From 6ab531b7836594aa22442600d829e96ea3b3fcda Mon Sep 17 00:00:00 2001 From: BjornMagnussonXA Date: Mon, 15 May 2023 11:23:35 +0200 Subject: [PATCH] Updated installation and components Issue-ID: NONRTRIC-854 Signed-off-by: BjornMagnussonXA Change-Id: I6d23663dedb09eb0684e158112a39db41476ec76 --- https-server/Dockerfile | 10 +- https-server/README.md | 6 +- https-server/build.sh | 39 ++- https-server/certs/.gitignore | 2 - https-server/certs/server.crt | 16 + https-server/certs/server.key | 28 ++ https-server/gen-cert.sh | 2 +- install/README.md | 112 +++++++ install/TODO.txt | 16 - .../charts/dfc/values.yaml => global-values.yaml} | 5 +- .../helm/nrt-base-0/charts/kafka-client/Chart.yaml | 2 +- .../charts/kafka-client/templates/app-pod.yaml | 6 +- .../charts/minio/templates/app-statefulset.yaml | 4 +- install/helm/nrt-base-1/charts/minio/values.yaml | 2 +- install/helm/nrt-base-1/charts/ves-mr/Chart.yaml | 41 +++ .../charts/ves-mr/config/MsgRtrApi.properties | 135 ++++++++ .../charts/ves-mr/config/collector.properties | 77 +++++ .../nrt-base-1/charts/ves-mr/config/logback.xml | 204 ++++++++++++ .../charts/ves-mr/config/ves-dmaap-config.json | 10 + .../charts/ves-mr/templates/app-configmap1.yaml | 25 ++ .../charts/ves-mr/templates/app-configmap2.yaml} | 10 +- .../charts/ves-mr/templates/app-configmap3.yaml | 25 ++ .../charts/ves-mr/templates/app-configmap4.yaml | 25 ++ .../templates/app-deployment-message-router.yaml | 56 ++++ .../templates/app-deployment-ves-collector.yaml | 43 +++ .../ves-mr/templates/app-deployment-zk-tunnel.yaml | 70 ++++ .../templates/app-networkpolicy-zk-tunnel.yaml | 21 ++ .../templates/app-service-message-router.yaml | 16 + .../templates/app-service-ves-collector.yaml | 19 ++ .../ves-mr/templates/app-service-zk-tunnel.yaml | 17 + install/helm/nrt-pm-log/.gitignore | 1 + install/helm/nrt-pm-log/TODO.txt | 1 - install/helm/nrt-pm-log/config/jobDefinition.json | 35 +- .../helm/nrt-pm-log/templates/app-statefulset.yaml | 7 +- install/helm/nrt-pm-rapp/templates/app-pod.yaml | 6 +- install/helm/nrt-pm/charts/dfc/.gitignore | 1 + .../charts/dfc/templates/app-statefulset.yaml | 5 +- .../charts/ics/templates/app-deployment.yaml | 3 +- .../templates/app-statefulset.yaml | 6 +- .../templates/app-statefulset.yaml | 6 +- .../templates/app-statefulset.yaml | 6 +- .../charts/pm-producer-json2kafka/.gitignore | 1 + .../templates/app-statefulset.yaml | 5 +- .../charts/pm-producer-json2kafka/values.yaml | 2 +- install/helm/ran/templates/app-deployment.yaml | 14 +- install/install-nrt.sh | 105 ++---- install/install-pm-influx-job.sh | 7 +- install/install-pm-log.sh | 10 +- install/install-pm-rapp.sh | 12 +- install/opa-rules/README.md | 6 +- install/scripts/README.md | 70 ++++ install/scripts/create_ics_job.sh | 5 +- install/scripts/create_topic.sh | 2 +- install/scripts/get_influxdb2_token.sh | 2 +- .../kafka-client-send-genfiles-file-ready.sh | 95 ++++-- install/scripts/populate_keycloak.sh | 60 ++-- .../scripts/push-genfiles-to-file-ready-topic.sh | 4 +- install/scripts/push-genfiles-to-ves-collector.sh | 75 +++++ install/uninstall-nrt.sh | 1 - pm-file-converter/.gitignore | 3 +- pm-file-converter/Dockerfile | 16 +- pm-file-converter/README.md | 38 ++- pm-file-converter/build.sh | 41 ++- pm-file-converter/gen-cert.sh | 10 +- pm-file-converter/main.go | 364 +-------------------- pm-file-converter/server.crt | 9 + pm-file-converter/server.key | 9 + pm-rapp/Dockerfile | 15 +- pm-rapp/README.md | 59 +++- pm-rapp/TODO.txt | 10 - pm-rapp/build.sh | 28 +- pm-rapp/container.yaml | 2 +- pm-rapp/main.go | 6 +- 73 files changed, 1568 insertions(+), 639 deletions(-) delete mode 100644 https-server/certs/.gitignore create mode 100644 https-server/certs/server.crt create mode 100644 https-server/certs/server.key create mode 100644 install/README.md delete mode 100644 install/TODO.txt rename install/helm/{nrt-pm/charts/dfc/values.yaml => global-values.yaml} (92%) create mode 100644 install/helm/nrt-base-1/charts/ves-mr/Chart.yaml create mode 100644 install/helm/nrt-base-1/charts/ves-mr/config/MsgRtrApi.properties create mode 100644 install/helm/nrt-base-1/charts/ves-mr/config/collector.properties create mode 100644 install/helm/nrt-base-1/charts/ves-mr/config/logback.xml create mode 100644 install/helm/nrt-base-1/charts/ves-mr/config/ves-dmaap-config.json create mode 100644 install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap1.yaml rename install/helm/{nrt-pm-log/values.yaml => nrt-base-1/charts/ves-mr/templates/app-configmap2.yaml} (85%) create mode 100644 install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap3.yaml create mode 100644 install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap4.yaml create mode 100644 install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-message-router.yaml create mode 100644 install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-ves-collector.yaml create mode 100644 install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-zk-tunnel.yaml create mode 100644 install/helm/nrt-base-1/charts/ves-mr/templates/app-networkpolicy-zk-tunnel.yaml create mode 100644 install/helm/nrt-base-1/charts/ves-mr/templates/app-service-message-router.yaml create mode 100644 install/helm/nrt-base-1/charts/ves-mr/templates/app-service-ves-collector.yaml create mode 100644 install/helm/nrt-base-1/charts/ves-mr/templates/app-service-zk-tunnel.yaml delete mode 100644 install/helm/nrt-pm-log/TODO.txt create mode 100644 install/helm/nrt-pm/charts/dfc/.gitignore create mode 100644 install/helm/nrt-pm/charts/pm-producer-json2kafka/.gitignore create mode 100644 install/scripts/README.md mode change 100644 => 100755 install/scripts/create_ics_job.sh create mode 100755 install/scripts/push-genfiles-to-ves-collector.sh create mode 100644 pm-file-converter/server.crt create mode 100644 pm-file-converter/server.key delete mode 100644 pm-rapp/TODO.txt diff --git a/https-server/Dockerfile b/https-server/Dockerfile index 941acb2..7792de2 100644 --- a/https-server/Dockerfile +++ b/https-server/Dockerfile @@ -15,12 +15,14 @@ # ============LICENSE_END================================================= # -FROM golang:1.19-bullseye AS build +FROM golang:1.20.3-buster AS build + WORKDIR /app -COPY go.mod . -COPY go.sum . -RUN go mod download + COPY main.go . +RUN go mod init main +RUN go mod tidy + RUN go build -o /pm-https-server #Replaced distroless image with ubuntu for debug purposes diff --git a/https-server/README.md b/https-server/README.md index 757eeec..e5e6e93 100644 --- a/https-server/README.md +++ b/https-server/README.md @@ -5,7 +5,7 @@ This server can be used to simulate a RAN node for file download over https. Files can be requested in three ways: -- static file (always the same files returned) +- static file (always the same file returned) - semi-static files (the requested file must exist in the container) - generated files (file contents is generated using a template where the start/stop time as well the node name is based on requested file. Counter values are also generated) @@ -20,7 +20,7 @@ Build for remote kubernetes - an externally accessible image repo (e.g. docker h ### Configuration -The following env vars (all optional) may be set to control the behavior of the server +The following env vars (all optional) may be set to control the behaviour of the server - ALWAYS_RETURN - Name of a file under "/files" in the container that is always returned regardless of requested file on the url `/files/`. The can be used when the file contents is not important. @@ -30,7 +30,7 @@ The following env vars (all optional) may be set to control the behavior of the If generated files shall be used, load the file pm-template.xml.gz to the /template-files dir in the container. -Configure the following for desired behaviou +Configure the following for desired behaviour - static file: ALWAYS_RETURN - semi-static files: none - generated files: GENERATED_FILE_START_TIME and GENERATED_FILE_TIMEZONE diff --git a/https-server/build.sh b/https-server/build.sh index c7aabac..8647a0b 100755 --- a/https-server/build.sh +++ b/https-server/build.sh @@ -18,14 +18,14 @@ # # Build image from Dockerfile with/without custom image tag -# Optionally push to external docker hub repo +# Optionally push to external image repo print_usage() { echo "Usage: build.sh no-push| []" exit 1 } -if [ $# -ne 1 ] && [ $# -ne 2 ]; then +if [ $# -lt 1 ] || [ $# -gt 2 ]; then print_usage fi @@ -39,14 +39,39 @@ else echo "Attempt to push built image to: "$REPO fi -if [ "$2" != "" ]; then - IMAGE_TAG=$2 -fi - echo "Setting image tag to: "$IMAGE_TAG +shift +while [ $# -ne 0 ]; do + if [ $1 == "--tag" ]; then + shift + if [ -z "$1" ]; then + print_usage + fi + IMAGE_TAG=$1 + echo "Setting image tag to: "$IMAGE_TAG + shift + else + echo "Unknown parameter: $1" + print_usage + fi +done + +./gen-cert.sh + +echo "" +echo "Certs generated" IMAGE=$IMAGE_NAME:$IMAGE_TAG -echo "Building image $IMAGE" + +export DOCKER_DEFAULT_PLATFORM=linux/amd64 +CURRENT_PLATFORM=$(docker system info --format '{{.OSType}}/{{.Architecture}}') +if [ $CURRENT_PLATFORM != $DOCKER_DEFAULT_PLATFORM ]; then + echo "Image may not work on the current platform: $CURRENT_PLATFORM, only platform $DOCKER_DEFAULT_PLATFORM supported" +fi + +echo "Building image: $IMAGE with architecture: $DOCKER_DEFAULT_PLATFORM" + docker build -t $IMAGE_NAME:$IMAGE_TAG . + if [ $? -ne 0 ]; then echo "BUILD FAILED" exit 1 diff --git a/https-server/certs/.gitignore b/https-server/certs/.gitignore deleted file mode 100644 index be870b4..0000000 --- a/https-server/certs/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*.crt -*.key diff --git a/https-server/certs/server.crt b/https-server/certs/server.crt new file mode 100644 index 0000000..f80319e --- /dev/null +++ b/https-server/certs/server.crt @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICmDCCAYACCQCzTWEB5G++JDANBgkqhkiG9w0BAQsFADANMQswCQYDVQQGEwJT +RTAgFw0yMzA1MTcxMjQ2MjVaGA8yMDUwMTAwMTEyNDYyNVowDTELMAkGA1UEBhMC +U0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrFmC9idjCLOYkV0Nb +R61ZCEBNuLF+UAsZ7GrS+WaME81CuEDZLeHsqwCOiPKf6XF23XHoXqZ+lFY2+Bv0 +uf+FcR3Y7p3BcQn4Ier65ybvHRc/53RspOLdi4TXttEjhGEJsApFsnOSYEkDv/1x +TU9etwUvjWNdopKQ/fszV6WB1JgLvdSC4US+Do/+V3vUJWW8aJhTfUUtUfyVreJr ++/Rs+lfyMcoBv6d7SsyImO4Lq1Gv4giyKu4D3R9Vvz6CNp2mTKrhgiVbnSKMl1cm +bkewFPuAvbjxxNGXUWipGug3pJgTxWS8/IyfyQ6TXl5fWvDRt5wrXNbc3nrJVoSs +1QPFAgMBAAEwDQYJKoZIhvcNAQELBQADggEBACfMN8UZSGzHNsFbiuDoy0hSZzDk +2ZpJV+BgtH/119lgIRzEEOC749rx68T55B8vKH8go1Pio3sVeDp2bZ7phG9Bcxn9 +hTIN9VJQ9vVnPrnaPzDuQdzY+4FyTMcMXtgHfC7Nu4bYor+rXbqdmv+RrucG9jpg +uZaLdgtyYK+vpEqLauRYc3wWzyDtV6Td/8r4htxf+zslWvrQ1AXEXf5uuozWTTZJ +g23vQ243NIQ9MF430QS40uvBBssACeI3NG8aD/OfhWO7TIKr69y+EfHu7i/hcFO1 +LkRj+CMt70TQMULHGeG7CP8VZJNHJz0kCZWj6R+Z9MOA/dVaIiyAS5LI/uY= +-----END CERTIFICATE----- diff --git a/https-server/certs/server.key b/https-server/certs/server.key new file mode 100644 index 0000000..927d144 --- /dev/null +++ b/https-server/certs/server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDrFmC9idjCLOYk +V0NbR61ZCEBNuLF+UAsZ7GrS+WaME81CuEDZLeHsqwCOiPKf6XF23XHoXqZ+lFY2 ++Bv0uf+FcR3Y7p3BcQn4Ier65ybvHRc/53RspOLdi4TXttEjhGEJsApFsnOSYEkD +v/1xTU9etwUvjWNdopKQ/fszV6WB1JgLvdSC4US+Do/+V3vUJWW8aJhTfUUtUfyV +reJr+/Rs+lfyMcoBv6d7SsyImO4Lq1Gv4giyKu4D3R9Vvz6CNp2mTKrhgiVbnSKM +l1cmbkewFPuAvbjxxNGXUWipGug3pJgTxWS8/IyfyQ6TXl5fWvDRt5wrXNbc3nrJ +VoSs1QPFAgMBAAECggEAFlnnUr4DbNrF+tiNH+WdtqRRMNKJlZ/YnltbALoTpOfR +ETHhgISbQVw0zlh48PlJ/2oohVZScCB8XfeS+N6iS7aohtKRDy5HK19WLwrBKeTT +LBE+gYHfy/6S38uS8NSKQViKcXv4/wbGimO7ngUisbem95FyzBlD5CMxufzwUHqO +WlrDpau38ehrNhXR+4gaU5fC0X7/njOYGjWXNmXAlswAs4TUO8gPwZdufzZyadoS +AVJ9ZGsqn4VlxdIwyY0CiICtdKDmKX7YG3hYKay9LisSm95+Go0rzvPpa4SMWvV9 +tWzzWtdh+MsNbeI0OknXILQk3ifaFzhh/KZRBwOq4QKBgQD9By9qTe0aEyVi0oVH +6Jy265c/aglQfkU9aIV5WTzF+JsLXYvoOBKT8Bk9GdxEaM9jL+h6BqZqcVqujqxx +Ntcxks2tBh4glcbnPScOzur+fIYLXcjirZJNx3yft9DfKZjS5lNbKTswHuosGCPK +LPnuhnz7I5I8aDkFhADeuTOV2QKBgQDt2T99n0Q3QURBu+eQbcUAVzPvJhoOrqvb +Kc0vRGt9+O3NXEH5Q2YEufDECS1qOtp1XZECCkcMmnAlS7Juz03/rFK+smobmYwM +deqmA76o2dGLujoQ7w7hJtHFOizUR/DfjrUY1AXbh9qk0MhbudVDGn28/zdYTlXz +RuIhevoNzQKBgQCzXvOa/ZEWyfnX23uGZX0rI0n+N3JQ8KKvDLiKNNujUEDBRtiW +j6GD5FJQAVQn3tEd9Gluj+ZLUP5C/nt6arEUwIgzn0GeQe9WIADfO4pVS/tOdXai +Uv+DSear5wgYG4nuAD+ZQVpnG5NQHPDKMyYelJJnCmlxj0TVByYCvfG2yQKBgQCz +UQNl8Sobwk/0gvbM04UfgZ784Kvqf9O/Ep/Hz/x+Z6rZFYIDq8WBMLINCaI8oYxL +ybPmZtsz7Ec6RvyKQC5c4I0tihMnJbcJOekjKlWWtUke39KhK6n7IyopWHetv2Mh +GFT+F/MmlCDJ+0HirZLT2WgMkhkmsUBpffpEJZPZzQKBgQDQKT183favwULOkQaP +AGItpQVt3aYyuZYi5veIDlzk3tatAIzya/G6Bqfnpy9CO6yPKdp1pkJxM1xb374T +z6Mz4A4NPOD2Ofd0WAmiIkP0H1+zfjjtmdBO/9PpASLByNxt2MUdjWvaGk2w7U42 +Eb1duJr2Yud1NfUvKI7dZudF1A== +-----END PRIVATE KEY----- diff --git a/https-server/gen-cert.sh b/https-server/gen-cert.sh index 4678361..f44d798 100755 --- a/https-server/gen-cert.sh +++ b/https-server/gen-cert.sh @@ -17,7 +17,7 @@ # ============LICENSE_END================================================= # -#Generate basic cert and key for web server +#Generate basic cert and key for https server cat <<__EOF__ | openssl req -new -newkey rsa:2048 -sha256 -nodes -x509 -keyout certs/server.key -out certs/server.crt -days 9999 SE diff --git a/install/README.md b/install/README.md new file mode 100644 index 0000000..3d616a8 --- /dev/null +++ b/install/README.md @@ -0,0 +1,112 @@ + + +## Prerequisites + +The ranpm setup works on linux/MacOS or on windows via WSL using a local or remote kubernetes cluster. + +- local kubectl +- kubernetes cluster +- local docker for building images + +It is recommended to run the ranpm on a kubernetes cluster instead of local docker-desktop etc as the setup requires a fair amount of computer resouces. + +# Requirement on kubernetes + +The demo set can be run on local or remote kubernetes. +Kubectl must be configured to point to the applicable kubernetes instance. +Nodeports exposed by the kubernetes instance must be accessible by the local machine - basically the kubernetes control plane IP needs to be accessible from the local machine. + +- Latest version of istio install + +# Other requirements +- helm3 +- bash +- cmd 'envsubst' must be installed (check by cmd: 'type envsubst' ) +- cmd 'jq' must be installed (check by cmd: 'type jq' ) + +## Before installation +The following images need to be built manually. If remote or multi node cluster is used, then an image repo needs to be available to push the built images to. +If external repo is used, use the same repo for all built images and configure the reponame in `helm/global-values.yaml` (the parameter value of extimagerepo shall have a trailing `/`) + +Build the following images (build instruction in each dir) +- ranpm/https-server +- ranpm/pm-file-converter +- pm-rapp + + +## Installation + +The installation is made by a few scripts. +The main part of the ranpm is installed by a single script. Then, additional parts can be added on top. All installations in kubernetes is made by helm charts. + +The following scripts are provided for installing (install-nrt.sh mush be installed first): + +- install-nrt.sh : Installs the main parts of the ranpm setup +- install-pm-log.sh : Installs the producer for influx db +- install-pm-influx-job.sh : Sets up an alternative job to produce data stored in influx db. +- install-pm-rapp.sh : Installs a rapp that subscribe and print out received data + +## Unstallation + +There is a corresponding uninstall script for each install script. However, it is enough to just run `uninstall-nrt.sh` and `uninstall-pm-rapp.sh´. + +## Exposed ports to APIs +All exposed APIs on individual port numbers (nodeporta) on the address of the kubernetes control plane. + +### Keycloak API +Keycloak API accessed via proxy (proxy is needed to make keycloak issue token with the internal address of keycloak). +- nodeport: 31784 + +### OPA rules bundle server +Server for posting updated OPA rules. +- nodeport: 32201 + +### Information coordinator Service +Direct access to ICS API. +-nodeports (http and https): 31823, 31824 + +### Ves-Collector +Direct access to the Ves-Collector +- nodeports (http and https): 31760, 31761 + +## Exposed ports to admin tools +As part of the ranpm installation, a number of admin tools are installed. +The tools are accessed via a browser on individual port numbers (nodeports) on the address of the kubernetes control plane. + +### Keycload admin console +Admin tool for keycloak. +- nodeport : 31788 +- user: admin +- password: admin + +### Redpanda consule +With this tool the topics, consumer etc can be viewed. +- nodeport: 31767 + +### Minio web +Browser for minio filestore. +- nodeport: 31768 +- user: admin +- password: adminadmin + +### Influx db +Browser for influx db. +- nodeport: 31812 +- user: admin +- password: mySuP3rS3cr3tT0keN + + +## License + +Copyright (C) 2023 Nordix Foundation. All rights reserved. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/install/TODO.txt b/install/TODO.txt deleted file mode 100644 index e13b220..0000000 --- a/install/TODO.txt +++ /dev/null @@ -1,16 +0,0 @@ -app versions in Chart.yaml - -Add parameters to config in values.yaml - -Handle password in secured secrets - -staging/release images (configurable?) and image pull policy - -use other minio user than admin for producers etc - -############################### - -mc alias set minio http://minio.nonrtric:9000 admin adminadmin - -mc admin user add minio testa testatesta - diff --git a/install/helm/nrt-pm/charts/dfc/values.yaml b/install/helm/global-values.yaml similarity index 92% rename from install/helm/nrt-pm/charts/dfc/values.yaml rename to install/helm/global-values.yaml index 76e92db..fb58a79 100644 --- a/install/helm/nrt-pm/charts/dfc/values.yaml +++ b/install/helm/global-values.yaml @@ -15,5 +15,6 @@ # ============LICENSE_END================================================= # -dfc: - clientsecret: Akzki8aSLHL0GVNIx0k1wDrzbB56CVh1 \ No newline at end of file +global: + extimagerepo: bjornmagnussonest/ + numhttpsservers: 10 diff --git a/install/helm/nrt-base-0/charts/kafka-client/Chart.yaml b/install/helm/nrt-base-0/charts/kafka-client/Chart.yaml index 92b20aa..d69a836 100644 --- a/install/helm/nrt-base-0/charts/kafka-client/Chart.yaml +++ b/install/helm/nrt-base-0/charts/kafka-client/Chart.yaml @@ -16,7 +16,7 @@ # apiVersion: v2 -name: client +name: kafka-client description: Kafka client helm chart # A chart can be either an 'application' or a 'library' chart. diff --git a/install/helm/nrt-base-0/charts/kafka-client/templates/app-pod.yaml b/install/helm/nrt-base-0/charts/kafka-client/templates/app-pod.yaml index d44896a..8ef8b8f 100644 --- a/install/helm/nrt-base-0/charts/kafka-client/templates/app-pod.yaml +++ b/install/helm/nrt-base-0/charts/kafka-client/templates/app-pod.yaml @@ -20,14 +20,14 @@ apiVersion: v1 kind: Pod metadata: - name: client + name: kafka-client namespace: nonrtric labels: - app: client + app: kafka-client spec: restartPolicy: Always containers: - - name: client + - name: kafka-client image: confluentinc/cp-kafka:7.2.2 command: ['sh', '-c', 'while [ true ];do sleep 60;done'] imagePullPolicy: IfNotPresent diff --git a/install/helm/nrt-base-1/charts/minio/templates/app-statefulset.yaml b/install/helm/nrt-base-1/charts/minio/templates/app-statefulset.yaml index 5154bad..cba60c2 100644 --- a/install/helm/nrt-base-1/charts/minio/templates/app-statefulset.yaml +++ b/install/helm/nrt-base-1/charts/minio/templates/app-statefulset.yaml @@ -44,7 +44,9 @@ spec: name: data-vol containers: - name: minio - image: minio/minio:RELEASE.2023-02-27T18-10-45Z + # Note, in later releases only SSO seem to be possible + # so earlier release kept to be able to login with user/pwd + image: minio/minio:RELEASE.2022-10-21T22-37-48Z imagePullPolicy: IfNotPresent ports: - name: tcpmain diff --git a/install/helm/nrt-base-1/charts/minio/values.yaml b/install/helm/nrt-base-1/charts/minio/values.yaml index 9ce6e2a..59413ce 100644 --- a/install/helm/nrt-base-1/charts/minio/values.yaml +++ b/install/helm/nrt-base-1/charts/minio/values.yaml @@ -17,4 +17,4 @@ minio: opa: - decisionlogs: false \ No newline at end of file + decisionlogs: true \ No newline at end of file diff --git a/install/helm/nrt-base-1/charts/ves-mr/Chart.yaml b/install/helm/nrt-base-1/charts/ves-mr/Chart.yaml new file mode 100644 index 0000000..f180baa --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/Chart.yaml @@ -0,0 +1,41 @@ +# ============LICENSE_START=============================================== +# Copyright (C) 2023 Nordix Foundation. All rights reserved. +# ======================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END================================================= +# + +apiVersion: v2 +name: ves-mr +description: Ves-collector and message-router + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "0.1.0" diff --git a/install/helm/nrt-base-1/charts/ves-mr/config/MsgRtrApi.properties b/install/helm/nrt-base-1/charts/ves-mr/config/MsgRtrApi.properties new file mode 100644 index 0000000..b72f499 --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/config/MsgRtrApi.properties @@ -0,0 +1,135 @@ +{{/* +# LICENSE_START======================================================= +# org.onap.dmaap +# ================================================================================ +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2021-2022 Nordix Foundation +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +# +# ECOMP is a trademark and service mark of AT&T Intellectual Property. +# +############################################################################### +############################################################################### +*/}} +## +## Kafka Connection +## +## Items below are passed through to Kafka's producer and consumer +## configurations (after removing "kafka.") +## if you want to change request.required.acks it can take this one value +#kafka.request.required.acks=-1 +kafka.metadata.broker.list=kafka-1-kafka-bootstrap.nonrtric:9092 +config.zk.servers=zoo-entrance.nonrtric:2181 +consumer.timeout.ms=100 +zookeeper.connection.timeout.ms=6000 +zookeeper.session.timeout.ms=20000 +zookeeper.sync.time.ms=2000 +auto.commit.interval.ms=1000 +fetch.message.max.bytes =1000000 +auto.commit.enable=false + +#(backoff*retries > zksessiontimeout) +kafka.rebalance.backoff.ms=10000 +kafka.rebalance.max.retries=6 + + +############################################################################### +## +## Secured Config +## +## Some data stored in the config system is sensitive -- API keys and secrets, +## for example. to protect it, we use an encryption layer for this section +## of the config. +## +## The key is a base64 encode AES key. This must be created/configured for +## each installation. +#cambria.secureConfig.key= +## +## The initialization vector is a 16 byte value specific to the secured store. +## This must be created/configured for each installation. +#cambria.secureConfig.iv= + +## Southfield Sandbox +cambria.secureConfig.key=b/7ouTn9FfEw2PQwL0ov/Q== +cambria.secureConfig.iv=wR9xP5k5vbz/xD0LmtqQLw== +authentication.adminSecret=fe3cCompound +#cambria.secureConfig.key[pc569h]=YT3XPyxEmKCTLI2NK+Sjbw== +#cambria.secureConfig.iv[pc569h]=rMm2jhR3yVnU+u2V9Ugu3Q== + + +############################################################################### +## +## Consumer Caching +## +## Kafka expects live connections from the consumer to the broker, which +## obviously doesn't work over connectionless HTTP requests. The Cambria +## server proxies HTTP requests into Kafka consumer sessions that are kept +## around for later re-use. Not doing so is costly for setup per request, +## which would substantially impact a high volume consumer's performance. +## +## This complicates Cambria server failover, because we often need server +## A to close its connection before server B brings up the replacement. +## + +## The consumer cache is normally enabled. +#cambria.consumer.cache.enabled=true + +## Cached consumers are cleaned up after a period of disuse. The server inspects +## consumers every sweepFreqSeconds and will clean up any connections that are +## dormant for touchFreqMs. +#cambria.consumer.cache.sweepFreqSeconds=15 +cambria.consumer.cache.touchFreqMs=120000 +##stickforallconsumerrequests=false +## The cache is managed through ZK. The default value for the ZK connection +## string is the same as config.zk.servers. +#cambria.consumer.cache.zkConnect=${config.zk.servers} + +## +## Shared cache information is associated with this node's name. The default +## name is the hostname plus the HTTP service port this host runs on. (The +## hostname is determined via InetAddress.getLocalHost ().getCanonicalHostName(), +## which is not always adequate.) You can set this value explicitly here. +## +#cambria.api.node.identifier= + +#cambria.rateLimit.maxEmptyPollsPerMinute=30 +#cambria.rateLimitActual.delay.ms=10 + +############################################################################### +## +## Metrics Reporting +## +## This server can report its metrics periodically on a topic. +## +#metrics.send.cambria.enabled=true +#metrics.send.cambria.topic=cambria.apinode.metrics #msgrtr.apinode.metrics.dmaap +#metrics.send.cambria.sendEverySeconds=60 + +cambria.consumer.cache.zkBasePath=/fe3c/cambria/consumerCache +consumer.timeout=17 +default.partitions=3 +default.replicas=3 +############################################################################## +#100mb +maxcontentlength=10000 + +############################################################################## +##AAF Properties +forceAAF=false +useCustomAcls=false + +kafka.max.poll.interval.ms=300000 +kafka.heartbeat.interval.ms=60000 +kafka.session.timeout.ms=240000 +kafka.max.poll.records=1000 diff --git a/install/helm/nrt-base-1/charts/ves-mr/config/collector.properties b/install/helm/nrt-base-1/charts/ves-mr/config/collector.properties new file mode 100644 index 0000000..3cd0a1d --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/config/collector.properties @@ -0,0 +1,77 @@ +############################################################################### +## +## Collector Server config +## +## - Default values are shown as commented settings. +## +############################################################################### +## +## HTTP(S) service +## +## Normally: +## +## - 8080 is http service +## - https is disabled by default +## +## - At this time, the server always binds to 0.0.0.0 +## +## +collector.service.port=8080 + +## Authentication is only supported via secure port +## When enabled - require valid keystore defined +collector.service.secure.port=8443 + +# auth.method flags: +# +# noAuth - default option - no security (http) +# certBasicAuth - auth by certificate and basic auth username / password (https) +#auth.method=certBasicAuth +auth.method=noAuth + +## Combination of userid,hashPassword encoded pwd list to be supported +## userid and pwd comma separated; pipe delimitation between each pair +## Password is generated by crypt-password library using BCrypt algorithm stored in dcaegen2/sdk package +## or https://nexus.onap.org/#nexus-search;quick~crypt-password +header.authlist=sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6 + +## The keystore must be setup per installation when secure port is configured +collector.keystore.file.location=etc/keystore +collector.keystore.passwordfile=etc/passwordfile + +collector.cert.subject.matcher=etc/certSubjectMatcher.properties + +## The truststore must be setup per installation when mutual tls support is configured +collector.truststore.file.location=etc/truststore +collector.truststore.passwordfile=etc/trustpasswordfile + +## Schema Validation checkflag +## default no validation checkflag (-1) +## If enabled (1) - schemafile location must be specified +collector.schema.checkflag=1 +collector.schema.file={\"v1\":\"./etc/CommonEventFormat_27.2.json\",\"v2\":\"./etc/CommonEventFormat_27.2.json\",\"v3\":\"./etc/CommonEventFormat_27.2.json\",\"v4\":\"./etc/CommonEventFormat_27.2.json\",\"v5\":\"./etc/CommonEventFormat_28.4.1.json\",\"v7\":\"./etc/CommonEventFormat_30.2.1_ONAP.json\"} + +## Schema StndDefinedFields Validation checkflag +## default no validation checkflag (-1) +## If enabled (1) - schema files locations must be specified, mapping file path must be specified, schema reference path +## in event json must be specified, path to stndDefined data field in event json must be specified +collector.externalSchema.checkflag=1 +collector.externalSchema.schemasLocation=./etc/externalRepo/ +collector.externalSchema.mappingFileLocation=./etc/externalRepo/schema-map.json +event.externalSchema.schemaRefPath=$.event.stndDefinedFields.schemaReference +event.externalSchema.stndDefinedDataPath=$.event.stndDefinedFields.data + +## List all streamid per domain to be supported. The streamid should match to channel name on dmaapfile +collector.dmaap.streamid=fault=ves-fault|syslog=ves-syslog|heartbeat=ves-heartbeat|measurementsForVfScaling=ves-measurement|mobileFlow=ves-mobileflow|other=ves-other|stateChange=ves-statechange|thresholdCrossingAlert=ves-thresholdCrossingAlert|voiceQuality=ves-voicequality|sipSignaling=ves-sipsignaling|notification=ves-measurement|pnfRegistration=ves-pnfRegistration|3GPP-FaultSupervision=ves-3gpp-fault-supervision|3GPP-Heartbeat=ves-3gpp-heartbeat|3GPP-Provisioning=ves-3gpp-provisioning|3GPP-PerformanceAssurance=ves-3gpp-performance-assurance|o-ran-sc-du-hello-world-pm-streaming-oas3=ves-o-ran-sc-du-hello-world-pm-streaming-oas3 +collector.dmaapfile=etc/ves-dmaap-config.json + +## Path to the file containing description of api versions +collector.description.api.version.location=etc/api_version_description.json + +## Event transformation Flag - when set expects configurable transformation +## defined under ./etc/eventTransform.json +## Enabled by default; to disable set to 0 +event.transform.flag=1 + +# Describes at what frequency (measured in minutes) should application try to fetch config from CBS +collector.dynamic.config.update.frequency=5 diff --git a/install/helm/nrt-base-1/charts/ves-mr/config/logback.xml b/install/helm/nrt-base-1/charts/ves-mr/config/logback.xml new file mode 100644 index 0000000..949a893 --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/config/logback.xml @@ -0,0 +1,204 @@ + + + + ${module.ajsc.namespace.name} + + + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n + + + + + + + INFO + ACCEPT + DENY + + + + + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + ERROR + ACCEPT + DENY + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + + + + "%d [%thread] %-5level %logger{1024} - %msg%n" + + + + 1000 + 0 + + + + + + + + + + + 1000 + 0 + + + + + + + + + + + + + + + + diff --git a/install/helm/nrt-base-1/charts/ves-mr/config/ves-dmaap-config.json b/install/helm/nrt-base-1/charts/ves-mr/config/ves-dmaap-config.json new file mode 100644 index 0000000..85e45c0 --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/config/ves-dmaap-config.json @@ -0,0 +1,10 @@ +{ + + "ves-measurement": { + "type": "message_router", + "dmaap_info": { + "location": "mtl5", + "topic_url": "http://message-router.nonrtric:3904/events/file-ready/", + } + } +} \ No newline at end of file diff --git a/install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap1.yaml b/install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap1.yaml new file mode 100644 index 0000000..725c1f1 --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap1.yaml @@ -0,0 +1,25 @@ +# ============LICENSE_START=============================================== +# Copyright (C) 2023 Nordix Foundation. All rights reserved. +# ======================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END================================================= +# + +apiVersion: v1 +kind: ConfigMap +metadata: + name: msgrtrapi + namespace: nonrtric + +data: +{{ (.Files.Glob "config/MsgRtrApi.properties").AsConfig | nindent 2 }} diff --git a/install/helm/nrt-pm-log/values.yaml b/install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap2.yaml similarity index 85% rename from install/helm/nrt-pm-log/values.yaml rename to install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap2.yaml index 1ba2973..4f22b4e 100644 --- a/install/helm/nrt-pm-log/values.yaml +++ b/install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap2.yaml @@ -15,5 +15,11 @@ # ============LICENSE_END================================================= # -nrtpmlog: - clientsecret: fwbKl26FccceE4godFW8Hkdi5Wi4Lhke \ No newline at end of file +apiVersion: v1 +kind: ConfigMap +metadata: + name: logback + namespace: nonrtric + +data: +{{ (.Files.Glob "config/logback.xml").AsConfig | nindent 2 }} diff --git a/install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap3.yaml b/install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap3.yaml new file mode 100644 index 0000000..ddca7fd --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap3.yaml @@ -0,0 +1,25 @@ +# ============LICENSE_START=============================================== +# Copyright (C) 2023 Nordix Foundation. All rights reserved. +# ======================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END================================================= +# + +apiVersion: v1 +kind: ConfigMap +metadata: + name: ves-collector-collector.properties + namespace: nonrtric + +data: +{{ (.Files.Glob "config/collector.properties").AsConfig | nindent 2 }} diff --git a/install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap4.yaml b/install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap4.yaml new file mode 100644 index 0000000..92386a8 --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/templates/app-configmap4.yaml @@ -0,0 +1,25 @@ +# ============LICENSE_START=============================================== +# Copyright (C) 2023 Nordix Foundation. All rights reserved. +# ======================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END================================================= +# + +apiVersion: v1 +kind: ConfigMap +metadata: + name: ves-collector-ves-dmaap-config.json + namespace: nonrtric + +data: +{{ (.Files.Glob "config/ves-dmaap-config.json").AsConfig | nindent 2 }} diff --git a/install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-message-router.yaml b/install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-message-router.yaml new file mode 100644 index 0000000..662614c --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-message-router.yaml @@ -0,0 +1,56 @@ + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: message-router + namespace: nonrtric + labels: + app: message-router + +spec: + selector: + matchLabels: + app: message-router + serviceName: message-router + replicas: 1 + template: + metadata: + labels: + app.kubernetes.io/name: message-router + app: message-router + name: message-router + spec: + containers: + - name: message-router + image: nexus3.onap.org:10002/onap/dmaap/dmaap-mr:1.4.4 + imagePullPolicy: Always + ports: + - containerPort: 3904 + name: api + + env: + # - name: JAASLOGIN + # valueFrom: + # secretKeyRef: + # name: strimzi-kafka-admin + # key: sasl.jaas.config + # - name: SASLMECH + # value: scram-sha-512 + - name: enableCadi + value: "false" + - name: useZkTopicStore + value: "false" + volumeMounts: + - mountPath: /appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties + subPath: MsgRtrApi.properties + name: msgrtrapi + - mountPath: /appl/dmaapMR1/bundleconfig/etc/logback.xml + subPath: logback.xml + name: logback + volumes: + - name: msgrtrapi + configMap: + name: msgrtrapi + - name: logback + configMap: + name: logback diff --git a/install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-ves-collector.yaml b/install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-ves-collector.yaml new file mode 100644 index 0000000..f04c4b4 --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-ves-collector.yaml @@ -0,0 +1,43 @@ + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ves-collector + namespace: nonrtric + labels: + run: ves-collector +spec: + selector: + matchLabels: + run: ves-collector + template: + metadata: + labels: + run: ves-collector + spec: + volumes: + - name: conf-vol1 + configMap: + name: ves-collector-collector.properties + - name: conf-vol2 + configMap: + name: ves-collector-ves-dmaap-config.json + containers: + - name: ves-collector + image: nexus3.onap.org:10002/onap/org.onap.dcaegen2.collectors.ves.vescollector:1.12.3 + imagePullPolicy: IfNotPresent + env: + - name: DMAAPHOST + value: message-router.nonrtric + ports: + - name: http + containerPort: 8080 + - name: https + containerPort: 8443 + volumeMounts: + - name: conf-vol1 + mountPath: /opt/app/VESCollector/etc/collector.properties + subPath: collector.properties + - name: conf-vol2 + mountPath: /opt/app/VESCollector/etc/ves-dmaap-config.json + subPath: ves-dmaap-config.json diff --git a/install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-zk-tunnel.yaml b/install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-zk-tunnel.yaml new file mode 100644 index 0000000..7d3c9e4 --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/templates/app-deployment-zk-tunnel.yaml @@ -0,0 +1,70 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: zoo-entrance + namespace: nonrtric + labels: + app: zoo-entrance +spec: + replicas: 1 + selector: + matchLabels: + app: zoo-entrance + strategy: + type: Recreate + template: + metadata: + labels: + app: zoo-entrance + spec: + containers: + - name: zoo-entrance + image: 'ghcr.io/scholzj/zoo-entrance:latest' + command: + - /opt/stunnel/stunnel_run.sh + ports: + - containerPort: 2181 + name: zoo + protocol: TCP + env: + - name: LOG_LEVEL + value: notice + - name: STRIMZI_ZOOKEEPER_CONNECT + value: 'kafka-1-zookeeper-client:2181' + imagePullPolicy: Always + livenessProbe: + exec: + command: + - /opt/stunnel/stunnel_healthcheck.sh + - '2181' + failureThreshold: 3 + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + readinessProbe: + exec: + command: + - /opt/stunnel/stunnel_healthcheck.sh + - '2181' + failureThreshold: 3 + initialDelaySeconds: 15 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + volumeMounts: + - mountPath: /etc/cluster-operator-certs/ + name: cluster-operator-certs + - mountPath: /etc/cluster-ca-certs/ + name: cluster-ca-certs + restartPolicy: Always + terminationGracePeriodSeconds: 30 + volumes: + - name: cluster-operator-certs + secret: + defaultMode: 288 + secretName: kafka-1-cluster-operator-certs + - name: cluster-ca-certs + secret: + defaultMode: 288 + secretName: kafka-1-cluster-ca-cert diff --git a/install/helm/nrt-base-1/charts/ves-mr/templates/app-networkpolicy-zk-tunnel.yaml b/install/helm/nrt-base-1/charts/ves-mr/templates/app-networkpolicy-zk-tunnel.yaml new file mode 100644 index 0000000..d5ecf51 --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/templates/app-networkpolicy-zk-tunnel.yaml @@ -0,0 +1,21 @@ + +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + app: zoo-entrance + name: zoo-entrance +spec: + ingress: + - from: + - podSelector: + matchLabels: + app: zoo-entrance + ports: + - port: 2181 + protocol: TCP + podSelector: + matchLabels: + strimzi.io/name: kafka-1-zookeeper + policyTypes: + - Ingress \ No newline at end of file diff --git a/install/helm/nrt-base-1/charts/ves-mr/templates/app-service-message-router.yaml b/install/helm/nrt-base-1/charts/ves-mr/templates/app-service-message-router.yaml new file mode 100644 index 0000000..e07ea1b --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/templates/app-service-message-router.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: message-router + namespace: nonrtric + labels: + app: message-router +spec: + ports: + - port: 3904 + targetPort: 3904 + protocol: TCP + name: http + type: ClusterIP + selector: + app: message-router diff --git a/install/helm/nrt-base-1/charts/ves-mr/templates/app-service-ves-collector.yaml b/install/helm/nrt-base-1/charts/ves-mr/templates/app-service-ves-collector.yaml new file mode 100644 index 0000000..856532f --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/templates/app-service-ves-collector.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: ves-collector + namespace: nonrtric + labels: + run: ves-collector +spec: + type: NodePort + ports: + - port: 8080 + targetPort: 8080 + name: http + nodePort: 31760 + - port: 8443 + name: https + nodePort: 31761 + selector: + run: ves-collector diff --git a/install/helm/nrt-base-1/charts/ves-mr/templates/app-service-zk-tunnel.yaml b/install/helm/nrt-base-1/charts/ves-mr/templates/app-service-zk-tunnel.yaml new file mode 100644 index 0000000..36cbe4c --- /dev/null +++ b/install/helm/nrt-base-1/charts/ves-mr/templates/app-service-zk-tunnel.yaml @@ -0,0 +1,17 @@ + +apiVersion: v1 +kind: Service +metadata: + labels: + app: zoo-entrance + name: zoo-entrance + namespace: nonrtric +spec: + ports: + - name: zoo + port: 2181 + protocol: TCP + targetPort: 2181 + selector: + app: zoo-entrance + type: ClusterIP diff --git a/install/helm/nrt-pm-log/.gitignore b/install/helm/nrt-pm-log/.gitignore index d39c18f..1103684 100644 --- a/install/helm/nrt-pm-log/.gitignore +++ b/install/helm/nrt-pm-log/.gitignore @@ -1 +1,2 @@ REM_* +values.yaml diff --git a/install/helm/nrt-pm-log/TODO.txt b/install/helm/nrt-pm-log/TODO.txt deleted file mode 100644 index f1f4ce1..0000000 --- a/install/helm/nrt-pm-log/TODO.txt +++ /dev/null @@ -1 +0,0 @@ -fix unique kafka clientids \ No newline at end of file diff --git a/install/helm/nrt-pm-log/config/jobDefinition.json b/install/helm/nrt-pm-log/config/jobDefinition.json index d6cf981..829da65 100644 --- a/install/helm/nrt-pm-log/config/jobDefinition.json +++ b/install/helm/nrt-pm-log/config/jobDefinition.json @@ -1,14 +1,23 @@ { - "info_type_id": "PmData", - "job_owner": "console", - "job_result_uri": "", - "job_definition": { - "filter": { - - }, - "deliveryInfo": { - "topic": "pmreports", - "bootStrapServers": "kafka-1-kafka-bootstrap.nonrtric:9097" - } - } - } \ No newline at end of file + "info_type_id": "PmData", + "job_owner": "console", + "job_definition": { + "filter": { + "sourceNames": [], + "measObjInstIds": [], + "measTypeSpecs": [ + { + "measuredObjClass": "NRCellDU", + "measTypes": [ + "pmCounterNumber101" + ] + } + ], + "measuredEntityDns": [] + }, + "deliveryInfo": { + "topic": "pmreports", + "bootStrapServers": "kafka-1-kafka-bootstrap.nonrtric:9097" + } + } +} \ No newline at end of file diff --git a/install/helm/nrt-pm-log/templates/app-statefulset.yaml b/install/helm/nrt-pm-log/templates/app-statefulset.yaml index f69b8f4..cdfa8db 100644 --- a/install/helm/nrt-pm-log/templates/app-statefulset.yaml +++ b/install/helm/nrt-pm-log/templates/app-statefulset.yaml @@ -45,10 +45,9 @@ spec: emptyDir: {} containers: - name: pmlog - image: nexus3.o-ran-sc.org:10004/o-ran-sc/nonrtric-plt-pmlog:1.0.0 - #image: o-ran-sc/nonrtric-plt-pmlog:1.0.0-SNAPSHOT +# image: nexus3.o-ran-sc.org:10004/o-ran-sc/nonrtric-plt-pmlog:1.0.0 + image: nexus3.o-ran-sc.org:10003/o-ran-sc/nonrtric-plt-pmlog:1.0.0-SNAPSHOT imagePullPolicy: Always - #imagePullPolicy: Never ports: - name: http containerPort: 8084 @@ -64,7 +63,7 @@ spec: - mountPath: /token-cache name: token-cache-volume env: - - name: APP_INFLUX_ACCESS-TOKEN + - name: APP_INFLUX_ACCESSTOKEN valueFrom: secretKeyRef: name: influxdb-api-token diff --git a/install/helm/nrt-pm-rapp/templates/app-pod.yaml b/install/helm/nrt-pm-rapp/templates/app-pod.yaml index f16a119..5df4d71 100644 --- a/install/helm/nrt-pm-rapp/templates/app-pod.yaml +++ b/install/helm/nrt-pm-rapp/templates/app-pod.yaml @@ -25,8 +25,12 @@ metadata: spec: containers: - name: pm-rapp - image: pm-rapp:latest + image: {{ .Values.global.extimagerepo }}pm-rapp:latest + {{- if .Values.global.extimagerepo }} + imagePullPolicy: Always + {{- else }} imagePullPolicy: Never + {{- end }} ports: - name: http containerPort: 80 diff --git a/install/helm/nrt-pm/charts/dfc/.gitignore b/install/helm/nrt-pm/charts/dfc/.gitignore new file mode 100644 index 0000000..7f47975 --- /dev/null +++ b/install/helm/nrt-pm/charts/dfc/.gitignore @@ -0,0 +1 @@ +values.yaml diff --git a/install/helm/nrt-pm/charts/dfc/templates/app-statefulset.yaml b/install/helm/nrt-pm/charts/dfc/templates/app-statefulset.yaml index d7c1d4f..ed095ac 100644 --- a/install/helm/nrt-pm/charts/dfc/templates/app-statefulset.yaml +++ b/install/helm/nrt-pm/charts/dfc/templates/app-statefulset.yaml @@ -46,10 +46,9 @@ spec: - name: dfc securityContext: runAsUser: 0 # Need to run as root - needed when writing to hostpath - image: nexus3.o-ran-sc.org:10004/o-ran-sc/nonrtric-plt-ranpm-datafilecollector:1.0.0 - #image: o-ran-sc/nonrtric-plt-ranpm-datafilecollector:1.0.0-SNAPSHOT +# image: nexus3.o-ran-sc.org:10004/o-ran-sc/nonrtric-plt-ranpm-datafilecollector:1.0.0 + image: nexus3.o-ran-sc.org:10003/o-ran-sc/nonrtric-plt-ranpm-datafilecollector:1.0.0-SNAPSHOT imagePullPolicy: Always - #imagePullPolicy: Never ports: - name: http containerPort: 8100 diff --git a/install/helm/nrt-pm/charts/ics/templates/app-deployment.yaml b/install/helm/nrt-pm/charts/ics/templates/app-deployment.yaml index 74029ec..b737e67 100644 --- a/install/helm/nrt-pm/charts/ics/templates/app-deployment.yaml +++ b/install/helm/nrt-pm/charts/ics/templates/app-deployment.yaml @@ -34,7 +34,8 @@ spec: spec: containers: - name: informationservice - image: nexus3.o-ran-sc.org:10004/o-ran-sc/nonrtric-plt-informationcoordinatorservice:1.5.0 +# image: nexus3.o-ran-sc.org:10004/o-ran-sc/nonrtric-plt-informationcoordinatorservice:1.5.0 + image: nexus3.o-ran-sc.org:10003/o-ran-sc/nonrtric-plt-informationcoordinatorservice:1.5.0-SNAPSHOT imagePullPolicy: Always ports: - name: http diff --git a/install/helm/nrt-pm/charts/kafka-producer-pm-json2influx/templates/app-statefulset.yaml b/install/helm/nrt-pm/charts/kafka-producer-pm-json2influx/templates/app-statefulset.yaml index b8055a8..b28e025 100644 --- a/install/helm/nrt-pm/charts/kafka-producer-pm-json2influx/templates/app-statefulset.yaml +++ b/install/helm/nrt-pm/charts/kafka-producer-pm-json2influx/templates/app-statefulset.yaml @@ -38,8 +38,12 @@ spec: spec: containers: - name: kafka-producer-pm-json2influx - image: kafka-pm-producer:latest + image: {{ .Values.global.extimagerepo }}pm-file-converter:latest + {{- if .Values.global.extimagerepo }} + imagePullPolicy: Always + {{- else }} imagePullPolicy: Never + {{- end }} ports: - name: http containerPort: 80 diff --git a/install/helm/nrt-pm/charts/kafka-producer-pm-json2kafka/templates/app-statefulset.yaml b/install/helm/nrt-pm/charts/kafka-producer-pm-json2kafka/templates/app-statefulset.yaml index f998904..ef7e60a 100644 --- a/install/helm/nrt-pm/charts/kafka-producer-pm-json2kafka/templates/app-statefulset.yaml +++ b/install/helm/nrt-pm/charts/kafka-producer-pm-json2kafka/templates/app-statefulset.yaml @@ -38,8 +38,12 @@ spec: spec: containers: - name: kafka-producer-pm-json2kafka - image: kafka-pm-producer:latest + image: {{ .Values.global.extimagerepo }}pm-file-converter:latest + {{- if .Values.global.extimagerepo }} + imagePullPolicy: Always + {{- else }} imagePullPolicy: Never + {{- end }} ports: - name: http containerPort: 80 diff --git a/install/helm/nrt-pm/charts/kafka-producer-pm-xml2json/templates/app-statefulset.yaml b/install/helm/nrt-pm/charts/kafka-producer-pm-xml2json/templates/app-statefulset.yaml index 528582f..06f289e 100644 --- a/install/helm/nrt-pm/charts/kafka-producer-pm-xml2json/templates/app-statefulset.yaml +++ b/install/helm/nrt-pm/charts/kafka-producer-pm-xml2json/templates/app-statefulset.yaml @@ -38,8 +38,12 @@ spec: spec: containers: - name: kafka-producer-pm-xml2json - image: kafka-pm-producer:latest + image: {{ .Values.global.extimagerepo }}pm-file-converter:latest + {{- if .Values.global.extimagerepo }} + imagePullPolicy: Always + {{- else }} imagePullPolicy: Never + {{- end }} ports: - name: http containerPort: 80 diff --git a/install/helm/nrt-pm/charts/pm-producer-json2kafka/.gitignore b/install/helm/nrt-pm/charts/pm-producer-json2kafka/.gitignore new file mode 100644 index 0000000..7f47975 --- /dev/null +++ b/install/helm/nrt-pm/charts/pm-producer-json2kafka/.gitignore @@ -0,0 +1 @@ +values.yaml diff --git a/install/helm/nrt-pm/charts/pm-producer-json2kafka/templates/app-statefulset.yaml b/install/helm/nrt-pm/charts/pm-producer-json2kafka/templates/app-statefulset.yaml index 565d763..8f3866b 100644 --- a/install/helm/nrt-pm/charts/pm-producer-json2kafka/templates/app-statefulset.yaml +++ b/install/helm/nrt-pm/charts/pm-producer-json2kafka/templates/app-statefulset.yaml @@ -36,10 +36,9 @@ spec: spec: containers: - name: pm-producer-json2kafka - image: nexus3.o-ran-sc.org:10004/o-ran-sc/nonrtric-plt-pmproducer:1.0.0 - #image: o-ran-sc/nonrtric-plt-pmproducer:1.0.0-SNAPSHOT +# image: nexus3.o-ran-sc.org:10004/o-ran-sc/nonrtric-plt-pmproducer:1.0.0 + image: nexus3.o-ran-sc.org:10003/o-ran-sc/nonrtric-plt-pmproducer:1.0.0-SNAPSHOT imagePullPolicy: Always - #imagePullPolicy: Never ports: - name: http containerPort: 8084 diff --git a/install/helm/nrt-pm/charts/pm-producer-json2kafka/values.yaml b/install/helm/nrt-pm/charts/pm-producer-json2kafka/values.yaml index 7db28cc..ee05a69 100644 --- a/install/helm/nrt-pm/charts/pm-producer-json2kafka/values.yaml +++ b/install/helm/nrt-pm/charts/pm-producer-json2kafka/values.yaml @@ -16,4 +16,4 @@ # pmproducerjson2kafka: - clientsecret: Wy7TuisvAJZ972xG9pRznKfI1gksVx8z \ No newline at end of file + clientsecret: NIIrUK0LisJ0iUVbzOMXtwnnhzjyHtmh \ No newline at end of file diff --git a/install/helm/ran/templates/app-deployment.yaml b/install/helm/ran/templates/app-deployment.yaml index ced031e..01b94f4 100644 --- a/install/helm/ran/templates/app-deployment.yaml +++ b/install/helm/ran/templates/app-deployment.yaml @@ -23,7 +23,7 @@ metadata: labels: app: pm-https-server spec: - replicas: 1 # Max 10 = number of generated certs unique ... + replicas: {{ .Values.global.numhttpsservers }} # Max 10 = number of generated unique certs ... serviceName: pm-https-server selector: matchLabels: @@ -60,8 +60,12 @@ spec: runAsUser: 0 containers: - name: pm-https-server - image: pm-https-server:latest + image: {{ .Values.global.extimagerepo }}pm-https-server:latest + {{- if .Values.global.extimagerepo }} + imagePullPolicy: Always + {{- else }} imagePullPolicy: Never + {{- end }} ports: - name: http containerPort: 80 @@ -72,12 +76,12 @@ spec: # If env is missing, the file in the call to "/files/ url must exist in the server - name: ALWAYS_RETURN value: /ne-files/pm.xml.gz - # Env must be specified if genetated files use. The value shall spefify the first timestamp of a series of pm files + # Env must be specified if generated files use. The value shall specify the first timestamp of a series of pm files # If a file with a timestamp less than the below will return 404 - # Timestamp shall be gvien with date.time where minutes has values 00,15,45 and the given timezone + # Timestamp shall be given with date.time where minutes has values 00,15,45 and the given timezone # Example: 20230220.1300 - denotes a first file name of 20230220.1300+0100-1315+0100_.xml.gz - name: GENERATED_FILE_START_TIME - value: "20230220.1300" + value: "20230515.0700" # Timezone to use for generated files. If not given, timezone 0000 will be used # Shall include +/- sign for the timezone value - name: GENERATED_FILE_TIMEZONE diff --git a/install/install-nrt.sh b/install/install-nrt.sh index 4822e9a..6cb2caf 100755 --- a/install/install-nrt.sh +++ b/install/install-nrt.sh @@ -27,18 +27,45 @@ SAMELINE="\033[0K\r" # Variables -export KHOST=$(kube_get_controlplane_host) +export KUBERNETESHOST=$(kube_get_controlplane_host) if [ $? -ne 0 ]; then - echo $KHOST + echo $KUBERNETESHOST echo "Exiting" exit 1 fi echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++" -echo "Kubernetes control plane host: $KHOST" +echo "Kubernetes control plane host: $KUBERNETESHOST" echo "Host obtained from current kubectl context" echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++" +echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++" +echo "Checking requirements" +echo " Checking if istio is installed" +kubectl $KUBECONF get authorizationpolicies -A &> /dev/null +if [ $? -ne 0 ]; then + echo " Istio api: kubectl get authorizationpolicies is not installed" + exit 1 +else + echo " OK" +fi +echo " Checking if jq is installed" +tmp=$(type jq) +if [ $? -ne 0 ]; then + echo " Command utility jq (cmd-line json processor) is not installed" + exit 1 +else + echo " OK" +fi +echo " Checking if envsubst is installed" +tmp=$(type envsubst) +if [ $? -ne 0 ]; then + echo " Command utility envsubst (env var substitution in files) is not installed" + exit 1 +else + echo " OK" +fi + echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++" echo "Restarting istiod, workaround to refresh jwks cache" kubectl rollout restart deployments/istiod -n istio-system @@ -69,7 +96,6 @@ helm install --wait -n nonrtric nrt-base-0 helm/nrt-base-0 # Create realm in keycloak -##export KC_PORT=$(kube_get_nodeport keycloak nonrtric http) . scripts/populate_keycloak.sh create_realms nonrtric-realm @@ -84,63 +110,11 @@ check_error $? generate_client_secrets nonrtric-realm $cid check_error $? -# retcode=0 -# while [ $retcode -eq 0 ]; do -# #NRT_REALM_JWKS=$(kubectl exec -n nonrtric client -- curl -f http://keycloak.nonrtric:8080/realms/nonrtric-realm/protocol/openid-connect/certs) -# NRT_REALM_JWKS=$(curl -fs localhost:31788/realms/nonrtric-realm/protocol/openid-connect/certs) -# if [ $? -eq 0 ]; then -# retcode=1 -# #echo $NRT_REALM_JWKS -# echo "JWKS for nonrtric-realm obtained" -# else -# sleep 3 -# echo "Wating for keycloak to publish JWKS for nonrtric-realm" -# fi -# done - -# export NRT_REALM_JWKS - echo "" -# ################################################################################## -# echo "##### Installing chart httpecho" -# ################################################################################## - -#helm install --wait -n nonrtric httpecho helm/httpecho - - - -# TSEC=$SECONDS -# numok=0 -# while [ $numok -lt 10 ]; do -# echo "" -# echo "Time: $(($SECONDS-$TSEC))" -# cid="console-setup" -# __get_admin_token -# TOKEN=$(get_client_token nonrtric-realm $cid) -# decode_token "$TOKEN" -# curl -fv localhost:31789/ -H "Authorization: Bearer $TOKEN" -# if [ $? -eq 0 ]; then -# let numok=numok+1 -# fi -# sleep 5 -# done - -# TSEC=$SECONDS -# while [ true ]; do -# echo "" -# echo "Time: $(($SECONDS-$TSEC))" -# cid="console-setup" -# __get_admin_token -# TOKEN=$(get_client_token nonrtric-realm $cid) -# decode_token "$TOKEN" -# curl -v localhost:31789/ -H "Authorization: Bearer $TOKEN" -# sleep 5 -# done cid="console-setup" __get_admin_token TOKEN=$(get_client_token nonrtric-realm $cid) -decode_token "$TOKEN" ################################################################################## echo "##### Installing charts: strimzi and nrt-base-1" @@ -153,11 +127,9 @@ helm install --wait strimzi-kafka-crds -n nonrtric strimzi/strimzi-kafka-operato cp opa-rules/bundle.tar.gz helm/nrt-base-1/charts/opa-rule-db/data -#envsubst < helm/nrt-base-1/charts/httpecho/values-template.yaml > helm/nrt-base-1/charts/httpecho/values.yaml - helm install -n nonrtric nrt-base-1 helm/nrt-base-1 - +echo "Waiting for influx db - there may be error messages while trying..." retcode=1 while [ $retcode -eq 1 ]; do retcode=0 @@ -167,7 +139,7 @@ while [ $retcode -eq 1 ]; do sleep 1 elif [ "$CONFIG" == "{}" ]; then echo "Configuring db" - kubectl exec -n nonrtric influxdb2-0 -- influx setup -u bm -p mySuP3rS3cr3tT0keN -o est -b pm-bucket -f + kubectl exec -n nonrtric influxdb2-0 -- influx setup -u admin -p mySuP3rS3cr3tT0keN -o est -b pm-bucket -f if [ $? -ne 0 ]; then retcode=1 sleep 1 @@ -178,12 +150,10 @@ while [ $retcode -eq 1 ]; do done # Save influx user api-token to secret -INFLUXDB2_TOKEN=$(get_influxdb2_token influxdb2-0 nonrtric) -INFLUXDB2_TOKEN=$(echo -n $INFLUXDB2_TOKEN | base64) -PATCHDATA='[{"op": "add", "path": "/data/token", "value": "'$INFLUXDB2_TOKEN'" }]' +INFLUXDB2_TOKEN=$(get_influxdb2_token influxdb2-0 nonrtric | base64) +PATCHDATA='[{"op": "add", "path": "/data/token", "value": "'$INFLUXDB2_TOKEN'"}]' kubectl patch secret influxdb-api-token -n nonrtric --type json -p "$PATCHDATA" - echo "Wait for kafka" _ts=$SECONDS until $(kubectl exec -n nonrtric kafka-client -- kafka-topics --list --bootstrap-server kafka-1-kafka-bootstrap.nonrtric:9092 1> /dev/null 2> /dev/null); do @@ -207,7 +177,7 @@ echo "##### Installing: chart ran" ./helm/ran/certs/gen-certs.sh 10 check_error $? -helm install --wait -n ran ran helm/ran +helm install --wait -f helm/global-values.yaml -n ran ran helm/ran echo "" @@ -282,10 +252,7 @@ export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid) envsubst < helm/nrt-pm/charts/dfc/values-template.yaml > helm/nrt-pm/charts/dfc/values.yaml - -#envsubst < helm/nrt-pm/charts/ics/values-template.yaml > helm/nrt-pm/charts/ics/values.yaml - -helm install --wait -n nonrtric nrt-pm helm/nrt-pm +helm install --wait -f helm/global-values.yaml -n nonrtric nrt-pm helm/nrt-pm echo "" diff --git a/install/install-pm-influx-job.sh b/install/install-pm-influx-job.sh index 9f4abb3..1de513e 100755 --- a/install/install-pm-influx-job.sh +++ b/install/install-pm-influx-job.sh @@ -29,14 +29,14 @@ check_error() { fi } -export KHOST=$(kube_get_controlplane_host) +export KUBERNETESHOST=$(kube_get_controlplane_host) if [ $? -ne 0 ]; then - echo $KHOST + echo $KUBERNETESHOST echo "Exiting" exit 1 fi -echo "Kubernetes control plane host: $KHOST" +echo "Kubernetes control plane host: $KUBERNETESHOST" . scripts/kube_get_nodeport.sh . scripts/get_influxdb2_token.sh @@ -53,7 +53,6 @@ bucket=pm-bucket echo "Creating bucket $bucket in influxdb2" create_influxdb2_bucket influxdb2-0 nonrtric $bucket -export KC_PORT=$(kube_get_nodeport keycloak nonrtric http) . scripts/populate_keycloak.sh cid="console-setup" diff --git a/install/install-pm-log.sh b/install/install-pm-log.sh index 1dd3859..0b3c7ab 100755 --- a/install/install-pm-log.sh +++ b/install/install-pm-log.sh @@ -25,9 +25,9 @@ echo "Installing pmlog" # Variables -export KHOST=$(kube_get_controlplane_host) +export KUBERNETESHOST=$(kube_get_controlplane_host) if [ $? -ne 0 ]; then - echo $KHOST + echo $KUBERNETESHOST echo "Exiting" exit 1 fi @@ -42,12 +42,6 @@ check_error() { fi } -# echo " Retriving influxdb2 access token..." -# export INFLUXDB2_TOKEN=$(get_influxdb2_token influxdb2-0 nonrtric) - -# envsubst < nrt-pm-log/values-template.yaml > nrt-pm-log/values.yaml - -export KC_PORT=$(kube_get_nodeport keycloak nonrtric http) . scripts/populate_keycloak.sh cid="nrt-pm-log" diff --git a/install/install-pm-rapp.sh b/install/install-pm-rapp.sh index 37fb826..6e00633 100755 --- a/install/install-pm-rapp.sh +++ b/install/install-pm-rapp.sh @@ -19,7 +19,7 @@ -echo "Installtion pmrapp" +echo "Installing pmrapp" . scripts/kube_get_controlplane_host.sh . scripts/kube_get_nodeport.sh @@ -38,16 +38,14 @@ check_error() { echo "Creating client in keycloak" # Find host and port to keycloak -export KHOST=$(kube_get_controlplane_host) +export KUBERNETESHOST=$(kube_get_controlplane_host) if [ $? -ne 0 ]; then - echo $KHOST + echo $KUBERNETESHOST echo "Exiting" exit 1 fi -create_topic kafka-1-kafka-bootstrap.nonrtric:9092 pm-rapp 10 - -export KC_PORT=$(kube_get_nodeport keycloak nonrtric http) +create_topic kafka-1-kafka-bootstrap.nonrtric:9092 rapp-topic 10 . scripts/populate_keycloak.sh @@ -62,7 +60,7 @@ export PMRAPP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid) envsubst < helm/nrt-pm-rapp/values-template.yaml > helm/nrt-pm-rapp/values.yaml echo " helm install..." -helm install --wait -n nonrtric nrt-pm-rapp helm/nrt-pm-rapp +helm install --wait -f helm/global-values.yaml -n nonrtric nrt-pm-rapp helm/nrt-pm-rapp echo "done" diff --git a/install/opa-rules/README.md b/install/opa-rules/README.md index 093cc76..c520c71 100644 --- a/install/opa-rules/README.md +++ b/install/opa-rules/README.md @@ -1,11 +1,15 @@ -# Build buundle +# Build bundle tar cvf bundle.tar rules data.json gzip bundle.tar +# Installation + +The bundle is installed as part of the install-nrt.sh script. + ## License diff --git a/install/scripts/README.md b/install/scripts/README.md new file mode 100644 index 0000000..b1e5572 --- /dev/null +++ b/install/scripts/README.md @@ -0,0 +1,70 @@ + +## General + +This folder contains scripts to push pm event to the file-ready kafka topic, directly to the topic or via the ves-collector. +For simple testing, pushing directly to the topic is much faster but if integration with e.g. ran simulators; pushing via the ves-collector might be a better option. + + +## Script - push-genfiles-to-file-ready-topic.sh + +This script push generated pm files directly to the file-ready kafka topic. + +The script pushes events from one or more RAN nodes. For each RAN node, one or more events are pushed in sequence where each event in the sequence represents a 15 min measurement. +Although each pm-file represents a 15 min measurement period, all events are pushed in a sequence without any delay between the files. +The RAN nodes are specified as a single base name, eg. "NODE-A" and the the script with name the nodes "NODE-A-0", "NODE-A-1" etc. +The event will contain a url to each pm file. These urls points to a web server (simulating a RAN node). The number of web server are fixed so the generated urls are generated so the load is spread out over the web server. + +### Parmeters + +`push-genfiles-to-file-ready-topic.sh sftp|ftpes|https [hist]"` + +- node-count : The number of simulated RAN nodes +- number-of-events : The number of 15 min measurements (event) per node +- node-name-base : Base name of the RAN nodes, index 0,1,2 etc will be added to the name +- file-extension : The pm file extension - should match the actual pm file to be downloaded from the web-servers (simulated RAN nodes) +- sftp|ftps|https - Protocol for downloading pm files - only https is currently supported +- num-servers - The number of web servers for pm file download. Should match the number of web servers actually started by the install script. This script generates pm file url to one of the web servers to spread the load. Note that this number can be different from the node-count parameter. +- hist : By default, each event only contains the reference to a single pm file. If the parameter is given then each event will contain the latest pm file and 95 of the previous file to represent a full 24h set of pm files. + + +## Script - push-genfiles-to-ves-collector.sh + +This script push generated pm files via the ves-collector to the file-ready kafka topic. +The parameter are exactly same as for the `push-genfiles-to-file-ready-topic.sh` script. + +## Typical usage + +The below example + +`