| .. This work is licensed under a Creative Commons Attribution 4.0 International License. |
| .. http://creativecommons.org/licenses/by/4.0 |
| .. Copyright 2018 Amdocs, Bell Canada |
| |
| .. Links |
| .. _HELM Best Practices Guide: https://docs.helm.sh/chart_best_practices/#requirements |
| .. _kubectl Cheat Sheet: https://kubernetes.io/docs/reference/kubectl/cheatsheet/ |
| .. _Kubernetes documentation for emptyDir: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir |
| .. _Docker DevOps: https://wiki.onap.org/display/DW/Docker+DevOps#DockerDevOps-DockerBuild |
| .. _http://cd.onap.info:30223/mso/logging/debug: http://cd.onap.info:30223/mso/logging/debug |
| .. _Onboarding and Distributing a Vendor Software Product: https://wiki.onap.org/pages/viewpage.action?pageId=1018474 |
| .. _README.md: https://gerrit.onap.org/r/gitweb?p=oom.git;a=blob;f=kubernetes/README.md |
| |
| .. figure:: oomLogoV2-medium.png |
| :align: right |
| |
| .. _onap-on-kubernetes-with-rancher: |
| |
| ONAP on Kubernetes with Rancher |
| ############################### |
| |
| The following instructions will step you through the installation of Kubernetes |
| on an OpenStack environment with Rancher. The development lab used for this |
| installation is the ONAP Windriver lab. |
| |
| This guide does not cover all of the steps required to setup your OpenStack |
| environment: e.g. OAM networks and security groups but there is a wealth of |
| OpenStack information on the web. |
| |
| Rancher Installation |
| ==================== |
| |
| The following instructions describe how to create an Openstack VM running |
| Rancher. This node will not be used to host ONAP itself, it will be used |
| exclusively by Rancher. |
| |
| Launch new VM instance to host the Rancher Server |
| ------------------------------------------------- |
| |
| .. image:: Rancher-Launch_new_VM_instance_to_host_the_Rancher_Server.jpeg |
| |
| Select Ubuntu 16.04 as base image |
| --------------------------------- |
| Select "No" on "Create New Volume" |
| |
| .. image:: Rancher-Select_Ubuntu_16.04_as_base_image.jpeg |
| |
| Select Flavor |
| ------------- |
| Known issues exist if flavor is too small for Rancher. Please select a flavor |
| with at least 4 vCPU and 8GB ram. A size of 8 vCPU and 16GB ram is recommended. |
| |
| .. image:: Rancher-Select_Flavor.jpeg |
| |
| Networking |
| ---------- |
| |
| .. image:: Rancher-Networking.jpeg |
| |
| Security Groups |
| --------------- |
| |
| .. image:: Rancher-Security_Groups.jpeg |
| |
| Key Pair |
| -------- |
| Use an existing key pair (e.g. onap_key), import an existing one or create a |
| new one to assign. |
| |
| .. image:: Rancher-Key_Pair.jpeg |
| |
| Apply customization script for the Rancher VM |
| --------------------------------------------- |
| |
| Click :download:`openstack-rancher.sh <openstack-rancher.sh>` to download the script. |
| |
| .. literalinclude:: openstack-rancher.sh |
| :language: bash |
| |
| This customization script will: |
| |
| * setup root access to the VM (comment out if you wish to disable this |
| capability and restrict access to ssh access only) |
| * install docker |
| * install rancher |
| * install kubectl |
| * install helm |
| * install nfs server |
| |
| .. note:: |
| The Casablanca release of OOM only supports Helm 2.9.1 not the 2.7.2 shown in |
| the screen capture below. The supported versions of all the software components |
| are listed in the :ref:`cloud-setup-guide-label`. |
| |
| .. image:: Apply_customization_script_for_the_Rancher_VM.jpeg |
| |
| Launch Instance |
| --------------- |
| |
| .. image:: Rancher-Launch_Instance.jpeg |
| |
| Assign Floating IP for external access |
| -------------------------------------- |
| |
| .. image:: Rancher-Allocate_Floating_IP.jpeg |
| |
| .. image:: Rancher-Manage_Floating_IP_Associations.jpeg |
| |
| .. image:: Rancher-Launch_Instance.jpeg |
| |
| Kubernetes Installation |
| ======================= |
| |
| Launch new VM instance(s) to create a Kubernetes single host or cluster |
| ----------------------------------------------------------------------- |
| |
| To create a cluster: |
| |
| .. note:: |
| #. do not append a '-1' suffix (e.g. sb4-k8s) |
| #. increase count to the # of of kubernetes worker nodes you want (eg. 3) |
| |
| .. image:: K8s-Launch_new_VM_instance_to_create_a_Kubernetes_single_host_or_cluster.jpeg |
| |
| Select Ubuntu 16.04 as base image |
| --------------------------------- |
| Select "No" on "Create New Volume" |
| |
| .. image:: K8s-Select_Ubuntu_16.04_as_base_image.jpeg |
| |
| Select Flavor |
| ------------- |
| The size of a Kubernetes host depends on the size of the ONAP deployment that |
| will be installed. |
| |
| As of the Casablanca release a minimum 224GB will be needed to run a |
| full ONAP deployment (all components). It is recommended that more hosts are used |
| with fewer resources instead of only a few large hosts. For example 14 x 16GB hosts. |
| |
| If a small subset of ONAP components are being deployed for testing purposes, |
| then a single 16GB or 32GB host should suffice. |
| |
| .. image:: K8s-Select_Flavor.jpeg |
| |
| Networking |
| ----------- |
| |
| .. image:: K8s-Networking.jpeg |
| |
| Security Group |
| --------------- |
| |
| .. image:: K8s-Security_Group.jpeg |
| |
| Key Pair |
| -------- |
| Use an existing key pair (e.g. onap_key), import an existing one or create a |
| new one to assign. |
| |
| .. image:: K8s-Key_Pair.jpeg |
| |
| Apply customization script for Kubernetes VM(s) |
| ----------------------------------------------- |
| |
| Click :download:`openstack-k8s-node.sh <openstack-k8s-node.sh>` to |
| download the script. |
| |
| .. literalinclude:: openstack-k8s-node.sh |
| :language: bash |
| |
| This customization script will: |
| |
| * setup root access to the VM (comment out if you wish to disable this |
| capability and restrict access to ssh access only) |
| * install docker |
| * install kubectl |
| * install helm |
| * install nfs common (see configuration step here) |
| |
| .. note:: |
| Ensure you are using the correct versions as described in the |
| :ref:`cloud-setup-guide-label` |
| |
| Launch Instance |
| --------------- |
| |
| .. image:: K8s-Launch_Instance.jpeg |
| |
| Assign Floating IP for external access |
| -------------------------------------- |
| |
| .. image:: K8s-Manage_Floating_IP_Associations.jpeg |
| |
| .. image:: K8s-Launch_Instance.jpeg |
| |
| Setting up an NFS share for Multinode Kubernetes Clusters |
| ========================================================= |
| The figure below illustrates a possible topology of a multinode Kubernetes |
| cluster. |
| |
| .. image:: k8s-topology.jpg |
| |
| One node, the Master Node, runs Rancher and Helm clients and connects to all |
| the Kubernetes nodes in the cluster. Kubernetes nodes, in turn, run Rancher, |
| Kubernetes and Tiller (Helm) agents, which receive, execute, and respond to |
| commands issued by the Master Node (e.g. kubectl or helm operations). Note that |
| the Master Node can be either a remote machine that the user can log in to or a |
| local machine (e.g. laptop, desktop) that has access to the Kubernetes cluster. |
| |
| Deploying applications to a Kubernetes cluster requires Kubernetes nodes to |
| share a common, distributed filesystem. One node in the cluster plays the role |
| of NFS Master (not to confuse with the Master Node that runs Rancher and Helm |
| clients, which is located outside the cluster), while all the other cluster |
| nodes play the role of NFS slaves. In the figure above, the left-most cluster |
| node plays the role of NFS Master (indicated by the crown symbol). To properly |
| set up an NFS share on Master and Slave nodes, the user can run the scripts |
| below. |
| |
| Click :download:`master_nfs_node.sh <master_nfs_node.sh>` to download the script. |
| |
| .. literalinclude:: master_nfs_node.sh |
| :language: bash |
| |
| Click :download:`slave_nfs_node.sh <slave_nfs_node.sh>` to download the script. |
| |
| .. literalinclude:: slave_nfs_node.sh |
| :language: bash |
| |
| The master_nfs_node.sh script runs in the NFS Master node and needs the list of |
| NFS Slave nodes as input, e.g.:: |
| |
| > sudo ./master_nfs_node.sh node1_ip node2_ip ... nodeN_ip |
| |
| The slave_nfs_node.sh script runs in each NFS Slave node and needs the IP of |
| the NFS Master node as input, e.g.:: |
| |
| > sudo ./slave_nfs_node.sh master_node_ip |
| |
| Configuration (Rancher and Kubernetes) |
| ====================================== |
| |
| Access Rancher server via web browser |
| ------------------------------------- |
| (e.g. http://10.12.6.16:8080/env/1a5/apps/stacks) |
| |
| .. image:: Access_Rancher_server_via_web_browser.jpeg |
| |
| Add Kubernetes Environment to Rancher |
| ------------------------------------- |
| |
| 1. Select “Manage Environments” |
| |
| .. image:: Add_Kubernetes_Environment_to_Rancher.png |
| |
| 2. Select “Add Environment” |
| |
| .. image:: Select_Add_Environment.png |
| |
| 3. Add unique name for your new Rancher environment |
| |
| 4. Select the Kubernetes template |
| |
| 5. Click "create" |
| |
| .. image:: Click_create.jpeg |
| |
| 6. Select the new named environment (ie. SB4) from the dropdown list (top left). |
| |
| Rancher is now waiting for a Kubernetes Host to be added. |
| |
| .. image:: K8s-Assign_Floating_IP_for_external_access.jpeg |
| |
| Add Kubernetes Host |
| ------------------- |
| |
| 1. If this is the first (or only) host being added - click on the "Add a host" link |
| |
| .. image:: K8s-Assign_Floating_IP_for_external_access.jpeg |
| |
| and click on "Save" (accept defaults). |
| |
| .. image:: and_click_on_Save_accept_defaults.jpeg |
| |
| otherwise select INFRASTRUCTURE→ Hosts and click on "Add Host" |
| |
| .. image:: otherwise_select_INFRASTRUCTURE_Hosts_and_click_on_Add_Host.jpg |
| |
| 2. Enter the management IP for the k8s VM (e.g. 10.0.0.4) that was just created. |
| |
| 3. Click on “Copy to Clipboard” button |
| |
| 4. Click on “Close” button |
| |
| .. image:: Click_on_Close_button.jpeg |
| |
| Without the 10.0.0.4 IP - the CATTLE_AGENT will be derived on the host - but it |
| may not be a routable IP. |
| |
| Configure Kubernetes Host |
| ------------------------- |
| |
| 1. Login to the new Kubernetes Host:: |
| |
| > ssh -i ~/oom-key.pem ubuntu@10.12.5.1 |
| The authenticity of host '10.12.5.172 (10.12.5.172)' can't be established. |
| ECDSA key fingerprint is SHA256:tqxayN58nCJKOJcWrEZzImkc0qKQHDDfUTHqk4WMcEI. |
| Are you sure you want to continue connecting (yes/no)? yes |
| Warning: Permanently added '10.12.5.172' (ECDSA) to the list of known hosts. |
| Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.4.0-64-generic x86_64) |
| |
| * Documentation: https://help.ubuntu.com |
| * Management: https://landscape.canonical.com |
| * Support: https://ubuntu.com/advantage |
| |
| Get cloud support with Ubuntu Advantage Cloud Guest: |
| http://www.ubuntu.com/business/services/cloud |
| |
| 180 packages can be updated. |
| 100 updates are security updates. |
| |
| The programs included with the Ubuntu system are free software; |
| the exact distribution terms for each program are described in the |
| individual files in /usr/share/doc/*/copyright. |
| |
| Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by |
| applicable law. |
| |
| To run a command as administrator (user "root"), use "sudo <command>". |
| See "man sudo_root" for details. |
| |
| ubuntu@sb4-k8s-1:~$ |
| |
| |
| 2. Paste Clipboard content and hit enter to install Rancher Agent:: |
| |
| ubuntu@sb4-k8s-1:~$ sudo docker run -e CATTLE_AGENT_IP="10.0.0.4“ --rm --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/rancher:/var/lib/rancher rancher/agent:v1.2.9 http://10.12.6.16:8080/v1/scripts/5D757C68BD0A2125602A:1514678400000:yKW9xHGJDLvq6drz2eDzR2mjato |
| Unable to find image 'rancher/agent:v1.2.9' locally |
| v1.2.9: Pulling From rancher/agent |
| b3e1c725a85f: Pull complete |
| 6071086409fc: Pull complete |
| d0ac3b234321: Pull complete |
| 87f567b5cf58: Pull complete |
| a63e24b217c4: Pull complete |
| d0a3f58caef0: Pull complete |
| 16914729cfd3: Pull complete |
| dc5c21984c5b: Pull complete |
| d7e8f9784b20: Pull complete |
| Digest: sha256:c21255ac4d94ffbc7b523F870F20ea5189b68Fa3d642800adb4774aab4748e66 |
| Status: Downloaded newer image for rancher/agent:v1.2.9 |
| |
| INFO: Running Agent Registration Process, CATTLE_URL=http://10.12.6.16:8080/v1 |
| INFO: Attempting to connect to: http://10.12.6.16:8080/v1 |
| INFO: http://10.12.6.16:8080/v1 is accessible |
| INFO: Inspecting host capabilities |
| INFO: Boot2Docker: false |
| INFO: Host writable: true |
| INFO: Token: xxxxxxxx |
| INFO: Running registration |
| INFO: Printing Environment |
| INFO: ENV: CATTLE_ACCESS_KEY=98B35AC484FBF820E0AD |
| INFO: ENV: CATTLE_AGENT_IP=10.0.9.4 |
| INFO: ENV: CATTLE_HOME=/var/lib/cattle |
| INFO: ENV: CATTLE_REGISTRATION_ACCESS_KEY=registrationToken |
| INFO: ENV: CATTLE_REGISTRATION_SECRET_KEY=xxxxxxx |
| INFO: ENV: CATTLE_SECRET_KEY=xxxxxxx |
| INFO: ENV: CATTLE_URL=http://10.12.6.16:8080/v1 |
| INFO: ENV: DETECTED_CATTLE_AGENT_IP=10.12.5.172 |
| INFO: ENV: RANCHER_AGENT_IMAGE=rancher/agent:v1.2.9 |
| INFO: Launched Rancher Agent: c27ee0f3dc4c783b0db647ea1f73c35b3843a4b8d60b96375b1a05aa77d83136 |
| ubuntu@sb4-k8s-1:~$ |
| |
| 3. Return to Rancher environment (e.g. SB4) and wait for services to complete |
| (~ 10-15 mins) |
| |
| .. image:: Return_to_Rancher_environment_eg_SB4_and_wait_for_services_to_complete_10-15_mins.jpeg |
| |
| Configure kubectl and helm |
| ========================== |
| In this example we are configuring kubectl and helm that have been installed |
| (as a convenience) onto the rancher and kubernetes hosts. Typically you would |
| install them both on your PC and remotely connect to the cluster. The following |
| procedure would remain the same. |
| |
| 1. Click on CLI and then click on “Generate Config” |
| |
| .. image:: Click_on_CLI_and_then_click_on_Generate_Config.jpeg |
| |
| 2. Click on “Copy to Clipboard” - wait until you see a "token" - do not copy |
| user+password - the server is not ready at that point |
| |
| .. image:: Click_on_Copy_to_Clipboard-wait_until_you_see_a_token-do_not_copy_user+password-the_server_is_not_ready_at_that_point.jpeg |
| |
| 3. Create a .kube directory in user directory (if one does not exist):: |
| |
| ubuntu@sb4-kSs-1:~$ mkdir .kube |
| ubuntu@sb4-kSs-1:~$ vi .kube/config |
| |
| 4. Paste contents of Clipboard into a file called “config” and save the file:: |
| |
| apiVersion: v1 |
| kind : Config |
| clusters: |
| - cluster: |
| api-version: v1 |
| insecure-skip-tls-verify: true |
| server: "https://10.12.6.16:8080/r/projects/1a7/kubernetes:6443" |
| name: "SB4" |
| contexts: |
| - context: |
| cluster: "SB4" |
| user: "SB4" |
| name: "SB4" |
| current-context: "SB4" |
| users: |
| - name: "SB4" |
| user: |
| token: "QmFzaWMgTlRBd01qZzBOemc)TkRrMk1UWkNOMFpDTlVFNlExcHdSa1JhVZreE5XSm1TRGhWU2t0Vk1sQjVhalZaY0dWaFVtZGFVMHQzWW1WWVJtVmpSQT09" |
| |
| 5. Validate that kubectl is able to connect to the kubernetes cluster:: |
| |
| ubuntu@sb4-k8s-1:~$ kubectl config get-contexts |
| CURRENT NAME CLUSTER AUTHINFO NAMESPACE |
| * SB4 SB4 SB4 |
| ubuntu@sb4-kSs-1:~$ |
| |
| and show running pods:: |
| |
| ubuntu@sb4-k8s-1:~$ kubectl get pods --all-namespaces -o=wide |
| NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE |
| kube-system heapster—7Gb8cd7b5 -q7p42 1/1 Running 0 13m 10.42.213.49 sb4-k8s-1 |
| kube-system kube-dns-5d7bM87c9-c6f67 3/3 Running 0 13m 10.42.181.110 sb4-k8s-1 |
| kube-system kubernetes-dashboard-f9577fffd-kswjg 1/1 Running 0 13m 10.42.105.113 sb4-k8s-1 |
| kube-system monitoring-grafana-997796fcf-vg9h9 1/1 Running 0 13m 10.42,141.58 sb4-k8s-1 |
| kube-system monitoring-influxdb-56chd96b-hk66b 1/1 Running 0 13m 10.4Z.246.90 sb4-k8s-1 |
| kube-system tiller-deploy-cc96d4f6b-v29k9 1/1 Running 0 13m 10.42.147.248 sb4-k8s-1 |
| ubuntu@sb4-k8s-1:~$ |
| |
| 6. Validate helm is running at the right version. If not, an error like this |
| will be displayed:: |
| |
| ubuntu@sb4-k8s-1:~$ helm list |
| Error: incompatible versions c1ient[v2.9.1] server[v2.6.1] |
| ubuntu@sb4-k8s-1:~$ |
| |
| 7. Upgrade the server-side component of helm (tiller) via `helm init --upgrade`:: |
| |
| ubuntu@sb4-k8s-1:~$ helm init --upgrade |
| Creating /home/ubuntu/.helm |
| Creating /home/ubuntu/.helm/repository |
| Creating /home/ubuntu/.helm/repository/cache |
| Creating /home/ubuntu/.helm/repository/local |
| Creating /home/ubuntu/.helm/plugins |
| Creating /home/ubuntu/.helm/starters |
| Creating /home/ubuntu/.helm/cache/archive |
| Creating /home/ubuntu/.helm/repository/repositories.yaml |
| Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com |
| Adding local repo with URL: http://127.0.0.1:8879/charts |
| $HELM_HOME has been configured at /home/ubuntu/.helm. |
| |
| Tiller (the Helm server-side component) has been upgraded to the current version. |
| Happy Helming! |
| ubuntu@sb4-k8s-1:~$ |
| |
| ONAP Deployment via OOM |
| ======================= |
| Now that kubernetes and Helm are installed and configured you can prepare to |
| deploy ONAP. Follow the instructions in the README.md_ or look at the official |
| documentation to get started: |
| |
| - :ref:`quick-start-label` - deploy ONAP on an existing cloud |
| - :ref:`user-guide-label` - a guide for operators of an ONAP instance |
| |
| |