Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 1 | .. This work is licensed under a |
| 2 | .. Creative Commons Attribution 4.0 International License. |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 3 | .. http://creativecommons.org/licenses/by/4.0 |
Mike Elliott | f137b2c | 2019-04-30 16:28:07 -0400 | [diff] [blame] | 4 | .. Copyright 2019 Amdocs, Bell Canada |
Jessica Wagantall | afb1ead | 2020-04-09 12:39:10 -0700 | [diff] [blame] | 5 | .. _oom_quickstart_guide: |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 6 | .. _quick-start-label: |
| 7 | |
| 8 | OOM Quick Start Guide |
| 9 | ##################### |
| 10 | |
| 11 | .. figure:: oomLogoV2-medium.png |
| 12 | :align: right |
| 13 | |
| 14 | Once a kubernetes environment is available (follow the instructions in |
| 15 | :ref:`cloud-setup-guide-label` if you don't have a cloud environment |
| 16 | available), follow the following instructions to deploy ONAP. |
| 17 | |
| 18 | **Step 1.** Clone the OOM repository from ONAP gerrit:: |
| 19 | |
Mike Elliott | a6243a9 | 2019-10-01 13:19:31 -0400 | [diff] [blame] | 20 | > git clone -b <BRANCH> http://gerrit.onap.org/r/oom --recurse-submodules |
Roger Maitland | d1237f3 | 2018-03-26 13:14:04 -0400 | [diff] [blame] | 21 | > cd oom/kubernetes |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 22 | |
Mike Elliott | 1f34c06 | 2019-10-03 15:28:45 -0400 | [diff] [blame] | 23 | where <BRANCH> can be an offical release tag, such as |
Mike Elliott | a6243a9 | 2019-10-01 13:19:31 -0400 | [diff] [blame] | 24 | 4.0.0-ONAP for Dublin |
Mike Elliott | 1f34c06 | 2019-10-03 15:28:45 -0400 | [diff] [blame] | 25 | 5.0.1-ONAP for El Alto |
Sylvain Desbureaux | 18e8a0b | 2020-04-06 13:39:49 +0200 | [diff] [blame] | 26 | 6.0.0-ONAP for Frankfurt |
Mike Elliott | a6243a9 | 2019-10-01 13:19:31 -0400 | [diff] [blame] | 27 | |
Mike Elliott | f137b2c | 2019-04-30 16:28:07 -0400 | [diff] [blame] | 28 | **Step 2.** Install Helm Plugins required to deploy ONAP:: |
Pawel Wieczorek | aa859cd | 2019-01-23 17:32:18 +0100 | [diff] [blame] | 29 | |
| 30 | > sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 31 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 32 | |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 33 | **Step 3.** Customize the helm charts like `oom/kubernetes/onap/values.yaml` or an override |
| 34 | file like `onap-all.yaml`, `onap-vfw.yaml` or `openstack.yaml` file to suit your deployment |
| 35 | with items like the OpenStack tenant information. |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 36 | |
Mike Elliott | 474c350 | 2019-05-09 10:56:16 -0400 | [diff] [blame] | 37 | .. note:: |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 38 | Standard and example override files (e.g. `onap-all.yaml`, `openstack.yaml`) can be found in |
| 39 | the `oom/kubernetes/onap/resources/overrides/` directory. |
Mike Elliott | 474c350 | 2019-05-09 10:56:16 -0400 | [diff] [blame] | 40 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 41 | |
| 42 | a. You may want to selectively enable or disable ONAP components by changing |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 43 | the ``enabled: true/false`` flags. |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 44 | |
| 45 | |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 46 | b. Encrypt the OpenStack password using the shell tool for robot and put it in |
| 47 | the robot helm charts or robot section of `openstack.yaml` |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 48 | |
| 49 | |
| 50 | c. Encrypt the OpenStack password using the java based script for SO helm charts |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 51 | or SO section of `openstack.yaml`. |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 52 | |
| 53 | |
| 54 | d. Update the OpenStack parameters that will be used by robot, SO and APPC helm |
| 55 | charts or use an override file to replace them. |
| 56 | |
Sylvain Desbureaux | 18e8a0b | 2020-04-06 13:39:49 +0200 | [diff] [blame] | 57 | e. Add in the command line a value for the global master password (global.masterPassword). |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 58 | |
| 59 | |
| 60 | |
| 61 | a. Enabling/Disabling Components: |
Mike Elliott | f137b2c | 2019-04-30 16:28:07 -0400 | [diff] [blame] | 62 | Here is an example of the nominal entries that need to be provided. |
| 63 | We have different values file available for different contexts. |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 64 | |
Pawel Wieczorek | a1903d6 | 2019-11-14 14:19:59 +0100 | [diff] [blame] | 65 | .. literalinclude:: ../kubernetes/onap/values.yaml |
Mike Elliott | ed5ff71 | 2018-11-07 15:47:19 -0500 | [diff] [blame] | 66 | :language: yaml |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 67 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 68 | |
| 69 | b. Generating ROBOT Encrypted Password: |
| 70 | The ROBOT encrypted Password uses the same encryption.key as SO but an |
| 71 | openssl algorithm that works with the python based Robot Framework. |
| 72 | |
Abdelmuhaimen Seaudi | d7133a1 | 2018-07-18 10:59:20 +0000 | [diff] [blame] | 73 | .. note:: |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 74 | To generate ROBOT ``openStackEncryptedPasswordHere``:: |
Abdelmuhaimen Seaudi | d7133a1 | 2018-07-18 10:59:20 +0000 | [diff] [blame] | 75 | |
Pawel Wieczorek | d7a3035 | 2019-11-14 16:29:59 +0100 | [diff] [blame] | 76 | cd so/resources/config/mso/ |
| 77 | /oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p`` |
Abdelmuhaimen Seaudi | d7133a1 | 2018-07-18 10:59:20 +0000 | [diff] [blame] | 78 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 79 | c. Generating SO Encrypted Password: |
| 80 | The SO Encrypted Password uses a java based encryption utility since the |
| 81 | Java encryption library is not easy to integrate with openssl/python that |
Sylvain Desbureaux | 18e8a0b | 2020-04-06 13:39:49 +0200 | [diff] [blame] | 82 | ROBOT uses in Dublin and upper versions. |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 83 | |
| 84 | .. note:: |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 85 | To generate SO ``openStackEncryptedPasswordHere`` and ``openStackSoEncryptedPassword`` |
| 86 | ensure `default-jdk` is installed:: |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 87 | |
Pawel Wieczorek | d7a3035 | 2019-11-14 16:29:59 +0100 | [diff] [blame] | 88 | apt-get update; apt-get install default-jdk |
Brian Freeman | acf8cd8 | 2019-07-11 21:52:46 -0500 | [diff] [blame] | 89 | |
Pawel Wieczorek | d7a3035 | 2019-11-14 16:29:59 +0100 | [diff] [blame] | 90 | Then execute:: |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 91 | |
Pawel Wieczorek | d7a3035 | 2019-11-14 16:29:59 +0100 | [diff] [blame] | 92 | SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key` |
| 93 | OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX |
Mike Elliott | db27182 | 2019-06-06 08:06:19 -0400 | [diff] [blame] | 94 | |
Pawel Wieczorek | d7a3035 | 2019-11-14 16:29:59 +0100 | [diff] [blame] | 95 | git clone http://gerrit.onap.org/r/integration |
| 96 | cd integration/deployment/heat/onap-rke/scripts |
Brian Freeman | acf8cd8 | 2019-07-11 21:52:46 -0500 | [diff] [blame] | 97 | |
Pawel Wieczorek | d7a3035 | 2019-11-14 16:29:59 +0100 | [diff] [blame] | 98 | javac Crypto.java |
| 99 | java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY" |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 100 | |
| 101 | d. Update the OpenStack parameters: |
| 102 | |
Sylvain Desbureaux | 18e8a0b | 2020-04-06 13:39:49 +0200 | [diff] [blame] | 103 | There are assumptions in the demonstration VNF heat templates about the networking |
| 104 | available in the environment. To get the most value out of these templates and the |
| 105 | automation that can help confirm the setup is correct, please observe the following |
Brian Freeman | acf8cd8 | 2019-07-11 21:52:46 -0500 | [diff] [blame] | 106 | constraints. |
| 107 | |
Sylvain Desbureaux | 18e8a0b | 2020-04-06 13:39:49 +0200 | [diff] [blame] | 108 | |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 109 | ``openStackPublicNetId:`` |
Pawel Wieczorek | 63d70fd | 2019-11-14 18:32:57 +0100 | [diff] [blame] | 110 | This network should allow heat templates to add interfaces. |
| 111 | This need not be an external network, floating IPs can be assigned to the ports on |
| 112 | the VMs that are created by the heat template but its important that neutron allow |
| 113 | ports to be created on them. |
Brian Freeman | acf8cd8 | 2019-07-11 21:52:46 -0500 | [diff] [blame] | 114 | |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 115 | ``openStackPrivateNetCidr: "10.0.0.0/16"`` |
Pawel Wieczorek | 63d70fd | 2019-11-14 18:32:57 +0100 | [diff] [blame] | 116 | This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity. |
| 117 | The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the |
| 118 | demonstration ip addressing plan embodied in the preload template prevent conflicts when |
| 119 | instantiating the various VNFs. If you need to change this, you will need to modify the preload |
| 120 | data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data |
| 121 | in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect |
| 122 | to create. |
Brian Freeman | acf8cd8 | 2019-07-11 21:52:46 -0500 | [diff] [blame] | 123 | |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 124 | ``openStackOamNetworkCidrPrefix: "10.0"`` |
Pawel Wieczorek | 63d70fd | 2019-11-14 18:32:57 +0100 | [diff] [blame] | 125 | This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the |
| 126 | robot scripts for demonstration. A production deployment need not worry about this |
| 127 | setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix. |
Brian Freeman | acf8cd8 | 2019-07-11 21:52:46 -0500 | [diff] [blame] | 128 | |
| 129 | |
Sylvain Desbureaux | 18e8a0b | 2020-04-06 13:39:49 +0200 | [diff] [blame] | 130 | Example Keystone v2.0 |
Pawel Wieczorek | 3c7c6c7 | 2019-11-14 15:53:52 +0100 | [diff] [blame] | 131 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 132 | .. literalinclude:: example-integration-override.yaml |
| 133 | :language: yaml |
| 134 | |
Brian Freeman | acf8cd8 | 2019-07-11 21:52:46 -0500 | [diff] [blame] | 135 | Example Keystone v3 (required for Rocky and later releases) |
Pawel Wieczorek | 3c7c6c7 | 2019-11-14 15:53:52 +0100 | [diff] [blame] | 136 | |
Brian Freeman | acf8cd8 | 2019-07-11 21:52:46 -0500 | [diff] [blame] | 137 | .. literalinclude:: example-integration-override-v3.yaml |
| 138 | :language: yaml |
| 139 | |
| 140 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 141 | **Step 4.** To setup a local Helm server to server up the ONAP charts:: |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 142 | |
| 143 | > helm serve & |
| 144 | |
| 145 | Note the port number that is listed and use it in the Helm repo add as |
| 146 | follows:: |
| 147 | |
| 148 | > helm repo add local http://127.0.0.1:8879 |
| 149 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 150 | **Step 5.** Verify your Helm repository setup with:: |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 151 | |
| 152 | > helm repo list |
| 153 | NAME URL |
| 154 | local http://127.0.0.1:8879 |
| 155 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 156 | **Step 6.** Build a local Helm repository (from the kubernetes directory):: |
Roger Maitland | 9e5067c | 2018-03-27 10:57:08 -0400 | [diff] [blame] | 157 | |
Mike Elliott | ed5ff71 | 2018-11-07 15:47:19 -0500 | [diff] [blame] | 158 | > make all; make onap |
Roger Maitland | 9e5067c | 2018-03-27 10:57:08 -0400 | [diff] [blame] | 159 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 160 | **Step 7.** Display the onap charts that available to be deployed:: |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 161 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 162 | > helm search onap -l |
| 163 | |
Mike Elliott | ed5ff71 | 2018-11-07 15:47:19 -0500 | [diff] [blame] | 164 | .. literalinclude:: helm-search.txt |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 165 | |
| 166 | .. note:: |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 167 | The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use ``make`` to update your local Helm repository. |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 168 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 169 | **Step 8.** Once the repo is setup, installation of ONAP can be done with a |
| 170 | single command |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 171 | |
Mike Elliott | 474c350 | 2019-05-09 10:56:16 -0400 | [diff] [blame] | 172 | .. note:: |
Sylvain Desbureaux | 18e8a0b | 2020-04-06 13:39:49 +0200 | [diff] [blame] | 173 | The ``--timeout 900`` is currently required in Dublin and up to address long |
| 174 | running initialization tasks for DMaaP and SO. Without this timeout value both |
| 175 | applications may fail to deploy. |
| 176 | |
| 177 | .. danger:: |
| 178 | We've added the master password on the command line. |
| 179 | You shouldn't put it in a file for safety reason |
| 180 | please don't forget to change the value to something random |
| 181 | |
| 182 | A space is also added in front of the command so "history" doesn't catch it. |
| 183 | This masterPassword is very sensitive, please be careful! |
| 184 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 185 | |
Mike Elliott | 895ddcb | 2019-07-09 10:47:08 -0400 | [diff] [blame] | 186 | To deploy all ONAP applications use this command:: |
Roger Maitland | d1237f3 | 2018-03-26 13:14:04 -0400 | [diff] [blame] | 187 | |
Mike Elliott | 474c350 | 2019-05-09 10:56:16 -0400 | [diff] [blame] | 188 | > cd oom/kubernetes |
Sylvain Desbureaux | 18e8a0b | 2020-04-06 13:39:49 +0200 | [diff] [blame] | 189 | > helm deploy dev local/onap --namespace onap --set global.masterPassword=myAwesomePasswordThatINeedToChange -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900 |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 190 | |
Mike Elliott | 895ddcb | 2019-07-09 10:47:08 -0400 | [diff] [blame] | 191 | All override files may be customized (or replaced by other overrides) as per needs. |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 192 | |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 193 | `onap-all.yaml` |
Mike Elliott | 895ddcb | 2019-07-09 10:47:08 -0400 | [diff] [blame] | 194 | Enables the modules in the ONAP deployment. As ONAP is very modular, it is possible to customize ONAP and disable some components through this configuration file. |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 195 | |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 196 | `environment.yaml` |
Mike Elliott | 895ddcb | 2019-07-09 10:47:08 -0400 | [diff] [blame] | 197 | Includes configuration values specific to the deployment environment. |
| 198 | |
| 199 | Example: adapt readiness and liveness timers to the level of performance of your infrastructure |
| 200 | |
Pawel Wieczorek | 27c390c | 2019-11-15 11:12:02 +0100 | [diff] [blame] | 201 | `openstack.yaml` |
Mike Elliott | 895ddcb | 2019-07-09 10:47:08 -0400 | [diff] [blame] | 202 | Includes all the Openstack related information for the default target tenant you want to use to deploy VNFs from ONAP and/or additional parameters for the embedded tests. |
| 203 | |
| 204 | **Step 9.** Verify ONAP installation |
| 205 | |
| 206 | Use the following to monitor your deployment and determine when ONAP is ready for use:: |
Roger Maitland | 953b5f1 | 2018-03-22 15:24:04 -0400 | [diff] [blame] | 207 | |
Mike Elliott | 474c350 | 2019-05-09 10:56:16 -0400 | [diff] [blame] | 208 | > kubectl get pods -n onap -o=wide |
Mike Elliott | ed5ff71 | 2018-11-07 15:47:19 -0500 | [diff] [blame] | 209 | |
Mike Elliott | 895ddcb | 2019-07-09 10:47:08 -0400 | [diff] [blame] | 210 | .. note:: |
| 211 | While all pods may be in a Running state, it is not a guarantee that all components are running fine. |
Pawel Wieczorek | aa859cd | 2019-01-23 17:32:18 +0100 | [diff] [blame] | 212 | |
Pawel Wieczorek | d7a3035 | 2019-11-14 16:29:59 +0100 | [diff] [blame] | 213 | Launch the healthcheck tests using Robot to verify that the components are healthy:: |
Mike Elliott | ed5ff71 | 2018-11-07 15:47:19 -0500 | [diff] [blame] | 214 | |
Pawel Wieczorek | d7a3035 | 2019-11-14 16:29:59 +0100 | [diff] [blame] | 215 | > ~/oom/kubernetes/robot/ete-k8s.sh onap health |
Mike Elliott | 895ddcb | 2019-07-09 10:47:08 -0400 | [diff] [blame] | 216 | |
Pawel Wieczorek | d7a3035 | 2019-11-14 16:29:59 +0100 | [diff] [blame] | 217 | **Step 10.** Undeploy ONAP:: |
Mike Elliott | 895ddcb | 2019-07-09 10:47:08 -0400 | [diff] [blame] | 218 | |
Pawel Wieczorek | d7a3035 | 2019-11-14 16:29:59 +0100 | [diff] [blame] | 219 | > helm undeploy dev --purge |
Mike Elliott | ed5ff71 | 2018-11-07 15:47:19 -0500 | [diff] [blame] | 220 | |
Brian Freeman | cce79bd | 2019-04-17 10:34:32 -0500 | [diff] [blame] | 221 | More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins |