blob: 4ccb20697962534351401d80ef6cd24fc2935a91 [file] [log] [blame]
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +01001# COPYRIGHT NOTICE STARTS HERE
2#
3# Copyright 2018 © Samsung Electronics Co., Ltd.
4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16#
17# COPYRIGHT NOTICE ENDS HERE
Petr Ospalý81001232019-01-02 15:52:24 +010018
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +010019#
20# this file contains shared variables and functions for the onap installer
21#
Petr Ospalý81001232019-01-02 15:52:24 +010022
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +010023# any script which needs this file can check this variable
24# and it will know immediately if the functions and variables
25# are loaded and usable
26IS_COMMON_FUNCTIONS_SOURCED=YES
Petr Ospalý81001232019-01-02 15:52:24 +010027
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +010028# setting of the path variables
29if [ -z "$APROJECT_DIR" ] ; then
30 INCLUDE_PATH="${LOCAL_PATH}"/"${RELATIVE_PATH}"
31 APROJECT_DIR=$(readlink -f "$INCLUDE_PATH"/../..)
32fi
Petr Ospalý81001232019-01-02 15:52:24 +010033
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +010034RESOURCES_DIR="$APROJECT_DIR/resources"
35BASH_SCRIPTS_DIR="$APROJECT_DIR/bash"
36NEXUS_DATA="$RESOURCES_DIR/nexus_data"
37CERTS_TARGET_PATH="$APROJECT_DIR/live/certs"
38NGINX_LOG_DIR="$APROJECT_DIR/live/nginx_logs"
39GEN_CFG_PATH="$APROJECT_DIR/live/cfg"
40GIT_REPOS="$RESOURCES_DIR/git-repo"
41NGINX_HTTP_DIR="$RESOURCES_DIR/http"
42RHEL_REPO="$RESOURCES_DIR/pkg/rhel"
Petr Ospalý81001232019-01-02 15:52:24 +010043
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +010044PATH="${PATH}:/usr/local/bin:/usr/local/sbin"
45export PATH
Petr Ospalý81001232019-01-02 15:52:24 +010046
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +010047# just self-defense against locale
48LANG=C
49export LANG
Petr Ospalý81001232019-01-02 15:52:24 +010050
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +010051# dns handling
52SIMUL_HOSTS="gcr.io \
53git.rancher.io \
54gerrit.onap.org \
55registry-1.docker.io \
56docker.io \
57registry.npmjs.org \
58nexus3.onap.org \
59nexus.onap.org \
60docker.elastic.co \
61www.getcloudify.org \
62www.springframework.org \
63registry.hub.docker.com \
64git.onap.org \
65repo1.maven.org \
66repo.maven.apache.org"
Petr Ospalý81001232019-01-02 15:52:24 +010067
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +010068# default credentials to the repository
69NEXUS_USERNAME=admin
70NEXUS_PASSWORD=admin123
71NEXUS_EMAIL=admin@onap.org
Petr Ospalý81001232019-01-02 15:52:24 +010072
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +010073# this function is intended to unify the installer output
74message() {
75 case "$1" in
76 info)
77 echo 'INFO:' "$@"
78 ;;
79 debug)
80 echo 'DEBUG:' "$@" >&2
81 ;;
82 warning)
83 echo 'WARNING [!]:' "$@" >&2
84 ;;
85 error)
86 echo 'ERROR [!!]:' "$@" >&2
87 return 1
88 ;;
89 *)
90 echo 'UNKNOWN [?!]:' "$@" >&2
91 return 2
92 ;;
93 esac
94 return 0
95}
96export message
Petr Ospalý81001232019-01-02 15:52:24 +010097
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +010098# if the environment variable DEBUG is set to DEBUG-ONAP ->
99# -> this function will print its arguments
100# otherwise nothing is done
101debug() {
102 [ "$DEBUG" = DEBUG-ONAP ] && message debug "$@"
103}
104export debug
Petr Ospalý81001232019-01-02 15:52:24 +0100105
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100106fail() {
107 message error "$@"
108 exit 1
109}
Petr Ospalý81001232019-01-02 15:52:24 +0100110
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100111retry() {
112 local n=1
113 local max=5
114 while ! "$@"; do
115 if [ $n -lt $max ]; then
116 n=$((n + 1))
117 message warning "Command ${@} failed. Attempt: $n/$max"
118 message info "waiting 10s for another try..."
119 sleep 10s
120 else
121 fail "Command ${@} failed after $n attempts. Better to abort now."
122 fi
123 done
124}
Petr Ospalý81001232019-01-02 15:52:24 +0100125
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100126may_self_extract() {
127 # extract and untar to the current directory
128 sed '0,/^# PAYLOAD BELOW #$/d' "$0" | tar -xvpf - ;
129}
Petr Ospalý81001232019-01-02 15:52:24 +0100130
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100131update_hosts() {
132 if grep -q "^[^#]\+\s$SIMUL_HOSTS\s*\$" /etc/hosts ; then
133 message info "simulated domains already in /etc/hosts"
134 else
135 echo "$LOCAL_IP $SIMUL_HOSTS" >> /etc/hosts
136 message info "simulated domains added to /etc/hosts (please check it)"
137 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100138
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100139 if grep -q "^[^#]\+\s$NEXUS_FQDN\s*\$" /etc/hosts ; then
140 message info "nexus FQDN already in /etc/hosts"
141 else
142 echo "$LOCAL_IP $NEXUS_FQDN" >> /etc/hosts
143 message info "Nexus FQDN added to /etc/hosts (please check it)"
144 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100145
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100146 if grep -q "^[^#]\+\srepo.install-server\s*\$" /etc/hosts ; then
147 message info "custom repo FQDN already in /etc/hosts"
148 else
149 echo "$LOCAL_IP repo.install-server" >> /etc/hosts
150 message info "Nexus FQDN added to /etc/hosts (please check it)"
151 fi
152}
Petr Ospalý81001232019-01-02 15:52:24 +0100153
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100154get_cfg_val() {
155 name="$1"
156 shift
157 ask="$@"
Petr Ospalý81001232019-01-02 15:52:24 +0100158
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100159 value=$(eval "echo \$${name}")
160 if [ -z "$value" ]; then
161 while [ -z "$value" ] ; do
162 printf "${ask}"
163 read -r $name
Petr Ospalý81001232019-01-02 15:52:24 +0100164
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100165 value=$(eval "echo \$${name}")
166 done
167 echo "${name}='${value}'" >> ./local_repo.conf
168 fi
169}
Petr Ospalý81001232019-01-02 15:52:24 +0100170
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100171get_configuration() {
172 if [ -f ./local_repo.conf ]; then
173 . ./local_repo.conf
174 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100175
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100176 if [ -z "${NEXUS_FQDN}" ]; then
177 NEXUS_FQDN="nexus.$HOSTNAME"
178 echo "NEXUS_FQDN='${NEXUS_FQDN}'" >> ./local_repo.conf
179 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100180
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100181 if [ -z "${ONAP_SCALE}" ]; then
182 ONAP_SCALE=full
183 echo "ONAP_SCALE='${ONAP_SCALE}'" >> ./local_repo.conf
184 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100185
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100186 # nexus should be configured using those default entries
187 # if it was not put the correct inputs instead
188 if [ -z "${NPM_USERNAME}" ]; then
189 NPM_USERNAME="${NEXUS_USERNAME}"
190 echo "NPM_USERNAME='${NPM_USERNAME}'" >> ./local_repo.conf
191 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100192
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100193 if [ -z "${NPM_PASSWORD}" ]; then
194 NPM_PASSWORD="${NEXUS_PASSWORD}"
195 echo "NPM_PASSWORD='${NPM_PASSWORD}'" >> ./local_repo.conf
196 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100197
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100198 if [ -z "${NPM_EMAIL}" ]; then
199 NPM_EMAIL="$NEXUS_EMAIL"
200 echo "NPM_EMAIL='${NPM_EMAIL}'" >> ./local_repo.conf
201 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100202
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100203 export NEXUS_FQDN
204 export ONAP_SCALE
205 export NPM_USERNAME
206 export NPM_PASSWORD
207 export NPM_EMAIL
Petr Ospalý81001232019-01-02 15:52:24 +0100208
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100209 NODE_USERNAME="root"
Petr Ospalý81001232019-01-02 15:52:24 +0100210
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100211 if [ -z "$LOCAL_IP" ] ; then
212 echo
213 echo "======= Mandatory configuration ======="
214 echo
215 message info "fill in these mandatory configuration values"
216 get_cfg_val "LOCAL_IP" "Enter the public IPv4 used for this '$HOSTNAME' install machine," \
217 "\nDO NOT USE LOOPBACK! (for example: 10.0.0.1): "
218 fi
219}
Petr Ospalý81001232019-01-02 15:52:24 +0100220
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100221enable_local_repo() {
222 sed -r "s%PATH%file://$APROJECT_DIR/resources/pkg/rhel%" "$APROJECT_DIR/resources/pkg/rhel/onap.repo" > /etc/yum.repos.d/onap.repo
223}
Petr Ospalý81001232019-01-02 15:52:24 +0100224
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100225install_packages() {
226 os_id="$1"
Petr Ospalý81001232019-01-02 15:52:24 +0100227
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100228 message info "Installing packages"
Petr Ospalý81001232019-01-02 15:52:24 +0100229
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100230 case "$os_id" in
231 centos)
232 yum -y install "$APROJECT_DIR/resources/pkg/centos/*.rpm"
233 ;;
234 rhel)
235 enable_local_repo
236 yum -y install docker-ce dnsmasq icewm firefox tigervnc-server
237 systemctl enable docker
238 systemctl start docker
239 ;;
240 ubuntu)
241 dpkg -i "$APROJECT_DIR/resources/pkg/ubuntu/*.deb"
242 ;;
243 *)
244 message error "OS release is not supported: $os_id"
245 message info "ABORTING INSTALLATION"
246 exit 1
247 ;;
248 esac
249}
Petr Ospalý81001232019-01-02 15:52:24 +0100250
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100251install_files() {
252 message info "installation of external binaries"
253 for binary in kubectl helm rancher jq ; do
254 cp "$APROJECT_DIR/resources/downloads/${binary}" /usr/local/bin/
255 chmod 755 "/usr/local/bin/${binary}"
256 done
257 mkdir ~/.kube
258}
Petr Ospalý81001232019-01-02 15:52:24 +0100259
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100260setup_vnc_server() {
261 mkdir -p ~/.vnc ~/.icewm
262 echo "onap" | vncpasswd -f > ~/.vnc/passwd
263 chmod 0600 ~/.vnc/passwd
Petr Ospalý81001232019-01-02 15:52:24 +0100264
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100265 cat > ~/.vnc/xstartup <<EOF
266#!/bin/sh
Petr Ospalý81001232019-01-02 15:52:24 +0100267
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100268unset SESSION_MANAGER
269unset DBUS_SESSION_BUS_ADDRESS
270exec icewm-session
Petr Ospalý81001232019-01-02 15:52:24 +0100271
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100272EOF
Petr Ospalý81001232019-01-02 15:52:24 +0100273
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100274chmod +x ~/.vnc/xstartup
Petr Ospalý81001232019-01-02 15:52:24 +0100275
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100276 cat > ~/.icewm/menu <<EOF
277prog Firefox firefox firefox
278separator
Petr Ospalý81001232019-01-02 15:52:24 +0100279
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100280EOF
281vncserver
282}
Petr Ospalý81001232019-01-02 15:52:24 +0100283
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100284update_docker_cfg() {
285 if [ -f "/etc/docker/daemon.json" ]; then
286 jq '.dns += ["172.17.0.1"]' /etc/docker/daemon.json > /tmp/daemon.json
287 mv /tmp/daemon.json /etc/docker/daemon.json
288 else
289 echo '{"dns": ["172.17.0.1"]}' > /etc/docker/daemon.json
290 fi
291}
Petr Ospalý81001232019-01-02 15:52:24 +0100292
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100293create_root_CA() {
294 echo "** Generate certificates **"
295 openssl genrsa -out $CERTS_TARGET_PATH/rootCA.key 4096
Petr Ospalý81001232019-01-02 15:52:24 +0100296
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100297 echo "** Generate self signed ***"
298 openssl req -config $GEN_CFG_PATH/cacert.cnf -key $CERTS_TARGET_PATH/rootCA.key -new -x509 -days 7300 -sha256 -extensions v3_ca \
299 -out $CERTS_TARGET_PATH/rootCAcert.pem
Petr Ospalý81001232019-01-02 15:52:24 +0100300
301
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100302 # convert to crt
303 openssl x509 -in $CERTS_TARGET_PATH/rootCAcert.pem -inform PEM -out $CERTS_TARGET_PATH/rootCAcert.crt
304}
Petr Ospalý81001232019-01-02 15:52:24 +0100305
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100306install_root_CA() {
307 os=$1
308 echo "** Publishing root CA **"
309 if [ "$os" == "redhat" ]; then
310 # for centos
311 update-ca-trust force-enable
312 cp $CERTS_TARGET_PATH/rootCAcert.crt /etc/pki/ca-trust/source/anchors/
313 update-ca-trust extract
314 elif [ "$os" == "ubuntu" ]; then
315 mkdir -p /usr/local/share/ca-certificates/extra
316 cp $CERTS_TARGET_PATH/rootCAcert.crt /usr/local/share/ca-certificates/extra
317 update-ca-certificates
318 else
319 echo "OS \"$os\" is not supported"
320 exit -2
321 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100322
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100323 echo "** Restart docker (because of reload new CA) **"
324 systemctl restart docker
Petr Ospalý81001232019-01-02 15:52:24 +0100325
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100326}
Petr Ospalý81001232019-01-02 15:52:24 +0100327
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100328create_cert() {
329 server_name=$1
Petr Ospalý81001232019-01-02 15:52:24 +0100330
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100331 openssl genrsa -out $CERTS_TARGET_PATH/${server_name}_server.key 4096
332 echo "** Generate sig request ***"
333 openssl req -new -config $GEN_CFG_PATH/${server_name}_cert.cnf -key $CERTS_TARGET_PATH/${server_name}_server.key -out $CERTS_TARGET_PATH/${server_name}_server.csr
Petr Ospalý81001232019-01-02 15:52:24 +0100334
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100335 # v3.ext must be in separate file , because of bug in openssl 1.0
336 echo "** sign **"
337 openssl x509 -req -in $CERTS_TARGET_PATH/${server_name}_server.csr\
338 -extfile $GEN_CFG_PATH/v3.ext\
339 -CA $CERTS_TARGET_PATH/rootCAcert.crt\
340 -CAkey $CERTS_TARGET_PATH/rootCA.key\
341 -CAcreateserial -out $CERTS_TARGET_PATH/${server_name}_server.crt -days 3650 -sha256
342}
Petr Ospalý81001232019-01-02 15:52:24 +0100343
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100344create_all_certs() {
345 create_cert "nexus"
346}
Petr Ospalý81001232019-01-02 15:52:24 +0100347
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100348update_firewall() {
Petr Ospalý81001232019-01-02 15:52:24 +0100349# TODO
350#firewall-cmd --permanent --add-port=53/udp
351#firewall-cmd --permanent --add-port=53/tcp
352#firewall-cmd --permanent --add-port=10001/tcp
353#firewall-cmd --permanent --add-port=80/tcp
354#firewall-cmd --permanent --add-port=443/tcp
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100355return 0
356}
Petr Ospalý81001232019-01-02 15:52:24 +0100357
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100358distribute_root_CA() {
359 targetip=$1
360 scp $APROJECT_DIR/install_cacert.sh $targetip:.
361 ssh $targetip ./install_cacert.sh
362 echo "** Add DNS record to remote host **"
363 ssh $targetip "echo nameserver $LOCAL_IP > /etc/resolv.conf"
364}
Petr Ospalý81001232019-01-02 15:52:24 +0100365
366upload_ansible_pkgs() {
367 os=$1
368 targetip=$2
369 #if [[ $os == "ubuntu" ]]; then
370 # those deb & whl packages are needed for sdnc-ansible-server pod
371 # independently on host OS distros
372 echo "** Copy required packages for sdnc-ansible-pod to kubernetes node $targetip **"
373 scp -r $APROJECT_DIR/resources/pkg/ubuntu/ansible_pkg $targetip:.
374 #fi
375}
376
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100377remote_setup_nfs_server() {
378 os=$1
379 targetip=$2
380 shift 2
381 scp $APROJECT_DIR/bash/tools/setup_nfs_server_${os}.sh $targetip:setup_nfs_server.sh
382 if [[ $os == "ubuntu" ]]; then
383 scp -r $APROJECT_DIR/resources/pkg/ubuntu/nfs-common-pkg/* $targetip:.
384 ssh $targetip dpkg -i *.deb
385 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100386
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100387 ssh $targetip /bin/bash ./setup_nfs_server.sh "$@"
388}
Petr Ospalý81001232019-01-02 15:52:24 +0100389
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100390remote_setup_nfs_mount() {
391 os=$1
392 targetip=$2
393 nfsip=$3
394 scp $APROJECT_DIR/bash/tools/setup_nfs_mount.sh $targetip:.
395 if [[ $os == "ubuntu" ]]; then
396 scp -r $APROJECT_DIR/resources/pkg/ubuntu/nfs-common-pkg/* $targetip:.
397 ssh $targetip dpkg -i *.deb
398 fi
399 ssh $targetip /bin/bash ./setup_nfs_mount.sh $nfsip
400}
Petr Ospalý81001232019-01-02 15:52:24 +0100401
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100402enable_remote_repo() {
403 targetip=$1
404 sed -r "s%PATH%http://repo.install-server%" $APROJECT_DIR/resources/pkg/rhel/onap.repo | ssh $targetip 'cat > /etc/yum.repos.d/onap.repo'
405}
Petr Ospalý81001232019-01-02 15:52:24 +0100406
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100407install_remote_docker() {
408 targetip=$1
409 os=$2
410 if [[ $os == "ubuntu" ]]; then
411 scp -r $APROJECT_DIR/resources/pkg/ubuntu/{docker-ce_17.03.2~ce-0~ubuntu-xenial_amd64.deb,libltdl7_2.4.6-0.1_amd64.deb} $targetip:.
412 ssh $targetip dpkg -i *.deb
413 elif [[ $os == "rhel" ]]; then
414 ssh $targetip yum -y install docker-ce
415 fi
416 ssh $targetip "mkdir -p /etc/docker"
417 scp "$APROJECT_DIR/resources/downloads/jq" $targetip:/usr/local/bin/
418 ssh $targetip "if [[ -f /etc/docker/daemon.json ]]; then
419 jq '.dns += [\"$LOCAL_IP\"]' /etc/docker/daemon.json > /tmp/daemon.json
420 mv /tmp/daemon.json /etc/docker/daemon.json
421 else
422 echo {'\"'dns'\"': ['\"'$LOCAL_IP'\"']} > /etc/docker/daemon.json
423 fi"
Petr Ospalý81001232019-01-02 15:52:24 +0100424
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100425 ssh $targetip 'systemctl enable docker; systemctl restart docker'
426}
Petr Ospalý81001232019-01-02 15:52:24 +0100427
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100428deploy_rancher() {
429 docker run -d --entrypoint "/bin/bash" --restart=unless-stopped -p 8080:8080 \
430 -v $CERTS_TARGET_PATH:/usr/local/share/ca-certificates/extra:ro \
431 --name rancher_server rancher/server:v1.6.14 \
432 -c "/usr/sbin/update-ca-certificates;/usr/bin/entry /usr/bin/s6-svscan /service"
433 echo "** wait until rancher is ready **"
434}
Petr Ospalý81001232019-01-02 15:52:24 +0100435
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100436deploy_kubernetes() {
437 os=$1
438 set +e
439 for i in `seq 5 -1 1`; do
440 API_RESPONSE=`curl -s 'http://127.0.0.1:8080/v2-beta/apikey' \
441 -d '{"type":"apikey","accountId":"1a1","name":"autoinstall"\
442 ,"description":"autoinstall","created":null,"kind":null,\
443 "removeTime":null,"removed":null,"uuid":null}'`
444 if [[ "$?" -eq 0 ]]; then
445 KEY_PUBLIC=`echo $API_RESPONSE | jq -r .publicValue`
446 KEY_SECRET=`echo $API_RESPONSE | jq -r .secretValue`
447 break
448 fi
449 echo "Waiting for rancher server to start"
450 sleep 60
451 done
452 set -e
453 export RANCHER_URL=http://${LOCAL_IP}:8080
454 export RANCHER_ACCESS_KEY=$KEY_PUBLIC
455 export RANCHER_SECRET_KEY=$KEY_SECRET
Petr Ospalý81001232019-01-02 15:52:24 +0100456
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100457 rancher env ls
458 echo "wait 60 sec for rancher environments can settle before we create the onap kubernetes one"
459 sleep 60
Petr Ospalý81001232019-01-02 15:52:24 +0100460
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100461 rancher env create -t kubernetes onap > kube_env_id.json
462 PROJECT_ID=$(<kube_env_id.json)
463 echo "env id: $PROJECT_ID"
464 export RANCHER_HOST_URL=http://${LOCAL_IP}:8080/v1/projects/$PROJECT_ID
Petr Ospalý81001232019-01-02 15:52:24 +0100465
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100466 for i in `seq 5`; do
467 status=$(rancher env ls | grep $PROJECT_ID | awk '{print $4}')
468 if [[ "$status" == "active" ]]; then
469 echo "Check on environments again before registering the URL response"
470 rancher env ls
471 break
472 fi
473 echo "Wait for environment to become active"
474 sleep 30
475 done
Petr Ospalý81001232019-01-02 15:52:24 +0100476
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100477 REG_URL_RESPONSE=`curl -X POST -u $KEY_PUBLIC:$KEY_SECRET -H 'Accept: application/json' -H 'ContentType: application/json' -d '{"name":"$LOCAL_IP"}' "http://$LOCAL_IP:8080/v1/projects/$PROJECT_ID/registrationtokens"`
478 echo "wait for server to finish url configuration - 3 min"
479 sleep 180
480 # see registrationUrl in
481 REGISTRATION_TOKENS=`curl http://127.0.0.1:8080/v2-beta/registrationtokens`
482 REGISTRATION_DOCKER=`echo $REGISTRATION_TOKENS | jq -r .data[0].image`
483 REGISTRATION_TOKEN=`echo $REGISTRATION_TOKENS | jq -r .data[0].token`
Petr Ospalý81001232019-01-02 15:52:24 +0100484
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100485 # base64 encode the kubectl token from the auth pair
486 # generate this after the host is registered
487 KUBECTL_TOKEN=$(echo -n 'Basic '$(echo -n "$RANCHER_ACCESS_KEY:$RANCHER_SECRET_KEY" | base64 -w 0) | base64 -w 0)
488 echo "KUBECTL_TOKEN base64 encoded: ${KUBECTL_TOKEN}"
489 cat > ~/.kube/config <<EOF
490apiVersion: v1
491kind: Config
492clusters:
493- cluster:
494 api-version: v1
495 insecure-skip-tls-verify: true
496 server: "https://$LOCAL_IP:8080/r/projects/$PROJECT_ID/kubernetes:6443"
497 name: "onap"
498contexts:
499- context:
500 cluster: "onap"
501 user: "onap"
502 name: "onap"
503current-context: "onap"
504users:
505- name: "onap"
506 user:
507 token: "$KUBECTL_TOKEN"
Petr Ospalý81001232019-01-02 15:52:24 +0100508
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100509EOF
Petr Ospalý81001232019-01-02 15:52:24 +0100510
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100511 if [[ $os == "rhel" ]]; then
512 echo "Upgrade datavolume for RHEL"
513 KUBELET_ID=`curl http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/ | jq -r '.data[] | select(.name=="kubelet")'.id`
514 OLD_LAUNCH_CONFIG=`curl http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID} | jq '.launchConfig'`
515 NEW_LAUNCH_CONFIG=`echo $OLD_LAUNCH_CONFIG | jq '.dataVolumes[2]="/sys/fs/cgroup:/sys/fs/cgroup:ro,rprivate"'`
Petr Ospalý81001232019-01-02 15:52:24 +0100516
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100517 DATA="{
518 \"inServiceStrategy\": {
519 \"batchSize\": 1,
520 \"intervalMillis\": 2000,
521 \"startFirst\": false,
522 \"launchConfig\": ${NEW_LAUNCH_CONFIG},
523 \"secondaryLaunchConfigs\": []
524 }
525 }"
526 curl -s -u $KEY_PUBLIC:$KEY_SECRET -X POST -H 'Content-Type: application/json' -d "${DATA}" "http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID}?action=upgrade" > /dev/null
Petr Ospalý81001232019-01-02 15:52:24 +0100527
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100528 echo "Give environment time to update (30 sec)"
529 sleep 30
Petr Ospalý81001232019-01-02 15:52:24 +0100530
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100531 curl -s -u $KEY_PUBLIC:$KEY_SECRET -X POST "http://${LOCAL_IP}:8080/v2-beta/projects/${PROJECT_ID}/services/${KUBELET_ID}?action=finishupgrade" > /dev/null
532 fi
533}
Petr Ospalý81001232019-01-02 15:52:24 +0100534
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100535deploy_rancher_agent() {
536 nodeip=$1
537 if [ -z "$REGISTRATION_DOCKER" ]; then
538 echo "ASSERT: Missing REGISTRATION_DOCKER"
539 exit 1
540 fi
541 if [ -z "$RANCHER_URL" ]; then
542 echo "ASSERT: Missing RANCHER_URL"
543 exit 1
544 fi
545 if [ -z "$REGISTRATION_TOKEN" ]; then
546 echo "ASSERT: Missing REGISTRATION_TOKEN"
547 exit 1
548 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100549
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100550 ssh $nodeip "docker run --rm --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/racher:/var/lib/rancher $REGISTRATION_DOCKER $RANCHER_URL/v1/scripts/$REGISTRATION_TOKEN"
551 echo "waiting 2 min for creating kubernetes environment"
552 sleep 120
553}
Petr Ospalý81001232019-01-02 15:52:24 +0100554
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100555deploy_node() {
556 nodeip=$1
557 os=$2
558 echo "Deploying node $nodeip"
559 distribute_root_CA $nodeip
560 install_remote_docker $nodeip $os
561 deploy_rancher_agent $nodeip
562}
Petr Ospalý81001232019-01-02 15:52:24 +0100563
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100564deploy_onap() {
565 pushd $APROJECT_DIR/resources/oom/kubernetes
566 helm init --upgrade --skip-refresh
567 # this might fail
568 set +e
569 helm repo remove stable
570 set -e
571 helm serve &
572 echo "wait a moment before helm will come up ..."
573 sleep 5
574 helm repo add local http://127.0.0.1:8879
575 make all
576 #Pass the CA certificate contents directly during installation.
577 helm install local/onap -n dev --namespace onap \
578 --set "global.cacert=$(cat ${CERTS_TARGET_PATH}/rootCAcert.crt)"
579 popd
580}
Petr Ospalý81001232019-01-02 15:52:24 +0100581
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100582expand_file() {
583 file=$1
584 # print warning if patched file does not exist as some charts
585 # might not be available for some deployments
586 if [ ! -f "$file" ]; then
587 echo "WARNING: Can't patch file $file because this file does not exists."
588 return 0
589 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100590
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100591 shift
Petr Ospalý81001232019-01-02 15:52:24 +0100592
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100593 for ivar in "$@" ; do
594 ivalue=$(eval 'echo "$'${ivar}'"')
595 sed -i "s#${ivar}#${ivalue}#g" "$file"
596 done
597}
Petr Ospalý81001232019-01-02 15:52:24 +0100598
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100599patch_npm_oom() {
600 if [ -z "$LOCAL_IP" ] ; then
601 echo "ERROR: LOCAL_IP unset"
602 return 1
603 fi
604 if [ -z "$NEXUS_FQDN" ] ; then
605 echo "ERROR: NEXUS_FQDN unset"
606 return 1
607 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100608
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100609 UPDATE_HOSTS_FILE="$LOCAL_IP $NEXUS_FQDN"
610 UPDATE_NPM_REGISTRY="npm set registry \"http://${NEXUS_FQDN}/repository/npm-private/\""
Petr Ospalý81001232019-01-02 15:52:24 +0100611
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100612 expand_file $APROJECT_DIR/resources/oom/kubernetes/common/dgbuilder/templates/deployment.yaml \
613 UPDATE_HOSTS_FILE \
614 UPDATE_NPM_REGISTRY
615 expand_file $APROJECT_DIR/resources/oom/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml \
616 UPDATE_HOSTS_FILE \
617 UPDATE_NPM_REGISTRY
618}
Petr Ospalý81001232019-01-02 15:52:24 +0100619
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100620patch_spring_oom() {
621 if [ -z "$LOCAL_IP" ] ; then
622 echo "ERROR: LOCAL_IP unset"
623 return 1
624 fi
Petr Ospalý81001232019-01-02 15:52:24 +0100625
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100626 UPDATE_HOSTS_FILE="$LOCAL_IP www.springframework.org"
627 expand_file $APROJECT_DIR/resources/oom/kubernetes/dmaap/charts/message-router/templates/deployment.yaml \
628 UPDATE_HOSTS_FILE
629}
Petr Ospalý81001232019-01-02 15:52:24 +0100630
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100631patch_cfy_manager_depl() {
632 os="$1"
633 file="${APROJECT_DIR}/resources/oom/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml"
Petr Ospalý81001232019-01-02 15:52:24 +0100634
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100635 case "$os" in
636 centos|rhel)
637 CERT_PATH="/etc/pki/ca-trust/source/anchors"
638 ;;
639 ubuntu)
640 CERT_PATH="/usr/local/share/ca-certificates/extra"
641 ;;
642 '')
643 echo "ERROR: missing argument"
644 return 1
645 ;;
646 *)
647 echo "ERROR: unknown OS: ${os}"
648 return 1
649 ;;
650 esac
Petr Ospalý81001232019-01-02 15:52:24 +0100651
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100652 expand_file "$file" CERT_PATH
653}
Petr Ospalý81001232019-01-02 15:52:24 +0100654
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100655copy_onap_values_file() {
Petr Ospalý81001232019-01-02 15:52:24 +0100656 cp "${APROJECT_DIR}/${CUSTOM_CFG_RELPATH:-cfg}/${ONAP_SCALE}_depl_values.yaml" \
Piotr Perzanowskia69b4f62018-12-18 12:12:51 +0100657 "${APROJECT_DIR}/resources/oom/kubernetes/onap/values.yaml"
Petr Ospalý81001232019-01-02 15:52:24 +0100658}