X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=docs%2Foom_quickstart_guide.rst;h=5c0d5127bd0e1174f6de54ac78be63bf8e6b790c;hb=db52a6ddbb5e1f459d59051de6e54279fd095f06;hp=bd5e3eeee6a48539521968e086d3416a49340787;hpb=26eea1475362cc24c46132d11f564af7c783c2be;p=oom.git diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst index bd5e3eeee6..5c0d5127bd 100644 --- a/docs/oom_quickstart_guide.rst +++ b/docs/oom_quickstart_guide.rst @@ -1,8 +1,8 @@ .. This work is licensed under a .. Creative Commons Attribution 4.0 International License. .. http://creativecommons.org/licenses/by/4.0 -.. Copyright 2019 Amdocs, Bell Canada - +.. Copyright 2019-2020 Amdocs, Bell Canada, Orange, Samsung +.. _oom_quickstart_guide: .. _quick-start-label: OOM Quick Start Guide @@ -11,44 +11,51 @@ OOM Quick Start Guide .. figure:: oomLogoV2-medium.png :align: right -Once a kubernetes environment is available (follow the instructions in +Once a Kubernetes environment is available (follow the instructions in :ref:`cloud-setup-guide-label` if you don't have a cloud environment available), follow the following instructions to deploy ONAP. **Step 1.** Clone the OOM repository from ONAP gerrit:: - > git clone -b 4.0.0-ONAP http://gerrit.onap.org/r/oom --recurse-submodules + > git clone -b http://gerrit.onap.org/r/oom --recurse-submodules > cd oom/kubernetes +where can be an official release tag, such as + +* 4.0.0-ONAP for Dublin +* 5.0.1-ONAP for El Alto +* 6.0.0 for Frankfurt + **Step 2.** Install Helm Plugins required to deploy ONAP:: > sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm -**Step 3.** Customize the helm charts like oom/kubernetes/onap/values.yaml or an override -file like onap-all.yaml, onap-vfw.yaml or openstack.yaml file to suit your deployment with items like the -OpenStack tenant information. +**Step 3.** Customize the Helm charts like `oom/kubernetes/onap/values.yaml` or +an override file like `onap-all.yaml`, `onap-vfw.yaml` or `openstack.yaml` file +to suit your deployment with items like the OpenStack tenant information. .. note:: - Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in - the oom/kubernetes/onap/resources/overrides/ directory. + Standard and example override files (e.g. `onap-all.yaml`, `openstack.yaml`) can be found in + the `oom/kubernetes/onap/resources/overrides/` directory. a. You may want to selectively enable or disable ONAP components by changing - the `enabled: true/false` flags. + the ``enabled: true/false`` flags. - b. Encyrpt the OpenStack password using the shell tool for robot and put it in - the robot helm charts or robot section of openstack.yaml + b. Encrypt the OpenStack password using the shell tool for Robot and put it in + the Robot Helm charts or Robot section of `openstack.yaml` - c. Encrypt the OpenStack password using the java based script for SO helm charts - or SO section of openstack.yaml. + c. Encrypt the OpenStack password using the java based script for SO Helm charts + or SO section of `openstack.yaml`. - d. Update the OpenStack parameters that will be used by robot, SO and APPC helm + d. Update the OpenStack parameters that will be used by Robot, SO and APPC Helm charts or use an override file to replace them. + e. Add in the command line a value for the global master password (global.masterPassword). @@ -56,86 +63,83 @@ a. Enabling/Disabling Components: Here is an example of the nominal entries that need to be provided. We have different values file available for different contexts. -.. literalinclude:: onap-values.yaml +.. literalinclude:: ../kubernetes/onap/values.yaml :language: yaml b. Generating ROBOT Encrypted Password: -The ROBOT encrypted Password uses the same encryption.key as SO but an +The Robot encrypted Password uses the same encryption.key as SO but an openssl algorithm that works with the python based Robot Framework. .. note:: - To generate ROBOT openStackEncryptedPasswordHere : + To generate Robot ``openStackEncryptedPasswordHere``:: - ``cd so/resources/config/mso/`` - - ``/oom/kubernetes/so/resources/config/mso# echo -n "" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p`` + cd so/resources/config/mso/ + /oom/kubernetes/so/resources/config/mso# echo -n "" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p`` c. Generating SO Encrypted Password: The SO Encrypted Password uses a java based encryption utility since the Java encryption library is not easy to integrate with openssl/python that -ROBOT uses in Dublin. +Robot uses in Dublin and upper versions. .. note:: - To generate SO openStackEncryptedPasswordHere and openStackSoEncryptedPassword: - - SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key` + To generate SO ``openStackEncryptedPasswordHere`` and ``openStackSoEncryptedPassword`` + ensure `default-jdk` is installed:: - OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX + apt-get update; apt-get install default-jdk - git clone http://gerrit.onap.org/r/integration + Then execute:: - cd integration/deployment/heat/onap-rke/scripts + SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key` + OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX + git clone http://gerrit.onap.org/r/integration + cd integration/deployment/heat/onap-rke/scripts - javac Crypto.java - - [ if javac is not installed 'apt-get update ; apt-get install default-jdk' ] - - java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY" - + javac Crypto.java + java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY" d. Update the OpenStack parameters: -There are assumptions in the demonstration VNF heat templates about the networking -available in the environment. To get the most value out of these templates and the -automation that can help confirm the setup is correct, please observe the following -constraints. - -openStackPublicNetId: +There are assumptions in the demonstration VNF Heat templates about the +networking available in the environment. To get the most value out of these +templates and the automation that can help confirm the setup is correct, please +observe the following constraints. -This network should allow heat templates to add interfaces. -This need not be an external network, floating IPs can be assigned to the ports on -the VMs that are created by the heat template but its important that neutron allow -ports to be created on them. -openStackPrivateNetCidr: "10.0.0.0/16" +``openStackPublicNetId:`` + This network should allow Heat templates to add interfaces. + This need not be an external network, floating IPs can be assigned to the + ports on the VMs that are created by the heat template but its important that + neutron allow ports to be created on them. -This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity. -The demonstration heat templates assume that 10.0 prefix can be used by the VNFs and the -demonstration ip addressing plan embodied in the preload template prevent conflicts when -instantiating the various VNFs. If you need to change this, you will need to modify the preload -data in the robot helm chart like integration_preload_parametes.py and the demo/heat/preload_data -in the robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect -to create. +``openStackPrivateNetCidr: "10.0.0.0/16"`` + This ip address block is used to assign OA&M addresses on VNFs to allow ONAP + connectivity. The demonstration Heat templates assume that 10.0 prefix can be + used by the VNFs and the demonstration ip addressing plan embodied in the + preload template prevent conflicts when instantiating the various VNFs. If + you need to change this, you will need to modify the preload data in the + Robot Helm chart like integration_preload_parameters.py and the + demo/heat/preload_data in the Robot container. The size of the CIDR should + be sufficient for ONAP and the VMs you expect to create. -openStackOamNetworkCidrPrefix: "10.0" +``openStackOamNetworkCidrPrefix: "10.0"`` + This ip prefix mush match the openStackPrivateNetCidr and is a helper + variable to some of the Robot scripts for demonstration. A production + deployment need not worry about this setting but for the demonstration VNFs + the ip asssignment strategy assumes 10.0 ip prefix. -This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the -robot scripts for demonstration. A production deployment need not worry about this -setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix. +Example Keystone v2.0 - -Example Keystone v2.0 .. literalinclude:: example-integration-override.yaml :language: yaml Example Keystone v3 (required for Rocky and later releases) + .. literalinclude:: example-integration-override-v3.yaml :language: yaml - **Step 4.** To setup a local Helm server to server up the ONAP charts:: > helm serve & @@ -153,7 +157,11 @@ follows:: **Step 6.** Build a local Helm repository (from the kubernetes directory):: - > make all; make onap + > make SKIP_LINT=TRUE [HELM_BIN=] all ; make SKIP_LINT=TRUE [HELM_BIN=] onap + +`HELM_BIN` + Sets the helm binary to be used. The default value use helm from PATH. Allow the user to have + multiple version of helm in operating system and choose which one to use. **Step 7.** Display the onap charts that available to be deployed:: @@ -162,51 +170,74 @@ follows:: .. literalinclude:: helm-search.txt .. note:: - The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository. + The setup of the Helm repository is a one time activity. If you make changes + to your deployment charts or values be sure to use ``make`` to update your + local Helm repository. **Step 8.** Once the repo is setup, installation of ONAP can be done with a single command .. note:: - The --timeout 900 is currently required in Dublin to address long running initialization tasks - for DMaaP and SO. Without this timeout value both applications may fail to deploy. + The ``--timeout 900`` is currently required in Dublin and up to address long + running initialization tasks for DMaaP and SO. Without this timeout value both + applications may fail to deploy. + +.. danger:: + We've added the master password on the command line. + You shouldn't put it in a file for safety reason + please don't forget to change the value to something random + + A space is also added in front of the command so "history" doesn't catch it. + This masterPassword is very sensitive, please be careful! + To deploy all ONAP applications use this command:: > cd oom/kubernetes - > helm deploy dev local/onap --namespace onap -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900 + > helm deploy dev local/onap --namespace onap --set global.masterPassword=myAwesomePasswordThatINeedToChange -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900 -All override files may be customized (or replaced by other overrides) as per needs. +All override files may be customized (or replaced by other overrides) as per +needs. -onap-all.yaml +`onap-all.yaml` + Enables the modules in the ONAP deployment. As ONAP is very modular, it is + possible to customize ONAP and disable some components through this + configuration file. - Enables the modules in the ONAP deployment. As ONAP is very modular, it is possible to customize ONAP and disable some components through this configuration file. - -environment.yaml +`onap-all-ingress-nginx-vhost.yaml` + Alternative version of the `onap-all.yaml` but with global ingress controller + enabled. It requires the cluster configured with the nginx ingress controller + and load balancer. Please use this file instead `onap-all.yaml` if you want + to use experimental ingress controller feature. +`environment.yaml` Includes configuration values specific to the deployment environment. - Example: adapt readiness and liveness timers to the level of performance of your infrastructure - -openstack.yaml + Example: adapt readiness and liveness timers to the level of performance of + your infrastructure - Includes all the Openstack related information for the default target tenant you want to use to deploy VNFs from ONAP and/or additional parameters for the embedded tests. +`openstack.yaml` + Includes all the OpenStack related information for the default target tenant + you want to use to deploy VNFs from ONAP and/or additional parameters for the + embedded tests. **Step 9.** Verify ONAP installation -Use the following to monitor your deployment and determine when ONAP is ready for use:: +Use the following to monitor your deployment and determine when ONAP is ready +for use:: > kubectl get pods -n onap -o=wide .. note:: While all pods may be in a Running state, it is not a guarantee that all components are running fine. - Launch the healthcheck tests using Robot to verify that the components are healthy. + Launch the healthcheck tests using Robot to verify that the components are healthy:: - > ~/oom/kubernetes/robot/ete-k8s.sh onap health + > ~/oom/kubernetes/robot/ete-k8s.sh onap health **Step 10.** Undeploy ONAP +:: -> helm undeploy dev --purge + > helm undeploy dev --purge More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins