Gitiles
Code Review Sign In
gerrit.nordix.org / oransc / nonrtric / plt / ranpm / 24b89f433edbc98720cc3373f930358ace19e381 / . / install / install-nrt.sh
blob: a30dcf3c2f49593b258c030c8bad2aa7c16ec1ce [file] [log] [blame]
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]1#!/bin/bash
2
3# ============LICENSE_START===============================================
4# Copyright (C) 2023 Nordix Foundation. All rights reserved.
5# ========================================================================
6# Licensed under the Apache License, Version 2.0 (the "License");
7# you may not use this file except in compliance with the License.
8# You may obtain a copy of the License at
9#
10# http://www.apache.org/licenses/LICENSE-2.0
11#
12# Unless required by applicable law or agreed to in writing, software
13# distributed under the License is distributed on an "AS IS" BASIS,
14# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15# See the License for the specific language governing permissions and
16# limitations under the License.
17# ============LICENSE_END=================================================
18#
19
20. scripts/kube_get_controlplane_host.sh
21. scripts/kube_get_nodeport.sh
22. scripts/wait_for_server_ok.sh
23. scripts/get_influxdb2_token.sh
24. scripts/create_topic.sh
25
26# Constants
27SAMELINE="\033[0K\r"
28
29# Variables
BjornMagnussonXA6ab531b2023-05-15 11:23:35 +0200[diff] [blame]30export KUBERNETESHOST=$(kube_get_controlplane_host)
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]31if [ $? -ne 0 ]; then
BjornMagnussonXA6ab531b2023-05-15 11:23:35 +0200[diff] [blame]32 echo $KUBERNETESHOST
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]33 echo "Exiting"
34 exit 1
35fi
36
37echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
BjornMagnussonXA6ab531b2023-05-15 11:23:35 +0200[diff] [blame]38echo "Kubernetes control plane host: $KUBERNETESHOST"
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]39echo "Host obtained from current kubectl context"
40echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
41
42echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
BjornMagnussonXA6ab531b2023-05-15 11:23:35 +0200[diff] [blame]43echo "Checking requirements"
44echo " Checking if istio is installed"
45kubectl $KUBECONF get authorizationpolicies -A &> /dev/null
46if [ $? -ne 0 ]; then
47 echo " Istio api: kubectl get authorizationpolicies is not installed"
48 exit 1
49else
50 echo " OK"
51fi
52echo " Checking if jq is installed"
53tmp=$(type jq)
54if [ $? -ne 0 ]; then
55 echo " Command utility jq (cmd-line json processor) is not installed"
56 exit 1
57else
58 echo " OK"
59fi
60echo " Checking if envsubst is installed"
61tmp=$(type envsubst)
62if [ $? -ne 0 ]; then
63 echo " Command utility envsubst (env var substitution in files) is not installed"
64 exit 1
65else
66 echo " OK"
67fi
68
69echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]70echo "Restarting istiod, workaround to refresh jwks cache"
71kubectl rollout restart deployments/istiod -n istio-system
72echo "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
73
74# Generic error printout function
75# args: <numeric-response-code> <descriptive-string>
76check_error() {
77 if [ $1 -ne 0 ]; then
78 echo "Failed: $2"
79 echo "Exiting..."
80 exit 1
81 fi
82}
83
84##################################################################################
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]85echo "##### Installing chart: nrt-base-0"
86##################################################################################
rohithrajneeshb3ba53a2023-08-08 12:22:37 +0100[diff] [blame]87helm install --wait --create-namespace -n nonrtric nrt-base-0 helm/nrt-base-0
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]88
89# Create realm in keycloak
90
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]91. scripts/populate_keycloak.sh
92
93create_realms nonrtric-realm
94while [ $? -ne 0 ]; do
95 create_realms nonrtric-realm
96done
97
98# Create client for admin calls
99cid="console-setup"
100create_clients nonrtric-realm $cid
101check_error $?
102generate_client_secrets nonrtric-realm $cid
103check_error $?
104
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]105echo ""
106
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]107cid="console-setup"
108__get_admin_token
109TOKEN=$(get_client_token nonrtric-realm $cid)
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]110
111##################################################################################
112echo "##### Installing charts: strimzi and nrt-base-1"
113##################################################################################
114
115helm repo add strimzi https://strimzi.io/charts/
116
117helm install --wait strimzi-kafka-crds -n nonrtric strimzi/strimzi-kafka-operator
118
119
120cp opa-rules/bundle.tar.gz helm/nrt-base-1/charts/opa-rule-db/data
121
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]122helm install -n nonrtric nrt-base-1 helm/nrt-base-1
123
BjornMagnussonXA6ab531b2023-05-15 11:23:35 +0200[diff] [blame]124echo "Waiting for influx db - there may be error messages while trying..."
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]125retcode=1
126while [ $retcode -eq 1 ]; do
127 retcode=0
128 CONFIG=$(kubectl exec -n nonrtric influxdb2-0 -- influx config ls --json)
129 if [ $? -ne 0 ]; then
130 retcode=1
131 sleep 1
132 elif [ "$CONFIG" == "{}" ]; then
133 echo "Configuring db"
BjornMagnussonXA6ab531b2023-05-15 11:23:35 +0200[diff] [blame]134 kubectl exec -n nonrtric influxdb2-0 -- influx setup -u admin -p mySuP3rS3cr3tT0keN -o est -b pm-bucket -f
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]135 if [ $? -ne 0 ]; then
136 retcode=1
137 sleep 1
138 fi
139 else
140 echo "Db user configured, skipping"
141 fi
142done
143
144# Save influx user api-token to secret
BjornMagnussonXA1b0fb0b2023-05-31 01:46:20 +0200[diff] [blame]145B64FLAG="-w 0"
146case "$OSTYPE" in
147 darwin*) B64FLAG="" ;;
148esac
149INFLUXDB2_TOKEN=$(get_influxdb2_token influxdb2-0 nonrtric | base64 $B64FLAG)
BjornMagnussonXA6ab531b2023-05-15 11:23:35 +0200[diff] [blame]150PATCHDATA='[{"op": "add", "path": "/data/token", "value": "'$INFLUXDB2_TOKEN'"}]'
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]151kubectl patch secret influxdb-api-token -n nonrtric --type json -p "$PATCHDATA"
152
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]153echo "Wait for kafka"
154_ts=$SECONDS
155until $(kubectl exec -n nonrtric kafka-client -- kafka-topics --list --bootstrap-server kafka-1-kafka-bootstrap.nonrtric:9092 1> /dev/null 2> /dev/null); do
156 echo -ne " $(($SECONDS-$_ts)) sec, retrying at $(($SECONDS-$_ts+5)) sec $SAMELINE"
157 sleep 5
158done
159echo ""
160
161# Pre-create known topic to avoid losing data when autocreated by apps
162__topics_list="file-ready collected-file json-file-ready-kp json-file-ready-kpadp pmreports"
163for __topic in $__topics_list; do
164 create_topic kafka-1-kafka-bootstrap.nonrtric:9092 $__topic 10
165done
166
167echo ""
168
169##################################################################################
DenisGNoonan54872c92023-09-05 11:55:40 +0100[diff] [blame]170echo "##### Installing: chart nonrtricgateway"
171##################################################################################
172
173helm install --wait -n nonrtric nonrtricgateway helm/nonrtricgateway
174echo ""
175
176##################################################################################
177echo "##### Installing: chart controlpanel"
178##################################################################################
179
180helm install --wait -n nonrtric controlpanel helm/controlpanel
181echo ""
182
183##################################################################################
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]184echo "##### Installing: chart ran"
185##################################################################################
186
187./helm/ran/certs/gen-certs.sh 10
188check_error $?
189
rohithrajneeshb3ba53a2023-08-08 12:22:37 +0100[diff] [blame]190helm install --wait --create-namespace -n ran -f helm/global-values.yaml ran helm/ran
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]191
192echo ""
193
194##################################################################################
195echo "##### Installing chart: nrt-pm"
196##################################################################################
197
198
199cwd=$PWD
200echo "Updating dfc truststore"
201cd helm/nrt-pm/charts/dfc/truststore
202cp template-truststore.jks truststore.jks
203check_error $?
204
205echo " Adding https ca cert to dfc truststore"
206cat <<__EOF__ | keytool -importcert -alias pm-https -file $cwd/helm/ran/certs/httpsca.crt -keystore truststore.jks -storetype JKS -storepass $(< truststore.pass)
207yes
208__EOF__
209cd $cwd
210
211cid="kafka-producer-pm-xml2json"
212create_clients nonrtric-realm $cid
213check_error $?
214generate_client_secrets nonrtric-realm $cid
215check_error $?
216
217export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
218
219envsubst < helm/nrt-pm/charts/kafka-producer-pm-xml2json/values-template.yaml > helm/nrt-pm/charts/kafka-producer-pm-xml2json/values.yaml
220
221
222cid="kafka-producer-pm-json2kafka"
223create_clients nonrtric-realm $cid
224check_error $?
225generate_client_secrets nonrtric-realm $cid
226check_error $?
227
228export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
229
230envsubst < helm/nrt-pm/charts/kafka-producer-pm-json2kafka/values-template.yaml > helm/nrt-pm/charts/kafka-producer-pm-json2kafka/values.yaml
231
232
233cid="kafka-producer-pm-json2influx"
234create_clients nonrtric-realm $cid
235check_error $?
236generate_client_secrets nonrtric-realm $cid
237check_error $?
238
239export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
240
241envsubst < helm/nrt-pm/charts/kafka-producer-pm-json2influx/values-template.yaml > helm/nrt-pm/charts/kafka-producer-pm-json2influx/values.yaml
242
243
244cid="pm-producer-json2kafka"
245create_clients nonrtric-realm $cid
246check_error $?
247generate_client_secrets nonrtric-realm $cid
248check_error $?
249
250export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
251
252envsubst < helm/nrt-pm/charts/pm-producer-json2kafka/values-template.yaml > helm/nrt-pm/charts/pm-producer-json2kafka/values.yaml
253
254
255cid="dfc"
256create_clients nonrtric-realm $cid
257check_error $?
258generate_client_secrets nonrtric-realm $cid
259check_error $?
260
261export APP_CLIENT_SECRET=$(< .sec_nonrtric-realm_$cid)
262
263envsubst < helm/nrt-pm/charts/dfc/values-template.yaml > helm/nrt-pm/charts/dfc/values.yaml
264
BjornMagnussonXA6ab531b2023-05-15 11:23:35 +0200[diff] [blame]265helm install --wait -f helm/global-values.yaml -n nonrtric nrt-pm helm/nrt-pm
BjornMagnussonXAc5655db2023-03-17 14:55:16 +0100[diff] [blame]266
267echo ""
268
269echo "######################################################################"
270echo "ranpm installed"
271echo "Wait until all pods are running before installation additional charts"
272echo "Do: 'kubectl get po -n nonrtric' and verify that all pods are in status Running"
273echo " and all included containers are Ready"
DenisGNoonan54872c92023-09-05 11:55:40 +0100[diff] [blame]274echo "######################################################################"