-.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. This work is licensed under a Creative Commons Attribution 4.0
+.. International License.
.. http://creativecommons.org/licenses/by/4.0
-.. Copyright 2018 Amdocs, Bell Canada
+.. Copyright 2018-2020 Amdocs, Bell Canada, Orange, Samsung
+.. _oom_user_guide:
.. Links
.. _Curated applications for Kubernetes: https://github.com/kubernetes/charts
.. _Helm Documentation: https://docs.helm.sh/helm/
.. _Helm: https://docs.helm.sh/
.. _Kubernetes: https://Kubernetes.io/
-
+.. _Kubernetes LoadBalancer: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
.. _user-guide-label:
OOM User Guide
- Monitor_ - real-time health monitoring feeding to a Consul UI and Kubernetes
- Heal_- failed ONAP containers are recreated automatically
- Scale_ - cluster ONAP services to enable seamless scaling
-- Upgrade_ - change-out containers or configuration with little or no service impact
+- Upgrade_ - change-out containers or configuration with little or no service
+ impact
- Delete_ - cleanup individual containers or entire deployments
.. figure:: oomLogoV2-Deploy.png
Pre-requisites
--------------
-Your environment must have both the Kubernetes `kubectl` and Helm setup as a one time activity.
+Your environment must have both the Kubernetes `kubectl` and Helm setup as a
+one time activity.
Install Kubectl
~~~~~~~~~~~~~~~
-Enter the following to install kubectl (on Ubuntu, there are slight differences on other O/Ss), the Kubernetes command line interface used to manage a Kubernetes cluster::
+Enter the following to install kubectl (on Ubuntu, there are slight differences
+on other O/Ss), the Kubernetes command line interface used to manage a
+Kubernetes cluster::
- > curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.8.6/bin/linux/amd64/kubectl
+ > curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.8.10/bin/linux/amd64/kubectl
> chmod +x ./kubectl
> sudo mv ./kubectl /usr/local/bin/kubectl
> mkdir ~/.kube
-Paste kubectl config from Rancher (see the :ref:`cloud-setup-guide-label` for alternative Kubenetes environment setups) into the `~/.kube/config` file.
+Paste kubectl config from Rancher (see the :ref:`cloud-setup-guide-label` for
+alternative Kubernetes environment setups) into the `~/.kube/config` file.
Verify that the Kubernetes config is correct::
Install Helm
~~~~~~~~~~~~
-Helm is used by OOM for package and configuration management. To install Helm, enter the following::
+Helm is used by OOM for package and configuration management. To install Helm,
+enter the following::
- > wget http://storage.googleapis.com/kubernetes-helm/helm-v2.6.1-linux-amd64.tar.gz
- > tar -zxvf helm-v2.6.1-linux-amd64.tar.gz
+ > wget http://storage.googleapis.com/kubernetes-helm/helm-v2.9.1-linux-amd64.tar.gz
+ > tar -zxvf helm-v2.9.1-linux-amd64.tar.gz
> sudo mv linux-amd64/helm /usr/local/bin/helm
Verify the Helm version with::
Install the Helm Repo
---------------------
-Once kubectl and Helm are setup, one needs to setup a local Helm server to server up the ONAP charts::
+Once kubectl and Helm are setup, one needs to setup a local Helm server to
+server up the ONAP charts::
> helm install osn/onap
To prepare your system for an installation of ONAP, you'll need to::
- > git clone http://gerrit.onap.org/r/oom
+ > git clone -b frankfurt --recurse-submodules -j2 http://gerrit.onap.org/r/oom
> cd oom/kubernetes
> helm init
> helm serve &
-Note the port number that is listed and use it in the Helm repo add as follows::
+Note the port number that is listed and use it in the Helm repo add as
+follows::
> helm repo add local http://127.0.0.1:8879
Then build your local Helm repository::
- > make all
+ > make SKIP_LINT=TRUE all
The Helm search command reads through all of the repositories configured on the
system, and looks for matches::
In any case, setup of the Helm repository is a one time activity.
-Once the repo is setup, installation of ONAP can be done with a single command::
+Next, install Helm Plugins required to deploy the ONAP Casablanca release::
+
+ > cp -R helm/plugins/ ~/.helm
- > helm install local/onap -name development
+Once the repo is setup, installation of ONAP can be done with a single
+command::
+
+ > helm deploy development local/onap --namespace onap
This will install ONAP from a local repository in a 'development' Helm release.
As described below, to override the default configuration values provided by
OOM, an environment file can be provided on the command line as follows::
- > helm install local/onap -name development -f onap-development.yaml
+ > helm deploy development local/onap --namespace onap -f overrides.yaml
To get a summary of the status of all of the pods (containers) running in your
deployment::
was created for each of the ONAP components.
.. note::
- The Helm `-name` option refers to a release name and not a Kubernetes namespace.
+ The Helm `--name` option refers to a release name and not a Kubernetes namespace.
To install a specific version of a single ONAP component (`so` in this example)
-with the given name enter::
+with the given release name enter::
- > helm install onap/so --version 2.0.1 -n so
+ > helm deploy so onap/so --version 3.0.1
To display details of a specific resource or group of resources type::
operational complexity and an inability to apply global parameters across the
entire ONAP deployment. OOM solves this problem by introducing a common
configuration technology, Helm charts, that provide a hierarchical
-configuration configuration with the ability to override values with higher
+configuration with the ability to override values with higher
level charts or command line options.
The structure of the configuration of ONAP is shown in the following diagram.
The top level onap/values.yaml file contains the values required to be set
before deploying ONAP. Here is the contents of this file:
-.. include:: onap_values.yaml
+.. include:: ../kubernetes/onap/values.yaml
:code: yaml
One may wish to create a value file that is specific to a given deployment such
To deploy ONAP with this environment file, enter::
- > helm install local/onap -n beijing -f environments/onap-production.yaml
+ > helm deploy local/onap -n onap -f environments/onap-production.yaml
.. include:: environments_onap_demo.yaml
:code: yaml
<...>
+Accessing the ONAP Portal using OOM and a Kubernetes Cluster
+------------------------------------------------------------
+
+The ONAP deployment created by OOM operates in a private IP network that isn't
+publicly accessible (i.e. OpenStack VMs with private internal network) which
+blocks access to the ONAP Portal. To enable direct access to this Portal from a
+user's own environment (a laptop etc.) the portal application's port 8989 is
+exposed through a `Kubernetes LoadBalancer`_ object.
+
+Typically, to be able to access the Kubernetes nodes publicly a public address
+is assigned. In OpenStack this is a floating IP address.
+
+When the `portal-app` chart is deployed a Kubernetes service is created that
+instantiates a load balancer. The LB chooses the private interface of one of
+the nodes as in the example below (10.0.0.4 is private to the K8s cluster only).
+Then to be able to access the portal on port 8989 from outside the K8s &
+OpenStack environment, the user needs to assign/get the floating IP address that
+corresponds to the private IP as follows::
+
+ > kubectl -n onap get services|grep "portal-app"
+ portal-app LoadBalancer 10.43.142.201 10.0.0.4 8989:30215/TCP,8006:30213/TCP,8010:30214/TCP 1d app=portal-app,release=dev
+
+
+In this example, use the 10.0.0.4 private address as a key find the
+corresponding public address which in this example is 10.12.6.155. If you're
+using OpenStack you'll do the lookup with the horizon GUI or the OpenStack CLI
+for your tenant (openstack server list). That IP is then used in your
+`/etc/hosts` to map the fixed DNS aliases required by the ONAP Portal as shown
+below::
+
+ 10.12.6.155 portal.api.simpledemo.onap.org
+ 10.12.6.155 vid.api.simpledemo.onap.org
+ 10.12.6.155 sdc.api.fe.simpledemo.onap.org
+ 10.12.6.155 sdc.workflow.plugin.simpledemo.onap.org
+ 10.12.6.155 sdc.dcae.plugin.simpledemo.onap.org
+ 10.12.6.155 portal-sdk.simpledemo.onap.org
+ 10.12.6.155 policy.api.simpledemo.onap.org
+ 10.12.6.155 aai.api.sparky.simpledemo.onap.org
+ 10.12.6.155 cli.api.simpledemo.onap.org
+ 10.12.6.155 msb.api.discovery.simpledemo.onap.org
+ 10.12.6.155 msb.api.simpledemo.onap.org
+ 10.12.6.155 clamp.api.simpledemo.onap.org
+ 10.12.6.155 so.api.simpledemo.onap.org
+ 10.12.6.155 sdc.workflow.plugin.simpledemo.onap.org
+
+Ensure you've disabled any proxy settings the browser you are using to access
+the portal and then simply access now the new ssl-encrypted URL:
+https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm
+
+.. note::
+ Using the HTTPS based Portal URL the Browser needs to be configured to accept
+ unsecure credentials.
+ Additionally when opening an Application inside the Portal, the Browser
+ might block the content, which requires to disable the blocking and reloading
+ of the page
+
+.. note::
+ Besides the ONAP Portal the Components can deliver additional user interfaces,
+ please check the Component specific documentation.
+
+.. note::
+
+ | Alternatives Considered:
+
+ - Kubernetes port forwarding was considered but discarded as it would require
+ the end user to run a script that opens up port forwarding tunnels to each of
+ the pods that provides a portal application widget.
+
+ - Reverting to a VNC server similar to what was deployed in the Amsterdam
+ release was also considered but there were many issues with resolution, lack
+ of volume mount, /etc/hosts dynamic update, file upload that were a tall order
+ to solve in time for the Beijing release.
+
+ Observations:
+
+ - If you are not using floating IPs in your Kubernetes deployment and directly attaching
+ a public IP address (i.e. by using your public provider network) to your K8S Node
+ VMs' network interface, then the output of 'kubectl -n onap get services | grep "portal-app"'
+ will show your public IP instead of the private network's IP. Therefore,
+ you can grab this public IP directly (as compared to trying to find the floating
+ IP first) and map this IP in /etc/hosts.
+
.. figure:: oomLogoV2-Monitor.png
:align: right
All highly available systems include at least one facility to monitor the
health of components within the system. Such health monitors are often used as
-inputs to distributed coordination systems (such as etcd, zookeeper, or consul)
-and monitoring systems (such as nagios or zabbix). OOM provides two mechanims
+inputs to distributed coordination systems (such as etcd, Zookeeper, or Consul)
+and monitoring systems (such as Nagios or Zabbix). OOM provides two mechanisms
to monitor the real-time health of an ONAP deployment:
- a Consul GUI for a human operator or downstream monitoring systems and
- a set of liveness probes which feed into the Kubernetes manager which
are described in the Heal section.
-Within ONAP Consul is the monitoring system of choice and deployed by OOM in two parts:
+Within ONAP, Consul is the monitoring system of choice and deployed by OOM in
+two parts:
- a three-way, centralized Consul server cluster is deployed as a highly
- available monitor of all of the ONAP components,and
+ available monitor of all of the ONAP components, and
- a number of Consul agents.
The Consul server provides a user interface that allows a user to graphically
For example, to upgrade a container by changing configuration, specifically an
environment value::
- > helm upgrade beijing onap/so --version 2.0.1 --set enableDebug=true
+ > helm deploy onap onap/so --version 2.0.1 --set enableDebug=true
Issuing this command will result in the appropriate container being stopped by
Kubernetes and replaced with a new container with the new environment value.
To upgrade a component to a new version with a new configuration file enter::
- > helm upgrade beijing onap/so --version 2.0.2 -f environments/demo.yaml
+ > helm deploy onap onap/so --version 2.0.2 -f environments/demo.yaml
To fetch release history enter::
what will happen with a given command prior to actually deleting anything. For
example::
- > helm delete --dry-run beijing
+ > helm undeploy onap --dry-run
-will display the outcome of deleting the 'beijing' release from the deployment.
+will display the outcome of deleting the 'onap' release from the
+deployment.
To completely delete a release and remove it from the internal store enter::
- > helm delete --purge beijing
+ > helm undeploy onap --purge
One can also remove individual components from a deployment by changing the
ONAP configuration values. For example, to remove `so` from a running
deployment enter::
- > helm upgrade beijing osn/onap --set so.enabled=false
+ > helm undeploy onap-so --purge
will remove `so` as the configuration indicates it's no longer part of the
deployment. This might be useful if a one wanted to replace just `so` by
Code Review / oom.git / blobdiff