blob: 07d2b01bc05779caa85a0d5c5c7c332285df7b02 [file] [log] [blame]
Lusheng Ji768421b2018-06-01 16:36:54 -04001.. This work is licensed under a Creative Commons Attribution 4.0 International License.
2.. http://creativecommons.org/licenses/by/4.0
Lusheng Jia73548f2017-11-05 19:24:05 -05003
Lusheng Ji768421b2018-06-01 16:36:54 -04004OpenStack Heat Orchestration Template Based DCAE Deployment
5===========================================================
6
7This document describes the details of the OpenStack Heat Orchestration Template deployment process and how to configure DCAE related parameters in the Heat template and its parameter file.
Lusheng Jia73548f2017-11-05 19:24:05 -05008
9
Lusheng Jic02a89f2017-11-20 11:35:35 -050010ONAP Deployment Overview
11------------------------
Lusheng Jia73548f2017-11-05 19:24:05 -050012
Lusheng Ji768421b2018-06-01 16:36:54 -040013ONAP R2 supports an OpenStack Heat template based system deployment. The Heat Orchestration Template file and its parameter input file can be found under the **heat/ONAP** directory of the **demo** repo.
14
15When a new "stack" is created using the template, the following virtual resources will be launched in the target OpenStack tenant:
Lusheng Jia73548f2017-11-05 19:24:05 -050016
17* A four-character alphanumerical random text string, to be used as the ID of the deployment. It is denoted as {{RAND}} in the remainder of this document.
18* A private OAM network interconnecting all ONAP VMs, named oam_onap_{{RAND}}.
19* A virtual router interconnecting the private OAM network with the external network of the OpenStack installation.
20* A key-pair named onap_key_{{RAND}}.
21* A security group named onap_sg_{{RAND}}.
Lusheng Jieaac78d2018-06-06 00:20:03 -040022* A list of VMs for ONAP components. Each VM has one NIC connected to the OAM network and assigned a fixed IP. Each VM is also assigned a floating IP address from the external network. The VM hostnames are name consistently across different ONAP deployments, a user defined prefix, denoted as {{PREFIX}}, followed by a descriptive string for the ONAP component this VM runs, and optionally followed by a sub-function name. In the parameter env file supplied when running the Heat template, the {{PREFIX}} is defined by the **vm_base_name** parameter. The VMs of the same ONAP role across different ONAP deployments will always have the same OAM network IP address. For example, the Message Router will always have the OAM network IP address of 10.0.11.1.
Lusheng Jia73548f2017-11-05 19:24:05 -050023
Lusheng Jieaac78d2018-06-06 00:20:03 -040024
25The list below provides the IP addresses and hostnames for ONAP components that are relevant to DCAE.
26
27============== ========================== ==========================
28ONAP Role VM (Neutron) hostname OAM IP address(s)
29============== ========================== ==========================
30A&AI {{PREFIX}}-aai-inst1 10.0.1.1
31SDC {{PREFIX}}-sdc 10.0.3.1
32DCAE {{PREFIX}}-dcae 10.0.4.1
33Policy {{PREFIX}}-policy 10.0.6.1
34SD&C {{PREFIX}}-sdnc 10.0.7.1
35Robot TF {{PREFIX}}-robot 10.0.10.1
36Message Router {{PREFIX}}-message-router 10.0.11.1
37CLAMP {{PREFIX}}-clamp 10.0.12.1
38Private DNS {{PREFIX}}-dns-server 10.0.100.1
39============== ========================== ==========================
40
41(Each of the above VMs will also be associated with a floating IP address from the external network.)
Lusheng Jia73548f2017-11-05 19:24:05 -050042
Lusheng Jia73548f2017-11-05 19:24:05 -050043
Lusheng Ji768421b2018-06-01 16:36:54 -040044DCAE Deployment
45---------------
Lusheng Jia73548f2017-11-05 19:24:05 -050046
Lusheng Ji768421b2018-06-01 16:36:54 -040047Within the Heat template yaml file, there is a section which specifies the DCAE VM as a "service". Majority of the service block is the script that the VM will execute after being launched. This is known as the "cloud-init" script. This script writes configuration parameters to VM disk files under the /opt/config directory of the VM file system, one parameter per file, with the file names matching with the parameter names. At the end, the cloud-init script invokes DCAE's installtioan script dcae2-install.sh, and DCAE deployment script dcae2_vm_init.sh. While the dace2_install.sh script installs the necessary software packages, the dcae2_vm_init.sh script actually deploys the DCAE Docker containers to the DCAE VM.
Lusheng Jia73548f2017-11-05 19:24:05 -050048
Lusheng Ji768421b2018-06-01 16:36:54 -040049Firstly, during the execution of the dcae2_vm_init.sh script, files under the **heat** directory of the **dcaegen2/deployments** repo are downloaded and any templates in these files referencing the configuration files under the /opt/config directories are expanded by the contents of the corresponding files. For example, a template of {{ **dcae_ip_addr** }} is replaced with the contents of the file /opt/config/**dcae_ip_addr**.txt file. The resultant files are placed under the /opt/app/config directory of the DCAE VM file system.
Lusheng Jia73548f2017-11-05 19:24:05 -050050
Lusheng Ji768421b2018-06-01 16:36:54 -040051In addition, the dcae2_vm_init.sh script also calls the scripts to register the components with Consul about their health check APIs, and their default configurations.
Lusheng Jia73548f2017-11-05 19:24:05 -050052
Lusheng Ji768421b2018-06-01 16:36:54 -040053Next, the dcae2_vm_init.sh script deploys the resources defined in the docker-compose-1.yaml and docker-compose-2.yaml files, with proper waiting in between to make sure the resource in docker-compose-1.yaml file have entered ready state before deploying the docker-compose-2.ayml file because the formers are the dependencies of the latter. These resources are a number of services components and their minimum supporting platform components (i.e. Consul server and Config Binding Service). With these resources, DCAE is able to provide a minimum configuration that supports the ONAP R2 use cases, namely, the vFW/vDNS, vCPE, cVoLTE use cases. However, lacking the DCAE full platform, this configuration does not support CLAMP and Policy update from Policy Framework. The only way to change the configurations of the service components (e.g. publishing to a different DMaaP topic) can only be accomplished by changing the value on the Consul for the KV of the service component, using Consul GUI or API call.
Lusheng Jic02a89f2017-11-20 11:35:35 -050054
Lusheng Ji768421b2018-06-01 16:36:54 -040055For more complete deployment, the dcae2_vm_init.sh script further deploys docker-compose-3.yaml file, which deploys the rest of the DCAE platform components, and if configured so docker-compose-4.yaml file, which deploys DCAE R2 stretch goal service components such as PRH, Missing Heartbeat, etc.
Lusheng Jic02a89f2017-11-20 11:35:35 -050056
Lusheng Ji768421b2018-06-01 16:36:54 -040057After all DCAE components are deployed, the dcae2_vm_init.sh starts to provide health check results. Due to the complexity of the DCAE system, a proxy is set up for returning a single binary result for DCAE health check instead of having each individual DCAE component report its health status. To accomplish this, the dcae2_vm_init.sh script deploys a Nginx reverse proxy then enters an infinite health check loop.
Lusheng Jic02a89f2017-11-20 11:35:35 -050058
Lusheng Ji768421b2018-06-01 16:36:54 -040059During each iteration of the loop, the script checks Consul's service health status API and compare the received healthy service list with a pre-determined list to assess whether the DACE system is healthy. The list of services that must be healthy for the DCAE system to be assessed as healthy depends on the deployment profile which will be covered in the next subsection. For example, if the deployment profile only calls for a minimum configuration for passing use case data, whether DCAE platform components such as Deployment Handler are heathy does not affect the result.
Lusheng Jic02a89f2017-11-20 11:35:35 -050060
Lusheng Ji768421b2018-06-01 16:36:54 -040061If the DCAE system is considered healthy, the dcae2_vm_init.sh script will generate a file that lists all the healthy components and the Nginx will return this file as the body of a 200 response for any DCAE health check. Otherwise, the Nginx will return a 404 response.
Lusheng Jic02a89f2017-11-20 11:35:35 -050062
Lusheng Jia73548f2017-11-05 19:24:05 -050063
64Heat Template Parameters
Lusheng Jic5e03752017-11-22 00:38:22 -050065------------------------
Lusheng Jia73548f2017-11-05 19:24:05 -050066
Lusheng Ji768421b2018-06-01 16:36:54 -040067In DCAE R2, the configuration for DCAE deployment in Heat is greatly simplified. In addition to paramaters such as docker container image tags, the only parameter that configures DCAE deployment behavior is dcae_deployment_profiles.
Lusheng Jia73548f2017-11-05 19:24:05 -050068
Lusheng Ji768421b2018-06-01 16:36:54 -040069* dcae_deployment_profile: the parameter determines which DCAE components (containers) will be deployed. The following profiles are supported for R2:
70 * R2MVP: This profile includes a minimum set of DACE components that will support the vFW/vDNS, vCPE. and vVoLTE use cases. It will deploy the following components:
71 * Consul server,
72 * Config Binding Service,
73 * Postgres database,
74 * VES collector
75 * TCA analytics
76 * Holmes rule management
77 * Holmes engine management.
78 * R2: This profile also deploys the rest of the DCAE platform. With R2 deployment profile, DCAE supports CLAMP and full control loop functionalities. These additional components are:
79 * Cloudify Manager,
80 * Deployment Handler,
81 * Policy Handler,
82 * Service Change Handler,
83 * Inventory API.
84 * R2PLUS: This profile deploys the DCAE R2 stretch goal service components, namely:
85 * PNF Registration Handler,
86 * SNMP Trap collector,
87 * Missing Heartbeat Detection analytics,
88 * Universal Mapper.
Lusheng Jic02a89f2017-11-20 11:35:35 -050089
90
Lusheng Jia73548f2017-11-05 19:24:05 -050091
Lusheng Jic02a89f2017-11-20 11:35:35 -050092
Lusheng Jic5e03752017-11-22 00:38:22 -050093Tips for Manual Interventions
94-----------------------------
95
96During DCAE deployment, there are several places where manual interventions are possible:
97
98* Running dcae2_install.sh
99* Running dcae2_vm_init.sh
Lusheng Ji768421b2018-06-01 16:36:54 -0400100* Individual docker-compose-?.yaml file
Lusheng Jic5e03752017-11-22 00:38:22 -0500101
Lusheng Ji768421b2018-06-01 16:36:54 -0400102All these require ssh-ing into the dcae VM, then change directory or /opt and sudo.
Lusheng Jic5e03752017-11-22 00:38:22 -0500103Configurations injected from the Heat template and cloud init can be found under /opt/config.
104DCAE run time configuration values can be found under /opt/app/config. After any parameters are changed, the dcae2_vm_init.sh script needs to be rerun.
105
Lusheng Ji768421b2018-06-01 16:36:54 -0400106Redpeloying/updating resources defines in docker-compose-?.yaml files can be achieved by running the following:
107
108 $ cd /opt/app/config
109 $ /opt/docker/docker-compose -f ./docker-compose-4.yaml down
110 $ /opt/docker/docker-compose -f ./docker-compose-4.yaml up -d
111
112
113Some manual interventions may also require interaction with the OpenStack environment. This can be
Lusheng Jic5e03752017-11-22 00:38:22 -0500114done by using the OpenStack CLI tool. OpenStack CLI tool comes very handy for various uses in deployment and maintenance of ONAP/DCAE.
115
116It is usually most convenient to install OpenStack CLI tool in a Python virtual environment. Here are the steps and commands::
117
118 # create and activate the virtual environment, install CLI
119 $ virtualenv openstackcli
120 $ . openstackcli/bin/activate
121 $ pip install --upgrade pip python-openstackclient python-designateclient python-novaclient python-keystoneclient python-heatclient
122
123 # here we need to download the RC file form OpenStack dashboard:
124 # Compute->Access & Security_>API Aceess->Download OpenStack RC file
125
126 # activate the environment variables with values point to the taregt OpenStack tenant
127 (openstackcli) $ . ./openrc.sh
128
129Now we are all set for using OpenStack cli tool to run various commands. For example::
130
131 # list all tenants
132 (openstackcli) $ openstack project list
133
Lusheng Jic5e03752017-11-22 00:38:22 -0500134Finally to deactivate from the virtual environment, run::
135
136 (openstackcli) $ deactivate
137
138