.onapRepository }}/{{ .Values.ves.image.name }}:{{ .Values.ves.image.tag }}\r
+ ports:\r
+ - containerPort: 8080\r
+ protocol: TCP\r
+ - containerPort: 8443\r
+ protocol: TCP\r
+ env:\r
+ - name: CONSUL_HOST\r
+ value: consul-server.onap\r
+ - name: CONFIG_BINDING_SERVICE\r
+ value: config-binding-service\r
+ - name: POD_IP\r
+ valueFrom:\r
+ fieldRef:\r
+ apiVersion: v1\r
+ fieldPath: status.podIP\r
+ resources: {}\r
+ volumeMounts:\r
+ - name: component-log\r
+ mountPath: "/opt/app/VESCollector/logs/ecomp"\r
+ - name: dmaap-config-file\r
+ mountPath: "/opt/app/VESCollector/etc/DmaapConfig.json"\r
+ subPath: DMaapConfig.json\r
+ readinessProbe:\r
+ httpGet:\r
+ path: "/healthcheck"\r
+ port: 8080\r
+ scheme: HTTP\r
+ initialDelaySeconds: 5\r
+ timeoutSeconds: 1\r
+ periodSeconds: 15\r
+ successThreshold: 1\r
+ failureThreshold: 1\r
+ terminationMessagePath: "/dev/termination-log"\r
+ terminationMessagePolicy: File\r
+ imagePullPolicy: IfNotPresent\r
+ restartPolicy: Always\r
+ terminationGracePeriodSeconds: 30\r
+ dnsPolicy: ClusterFirst\r
+ securityContext: {}\r
+ imagePullSecrets:\r
+ - name: onap-docker-registry-key\r
+ hostname: dcae-ves-collector\r
+ schedulerName: default-scheduler\r
+ strategy:\r
+ type: RollingUpdate\r
+ rollingUpdate:\r
+ maxUnavailable: 1\r
+ maxSurge: 1\r
+ revisionHistoryLimit: 10\r
+ progressDeadlineSeconds: 600\r
--- /dev/null
+################################################################################\r
+# Copyright (c) 2019 AT&T Intellectual Property. #\r
+# Copyright (c) 2019 Nokia. #\r
+# #\r
+# Licensed under the Apache License, Version 2.0 (the "License"); #\r
+# you may not use this file except in compliance with the License. #\r
+# You may obtain a copy of the License at #\r
+# #\r
+# http://www.apache.org/licenses/LICENSE-2.0 #\r
+# #\r
+# Unless required by applicable law or agreed to in writing, software #\r
+# distributed under the License is distributed on an "AS IS" BASIS, #\r
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #\r
+# See the License for the specific language governing permissions and #\r
+# limitations under the License. #\r
+################################################################################\r
+\r
+\r
+kind: Service\r
+apiVersion: v1\r
+metadata:\r
+ name: xdcae-ves-collector\r
+ labels:\r
+ app: dcae-ves-collector\r
+ cfydeployment: ves\r
+ cfynode: ves\r
+ cfynodeinstance: ves_uj48fg\r
+ k8sdeployment: dep-dcae-ves-collector\r
+spec:\r
+ ports:\r
+ - name: xport-t-8080\r
+ protocol: TCP\r
+ port: 8080\r
+ targetPort: 8080\r
+ nodePort: 30235\r
+ - name: xport-t-8443\r
+ protocol: TCP\r
+ port: 8443\r
+ targetPort: 8443\r
+ nodePort: 30417\r
+ selector:\r
+ app: dcae-ves-collector\r
+ type: NodePort\r
+ sessionAffinity: None\r
+ externalTrafficPolicy: Cluster\r
+status:\r
+ loadBalancer: {}\r
################################################################################
-# customize the following repo info to local infrastructure
-gerrithost=gerrit.o-ran-sc.org
-gerritip=35.165.179.212
+# Default values for ves.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
-dockerregistry=nexus3.o-ran-sc.org
-dockerip=38.108.68.158
-dockerport=10004
-dockeruser=docker
-dockerpassword=docker
+ves:
+ onapRepository: "nexus3.onap.org:10001"
+ imagePullPolicy: IfNotPresent
-helmrepo=helm.ricinfra.local
-helmport=30000
-helmip=''
-helmuser=helm
-helmpassword=helm
+ image:
+ name: onap/org.onap.dcaegen2.collectors.ves.vescollector
+ tag: 1.4.4
+ replicaCount: 1
\ No newline at end of file
--- /dev/null
+### Introduction
+
+This directory contains configurations, templates, and scripts for deploying a Kubernetes cluster for RIC and other AUX functions.
+
+Two methods of deployment are supported:
+- Single node Kubernetes cluster deployment:
+ - A cloud init script that installs the docker-kubernetes-helm stack onto a VM launched using cloud Ubuntu 16.04 image.
+ - The same script can be run on a newly launched VM using cloud Ubuntu 16.04 image to install the same infrastructure software stack.
+- Multi-node, dual-cluster deployment:
+ - Using OpenStack Heat Orchestration Template, calling OpenStack stack creation API to create two sets of VMs, one for RIC cluster and the other for AUX cluster.
+ - Installing docker-kubernetes-helm stack on each of the VMs.
+ - Configuring each set of VMs into a Kubernets cluster.
+ - Configure well-known host name resolutions.
+
+### Directory Structure
+- bin
+ - deploy-stack.sh
+ - gen-cloud-init.sh
+ - gen-ric-heat-yaml.sh
+ - install
+ - undeploy-stack.sh
+- etc
+ - env.rc
+ - infra.rc
+ - openstack.rc
+- heat
+ - env
+ - aux.env
+ - ric.env
+ - parts
+ - part-1-v6.yaml
+ - part-1.yaml
+ - part-2-v6.yaml
+ - part-2.yaml
+ - part-3-v6.yaml
+ - part-3.yaml
+ - scripts
+ - k8s_vm_aux_install.sh
+ - k8s_vm_custom_repos.sh
+ - k8s_vm_init.sh
+ - k8s_vm_init_serv.sh
+ - k8s_vm_install.sh
+
+
+### Configuration
+All configurations are under etc directory
+- env.rc
+ - This file contains configurations for Gerrit, Helm, and Docker registry that will be used for hosting artifacts for the deployment.
+- infra.rc
+ - This file contains configuratuions infrastructure software stack, e.g. versions of docker, Kubernetes, and Helm software to be installed.
+ - Normally there is no need to modify this file.
+- openstack.rc
+ - This file contains configuratuions for the local OpenStack instance that will be used for deploying the Heat stacks.
+
+
+### Deploying 1-node Kubernetes
+
+1. Must complete the local configuration in etc/env.rc file.
+2. cd bin
+3. ./gen-cloud-init.sh
+4. The generated cloud init file is named k8s-1node-cloud-init.sh
+5. Use the generate k8s-1node-cloud-init.sh script:
+ a. At VM launch time, paste in the contents of the k8s-1node-cloud-init.sh file to the "Customnization script" window of the "Configuration" step, when using Horizon dashboard to launch new VM.
+ b. Copy the k8s-1node-cloud-init.sh file to a newly launched cloud image Ubuntu 16.04 VM. Run the script in a "sudo -i" shell.
+6. After the execution of the script is completed, run "kubectl get pods --all-namespaces" to check.
+
+### Deploying Dual Kubernetes Cluster
+1. Must complete the local configuration in etc/env.rc and etc/openstack.rc files.
+2. cd bin
+3. ./install
+4. After the execution is completed, go to WORKDIR_ric and WORKDIR_aux to see the file that contains the IP addresses of the VMs.
+5. ssh into the -mst VMs (master nodes) of the clusters, run run "kubectl get pods --all-namespaces" to check.
+
--- /dev/null
+#!/bin/bash
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+set -e
+
+stack_name="ric"
+full_deletion=false
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
+set -a
+RCS="$(find $DIR/../etc -type f -maxdepth 1)"
+for RC in $RCS; do
+ echo "reading in values in $RC"
+ source $RC
+done
+set +a
+
+
+if [ -z "$__RUNRICENV_GERRIT_HOST__" ]; then
+ export __RUNRICENV_GERRIT_HOST__=$gerrithost
+fi
+if [ -z "$__RUNRICENV_GERRIT_IP__" ]; then
+ export __RUNRICENV_GERRIT_IP__=$gerritip
+fi
+if [ -z "$__RUNRICENV_DOCKER_HOST__" ]; then
+ export __RUNRICENV_DOCKER_HOST__=$dockerregistry
+fi
+if [ -z "$__RUNRICENV_DOCKER_IP__" ]; then
+ export __RUNRICENV_DOCKER_IP__=$dockerip
+fi
+if [ -z "$__RUNRICENV_DOCKER_PORT__" ]; then
+ export __RUNRICENV_DOCKER_PORT__=$dockerport
+fi
+if [ -z "$__RUNRICENV_DOCKER_USER__" ]; then
+ export __RUNRICENV_DOCKER_USER__=$dockeruser
+fi
+if [ -z "$__RUNRICENV_DOCKER_PASS__" ]; then
+ export __RUNRICENV_DOCKER_PASS__=$dockerpassword
+fi
+if [ -z "$__RUNRICENV_DOCKER_CERT__" ]; then
+ export __RUNRICENV_DOCKER_CERT__=$dockercert
+fi
+if [ -z "$__RUNRICENV_HELMREPO_HOST__" ]; then
+ export __RUNRICENV_HELMREPO_HOST__=$helmrepo
+fi
+if [ -z "$__RUNRICENV_HELMREPO_PORT__" ]; then
+ export __RUNRICENV_HELMREPO_PORT__=$helmport
+fi
+if [ -z "$__RUNRICENV_HELMREPO_IP__" ]; then
+ export __RUNRICENV_HELMREPO_IP__=$helmip
+fi
+if [ -z "$__RUNRICENV_HELMREPO_USER__" ]; then
+ export __RUNRICENV_HELMREPO_USER__=$helmuser
+fi
+if [ -z "$__RUNRICENV_HELMREPO_PASS__" ]; then
+ export __RUNRICENV_HELMREPO_PASS__=$helmpassword
+fi
+if [ -z "$__RUNRICENV_HELMREPO_CERT__" ]; then
+ export __RUNRICENV_HELMREPO_CERT__=$helmcert
+fi
+
+
+if [ -z "$WORKSPACE" ]; then
+ export WORKSPACE=`git rev-parse --show-toplevel`
+fi
+HEAT_DIR="$WORKSPACE/ric-infra/00-Kubernetes/heat"
+BIN_DIR="$WORKSPACE/ric-infra/00-Kubernetes/bin"
+ETC_DIR="$WORKSPACE/ric-infra/00-Kubernetes/etc"
+ENV_DIR="$WORKSPACE/ric-infra/00-Kubernetes/heat/env"
+
+
+cd $BIN_DIR
+
+
+openstack --version > /dev/null
+if [ $? -eq 0 ]; then
+ echo "OK openstack CLI installed"
+else
+ echo "Must run in an envirnment with openstack cli"
+ exit 1
+fi
+
+if [ -z "$OS_USERNAME" ]; then
+ echo "Must source the Openstack RC file for the target installation tenant"
+ exit 1
+fi
+
+
+usage() {
+ echo "Usage: $0 [ -n <number of VMs {2-15}> ][ -s <stack name> ]<env> <ssh_keypair> <template>" 1>&2;
+ echo "n: Set the number of VMs that will be installed. " 1>&2;
+ echo "s: Set the name to be used for stack. This name will be used for naming of resources" 1>&2;
+ echo "d: Dryrun, only generating templates, no calling OpenStack API" 1>&2;
+ echo "6: When enabled, VMs will have an IPv6 interface." 1>&2;
+
+ exit 1;
+}
+
+
+dryrun='false'
+v6='false'
+while getopts ":n:w:s:6d" o; do
+ case "${o}" in
+ n)
+ if [[ ${OPTARG} =~ ^[0-9]+$ ]];then
+ if [ ${OPTARG} -ge 1 -a ${OPTARG} -le 15 ]; then
+ vm_num=${OPTARG}
+ else
+ usage
+ fi
+ else
+ usage
+ fi
+ ;;
+ s)
+ if [[ ! ${OPTARG} =~ ^[0-9]+$ ]];then
+ stack_name=${OPTARG}
+ else
+ usage
+ fi
+ ;;
+ w)
+ WORKDIR_NAME=${OPTARG}
+ ;;
+ 6)
+ v6=true
+ ;;
+ d)
+ dryrun=true
+ ;;
+ *)
+ usage
+ ;;
+ esac
+done
+shift $((OPTIND-1))
+
+if [ "$#" -lt 2 ]; then
+ usage
+fi
+
+ENV_FILE=$1
+if [ ! -f $ENV_FILE ]; then
+ echo ENV file does not exist or was not given
+ exit 1
+fi
+shift 1
+
+SSH_KEY=$1
+if [ ! -s $SSH_KEY ]; then
+ echo SSH Keypair file does not exist or was not given
+ exit 1
+fi
+shift 1
+
+if [ -z "$vm_num" ]; then
+ TMPL_FILE=$1
+ if [ ! -f $TMPL_FILE ]; then
+ echo Heat template file does not exist or was not given
+ exit 1
+ fi
+ shift 1
+fi
+
+# Prints all commands to output that are executed by the terminal
+set -x
+
+if [ -z "$WORKDIR_NAME" ]; then
+ WORKDIR_NAME="workdir-$(date +%Y%m%d%H%M%S)"
+fi
+WORKDIR="$BIN_DIR/$WORKDIR_NAME"
+rm -rf "$WORKDIR"
+mkdir -p "$WORKDIR"
+
+# get the openstack rc file env variable values in env file
+envsubst < $ENV_FILE > "$WORKDIR/$(basename $ENV_FILE)"
+ENV_FILE="$WORKDIR/$(basename $ENV_FILE)"
+
+# prepare (localize) all scripts to be installed to the cluster VMs
+SCRIPTS=$(ls -1 $HEAT_DIR/scripts/*)
+for SCRIPT in $SCRIPTS; do
+ envsubst '${__RUNRICENV_GERRIT_HOST__}
+ ${__RUNRICENV_GERRIT_IP__}
+ ${__RUNRICENV_DOCKER_HOST__}
+ ${__RUNRICENV_DOCKER_IP__}
+ ${__RUNRICENV_DOCKER_PORT__}
+ ${__RUNRICENV_DOCKER_USER__}
+ ${__RUNRICENV_DOCKER_PASS__}
+ ${__RUNRICENV_DOCKER_CERT__}
+ ${__RUNRICENV_HELMREPO_HOST__}
+ ${__RUNRICENV_HELMREPO_PORT__}
+ ${__RUNRICENV_HELMREPO_IP__}
+ ${__RUNRICENV_HELMREPO_CERT__}
+ ${__RUNRICENV_HELMREPO_USER__}
+ ${__RUNRICENV_HELMREPO_PASS__} '< $SCRIPT > "$WORKDIR/$(basename $SCRIPT)"
+done
+
+# generate a heat template with the specified number of VMs and IPv6 option
+if [ ! -z "$vm_num" ]; then
+ CURDIR=$(pwd)
+ if [ -z "$v6" ]; then
+ ./gen-ric-heat-yaml.sh -n $vm_num > "$WORKDIR/k8s-${vm_num}VMs.yaml"
+ TMPL_FILE="$WORKDIR/k8s-${vm_num}VMs.yaml"
+ else
+ ./gen-ric-heat-yaml.sh -6 -n $vm_num > "$WORKDIR/k8s-${vm_num}VMs-v6.yaml"
+ TMPL_FILE="$WORKDIR/k8s-${vm_num}VMs-v6.yaml"
+ fi
+fi
+
+if [ "$dryrun" == "true" ]; then
+ exit 0
+fi
+
+
+for n in $(seq 1 5); do
+ echo "${n} of 5 attempts to deploy the stack $stack_name"
+ FAILED='false'
+ if [ ! -z "$(openstack stack list |grep -w $stack_name)" ]; then
+ openstack stack delete $stack_name;
+ while [ "DELETE_IN_PROGRESS" == "$(openstack stack show -c stack_status -f value $stack_name)" ]; do
+ echo "Waiting for stack $stack_name deletion to complete"
+ sleep 5
+ done
+ fi
+
+ # create a stack with the template and env files
+ if ! openstack stack create -t $TMPL_FILE -e $ENV_FILE $stack_name; then
+ FAILED='true'
+ break
+ fi
+
+ # wait for OpenStack stack creation completes
+ while [ "CREATE_IN_PROGRESS" == "$(openstack stack show -c stack_status -f value $stack_name)" ]; do
+ sleep 20
+ done
+
+ STATUS=$(openstack stack show -c stack_status -f value $stack_name)
+ echo $STATUS
+ if [ "CREATE_COMPLETE" != "$STATUS" ]; then
+ echo "OpenSatck stack creation failed"
+ FAILED='true'
+ break;
+ fi
+
+ # wait till the Master node to become alive
+ for i in $(seq 1 30); do
+ sleep 30
+ K8S_MST_IP=$(openstack stack output show $stack_name k8s_mst_vm_ip -c output_value -f value)
+ timeout 1 ping -c 1 "$K8S_MST_IP" && break
+ done
+
+ timeout 1 ping -c 1 "$K8S_MST_IP" && break
+
+ echo Error: OpenStack infrastructure issue: unable to reach master node "$K8S_MST_IP"
+ FAILED='true'
+ sleep 10
+done
+
+if ! timeout 1 ping -c 1 "$K8S_MST_IP"; then
+ echo "Master node not reachable, stack creation failed, exit"
+ exit 2
+fi
+
+
+K8S_MASTER_HOSTNAME="${stack_name}-k8s-mst"
+echo "$K8S_MASTER_HOSTNAME $K8S_MST_IP" > ./ips-${stack_name}
+while ! nc -z $K8S_MST_IP 29999; do
+ echo "Wait for Master node $K8S_MST_IP to be ready"
+ sleep 5
+done
+
+set +e
+
+unset JOINCMD
+while [[ -z $JOINCMD ]]; do
+ sleep 15
+ JOINCMD=$(ssh -i $SSH_KEY ubuntu@$K8S_MST_IP -q -o "StrictHostKeyChecking no" sudo kubeadm token create --print-join-command)
+done
+
+for i in $(seq 1 99); do
+ IP_NAME=k8s_$(printf "%02d" "$i")_vm_ip
+ K8S_MINION_IP=$(openstack stack output show $stack_name $IP_NAME -c output_value -f value)
+ if [ -z $K8S_MINION_IP ]; then
+ break
+ fi
+ K8S_MINION_HOSTNAME=${stack_name}-k8s-$(printf "%02d" "$i")
+ echo "$K8S_MINION_HOSTNAME $K8S_MINION_IP" >> ./ips-${stack_name}
+
+ #while ! nc -z $K8S_MINION_IP 29999; do
+ # echo "Wait for minion node $K8S_MINION_IP to be ready"
+ # sleep 5
+ #done
+ echo "Joining $K8S_MINION_HOSTNAME [$K8S_MINION_IP] to cluster master $K8S_MST_IP with command $JOINCMD"
+ while ! ssh -i $SSH_KEY -q -o "StrictHostKeyChecking no" ubuntu@$K8S_MINION_IP sudo $JOINCMD; do
+ echo "Retry join command in 10 seconds"
+ sleep 10
+ done
+done
+
+export __IPS_${stack_name}__="$(cat ${WORKDIR}/ips-${stack_name})"
--- /dev/null
+#!/bin/bash
+#
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+# the following script replaces templates in a script with env variables defined in etc folder
+# when running without specifying a script, the default is to use the heat/scripts/k8s-vm-install.sh,
+# the result which is a script that can be used as cloud-init script and the initial installation
+# script that turns a newly launched VM into a single node k8s cluster with Helm.
+
+usage() {
+ echo "Usage: $0 <template file>" 1>&2;
+ echo " If the template file is supplied, the template file is processed;" 1>&2;
+ echo " Otherwise the k8s_vm_install.sh file under heat/script is used as template." 1>&2;
+ exit 1;
+}
+
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
+set -a
+RCS="$(find $DIR/../etc -type f -maxdepth 1)"
+for RC in $RCS; do
+ echo "reading in values in $RC"
+ source $RC
+done
+set +a
+
+
+if [ -z "$WORKSPACE" ]; then
+ export WORKSPACE=`git rev-parse --show-toplevel`
+fi
+HEAT_DIR="$WORKSPACE/ric-infra/00-Kubernetes/heat"
+BIN_DIR="$WORKSPACE/ric-infra/00-Kubernetes/bin"
+ETC_DIR="$WORKSPACE/ric-infra/00-Kubernetes/etc"
+ENV_DIR="$WORKSPACE/ric-infra/00-Kubernetes/heat/env"
+
+if [ -z "$1" ]; then
+ TMPL="${HEAT_DIR}/scripts/k8s_vm_install.sh"
+else
+ TMPL="$1"
+fi
+
+
+if [ -z "$__RUNRICENV_GERRIT_HOST__" ]; then
+ export __RUNRICENV_GERRIT_HOST__=$gerrithost
+fi
+if [ -z "$__RUNRICENV_GERRIT_IP__" ]; then
+ export __RUNRICENV_GERRIT_IP__=$gerritip
+fi
+if [ -z "$__RUNRICENV_DOCKER_HOST__" ]; then
+ export __RUNRICENV_DOCKER_HOST__=$dockerregistry
+fi
+if [ -z "$__RUNRICENV_DOCKER_IP__" ]; then
+ export __RUNRICENV_DOCKER_IP__=$dockerip
+fi
+if [ -z "$__RUNRICENV_DOCKER_PORT__" ]; then
+ export __RUNRICENV_DOCKER_PORT__=$dockerport
+fi
+if [ -z "$__RUNRICENV_DOCKER_USER__" ]; then
+ export __RUNRICENV_DOCKER_USER__=$dockeruser
+fi
+if [ -z "$__RUNRICENV_DOCKER_PASS__" ]; then
+ export __RUNRICENV_DOCKER_PASS__=$dockerpassword
+fi
+if [ -z "$__RUNRICENV_DOCKER_CERT__" ]; then
+ export __RUNRICENV_DOCKER_CERT__=$dockercert
+fi
+if [ -z "$__RUNRICENV_HELMREPO_HOST__" ]; then
+ export __RUNRICENV_HELMREPO_HOST__=$helmrepo
+fi
+if [ -z "$__RUNRICENV_HELMREPO_PORT__" ]; then
+ export __RUNRICENV_HELMREPO_PORT__=$helmport
+fi
+if [ -z "$__RUNRICENV_HELMREPO_IP__" ]; then
+ export __RUNRICENV_HELMREPO_IP__=$helmip
+fi
+if [ -z "$__RUNRICENV_HELMREPO_USER__" ]; then
+ export __RUNRICENV_HELMREPO_USER__=$helmuser
+fi
+if [ -z "$__RUNRICENV_HELMREPO_PASS__" ]; then
+ export __RUNRICENV_HELMREPO_PASS__=$helmpassword
+fi
+if [ -z "$__RUNRICENV_HELMREPO_CERT__" ]; then
+ export __RUNRICENV_HELMREPO_CERT__=$helmcert
+fi
+
+
+filename=$(basename -- "$TMPL")
+extension="${filename##*.}"
+filename="${filename%.*}"
+
+envsubst '${__RUNRICENV_GERRIT_HOST__}
+ ${__RUNRICENV_GERRIT_IP__}
+ ${__RUNRICENV_DOCKER_HOST__}
+ ${__RUNRICENV_DOCKER_IP__}
+ ${__RUNRICENV_DOCKER_PORT__}
+ ${__RUNRICENV_DOCKER_USER__}
+ ${__RUNRICENV_DOCKER_PASS__}
+ ${__RUNRICENV_DOCKER_CERT__}
+ ${__RUNRICENV_HELMREPO_HOST__}
+ ${__RUNRICENV_HELMREPO_PORT__}
+ ${__RUNRICENV_HELMREPO_IP__}
+ ${__RUNRICENV_HELMREPO_CERT__}
+ ${__RUNRICENV_HELMREPO_USER__}
+ ${__RUNRICENV_HELMREPO_PASS__}' < "$TMPL" > "$filename"
+
+# fill values that are supplied by Heat stack deployment process as much as we can
+sed -e "s/__docker_version__/${INFRA_DOCKER_VERSION}/g" "$filename" > tmp && mv tmp "$filename"
+sed -e "s/__k8s_version__/${INFRA_K8S_VERSION}/g" "$filename" > tmp && mv tmp "$filename"
+sed -e "s/__k8s_cni_version__/${INFRA_CNI_VERSION}/g" "$filename" > tmp && mv tmp "$filename"
+sed -e "s/__helm_version__/${INFRA_HELM_VERSION}/g" "$filename" > tmp && mv tmp "$filename"
+sed -e "s/__k8s_mst_private_ip_addr__/\$(hostname -I)/g" "$filename" > tmp && mv tmp "$filename"
+sed -e "s/__host_private_ip_addr__/\$(hostname -I)/g" "$filename" > tmp && mv tmp "$filename"
+#sed -e "s/__k8s_mst_floating_ip_addr__/\$(ec2metadata --public-ipv4)/g" "$filename" > tmp && mv tmp "$filename"
+sed -e "s/__k8s_mst_floating_ip_addr__/\$(curl ifconfig.co)/g" "$filename" > tmp && mv tmp "$filename"
+sed -e "s/__stack_name__/\$(hostname)/g" "$filename" > tmp && mv tmp "$filename"
+#echo "__mtu__" > /opt/config/mtu.txt
+#echo "__cinder_volume_id__" > /opt/config/cinder_volume_id.txt
+
+
+chmod +x "$filename"
+if [ -z "$1" ]; then
+ mv "$filename" k8s-1node-cloud-init.sh
+ # reboot VM to load the new kernel.
+ echo 'if [ "$(uname -r)" != "4.15.0-45-lowlatency" ]; then reboot; fi' >> k8s-1node-cloud-init.sh
+fi
--- /dev/null
+#!/bin/bash
+#
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+usage() {
+ echo "Usage: $0 [ -n <number of VMs {1-99}> ][ -6 ]" 1>&2;
+
+ echo "n: Set the number of VMs that will be installed. This number must be between 1 and 99; " 1>&2;
+ echo "6: When set, VMs will be configured with an IPv6 interface" 1>&2;
+ exit 1;
+}
+
+unset V6
+while getopts ":n:6" o; do
+ case "${o}" in
+ n)
+ if [[ ${OPTARG} =~ ^[0-9]+$ ]];then
+ if [ ${OPTARG} -ge 1 -a ${OPTARG} -le 15 ]; then
+ vm_num=${OPTARG}
+ else
+ usage
+ fi
+ else
+ usage
+ fi
+ ;;
+ 6)
+ V6='-v6'
+ ;;
+ *)
+ usage
+ ;;
+ esac
+done
+shift $((OPTIND-1))
+
+NUM_K8S_VMS=$(($vm_num - 1))
+unset SEQ
+if [ "$NUM_K8S_VMS" -gt "0" ]; then
+ SEQ=$(seq -f %02g $NUM_K8S_VMS)
+fi
+
+if [ -z "$WORKSPACE" ]; then
+ export WORKSPACE=`git rev-parse --show-toplevel`
+fi
+PARTS_DIR=$WORKSPACE/ric-infra/00-Kubernetes/heat/parts
+
+cat <<EOF
+#
+# Generated by scripts/gen-onap-oom-yaml.sh; MANUAL CHANGES WILL BE LOST
+#
+EOF
+
+cat $PARTS_DIR/part-1${V6}.yaml
+
+
+# the first node is master
+#for VM_NUM in mst $(seq -f %02g $NUM_K8S_VMS); do
+for VM_NUM in mst $SEQ; do
+ VM_TYPE=k8s HOST_LABEL=compute VM_NUM=$VM_NUM envsubst < $PARTS_DIR/part-2${V6}.yaml
+done
+
+
+cat $PARTS_DIR/part-3${V6}.yaml
+
+#for VM_NUM in mst $(seq -f %02g $NUM_K8S_VMS); do
+for VM_NUM in mst $SEQ; do
+ K8S_VM_NAME=k8s_$VM_NUM
+ cat <<EOF
+ ${K8S_VM_NAME}_vm_ip:
+ description: The IP address of the ${K8S_VM_NAME} instance
+ value: { get_attr: [${K8S_VM_NAME}_floating_ip, floating_ip_address] }
+
+EOF
+done
# limitations under the License. #
################################################################################
-# This is a temporary script that today deploy one node K8S cluster
-./install-1node-k8s
+# 1. Edit the ../etc/env.rc file for local deployment's Gerrit, Nexus repos, Helm repo
+# parameters
+# 2. Update the ../etc/openstack.rc file for OpenStack installation parameters
+# 3. Running from an environment with OpenStackl CLI access
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
+set -a
+RCS="$(find $DIR/../etc -type f -maxdepth 1)"
+for RC in $RCS; do
+ echo "reading in values in $RC"
+ source $RC
+done
+set +a
+
+if [ -z "$WORKSPACE" ]; then
+ export WORKSPACE=`git rev-parse --show-toplevel`
+fi
+HEAT_DIR="$WORKSPACE/ric-infra/00-Kubernetes/heat"
+BIN_DIR="$WORKSPACE/ric-infra/00-Kubernetes/bin"
+
+
+stackname=aux
+
+for stackname in ric aux; do
+ WORKDIR_NAME="WORKDIR_${stackname}"
+ WORKDIR="${BIN_DIR}/${WORKDIR_NAME}"
+ echo ./deploy-stack.sh -w "$WORKDIR_NAME" -s "$stackname" -n 2 -6 "../heat/env/${stackname}.env" ${SSH_KEY}
+done
+
+exit
+# set up cross cluster hostname resolution for well-known host names
+RIC_MST_IP=$(head -1 ${WORKDIR}/ips-ric | cut -f2 -d' ')
+AUX_MST_IP=$(head -1 ${WORKDIR}/ips-aux | cut -f2 -d' ')
+for IP in $(cut -f2 -d ' ' ips-ric); do
+ REMOTE_CMD="sudo sh -c \"echo '"$AUX_MST_IP" ves.aux.local' >> /etc/hosts; \
+ echo '"$AUX_MST_IP" es.aux.local' >> /etc/hosts\""
+ ssh -i $SSH_KEY -q -o "StrictHostKeyChecking no" ubuntu@$IP "$REMOTE_CMD"
+done
+for IP in $(cut -f2 -d ' ' ips-aux); do
+ REMOTE_CMD="sudo sh -c \"echo '"$RIC_MST_IP" a1.aux.local' >> /etc/hosts\""
+ ssh -i $SSH_KEY -q -o "StrictHostKeyChecking no" ubuntu@$IP "$REMOTE_CMD"
+done
+
+++ /dev/null
-#!/bin/bash
-
-################################################################################
-# Copyright (c) 2019 AT&T Intellectual Property. #
-# Copyright (c) 2019 Nokia. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-
-# The intention for this script is to stand up a dev testing k8s environment
-# that is ready for RIC installation for individual developer/team's API and functional
-# testing needs.
-# The integration team will maintain the synchronization of software infrastructure
-# stack (software, versions and configurations) between this iscript and what is
-# provided for the E2E validation testing. Due to resource and other differences, this
-# environment is not intended for any testing related to performance, resilience,
-# robustness, etc.
-
-# This script installs docker host, a one-node k8s cluster, and Helm for CoDev.
-# This script assumes that it will be executed on an Ubuntu 16.04 VM.
-# It is best to be run as the cloud-init script at the VM launch time, or from a
-# "sudo -i" shell post-launch on a newly launched VM.
-#
-
-set -x
-
-DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
-source $DIR/../etc/k8s-1node
-
-
-if [ -z "$__RUNRICENV_GERRIT_HOST__" ]; then
- export __RUNRICENV_GERRIT_HOST__=$gerrithost
-fi
-if [ -z "$__RUNRICENV_GERRIT_IP__" ]; then
- export __RUNRICENV_GERRIT_IP__=$gerritip
-fi
-if [ -z "$__RUNRICENV_DOCKER_HOST__" ]; then
- export __RUNRICENV_DOCKER_HOST__=$dockerregistry
-fi
-if [ -z "$__RUNRICENV_DOCKER_IP__" ]; then
- export __RUNRICENV_DOCKER_IP__=$dockerip
-fi
-if [ -z "$__RUNRICENV_DOCKER_PORT__" ]; then
- export __RUNRICENV_DOCKER_PORT__=$dockerport
-fi
-if [ -z "$__RUNRICENV_DOCKER_USER__" ]; then
- export __RUNRICENV_DOCKER_USER__=$dockeruser
-fi
-if [ -z "$__RUNRICENV_DOCKER_PASS__" ]; then
- export __RUNRICENV_DOCKER_PASS__=$dockerpassword
-fi
-if [ -z "$__RUNRICENV_HELMREPO_HOST__" ]; then
- export __RUNRICENV_HELMREPO_HOST__=$helmrepo
-fi
-if [ -z "$__RUNRICENV_HELMREPO_PORT__" ]; then
- export __RUNRICENV_HELMREPO_PORT__=$helmport
-fi
-if [ -z "$__RUNRICENV_HELMREPO_IP__" ]; then
- export __RUNRICENV_HELMREPO_IP__=$helmip
-fi
-if [ -z "$__RUNRICENV_HELMREPO_USER__" ]; then
- export __RUNRICENV_HELMREPO_USER__=$helmuser
-fi
-if [ -z "$__RUNRICENV_HELMREPO_PASS__" ]; then
- export __RUNRICENV_HELMREPO_PASS__=$helmpassword
-fi
-
-
-
-
-# for RIC R0 we keep 1.13
-export KUBEV="1.13.3"
-export KUBECNIV="0.6.0"
-export DOCKERV="18.06.1"
-
-# for new 1.14 release
-#export KUBEVERSION="1.14.0"
-#export KUBECNIVERSION="0.7.0"
-#export DOCKEFV="18.06.1"
-
-export HELMV="2.12.3"
-
-unset FIRSTBOOT
-unset DORESET
-
-while getopts ":r" opt; do
- case ${opt} in
- r )
- DORESET='YES'
- ;;
- \? )
- echo "Usage: $0 [-r]"
- exit
- ;;
- esac
-done
-
-
-if [ ! -e /var/tmp/firstboot4setupk8s ]; then
- echo "First time"
- FIRSTBOOT='YES'
- touch /var/tmp/firstboot4setupk8s
-
- modprobe -- ip_vs
- modprobe -- ip_vs_rr
- modprobe -- ip_vs_wrr
- modprobe -- ip_vs_sh
- modprobe -- nf_conntrack_ipv4
-
- # disable swap
- SWAPFILES=$(grep swap /etc/fstab | sed '/^#/ d' |cut -f1 -d' ')
- if [ ! -z $SWAPFILES ]; then
- for SWAPFILE in $SWAPFILES
- do
- echo "disabling swap file $SWAPFILE"
- if [[ $SWAPFILE == UUID* ]]; then
- UUID=$(echo $SWAPFILE | cut -f2 -d'=')
- swapoff -U $UUID
- else
- swapoff $SWAPFILE
- fi
- # edit /etc/fstab file, remove line with /swapfile
- sed -i -e "/$SWAPFILE/d" /etc/fstab
- done
- fi
- # disable swap
- #swapoff /swapfile
- # edit /etc/fstab file, remove line with /swapfile
- #sed -i -e '/swapfile/d' /etc/fstab
-
-
- # add rancodev CI tool hostnames
- echo "${__RUNRICENV_GERRIT_IP__} ${__RUNRICENV_GERRIT_HOST__}" >> /etc/hosts
- echo "${__RUNRICENV_DOCKER_IP__} ${__RUNRICENV_DOCKER_HOST__}" >> /etc/hosts
- echo "${__RUNRICENV_HELMREPO_IP__} ${__RUNRICENV_HELMREPO_HOST__}" >> /etc/hosts
-
-
- # create kubenetes config file
- if [[ ${KUBEV} == 1.13.* ]]; then
- cat <<EOF >/root/config.yaml
-apiVersion: kubeadm.k8s.io/v1alpha3
-kubernetesVersion: v${KUBEV}
-kind: ClusterConfiguration
-apiServerExtraArgs:
- feature-gates: SCTPSupport=true
-networking:
- dnsDomain: cluster.local
- podSubnet: 10.244.0.0/16
- serviceSubnet: 10.96.0.0/12
-
----
-apiVersion: kubeproxy.config.k8s.io/v1alpha1
-kind: KubeProxyConfiguration
-mode: ipvs
-EOF
- elif [[ ${KUBEV} == 1.14.* ]]; then
- cat <<EOF >/root/config.yaml
-apiVersion: kubeadm.k8s.io/v1beta1
-kubernetesVersion: v${KUBEV}
-kind: ClusterConfiguration
-apiServerExtraArgs:
- feature-gates: SCTPSupport=true
-networking:
- dnsDomain: cluster.local
- podSubnet: 10.244.0.0/16
- serviceSubnet: 10.96.0.0/12
-
----
-apiVersion: kubeproxy.config.k8s.io/v1alpha1
-kind: KubeProxyConfiguration
-mode: ipvs
-EOF
- else
- echo "Unsupported Kubernetes version requested. Bail."
- exit
- fi
-
-
- # create a RBAC file for helm (tiller)
- cat <<EOF > /root/rbac-config.yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: tiller
- namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: tiller
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: cluster-admin
-subjects:
- - kind: ServiceAccount
- name: tiller
- namespace: kube-system
-EOF
-
-
- KUBEVERSION="${KUBEV}-00"
- CNIVERSION="${KUBECNIV}-00"
- DOCKERVERSION="${DOCKERV}-0ubuntu1.2~16.04.1"
- curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
- echo 'deb http://apt.kubernetes.io/ kubernetes-xenial main' > /etc/apt/sources.list.d/kubernetes.list
-
- # install low latency kernel, docker.io, and kubernetes
- apt-get update
- apt-get install -y linux-image-4.15.0-45-lowlatency docker.io=${DOCKERVERSION}
- apt-get install -y kubernetes-cni=${CNIVERSION}
- apt-get install -y --allow-unauthenticated kubeadm=${KUBEVERSION} kubelet=${KUBEVERSION} kubectl=${KUBEVERSION}
- apt-mark hold kubernetes-cni kubelet kubeadm kubectl
-
- # install Helm
- HELMVERSION=${HELMV}
- cd /root
- mkdir Helm
- cd Helm
- wget https://storage.googleapis.com/kubernetes-helm/helm-v${HELMVERSION}-linux-amd64.tar.gz
- tar -xvf helm-v${HELMVERSION}-linux-amd64.tar.gz
- mv linux-amd64/helm /usr/local/bin/helm
-
-
- # add cert for accessing docker registry in Azure
- mkdir -p /etc/docker/certs.d/${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}
- cat <<EOF >/etc/docker/ca.crt
------BEGIN CERTIFICATE-----
-MIIEPjCCAyagAwIBAgIJAIwtTKgVAnvrMA0GCSqGSIb3DQEBCwUAMIGzMQswCQYD
-VQQGEwJVUzELMAkGA1UECAwCTkoxEzARBgNVBAcMCkJlZG1pbnN0ZXIxDTALBgNV
-BAoMBEFUJlQxETAPBgNVBAsMCFJlc2VhcmNoMTswOQYDVQQDDDIqLmRvY2tlci5y
-YW5jby1kZXYtdG9vbHMuZWFzdHVzLmNsb3VkYXBwLmF6dXJlLmNvbTEjMCEGCSqG
-SIb3DQEJARYUcmljQHJlc2VhcmNoLmF0dC5jb20wHhcNMTkwMTI0MjA0MzIzWhcN
-MjQwMTIzMjA0MzIzWjCBszELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5KMRMwEQYD
-VQQHDApCZWRtaW5zdGVyMQ0wCwYDVQQKDARBVCZUMREwDwYDVQQLDAhSZXNlYXJj
-aDE7MDkGA1UEAwwyKi5kb2NrZXIucmFuY28tZGV2LXRvb2xzLmVhc3R1cy5jbG91
-ZGFwcC5henVyZS5jb20xIzAhBgkqhkiG9w0BCQEWFHJpY0ByZXNlYXJjaC5hdHQu
-Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAW1O52l9/1L+D7x
-Qv+782FjiELP9MWO0RCAL2JzV6Ioeo1IvuZl8jvXQVGlowanCdz1HZlMJjGm6Ybv
-60dVECRSMZeOxUQ0JCus6thxOhDiiCFT59m+MpdrRgHqwOzw+8B49ZwULv+lTIWt
-ETEQkSYTh4No9jCxnyVLKH9DyTbaW/xFK484u5f4bh7mI5uqDJapOCRvJXv8/J0E
-eMrkCVmk5qy0ii8I7O0oCNl61YvC5by9GCeuQhloJJc6gOjzKW8nK9JfUW8G34bC
-qnUj79EgwgtW/8F5SYAF5LI0USM0xXjyzlnPMbv5mikrbf0EZkZXdUreICUIzY53
-HRocCQIDAQABo1MwUTAdBgNVHQ4EFgQUm9NbNhZ3Zp1f50DIN4/4fvWQSNswHwYD
-VR0jBBgwFoAUm9NbNhZ3Zp1f50DIN4/4fvWQSNswDwYDVR0TAQH/BAUwAwEB/zAN
-BgkqhkiG9w0BAQsFAAOCAQEAkbuqbuMACRmzMXFKoSsMTLk/VRQDlKeubdP4lD2t
-Z+2dbhfbfiae9oMly7hPCDacoY0cmlBb2zZ8lgA7kVvuw0xwX8mLGYfOaNG9ENe5
-XxFP8MuaCySy1+v5CsNnh/WM3Oznc6MTv/0Nor2DeY0XHQtM5LWrqyKGZaVAKpMW
-5nHG8EPIZAOk8vj/ycg3ca3Wv3ne9/8rbrrxDJ3p4L70DOtz/JcQai10Spct4S0Z
-7yd4tQL+QSQCvmN7Qm9+i52bY0swYrUAhbNiEX3yJDryKjSCPirePcieGZmBRMxr
-7j28jxpa4g32TbWR/ZdxMYEkCVTFViTE23kZdNvahHKfdQ==
------END CERTIFICATE-----
-EOF
- cp /etc/docker/ca.crt /etc/docker/certs.d/${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}/ca.crt
- service docker restart
- systemctl enable docker.service
- docker login -u ${__RUNRICENV_DOCKER_USER__} -p ${__RUNRICENV_DOCKER_PASS__} ${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}
- docker pull ${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}/whoami:0.0.1
-
-
- # test access to k8s docker registry
- kubeadm config images pull
-else
- echo "Not first boot"
-
- kubectl get pods --all-namespaces
-fi
-
-
-if [ -n "$DORESET" ]; then
- kubeadm reset
-fi
-
-if [ -n ${DORESET+set} ] || [ -n ${FIRSTBOOT+set} ]; then
- # start cluster (make sure CIDR is enabled with the flag)
- kubeadm init --config /root/config.yaml
-
- # set up kubectl credential and config
- cd /root
- rm -rf .kube
- mkdir -p .kube
- cp -i /etc/kubernetes/admin.conf /root/.kube/config
- chown root:root /root/.kube/config
-
- # at this point we should be able to use kubectl
- kubectl get pods --all-namespaces
- # you will see the DNS pods stuck in pending state. They are waiting for some networking to be installed.
-
- # install flannel
- # kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
- kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml
-
- # waiting for all kube-system pods to be in running state
- NUMPODS=0
- while [ $NUMPODS -lt 8 ]; do
- sleep 5
- OUTPUT=$(kubectl get pods --all-namespaces |grep Running)
- NUMPODS=$(echo "$OUTPUT" | wc -l)
- echo "Waiting for $NUMPODS / 8 kube-system pods reaching Running state"
- done
-
- # if running a single node cluster, need to enable master node to run pods
- kubectl taint nodes --all node-role.kubernetes.io/master-
-
- cd /root
- # install RBAC for Helm
- kubectl create -f rbac-config.yaml
-
- rm -rf .helm
- helm init --service-account tiller
-
-
- cat <<EOF >/etc/ca-certificates/update.d/helm.crt
------BEGIN CERTIFICATE-----
-MIIESjCCAzKgAwIBAgIJAIU+AfULkw0PMA0GCSqGSIb3DQEBCwUAMIG5MQswCQYD
-VQQGEwJVUzETMBEGA1UECAwKTmV3IEplcnNleTETMBEGA1UEBwwKQmVkbWluc3Rl
-cjENMAsGA1UECgwEQVQmVDERMA8GA1UECwwIUmVzZWFyY2gxOTA3BgNVBAMMMCou
-aGVsbS5yYW5jby1kZXYtdG9vbHMuZWFzdHVzLmNsb3VkYXBwLmF6dXJlLmNvbTEj
-MCEGCSqGSIb3DQEJARYUcmljQHJlc2VhcmNoLmF0dC5jb20wHhcNMTkwMzIxMTU1
-MzAwWhcNMjEwMzIwMTU1MzAwWjCBuTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCk5l
-dyBKZXJzZXkxEzARBgNVBAcMCkJlZG1pbnN0ZXIxDTALBgNVBAoMBEFUJlQxETAP
-BgNVBAsMCFJlc2VhcmNoMTkwNwYDVQQDDDAqLmhlbG0ucmFuY28tZGV2LXRvb2xz
-LmVhc3R1cy5jbG91ZGFwcC5henVyZS5jb20xIzAhBgkqhkiG9w0BCQEWFHJpY0By
-ZXNlYXJjaC5hdHQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-tguhSQx5Dk2w+qx2AOcFRz7IZBASEehK1Z4f5jz2KrRylGx6jjedCZASdm1b0ZEB
-/ZNrKht1zsWDETa7x0DF+q0Z2blff+T+6+YrJWhNxYHgZiYVi9gTuNDzpn8VVn7f
-+cQxcMguHo1JBDIotOLubJ4T3/oXMCPv9kRSLHcNjbEE2yTB3AqXu9dvrDXuUdeU
-ot6RzxhKXxRCQXPS2/FDjSV9vr9h1dv5fIkFXihpYaag0XqvXcqgncvcOJ1SsLc3
-DK+tyNknqG5SL8y2a7U4F7u+qGO2/3tnCO0ggYwa73hS0pQPY51EpRSckZqlfKEu
-Ut0s3wlEFP1VaU0RfU3aIwIDAQABo1MwUTAdBgNVHQ4EFgQUYTpoVXZPXSR/rhjr
-pu9PPhL7f9IwHwYDVR0jBBgwFoAUYTpoVXZPXSR/rhjrpu9PPhL7f9IwDwYDVR0T
-AQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUDLbiKVIW6W9qFXLtoyO7S2e
-IOUSZ1F70pkfeYUqegsfFZ9njPtPqTzDfJVxYqH2V0vxxoAxXCYCpNyR6vYlYiEL
-R+oyxuvauW/yCoiwKBPYa4fD/PBajJnEO1EfIwZvjFLIfw4GjaX59+zDS3Zl0jT/
-w3uhPSsJAYXtDKLZ14btA27cM5mW4kmxVD8CRdUW0jr/cN3Hqe9uLSNWCNiDwma7
-RnpK7NnOgXHyhZD/nVC0nY7OzbK7VHFJatSOjyuMxgWsFGahwYNxf3AWfPwUai0K
-ne/fVFGZ6ifR9QdD0SuKIAEuqSyyP4BsQ92uEweU/gWKsnM6iNVmNFX8UOuU9A==
------END CERTIFICATE-----
-EOF
-
- # waiting for tiller pod to be in running state
- NUMPODS=0
- while [ $NUMPODS -lt 1 ]; do
- sleep 5
- OUTPUT=$(kubectl get pods --all-namespaces |grep Running)
- NUMPODS=$(echo "$OUTPUT" | grep "tiller-deploy" | wc -l)
- echo "Waiting for $NUMPODS / 1 tiller-deploy pod reaching Running state"
- done
-
- echo "All up"
-
- #reboot
-fi
--- /dev/null
+#!/bin/bash
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+stack_name="ric"
+full_deletion=false
+
+#WORKSPACE=`/home/ubuntu/deploy-oom-onap/integration-master/integration`
+#echo $WORKSPACE
+
+if [ -z "$WORKSPACE" ]; then
+ export WORKSPACE=`pwd`
+fi
+
+
+openstack --version > /dev/null
+if [ $? -eq 0 ]; then
+ echo OK
+else
+ echo "Must run in an envirnment with openstack cli"
+ exit 1
+fi
+
+if [ -z "$OS_USERNAME" ]; then
+ echo "Must source the Openstack RC file for the target installation tenant"
+ exit 1
+fi
+
+
+usage() {
+ echo "Usage: $0 [ -s <stack name> ]" 1>&2;
+
+ echo "s: Set the name to be used for stack. This name will be used for naming of resources" 1>&2;
+ exit 1;
+}
+
+
+while getopts ":n:s:m:rq6" o; do
+ case "${o}" in
+ s)
+ if [[ ! ${OPTARG} =~ ^[0-9]+$ ]];then
+ stack_name=${OPTARG}
+ else
+ usage
+ fi
+ ;;
+ *)
+ usage
+ ;;
+ esac
+done
+shift $((OPTIND-1))
+
+if [ "$#" -gt 0 ]; then
+ usage
+fi
+
+
+openstack stack delete $stack_name
+
+exit 0
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+# customize the following repo info to local infrastructure
+# Gerrit code repo server
+gerrithost=""
+# Gerrit code repo server IP
+gerritip=""
+
+# Docker registry host name
+dockerregistry=""
+# Docker registry IP (if need to create local /etc/hosts entry)
+dockerip=""
+# Docker registry port
+dockerport=""
+# Docker registry user name
+dockeruser=""
+# Docker registry password
+dockerpassword=""
+# Docker registry CA certifiacte (if using self-signed cert)
+dockercert=''
+
+# Helm repo host name
+helmrepo=helm.ricinfra.local
+# Helm repo port
+helmport=""
+# Helm repo IP (if need to create local /etc/hosts entry)
+helmip=""
+# Helm repo user name
+helmuser=""
+# Helm repo password
+helmpassword=""
+# Helm repo CA certifiacte (if using self-signed cert)
+helmcert=''
--- /dev/null
+# modify below for RIC infrastructure (docker-k8s-helm) component versions
+INFRA_DOCKER_VERSION="18.06.1"
+INFRA_K8S_VERSION="1.13.3"
+INFRA_CNI_VERSION="0.6.0"
+INFRA_HELM_VERSION="2.12.3"
+
--- /dev/null
+# modify this section based on the deployment openstack instance's
+# OpenStack API access RC file
+OS_AUTH_URL=""
+OS_PROJECT_ID=""
+OS_PROJECT_NAME=""
+OS_USER_DOMAIN_NAME=""
+OS_USERNAME=""
+OS_PASSWORD=""
+OS_REGION_NAME=""
+OS_INTERFACE=""
+OS_IDENTITY_API_VERSION=""
+
+# ssh key pair used for accessing individual VMs
+# the private key file
+VM_SSH_KEY=""
+# the name of the ssh public key uploaded to the openstack instance
+OS_KEY_NAME=""
+
+# Ubuntu 16.04 VM image name used for launching VMs
+OS_IMAGE_NAME=""
+
+# the UUID of the public net (floating IP net) of the openstack instance
+OS_PUBLIC_NET_ID=""
+
+# the UUID of the public IPv6 net of the openstack instance
+OS_PUBLIC_V6NET_ID=""
+
+# host:port of the APT proxy
+OS_APT_PROXY=""
+# host:port of the Docker proxy
+OS_DOCKER_PROXY=""
+
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+# HEAT stack deploy env file
+# customize the following for local OpenStack parameters
+# ubuntu_1604_image: local OpenStack's image name for Ubuntu 1604
+# apt_proxy: host and port of the apt server
+# docker_proxy: host and port of the docker registry
+# k8s_vm_flavor: dimension of the VMs for the k8s cluster nodes
+# public_net_id: the UUID of the IPv4 network where VMs get their IPv4 floating IP addresses
+# public_v6net_id: the UUID of the IPv6 network where the VMs connect their IPv6 interfaces to
+# int_net_cidr: the address space of the internal network connecting all VMs of the stack
+# helm_override_yaml: the configurations for Helm deployments
+parameters:
+ ubuntu_1604_image: "${OS_IMAGE_NAME}"
+ apt_proxy: "${OS_APT_PROXY}"
+ docker_proxy: "${OS_DOCKER_PROXY}"
+ public_net_id: "${OS_PUBLIC_NET_ID}"
+ public_v6net_id: "${OS_PUBLIC_V6NET_ID}"
+ key_name: "${OS_KEY_NAME}"
+
+ k8s_vm_flavor: m1.large
+ int_net_cidr: 10.0.0.0/16
+
+ helm_deploy_delay: 4m
+
+ helm_override_yaml: >
+ global:
+ repository: __docker_proxy__
+ pullPolicy: IfNotPresent
--- /dev/null
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+# HEAT stack deploy env file
+# customize the following for local OpenStack parameters
+# ubuntu_1604_image: local OpenStack's image name for Ubuntu 1604
+# apt_proxy: host and port of the apt server
+# docker_proxy: host and port of the docker registry
+# k8s_vm_flavor: dimension of the VMs for the k8s cluster nodes
+# public_net_id: the UUID of the IPv4 network where VMs get their IPv4 floating IP addresses
+# public_v6net_id: the UUID of the IPv6 network where the VMs connect their IPv6 interfaces to
+# int_net_cidr: the address space of the internal network connecting all VMs of the stack
+# helm_override_yaml: the configurations for Helm deployments
+parameters:
+ ubuntu_1604_image: "${OS_IMAGE_NAME}"
+ apt_proxy: "${OS_APT_PROXY}"
+ docker_proxy: "${OS_DOCKER_PROXY}"
+ public_net_id: "${OS_PUBLIC_NET_ID}"
+ public_v6net_id: "${OS_PUBLIC_V6NET_ID}"
+ key_name: "${OS_KEY_NAME}"
+
+ docker_version: "${INFRA_DOCKER_VERSION}"
+ k8s_version: "${INFRA_K8S_VERSION}"
+ k8s_cni_version: "${INFRA_CNI_VERSION}"
+ helm_version: "${INFRA_HELM_VERSION}"
+
+ k8s_vm_flavor: m1.medium
+ int_net_cidr: 10.0.0.0/16
+
+ helm_deploy_delay: 4m
+
+ helm_override_yaml: >
+ global:
+ repository: __docker_proxy__
+ pullPolicy: IfNotPresent
--- /dev/null
+heat_template_version: 2015-10-15
+description: OpenStack HOT for RIC Kubernetes cluster
+
+parameters:
+ docker_proxy:
+ type: string
+ default: ""
+
+ apt_proxy:
+ type: string
+ default: ""
+
+ public_net_id:
+ type: string
+ description: The ID of the Public network for floating IP address allocation
+
+ public_v6net_id:
+ type: string
+ description: The ID of the IPv6 provider network for ipv6 interface IP address allocation
+
+ int_net_cidr:
+ type: string
+ description: CIDR of the OAM ONAP network
+
+ ubuntu_1604_image:
+ type: string
+ description: Name of the Ubuntu 16.04 image
+
+ k8s_vm_flavor:
+ type: string
+ description: VM flavor for k8s hosts
+
+ helm_override_yaml:
+ type: string
+ description: Content for helm_override.yaml
+
+ docker_manifest:
+ type: string
+ default: ""
+
+ key_name:
+ type: string
+ default: "id-oran-int"
+
+ docker_version:
+ type: string
+ default: "18.06.1"
+
+ k8s_version:
+ type: string
+ default: "1.13.3"
+
+ k8s_cni_version:
+ type: string
+ default: "0.6.0"
+
+ helm_version:
+ type: string
+ default: "2.12.3"
+
+ helm_deploy_delay:
+ type: string
+ default: "2m"
+
+ use_ramdisk:
+ type: string
+ description: Set to "true" if you want to use a RAM disk for /dockerdata-nfs/.
+ default: "false"
+
+ mtu:
+ type: number
+ default: 1500
+
+resources:
+ random-str:
+ type: OS::Heat::RandomString
+ properties:
+ length: 4
+
+ cinder_volume:
+ type: OS::Cinder::Volume
+ properties:
+ size: 5
+ name:
+ str_replace:
+ template: volume_rand
+ params:
+ rand: { get_resource: random-str }
+
+ # RIC security group
+ ric_sg:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name:
+ str_replace:
+ template: base_rand
+ params:
+ base: ric_sg
+ rand: { get_resource: random-str }
+ description: security group for RIC traffic
+ rules:
+ # All egress traffic
+ - direction: egress
+ ethertype: IPv4
+ - direction: egress
+ ethertype: IPv6
+ # ingress traffic
+ # ICMP
+ - protocol: icmp
+ ethertype: IPv4
+ - protocol: icmp
+ ethertype: IPv6
+ - protocol: udp
+ ethertype: IPv4
+ port_range_min: 1
+ port_range_max: 65535
+ - protocol: udp
+ ethertype: IPv6
+ port_range_min: 1
+ port_range_max: 65535
+ - protocol: tcp
+ ethertype: IPv4
+ port_range_min: 1
+ port_range_max: 65535
+ - protocol: tcp
+ ethertype: IPv6
+ port_range_min: 1
+ port_range_max: 65535
+ # additional IP Protocols to allow
+ # SCTP
+ - protocol: 132
+ ethertype: IPv4
+ - protocol: 132
+ ethertype: IPv6
+
+
+ # RIC internal network
+ int_network:
+ type: OS::Neutron::Net
+ properties:
+ name:
+ str_replace:
+ template: ric_network_rand
+ params:
+ rand: { get_resource: random-str }
+
+ int_subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ name:
+ str_replace:
+ template: oam_network_rand
+ params:
+ rand: { get_resource: random-str }
+ network_id: { get_resource: int_network }
+ cidr: { get_param: int_net_cidr }
+ dns_nameservers: [ "8.8.8.8" ]
+
+
+ router:
+ type: OS::Neutron::Router
+ properties:
+ name:
+ list_join: ['-', [{ get_param: 'OS::stack_name' }, 'router']]
+ external_gateway_info:
+ network: { get_param: public_net_id }
+
+ router_interface:
+ type: OS::Neutron::RouterInterface
+ properties:
+ router_id: { get_resource: router }
+ subnet_id: { get_resource: int_subnet }
+
--- /dev/null
+heat_template_version: 2015-10-15
+description: OpenStack HOT for RIC Kubernetes cluster
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+parameters:
+ docker_proxy:
+ type: string
+ default: ""
+
+ apt_proxy:
+ type: string
+ default: ""
+
+ public_net_id:
+ type: string
+ description: The ID of the Public network for floating IP address allocation
+
+ public_v6net_id:
+ type: string
+ description: The ID of the IPv6 provider network for ipv6 interface IP address allocation
+
+ int_net_cidr:
+ type: string
+ description: CIDR of the OAM ONAP network
+
+ ubuntu_1604_image:
+ type: string
+ description: Name of the Ubuntu 16.04 image
+
+ k8s_vm_flavor:
+ type: string
+ description: VM flavor for k8s hosts
+
+ helm_override_yaml:
+ type: string
+ description: Content for helm_override.yaml
+
+ docker_manifest:
+ type: string
+ default: ""
+
+ key_name:
+ type: string
+ default: "id-oran-int"
+
+ docker_version:
+ type: string
+ default: "18.06.1"
+
+ k8s_version:
+ type: string
+ default: "1.13.3"
+
+ k8s_cni_version:
+ type: string
+ default: "0.6.0"
+
+ helm_version:
+ type: string
+ default: "2.12.3"
+
+ helm_deploy_delay:
+ type: string
+ default: "2m"
+
+ use_ramdisk:
+ type: string
+ description: Set to "true" if you want to use a RAM disk for /dockerdata-nfs/.
+ default: "false"
+
+ mtu:
+ type: number
+ default: 1500
+
+resources:
+ random-str:
+ type: OS::Heat::RandomString
+ properties:
+ length: 4
+
+ cinder_volume:
+ type: OS::Cinder::Volume
+ properties:
+ size: 5
+ name:
+ str_replace:
+ template: volume_rand
+ params:
+ rand: { get_resource: random-str }
+
+ # RIC security group
+ ric_sg:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name:
+ str_replace:
+ template: base_rand
+ params:
+ base: ric_sg
+ rand: { get_resource: random-str }
+ description: security group for RIC traffic
+ rules:
+ # All egress traffic
+ - direction: egress
+ ethertype: IPv4
+ - direction: egress
+ ethertype: IPv6
+ # ingress traffic
+ # ICMP
+ - protocol: icmp
+ ethertype: IPv4
+ - protocol: icmp
+ ethertype: IPv6
+ - protocol: udp
+ ethertype: IPv4
+ port_range_min: 1
+ port_range_max: 65535
+ - protocol: udp
+ ethertype: IPv6
+ port_range_min: 1
+ port_range_max: 65535
+ - protocol: tcp
+ ethertype: IPv4
+ port_range_min: 1
+ port_range_max: 65535
+ - protocol: tcp
+ ethertype: IPv6
+ port_range_min: 1
+ port_range_max: 65535
+ # additional IP Protocols to allow
+ # SCTP
+ - protocol: 132
+ ethertype: IPv4
+ - protocol: 132
+ ethertype: IPv6
+
+
+ # RIC internal network
+ int_network:
+ type: OS::Neutron::Net
+ properties:
+ name:
+ str_replace:
+ template: ric_network_rand
+ params:
+ rand: { get_resource: random-str }
+
+ int_subnet:
+ type: OS::Neutron::Subnet
+ properties:
+ name:
+ str_replace:
+ template: oam_network_rand
+ params:
+ rand: { get_resource: random-str }
+ network_id: { get_resource: int_network }
+ cidr: { get_param: int_net_cidr }
+ dns_nameservers: [ "8.8.8.8" ]
+
+
+ router:
+ type: OS::Neutron::Router
+ properties:
+ name:
+ list_join: ['-', [{ get_param: 'OS::stack_name' }, 'router']]
+ external_gateway_info:
+ network: { get_param: public_net_id }
+
+ router_interface:
+ type: OS::Neutron::RouterInterface
+ properties:
+ router_id: { get_resource: router }
+ subnet_id: { get_resource: int_subnet }
+
--- /dev/null
+ ${VM_TYPE}_${VM_NUM}_private_port:
+ type: OS::Neutron::Port
+ properties:
+ network: { get_resource: int_network }
+ fixed_ips: [{"subnet": { get_resource: int_subnet }}]
+ security_groups:
+ - { get_resource: ric_sg }
+
+ ${VM_TYPE}_${VM_NUM}_ipv6_port:
+ type: OS::Neutron::Port
+ properties:
+ network_id: { get_param: public_v6net_id }
+ security_groups:
+ - { get_resource: ric_sg }
+
+ ${VM_TYPE}_${VM_NUM}_floating_ip:
+ type: OS::Neutron::FloatingIP
+ properties:
+ floating_network_id: { get_param: public_net_id }
+ port_id: { get_resource: ${VM_TYPE}_${VM_NUM}_private_port }
+
+ ${VM_TYPE}_${VM_NUM}_vm_scripts:
+ type: OS::Heat::CloudConfig
+ properties:
+ cloud_config:
+ power_state:
+ mode: reboot
+ runcmd:
+ - [ /opt/k8s_vm_install.sh ]
+ write_files:
+ - path: /opt/k8s_vm_install.sh
+ permissions: '0755'
+ content:
+ str_replace:
+ params:
+ __docker_proxy__: { get_param: docker_proxy }
+ __apt_proxy__: { get_param: apt_proxy }
+ __docker_version__: { get_param: docker_version }
+ __k8s_version__: { get_param: k8s_version }
+ __k8s_cni_version__: { get_param: k8s_cni_version }
+ __helm_version__: { get_param: helm_version }
+ __host_private_ip_addr__: { get_attr: [${VM_TYPE}_${VM_NUM}_floating_ip, fixed_ip_address] }
+ __host_floating_ip_addr__: { get_attr: [${VM_TYPE}_${VM_NUM}_floating_ip, floating_ip_address] }
+ __host_private_ipv6_addr__: { get_attr: [${VM_TYPE}_${VM_NUM}_ipv6_port, fixed_ips, 0, ip_address ] }
+ __k8s_mst_floating_ip_addr__: { get_attr: [${VM_TYPE}_mst_floating_ip, floating_ip_address] }
+ __k8s_mst_private_ip_addr__: { get_attr: [${VM_TYPE}_mst_floating_ip, fixed_ip_address] }
+ __k8s_mst_parivate_ipv6_addr__: { get_attr: [${VM_TYPE}_mst_ipv6_port, fixed_ips, 0, ip_address] }
+ __mtu__: { get_param: mtu }
+ __cinder_volume_id__: { get_resource: cinder_volume }
+ __stack_name__: { get_param: 'OS::stack_name' }
+ template:
+ get_file: k8s_vm_install.sh
+ - path: /opt/k8s_vm_init.sh
+ permissions: '0755'
+ content:
+ str_replace:
+ params:
+ __host_private_ip_addr__: { get_attr: [${VM_TYPE}_${VM_NUM}_floating_ip, fixed_ip_address] }
+ __host_label__: '$HOST_LABEL'
+ template:
+ get_file: k8s_vm_init.sh
+ - path: /opt/k8s_vm_aux_install.sh
+ permissions: '0755'
+ content:
+ str_replace:
+ params:
+ __host_label__: '$HOST_LABEL'
+ template:
+ get_file: k8s_vm_aux_install.sh
+
+ - path: /opt/k8s_vm_custom_repos.sh
+ permissions: '0755'
+ content:
+ str_replace:
+ params:
+ __host_label__: '$HOST_LABEL'
+ template:
+ get_file: k8s_vm_custom_repos.sh
+
+ - path: /etc/init.d/k8s_vm_init_serv
+ permissions: '0755'
+ content:
+ get_file: k8s_vm_init_serv.sh
+
+
+ ${VM_TYPE}_${VM_NUM}_vm_config:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: { get_resource: ${VM_TYPE}_${VM_NUM}_vm_scripts }
+
+ ${VM_TYPE}_${VM_NUM}_vm:
+ type: OS::Nova::Server
+ properties:
+ name:
+ list_join: ['-', [ { get_param: 'OS::stack_name' }, '${VM_TYPE}', '${VM_NUM}' ] ]
+ image: { get_param: ubuntu_1604_image }
+ flavor: { get_param: ${VM_TYPE}_vm_flavor }
+ key_name: { get_param: key_name }
+ networks:
+ - port: { get_resource: ${VM_TYPE}_${VM_NUM}_private_port }
+ - port: { get_resource: ${VM_TYPE}_${VM_NUM}_ipv6_port }
+ user_data_format: SOFTWARE_CONFIG
+ user_data: { get_resource: ${VM_TYPE}_${VM_NUM}_vm_config }
+
--- /dev/null
+ ${VM_TYPE}_${VM_NUM}_private_port:
+ type: OS::Neutron::Port
+ properties:
+ network: { get_resource: int_network }
+ fixed_ips: [{"subnet": { get_resource: int_subnet }}]
+ security_groups:
+ - { get_resource: ric_sg }
+
+ ${VM_TYPE}_${VM_NUM}_floating_ip:
+ type: OS::Neutron::FloatingIP
+ properties:
+ floating_network_id: { get_param: public_net_id }
+ port_id: { get_resource: ${VM_TYPE}_${VM_NUM}_private_port }
+
+ ${VM_TYPE}_${VM_NUM}_vm_scripts:
+ type: OS::Heat::CloudConfig
+ properties:
+ cloud_config:
+ power_state:
+ mode: reboot
+ runcmd:
+ - [ /opt/k8s_vm_install.sh ]
+ write_files:
+ - path: /opt/k8s_vm_install.sh
+ permissions: '0755'
+ content:
+ str_replace:
+ params:
+ __docker_proxy__: { get_param: docker_proxy }
+ __apt_proxy__: { get_param: apt_proxy }
+ __docker_version__: { get_param: docker_version }
+ __k8s_version__: { get_param: k8s_version }
+ __k8s_cni_version__: { get_param: k8s_cni_version }
+ __helm_version__: { get_param: helm_version }
+ __host_private_ip_addr__: { get_attr: [${VM_TYPE}_${VM_NUM}_floating_ip, fixed_ip_address] }
+ __k8s_mst_floating_ip_addr__: { get_attr: [${VM_TYPE}_mst_floating_ip, floating_ip_address] }
+ __k8s_mst_private_ip_addr__: { get_attr: [${VM_TYPE}_mst_floating_ip, fixed_ip_address] }
+ __mtu__: { get_param: mtu }
+ __cinder_volume_id__: { get_resource: cinder_volume }
+ __stack_name__: { get_param: OS::stack_name }
+ template:
+ get_file: k8s_vm_install.sh
+ - path: /opt/k8s_vm_init.sh
+ permissions: '0755'
+ content:
+ str_replace:
+ params:
+ __host_private_ip_addr__: { get_attr: [${VM_TYPE}_${VM_NUM}_floating_ip, fixed_ip_address] }
+ __host_label__: '$HOST_LABEL'
+ template:
+ get_file: k8s_vm_init.sh
+ - path: /etc/init.d/k8s_vm_init_serv
+ permissions: '0755'
+ content:
+ get_file: k8s_vm_init_serv.sh
+
+ ${VM_TYPE}_${VM_NUM}_vm_config:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: { get_resource: ${VM_TYPE}_${VM_NUM}_vm_scripts }
+
+ ${VM_TYPE}_${VM_NUM}_vm:
+ type: OS::Nova::Server
+ properties:
+ name:
+ list_join: ['-', [ { get_param: 'OS::stack_name' }, '${VM_TYPE}', '${VM_NUM}' ] ]
+ image: { get_param: ubuntu_1604_image }
+ flavor: { get_param: ${VM_TYPE}_vm_flavor }
+ key_name: { get_param: key_name }
+ networks:
+ - port: { get_resource: ${VM_TYPE}_${VM_NUM}_private_port }
+ user_data_format: SOFTWARE_CONFIG
+ user_data: { get_resource: ${VM_TYPE}_${VM_NUM}_vm_config }
+
--- /dev/null
+outputs:
+ cinder_volume_id:
+ value: {get_resource: cinder_volume}
--- /dev/null
+
+outputs:
+ cinder_volume_id:
+ value: {get_resource: cinder_volume}
--- /dev/null
+# this script installs AUX infrastructure components
+
+# continue only on AUX cluster
+CINDER_V_ID=$(cat /opt/config/cinder_volume_id.txt)
+cat <<EOF > ./cinder_pv.yaml
+apiVersion: "v1"
+kind: "PersistentVolume"
+metadata:
+ name: "cinder-pv"
+spec:
+ capacity:
+ storage: "5Gi"
+ accessModes:
+ - "ReadWriteOnce"
+ cinder:
+ fsType: "ext3"
+ volumeID: "$CINDER_V_ID"
+EOF
+kubectl create -f ./cinder_pv.yaml
+
+
+# install fluentd
+LOGGING_NS="logging"
+kubectl create namespace "${LOGGING_NS}"
+while ! helm repo add incubator "https://kubernetes-charts-incubator.storage.googleapis.com/"; do
+ sleep 10
+done
+helm repo update
+helm install incubator/elasticsearch \
+ --namespace "${LOGGING_NS}" \
+ --name elasticsearch \
+ --set image.tag=6.7.0 \
+ --set data.terminationGracePeriodSeconds=0 \
+ --set master.persistence.enabled=false \
+ --set data.persistence.enabled=false
+helm install stable/fluentd-elasticsearch \
+ --name fluentd \
+ --namespace "${LOGGING_NS}" \
+ --set elasticsearch.host=elasticsearch-client.${LOGGING_NS}.svc.cluster.local \
+ --set elasticsearch.port=9200
+helm install stable/kibana \
+ --name kibana \
+ --namespace "${LOGGING_NS}" \
+ --set env.ELASTICSEARCH_URL=http://elasticsearch-client.${LOGGING_NS}.svc.cluster.local:9200 \
+ --set env.ELASTICSEARCH_HOSTS=http://elasticsearch-client.${LOGGING_NS}.svc.cluster.local:9200 \
+ --set env.SERVER_BASEPATH=/api/v1/namespaces/${LOGGING_NS}/services/kibana/proxy
+ #--set image.tag=6.4.2 \
+
+KIBANA_POD_NAME=$(kubectl get pods --selector=app=kibana -n "${LOGGING_NS}" \
+ --output=jsonpath="{.items..metadata.name}")
+wait_for_pods_running 1 "${LOGGING_NS}" "${KIBANA_POD_NAME}"
+
+
+# install prometheus
+PROMETHEUS_NS="monitoring"
+OPERATOR_POD_NAME="prometheus-prometheus-operator-prometheus-0"
+ALERTMANAGER_POD_NAME="alertmanager-prometheus-operator-alertmanager-0"
+helm install stable/prometheus-operator --name prometheus-operator --namespace "${PROMETHEUS_NS}"
+wait_for_pods_running 1 "${PROMETHEUS_NS}" "${OPERATOR_POD_NAME}"
+
+GRAFANA_POD_NAME=$(kubectl get pods --selector=app=grafana -n "${PROMETHEUS_NS}" \
+ --output=jsonpath="{.items..metadata.name}")
+
+
+
+cat <<EOF > ./ingress_lm.yaml
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: ingress-lm
+ annotations:
+ nginx.ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - http:
+ paths:
+ - path: /kibana
+ backend:
+ serviceName: kibana
+ servicePort: 5601
+ - path: /operator
+ backend:
+ serviceName: prometheus-operator-prometheus
+ servicePort: 9090
+ - path: /alertmanager
+ backend:
+ serviceName: prometheus-operator-alertmanager
+ servicePort: 9093
+ - path: /grafana
+ backend:
+ serviceName: prometheus-operator-grafana
+ servicePort: 3000
+EOF
+kubectl apply -f ingress-lm.yaml
+
--- /dev/null
+# add rancodev CI tool hostnames
+if [ ! -z "${__RUNRICENV_GERRIT_IP__}" ]; then
+ echo "${__RUNRICENV_GERRIT_IP__} ${__RUNRICENV_GERRIT_HOST__}" >> /etc/hosts
+fi
+
+if [ ! -z "${__RUNRICENV_DOCKER_IP__}" ]; then
+ echo "${__RUNRICENV_DOCKER_IP__} ${__RUNRICENV_DOCKER_HOST__}" >> /etc/hosts
+
+ if [ ! -z "${__RUNRICENV_DOCKER_CERT__}" ]; then
+ mkdir -p /etc/docker/certs.d/${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}
+ cat <<EOF >/etc/docker/ca.crt
+${__RUNRICENV_DOCKER_CERT__}
+EOF
+ cp /etc/docker/ca.crt \
+ /etc/docker/certs.d/${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}/ca.crt
+ fi
+
+ service docker restart
+ systemctl enable docker.service
+ docker login -u ${__RUNRICENV_DOCKER_USER__} -p ${__RUNRICENV_DOCKER_PASS__} \
+ ${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}
+ docker pull ${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}/whoami:0.0.1
+fi
+
+
+if [ ! -z "${__RUNRICENV_HELMREPO_IP__}" ]; then
+ echo "${__RUNRICENV_HELMREPO_IP__} ${__RUNRICENV_HELMREPO_HOST__}" >> /etc/hosts
+ if [ ! -z "${__RUNRICENV_HELMREPO_CERT__}" ]; then
+ cat <<EOF >/etc/ca-certificates/update.d/helm.crt
+${__RUNRICENV_HELMREPO_CERT__}
+EOF
+ fi
+fi
+
--- /dev/null
+#!/bin/bash -x
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+echo "k8s_vm_init.sh"
+
--- /dev/null
+#!/bin/sh
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+### BEGIN INIT INFO
+# Provides: k8s_vm_init.sh
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Start daemon at boot time
+# Description: Enable service provided by daemon.
+### END INIT INFO
+
+echo "k8s_vm_init_serv.sh"
+
+
+dir="/opt"
+cmd="./k8s_vm_init.sh"
+user="root"
+
+name=`basename $0`
+pid_file="/var/run/$name.pid"
+stdout_log="/var/log/$name.log"
+stderr_log="/var/log/$name.err"
+
+get_pid() {
+ cat "$pid_file"
+}
+
+is_running() {
+ [ -f "$pid_file" ] && ps `get_pid` > /dev/null 2>&1
+}
+
+case "$1" in
+ start)
+ if is_running; then
+ echo "Already started"
+ else
+ echo "Starting $name"
+ cd "$dir"
+ if [ -z "$user" ]; then
+ sudo $cmd >> "$stdout_log" 2>> "$stderr_log" &
+ else
+ sudo -u "$user" $cmd >> "$stdout_log" 2>> "$stderr_log" &
+ fi
+ echo $! > "$pid_file"
+ if ! is_running; then
+ echo "Unable to start, see $stdout_log and $stderr_log"
+ exit 1
+ fi
+ fi
+ ;;
+ stop)
+ if is_running; then
+ echo -n "Stopping $name.."
+ kill `get_pid`
+ for i in {1..10}
+ do
+ if ! is_running; then
+ break
+ fi
+
+ echo -n "."
+ sleep 1
+ done
+ echo
+
+ if is_running; then
+ echo "Not stopped; may still be shutting down or shutdown may have failed"
+ exit 1
+ else
+ echo "Stopped"
+ if [ -f "$pid_file" ]; then
+ rm "$pid_file"
+ fi
+ fi
+ else
+ echo "Not running"
+ fi
+ ;;
+ restart)
+ $0 stop
+ if is_running; then
+ echo "Unable to stop, will not attempt to start"
+ exit 1
+ fi
+ $0 start
+ ;;
+ status)
+ if is_running; then
+ echo "Running"
+ else
+ echo "Stopped"
+ exit 1
+ fi
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+#!/bin/bash -x
+################################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you may not use this file except in compliance with the License. #
+# You may obtain a copy of the License at #
+# #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+################################################################################
+
+
+# first parameter: number of expected running pods
+# second parameter: namespace (all-namespaces means all namespaces)
+# third parameter: [optional] keyword
+wait_for_pods_running () {
+ NS="$2"
+ CMD="kubectl get pods --all-namespaces "
+ if [ "$NS" != "all-namespaces" ]; then
+ CMD="kubectl get pods -n $2 "
+ fi
+ KEYWORD="Running"
+ if [ "$#" == "3" ]; then
+ KEYWORD="${3}.*Running"
+ fi
+
+ CMD2="$CMD | grep \"$KEYWORD\" | wc -l"
+ NUMPODS=$(eval "$CMD2")
+ echo "waiting for $NUMPODS/$1 pods running in namespace [$NS] with keyword [$KEYWORD]"
+ while [ $NUMPODS -lt $1 ]; do
+ sleep 5
+ NUMPODS=$(eval "$CMD2")
+ echo "> waiting for $NUMPODS/$1 pods running in namespace [$NS] with keyword [$KEYWORD]"
+ done
+}
+
+
+# first parameter: interface name
+start_ipv6_if () {
+ # enable ipv6 interface
+ # standard Ubuntu cloud image does not have dual interface configuration or ipv6
+ IPv6IF="$1"
+ if ifconfig -a $IPv6IF; then
+ echo "" >> /etc/network/interfaces.d/50-cloud-init.cfg
+ #echo "auto ${IPv6IF}" >> /etc/network/interfaces.d/50-cloud-init.cfg
+ echo "allow-hotplug ${IPv6IF}" >> /etc/network/interfaces.d/50-cloud-init.cfg
+ echo "iface ${IPv6IF} inet6 auto" >> /etc/network/interfaces.d/50-cloud-init.cfg
+ #dhclient -r $IPv6IF
+ #systemctl restart networking
+ ifconfig ${IPv6IF} up
+ fi
+}
+
+echo "k8s_vm_install.sh"
+set -x
+export DEBIAN_FRONTEND=noninteractive
+echo "__host_private_ip_addr__ $(hostname)" >> /etc/hosts
+printenv
+
+mkdir -p /opt/config
+echo "__docker_version__" > /opt/config/docker_version.txt
+echo "__k8s_version__" > /opt/config/k8s_version.txt
+echo "__k8s_cni_version__" > /opt/config/k8s_cni_version.txt
+echo "__helm_version__" > /opt/config/helm_version.txt
+echo "__host_private_ip_addr__" > /opt/config/host_private_ip_addr.txt
+echo "__k8s_mst_floating_ip_addr__" > /opt/config/k8s_mst_floating_ip_addr.txt
+echo "__k8s_mst_private_ip_addr__" > /opt/config/k8s_mst_private_ip_addr.txt
+echo "__mtu__" > /opt/config/mtu.txt
+echo "__cinder_volume_id__" > /opt/config/cinder_volume_id.txt
+echo "__stack_name__" > /opt/config/stack_name.txt
+
+ISAUX='false'
+if [[ $(cat /opt/config/stack_name.txt) == *aux* ]]; then
+ ISAUX='true'
+fi
+
+modprobe -- ip_vs
+modprobe -- ip_vs_rr
+modprobe -- ip_vs_wrr
+modprobe -- ip_vs_sh
+modprobe -- nf_conntrack_ipv4
+modprobe -- nf_conntrack_ipv6
+modprobe -- nf_conntrack_proto_sctp
+
+start_ipv6_if ens4
+
+# disable swap
+SWAPFILES=$(grep swap /etc/fstab | sed '/^#/ d' |cut -f1 -d' ')
+if [ ! -z $SWAPFILES ]; then
+ for SWAPFILE in $SWAPFILES
+ do
+ if [ ! -z $SWAPFILE ]; then
+ echo "disabling swap file $SWAPFILE"
+ if [[ $SWAPFILE == UUID* ]]; then
+ UUID=$(echo $SWAPFILE | cut -f2 -d'=')
+ swapoff -U $UUID
+ else
+ swapoff $SWAPFILE
+ fi
+ # edit /etc/fstab file, remove line with /swapfile
+ sed -i -e "/$SWAPFILE/d" /etc/fstab
+ fi
+ done
+fi
+# disable swap
+#swapoff /swapfile
+# edit /etc/fstab file, remove line with /swapfile
+#sed -i -e '/swapfile/d' /etc/fstab
+
+
+DOCKERV=$(cat /opt/config/docker_version.txt)
+KUBEV=$(cat /opt/config/k8s_version.txt)
+KUBECNIV=$(cat /opt/config/k8s_cni_version.txt)
+
+KUBEVERSION="${KUBEV}-00"
+CNIVERSION="${KUBECNIV}-00"
+DOCKERVERSION="${DOCKERV}-0ubuntu1.2~16.04.1"
+curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
+echo 'deb http://apt.kubernetes.io/ kubernetes-xenial main' > /etc/apt/sources.list.d/kubernetes.list
+
+# install low latency kernel, docker.io, and kubernetes
+apt-get update
+apt-get install -y linux-image-4.15.0-45-lowlatency curl jq netcat docker.io=${DOCKERVERSION}
+apt-get install -y kubernetes-cni=${CNIVERSION}
+apt-get install -y --allow-unauthenticated kubeadm=${KUBEVERSION} kubelet=${KUBEVERSION} kubectl=${KUBEVERSION}
+apt-mark hold kubernetes-cni kubelet kubeadm kubectl
+
+
+# test access to k8s docker registry
+kubeadm config images pull
+
+
+# non-master nodes have hostnames ending with -[0-9][0-9]
+if [[ $(hostname) == *-[0-9][0-9] ]]; then
+ echo "Done for non-master node"
+ echo "Starting an NC TCP server on port 29999 to indicate we are ready"
+ nc -l -p 29999 &
+else
+ # below are steps for initializating master node, only run on the master node.
+ # minion node join will be triggered from the caller of the stack creation as ssh command.
+
+
+ # create kubenetes config file
+ if [[ ${KUBEV} == 1.13.* ]]; then
+ cat <<EOF >/root/config.yaml
+apiVersion: kubeadm.k8s.io/v1alpha3
+kubernetesVersion: v${KUBEV}
+kind: ClusterConfiguration
+apiServerExtraArgs:
+ feature-gates: SCTPSupport=true
+networking:
+ dnsDomain: cluster.local
+ podSubnet: 10.244.0.0/16
+ serviceSubnet: 10.96.0.0/12
+
+---
+apiVersion: kubeproxy.config.k8s.io/v1alpha1
+kind: KubeProxyConfiguration
+mode: ipvs
+EOF
+
+ elif [[ ${KUBEV} == 1.14.* ]]; then
+ cat <<EOF >/root/config.yaml
+apiVersion: kubeadm.k8s.io/v1beta1
+kubernetesVersion: v${KUBEV}
+kind: ClusterConfiguration
+apiServerExtraArgs:
+ feature-gates: SCTPSupport=true
+networking:
+ dnsDomain: cluster.local
+ podSubnet: 10.244.0.0/16
+ serviceSubnet: 10.96.0.0/12
+
+---
+apiVersion: kubeproxy.config.k8s.io/v1alpha1
+kind: KubeProxyConfiguration
+mode: ipvs
+EOF
+
+ else
+ echo "Unsupported Kubernetes version requested. Bail."
+ exit
+ fi
+
+
+ # create a RBAC file for helm (tiller)
+ cat <<EOF > /root/rbac-config.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: tiller
+ namespace: kube-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: tiller
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+ - kind: ServiceAccount
+ name: tiller
+ namespace: kube-system
+EOF
+
+ # start cluster (make sure CIDR is enabled with the flag)
+ kubeadm init --config /root/config.yaml
+
+
+ # install Helm
+ HELMV=$(cat /opt/config/helm_version.txt)
+ HELMVERSION=${HELMV}
+ cd /root
+ mkdir Helm
+ cd Helm
+ wget https://storage.googleapis.com/kubernetes-helm/helm-v${HELMVERSION}-linux-amd64.tar.gz
+ tar -xvf helm-v${HELMVERSION}-linux-amd64.tar.gz
+ mv linux-amd64/helm /usr/local/bin/helm
+
+ # set up kubectl credential and config
+ cd /root
+ rm -rf .kube
+ mkdir -p .kube
+ cp -i /etc/kubernetes/admin.conf /root/.kube/config
+ chown root:root /root/.kube/config
+
+ # at this point we should be able to use kubectl
+ kubectl get pods --all-namespaces
+
+ # install flannel
+ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml
+
+
+ # waiting for all 8 kube-system pods to be in running state
+ # (at this point, minions have not joined yet)
+ wait_for_pods_running 8 kube-system
+
+ # if running a single node cluster, need to enable master node to run pods
+ kubectl taint nodes --all node-role.kubernetes.io/master-
+
+ cd /root
+ # install RBAC for Helm
+ kubectl create -f rbac-config.yaml
+
+
+ rm -rf /root/.helm
+ helm init --service-account tiller
+ export HELM_HOME="/root/.helm"
+
+ # waiting for tiller pod to be in running state
+ wait_for_pods_running 1 kube-system tiller-deploy
+
+ while ! helm version; do
+ echo "Waiting for Helm to be ready"
+ sleep 15
+ done
+
+ # install ingress controller db-less kong
+ helm install stable/kong --set ingressController.enabled=true --set postgresql.enabled=false --set env.database=off
+
+
+ echo "Starting an NC TCP server on port 29999 to indicate we are ready"
+ nc -l -p 29999 &
+
+ echo "Done with master node setup"
+fi
+
+
+# add rancodev CI tool hostnames
+if [[ ! -z "${__RUNRICENV_GERRIT_IP__}" && ! -z "${__RUNRICENV_GERRIT_HOST__}" ]]; then
+ echo "${__RUNRICENV_GERRIT_IP__} ${__RUNRICENV_GERRIT_HOST__}" >> /etc/hosts
+fi
+if [[ ! -z "${__RUNRICENV_DOCKER_IP__}" && ! -z "${__RUNRICENV_DOCKER_HOST__}" ]]; then
+ echo "${__RUNRICENV_DOCKER_IP__} ${__RUNRICENV_DOCKER_HOST__}" >> /etc/hosts
+fi
+if [[ ! -z "${__RUNRICENV_HELMREPO_IP__}" && ! -z "${__RUNRICENV_HELMREPO_HOST__}" ]]; then
+ echo "${__RUNRICENV_HELMREPO_IP__} ${__RUNRICENV_HELMREPO_HOST__}" >> /etc/hosts
+fi
+
+if [ ! -z "${__RUNRICENV_HELMREPO_CERT__}" ]; then
+ cat <<EOF >/etc/ca-certificates/update.d/helm.crt
+${__RUNRICENV_HELMREPO_CERT__}
+EOF
+fi
+
+# add cert for accessing docker registry in Azure
+if [ ! -z "${__RUNRICENV_DOCKER_CERT__}" ]; then
+ mkdir -p /etc/docker/certs.d/${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}
+ cat <<EOF >/etc/docker/ca.crt
+${__RUNRICENV_DOCKER_CERT__}
+EOF
+ cp /etc/docker/ca.crt /etc/docker/certs.d/${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}/ca.crt
+
+ service docker restart
+ systemctl enable docker.service
+ docker login -u ${__RUNRICENV_DOCKER_USER__} -p ${__RUNRICENV_DOCKER_PASS__} ${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}
+ docker pull ${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}/whoami:0.0.1
+fi
+
--- /dev/null
+# Copyright (c) 2019 AT&T Intellectual Property.
+# Copyright (c) 2019 Nokia.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+FROM alpine
+
+MAINTAINER "RIC"
+
+LABEL name="Generic initcontainer image for RIC Platform components"
+
+RUN apk update
+
+# iproute2: required for e2 termination
+RUN apk add iproute2
+# kubectl: required for xapp/ricplt helm installers
+RUN apk add openssl
+# kubectl: required for xapp/ricplt helm installers
+ADD https://storage.googleapis.com/kubernetes-release/release/v1.14.1/bin/linux/amd64/kubectl /bin/kubectl
+RUN chmod +x /bin/kubectl
+
+COPY bin/ricplt-init.sh /ricplt-init.sh
+
+#
+CMD /ricplt-init.sh
--- /dev/null
+#!/bin/sh
+# Copyright (c) 2019 AT&T Intellectual Property.
+# Copyright (c) 2019 Nokia.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# this is placeholder script, intended
+# to be overridden by individual RIC
+# component charts.
+exit 0
if [ -z $OVERRIDEYAML ]; then
- helm install --namespace "${NAMESPACE}" --name "${RELEASE_NAME}-credential" $DIR/../helm
+ helm install --namespace "${NAMESPACE}" --name "${RELEASE_NAME}-${NAMESPACE}-credential" $DIR/../helm
else
- helm install -f $OVERRIDEYAML --namespace "${NAMESPACE}" --name "${RELEASE_NAME}-credential" $DIR/../helm
+ helm install -f $OVERRIDEYAML --namespace "${NAMESPACE}" --name "${RELEASE_NAME}-${NAMESPACE}-credential" $DIR/../helm
fi
NAMESPACE=$RICPLT_NAMESPACE
fi
- helm delete --purge "${RELEASE_NAME}-credential"
+helm delete --purge "${RELEASE_NAME}-${NAMESPACE}-credential"
release: {{ .Release.Name }}
spec:
hostname: {{ .Chart.Name }}
+ hostNetwork: true
+ dnsPolicy: ClusterFirstWithHostNet
imagePullSecrets:
- name: {{ include "common.repositoryCred" . }}
containers:
Code Review / it / dep.git / commitdiff