.. _Istio setup guide: https://istio.io/latest/docs/setup/install/helm/
.. _Gateway-API: https://gateway-api.sigs.k8s.io/
.. _Istio-Gateway: https://istio.io/latest/docs/reference/config/networking/gateway/
+.. _DefaultStorageClass: https://kubernetes.io/docs/tasks/administer-cluster/change-default-storage-class/
.. _oom_base_setup_guide:
::
NAME STATUS ROLES AGE VERSION
- onap-control-1 Ready controlplane,etcd 3h53m v1.23.8
- onap-control-2 Ready controlplane,etcd 3h53m v1.23.8
- onap-k8s-1 Ready worker 3h53m v1.23.8
- onap-k8s-2 Ready worker 3h53m v1.23.8
- onap-k8s-3 Ready worker 3h53m v1.23.8
- onap-k8s-4 Ready worker 3h53m v1.23.8
- onap-k8s-5 Ready worker 3h53m v1.23.8
- onap-k8s-6 Ready worker 3h53m v1.23.8
+ onap-control-1 Ready controlplane,etcd 3h53m v1.27.5
+ onap-control-2 Ready controlplane,etcd 3h53m v1.27.5
+ onap-k8s-1 Ready worker 3h53m v1.27.5
+ onap-k8s-2 Ready worker 3h53m v1.27.5
+ onap-k8s-3 Ready worker 3h53m v1.27.5
+ onap-k8s-4 Ready worker 3h53m v1.27.5
+ onap-k8s-5 Ready worker 3h53m v1.27.5
+ onap-k8s-6 Ready worker 3h53m v1.27.5
Install & configure helm
deploy 1.0.0 install (upgrade if release exists) parent chart and all subcharts as separate but related releases
undeploy 1.0.0 delete parent chart and subcharts that were deployed as separate releases
+Set the default StorageClass
+----------------------------
+
+In some ONAP components it is important to have a default storageClass defined (e.g. cassandra),
+if you don't want to explicitly set it during the deployment via helm overrides.
+
+Therefor you should set the default storageClass (if not done during the K8S cluster setup) via the command::
+
+ > kubectl patch storageclass <storageclass> -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
+
+see `DefaultStorageClass`_
Install the Strimzi Kafka Operator
----------------------------------
------------------
.. note::
- In London ONAP deployment supports the
+ The ONAP deployment supports the
`ONAP Next Generation Security & Logging Structure`_
ONAP is currenty supporting Istio as default ServiceMesh platform.
In the production setup 2 different Ingress setups are supported.
-- Istio Gateway `Istio-Gateway`_ (currently tested, but in the future deprecated)
-- Gateway API `Gateway-API`_ (in Alpha status, but will be standard in the future)
+- Gateway API `Gateway-API`_ (recommended)
+- Istio Gateway `Istio-Gateway`_ (alternative, but in the future deprecated)
Depending on the solution, the ONAP helm values.yaml has to be configured.
See the :ref:`OOM customized deployment<oom_customize_overrides>` section for more details.
-Istio Gateway
-^^^^^^^^^^^^^
+Gateway-API (recommended)
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Install the Gateway-API CRDs replacing the
+ <recommended-gwapi-version> with the version defined in
+ the :ref:`versions_table` table::
+
+ > kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/<recommended-gwapi-version>/experimental-install.yaml
+
+- Create a common Gateway instance named "common-gateway"
+ The following example uses provides listeners for HTTP(s), UDP and TCP
+
+ .. collapse:: common-gateway.yaml
+
+ .. include:: ../../resources/yaml/common-gateway.yaml
+ :code: yaml
+
+- Apply the change::
+
+ > kubectl apply -f common-gateway.yaml
+
+Istio Gateway (alternative)
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
- Create a namespace istio-ingress for the Istio Ingress gateway
and enable istio-injection::
--version <recommended-istio-version> -f ingress-istio.yaml --wait
-Gateway-API
-^^^^^^^^^^^
-
-- Install the Gateway-API CRDs replacing the
- <recommended-gwapi-version> with the version defined in
- the :ref:`versions_table` table::
-
- > kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/<recommended-gwapi-version>/experimental-install.yaml
-
-- Create a common Gateway instance
- TBD
-
Keycloak Installation
---------------------
-- Add helm repositories
+- Add helm repositories::
> helm repo add bitnami https://charts.bitnami.com/bitnami
> helm repo update
-- create keycloak namespace
+- create keycloak namespace::
> kubectl create namespace keycloak
- > kubectl label namespace keycloak istio-injection=enabled
+ > kubectl label namespace keycloak istio-injection=disabled
Install Keycloak-Database
^^^^^^^^^^^^^^^^^^^^^^^^^
.. include:: ../../resources/yaml/keycloak-db-values.yaml
:code: yaml
-- Install the Postgres DB
+- Install the Postgres DB::
> helm -n keycloak upgrade -i keycloak-db bitnami/postgresql --values ./keycloak-db-values.yaml
.. include:: ../../resources/yaml/keycloak-server-values.yaml
:code: yaml
-- Install keycloak
+- Install keycloak::
- > helm -n keycloak upgrade -i keycloak codecentric/keycloak --values ./keycloak-server-values.yaml
+ > helm -n keycloak upgrade -i keycloak codecentric/keycloakx --values ./keycloak-server-values.yaml
The required Ingress entry and REALM will be provided by the ONAP "Platform"
component.
+
+- Create Ingress gateway entry for the keycloak web interface
+ using the configured Ingress <base-url> (here "simpledemo.onap.org")
+ as described in :ref:`oom_customize_overrides`
+
+ .. collapse:: keycloak-ingress.yaml
+
+ .. include:: ../../resources/yaml/keycloak-ingress.yaml
+ :code: yaml
+
+- Add the Ingress entry for Keycloak::
+
+ > kubectl -n keycloak apply -f keycloak-ingress.yaml
+