-.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. This work is licensed under a
+.. Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2018 Amdocs, Bell Canada
-
+.. Copyright 2019 Amdocs, Bell Canada
+.. _oom_quickstart_guide:
.. _quick-start-label:
OOM Quick Start Guide
**Step 1.** Clone the OOM repository from ONAP gerrit::
- > git clone -b casablanca http://gerrit.onap.org/r/oom
+ > git clone -b <BRANCH> http://gerrit.onap.org/r/oom --recurse-submodules
> cd oom/kubernetes
-**Step 2.** Install Helm Plugins required to deploy the ONAP Casablanca release::
+where <BRANCH> can be an offical release tag, such as
+4.0.0-ONAP for Dublin
+5.0.1-ONAP for El Alto
+6.0.0-ONAP for Frankfurt
+
+**Step 2.** Install Helm Plugins required to deploy ONAP::
> sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm
-**Step 3.** Customize the onap/values.yaml file to suit your deployment. You
-may want to selectively enable or disable ONAP components by changing the
-`enabled: true/false` flags as shown below:
-.. literalinclude:: onap-values.yaml
+**Step 3.** Customize the helm charts like `oom/kubernetes/onap/values.yaml` or an override
+file like `onap-all.yaml`, `onap-vfw.yaml` or `openstack.yaml` file to suit your deployment
+with items like the OpenStack tenant information.
+
+.. note::
+ Standard and example override files (e.g. `onap-all.yaml`, `openstack.yaml`) can be found in
+ the `oom/kubernetes/onap/resources/overrides/` directory.
+
+
+ a. You may want to selectively enable or disable ONAP components by changing
+ the ``enabled: true/false`` flags.
+
+
+ b. Encrypt the OpenStack password using the shell tool for robot and put it in
+ the robot helm charts or robot section of `openstack.yaml`
+
+
+ c. Encrypt the OpenStack password using the java based script for SO helm charts
+ or SO section of `openstack.yaml`.
+
+
+ d. Update the OpenStack parameters that will be used by robot, SO and APPC helm
+ charts or use an override file to replace them.
+
+ e. Add in the command line a value for the global master password (global.masterPassword).
+
+
+
+a. Enabling/Disabling Components:
+Here is an example of the nominal entries that need to be provided.
+We have different values file available for different contexts.
+
+.. literalinclude:: ../kubernetes/onap/values.yaml
:language: yaml
+
+b. Generating ROBOT Encrypted Password:
+The ROBOT encrypted Password uses the same encryption.key as SO but an
+openssl algorithm that works with the python based Robot Framework.
+
+.. note::
+ To generate ROBOT ``openStackEncryptedPasswordHere``::
+
+ cd so/resources/config/mso/
+ /oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p``
+
+c. Generating SO Encrypted Password:
+The SO Encrypted Password uses a java based encryption utility since the
+Java encryption library is not easy to integrate with openssl/python that
+ROBOT uses in Dublin and upper versions.
+
.. note::
- To generate openStackEncryptedPasswordHere :
+ To generate SO ``openStackEncryptedPasswordHere`` and ``openStackSoEncryptedPassword``
+ ensure `default-jdk` is installed::
+
+ apt-get update; apt-get install default-jdk
+
+ Then execute::
+
+ SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key`
+ OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX
+
+ git clone http://gerrit.onap.org/r/integration
+ cd integration/deployment/heat/onap-rke/scripts
+
+ javac Crypto.java
+ java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY"
+
+d. Update the OpenStack parameters:
- ``root@olc-rancher:~# cd so/resources/config/mso/``
+There are assumptions in the demonstration VNF heat templates about the networking
+available in the environment. To get the most value out of these templates and the
+automation that can help confirm the setup is correct, please observe the following
+constraints.
- ``root@olc-rancher:~/oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p``
-**Step 3.** To setup a local Helm server to server up the ONAP charts::
+``openStackPublicNetId:``
+ This network should allow heat templates to add interfaces.
+ This need not be an external network, floating IPs can be assigned to the ports on
+ the VMs that are created by the heat template but its important that neutron allow
+ ports to be created on them.
+
+``openStackPrivateNetCidr: "10.0.0.0/16"``
+ This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity.
+ The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the
+ demonstration ip addressing plan embodied in the preload template prevent conflicts when
+ instantiating the various VNFs. If you need to change this, you will need to modify the preload
+ data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data
+ in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect
+ to create.
+
+``openStackOamNetworkCidrPrefix: "10.0"``
+ This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the
+ robot scripts for demonstration. A production deployment need not worry about this
+ setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix.
+
+
+Example Keystone v2.0
+
+.. literalinclude:: example-integration-override.yaml
+ :language: yaml
+
+Example Keystone v3 (required for Rocky and later releases)
+
+.. literalinclude:: example-integration-override-v3.yaml
+ :language: yaml
+
+
+**Step 4.** To setup a local Helm server to server up the ONAP charts::
> helm serve &
> helm repo add local http://127.0.0.1:8879
-**Step 4.** Verify your Helm repository setup with::
+**Step 5.** Verify your Helm repository setup with::
> helm repo list
NAME URL
local http://127.0.0.1:8879
-**Step 5.** Build a local Helm repository (from the kubernetes directory)::
+**Step 6.** Build a local Helm repository (from the kubernetes directory)::
> make all; make onap
-**Step 6.** Display the charts that available to be deployed::
+**Step 7.** Display the onap charts that available to be deployed::
+
+ > helm search onap -l
- > helm search -l
.. literalinclude:: helm-search.txt
.. note::
- The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository.
+ The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use ``make`` to update your local Helm repository.
+
+**Step 8.** Once the repo is setup, installation of ONAP can be done with a
+single command
+
+.. note::
+ The ``--timeout 900`` is currently required in Dublin and up to address long
+ running initialization tasks for DMaaP and SO. Without this timeout value both
+ applications may fail to deploy.
+
+.. danger::
+ We've added the master password on the command line.
+ You shouldn't put it in a file for safety reason
+ please don't forget to change the value to something random
+
+ A space is also added in front of the command so "history" doesn't catch it.
+ This masterPassword is very sensitive, please be careful!
+
+
+To deploy all ONAP applications use this command::
+
+ > cd oom/kubernetes
+ > helm deploy dev local/onap --namespace onap --set global.masterPassword=myAwesomePasswordThatINeedToChange -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900
+
+All override files may be customized (or replaced by other overrides) as per needs.
-**Step 7.** Once the repo is setup, installation of ONAP can be done with a
-single command::
+`onap-all.yaml`
+ Enables the modules in the ONAP deployment. As ONAP is very modular, it is possible to customize ONAP and disable some components through this configuration file.
- > helm deploy dev local/onap --namespace onap
+`environment.yaml`
+ Includes configuration values specific to the deployment environment.
+ Example: adapt readiness and liveness timers to the level of performance of your infrastructure
+
+`openstack.yaml`
+ Includes all the Openstack related information for the default target tenant you want to use to deploy VNFs from ONAP and/or additional parameters for the embedded tests.
+
+**Step 9.** Verify ONAP installation
Use the following to monitor your deployment and determine when ONAP is ready for use::
- > kubectl get pods --all-namespaces -o=wide
+ > kubectl get pods -n onap -o=wide
-Undeploying onap can be done using the following command::
+.. note::
+ While all pods may be in a Running state, it is not a guarantee that all components are running fine.
- > helm undeploy dev --purge
+ Launch the healthcheck tests using Robot to verify that the components are healthy::
+ > ~/oom/kubernetes/robot/ete-k8s.sh onap health
+
+**Step 10.** Undeploy ONAP::
+
+ > helm undeploy dev --purge
-More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins
\ No newline at end of file
+More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins