blob: b90ebb41ec9227deea373d23e9cec5ef6f86241d [file] [log] [blame]
Lusheng Jia73548f2017-11-05 19:24:05 -05001OpenStack Heat Template Based ONAP Deployment
2=============================================
3
4For ONAP R1, ONAP is deployed using OpenStack Heat template. DCAE is also deployed through this process. This document describes the details of the Heat template deployment process and how to configure DCAE related parameters in the Heat template and its parameter file.
5
6
7ONAP Deployment
8---------------
9
10ONAP supports an OpenStack Heat template based system deployment. When a new "stack" is created using the template, the following virtual resources will be launched in the target OpenStack tenant:
11
12* A four-character alphanumerical random text string, to be used as the ID of the deployment. It is denoted as {{RAND}} in the remainder of this document.
13* A private OAM network interconnecting all ONAP VMs, named oam_onap_{{RAND}}.
14* A virtual router interconnecting the private OAM network with the external network of the OpenStack installation.
15* A key-pair named onap_key_{{RAND}}.
16* A security group named onap_sg_{{RAND}}.
17* A list of VMs for ONAP components. Each VM has one NIC connected to the OAM network and assigned a fixed IP. Each VM is also assigned a floating IP address from the external network. The VM hostnames are name consistently across different ONAP deployments, a user defined prefix, denoted as {{PREFIX}}, followed by a descriptive string for the ONAP component this VM runs, and optionally followed by a sub-function name. The VMs of the same ONAP role across different ONAP deployments will always have the same OAM network IP address. For example, the Message Router will always have the OAM network IP address of 10.0.11.1.
18
19 ============== ========================== ==========================
20 ONAP Role VM (Neutron) hostname OAM IP address(s)
21 ============== ========================== ==========================
22 A&AI {{PREFIX}}-aai-inst1 10.0.1.1
23 A&AI {{PREFIX}}-aai-inst2 10.0.1.2
24 APPC {{PREFIX}}-appc 10.0.2.1
25 SDC {{PREFIX}}-sdc 10.0.3.1
26 DCAE {{PREFIX}}-dcae-bootstrap 10.0.4.1
27 SO {{PREFIX}}-so 10.0.5.1
28 Policy {{PREFIX}}-policy 10.0.6.1
29 SD&C {{PREFIX}}-sdnc 10.0.7.1
30 VID {{PREFIX}}-vid 10.0.8.1
31 Portal {{PREFIX}}-portal 10.0.9.1
32 Robot TF {{PREFIX}}-robot 10.0.10.1
33 Message Router {{PREFIX}}-message-router 10.0.11.1
34 CLAMP {{PREFIX}}-clamp 10.0.12.1
35 MultiService {{PREFIX}}-multi-service 10.0.14.1
36 Private DNS {{PREFIX}}-dns-server 10.0.100.1
37 ============== ========================== ==========================
38
39* A list of DCAE VMs, launched by the {{PREFIX}}-dcae-bootstrap VM. These VMs are also connected to the OAM network and associated with floating IP addresses on teh external network. What's different is that their OAM IP addresses are DHCP assigned, not statically assigned. The table below lists the DCAE VMs that are deployed for R1 use stories.
40
41 ===================== ============================
42 DCAE Role VM (Neutron) hostname(s)
43 ===================== ============================
44 Cloudify Manager {{DCAEPREFIX}}orcl{00}
45 Consul cluster {{DCAEPREFIX}}cnsl{00-02}
46 Platform Docker Host {{DCAEPREFIX}}dokp{00}
47 Service Docker Host {{DCAEPREFIX}}dokp{00}
48 CDAP cluster {{DCAEPREFIX}}cdap{00-06}
49 Postgres {{DCAEPREFIX}}pgvm{00}
50 ===================== ============================
51
52DNS
53===
54
55ONAP VMs deployed by Heat template are all registered with the private DNS server under the domain name of **simpledemo.onap.org**. This domain can not be exposed to any where outside of the ONAP deployment because all ONAP deployments use the same domain name and same address space. Hence these host names remain only resolvable within the same ONAP deployment.
56
57On the other hand DCAE VMs, although attached to the same OAM network as the rest of ONAP VMs, all have dynamic IP addresses allocated by the DHCP server and resort to a DNS based solution for registering the hostname and IP address mapping. DCAE VMs of different ONAP deployments are registered under different zones named as **{{RAND}}.dcaeg2.onap.org**. The API that DCAE calls to request the DNS zone registration and record registration is provided by OpenStack's DNS as a Service technology Designate.
58
59To enable VMs spun up by ONPA Heat template and DCAE's bootstrap process communicate with each other using hostnames, all VMs are configured to use the private DNS server launched by the Heat template as their name resolution server. In the configuration of this private DNS server, the DNS server that backs up Designate API frontend is used as the DNS forwarder.
60
61For simpledemo.onap.org VM to simpledemo.onap.org VM communications and {{RAND}}.dcaeg2.onap.org VM to simpledemo.onap.org VM communications, the resolution is completed by the private DNS server itself. For simpledemo.onap.org VM to {{RAND}}.dcaeg2.onap.org VM communications and {{RAND}}.dcaeg2.onap.org VM to {{RAND}}.dcaeg2.onap.org VM communications, the resolution request is forwarded from the private DNS server to the Designate DNS server and resolved there. Communications to outside world are resolved also by the Designate DNS server if the hostname belongs to a zone registered under the Designate DNS server, or forwarded to the next DNS server, either an organizational DNS server or a DNS server even higher in the global DNS server hierarchy.
62
63For OpenStack installations where there is no existing DNS service, a "proxyed" Designate solution is supported. In this arrangement, DCAE bootstrap process will use MultiCloud service node as its Keystone API endpoint. For non Designate API calls, the MultiCloud service node forwards to the underlying cloud provider. However, for Designate API calls, the MultiCloud service node forwards to an off-stack Designate server.
64
65Heat Template Parameters
66========================
67
68Here we list Heat template parameters that are related to DCAE operation. Bold values are the default values that should be used "as-is".
69
70* public_net_id: the UUID of the external network where floating IPs are assigned from. For example: 971040b2-7059-49dc-b220-4fab50cb2ad4
71* public_net_name: the name of the external network where floating IPs are assigned from. For example: external
72* openstack_tenant_id: the ID of the OpenStack tenant/project that will host the ONPA deployment. For example: dd327af0542e47d7853e0470fe9ad625.
73* openstack_tenant_name: the name of the OpenStack tenant/project that will host the ONPA deployment. For example: Integration-SB-01.
74* openstack_username: the username for accessing the OpenStack tenant specified by openstack_tenant_id/ openstack_tenant_name.
75* openstack_api_key: the password for accessing the OpenStack tenant specified by openstack_tenant_id/ openstack_tenant_name.
76* openstack_auth_method: **password**
77* openstack_region: **RegionOne**
78* cloud_env: **openstack**
79* dns_forwarder: This is the DNS forwarder for the ONAP deployment private DNS server. It must point to the IP address of the Designate DNS. For example '10.12.25.5'.
80* dcae_ip_addr: **10.0.4.1**. The static IP address on the OAM network that is assigned to the DCAE bootstraping VM.
81* dnsaas_config_enabled: Whether a proxy-ed Designate solution is used. For example: **true**.
82* dnsaas_region: The region of the Designate providing OpenStack. For example: RegionOne
83* dnsaas_tenant_name: The tenant/project name of the Designate providing OpenStack. For example Integration-SB-01.
84* dnsaas_keystone_url: The keystone URL of the Designate providing OpenStack. For example http://10.12.25.5:5000/v3.
85* dnsaas_username: The username for accessing the Designate providing OpenStack.
86* dnsaas_password: The password for accessing the Designate providing OpenStack.
87* dcae_keystone_url: This is the API endpoint for MltiCloud service node. **"http://10.0.14.1/api/multicloud-titanium_cloud/v0/pod25_RegionOne/identity/v2.0"**
88* dcae_centos_7_image: The name of the CentOS-7 image.
89* dcae_domain: The domain under which ONAP deployment zones are registered. For example: 'dcaeg2.onap.org'.
90* dcae_public_key: the public key of the onap_key_{{RAND}} key-pair.
91* dcae_private_key: The private key of the onap_key_{{RAND}} key-pair (put a literal \n at the end of each line of text).
92
93Heat Deployment
94===============
95
96Heat template can be deployed using the OpenStack CLI. For more details, please visit the demo project of ONAP. All files references in this secton can be found under the **demo** project.
97
98In the Heat template file **heat/ONAP/onap_openstack.yaml** file, there is one block of sepcification towrads the end of the file defines the dcae_bootstrap VM. This block follows the same approach as other VMs defined in the same template. That is, a number of parameters within the Heat context, such as the floating IP addresses of the VMs and parameters provided in the user defined parameter env file, are written to disk files under the /opt/config directory of the VM during cloud init time. Then a script, found under the **boot** directory of the **demo** project, **{{VMNAME}}_install.sh**, is called to prepare the VM. At the end of running this script, another script **{VMNAME}}_vm_init.sh** is called.
99
100For DCAE bootstrap VM, the dcae2_vm_init.sh script completes the following steps:
101
102* If we use proxy-ed Designate solution, runs:
103 * Wait for A&AI to become ready
104 * Register MultiCloud proxy information into A&AI
105 * Wait for MultiCloud proxy node ready
106 * Register the DNS zone for the ONAP installation, **{{RAND}}.dcaeg2.onap.org**
107* Runs DCAE bootstrap docker container
108 * Install Cloudify locally
109 * Launch the Cloudify Manager VM
110 * Launch the Consul cluster
111 * Launch the platform component Docker host
112 * Launch the service component Docker host
113 * Launch the CDAP cluster
114 * Install Config Binding Service onto platform component Docker host
115 * Launch the Postgres VM
116 * Install Platform Inventory onto platform component Docker host
117 * Install Deployment Handler onto platform component Docker host
118 * Install Policy Handler onto platform component Docker host
119 * Install CDAP Broker onto platform component Docker host
120 * Install VES collector onto service component Docker host
121 * Install TCA analytics onto CDAP cluster
122 * Install Holmes Engine onto service component Docker host
123 * Install Holmes Rules onto service component Docker host
124* Starts a Nginx docker container to proxy the healthcheck API to Consul
125* Enters a infinite sleep loop to keep the bootstrap container up
126
127