+++ /dev/null
-#################################################################
-# Global configuration overrides.
-#
-# These overrides will affect all helm charts (ie. applications)
-# that are listed below and are 'enabled'.
-#################################################################
-global:
- # Change to an unused port prefix range to prevent port conflicts
- # with other instances running within the same k8s cluster
- nodePortPrefix: 302
-
- # image repositories
- repository: nexus3.onap.org:10001
- repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
- # readiness check
- readinessRepository: oomk8s
- # logging agent
- loggingRepository: docker.elastic.co
-
- # image pull policy
- pullPolicy: Always
-
- # default mount path root directory referenced
- # by persistent volumes and log files
- persistence:
- mountPath: /dockerdata-nfs
-
- # flag to enable debugging - application support required
- debugEnabled: false
-
-
-#################################################################
-# Enable/disable and configure helm charts (ie. applications)
-# to customize the ONAP deployment.
-#################################################################
-aaf:
- enabled: true
-aai:
- enabled: true
-appc:
- enabled: true
-clamp:
- enabled: true
-cli:
- enabled: true
-consul: # Consul Health Check Monitoring
- enabled: true
-dcaegen2:
- enabled: true
-esr:
- enabled: true
-log: # ONAP Logging ElasticStack
- enabled: true
-message-router:
- enabled: true
-mock:
- enabled: true
-msb:
- enabled: true
-multicloud:
- enabled: true
-policy:
- enabled: true
-portal:
- enabled: true
-robot: # Robot Health Check
- enabled: true
-sdc:
- enabled: true
-sdnc:
- enabled: true
-so: # Service Orchestrator
- enabled: true
-
- replicaCount: 1
-
- liveness:
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
- # so server configuration
- config:
- # message router configuration
- dmaapTopic: "AUTO"
- # openstack configuration
- openStackUserName: "vnf_user"
- openStackRegion: "RegionOne"
- openStackKeyStoneUrl: "http://1.2.3.4:5000"
- openStackServiceTenantName: "service"
- openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
-
- # configure embedded mariadb
- mariadb:
- config:
- mariadbRootPassword: password
-uui:
- enabled: true
-vfc:
- enabled: true
-vid:
- enabled: true
-vnfsdk:
- enabled: true
.. table:: OOM Software Requirements
- ============== ========== ===== ======= ========
- Release Kubernetes Helm kubectl Docker
- ============== ========== ===== ======= ========
- amsterdam 1.7.x 2.3.x 1.7.x 1.12.x
- beijing 1.8.10 2.8.2 1.8.10 17.03.x
- casablanca/master 1.8.10 2.9.1 1.8.10 17.03.x
- ============== ========== ===== ======= ========
+ ============== =========== ===== ======== ========
+ Release Kubernetes Helm kubectl Docker
+ ============== =========== ===== ======== ========
+ amsterdam 1.7.x 2.3.x 1.7.x 1.12.x
+ beijing 1.8.10 2.8.2 1.8.10 17.03.x
+ casablanca 1.11.2 2.9.1 1.11.2 17.03.x
+ ============== =========== ===== ======== ========
Minimum Hardware Configuration
==============================
-The minimum hardware requirements are provided below. Note that although ONAP
-may operate on a single node as described production deployments will need at
-least three if not six nodes to ensure there is no single point of failure.
+The hardware requirements are provided below. Note that this is for a
+full ONAP deployment (all components). Customizing ONAP to deploy only
+components that are needed will drastically reduce the requirements.
.. table:: OOM Hardware Requirements
===== ===== ====== ====================
RAM HD vCores Ports
===== ===== ====== ====================
- 128GB 160GB 32 0.0.0.0/0 (all open)
+ 224GB 160GB 112 0.0.0.0/0 (all open)
===== ===== ====== ====================
.. note::
- Kubernetes supports a maximum of 110 pods per node which forces one to use at
- least two nodes to deploy all of ONAP although at least three are recommended
- (for example 4x32GB - 8 vCores each). Subsets of ONAP may still be deployed
- on a single node.
+ Kubernetes supports a maximum of 110 pods per node. The use of many small
+ nodes is preferred over a few larger nodes (for example 14x16GB - 8 vCores each).
+ Subsets of ONAP may still be deployed on a single node.
Cloud Installation
==================
**Step 1.** Clone the OOM repository from ONAP gerrit::
- > git clone -b beijing http://gerrit.onap.org/r/oom
+ > git clone -b casablanca http://gerrit.onap.org/r/oom
> cd oom/kubernetes
+**Step 2.** Install Helm Plugins required to deploy the ONAP Casablanca release::
+ sudo cp -R ~/oom/kubernetes/helm/plugins/ ~/.helm
-**Step 2.** Customize the onap/values.yaml file to suit your deployment. You
+**Step 3.** Customize the onap/values.yaml file to suit your deployment. You
may want to selectively enable or disable ONAP components by changing the
`enabled: true/false` flags as shown below:
-.. code-block:: yaml
-
- #################################################################
- # Global configuration overrides.
- #
- # These overrides will affect all helm charts (ie. applications)
- # that are listed below and are 'enabled'.
- #################################################################
- global:
- # Change to an unused port prefix range to prevent port conflicts
- # with other instances running within the same k8s cluster
- nodePortPrefix: 302
-
- # image repositories
- repository: nexus3.onap.org:10001
- repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
- # readiness check
- readinessRepository: oomk8s
- # logging agent
- loggingRepository: docker.elastic.co
-
- # image pull policy
- pullPolicy: Always
-
- # default mount path root directory referenced
- # by persistent volumes and log files
- persistence:
- mountPath: /dockerdata-nfs
-
- # flag to enable debugging - application support required
- debugEnabled: false
-
- #################################################################
- # Enable/disable and configure helm charts (ie. applications)
- # to customize the ONAP deployment.
- #################################################################
- aaf:
- enabled: true
- aai:
- enabled: true
- appc:
- enabled: true
- clamp:
- enabled: true
- cli:
- enabled: true
- consul: # Consul Health Check Monitoring
- enabled: true
- dcaegen2:
- enabled: true
- esr:
- enabled: true
- log:
- enabled: true
- message-router:
- enabled: true
- mock:
- enabled: true
- msb:
- enabled: true
- multicloud:
- enabled: true
- policy:
- enabled: true
- portal:
- enabled: true
- robot: # Robot Health Check
- enabled: true
- sdc:
- enabled: true
- sdnc:
- enabled: true
- so: # Service Orchestrator
- enabled: true
-
- replicaCount: 1
-
- liveness:
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
- # so server configuration
- config:
- # message router configuration
- dmaapTopic: "AUTO"
- # openstack configuration
- openStackUserName: "vnf_user"
- openStackRegion: "RegionOne"
- openStackKeyStoneUrl: "http://1.2.3.4:5000"
- openStackServiceTenantName: "service"
- openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
-
- # configure embedded mariadb
- mariadb:
- config:
- mariadbRootPassword: password
- uui:
- enabled: true
- vfc:
- enabled: true
- vid:
- enabled: true
- vnfsdk:
- enabled: true
+.. literalinclude:: onap-values.yaml
+ :language: yaml
.. note::
To generate openStackEncryptedPasswordHere :
**Step 5.** Build a local Helm repository (from the kubernetes directory)::
- > make all
+ > make all; make onap
**Step 6.** Display the charts that available to be deployed::
> helm search -l
- NAME VERSION DESCRIPTION
- local/appc 2.0.0 Application Controller
- local/clamp 2.0.0 ONAP Clamp
- local/common 2.0.0 Common templates for inclusion in other charts
- local/onap 2.0.0 Open Network Automation Platform (ONAP)
- local/robot 2.0.0 A helm Chart for kubernetes-ONAP Robot
- local/so 2.0.0 ONAP Service Orchestrator
+.. literalinclude:: helm-search.txt
.. note::
The setup of the Helm repository is a one time activity. If you make changes to your deployment charts or values be sure to use `make` to update your local Helm repository.
**Step 7.** Once the repo is setup, installation of ONAP can be done with a
single command::
- > helm install local/onap -n dev --namespace onap
+ > helm deploy dev local/onap --namespace onap
-.. note::
- The requirement for the use of the `onap` namespace will be lifted once the OOM team completes their Beijing deveivers.
Use the following to monitor your deployment and determine when ONAP is ready for use::
> kubectl get pods --all-namespaces -o=wide
+
+Undeploying onap can be done using the following command::
+ > helm undeploy dev --purge
+
+
+More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins
\ No newline at end of file
Select Flavor
-------------
Known issues exist if flavor is too small for Rancher. Please select a flavor
-with at least 4 vCPU and 8GB ram.
+with at least 4 vCPU and 8GB ram. A size of 8 vCPU and 16GB ram is recommended.
.. image:: Rancher-Select_Flavor.jpeg
* install nfs server
.. note::
- The Beijing release of OOM only supports Helm 2.8.2 not the 2.7.2 shown in
+ The Casablanca release of OOM only supports Helm 2.9.1 not the 2.7.2 shown in
the screen capture below. The supported versions of all the software components
are listed in the :ref:`cloud-setup-guide-label`.
The size of a Kubernetes host depends on the size of the ONAP deployment that
will be installed.
-As of the Beijing release a minimum of 3 x 32GB hosts will be needed to run a
-full ONAP deployment (all components).
+As of the Casablanca release a minimum 224GB will be needed to run a
+full ONAP deployment (all components). It is recommended that more hosts are used
+with fewer resources instead of only a few large hosts. For example 14 x 16GB hosts.
If a small subset of ONAP components are being deployed for testing purposes,
then a single 16GB or 32GB host should suffice.
To prepare your system for an installation of ONAP, you'll need to::
- > git clone -b beijing http://gerrit.onap.org/r/oom
+ > git clone -b casablanca http://gerrit.onap.org/r/oom
> cd oom/kubernetes
To deploy ONAP with this environment file, enter::
- > helm install local/onap -n beijing -f environments/onap-production.yaml
+ > helm deploy local/onap -n casablanca -f environments/onap-production.yaml
.. include:: environments_onap_demo.yaml
:code: yaml
10.12.6.155 portal.api.simpledemo.onap.org
10.12.6.155 vid.api.simpledemo.onap.org
10.12.6.155 sdc.api.fe.simpledemo.onap.org
+ 10.12.6.155 sdc.workflow.plugin.simpledemo.onap.org
+ 10.12.6.155 sdc.dcae.plugin.simpledemo.onap.org
10.12.6.155 portal-sdk.simpledemo.onap.org
10.12.6.155 policy.api.simpledemo.onap.org
10.12.6.155 aai.api.sparky.simpledemo.onap.org
10.12.6.155 cli.api.simpledemo.onap.org
10.12.6.155 msb.api.discovery.simpledemo.onap.org
+ 10.12.6.155 msb.api.simpledemo.onap.org
+ 10.12.6.155 clamp.api.simpledemo.onap.org
+ 10.12.6.155 so.api.simpledemo.onap.org
Ensure you've disabled any proxy settings the browser you are using to access
-the portal and then simply access the familiar URL:
-http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/login.htm
+the portal and then simply access now the new ssl-encrypted URL:
+https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm
+.. note::
+ Using the HTTPS based Portal URL the Browser needs to be configured to accept
+ unsecure credentials.
+ Additionally when opening an Application inside the Portal, the Browser
+ might block the content, which requires to disable the blocking and reloading
+ of the page
+
+.. note::
+ Besides the ONAP Portal the Components can deliver additional user interfaces,
+ please check the Component specific documentation.
.. note::
For example, to upgrade a container by changing configuration, specifically an
environment value::
- > helm upgrade beijing onap/so --version 2.0.1 --set enableDebug=true
+ > helm deploy casablanca onap/so --version 2.0.1 --set enableDebug=true
Issuing this command will result in the appropriate container being stopped by
Kubernetes and replaced with a new container with the new environment value.
To upgrade a component to a new version with a new configuration file enter::
- > helm upgrade beijing onap/so --version 2.0.2 -f environments/demo.yaml
+ > helm deploy casablanca onap/so --version 2.0.2 -f environments/demo.yaml
To fetch release history enter::
what will happen with a given command prior to actually deleting anything. For
example::
- > helm delete --dry-run beijing
+ > helm undeploy casablanca --dry-run
-will display the outcome of deleting the 'beijing' release from the deployment.
+will display the outcome of deleting the 'casablanca' release from the deployment.
To completely delete a release and remove it from the internal store enter::
- > helm delete --purge beijing
+ > helm undeploy casablanca --purge
One can also remove individual components from a deployment by changing the
ONAP configuration values. For example, to remove `so` from a running
deployment enter::
- > helm upgrade beijing osn/onap --set so.enabled=false
+ > helm undeploy casablanca-so --purge
will remove `so` as the configuration indicates it's no longer part of the
deployment. This might be useful if a one wanted to replace just `so` by
#!/bin/bash
DOCKER_VERSION=17.03
-KUBECTL_VERSION=1.8.10
+KUBECTL_VERSION=1.11.2
HELM_VERSION=2.9.1
# setup root access - default login: oom/oom - comment out to restrict access too ssh key only
#!/bin/bash
DOCKER_VERSION=17.03
-RANCHER_VERSION=1.6.18
-KUBECTL_VERSION=1.8.10
+RANCHER_VERSION=1.6.22
+KUBECTL_VERSION=1.11.2
HELM_VERSION=2.9.1
# setup root access - default login: oom/oom - comment out to restrict access too ssh key only
Release Notes
=============
+Version 3.0.0 Casablanca Release
+--------------------------------
+
+:Release Date: 2018-11-30
+
+Summary
+=======
+
+The focus of this release was on incremental improvements in the following areas:
+* Pluggable persistent storage with support for GlusterFS as the first storage class provisioner
+* CPU and Memory limits in Helm Charts to improve Pod placement based on resource availablity in Kubernetes Cluster
+* Support of Node Selectors for Pod placement
+* Common "shared" Helm Charts referencing common images
+ - mariadb-galera
+ - postgres
+ - cassandra
+ - mysql
+ - mongo
+* Integration of ARK Backup and Restore solution
+* Introduction of Helm deploy and undeploy plugins to better manage ONAP deployments
+
+
+**Security Notes**
+
+OOM code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found.
+
+Quick Links:
+ - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
+
+ - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
+
+
+**Known Issues**
+
+Problem: kubectl connections to pods (kubectl exec|logs) will fail after a while due to a known bug in Kubernetes (1.11.2)
+Workaround: Restart of the kubelet daemons on the k8s hosts
+Fix: Will be delivered in the next release via a new Kubernetes version (1.12)
+- `K8S Bug Report <https://github.com/kubernetes/kubernetes/issues/67659>`_
+- `OOM-1532 <https://jira.onap.org/browse/OOM-1532>`_
+- `OOM-1516 <https://jira.onap.org/browse/OOM-1516>`_
+- `OOM-1520 <https://jira.onap.org/browse/OOM-1520>`_
+
+
Version 2.0.0 Beijing Release
-----------------------------
# application configuration
config:
elasticsearchHttpPort: 9200
- gerritBranch: master
+ gerritBranch: 3.0.0-ONAP
gerritProject: http://gerrit.onap.org/r/aai/test-config
portalUsername: aaiui
portalPassword: 1t2v1vfv1unz1vgz1t3b
# Use to override default setting in blueprints
componentImages:
config_binding_service: onap/org.onap.dcaegen2.platform.configbinding.app-app:2.2.3
- datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.0.4
+ datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.1.0
deployment_handler: onap/org.onap.dcaegen2.platform.deployment-handler:3.0.3
holmes_rules: onap/holmes/rule-management:1.2.3
holmes_engine: onap/holmes/engine-management:1.2.2
# application configuration
config:
# gerrit branch where the latest code is checked in
- gerritBranch: master
+ gerritBranch: 3.0.0-ONAP
# gerrit project where the latest code is checked in
gerritProject: http://gerrit.onap.org/r/dmaap/messagerouter/messageservice.git
# application configuration
config:
# gerrit branch where the latest code is checked in
- gerritBranch: master
+ gerritBranch: 3.0.0-ONAP
# gerrit project where the latest code is checked in
gerritProject: http://gerrit.onap.org/r/dmaap/messagerouter/messageservice.git
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
robot:
enabled: true
config:
-# openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment
+ # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment
openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
sdc:
enabled: true
FROM boxfuse/flyway:5.0.7-alpine
-ARG branch=master
+ARG branch=3.0.0-ONAP
ENV no_proxy "localhost,127.0.0.1,.cluster.local,$KUBERNETES_SERVICE_HOST"
# Setup Corporate proxy
ENV https_proxy ${HTTP_PROXY}
config:
mariadbRootPassword: password
# gerrit branch where the latest heat code is checked in
- gerritBranch: master
+ gerritBranch: 3.0.0-ONAP
# gerrit project where the latest heat code is checked in
gerritProject: http://gerrit.onap.org/r/so/docker-config.git
# default number of instances
Code Review / oom.git / commitdiff