| deen1985 | de4f978 | 2021-03-25 17:33:35 +0100 | [diff] [blame] | 1 | .. This work is licensed under a Creative Commons Attribution 4.0 International License. |
| 2 | .. http://creativecommons.org/licenses/by/4.0 |
| 3 | |
| 4 | .. _installation: |
| 5 | |
| Krzysztof Kuzmicki | c97a158 | 2021-04-19 09:11:00 +0200 | [diff] [blame] | 6 | HV-VES Cloudify Installation |
| 7 | ============================ |
| deen1985 | de4f978 | 2021-03-25 17:33:35 +0100 | [diff] [blame] | 8 | |
| 9 | Starting from ONAP/Honolulu release, HV-VES is installed with a DCAEGEN2-Services Helm charts. |
| 10 | This installation mechanism is convenient, but it doesn`t support all HV-VES features (e.g. CMP v2 certificates, and IPv4/IPv6 dual stack networking). This description demonstrates, how to deploy HV-VES collector using Cloudify orchestrator. |
| 11 | |
| 12 | Setting insecure mode for testing |
| 13 | --------------------------------- |
| 14 | |
| 15 | HV-VES application is configured by default to use TLS/SSL encryption on TCP connection. |
| 16 | However it is posible to turn off TLS/SSL authorization by overriding Cloudify blueprint inputs. |
| 17 | |
| 18 | Accessing bootstrap container with Kubernetes command line tool |
| 19 | --------------------------------------------------------------- |
| 20 | |
| 21 | To find bootstrap pod, execute the following command: |
| 22 | |
| 23 | :: |
| 24 | |
| 25 | kubectl -n <onap namespace> get pods | grep bootstrap |
| 26 | |
| 27 | To run command line in bootstrap pod, execute: |
| 28 | |
| 29 | :: |
| 30 | |
| 31 | kubectl -n <onap namespace> exec -it <bootstrap-pod-name> bash |
| 32 | |
| 33 | |
| 34 | Install HV-VES collector using Cloudify blueprint inputs |
| 35 | --------------------------------------------------------- |
| 36 | |
| 37 | 1. If You have a running HV-VES instance, uninstall HV-VES and delete current deployment: |
| 38 | |
| 39 | :: |
| 40 | |
| 41 | cfy executions start -d hv-ves uninstall |
| 42 | cfy deployments delete hv-ves |
| 43 | |
| 44 | 2. Create new deployment with inputs from yaml file (available by default in bootstrap container): |
| 45 | |
| 46 | :: |
| 47 | |
| 48 | cfy deployments create -b hv-ves -i inputs/k8s-hv_ves-inputs.yaml hv-ves |
| 49 | |
| 50 | In order to disable the TLS security, override the 'secuirty_ssl_disable' value in the deloyment: |
| 51 | |
| 52 | :: |
| 53 | |
| 54 | cfy deployments create -b hv-ves -i inputs/k8s-hv_ves-inputs.yaml -i security_ssl_disable=True hv-ves |
| 55 | |
| 56 | To verify inputs, You can execute: |
| 57 | |
| 58 | :: |
| 59 | |
| 60 | cfy deployments inputs hv-ves |
| 61 | |
| 62 | 3. Install HV-VES deployment: |
| 63 | |
| 64 | :: |
| 65 | |
| 66 | cfy executions start -d hv-ves install |
| 67 | |
| 68 | |
| 69 | Using external TLS certificates obtained using CMP v2 protocol |
| 70 | -------------------------------------------------------------- |
| 71 | |
| 72 | In order to use the X.509 certificates obtained from the CMP v2 server (so called "operator`s certificates"), refer to the following description: |
| 73 | |
| 74 | .. toctree:: |
| 75 | :maxdepth: 1 |
| 76 | |
| 77 | Enabling TLS with external x.509 certificates <../../tls_enablement> |