X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=docs%2Foom_quickstart_guide.rst;h=565c43f4678b6e387c167a1dfb75ed667bfd57b9;hb=61b1c7bef72bf31e0c5b4c3241121e43082a1a01;hp=a965603efd97ef027e95ad2fd7d9121786971638;hpb=44742a297336c3dae6ac00450d19f53806d64dc1;p=oom.git diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index a965603efd..565c43f467 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -1,7 +1,8 @@ -.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. This work is licensed under a +.. Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 -.. Copyright 2018 Amdocs, Bell Canada - +.. Copyright 2019 Amdocs, Bell Canada +.. _oom_quickstart_guide: .. _quick-start-label: OOM Quick Start Guide @@ -16,28 +17,128 @@ available), follow the following instructions to deploy ONAP. **Step 1.** Clone the OOM repository from ONAP gerrit:: - > git clone -b casablanca http://gerrit.onap.org/r/oom + > git clone -b http://gerrit.onap.org/r/oom --recurse-submodules > cd oom/kubernetes -**Step 2.** Install Helm Plugins required to deploy the ONAP Casablanca release:: +where can be an offical release tag, such as +4.0.0-ONAP for Dublin +5.0.1-ONAP for El Alto +6.0.0-ONAP for Frankfurt + +**Step 2.** Install Helm Plugins required to deploy ONAP:: > sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm -**Step 3.** Customize the onap/values.yaml file to suit your deployment. You -may want to selectively enable or disable ONAP components by changing the -`enabled: true/false` flags as shown below: -.. literalinclude:: onap-values.yaml +**Step 3.** Customize the helm charts like `oom/kubernetes/onap/values.yaml` or an override +file like `onap-all.yaml`, `onap-vfw.yaml` or `openstack.yaml` file to suit your deployment +with items like the OpenStack tenant information. + +.. note:: + Standard and example override files (e.g. `onap-all.yaml`, `openstack.yaml`) can be found in + the `oom/kubernetes/onap/resources/overrides/` directory. + + + a. You may want to selectively enable or disable ONAP components by changing + the ``enabled: true/false`` flags. + + + b. Encrypt the OpenStack password using the shell tool for robot and put it in + the robot helm charts or robot section of `openstack.yaml` + + + c. Encrypt the OpenStack password using the java based script for SO helm charts + or SO section of `openstack.yaml`. + + + d. Update the OpenStack parameters that will be used by robot, SO and APPC helm + charts or use an override file to replace them. + + e. Add in the command line a value for the global master password (global.masterPassword). + + + +a. Enabling/Disabling Components: +Here is an example of the nominal entries that need to be provided. +We have different values file available for different contexts. + +.. literalinclude:: ../kubernetes/onap/values.yaml :language: yaml + +b. Generating ROBOT Encrypted Password: +The ROBOT encrypted Password uses the same encryption.key as SO but an +openssl algorithm that works with the python based Robot Framework. + +.. note:: + To generate ROBOT ``openStackEncryptedPasswordHere``:: + + cd so/resources/config/mso/ + /oom/kubernetes/so/resources/config/mso# echo -n "" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p`` + +c. Generating SO Encrypted Password: +The SO Encrypted Password uses a java based encryption utility since the +Java encryption library is not easy to integrate with openssl/python that +ROBOT uses in Dublin and upper versions. + .. note:: - To generate openStackEncryptedPasswordHere : + To generate SO ``openStackEncryptedPasswordHere`` and ``openStackSoEncryptedPassword`` + ensure `default-jdk` is installed:: + + apt-get update; apt-get install default-jdk + + Then execute:: + + SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key` + OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX + + git clone http://gerrit.onap.org/r/integration + cd integration/deployment/heat/onap-rke/scripts + + javac Crypto.java + java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY" + +d. Update the OpenStack parameters: - ``root@olc-rancher:~# cd so/resources/config/mso/`` +There are assumptions in the demonstration VNF heat templates about the networking +available in the environment. To get the most value out of these templates and the +automation that can help confirm the setup is correct, please observe the following +constraints. - ``root@olc-rancher:~/oom/kubernetes/so/resources/config/mso# echo -n "" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p`` -**Step 3.** To setup a local Helm server to server up the ONAP charts:: +``openStackPublicNetId:`` + This network should allow heat templates to add interfaces. + This need not be an external network, floating IPs can be assigned to the ports on + the VMs that are created by the heat template but its important that neutron allow + ports to be created on them. + +``openStackPrivateNetCidr: "10.0.0.0/16"`` + This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity. + The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the + demonstration ip addressing plan embodied in the preload template prevent conflicts when + instantiating the various VNFs. If you need to change this, you will need to modify the preload + data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data + in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect + to create. + +``openStackOamNetworkCidrPrefix: "10.0"`` + This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the + robot scripts for demonstration. A production deployment need not worry about this + setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix. + + +Example Keystone v2.0 + +.. literalinclude:: example-integration-override.yaml + :language: yaml + +Example Keystone v3 (required for Rocky and later releases) + +.. literalinclude:: example-integration-override-v3.yaml + :language: yaml + + +**Step 4.** To setup a local Helm server to server up the ONAP charts:: > helm serve & @@ -46,37 +147,75 @@ follows:: > helm repo add local http://127.0.0.1:8879 -**Step 4.** Verify your Helm repository setup with:: +**Step 5.** Verify your Helm repository setup with:: > helm repo list NAME URL local http://127.0.0.1:8879 -**Step 5.** Build a local Helm repository (from the kubernetes directory):: +**Step 6.** Build a local Helm repository (from the kubernetes directory):: > make all; make onap -**Step 6.** Display the charts that available to be deployed:: +**Step 7.** Display the onap charts that available to be deployed:: + + > helm search onap -l - > helm search -l .. literalinclude:: helm-search.txt .. note:: - The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository. + The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use ``make`` to update your local Helm repository. + +**Step 8.** Once the repo is setup, installation of ONAP can be done with a +single command + +.. note:: + The ``--timeout 900`` is currently required in Dublin and up to address long + running initialization tasks for DMaaP and SO. Without this timeout value both + applications may fail to deploy. + +.. danger:: + We've added the master password on the command line. + You shouldn't put it in a file for safety reason + please don't forget to change the value to something random + + A space is also added in front of the command so "history" doesn't catch it. + This masterPassword is very sensitive, please be careful! + + +To deploy all ONAP applications use this command:: + + > cd oom/kubernetes + > helm deploy dev local/onap --namespace onap --set global.masterPassword=myAwesomePasswordThatINeedToChange -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900 + +All override files may be customized (or replaced by other overrides) as per needs. -**Step 7.** Once the repo is setup, installation of ONAP can be done with a -single command:: +`onap-all.yaml` + Enables the modules in the ONAP deployment. As ONAP is very modular, it is possible to customize ONAP and disable some components through this configuration file. - > helm deploy dev local/onap --namespace onap +`environment.yaml` + Includes configuration values specific to the deployment environment. + Example: adapt readiness and liveness timers to the level of performance of your infrastructure + +`openstack.yaml` + Includes all the Openstack related information for the default target tenant you want to use to deploy VNFs from ONAP and/or additional parameters for the embedded tests. + +**Step 9.** Verify ONAP installation Use the following to monitor your deployment and determine when ONAP is ready for use:: - > kubectl get pods --all-namespaces -o=wide + > kubectl get pods -n onap -o=wide -Undeploying onap can be done using the following command:: +.. note:: + While all pods may be in a Running state, it is not a guarantee that all components are running fine. - > helm undeploy dev --purge + Launch the healthcheck tests using Robot to verify that the components are healthy:: + > ~/oom/kubernetes/robot/ete-k8s.sh onap health + +**Step 10.** Undeploy ONAP:: + + > helm undeploy dev --purge -More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins \ No newline at end of file +More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins