From: aravind.est <aravindhan.a@est.tech>
Date: Tue, 18 Jul 2023 09:59:06 +0000 (+0100)
Subject: Add installation script
X-Git-Tag: 0.0.1~62
X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=commitdiff_plain;ds=sidebyside;h=refs%2Fchanges%2F15%2F11515%2F1;p=nonrtric%2Fplt%2Frappmanager.git

Add installation script

Added script to install the dependent components for Rapp Manager.

Issue-ID: NONRTRIC-898
Signed-off-by: aravind.est <aravindhan.a@est.tech>
Change-Id: I2c18f509c76a58fdc4ef7620b0fab28378664688
---

diff --git a/scripts/install/README.md b/scripts/install/README.md
new file mode 100755
index 0000000..5f7f3bf
--- /dev/null
+++ b/scripts/install/README.md
@@ -0,0 +1,40 @@
+## Installation of Rapp Manager
+
+Rapp Manager application requires the following components,
+
+* ONAP ACM
+* OSC SME
+
+
+### Pre-requisites
+
+The installation scripts do not handle the required installations listed below.
+
+* Kubernetes cluster(v1.24.6)
+* GIT
+
+### Installation
+
+All the components can be installed as shown below,
+```
+./install-all.sh
+```
+
+Individual components can be installed using the commands below,
+
+```./install-base.sh``` - Installs the tools required for other installer scripts.
+
+```./install-acm.sh``` - Installs the ACM, and it's related components.
+
+```./install-kserve.sh``` - Installs the Kserve, and it's related components.
+
+```./install-nonrtric.sh``` - Installs the NONRTRIC components.
+
+> **These scripts are specifically designed for a fresh environment.**
+
+### Uninstallation
+
+```./uninstall-all.sh``` - Uninstalls all the components
+
+
+
diff --git a/scripts/install/install-acm.sh b/scripts/install/install-acm.sh
new file mode 100755
index 0000000..76362e0
--- /dev/null
+++ b/scripts/install/install-acm.sh
@@ -0,0 +1,80 @@
+#!/bin/bash
+
+#  ============LICENSE_START===============================================
+#  Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#  ========================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#  ============LICENSE_END=================================================
+#
+
+echo "######### Installing ACM components #########"
+
+ENABLE_COMPONENTS=(policy-models-simulator policy-clamp-runtime-acm policy-clamp-ac-kserve-ppnt policy-clamp-ac-k8s-ppnt policy-clamp-ac-a1pms-ppnt)
+DISABLE_COMPONENTS=(policy-api policy-pap policy-apex-pdp policy-pdpd-cl policy-xacml-pdp policy-distribution policy-clamp-ac-pf-ppnt policy-clamp-ac-http-ppnt)
+
+ACM_VALUES_FILE="docker/helm/policy/values.yaml"
+A1PMS_CONFIGURATION_FILE="docker/helm/policy/components/policy-clamp-ac-a1pms-ppnt/resources/config/A1pmsParticipantParameters.yaml"
+K8S_CONFIGURATION_FILE="docker/helm/policy/components/policy-clamp-ac-k8s-ppnt/values.yaml"
+
+IP_ADDRESS=$(hostname -I | awk '{print $1}')
+echo "IP Address : $IP_ADDRESS"
+
+git clone -b london "https://gerrit.onap.org/r/policy/docker"
+
+CWD=$(pwd)
+export WORKSPACE="$CWD/docker"
+
+echo "Updating policy docker image versions..."
+bash docker/compose/get-k8s-versions.sh
+
+echo "Enabling the access for the clusterroles..."
+kubectl apply -f resources/acm-role-binding.yaml
+
+for element in "${ENABLE_COMPONENTS[@]}"; do
+  echo "Enabling component $element"
+  yq eval ".$element.enabled"="true" -i $ACM_VALUES_FILE
+done
+
+for element in "${DISABLE_COMPONENTS[@]}"; do
+  echo "Disabling component $element"
+  yq eval ".$element.enabled"="false" -i $ACM_VALUES_FILE
+done
+
+echo "Updating A1PMS Participant"
+yq eval '.a1pms.baseUrl="http://policymanagementservice.nonrtric:9080"' -i $A1PMS_CONFIGURATION_FILE
+
+echo "Updating the k8s participant repo list"
+yq eval '.repoList.helm.repos += {"repoName":"local","address":"http://'$IP_ADDRESS':8879/charts"}' -i $K8S_CONFIGURATION_FILE
+
+echo "Building policy helm charts..."
+helm dependency build docker/helm/policy/
+
+echo "Installing policy helm charts..."
+helm install csit-policy docker/helm/policy/ -n default
+
+while [[ $TIME -lt 2000 ]]; do
+  NONRTRIC_PODS=$(kubectl get pods -n default --field-selector=status.phase!=Running,status.phase!=Succeeded --no-headers)
+  if [[ -z "$NONRTRIC_PODS" ]]; then
+    echo "All ACM Components are running."
+    kubectl get pods -n default
+    break
+  fi
+
+  echo "Waiting for ACM Components to be running..."
+  echo "These pods are not running"
+  echo "$NONRTRIC_PODS"
+  TIME=$(expr $TIME + 5)
+  sleep 5
+done
+
+echo "ACM Components Installation Completed."
\ No newline at end of file
diff --git a/scripts/install/install-all.sh b/scripts/install/install-all.sh
new file mode 100755
index 0000000..59ab545
--- /dev/null
+++ b/scripts/install/install-all.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+#  ============LICENSE_START===============================================
+#  Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#  ========================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#  ============LICENSE_END=================================================
+#
+
+echo "######### Installing Rapp Manager #########"
+
+./install-base.sh
+
+echo "Installing Kserve components..."
+./install-kserve.sh
+
+echo "Installing NONRTRIC components..."
+./install-nonrtric.sh
+
+echo "Installing ACM components..."
+./install-acm.sh
+
+# Install rapp manager
+
+echo "Rapp Manager installation completed."
\ No newline at end of file
diff --git a/scripts/install/install-base.sh b/scripts/install/install-base.sh
new file mode 100755
index 0000000..0456e3f
--- /dev/null
+++ b/scripts/install/install-base.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+
+#  ============LICENSE_START===============================================
+#  Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#  ========================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#  ============LICENSE_END=================================================
+#
+
+echo "######### Installing base components #########"
+
+echo "Installing helm..."
+snap install helm --classic
+HELM_VERSION=$(helm version --short)
+echo "Helm version $HELM_VERSION installed."
+
+echo "Installing chartmuseum..."
+curl https://raw.githubusercontent.com/helm/chartmuseum/main/scripts/get-chartmuseum | bash
+CHART_MUSEUM_VERSION=$(helm version --short)
+echo "Chartmuseum version $CHART_MUSEUM_VERSION is installed."
+
+echo "Install yq..."
+snap install yq
+
diff --git a/scripts/install/install-kserve.sh b/scripts/install/install-kserve.sh
new file mode 100755
index 0000000..0753e4f
--- /dev/null
+++ b/scripts/install/install-kserve.sh
@@ -0,0 +1,62 @@
+#!/bin/bash
+
+#  ============LICENSE_START===============================================
+#  Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#  ========================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#  ============LICENSE_END=================================================
+#
+
+echo "######### Installing Kserve #########"
+
+KSERVE_CRD_RESPONSE=$(kubectl get crd inferenceservice.serving.kserve.io)
+if [ -z "$KSERVE_CRD_RESPONSE" ]; then
+  echo "Adding istio helm repository"
+  helm repo add istio https://istio-release.storage.googleapis.com/charts
+  helm repo update
+
+  echo "Installing Istio..."
+  kubectl create namespace istio-system
+  helm install istio-base istio/base -n istio-system --set defaultRevision=default
+  helm install istiod istio/istiod -n istio-system --wait
+
+  echo "Installing Istio Kserve ingress..."
+  kubectl apply -f resources/kserve-istio-ingress.yaml
+
+  echo "Installing Cert Manager v1.12.0 ..."
+  kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml
+
+  while [[ $TIME -lt 20 ]]; do
+    CERT_MANAGER_PODS=$(kubectl get pods -n cert-manager --field-selector=status.phase!=Running --no-headers)
+    if [[ -z "$CERT_MANAGER_PODS" ]]; then
+      echo "Cert manager is running."
+      break
+    fi
+
+    echo "Waiting for cert manager to be running..."
+    echo "These pods are not running"
+    echo "$CERT_MANAGER_PODS"
+    TIME=$(expr $TIME + 3)
+    sleep 3
+  done
+  echo "Waiting for cert-manager to get initialized..."
+
+  echo "Installing Kserve v0.10.0 ..."
+  kubectl apply -f https://github.com/kserve/kserve/releases/download/v0.10.0/kserve.yaml
+  kubectl apply -f https://github.com/kserve/kserve/releases/download/v0.10.0/kserve-runtimes.yaml
+  echo "Patching Kserve ..."
+  kubectl patch configmap/inferenceservice-config -n kserve --type=strategic -p '{"data": {"deploy": "{\"defaultDeploymentMode\": \"RawDeployment\"}"}}'
+  echo "Kserve installation completed."
+else
+  echo "Kserve already installed."
+fi
diff --git a/scripts/install/install-nonrtric.sh b/scripts/install/install-nonrtric.sh
new file mode 100755
index 0000000..0ff2ab2
--- /dev/null
+++ b/scripts/install/install-nonrtric.sh
@@ -0,0 +1,56 @@
+#!/bin/bash
+
+#  ============LICENSE_START===============================================
+#  Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#  ========================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#  ============LICENSE_END=================================================
+#
+
+echo "######### Installing NONRTRIC components #########"
+
+git clone "https://gerrit.o-ran-sc.org/r/it/dep"
+
+ENABLED_SERVICES=(installPms installA1controller installA1simulator installInformationservice)
+DISABLED_SERVICES=(installControlpanel installRappcatalogueservice installRappcatalogueenhancedservice installNonrtricgateway installKong installDmaapadapterservice installDmaapmediatorservice installHelmmanager installOrufhrecovery installRansliceassurance)
+
+RECEIPE_FILE="dep/nonrtric/RECIPE_EXAMPLE/example_recipe.yaml"
+
+for element in "${ENABLED_SERVICES[@]}"; do
+  echo "Enabling service $element"
+  yq eval ".nonrtric.$element"="true" -i $RECEIPE_FILE
+done
+
+for element in "${DISABLED_SERVICES[@]}"; do
+  echo "Disabling service $element"
+  yq eval ".nonrtric.$element"="false" -i $RECEIPE_FILE
+done
+
+sudo dep/bin/deploy-nonrtric -f $RECEIPE_FILE
+
+while [[ $TIME -lt 2000 ]]; do
+  NONRTRIC_PODS=$(kubectl get pods -n nonrtric --field-selector=status.phase!=Running --no-headers)
+  if [[ -z "$NONRTRIC_PODS" ]]; then
+    echo "All NONRTRIC Components are running."
+    kubectl get pods -n nonrtric
+    break
+  fi
+
+  echo "Waiting for NONRTRIC Components to be running..."
+  echo "These pods are not running"
+  echo "$NONRTRIC_PODS"
+  TIME=$(expr $TIME + 5)
+  sleep 5
+done
+
+echo "NONRTRIC component installation completed..."
diff --git a/scripts/install/resources/acm-role-binding.yaml b/scripts/install/resources/acm-role-binding.yaml
new file mode 100755
index 0000000..c3e13ab
--- /dev/null
+++ b/scripts/install/resources/acm-role-binding.yaml
@@ -0,0 +1,21 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: policy-read-view-binding
+subjects:
+  - kind: ServiceAccount
+    name: policy-read
+    namespace: default
+  - kind: ServiceAccount
+    name: policy-api-read
+    namespace: default
+  - kind: ServiceAccount
+    name: policy-clamp-runtime-acm-read
+    namespace: default
+  - kind: ServiceAccount
+    name: policy-pap-read
+    namespace: default
+roleRef:
+  kind: ClusterRole
+  name: view
+  apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
diff --git a/scripts/install/resources/kserve-istio-ingress.yaml b/scripts/install/resources/kserve-istio-ingress.yaml
new file mode 100755
index 0000000..28ed695
--- /dev/null
+++ b/scripts/install/resources/kserve-istio-ingress.yaml
@@ -0,0 +1,6 @@
+apiVersion: networking.k8s.io/v1
+kind: IngressClass
+metadata:
+  name: istio
+spec:
+  controller: istio.io/ingress-controller
diff --git a/scripts/install/uninstall-all.sh b/scripts/install/uninstall-all.sh
new file mode 100755
index 0000000..f179af7
--- /dev/null
+++ b/scripts/install/uninstall-all.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+#  ============LICENSE_START===============================================
+#  Copyright (C) 2023 Nordix Foundation. All rights reserved.
+#  ========================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#  ============LICENSE_END=================================================
+#
+
+echo "######### Uninstalling Rapp Manager #########"
+
+echo "Uninstalling ACM Components..."
+helm uninstall csit-policy -n default
+
+echo "Uninstalling NONRTRIC Components..."
+sudo dep/bin/undeploy-nonrtric
+
+echo "Uninstalling Kserve Components..."
+kubectl delete -f https://github.com/kserve/kserve/releases/download/v0.10.0/kserve.yaml
+kubectl delete -f https://github.com/kserve/kserve/releases/download/v0.10.0/kserve-runtimes.yaml
+kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml
+kubectl delete ns cert-manager
+helm uninstall istiod -n istio-system
+helm uninstall istio-base -n istio-system
+kubectl delete ns istio-system
+
+rm -rf dep/
+rm -rf docker/
+
+sudo rm -fr /dockerdata-nfs/* /tmp/dockerdata-nfs