Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
#!/bin/bash
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
function usage(){
[ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
echo -e "usage: $0 [OPTIONS]"
echo -e "Install Juju for OSM"
echo -e " OPTIONS"
echo -e " -h / --help: print this help"
echo -e " -D <devops path> use local devops installation path"
echo -e " -s <stack name> or <namespace> user defined stack name when installed using swarm or namespace when installed using k8s, default is osm"
echo -e " -H <VCA host> use specific juju host controller IP"
echo -e " -S <VCA secret> use VCA/juju secret key"
echo -e " -P <VCA pubkey> use VCA/juju public key file"
echo -e " -l: LXD cloud yaml file"
echo -e " -L: LXD credentials yaml file"
echo -e " -K: Specifies the name of the controller to use - The controller must be already bootstrapped"
echo -e " --debug: debug mode"
echo -e " --cachelxdimages: cache local lxd images, create cronjob for that cache (will make installation longer)"
echo -e " --nojuju: do not juju, assumes already installed"
[ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
}
function update_juju_images(){
[ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
crontab -l | grep update-juju-lxc-images || (crontab -l 2>/dev/null; echo "0 4 * * 6 $USER ${OSM_DEVOPS}/installers/update-juju-lxc-images --xenial --bionic") | crontab -
${OSM_DEVOPS}/installers/update-juju-lxc-images --xenial --bionic
[ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
}
function install_juju() {
[ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
echo "Installing juju"
sudo snap install juju --classic --channel=$JUJU_VERSION/stable
[[ ":$PATH": != *":/snap/bin:"* ]] && PATH="/snap/bin:${PATH}"
[ -n "$INSTALL_CACHELXDIMAGES" ] && update_juju_images
echo "Finished installation of juju"
[ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
return 0
}
function juju_createcontroller_k8s(){
[ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
cat $HOME/.kube/config | juju add-k8s $OSM_VCA_K8S_CLOUDNAME --client \
|| FATAL "Failed to add K8s endpoint and credential for client in cloud $OSM_VCA_K8S_CLOUDNAME"
juju bootstrap -v --debug $OSM_VCA_K8S_CLOUDNAME $OSM_STACK_NAME \
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
--config controller-service-type=loadbalancer \
--agent-version=$JUJU_AGENT_VERSION \
|| FATAL "Failed to bootstrap controller $OSM_STACK_NAME in cloud $OSM_VCA_K8S_CLOUDNAME"
[ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
}
function juju_addlxd_cloud(){
[ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
mkdir -p /tmp/.osm
OSM_VCA_CLOUDNAME="lxd-cloud"
LXDENDPOINT=$DEFAULT_IP
LXD_CLOUD=/tmp/.osm/lxd-cloud.yaml
LXD_CREDENTIALS=/tmp/.osm/lxd-credentials.yaml
cat << EOF > $LXD_CLOUD
clouds:
$OSM_VCA_CLOUDNAME:
type: lxd
auth-types: [certificate]
endpoint: "https://$LXDENDPOINT:8443"
config:
ssl-hostname-verification: false
EOF
openssl req -nodes -new -x509 -keyout /tmp/.osm/client.key -out /tmp/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
local server_cert=`cat /var/snap/lxd/common/lxd/server.crt | sed 's/^/ /'`
local client_cert=`cat /tmp/.osm/client.crt | sed 's/^/ /'`
local client_key=`cat /tmp/.osm/client.key | sed 's/^/ /'`
cat << EOF > $LXD_CREDENTIALS
credentials:
$OSM_VCA_CLOUDNAME:
lxd-cloud:
auth-type: certificate
server-cert: |
$server_cert
client-cert: |
$client_cert
client-key: |
$client_key
EOF
lxc config trust add local: /tmp/.osm/client.crt
juju add-cloud -c $OSM_STACK_NAME $OSM_VCA_CLOUDNAME $LXD_CLOUD --force
juju add-credential -c $OSM_STACK_NAME $OSM_VCA_CLOUDNAME -f $LXD_CREDENTIALS
sg lxd -c "lxd waitready"
juju controller-config features=[k8s-operators]
[ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
}
function juju_createcontroller() {
[ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
if ! juju show-controller $OSM_STACK_NAME &> /dev/null; then
# Controller not found, create the controller
sudo usermod -a -G lxd ${USER}
sg lxd -c "juju bootstrap -v --debug --bootstrap-series=xenial --agent-version=$JUJU_AGENT_VERSION $OSM_VCA_CLOUDNAME $OSM_STACK_NAME"
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
fi
[ $(juju controllers | awk "/^${OSM_STACK_NAME}[\*| ]/{print $1}"|wc -l) -eq 1 ] || FATAL "Juju installation failed"
juju controller-config features=[k8s-operators]
[ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
}
#Safe unattended install of iptables-persistent
function check_install_iptables_persistent(){
[ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
echo -e "\nChecking required packages: iptables-persistent"
if ! dpkg -l iptables-persistent &>/dev/null; then
echo -e " Not installed.\nInstalling iptables-persistent requires root privileges"
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
sudo apt-get -yq install iptables-persistent
fi
[ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
}
function juju_createproxy() {
[ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
check_install_iptables_persistent
if ! sudo iptables -t nat -C PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST; then
sudo iptables -t nat -A PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST
sudo netfilter-persistent save
fi
[ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
}
DEBUG_INSTALL=""
INSTALL_CACHELXDIMAGES=""
INSTALL_NOJUJU=""
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
JUJU_VERSION=2.9
OSM_DEVOPS=
OSM_STACK_NAME=osm
OSM_VCA_HOST=
OSM_VCA_CLOUDNAME="localhost"
OSM_VCA_K8S_CLOUDNAME="k8scloud"
RE_CHECK='^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'
while getopts ":D:i:s:H:l:L:K:-: h" o; do
case "${o}" in
D)
OSM_DEVOPS="${OPTARG}"
;;
i)
DEFAULT_IP="${OPTARG}"
;;
s)
OSM_STACK_NAME="${OPTARG}" && [[ ! "${OPTARG}" =~ $RE_CHECK ]] && echo "Namespace $OPTARG is invalid. Regex used for validation is $RE_CHECK" && exit 0
;;
H)
OSM_VCA_HOST="${OPTARG}"
;;
l)
LXD_CLOUD_FILE="${OPTARG}"
;;
L)
LXD_CRED_FILE="${OPTARG}"
;;
K)
CONTROLLER_NAME="${OPTARG}"
;;
-)
[ "${OPTARG}" == "help" ] && usage && exit 0
[ "${OPTARG}" == "debug" ] && DEBUG_INSTALL="--debug" && continue
[ "${OPTARG}" == "nojuju" ] && INSTALL_NOJUJU="y" && continue
[ "${OPTARG}" == "cachelxdimages" ] && INSTALL_CACHELXDIMAGES="y" && continue
echo -e "Invalid option: '--$OPTARG'\n" >&2
usage && exit 1
;;
:)
echo "Option -$OPTARG requires an argument" >&2
usage && exit 1
;;
\?)
echo -e "Invalid option: '-$OPTARG'\n" >&2
usage && exit 1
;;
h)
usage && exit 0
;;
*)
usage && exit 1
;;
esac
done
source $OSM_DEVOPS/common/logging
source $OSM_DEVOPS/common/track
echo "DEBUG_INSTALL=$DEBUG_INSTALL"
echo "DEFAULT_IP=$DEFAULT_IP"
echo "OSM_DEVOPS=$OSM_DEVOPS"
echo "HOME=$HOME"
[ -z "$INSTALL_NOJUJU" ] && install_juju
track juju juju_install_ok
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
if [ -z "$OSM_VCA_HOST" ]; then
if [ -z "$CONTROLLER_NAME" ]; then
juju_createcontroller_k8s
juju_addlxd_cloud
if [ -n "$LXD_CLOUD_FILE" ]; then
[ -z "$LXD_CRED_FILE" ] && FATAL "The installer needs the LXD credential yaml if the LXD is external"
OSM_VCA_CLOUDNAME="lxd-cloud"
juju add-cloud $OSM_VCA_CLOUDNAME $LXD_CLOUD_FILE --force || juju update-cloud $OSM_VCA_CLOUDNAME --client -f $LXD_CLOUD_FILE
juju add-credential $OSM_VCA_CLOUDNAME -f $LXD_CRED_FILE || juju update-credential $OSM_VCA_CLOUDNAME lxd-cloud-creds -f $LXD_CRED_FILE
fi
juju_createcontroller
juju_createproxy
else
OSM_VCA_CLOUDNAME="lxd-cloud"
if [ -n "$LXD_CLOUD_FILE" ]; then
[ -z "$LXD_CRED_FILE" ] && FATAL "The installer needs the LXD credential yaml if the LXD is external"
juju add-cloud -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME $LXD_CLOUD_FILE --force || juju update-cloud lxd-cloud -c $CONTROLLER_NAME -f $LXD_CLOUD_FILE
juju add-credential -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME -f $LXD_CRED_FILE || juju update-credential lxd-cloud -c $CONTROLLER_NAME -f $LXD_CRED_FILE
else
mkdir -p ~/.osm
cat << EOF > ~/.osm/lxd-cloud.yaml
clouds:
lxd-cloud:
type: lxd
auth-types: [certificate]
endpoint: "https://$DEFAULT_IP:8443"
config:
ssl-hostname-verification: false
EOF
openssl req -nodes -new -x509 -keyout ~/.osm/client.key -out ~/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
local server_cert=`cat /var/snap/lxd/common/lxd/server.crt | sed 's/^/ /'`
local client_cert=`cat ~/.osm/client.crt | sed 's/^/ /'`
local client_key=`cat ~/.osm/client.key | sed 's/^/ /'`
cat << EOF > ~/.osm/lxd-credentials.yaml
credentials:
lxd-cloud:
lxd-cloud:
auth-type: certificate
server-cert: |
$server_cert
client-cert: |
$client_cert
client-key: |
$client_key
EOF
lxc config trust add local: ~/.osm/client.crt
juju add-cloud -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME ~/.osm/lxd-cloud.yaml --force || juju update-cloud lxd-cloud -c $CONTROLLER_NAME -f ~/.osm/lxd-cloud.yaml
juju add-credential -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME -f ~/.osm/lxd-credentials.yaml || juju update-credential lxd-cloud -c $CONTROLLER_NAME -f ~/.osm/lxd-credentials.yaml
fi
fi
[ -z "$CONTROLLER_NAME" ] && OSM_VCA_HOST=`sg lxd -c "juju show-controller $OSM_STACK_NAME"|grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
[ -n "$CONTROLLER_NAME" ] && OSM_VCA_HOST=`juju show-controller $CONTROLLER_NAME |grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
[ -z "$OSM_VCA_HOST" ] && FATAL "Cannot obtain juju controller IP address"
fi
track juju juju_controller_ok