Gitiles
Code Review Sign In
gerrit.nordix.org / oransc / ric-plt / ric-dep / d8123116713107bfaf267a40ebf0faefac3a3fa0 / . / bin / install
blob: 3285d7f6e19da697c1c1af976f092071d9964ff8 [file] [log] [blame]
#!/bin/bash
################################################################################
# Copyright (c) 2019 AT&T Intellectual Property. #
# Copyright (c) 2019 Nokia. #
# Copyright (c) 2021 HCL Technologies Limited. #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); #
# you may not use this file except in compliance with the License. #
# You may obtain a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
################################################################################
function wait_for_pods() {
echo -n "waiting for $1 pods to run"
STILL_WAITING=true
while $STILL_WAITING; do
STILL_WAITING=false
PODS=$(kubectl get pods -n $2 2>/dev/null | grep $1 | awk '{print $1}')
if [ -z $PODS ]; then
STILL_WAITING=true
sleep 1
echo -n "."
fi
for POD in ${PODS}; do
if [[ $(kubectl get pod ${POD} -n $2 -o go-template --template "{{.status.phase}}") != "Running" ]]; then
STILL_WAITING=true
sleep 1
echo -n "."
break
fi
done
done
echo
}
function wait_for_cats() {
echo -n "waiting for $1 daemonset to complete"
STILL_WAITING=true
while $STILL_WAITING; do
STILL_WAITING=false
PODS=$(kubectl get pods -n $2 | grep $1 | awk '{print $1}')
for POD in ${PODS}; do
if [[ $(kubectl logs ${POD} -n $2 --tail 1) != "done" ]]; then
STILL_WAITING=true
sleep 1
echo -n "."
break
fi
done
done
echo
}
KERNEL_OPTIMIZATION=false
IS_HELM3=$(helm version --short|grep -e "^v3")
while [ -n "$1" ]; do # while loop starts
case "$1" in
-f) OVERRIDEYAML=$2
shift
;;
-c) LIST_OF_COMPONENTS=$2
shift
;;
-o) KERNEL_OPTIMIZATION=true
;;
*) echo "Option $1 not recognized" ;; # In case you typed a different option other than a,b,c
esac
shift
done
if [ -z "$OVERRIDEYAML" ];then
echo "****************************************************************************************************************"
echo " ERROR "
echo "****************************************************************************************************************"
echo "RIC deployment without deployment recipe is currently disabled. Please specify an recipe with the -f option."
echo "****************************************************************************************************************"
exit 1
fi
if [ -z $IS_HELM3 ]
then
HAS_COMMON_PACKAGE=$(helm search local/ric-common | grep ric-common)
else
HAS_COMMON_PACKAGE=$(helm search repo local/ric-common | grep ric-common)
fi
if [ -z "$HAS_COMMON_PACKAGE" ];then
echo "****************************************************************************************************************"
echo " ERROR "
echo "****************************************************************************************************************"
echo "Can't locate the ric-common helm package in the local repo. Please make sure that it is properly installed."
echo "****************************************************************************************************************"
exit 1
fi
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
COMMON_BLOCK=$(cat $OVERRIDEYAML | awk '/^common:/{getline; while ($0 ~ /^ +.*|^ *|^ *#.*$/) {print $0; if (getline == 0) {break}}}')
NAMESPACE_BLOCK=$(cat $OVERRIDEYAML | awk '/^ namespace:/{getline; while ($0 ~ /^ +.*|^ *|^ *#.*$/) {print $0; if (getline == 0) {break}}}')
PLTNAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *platform:/{print $2}')
INFRANAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *infra:/{print $2}')
XAPPNAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *xapp:/{print $2}')
RELEASE_PREFIX=$(echo "$COMMON_BLOCK" | awk '/^ *releasePrefix:/{print $2}')
LOCAL_REPOSITORY=$(echo "$COMMON_BLOCK" | awk '/^ *localregistry:/{print $2}')
if ! kubectl get ns ${PLTNAMESPACE:-ricplt}> /dev/null 2>&1; then
kubectl create ns ${PLTNAMESPACE:-ricplt}
fi
if ! kubectl get ns ${INFRANAMESPACE:-ricinfra}> /dev/null 2>&1; then
kubectl create ns ${INFRANAMESPACE:-ricinfra}
fi
if ! kubectl get ns ${XAPPNAMESPACE:-ricxapp}> /dev/null 2>&1; then
kubectl create ns ${XAPPNAMESPACE:-ricxapp}
fi
IS_INFLUX_PERSIST=$( kubectl get storageclass nfs 2>/dev/null | awk '{print $1}' | grep nfs)
if [[ ${LIST_OF_COMPONENTS} == *"influxdb"* ]]; then
if [ -z "$IS_INFLUX_PERSIST" ]; then
echo "nfs storage does not exist, create PersistentVolume through the storage class for the influxdb database"
LIST_OF_COMPONENTS=$(echo "$LIST_OF_COMPONENTS" | sed "s/influxdb//")
echo "skipping influxdb component"
else
echo "nfs storage exist"
fi
fi
# replace the dbaasha with dbaas1 if deploying non HA DBaaS
COMPONENTS="infrastructure dbaas appmgr rtmgr e2mgr e2term a1mediator submgr vespamgr o1mediator alarmmanager $LIST_OF_COMPONENTS"
echo "Deploying RIC infra components [$COMPONENTS]"
if [[ ${COMPONENTS} != *"influxdb"* ]]; then
OPTIONAL_COMPONENTS="influxdb"
fi
if [[ ${COMPONENTS} != *"jaegeradapter"* ]]; then
OPTIONAL_COMPONENTS={"$OPTIONAL_COMPONENTS jaegeradapter"}
fi
if [ ! -z "$OPTIONAL_COMPONENTS" ]; then
echo "Note that the following optional components are NOT being deployed: $OPTIONAL_COMPONENTS. To deploy them add them with -c to the default component list of the install command"
fi
FOUND_RECIPE=$(kubectl get configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe 2>/dev/null )
if [ ! -z "$FOUND_RECIPE" ]; then
kubectl delete configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe
fi
kubectl create configmap -n ${PLTNAMESPACE:-ricplt} ricplt-recipe --from-file=recipe=$OVERRIDEYAML
if [ ! -z "$LOCAL_REPOSITORY" ]; then
LOCAL_REPOSITORY="$LOCAL_REPOSITORY/"
fi
echo Add cluster roles
cat >ricplt-role.yaml <<EOF
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: ricplt-system-tiller
rules:
- apiGroups: [""]
resources: ["deployments"]
verbs: ["get", "list", "create", "delete"]
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["get", "list", "create", "delete"]
- apiGroups: ["rbac.authorization.k8s.io"]
resources: ["clusterroles", "clusterrolebindings"]
verbs: ["get", "list", "create", "delete"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "patch"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["list", "watch", "get"]
- apiGroups: [""]
resources: ["nodes/metrics"]
verbs: ["list", "watch", "get"]
- apiGroups: [""]
resources: ["nodes/proxy"]
verbs: ["list", "watch", "get"]
- apiGroups: ["configuration.konghq.com"]
resources: ["kongconsumers"]
verbs: ["get", "list", "watch"]
- apiGroups: ["configuration.konghq.com"]
resources: ["kongcredentials"]
verbs: ["get", "list", "watch"]
- apiGroups: ["configuration.konghq.com"]
resources: ["kongingresses"]
verbs: ["get", "list", "watch"]
- apiGroups: ["configuration.konghq.com"]
resources: ["kongplugins"]
verbs: ["get", "list", "watch"]
- apiGroups: ["networking.k8s.io"]
resources: ["ingresses"]
verbs: ["watch", "list", "get", "create", "delete", "update"]
- apiGroups: [""]
resources: ["ingresses"]
verbs: ["watch", "list", "get", "create", "delete", "update"]
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["watch", "list", "get", "create", "delete"]
- apiGroups: ["danm.k8s.io"]
resources: ["clusternetworks"]
verbs: ["watch", "list", "get", "create", "delete"]
- apiGroups: ["extensions"]
resources: ["ingresses/status"]
verbs: ["update", "get", "list", "watch"]
- apiGroups: ["networking.k8s.io"]
resources: ["ingresses/status"]
verbs: ["update", "get", "list", "watch"]
- apiGroups: ["certificates.k8s.io"]
resources: ["certificatesigningrequests"]
verbs: ["list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["list", "watch"]
- nonResourceURLs: ["/metrics"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: ricplt-system-tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ricplt-system-tiller
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system
EOF
if [ -z $IS_HELM3 ]
then
kubectl apply -f ricplt-role.yaml
rm ricplt-role.yaml
fi
# Add kernel optimization for radis services
if $KERNEL_OPTIMIZATION; then
cat >kernel_optimizer.yaml <<EOF
apiVersion: apps/v1
kind: DaemonSet
metadata:
namespace: ${INFRANAMESPACE:-ricinfra}
name: redis-kernel-optimizer
spec:
selector:
matchLabels:
app: redis-kernel-optimizer
template:
metadata:
labels:
app: redis-kernel-optimizer
spec:
volumes:
- name: sys
hostPath:
path: /sys
containers:
- name: disable-thp
image: ${LOCAL_REPOSITORY}busybox
securityContext:
runAsNonRoot: false
privileged: true
runAsUser: 0
command: ["sh", "-c"]
args:
- |-
set -e
set -o pipefail
trap 'exit' TERM
echo never > /rootfs/sys/kernel/mm/transparent_hugepage/enabled
echo never > /rootfs/sys/kernel/mm/transparent_hugepage/defrag
sysctl -w net.core.somaxconn=511
grep -q -F [never] /sys/kernel/mm/transparent_hugepage/enabled
grep -q -F [never] /sys/kernel/mm/transparent_hugepage/defrag
sysctl -n net.core.somaxconn | grep 511 -q
echo "done"
while true; do sleep 1; done
volumeMounts:
- name: sys
mountPath: /rootfs/sys
EOF
kubectl apply -f kernel_optimizer.yaml
wait_for_pods redis-kernel-optimizer ${INFRANAMESPACE:-ricinfra}
wait_for_cats redis-kernel-optimizer ${INFRANAMESPACE:-ricinfra}
kubectl delete -f kernel_optimizer.yaml
rm kernel_optimizer.yaml
fi
for component in $COMPONENTS; do
helm dep up $DIR/../helm/$component
COMPONENT="${RELEASE_PREFIX}-$component"
if [ -z $IS_HELM3 ]
then
COMPONENT=" --name $COMPONENT"
fi
helm install -f $OVERRIDEYAML --namespace "${PLTNAMESPACE:-ricplt}" $COMPONENT $DIR/../helm/$component
sleep 8
done