--- /dev/null
+# Policy Framework Docker Compose
+
+The PF docker compose starts a small instance of docker containers for PF components.
+
+## Features
+
+- Starts all components, including Prometheus/Grafana dashboard and GUI (ACM and Apex)
+- Can start specific components
+- Expose fixed ports so all the REST endpoints can be called with localhost:component_port
+
+## Tech
+
+Things to be installed beforehand:
+
+- Linux VM if using Windows
+- Docker
+- Docker compose
+- Any editor
+
+## Installation
+
+Assuming the docker repository has been cloned and workdir is ../docker/compose
+
+- Install all PF components (excluding GUI)
+```sh
+./start-compose.sh
+```
+
+- Install all PF components + GUI
+
+```sh
+./start-compose.sh --gui
+```
+
+- Install an specific PF component
+(accepted options: api pap apex-pdp distribution drools-pdp drools-apps xacml-pdp
+policy-clamp-runtime-acm)
+
+
+```sh
+./start-compose.sh component
+
+# that will start apex-pdp and its dependencies (pap, api, db, simulator)
+./start-compose.sh apex-pdp
+```
+
+- Install an specific PF component with Grafana dashboard
+(accepted options: api pap apex-pdp distribution drools-pdp drools-apps xacml-pdp
+policy-clamp-runtime-acm)
+
+
+```sh
+./start-compose.sh component --grafana
+
+# that will start apex-pdp and its dependencies (pap, api, db, simulator) + grafana and prometheus server
+./start-compose.sh apex-pdp --grafana
+```
+
+## Docker image localization
+
+The docker images are always downloaded from nexus repository, but if needed to build a local
+image, edit the ``export-ports.sh`` script and change the variable ``CONTAINER_LOCATION``
+to be empty.
+
+
+## Docker image versions
+
+The start-compose script is always looking for the latest SNAPSHOT version available (will
+look locally first, then download from nexus if not available).
+Note: if latest Policy-API docker image is 2.8-SNAPSHOT-latest, but on nexus it was released
+2 days ago and in local environment it's 3 months old - it will use the 3 months old image,
+so it's recommended to keep an eye on it.
+
+If needed, the version can be edited on docker-compose.yml and docker-compose.gui.yml
+
+i.e: need to change db-migrator version
+from docker-compose.yml:
+``image: ${CONTAINER_LOCATION}onap/policy-db-migrator:${POLICY_DOCKER_VERSION}``
+
+replace the ${POLICY_DOCKER_VERSION} for the specific version needed
+
+
+## Logs
+
+To collect the docker-compose logs, simply run the following:
+
+```sh
+./start-compose.sh logs
+```
+Note: these are logs for installation only, not actual application usage
+
+It will generate a ``docker-compose.log`` file with the result.
+
+## Uninstall
+
+Simply run the ``stop-compose.sh`` script.
+
+```sh
+./stop-compose.sh
+```
POLICY_DROOLS_CONTAINER="policy-drools-pdp"
POLICY_XACML_CONTAINER="policy-xacml-pdp"
POLICY_DISTRIBUTION_CONTAINER="policy-distribution"
+SET_VALUES=""
DISTRIBUTION_CSAR=${WORKSPACE}/csit/resources/tests/data/csar
DIST_TEMP_FOLDER=/tmp/distribution
export ROBOT_LOG_DIR=${WORKSPACE}/csit/archives
export READINESS_CONTAINERS=()
-function spin_microk8s_cluster () {
+function spin_microk8s_cluster() {
echo "Verify if Microk8s cluster is running.."
microk8s version
exitcode="${?}"
- if [ "$exitcode" -ne 0 ]; then
+ if [ "$exitcode" -ne 0 ]; then
echo "Microk8s cluster not available, Spinning up the cluster.."
sudo snap install microk8s --classic --channel=1.25/stable
- if [ "${?}" -ne 0 ]; then
- echo "Failed to install kubernetes cluster. Aborting.."
- return 1
+ if [ "${?}" -ne 0 ]; then
+ echo "Failed to install kubernetes cluster. Aborting.."
+ return 1
fi
echo "Microk8s cluster installed successfully"
sudo usermod -a -G microk8s $USER
echo "Enabling DNS and helm3 plugins"
sudo microk8s.enable dns helm3 hostpath-storage
echo "Creating configuration file for Microk8s"
- sudo mkdir -p $HOME/.kube;
+ sudo mkdir -p $HOME/.kube
sudo chown -R $USER:$USER $HOME/.kube
- sudo microk8s kubectl config view --raw > $HOME/.kube/config
+ sudo microk8s kubectl config view --raw >$HOME/.kube/config
sudo chmod 600 $HOME/.kube/config
echo "K8s installation completed"
echo "----------------------------------------"
else
echo "K8s cluster is already running"
echo "----------------------------------------"
- return 0
+ return 0
fi
}
-
-function teardown_cluster () {
+function teardown_cluster() {
echo "Removing k8s cluster and k8s configuration file"
- sudo snap remove microk8s;rm -rf $HOME/.kube/config
+ sudo microk8s helm uninstall csit-policy
+ sudo microk8s helm uninstall prometheus
+ sudo microk8s helm uninstall csit-robot
+ rm -rf ${WORKSPACE}/helm/policy/Chart.lock
sudo rm -rf /dockerdata-nfs/mariadb-galera/
echo "K8s Cluster removed"
echo "Clean up docker"
- docker system prune -af
+ docker image prune -f
}
-
-function build_robot_image () {
+function build_robot_image() {
echo "Build docker image for robot framework"
- cd ${WORKSPACE}/csit/resources || exit;
+ cd ${WORKSPACE}/csit/resources || exit
clone_models
if [ "${PROJECT}" == "distribution" ] || [ "${PROJECT}" == "policy-distribution" ]; then
- copy_csar_file
+ copy_csar_file
fi
echo "Build robot framework docker image"
docker login -u docker -p docker nexus3.onap.org:10001
docker build . --file Dockerfile \
--build-arg CSIT_SCRIPT="$CSIT_SCRIPT" \
- --build-arg ROBOT_FILE="$ROBOT_FILE" \
+ --build-arg ROBOT_FILE="$ROBOT_FILE" \
--tag "${ROBOT_DOCKER_IMAGE}" --no-cache
echo "---------------------------------------------"
- echo "Importing robot image into microk8s registry"
- docker save -o policy-csit-robot.tar ${ROBOT_DOCKER_IMAGE}:latest
- sudo microk8s ctr image import policy-csit-robot.tar
}
-
-function start_csit () {
+function start_csit() {
build_robot_image
if [ "${?}" -eq 0 ]; then
+ echo "Importing robot image into microk8s registry"
+ docker save -o policy-csit-robot.tar ${ROBOT_DOCKER_IMAGE}:latest
+ sudo microk8s ctr image import policy-csit-robot.tar
rm -rf ${WORKSPACE}/csit/resources/policy-csit-robot.tar
rm -rf ${WORKSPACE}/csit/resources/tests/models/
echo "---------------------------------------------"
echo "Installing Robot framework pod for running CSIT"
cd ${WORKSPACE}/helm
mkdir -p ${ROBOT_LOG_DIR}
- sudo microk8s helm install csit-robot robot --set robot="$ROBOT_FILE" --set "readiness={${READINESS_CONTAINERS[*]}}" --set robotLogDir=$ROBOT_LOG_DIR;
+ sudo microk8s helm install csit-robot robot --set robot="$ROBOT_FILE" --set "readiness={${READINESS_CONTAINERS[*]}}" --set robotLogDir=$ROBOT_LOG_DIR
print_robot_log
- fi
+ teardown_cluster
+ fi
}
-
-function print_robot_log () {
+function print_robot_log() {
count_pods=0
while [[ ${count_pods} -eq 0 ]]; do
echo "Waiting for pods to come up..."
sleep 5
count_pods=$(sudo microk8s kubectl get pods --output name | wc -l)
done
+ sudo microk8s kubectl get po
robotpod=$(sudo microk8s kubectl get po | grep policy-csit)
podName=$(echo "$robotpod" | awk '{print $1}')
echo "The robot tests will begin once the policy components {${READINESS_CONTAINERS[*]}} are up and running..."
- sudo microk8s kubectl wait --for=jsonpath='{.status.phase}'=Running --timeout=700s pod/"$podName"
+ sudo microk8s kubectl wait --for=jsonpath='{.status.phase}'=Running --timeout=10m pod/"$podName"
sudo microk8s kubectl logs -f "$podName"
echo "Please check the logs of policy-csit-robot pod for the test execution results"
}
-
-function clone_models () {
+function clone_models() {
GERRIT_BRANCH=$(awk -F= '$1 == "defaultbranch" { print $2 }' "${WORKSPACE}"/.gitreview)
echo GERRIT_BRANCH="${GERRIT_BRANCH}"
# download models examples
# create a couple of variations of the policy definitions
sed -e 's!Measurement_vGMUX!ADifferentValue!' \
- tests/models/models-examples/src/main/resources/policies/vCPE.policy.monitoring.input.tosca.json \
+ tests/models/models-examples/src/main/resources/policies/vCPE.policy.monitoring.input.tosca.json \
>tests/models/models-examples/src/main/resources/policies/vCPE.policy.monitoring.input.tosca.v1_2.json
sed -e 's!"version": "1.0.0"!"version": "2.0.0"!' \
- -e 's!"policy-version": 1!"policy-version": 2!' \
- tests/models/models-examples/src/main/resources/policies/vCPE.policy.monitoring.input.tosca.json \
+ -e 's!"policy-version": 1!"policy-version": 2!' \
+ tests/models/models-examples/src/main/resources/policies/vCPE.policy.monitoring.input.tosca.json \
>tests/models/models-examples/src/main/resources/policies/vCPE.policy.monitoring.input.tosca.v2.json
}
-function copy_csar_file () {
- zip -F ${DISTRIBUTION_CSAR}/sample_csar_with_apex_policy.csar \
- --out ${DISTRIBUTION_CSAR}/csar_temp.csar -q
- # Remake temp directory
- sudo rm -rf "${DIST_TEMP_FOLDER}"
- sudo mkdir "${DIST_TEMP_FOLDER}"
- sudo cp ${DISTRIBUTION_CSAR}/csar_temp.csar ${DISTRIBUTION_CSAR}/temp.csar
- sudo mv ${DISTRIBUTION_CSAR}/temp.csar ${DIST_TEMP_FOLDER}/sample_csar_with_apex_policy.csar
+function copy_csar_file() {
+ zip -F ${DISTRIBUTION_CSAR}/sample_csar_with_apex_policy.csar \
+ --out ${DISTRIBUTION_CSAR}/csar_temp.csar -q
+ # Remake temp directory
+ sudo rm -rf "${DIST_TEMP_FOLDER}"
+ sudo mkdir "${DIST_TEMP_FOLDER}"
+ sudo cp ${DISTRIBUTION_CSAR}/csar_temp.csar ${DISTRIBUTION_CSAR}/temp.csar
+ sudo mv ${DISTRIBUTION_CSAR}/temp.csar ${DIST_TEMP_FOLDER}/sample_csar_with_apex_policy.csar
}
-function get_robot_file () {
- case $PROJECT in
-
- clamp | policy-clamp)
- export ROBOT_FILE=$POLICY_CLAMP_ROBOT
- export READINESS_CONTAINERS=($POLICY_CLAMP_CONTAINER)
- ;;
-
- api | policy-api)
- export ROBOT_FILE=$POLICY_API_ROBOT
- export READINESS_CONTAINERS=($POLICY_API_CONTAINER)
- ;;
-
- pap | policy-pap)
- export ROBOT_FILE=$POLICY_PAP_ROBOT
- export READINESS_CONTAINERS=($POLICY_APEX_CONTAINER,$POLICY_PAP_CONTAINER,$POLICY_API_CONTAINER,$POLICY_DROOLS_CONTAINER,
- $POLICY_XACML_CONTAINER)
- ;;
-
- apex-pdp | policy-apex-pdp)
- export ROBOT_FILE=$POLICY_APEX_PDP_ROBOT
- export READINESS_CONTAINERS=($POLICY_APEX_CONTAINER,$POLICY_API_CONTAINER,$POLICY_PAP_CONTAINER)
- ;;
-
- xacml-pdp | policy-xacml-pdp)
- export ROBOT_FILE=($POLICY_XACML_PDP_ROBOT)
- export READINESS_CONTAINERS=($POLICY_API_CONTAINER,$POLICY_PAP_CONTAINER,$POLICY_XACML_CONTAINER)
- ;;
-
- drools-pdp | policy-drools-pdp)
- export ROBOT_FILE=($POLICY_DROOLS_PDP_ROBOT)
- export READINESS_CONTAINERS=($POLICY_DROOLS_CONTAINER)
- ;;
-
- distribution | policy-distribution)
- export ROBOT_FILE=($POLICY_DISTRIBUTION_ROBOT)
- export READINESS_CONTAINERS=($POLICY_APEX_CONTAINER,$POLICY_API_CONTAINER,$POLICY_PAP_CONTAINER,
- $POLICY_DISTRIBUTION_CONTAINER)
- ;;
-
- *)
- echo "unknown project supplied"
- ;;
-esac
+function get_robot_file() {
+ case $PROJECT in
+
+ clamp | policy-clamp)
+ export ROBOT_FILE=$POLICY_CLAMP_ROBOT
+ export READINESS_CONTAINERS=($POLICY_CLAMP_CONTAINER)
+ ;;
+
+ api | policy-api)
+ export ROBOT_FILE=$POLICY_API_ROBOT
+ export READINESS_CONTAINERS=($POLICY_API_CONTAINER)
+ ;;
+
+ pap | policy-pap)
+ export ROBOT_FILE=$POLICY_PAP_ROBOT
+ export READINESS_CONTAINERS=($POLICY_APEX_CONTAINER,$POLICY_PAP_CONTAINER,$POLICY_API_CONTAINER,$POLICY_DROOLS_CONTAINER,
+ $POLICY_XACML_CONTAINER)
+ ;;
+
+ apex-pdp | policy-apex-pdp)
+ export ROBOT_FILE=$POLICY_APEX_PDP_ROBOT
+ export READINESS_CONTAINERS=($POLICY_APEX_CONTAINER,$POLICY_API_CONTAINER,$POLICY_PAP_CONTAINER)
+ ;;
+
+ xacml-pdp | policy-xacml-pdp)
+ export ROBOT_FILE=($POLICY_XACML_PDP_ROBOT)
+ export READINESS_CONTAINERS=($POLICY_API_CONTAINER,$POLICY_PAP_CONTAINER,$POLICY_XACML_CONTAINER)
+ ;;
+
+ drools-pdp | policy-drools-pdp)
+ export ROBOT_FILE=($POLICY_DROOLS_PDP_ROBOT)
+ export READINESS_CONTAINERS=($POLICY_DROOLS_CONTAINER)
+ ;;
+
+ distribution | policy-distribution)
+ export ROBOT_FILE=($POLICY_DISTRIBUTION_ROBOT)
+ export READINESS_CONTAINERS=($POLICY_APEX_CONTAINER,$POLICY_API_CONTAINER,$POLICY_PAP_CONTAINER,
+ $POLICY_DISTRIBUTION_CONTAINER)
+ ;;
+
+ *)
+ echo "unknown project supplied"
+ ;;
+ esac
+
+}
+
+function set_charts() {
+ case $PROJECT in
+
+ clamp | policy-clamp)
+ export SET_VALUES="--set $POLICY_CLAMP_CONTAINER.enabled=true"
+ ;;
+
+ api | policy-api)
+ export SET_VALUES="--set $POLICY_API_CONTAINER.enabled=true"
+ ;;
+
+ pap | policy-pap)
+ export SET_VALUES="--set $POLICY_APEX_CONTAINER.enabled=true --set $POLICY_PAP_CONTAINER.enabled=true --set $POLICY_API_CONTAINER.enabled=true
+ --set $POLICY_DROOLS_CONTAINER.enabled=true --set $POLICY_XACML_CONTAINER.enabled=true"
+ ;;
+
+ apex-pdp | policy-apex-pdp)
+ export SET_VALUES="--set $POLICY_APEX_CONTAINER.enabled=true --set $POLICY_PAP_CONTAINER.enabled=true --set $POLICY_API_CONTAINER.enabled=true"
+ ;;
+
+ xacml-pdp | policy-xacml-pdp)
+ export SET_VALUES="--set $POLICY_PAP_CONTAINER.enabled=true --set $POLICY_API_CONTAINER.enabled=true --set $POLICY_XACML_CONTAINER.enabled=true"
+ ;;
+
+ drools-pdp | policy-drools-pdp)
+ export SET_VALUES="--set $POLICY_DROOLS_CONTAINER.enabled=true"
+ ;;
+
+ distribution | policy-distribution)
+ export SET_VALUES="--set $POLICY_APEX_CONTAINER.enabled=true --set $POLICY_PAP_CONTAINER.enabled=true --set $POLICY_API_CONTAINER.enabled=true
+ --set $POLICY_DISTRIBUTION_CONTAINER.enabled=true"
+ ;;
+
+ *)
+ echo "all charts to be deployed"
+ ;;
+ esac
}
+OPERATION="$1"
+PROJECT="$2"
-if [ $1 == "install" ]; then
+if [ $OPERATION == "install" ]; then
spin_microk8s_cluster
- if [ "${?}" -eq 0 ]; then
+ if [ "${?}" -eq 0 ]; then
+ set_charts
echo "Installing policy helm charts in the default namespace"
- cd ${WORKSPACE}/helm || exit;
+ cd ${WORKSPACE}/helm || exit
sudo microk8s helm dependency build policy
- sudo microk8s helm install csit-policy policy
+ sudo microk8s helm install csit-policy policy ${SET_VALUES}
sudo microk8s helm install prometheus prometheus
echo "Policy chart installation completed"
- echo "-------------------------------------------"
+ echo "-------------------------------------------"
fi
- if [ "$2" ]; then
- export PROJECT=$2
+ if [ "$PROJECT" ]; then
+ export $PROJECT
export ROBOT_LOG_DIR=${WORKSPACE}/csit/archives/${PROJECT}
get_robot_file
echo "CSIT will be invoked from $ROBOT_FILE"
echo "No project supplied for running CSIT"
fi
-elif [ $1 == "uninstall" ]; then
+elif [ $OPERATION == "uninstall" ]; then
teardown_cluster
else
echo "Invalid arguments provided. Usage: $0 [option..] {install {project} | uninstall}"
fi
-