1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
2 .. http://creativecommons.org/licenses/by/4.0
5 .. _docs_vfw_edgex_multicloud_k8s:
7 vFW/Edgex with Multicloud Kubernetes Plugin: Setting Up and Configuration
8 -------------------------------------------------------------------------
12 This use case covers the deployment of vFW and Edgex HELM Charts in a Kubernetes based cloud region via the multicloud-k8s plugin.
13 The multicloud-k8s plugin provides APIs to upload self-contained HELM Charts that can be customized via the profile API and later installed in a particular cloud region.
15 When the installation is complete (all the pods are either in running or completed state)
20 https://github.com/onap/multicloud-k8s/tree/master/kud/demo/firewall
22 EdgeXFoundry Helm Chart link:
23 -----------------------------
25 https://github.com/onap/multicloud-k8s/tree/master/kud/tests/vnfs/edgex/helm/edgex
28 **Create CSAR with Helm chart as an artifact**
29 ----------------------------------------------
31 The CSAR is a heat template package with Helm chart in it. The basic package
32 consists of an **environment file**, **base_dummy.yaml file** (example),
33 **MANIFEST.json** and the **tar.gz** file (of Helm chart).
34 We need to zip all of these files before onboarding.
35 One thing to pay much attention to is the naming convention which must
36 be followed while making the tgz.
37 **NOTE: The Naming convention is for the helm chart tgz file.**
39 **Naming convention follows the format:**
41 <free format string>\_\ ***cloudtech***\ \_<technology>\_<subtype>.extension
43 1. *Cloudtech:* is a fixed pattern and should not be changed if not
45 2. *Technology:* k8s, azure, aws
46 3. *Subtype*: charts, day0, config template
47 4. *Extension*: zip, tgz, csar
49 NOTE: The .tgz file must be a tgz created from the top level helm chart
50 folder. I.e. a folder that contains a Chart.yaml file in it.
53 Listed below is an example of the contents inside a heat template
58 MANIFEST.json base_dummy.env base_dummy.yaml
59 vfw_cloudtech_k8s_charts.tgz vfw_k8s_demo.zip
67 Key thing is note the addition of cloud artifact
70 type: "CLOUD_TECHNOLOGY_SPECIFIC_ARTIFACTS"
77 "file": "base_dummy.yaml",
82 "file": "base_dummy.env",
88 "file": "vfw_cloudtech_k8s_charts.tgz",
89 "type": "CLOUD_TECHNOLOGY_SPECIFIC_ARTIFACTS"
96 Designed to be minimal HEAT template
100 ##==================LICENSE_START========================================
102 ## Copyright (C) 2019 Intel Corporation
103 ## SPDX-License-Identifier: Apache-2.0
105 ##==================LICENSE_END===========================================
107 heat_template_version: 2016-10-14
108 description: Heat template to deploy dummy VNF
114 description: Dummy name
119 description: Provided by ONAP
124 description: Provided by ONAP
129 description: Provided by ONAP
133 label: Image name or ID
134 description: Dummy image name
139 description: Dummy flavor
143 type: OS::Nova::Server
145 name: { get_param: dummy_name_0 }
146 image: { get_param: dummy_image_name }
147 flavor: { get_param: dummy_flavor_name } metadata: { vnf_name: { get_param: vnf_name }, vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}
159 vnf_id: PROVIDED_BY_ONAP
160 vnf_name: PROVIDED_BY_ONAP
161 vf_module_id: PROVIDED_BY_ONAP
162 dummy_name_0: dummy_1_0
163 dummy_image_name: dummy
164 dummy_flavor_name: dummy.default
169 For onboarding instructions please refer to steps 4-9 from the document
170 `here <https://wiki.onap.org/display/DW/vFWCL+instantiation%2C+testing%2C+and+debuging>`__.
172 **Steps for installing KUD Cloud**
173 ----------------------------------
175 Follow the link to install KUD Kubernetes Deployment. KUD contains all
176 the packages required for running vfw use case.
178 Kubernetes Baremetal deployment instructions here_
180 .. _here: https://wiki.onap.org/display/DW/Kubernetes+Baremetal+deployment+setup+instructions/
182 **REGISTER KUD CLOUD REGION with K8s-Plugin**
183 ---------------------------------------------
185 API to support Reachability for Kubernetes Cloud
187 **The command to POST connectivity info**
188 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
192 "cloud-region" : "<name>", // Must be unique across
193 "cloud-owner" : "<owner>",
194 "other-connectivity-list" : {
197 This is a multipart upload and here is how you do the POST for this.
199 #Using a json file (eg: post.json) containing content as above
202 curl -i -F "metadata=<post.json;type=application/json" -F file=@
203 /home/ad_kkkamine/.kube/config -X POST http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/connectivity-info
205 **Command to GET Connectivity Info**
206 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
210 curl -i -X GET http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/connectivity-info/{name}
213 **Command to DELETE Connectivity Info**
214 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
218 curl -i -X GET http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/connectivity-info/{name}
221 **Command to UPDATE/PUT Connectivity Info**
222 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
226 curl -i -X GET http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/connectivity-info/{name}
228 **Register KUD Cloud region with AAI**
229 --------------------------------------
231 With k8s cloud region, we need to add a tenant to the k8s cloud region.
232 The 'easy' way is to have the ESR information (in step 1 of cloud
233 registration) point to a real OpenStack tenant (e.g. the OOF tenant in
234 the lab where we tested).
236 This will cause multicloud to add the tenant to the k8s cloud region and
237 then, similar to #10 in the documentation
238 `here <https://onap.readthedocs.io/en/casablanca/submodules/integration.git/docs/docs_vfwHPA.html#docs-vfw-hpa>`__,
239 the service-subscription can be added to that object.
241 NOTE: use same name cloud-region and cloud-owner name
243 An example is shown below for K8s cloud but following the steps 1,2,3
245 `here <https://onap.readthedocs.io/en/latest/submodules/multicloud/framework.git/docs/multicloud-plugin-windriver/UserGuide-MultiCloud-WindRiver-TitaniumCloud.html#tutorial-onboard-instance-of-wind-river-titanium-cloud>`__.
246 The sample input below is for k8s cloud type.
248 **Step 1 - Cloud Registration/ Create a cloud region to represent the instance.**
251 Note: highlighted part of the body refers to an existing OpenStack
252 tenant (OOF in this case). Has nothing to do with the K8s cloud region
257 PUT https://{{AAI1_PUB_IP}}:{{AAI1_PUB_PORT}}/aai/v13/cloud-infrastructure/cloud-regions/cloud-region/k8scloudowner4/k8sregionfour
259 "cloud-owner": "k8scloudowner4",
260 "cloud-region-id": "k8sregionfour",
262 "owner-defined-type": "t1",
263 "cloud-region-version": "1.0",
264 "complex-name": "clli1",
265 "cloud-zone": "CloudZone",
266 "sriov-automation": false,
267 "cloud-extra-info":"{\"openstack-region-id\":\"k8sregionthree\"}",
268 "esr-system-info-list": {
271 "esr-system-info-id": "55f97d59-6cc3-49df-8e69-926565f00066",
272 "service-url": "http://10.12.25.2:5000/v3",
274 "password": "onapdemo",
275 "system-type": "VIM",
276 "ssl-insecure": true,
277 "cloud-domain": "Default",
278 "default-tenant": "OOF",
279 "tenant-id": "6bbd2981b210461dbc8fe846df1a7808",
280 "system-status": "active"
286 **Step 2 add a complex to the cloud**
288 Note: just adding one that exists already
292 PUT https://{{AAI1_PUB_IP}}:{{AAI1_PUB_PORT}}/aai/v13/cloud-infrastructure/cloud-regions/cloud-region/k8scloudowner4/k8sregionfour/relationship-list/relationship
294 "related-to": "complex",
295 "related-link": "/aai/v13/cloud-infrastructure/complexes/complex/clli1",
296 "relationship-data": [
298 "relationship-key": "complex.physical-location-id",
299 "relationship-value": "clli1"
304 **Step 3 - Trigger the Multicloud plugin registration process**
309 POST http://{{MSB_IP}}:{{MSB_PORT}}/api/multicloud-titaniumcloud/v1/k8scloudowner4/k8sregionfour/registry
312 This registers the K8S cloud with Multicloud it also reaches out and
313 adds tenant information to the cloud (see example below you'll see all
314 kinds of flavor, image information that is associated with the OOF
317 If we had not done it this way, then wed have to go in to AAI at this
318 point and manually add a tenant to the cloud region. The first time I
319 tried this (k8s region one), I just made up some random tenant id and
322 The tenant is there so you can add the service-subscription to it:
324 **Making a Service Type:**
328 PUT https://{{AAI1_PUB_IP}}:{{AAI1_PUB_PORT}}/aai/v13/service-design-and-creation/services/service/vfw-k8s
330 "service-description": "vfw-k8s",
331 "service-id": "vfw-k8s"
334 Add subscription to service type to the customer (Demonstration in this
335 case which was already created by running the robot demo scripts)
339 PUT https://{{AAI1_PUB_IP}}:{{AAI1_PUB_PORT}}/aai/v16/business/customers/customer/Demonstration/service-subscriptions/service-subscription/vfw-k8s
341 "service-type": "vfw-k8s"
344 Add Service-Subscription to the tenant (resource-version changes based
345 on actual value at the time):
349 PUT https://{{AAI1_PUB_IP}}:{{AAI1_PUB_PORT}}/aai/v16/cloud-infrastructure/cloud-regions/cloud-region/k8scloudowner4/k8sregionfour/tenants/tenant/6bbd2981b210461dbc8fe846df1a7808?resource-version=1559345527327
351 "tenant-id": "6bbd2981b210461dbc8fe846df1a7808",
352 "tenant-name": "OOF",
353 "resource-version": "1559345527327",
354 "relationship-list": {
357 "related-to": "service-subscription",
358 "relationship-label": "org.onap.relationships.inventory.Uses",
359 "related-link": "/aai/v13/business/customers/customer/Demonstration/service-subscriptions/service-subscription/vfw-k8s",
360 "relationship-data": [
362 "relationship-key": "customer.global-customer-id",
363 "relationship-value": "Demonstration"
366 "relationship-key": "service-subscription.service-type",
367 "relationship-value": "vfw-k8s"
375 **Distribute the CSAR**
376 -----------------------
377 Onboard a service it gets stored in SDC final action is distributed. SO
378 and other services are notified sdc listener in the multicloud sidecar.
379 When distribution happens it takes tar.gz file and uploads to k8s
382 **Create Profile Manually**
383 ---------------------------
385 K8s-plugin artifacts start in the form of Definitions. These are nothing
386 but Helm Charts wrapped with some metadata about the chart itself. Once
387 the Definitions are created, we are ready to create some profiles so
388 that we can customize that definition and instantiate it in Kubernetes.
390 NOTE: Refer this link_ for complete API lists and
393 .. _link : https://wiki.onap.org/display/DW/MultiCloud+K8s-Plugin-service+API
395 A profile consists of the following:
399 - Contains the details for the profile and everything contained within
401 A **HELM** values override yaml file.
403 - It can have any name as long as it matches the corresponding entry in the **manifest.yaml**
405 Any number of files organized in a folder structure
407 - All these files should have a corresponding entry in **manifest.yaml** file
409 **Creating a Profile Artifact**
410 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
414 > cd multicloud-k8s/kud/tests/vnfs/testrb/helm/profile
420 testfol/subdir/deployment.yaml
422 #Create profile tar.gz
424 > tar -cf profile.tar *
426 > mv profile.tar.gz ../
428 The manifest file contains the following
435 values: "values_override.yaml"
437 - filepath: testfol/subdir/deployment.yaml
438 chartpath: vault-consul-dev/templates/deployment.yaml
440 Note: values: "values\_override.yaml" can **be** empty **file** **if**
441 you are creating **a** dummy **profile**
443 Note: A dummy profile does not need any customization. The following is
444 optional in the manifest file.
449 - filepath: testfol/subdir/deployment.yaml
450 chartpath: vault-consul-dev/templates/deployment.yaml
453 With this information, we are ready to upload the profile with the
459 "rb-name": "test-rbdef",
461 "profile-name": "p1",
462 "release-name": "r1", //If release-name is not provided, profile-name will be used
463 "namespace": "testnamespace1",
464 "kubernetes-version": "1.12.3"
468 **Command to create (POST) Profile**
469 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
473 curl -i -d @create_rbprofile.json -X POST http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/rb/definition/test-rbdef/v1/profile
477 **Command to UPLOAD artifact for Profile**
481 curl -i --data-binary @profile.tar.gz -X POST http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/rb/definition/test-rbdef/v1/profile/p1/content
485 **Command to GET Profiles**
489 curl -i http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/rb/definition/test-rbdef/v1/profile
491 curl -i http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/rb/definition/test-rbdef/v1/profile/p1
495 **Command to DELETE Profile**
498 curl -i -X DELETE http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/rb/definition/test-rbdef/v1/profile/p1
504 Instantiation is done by SO. SO then talks to Multi Cloud-broker via MSB
505 and that in turn looks up the cloud region in AAI to find the endpoint.
506 If k8sregion one is registered with AAI and SO makes a call with that,
507 then the broker will know that it needs to talk to k8s-plugin based on
508 the type of the registration.
510 **Instantiate the created Profile via the following REST API**
514 Using the following JSON:
516 "cloud-region": "kud",
517 "profile-name": "p1",
518 "rb-name":"test-rbdef",
524 **NOTE**: Make sure that the namespace is already created before
527 Instantiate the profile with the ID provided above
529 **Command to Instantiate a Profile**
533 curl -d @create_rbinstance.json http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/instance
536 The command returns the following JSON
544 "profile-name": "profile1",
545 "cloud-region": "kud",
546 "namespace": "testns",
567 "Version": "v1beta1",
568 "Kind": "StatefulSet"
570 "Name": "profile1-mongo"
575 **Delete Instantiated Kubernetes resources**
577 The **id** field from the returned JSON can be used to **DELETE** the
578 resources created in the previous step. This executes a Delete operation
579 using the Kubernetes API.
583 curl -X DELETE http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/instance/ZKMTSaxv
586 **GET Instantiated Kubernetes resources**
589 The **id field** from the returned JSON can be used to **GET** the
590 resources created in the previous step. This executes a get operation
591 using the Kubernetes API.
595 curl -X GET http://MSB_NODE_IP:30280/api/multicloud-k8s/v1/v1/instance/ZKMTSaxv
598 `*\ https://github.com/onap/oom/blob/master/kubernetes/multicloud/resources/config/provider-plugin.json <https://github.com/onap/oom/blob/master/kubernetes/multicloud/resources/config/provider-plugin.json>`__
600 **Create User parameters**
602 We need to create parameters that ultimately get translated as:
609 "attribute_name": "definition-name",
610 "attribute_value": "edgex"
613 "attribute_name": "definition-version",
614 "attribute_value": "v1"
617 "attribute_name": "profile-name",
618 "attribute_value": "profile1"