Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 1 | #!/bin/bash |
| 2 | ############################################################################# |
| 3 | # Copyright © 2019 Bell. |
| 4 | # |
| 5 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | # you may not use this file except in compliance with the License. |
| 7 | # You may obtain a copy of the License at |
| 8 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | # |
| 10 | # Unless required by applicable law or agreed to in writing, software |
| 11 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | # See the License for the specific language governing permissions and |
| 14 | # limitations under the License. |
| 15 | # |
| 16 | ############################################################################# |
| 17 | # |
| 18 | # This installation is for an RKE install of kubernetes |
| 19 | # after this run the standard oom install |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 20 | # this installation can be run on any ubuntu 16.04/18.04 VM, RHEL 7.6 (root only), physical or cloud azure/aws host |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 21 | # https://wiki.onap.org/display/DW/OOM+RKE+Kubernetes+Deployment |
| 22 | # source from https://jira.onap.org/browse/OOM-1598 |
| 23 | # |
| 24 | # master/dublin |
| 25 | # RKE 0.1.16 Kubernetes 1.11.6, kubectl 1.11.6, Helm 2.9.1, Docker 18.06 |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 26 | # 20190428 RKE 0.2.1, Kubernetes 1.13.5, kubectl 1.13.5, Helm 2.12.3, Docker 18.09.5 |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 27 | # single node install, HA pending |
| 28 | |
| 29 | usage() { |
| 30 | cat <<EOF |
| 31 | Usage: $0 [PARAMs] |
| 32 | example |
| 33 | sudo ./rke_setup.sh -b dublin -s rke.onap.cloud -e onap -l amdocs -v true |
| 34 | -u : Display usage |
| 35 | -b [branch] : branch = master or dublin (required) |
| 36 | -s [server] : server = IP or DNS name (required) |
| 37 | -e [environment] : use the default (onap) |
| 38 | -k [key] : ssh key name |
| 39 | -l [username] : login username account (use ubuntu for example) |
| 40 | EOF |
| 41 | } |
| 42 | |
| 43 | install_onap() { |
| 44 | #constants |
| 45 | PORT=8880 |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 46 | KUBERNETES_VERSION= |
| 47 | RKE_VERSION=0.2.1 |
| 48 | KUBECTL_VERSION=1.13.5 |
| 49 | HELM_VERSION=2.12.3 |
| 50 | DOCKER_VERSION=18.09 |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 51 | |
| 52 | # copy your private ssh key and cluster.yml file to the vm |
| 53 | # on your dev machine |
| 54 | #sudo cp ~/.ssh/onap_rsa . |
| 55 | #sudo chmod 777 onap_rsa |
| 56 | #scp onap_rsa ubuntu@192.168.241.132:~/ |
| 57 | # on this vm |
| 58 | #sudo chmod 400 onap_rsa |
| 59 | #sudo cp onap_rsa ~/.ssh |
| 60 | # make sure public key is insetup correctly in |
| 61 | # sudo vi ~/.ssh/authorized_keys |
| 62 | |
| 63 | echo "please supply your ssh key as provided by the -k keyname - it must be be chmod 400 and chown user:user in ~/.ssh/" |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 64 | echo "The RKE version specific cluster.yaml is already integrated in this script for 0.2.1 no need for below generation..." |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 65 | echo "rke config --name cluster.yml" |
| 66 | echo "specifically" |
| 67 | echo "address: $SERVER" |
| 68 | echo "user: $USERNAME" |
| 69 | echo "ssh_key_path: $SSHPATH_PREFIX/$SSHKEY" |
| 70 | |
| 71 | RKETOOLS= |
| 72 | HYPERCUBE= |
| 73 | POD_INFRA_CONTAINER= |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 74 | RKETOOLS=0.1.27 |
| 75 | HYPERCUBE=1.13.5-rancher1 |
| 76 | POD_INFRA_CONTAINER=rancher/pause:3.1 |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 77 | |
| 78 | cat > cluster.yml <<EOF |
| 79 | # generated from rke_setup.sh |
| 80 | nodes: |
| 81 | - address: $SERVER |
| 82 | port: "22" |
| 83 | internal_address: "" |
| 84 | role: |
| 85 | - controlplane |
| 86 | - worker |
| 87 | - etcd |
| 88 | hostname_override: "" |
| 89 | user: $USERNAME |
| 90 | docker_socket: /var/run/docker.sock |
| 91 | ssh_key: "" |
| 92 | ssh_key_path: $SSHPATH_PREFIX/$SSHKEY |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 93 | ssh_cert: "" |
| 94 | ssh_cert_path: "" |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 95 | labels: {} |
| 96 | services: |
| 97 | etcd: |
| 98 | image: "" |
| 99 | extra_args: {} |
| 100 | extra_binds: [] |
| 101 | extra_env: [] |
| 102 | external_urls: [] |
| 103 | ca_cert: "" |
| 104 | cert: "" |
| 105 | key: "" |
| 106 | path: "" |
| 107 | snapshot: null |
| 108 | retention: "" |
| 109 | creation: "" |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 110 | backup_config: null |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 111 | kube-api: |
| 112 | image: "" |
| 113 | extra_args: {} |
| 114 | extra_binds: [] |
| 115 | extra_env: [] |
| 116 | service_cluster_ip_range: 10.43.0.0/16 |
| 117 | service_node_port_range: "" |
| 118 | pod_security_policy: false |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 119 | always_pull_images: false |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 120 | kube-controller: |
| 121 | image: "" |
| 122 | extra_args: {} |
| 123 | extra_binds: [] |
| 124 | extra_env: [] |
| 125 | cluster_cidr: 10.42.0.0/16 |
| 126 | service_cluster_ip_range: 10.43.0.0/16 |
| 127 | scheduler: |
| 128 | image: "" |
| 129 | extra_args: {} |
| 130 | extra_binds: [] |
| 131 | extra_env: [] |
| 132 | kubelet: |
| 133 | image: "" |
| 134 | extra_args: |
| 135 | max-pods: 900 |
| 136 | extra_binds: [] |
| 137 | extra_env: [] |
| 138 | cluster_domain: cluster.local |
| 139 | infra_container_image: "" |
| 140 | cluster_dns_server: 10.43.0.10 |
| 141 | fail_swap_on: false |
| 142 | kubeproxy: |
| 143 | image: "" |
| 144 | extra_args: {} |
| 145 | extra_binds: [] |
| 146 | extra_env: [] |
| 147 | network: |
| 148 | plugin: canal |
| 149 | options: {} |
| 150 | authentication: |
| 151 | strategy: x509 |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 152 | sans: [] |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 153 | webhook: null |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 154 | system_images: |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 155 | etcd: rancher/coreos-etcd:v3.2.24-rancher1 |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 156 | alpine: rancher/rke-tools:v$RKETOOLS |
| 157 | nginx_proxy: rancher/rke-tools:v$RKETOOLS |
| 158 | cert_downloader: rancher/rke-tools:v$RKETOOLS |
| 159 | kubernetes_services_sidecar: rancher/rke-tools:v$RKETOOLS |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 160 | kubedns: rancher/k8s-dns-kube-dns:1.15.0 |
| 161 | dnsmasq: rancher/k8s-dns-dnsmasq-nanny:1.15.0 |
| 162 | kubedns_sidecar: rancher/k8s-dns-sidecar:1.15.0 |
| 163 | kubedns_autoscaler: rancher/cluster-proportional-autoscaler:1.0.0 |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 164 | kubernetes: rancher/hyperkube:v$HYPERCUBE |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 165 | flannel: rancher/coreos-flannel:v0.10.0-rancher1 |
| 166 | flannel_cni: rancher/flannel-cni:v0.3.0-rancher1 |
| 167 | calico_node: rancher/calico-node:v3.4.0 |
| 168 | calico_cni: rancher/calico-cni:v3.4.0 |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 169 | calico_controllers: "" |
| 170 | calico_ctl: rancher/calico-ctl:v2.0.0 |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 171 | canal_node: rancher/calico-node:v3.4.0 |
| 172 | canal_cni: rancher/calico-cni:v3.4.0 |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 173 | canal_flannel: rancher/coreos-flannel:v0.10.0 |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 174 | wave_node: weaveworks/weave-kube:2.5.0 |
| 175 | weave_cni: weaveworks/weave-npc:2.5.0 |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 176 | pod_infra_container: $POD_INFRA_CONTAINER |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 177 | ingress: rancher/nginx-ingress-controller:0.21.0-rancher3 |
| 178 | ingress_backend: rancher/nginx-ingress-controller-defaultbackend:1.4-rancher1 |
| 179 | metrics_server: rancher/metrics-server:v0.3.1 |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 180 | ssh_key_path: $SSHPATH |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 181 | ssh_cert_path: "" |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 182 | ssh_agent_auth: false |
| 183 | authorization: |
| 184 | mode: rbac |
| 185 | options: {} |
| 186 | ignore_docker_version: false |
| 187 | kubernetes_version: "$KUBERNETES_VERSION" |
| 188 | private_registries: [] |
| 189 | ingress: |
| 190 | provider: "" |
| 191 | options: {} |
| 192 | node_selector: {} |
| 193 | extra_args: {} |
| 194 | cluster_name: "" |
| 195 | cloud_provider: |
| 196 | name: "" |
| 197 | prefix_path: "" |
| 198 | addon_job_timeout: 0 |
| 199 | bastion_host: |
| 200 | address: "" |
| 201 | port: "" |
| 202 | user: "" |
| 203 | ssh_key: "" |
| 204 | ssh_key_path: "" |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 205 | ssh_cert: "" |
| 206 | ssh_cert_path: "" |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 207 | monitoring: |
| 208 | provider: "" |
| 209 | options: {} |
Michael O'Brien | b983114 | 2019-04-29 16:36:14 -0400 | [diff] [blame] | 210 | restore: |
| 211 | restore: false |
| 212 | snapshot_name: "" |
| 213 | dns: null |
Michael O'Brien | a3eb4e1 | 2019-02-23 19:44:56 -0500 | [diff] [blame] | 214 | EOF |
| 215 | |
| 216 | |
| 217 | |
| 218 | echo "Installing on ${SERVER} for ${BRANCH}: RKE: ${RKE_VERSION} Kubectl: ${KUBECTL_VERSION} Helm: ${HELM_VERSION} Docker: ${DOCKER_VERSION} username: ${USERNAME}" |
| 219 | sudo echo "127.0.0.1 ${SERVER}" >> /etc/hosts |
| 220 | echo "Install docker - If you must install as non-root - comment out the docker install below - run it separately, run the user mod, logout/login and continue this script" |
| 221 | curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh |
| 222 | sudo usermod -aG docker $USERNAME |
| 223 | |
| 224 | echo "Install RKE" |
| 225 | sudo wget https://github.com/rancher/rke/releases/download/v$RKE_VERSION/rke_linux-amd64 |
| 226 | mv rke_linux-amd64 rke |
| 227 | sudo chmod +x rke |
| 228 | sudo mv ./rke /usr/local/bin/rke |
| 229 | |
| 230 | echo "Install make - required for beijing+ - installed via yum groupinstall Development Tools in RHEL" |
| 231 | # ubuntu specific |
| 232 | sudo apt-get install make -y |
| 233 | |
| 234 | sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl |
| 235 | sudo chmod +x ./kubectl |
| 236 | sudo mv ./kubectl /usr/local/bin/kubectl |
| 237 | sudo mkdir ~/.kube |
| 238 | wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz |
| 239 | sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz |
| 240 | sudo mv linux-amd64/helm /usr/local/bin/helm |
| 241 | |
| 242 | echo "Bringing RKE up - using supplied cluster.yml" |
| 243 | sudo rke up |
| 244 | echo "wait 2 extra min for the cluster" |
| 245 | sleep 60 |
| 246 | echo "1 more min" |
| 247 | sleep 60 |
| 248 | echo "copy kube_config_cluter.yaml generated - to ~/.kube/config" |
| 249 | sudo cp kube_config_cluster.yml ~/.kube/config |
| 250 | # avoid using sudo for kubectl |
| 251 | sudo chmod 777 ~/.kube/config |
| 252 | echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added" |
| 253 | echo "kubectl get pods --all-namespaces" |
| 254 | kubectl get pods --all-namespaces |
| 255 | echo "install tiller/helm" |
| 256 | kubectl -n kube-system create serviceaccount tiller |
| 257 | kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller |
| 258 | helm init --service-account tiller |
| 259 | kubectl -n kube-system rollout status deploy/tiller-deploy |
| 260 | echo "upgrade server side of helm in kubernetes" |
| 261 | if [ "$USERNAME" == "root" ]; then |
| 262 | helm version |
| 263 | else |
| 264 | sudo helm version |
| 265 | fi |
| 266 | echo "sleep 30" |
| 267 | sleep 30 |
| 268 | if [ "$USERNAME" == "root" ]; then |
| 269 | helm init --upgrade |
| 270 | else |
| 271 | sudo helm init --upgrade |
| 272 | fi |
| 273 | echo "sleep 30" |
| 274 | sleep 30 |
| 275 | echo "verify both versions are the same below" |
| 276 | if [ "$USERNAME" == "root" ]; then |
| 277 | helm version |
| 278 | else |
| 279 | sudo helm version |
| 280 | fi |
| 281 | echo "start helm server" |
| 282 | if [ "$USERNAME" == "root" ]; then |
| 283 | helm serve & |
| 284 | else |
| 285 | sudo helm serve & |
| 286 | fi |
| 287 | echo "sleep 30" |
| 288 | sleep 30 |
| 289 | echo "add local helm repo" |
| 290 | if [ "$USERNAME" == "root" ]; then |
| 291 | helm repo add local http://127.0.0.1:8879 |
| 292 | helm repo list |
| 293 | else |
| 294 | sudo helm repo add local http://127.0.0.1:8879 |
| 295 | sudo helm repo list |
| 296 | fi |
| 297 | echo "To enable grafana dashboard - do this after running cd.sh which brings up onap - or you may get a 302xx port conflict" |
| 298 | echo "kubectl expose -n kube-system deployment monitoring-grafana --type=LoadBalancer --name monitoring-grafana-client" |
| 299 | echo "to get the nodeport for a specific VM running grafana" |
| 300 | echo "kubectl get services --all-namespaces | grep graf" |
| 301 | sudo docker version |
| 302 | helm version |
| 303 | kubectl version |
| 304 | kubectl get services --all-namespaces |
| 305 | kubectl get pods --all-namespaces |
| 306 | echo "finished!" |
| 307 | } |
| 308 | |
| 309 | BRANCH= |
| 310 | SERVER= |
| 311 | ENVIRON= |
| 312 | VALIDATE=false |
| 313 | USERNAME=ubuntu |
| 314 | SSHPATH_PREFIX=~/.ssh |
| 315 | |
| 316 | while getopts ":b:s:e:u:l:k:v" PARAM; do |
| 317 | case $PARAM in |
| 318 | u) |
| 319 | usage |
| 320 | exit 1 |
| 321 | ;; |
| 322 | b) |
| 323 | BRANCH=${OPTARG} |
| 324 | ;; |
| 325 | e) |
| 326 | ENVIRON=${OPTARG} |
| 327 | ;; |
| 328 | s) |
| 329 | SERVER=${OPTARG} |
| 330 | ;; |
| 331 | l) |
| 332 | USERNAME=${OPTARG} |
| 333 | ;; |
| 334 | k) |
| 335 | SSHKEY=${OPTARG} |
| 336 | ;; |
| 337 | v) |
| 338 | VALIDATE=${OPTARG} |
| 339 | ;; |
| 340 | ?) |
| 341 | usage |
| 342 | exit |
| 343 | ;; |
| 344 | esac |
| 345 | done |
| 346 | |
| 347 | if [[ -z $BRANCH ]]; then |
| 348 | usage |
| 349 | exit 1 |
| 350 | fi |
| 351 | |
| 352 | install_onap $BRANCH $SERVER $ENVIRON $USERNAME $SSHPATH_PREFIX $SSHKEY $VALIDATE |