Newer
Older
#!/bin/bash
# Copyright 2016 Telefónica Investigación y Desarrollo S.A.U.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
function usage(){
echo -e "usage: $0 [OPTIONS]"
echo -e "Install OSM from binaries or source code (by default, from binaries)"
echo -e " OPTIONS"
garciadeblas
committed
echo -e " -h / --help: print this help"
echo -e " -y: do not prompt for confirmation, assumes yes"
echo -e " -r <repo>: use specified repository name for osm packages"
echo -e " -R <release>: use specified release for osm binaries (deb packages, lxd images, ...)"
echo -e " -u <repo base>: use specified repository url for osm packages"
echo -e " -k <repo key>: use specified repository public key url"
echo -e " -b <refspec>: install OSM from source code using a specific branch (master, v2.0, ...) or tag"
echo -e " -b master (main dev branch)"
echo -e " -b v2.0 (v2.0 branch)"
echo -e " -b tags/v1.1.0 (a specific tag)"
echo -e " ..."
echo -e " -c <orchestrator> deploy osm services using container <orchestrator>. Valid values are <k8s> or <swarm>. If -c is not used then osm will be deployed using default orchestrator. When used with --uninstall, osm services deployed by the orchestrator will be uninstalled"
echo -e " -s <stack name> or <namespace> user defined stack name when installed using swarm or namespace when installed using k8s, default is osm"
echo -e " -H <VCA host> use specific juju host controller IP"
echo -e " -S <VCA secret> use VCA/juju secret key"
echo -e " -P <VCA pubkey> use VCA/juju public key file"
echo -e " -C <VCA cacert> use VCA/juju CA certificate file"
garciadeblas
committed
echo -e " --vimemu: additionally deploy the VIM emulator as a docker container"
echo -e " --elk_stack: additionally deploy an ELK docker stack for event logging"
echo -e " --pla: install the PLA module for placement support"
echo -e " -m <MODULE>: install OSM but only rebuild or pull the specified docker images (NG-UI, NBI, LCM, RO, MON, POL, PLA, KAFKA, MONGO, PROMETHEUS, PROMETHEUS-CADVISOR, KEYSTONE-DB, NONE)"
echo -e " -o <ADDON>: ONLY (un)installs one of the addons (vimemu, elk_stack, k8s_monitor)"
echo -e " -O <openrc file path/cloud name>: Install OSM to an OpenStack infrastructure. <openrc file/cloud name> is required. If a <cloud name> is used, the clouds.yaml file should be under ~/.config/openstack/ or /etc/openstack/"
echo -e " -N <openstack public network name/ID>: Public network name required to setup OSM to OpenStack"
echo -e " -f <path to SSH public key>: Public SSH key to use to deploy OSM to OpenStack"
echo -e " -F <path to cloud-init file>: Cloud-Init userdata file to deploy OSM to OpenStack"
garciadeblas
committed
echo -e " -D <devops path> use local devops installation path"
echo -e " -w <work dir> Location to store runtime installation"
echo -e " -t <docker tag> specify osm docker tag (default is latest)"
echo -e " -l: LXD cloud yaml file"
echo -e " -L: LXD credentials yaml file"
echo -e " -K: Specifies the name of the controller to use - The controller must be already bootstrapped"
garciadeblas
committed
echo -e " -d <docker registry URL> use docker registry URL instead of dockerhub"
echo -e " -p <docker proxy URL> set docker proxy URL as part of docker CE configuration"
echo -e " -T <docker tag> specify docker tag for the modules specified with option -m"
echo -e " --nocachelxdimages: do not cache local lxd images, do not create cronjob for that cache (will save installation time, might affect instantiation time)"
echo -e " --nolxd: do not install and configure LXD, allowing unattended installations (assumes LXD is already installed and confifured)"
echo -e " --nodocker: do not install docker, do not initialize a swarm (assumes docker is already installed and a swarm has been initialized)"
echo -e " --nojuju: do not juju, assumes already installed"
echo -e " --nodockerbuild:do not build docker images (use existing locally cached images)"
echo -e " --nohostports: do not expose docker ports to host (useful for creating multiple instances of osm on the same host)"
echo -e " --nohostclient: do not install the osmclient"
garciadeblas
committed
echo -e " --uninstall: uninstall OSM: remove the containers and delete NAT rules"
echo -e " --source: install OSM from source code using the latest stable tag"
echo -e " --develop: (deprecated, use '-b master') install OSM from source code using the master branch"
echo -e " --pullimages: pull/run osm images from docker.io/opensourcemano"
echo -e " --k8s_monitor: install the OSM kubernetes monitoring with prometheus and grafana"
echo -e " --volume: create a VM volume when installing to OpenStack"
# echo -e " --reconfigure: reconfigure the modules (DO NOT change NAT rules)"
# echo -e " --update: update to the latest stable release or to the latest commit if using a specific branch"
echo -e " --showopts: print chosen options and exit (only for debugging)"
echo -e " --charmed: Deploy and operate OSM with Charms on k8s"
echo -e " [--bundle <bundle path>]: Specify with which bundle to deploy OSM with charms (--charmed option)"
echo -e " [--k8s <kubeconfig path>]: Specify with which kubernetes to deploy OSM with charms (--charmed option)"
echo -e " [--vca <name>]: Specifies the name of the controller to use - The controller must be already bootstrapped (--charmed option)"
echo -e " [--lxd <yaml path>]: Takes a YAML file as a parameter with the LXD Cloud information (--charmed option)"
echo -e " [--lxd-cred <yaml path>]: Takes a YAML file as a parameter with the LXD Credentials information (--charmed option)"
echo -e " [--microstack]: Installs microstack as a vim. (--charmed option)"
echo -e " [--overlay]: Add an overlay to override some defaults of the default bundle (--charmed option)"
echo -e " [--ha]: Installs High Availability bundle. (--charmed option)"
echo -e " [--tag]: Docker image tag. (--charmed option)"
echo -e " [--registry]: Docker registry with optional credentials as user:pass@hostname:port (--charmed option)"
# takes a juju/accounts.yaml file and returns the password specific
# for a controller. I wrote this using only bash tools to minimize
# additions of other packages
function parse_juju_password {
password_file="${HOME}/.local/share/juju/accounts.yaml"
local controller_name=$1
local s='[[:space:]]*' w='[a-zA-Z0-9_-]*' fs=$(echo @|tr @ '\034')
sed -ne "s|^\($s\):|\1|" \
-e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \
-e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" $password_file |
awk -F$fs -v controller=$controller_name '{
indent = length($1)/2;
vname[indent] = $2;
for (i in vname) {if (i > indent) {delete vname[i]}}
if (length($3) > 0) {
vn=""; for (i=0; i<indent; i++) {vn=(vn)(vname[i])("_")}
if (match(vn,controller) && match($2,"password")) {
printf("%s",$3);
}
}
}'
}
function generate_secret() {
head /dev/urandom | tr -dc A-Za-z0-9 | head -c 32
}
if [ -n "$KUBERNETES" ]; then
k8_volume=$1
echo "Removing ${k8_volume}"
$WORKDIR_SUDO rm -rf ${k8_volume}
else
stack=$1
volumes="mongo_db mon_db osm_packages ro_db pol_db prom_db ro"
for volume in $volumes; do
sg docker -c "docker volume rm ${stack}_${volume}"
done
fi
}
function remove_network() {
stack=$1
sg docker -c "docker network rm net${stack}"
}
function remove_iptables() {
stack=$1
if [ -z "$OSM_VCA_HOST" ]; then
OSM_VCA_HOST=`sg lxd -c "juju show-controller ${stack}"|grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
[ -z "$OSM_VCA_HOST" ] && FATAL "Cannot obtain juju controller IP address"
fi
DEFAULT_IF=$(ip route list|awk '$1=="default" {print $5; exit}')
garciadeblas
committed
[ -z "$DEFAULT_IF" ] && DEFAULT_IF=$(ip route list|awk '$1=="default" {print $5; exit}')
[ -z "$DEFAULT_IF" ] && FATAL "Not possible to determine the interface with the default route 0.0.0.0"
DEFAULT_IP=`ip -o -4 a |grep ${DEFAULT_IF}|awk '{split($4,a,"/"); print a[1]}'`
[ -z "$DEFAULT_IP" ] && FATAL "Not possible to determine the IP address of the interface with the default route"
fi
if sudo iptables -t nat -C PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST; then
sudo iptables -t nat -D PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST
sudo netfilter-persistent save
fi
}
function remove_stack() {
stack=$1
if sg docker -c "docker stack ps ${stack}" ; then
echo -e "\nRemoving stack ${stack}" && sg docker -c "docker stack rm ${stack}"
COUNTER=0
result=1
while [ ${COUNTER} -lt 30 ]; do
result=$(sg docker -c "docker stack ps ${stack}" | wc -l)
#echo "Dockers running: $result"
if [ "${result}" == "0" ]; then
break
fi
let COUNTER=COUNTER+1
sleep 1
done
if [ "${result}" == "0" ]; then
echo "All dockers of the stack ${stack} were removed"
else
FATAL "Some dockers of the stack ${stack} could not be removed. Could not clean it."
#removes osm deployments and services
function remove_k8s_namespace() {
kubectl delete ns $1
}
#removes helm only if there is nothing deployed in helm
function remove_helm() {
if [ "$(helm ls -q)" == "" ] ; then
sudo helm reset --force
sudo rm /usr/local/bin/helm
rm -rf $HOME/.helm
fi
}
function remove_crontab_job() {
crontab -l | grep -v '${OSM_DEVOPS}/installers/update-juju-lxc-images' | crontab -
}
#Uninstall osmclient
function uninstall_osmclient() {
sudo apt-get remove --purge -y python-osmclient
sudo apt-get remove --purge -y python3-osmclient
}
#Uninstall lightweight OSM: remove dockers
function uninstall_lightweight() {
if [ -n "$INSTALL_ONLY" ]; then
if [ -n "$INSTALL_ELK" ]; then
echo -e "\nUninstalling OSM ELK stack"
remove_stack osm_elk
$WORKDIR_SUDO rm -rf $OSM_DOCKER_WORK_DIR/osm_elk
fi
else
echo -e "\nUninstalling OSM"
if [ -n "$INSTALL_K8S_MONITOR" ]; then
# uninstall OSM MONITORING
uninstall_k8s_monitoring
fi
remove_k8s_namespace $OSM_STACK_NAME
else
remove_stack $OSM_STACK_NAME
remove_stack osm_elk
fi
echo "Now osm docker images and volumes will be deleted"
# TODO: clean-up of images should take into account if other tags were used for specific modules
newgrp docker << EONG
garciadeblas
committed
for module in ro lcm keystone nbi mon pol pla osmclient; do
docker image rm ${DOCKER_REGISTRY_URL}${DOCKER_USER}/${module}:${OSM_DOCKER_TAG}
done
EONG
sg docker -c "docker image rm ${DOCKER_REGISTRY_URL}${DOCKER_USER}/ng-ui:${OSM_DOCKER_TAG}"
if [ -n "$KUBERNETES" ]; then
OSM_NAMESPACE_VOL="${OSM_HOST_VOL}/${OSM_STACK_NAME}"
remove_volumes $OSM_NAMESPACE_VOL
else
remove_volumes $OSM_STACK_NAME
remove_network $OSM_STACK_NAME
[ -z "$CONTROLLER_NAME" ] && remove_iptables $OSM_STACK_NAME
echo "Removing $OSM_DOCKER_WORK_DIR"
$WORKDIR_SUDO rm -rf $OSM_DOCKER_WORK_DIR
[ -z "$CONTROLLER_NAME" ] && sg lxd -c "juju kill-controller -t 0 -y $OSM_STACK_NAME"
# Cleanup Openstack installer venv
if [ -d "$OPENSTACK_PYTHON_VENV" ]; then
rm -r $OPENSTACK_PYTHON_VENV
fi
[ -z "$INSTALL_NOHOSTCLIENT" ] && uninstall_osmclient
echo "Some docker images will be kept in case they are used by other docker stacks"
echo "To remove them, just run 'docker image prune' in a terminal"
return 0
}
#Safe unattended install of iptables-persistent
function check_install_iptables_persistent(){
echo -e "\nChecking required packages: iptables-persistent"
echo -e " Not installed.\nInstalling iptables-persistent requires root privileges"
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
sudo apt-get -yq install iptables-persistent
fi
}
#Configure NAT rules, based on the current IP addresses of containers
function nat(){
check_install_iptables_persistent
echo -e "\nConfiguring NAT rules"
echo -e " Required root privileges"
sudo $OSM_DEVOPS/installers/nat_osm
}
function FATAL(){
echo "FATAL error: Cannot install OSM due to \"$1\""
exit 1
}
function update_juju_images(){
crontab -l | grep update-juju-lxc-images || (crontab -l 2>/dev/null; echo "0 4 * * 6 $USER ${OSM_DEVOPS}/installers/update-juju-lxc-images --xenial --bionic") | crontab -
${OSM_DEVOPS}/installers/update-juju-lxc-images --xenial --bionic
}
function install_lxd() {
# Apply sysctl production values for optimal performance
garciadeblas
committed
sudo cp ${OSM_DEVOPS}/installers/60-lxd-production.conf /etc/sysctl.d/60-lxd-production.conf
sudo sysctl --system
# Install LXD snap
sudo apt-get remove --purge -y liblxc1 lxc-common lxcfs lxd lxd-client
# Configure LXD
sudo usermod -a -G lxd `whoami`
garciadeblas
committed
cat ${OSM_DEVOPS}/installers/lxd-preseed.conf | sed 's/^config: {}/config:\n core.https_address: '$DEFAULT_IP':8443/' | sg lxd -c "lxd init --preseed"
DEFAULT_INTERFACE=$(ip route list|awk '$1=="default" {print $5; exit}')
[ -z "$DEFAULT_INTERFACE" ] && DEFAULT_INTERFACE=$(route -n |awk '$1~/^0.0.0.0/ {print $8; exit}')
DEFAULT_MTU=$(ip addr show $DEFAULT_INTERFACE | perl -ne 'if (/mtu\s(\d+)/) {print $1;}')
sg lxd -c "lxc profile device set default eth0 mtu $DEFAULT_MTU"
sg lxd -c "lxc network set lxdbr0 bridge.mtu $DEFAULT_MTU"
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
#sudo systemctl stop lxd-bridge
#sudo systemctl --system daemon-reload
#sudo systemctl enable lxd-bridge
#sudo systemctl start lxd-bridge
}
function ask_user(){
# ask to the user and parse a response among 'y', 'yes', 'n' or 'no'. Case insensitive
# Params: $1 text to ask; $2 Action by default, can be 'y' for yes, 'n' for no, other or empty for not allowed
# Return: true(0) if user type 'yes'; false (1) if user type 'no'
read -e -p "$1" USER_CONFIRMATION
while true ; do
[ -z "$USER_CONFIRMATION" ] && [ "$2" == 'y' ] && return 0
[ -z "$USER_CONFIRMATION" ] && [ "$2" == 'n' ] && return 1
[ "${USER_CONFIRMATION,,}" == "yes" ] || [ "${USER_CONFIRMATION,,}" == "y" ] && return 0
[ "${USER_CONFIRMATION,,}" == "no" ] || [ "${USER_CONFIRMATION,,}" == "n" ] && return 1
read -e -p "Please type 'yes' or 'no': " USER_CONFIRMATION
done
}
function install_osmclient(){
CLIENT_RELEASE=${RELEASE#"-R "}
CLIENT_REPOSITORY_KEY="OSM%20ETSI%20Release%20Key.gpg"
CLIENT_REPOSITORY=${REPOSITORY#"-r "}
CLIENT_REPOSITORY_BASE=${REPOSITORY_BASE#"-u "}
key_location=$CLIENT_REPOSITORY_BASE/$CLIENT_RELEASE/$CLIENT_REPOSITORY_KEY
curl $key_location | sudo apt-key add -
sudo add-apt-repository -y "deb [arch=amd64] $CLIENT_REPOSITORY_BASE/$CLIENT_RELEASE $CLIENT_REPOSITORY osmclient IM"
sudo apt-get update
sudo apt-get install -y python3-pip
sudo -H LC_ALL=C python3 -m pip install -U pip
sudo -H LC_ALL=C python3 -m pip install -U python-magic pyangbind verboselogs
sudo apt-get install -y python3-osm-im python3-osmclient
if [ -f /usr/lib/python3/dist-packages/osm_im/requirements.txt ]; then
python3 -m pip install -r /usr/lib/python3/dist-packages/osm_im/requirements.txt
fi
if [ -f /usr/lib/python3/dist-packages/osmclient/requirements.txt ]; then
sudo apt-get install -y libcurl4-openssl-dev libssl-dev
python3 -m pip install -r /usr/lib/python3/dist-packages/osmclient/requirements.txt
#sed 's,OSM_SOL005=[^$]*,OSM_SOL005=True,' -i ${HOME}/.bashrc
#echo 'export OSM_HOSTNAME=localhost' >> ${HOME}/.bashrc
#echo 'export OSM_SOL005=True' >> ${HOME}/.bashrc
[ -z "$INSTALL_LIGHTWEIGHT" ] && export OSM_HOSTNAME=`lxc list | awk '($2=="SO-ub"){print $6}'`
[ -z "$INSTALL_LIGHTWEIGHT" ] && export OSM_RO_HOSTNAME=`lxc list | awk '($2=="RO"){print $6}'`
echo -e "\nOSM client installed"
if [ -z "$INSTALL_LIGHTWEIGHT" ]; then
echo -e "You might be interested in adding the following OSM client env variables to your .bashrc file:"
echo " export OSM_HOSTNAME=${OSM_HOSTNAME}"
echo " export OSM_RO_HOSTNAME=${OSM_RO_HOSTNAME}"
else
echo -e "OSM client assumes that OSM host is running in localhost (127.0.0.1)."
echo -e "In case you want to interact with a different OSM host, you will have to configure this env variable in your .bashrc file:"
echo " export OSM_HOSTNAME=<OSM_host>"
fi
return 0
}
function install_prometheus_nodeexporter(){
if (systemctl -q is-active node_exporter)
then
echo "Node Exporter is already running."
else
echo "Node Exporter is not active, installing..."
if getent passwd node_exporter > /dev/null 2>&1; then
echo "node_exporter user exists"
else
echo "Creating user node_exporter"
sudo useradd --no-create-home --shell /bin/false node_exporter
fi
garciadeblas
committed
wget -q https://github.com/prometheus/node_exporter/releases/download/v$PROMETHEUS_NODE_EXPORTER_TAG/node_exporter-$PROMETHEUS_NODE_EXPORTER_TAG.linux-amd64.tar.gz -P /tmp/
sudo tar -C /tmp -xf /tmp/node_exporter-$PROMETHEUS_NODE_EXPORTER_TAG.linux-amd64.tar.gz
sudo cp /tmp/node_exporter-$PROMETHEUS_NODE_EXPORTER_TAG.linux-amd64/node_exporter /usr/local/bin
sudo chown node_exporter:node_exporter /usr/local/bin/node_exporter
garciadeblas
committed
sudo rm -rf /tmp/node_exporter-$PROMETHEUS_NODE_EXPORTER_TAG.linux-amd64*
garciadeblas
committed
sudo cp ${OSM_DEVOPS}/installers/docker/prometheus_exporters/node_exporter.service /etc/systemd/system/node_exporter.service
sudo systemctl daemon-reload
sudo systemctl restart node_exporter
sudo systemctl enable node_exporter
echo "Node Exporter has been activated in this host."
fi
function uninstall_prometheus_nodeexporter(){
sudo systemctl stop node_exporter
sudo systemctl disable node_exporter
sudo rm /etc/systemd/system/node_exporter.service
sudo systemctl daemon-reload
sudo userdel node_exporter
sudo rm /usr/local/bin/node_exporter
return 0
}
function install_docker_ce() {
# installs and configures Docker CE
echo "Installing Docker CE ..."
sudo apt-get -qq update
sudo apt-get install -y apt-transport-https ca-certificates software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt-get -qq update
sudo apt-get install -y docker-ce
echo "Adding user to group 'docker'"
sudo groupadd -f docker
sudo usermod -aG docker $USER
sleep 2
sudo service docker restart
echo "... restarted Docker service"
garciadeblas
committed
if [ -n "${DOCKER_PROXY_URL}" ]; then
echo "Configuring docker proxy ..."
if [ -f /etc/docker/daemon.json ]; then
if grep -q registry-mirrors /etc/docker/daemon.json; then
sudo sed -i "s|registry-mirrors.*|registry-mirrors\": [\"${DOCKER_PROXY_URL}\"] |" /etc/docker/daemon.json
garciadeblas
committed
else
sudo sed -i "s|{|{\n \"registry-mirrors\": [\"${DOCKER_PROXY_URL}\"],|" /etc/docker/daemon.json
garciadeblas
committed
fi
else
sudo bash -c "cat << EOF > /etc/docker/daemon.json
garciadeblas
committed
{
\"registry-mirrors\": [\"${DOCKER_PROXY_URL}\"]
garciadeblas
committed
}
garciadeblas
committed
fi
garciadeblas
committed
sudo service docker restart
echo "... restarted Docker service again"
fi
sg docker -c "docker version" || FATAL "Docker installation failed"
echo "... Docker CE installation done"
return 0
}
function install_docker_compose() {
# installs and configures docker-compose
echo "Installing Docker Compose ..."
sudo curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
echo "... Docker Compose installation done"
}
function install_juju() {
echo "Installing juju"
sudo snap install juju --classic --channel=$JUJU_VERSION/stable
[[ ":$PATH": != *":/snap/bin:"* ]] && PATH="/snap/bin:${PATH}"
[ -n "$INSTALL_NOCACHELXDIMAGES" ] || update_juju_images
echo "Finished installation of juju"
return 0
}
function juju_createcontroller() {
if ! juju show-controller $OSM_STACK_NAME &> /dev/null; then
# Not found created, create the controller
sudo usermod -a -G lxd ${USER}
sg lxd -c "juju bootstrap --bootstrap-series=xenial --agent-version=$JUJU_AGENT_VERSION $OSM_VCA_CLOUDNAME $OSM_STACK_NAME"
[ $(juju controllers | awk "/^${OSM_STACK_NAME}[\*| ]/{print $1}"|wc -l) -eq 1 ] || FATAL "Juju installation failed"
juju controller-config features=[k8s-operators]
}
function juju_addk8s() {
cat $HOME/.kube/config | juju add-k8s $OSM_VCA_K8S_CLOUDNAME --controller $OSM_STACK_NAME --storage openebs-hostpath \
|| FATAL "Failed to add K8s endpoint and credential for controller $OSM_STACK_NAME in cloud $OSM_VCA_K8S_CLOUDNAME"
function juju_createcontroller_k8s(){
cat $HOME/.kube/config | juju add-k8s $OSM_VCA_K8S_CLOUDNAME --client \
|| FATAL "Failed to add K8s endpoint and credential for client in cloud $OSM_VCA_K8S_CLOUDNAME"
juju bootstrap $OSM_VCA_K8S_CLOUDNAME $OSM_STACK_NAME \
--config controller-service-type=loadbalancer \
--agent-version=$JUJU_AGENT_VERSION \
|| FATAL "Failed to bootstrap controller $OSM_STACK_NAME in cloud $OSM_VCA_K8S_CLOUDNAME"
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
}
function juju_addlxd_cloud(){
mkdir -p /tmp/.osm
OSM_VCA_CLOUDNAME="lxd-cloud"
LXDENDPOINT=$DEFAULT_IP
LXD_CLOUD=/tmp/.osm/lxd-cloud.yaml
LXD_CREDENTIALS=/tmp/.osm/lxd-credentials.yaml
cat << EOF > $LXD_CLOUD
clouds:
$OSM_VCA_CLOUDNAME:
type: lxd
auth-types: [certificate]
endpoint: "https://$LXDENDPOINT:8443"
config:
ssl-hostname-verification: false
EOF
openssl req -nodes -new -x509 -keyout /tmp/.osm/client.key -out /tmp/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
local server_cert=`cat /var/snap/lxd/common/lxd/server.crt | sed 's/^/ /'`
local client_cert=`cat /tmp/.osm/client.crt | sed 's/^/ /'`
local client_key=`cat /tmp/.osm/client.key | sed 's/^/ /'`
cat << EOF > $LXD_CREDENTIALS
credentials:
$OSM_VCA_CLOUDNAME:
lxd-cloud:
auth-type: certificate
server-cert: |
$server_cert
client-cert: |
$client_cert
client-key: |
$client_key
EOF
lxc config trust add local: /tmp/.osm/client.crt
juju add-cloud -c $OSM_STACK_NAME $OSM_VCA_CLOUDNAME $LXD_CLOUD --force
juju add-credential -c $OSM_STACK_NAME $OSM_VCA_CLOUDNAME -f $LXD_CREDENTIALS
sg lxd -c "lxd waitready"
juju controller-config features=[k8s-operators]
}
check_install_iptables_persistent
if ! sudo iptables -t nat -C PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST; then
sudo iptables -t nat -A PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST
function docker_login() {
echo "Docker login"
sg docker -c "docker login -u ${DOCKER_REGISTRY_USER} -p ${DOCKER_REGISTRY_PASSWORD}"
}
function generate_docker_images() {
echo "Pulling and generating docker images"
[ -n "${DOCKER_REGISTRY_URL}" ] && docker_login
garciadeblas
committed
echo "Pulling docker images"
if [ -z "$TO_REBUILD" ] || echo $TO_REBUILD | grep -q KAFKA ; then
sg docker -c "docker pull wurstmeister/zookeeper" || FATAL "cannot get zookeeper docker image"
sg docker -c "docker pull wurstmeister/kafka:${KAFKA_TAG}" || FATAL "cannot get kafka docker image"
fi
if [ -z "$TO_REBUILD" ] || echo $TO_REBUILD | grep -q MONGO ; then
sg docker -c "docker pull mongo" || FATAL "cannot get mongo docker image"
fi
if [ -z "$TO_REBUILD" ] || echo $TO_REBUILD | grep -q PROMETHEUS ; then
sg docker -c "docker pull prom/prometheus:${PROMETHEUS_TAG}" || FATAL "cannot get prometheus docker image"
fi
if [ -z "$TO_REBUILD" ] || echo $TO_REBUILD | grep -q PROMETHEUS-CADVISOR ; then
sg docker -c "docker pull google/cadvisor:${PROMETHEUS_CADVISOR_TAG}" || FATAL "cannot get prometheus cadvisor docker image"
fi
if [ -z "$TO_REBUILD" ] || echo $TO_REBUILD | grep -q GRAFANA ; then
sg docker -c "docker pull grafana/grafana:${GRAFANA_TAG}" || FATAL "cannot get grafana docker image"
if [ -z "$TO_REBUILD" ] || echo $TO_REBUILD | grep -q NBI || echo $TO_REBUILD | grep -q KEYSTONE-DB ; then
sg docker -c "docker pull mariadb:${KEYSTONEDB_TAG}" || FATAL "cannot get keystone-db docker image"
fi
if [ -z "$TO_REBUILD" ] || echo $TO_REBUILD | grep -q RO ; then
sg docker -c "docker pull mysql:5" || FATAL "cannot get mysql docker image"
fi
garciadeblas
committed
echo "Pulling OSM docker images"
for module in MON POL NBI KEYSTONE RO LCM NG-UI PLA osmclient; do
garciadeblas
committed
module_lower=${module,,}
if [ $module == "PLA" -a ! -n "$INSTALL_PLA" ]; then
continue
fi
garciadeblas
committed
if [ -n "${MODULE_DOCKER_TAG}" ] && echo $TO_REBUILD | grep -q $module ; then
module_tag="${MODULE_DOCKER_TAG}"
fi
echo "Pulling ${DOCKER_REGISTRY_URL}${DOCKER_USER}/${module_lower}:${module_tag} docker image"
garciadeblas
committed
sg docker -c "docker pull ${DOCKER_REGISTRY_URL}${DOCKER_USER}/${module_lower}:${module_tag}" || FATAL "cannot pull $module docker image"
done
garciadeblas
committed
_build_from=$COMMIT_ID
[ -z "$_build_from" ] && _build_from="latest"
echo "OSM Docker images generated from $_build_from"
for module in MON POL NBI KEYSTONE RO LCM NG-UI PLA; do
garciadeblas
committed
if [ -z "$TO_REBUILD" ] || echo $TO_REBUILD | grep -q ${module} ; then
module_lower=${module,,}
if [ $module == "PLA" -a ! -n "$INSTALL_PLA" ]; then
continue
fi
git -C ${LWTEMPDIR} clone https://osm.etsi.org/gerrit/osm/$module
git -C ${LWTEMPDIR}/${module} checkout ${COMMIT_ID}
sg docker -c "docker build ${LWTEMPDIR}/${module} -f ${LWTEMPDIR}/${module}/docker/Dockerfile -t ${DOCKER_USER}/${module_lower} --no-cache" || FATAL "cannot build ${module} docker image"
fi
done
if [ -z "$TO_REBUILD" ] || echo $TO_REBUILD | grep -q osmclient; then
BUILD_ARGS+=(--build-arg REPOSITORY="$REPOSITORY")
BUILD_ARGS+=(--build-arg RELEASE="$RELEASE")
BUILD_ARGS+=(--build-arg REPOSITORY_KEY="$REPOSITORY_KEY")
BUILD_ARGS+=(--build-arg REPOSITORY_BASE="$REPOSITORY_BASE")
sg docker -c "docker build -t ${DOCKER_USER}/osmclient ${BUILD_ARGS[@]} -f $OSM_DEVOPS/docker/osmclient ."
garciadeblas
committed
echo "Finished generation of docker images"
garciadeblas
committed
echo "Finished pulling and generating docker images"
function cmp_overwrite() {
file1="$1"
file2="$2"
if ! $(cmp "${file1}" "${file2}" >/dev/null 2>&1); then
if [ -f "${file2}" ]; then
ask_user "The file ${file2} already exists. Overwrite (y/N)? " n && cp -b ${file1} ${file2}
function generate_docker_compose_files() {
$WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/docker-compose.yaml $OSM_DOCKER_WORK_DIR/docker-compose.yaml
$WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/docker-compose-ngui.yaml $OSM_DOCKER_WORK_DIR/docker-compose-ui.yaml
if [ -n "$INSTALL_PLA" ]; then
$WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/osm_pla/docker-compose.yaml $OSM_DOCKER_WORK_DIR/osm_pla/docker-compose.yaml
fi
}
function generate_k8s_manifest_files() {
#Kubernetes resources
$WORKDIR_SUDO cp -bR ${OSM_DEVOPS}/installers/docker/osm_pods $OSM_DOCKER_WORK_DIR
$WORKDIR_SUDO rm -f $OSM_K8S_WORK_DIR/mongo.yaml
}
function generate_prometheus_grafana_files() {
[ -n "$KUBERNETES" ] && return
# Prometheus files
$WORKDIR_SUDO mkdir -p $OSM_DOCKER_WORK_DIR/prometheus
$WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/prometheus/prometheus.yml $OSM_DOCKER_WORK_DIR/prometheus/prometheus.yml
# Grafana files
$WORKDIR_SUDO mkdir -p $OSM_DOCKER_WORK_DIR/grafana
$WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/grafana/dashboards-osm.yml $OSM_DOCKER_WORK_DIR/grafana/dashboards-osm.yml
$WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/grafana/datasource-prometheus.yml $OSM_DOCKER_WORK_DIR/grafana/datasource-prometheus.yml
$WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/grafana/osm-sample-dashboard.json $OSM_DOCKER_WORK_DIR/grafana/osm-sample-dashboard.json
$WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/grafana/osm-system-dashboard.json $OSM_DOCKER_WORK_DIR/grafana/osm-system-dashboard.json
# Prometheus Exporters files
$WORKDIR_SUDO mkdir -p $OSM_DOCKER_WORK_DIR/prometheus_exporters
$WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/prometheus_exporters/node_exporter.service $OSM_DOCKER_WORK_DIR/prometheus_exporters/node_exporter.service
}
function generate_docker_env_files() {
garciadeblas
committed
echo "Doing a backup of existing env files"
$WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/keystone-db.env{,~}
$WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/keystone.env{,~}
$WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/lcm.env{,~}
$WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/mon.env{,~}
$WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/nbi.env{,~}
$WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/pol.env{,~}
$WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/ro-db.env{,~}
$WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/ro.env{,~}
echo "Generating docker env files"
# LCM
if [ ! -f $OSM_DOCKER_WORK_DIR/lcm.env ]; then
echo "OSMLCM_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
fi
if ! grep -Fq "OSMLCM_VCA_HOST" $OSM_DOCKER_WORK_DIR/lcm.env; then
echo "OSMLCM_VCA_HOST=${OSM_VCA_HOST}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
else
$WORKDIR_SUDO sed -i "s|OSMLCM_VCA_HOST.*|OSMLCM_VCA_HOST=$OSM_VCA_HOST|g" $OSM_DOCKER_WORK_DIR/lcm.env
fi
if ! grep -Fq "OSMLCM_VCA_SECRET" $OSM_DOCKER_WORK_DIR/lcm.env; then
echo "OSMLCM_VCA_SECRET=${OSM_VCA_SECRET}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
else
$WORKDIR_SUDO sed -i "s|OSMLCM_VCA_SECRET.*|OSMLCM_VCA_SECRET=$OSM_VCA_SECRET|g" $OSM_DOCKER_WORK_DIR/lcm.env
fi
if ! grep -Fq "OSMLCM_VCA_PUBKEY" $OSM_DOCKER_WORK_DIR/lcm.env; then
echo "OSMLCM_VCA_PUBKEY=${OSM_VCA_PUBKEY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
$WORKDIR_SUDO sed -i "s|OSMLCM_VCA_PUBKEY.*|OSMLCM_VCA_PUBKEY=${OSM_VCA_PUBKEY}|g" $OSM_DOCKER_WORK_DIR/lcm.env
if ! grep -Fq "OSMLCM_VCA_CACERT" $OSM_DOCKER_WORK_DIR/lcm.env; then
garciadeblas
committed
echo "OSMLCM_VCA_CACERT=${OSM_VCA_CACERT}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
garciadeblas
committed
$WORKDIR_SUDO sed -i "s|OSMLCM_VCA_CACERT.*|OSMLCM_VCA_CACERT=${OSM_VCA_CACERT}|g" $OSM_DOCKER_WORK_DIR/lcm.env
if [ -n "$OSM_VCA_APIPROXY" ]; then
if ! grep -Fq "OSMLCM_VCA_APIPROXY" $OSM_DOCKER_WORK_DIR/lcm.env; then
echo "OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
else
$WORKDIR_SUDO sed -i "s|OSMLCM_VCA_APIPROXY.*|OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}|g" $OSM_DOCKER_WORK_DIR/lcm.env
fi
if ! grep -Fq "OSMLCM_VCA_ENABLEOSUPGRADE" $OSM_DOCKER_WORK_DIR/lcm.env; then
echo "# OSMLCM_VCA_ENABLEOSUPGRADE=false" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
fi
if ! grep -Fq "OSMLCM_VCA_APTMIRROR" $OSM_DOCKER_WORK_DIR/lcm.env; then
echo "# OSMLCM_VCA_APTMIRROR=http://archive.ubuntu.com/ubuntu/" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
fi
if ! grep -Fq "OSMLCM_VCA_CLOUD" $OSM_DOCKER_WORK_DIR/lcm.env; then
echo "OSMLCM_VCA_CLOUD=${OSM_VCA_CLOUDNAME}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
else
$WORKDIR_SUDO sed -i "s|OSMLCM_VCA_CLOUD.*|OSMLCM_VCA_CLOUD=${OSM_VCA_CLOUDNAME}|g" $OSM_DOCKER_WORK_DIR/lcm.env
fi
if ! grep -Fq "OSMLCM_VCA_K8S_CLOUD" $OSM_DOCKER_WORK_DIR/lcm.env; then
echo "OSMLCM_VCA_K8S_CLOUD=${OSM_VCA_K8S_CLOUDNAME}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
else
$WORKDIR_SUDO sed -i "s|OSMLCM_VCA_K8S_CLOUD.*|OSMLCM_VCA_K8S_CLOUD=${OSM_VCA_K8S_CLOUDNAME}|g" $OSM_DOCKER_WORK_DIR/lcm.env
fi
# RO
MYSQL_ROOT_PASSWORD=$(generate_secret)
if [ ! -f $OSM_DOCKER_WORK_DIR/ro-db.env ]; then
echo "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/ro-db.env
if [ ! -f $OSM_DOCKER_WORK_DIR/ro.env ]; then
echo "RO_DB_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/ro.env
if ! grep -Fq "OSMRO_DATABASE_COMMONKEY" $OSM_DOCKER_WORK_DIR/ro.env; then
echo "OSMRO_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/ro.env
fi
# Keystone
KEYSTONE_DB_PASSWORD=$(generate_secret)
SERVICE_PASSWORD=$(generate_secret)
if [ ! -f $OSM_DOCKER_WORK_DIR/keystone-db.env ]; then
echo "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/keystone-db.env
fi
if [ ! -f $OSM_DOCKER_WORK_DIR/keystone.env ]; then
echo "ROOT_DB_PASSWORD=${MYSQL_ROOT_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/keystone.env
echo "KEYSTONE_DB_PASSWORD=${KEYSTONE_DB_PASSWORD}" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/keystone.env
echo "SERVICE_PASSWORD=${SERVICE_PASSWORD}" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/keystone.env
if [ ! -f $OSM_DOCKER_WORK_DIR/nbi.env ]; then
echo "OSMNBI_AUTHENTICATION_SERVICE_PASSWORD=${SERVICE_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/nbi.env
echo "OSMNBI_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/nbi.env
# MON
if [ ! -f $OSM_DOCKER_WORK_DIR/mon.env ]; then
echo "OSMMON_KEYSTONE_SERVICE_PASSWORD=${SERVICE_PASSWORD}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env
echo "OSMMON_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env
echo "OSMMON_SQL_DATABASE_URI=mysql://root:${MYSQL_ROOT_PASSWORD}@mysql:3306/mon" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env
fi
if ! grep -Fq "OS_NOTIFIER_URI" $OSM_DOCKER_WORK_DIR/mon.env; then
echo "OS_NOTIFIER_URI=http://${DEFAULT_IP}:8662" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env
else
$WORKDIR_SUDO sed -i "s|OS_NOTIFIER_URI.*|OS_NOTIFIER_URI=http://$DEFAULT_IP:8662|g" $OSM_DOCKER_WORK_DIR/mon.env
fi
if ! grep -Fq "OSMMON_VCA_HOST" $OSM_DOCKER_WORK_DIR/mon.env; then
echo "OSMMON_VCA_HOST=${OSM_VCA_HOST}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env
else
$WORKDIR_SUDO sed -i "s|OSMMON_VCA_HOST.*|OSMMON_VCA_HOST=$OSM_VCA_HOST|g" $OSM_DOCKER_WORK_DIR/mon.env
fi
if ! grep -Fq "OSMMON_VCA_SECRET" $OSM_DOCKER_WORK_DIR/mon.env; then
echo "OSMMON_VCA_SECRET=${OSM_VCA_SECRET}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env
else
$WORKDIR_SUDO sed -i "s|OSMMON_VCA_SECRET.*|OSMMON_VCA_SECRET=$OSM_VCA_SECRET|g" $OSM_DOCKER_WORK_DIR/mon.env
fi
if ! grep -Fq "OSMMON_VCA_CACERT" $OSM_DOCKER_WORK_DIR/mon.env; then
garciadeblas
committed
echo "OSMMON_VCA_CACERT=${OSM_VCA_CACERT}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env
garciadeblas
committed
$WORKDIR_SUDO sed -i "s|OSMMON_VCA_CACERT.*|OSMMON_VCA_CACERT=${OSM_VCA_CACERT}|g" $OSM_DOCKER_WORK_DIR/mon.env
# POL
if [ ! -f $OSM_DOCKER_WORK_DIR/pol.env ]; then
echo "OSMPOL_SQL_DATABASE_URI=mysql://root:${MYSQL_ROOT_PASSWORD}@mysql:3306/pol" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/pol.env
fi
echo "Finished generation of docker env files"
}
function generate_osmclient_script () {
garciadeblas
committed
echo "docker run -ti --network net${OSM_STACK_NAME} ${DOCKER_REGISTRY_URL}${DOCKER_USER}/osmclient:${OSM_DOCKER_TAG}" | $WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/osm
$WORKDIR_SUDO chmod +x "$OSM_DOCKER_WORK_DIR/osm"
echo "osmclient sidecar container can be found at: $OSM_DOCKER_WORK_DIR/osm"
}
#installs kubernetes packages
function install_kube() {
sudo apt-get update && sudo apt-get install -y apt-transport-https
curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
sudo add-apt-repository "deb https://apt.kubernetes.io/ kubernetes-xenial main"
sudo apt-get update
echo "Installing Kubernetes Packages ..."
K8S_VERSION=1.20.11-00
sudo apt-get install -y kubelet=${K8S_VERSION} kubeadm=${K8S_VERSION} kubectl=${K8S_VERSION}
}
#initializes kubernetes control plane
function init_kubeadm() {
sudo swapoff -a
sudo sed -i.bak '/.*none.*swap/s/^\(.*\)$/#\1/g' /etc/fstab
sudo kubeadm init --config $1
sleep 5
}
function kube_config_dir() {
[ ! -d $K8S_MANIFEST_DIR ] && FATAL "Cannot Install Kubernetes"
mkdir -p $HOME/.kube
sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
}
echo "Installing OpenEBS"
helm repo add openebs https://openebs.github.io/charts
helm repo update
helm install --create-namespace --namespace openebs openebs openebs/openebs --version 1.12.0
echo "Waiting for storageclass"
while (( counter < storageclass_timeout ))
do
kubectl get storageclass openebs-hostpath &> /dev/null
if [ $? -eq 0 ] ; then
echo "Storageclass available"
break
else
counter=$((counter + 15))
sleep 15
fi
done
[ -n "$storageclass_ready" ] || FATAL "Storageclass not ready after $storageclass_timeout seconds. Cannot install openebs"
kubectl patch storageclass openebs-hostpath -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
}
function install_k8s_metallb() {
METALLB_IP_RANGE=$DEFAULT_IP-$DEFAULT_IP
kubectl apply -f ${OSM_DEVOPS}/installers/k8s/metallb/metallb.yaml \
|| FATAL "Cannot install MetalLB"
echo "apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: default
protocol: layer2
addresses:
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
- $METALLB_IP_RANGE" | kubectl apply -f - \
|| FATAL "Cannot apply MetalLB ConfigMap"
}
#installs metallb from helm
function install_helm_metallb() {
METALLB_IP_RANGE=$DEFAULT_IP-$DEFAULT_IP
echo "configInline:
address-pools:
- name: default
protocol: layer2
addresses:
- $METALLB_IP_RANGE" | sudo tee -a $OSM_DOCKER_WORK_DIR/metallb-config.yaml
helm repo add metallb https://metallb.github.io/metallb
helm install --create-namespace --namespace metallb-system metallb metallb/metallb -f $OSM_DOCKER_WORK_DIR/metallb-config.yaml
}
#checks openebs and metallb readiness
function check_for_readiness() {
# Default input values
sampling_period=2 # seconds
time_for_readiness=20 # seconds ready
time_for_failure=200 # seconds broken
OPENEBS_NAMESPACE=openebs
METALLB_NAMESPACE=metallb-system
# STACK_NAME=osm # By default, "osm"
# Equivalent number of samples
oks_threshold=$((time_for_readiness/${sampling_period})) # No. ok samples to declare the system ready
failures_threshold=$((time_for_failure/${sampling_period})) # No. nok samples to declare the system broken
failures_in_a_row=0
oks_in_a_row=0
####################################################################################
# Loop to check system readiness
####################################################################################
while [[ (${failures_in_a_row} -lt ${failures_threshold}) && (${oks_in_a_row} -lt ${oks_threshold}) ]]
do
# State of OpenEBS
OPENEBS_STATE=$(kubectl get pod -n ${OPENEBS_NAMESPACE} --no-headers 2>&1)
OPENEBS_READY=$(echo "${OPENEBS_STATE}" | awk '$2=="1/1" || $2=="2/2" {printf ("%s\t%s\t\n", $1, $2)}')
OPENEBS_NOT_READY=$(echo "${OPENEBS_STATE}" | awk '$2!="1/1" && $2!="2/2" {printf ("%s\t%s\t\n", $1, $2)}')
COUNT_OPENEBS_READY=$(echo "${OPENEBS_READY}"| grep -v -e '^$' | wc -l)
COUNT_OPENEBS_NOT_READY=$(echo "${OPENEBS_NOT_READY}" | grep -v -e '^$' | wc -l)
# State of MetalLB
METALLB_STATE=$(kubectl get pod -n ${METALLB_NAMESPACE} --no-headers 2>&1)
METALLB_READY=$(echo "${METALLB_STATE}" | awk '$2=="1/1" || $2=="2/2" {printf ("%s\t%s\t\n", $1, $2)}')
METALLB_NOT_READY=$(echo "${METALLB_STATE}" | awk '$2!="1/1" && $2!="2/2" {printf ("%s\t%s\t\n", $1, $2)}')
COUNT_METALLB_READY=$(echo "${METALLB_READY}" | grep -v -e '^$' | wc -l)
COUNT_METALLB_NOT_READY=$(echo "${METALLB_NOT_READY}" | grep -v -e '^$' | wc -l)
# OK sample
if [[ $((${COUNT_OPENEBS_NOT_READY}+${COUNT_METALLB_NOT_READY})) -eq 0 ]]
then
((++oks_in_a_row))
failures_in_a_row=0
echo -ne ===\> Successful checks: "${oks_in_a_row}"/${oks_threshold}\\r
# NOK sample
else
((++failures_in_a_row))
oks_in_a_row=0
echo
echo Bootstraping... "${failures_in_a_row}" checks of ${failures_threshold}
# Reports failed pods in OpenEBS
if [[ "${COUNT_OPENEBS_NOT_READY}" -ne 0 ]]
then
echo "OpenEBS: Waiting for ${COUNT_OPENEBS_NOT_READY} of $((${COUNT_OPENEBS_NOT_READY}+${COUNT_OPENEBS_READY})) pods to be ready:"
echo "${OPENEBS_NOT_READY}"
echo
fi
# Reports failed statefulsets
if [[ "${COUNT_METALLB_NOT_READY}" -ne 0 ]]
then
echo "MetalLB: Waiting for ${COUNT_METALLB_NOT_READY} of $((${COUNT_METALLB_NOT_READY}+${COUNT_METALLB_READY})) pods to be ready:"
echo "${METALLB_NOT_READY}"
echo
fi
fi
#------------ NEXT SAMPLE
sleep ${sampling_period}
done
####################################################################################
# OUTCOME
####################################################################################
if [[ (${failures_in_a_row} -ge ${failures_threshold}) ]]
then
echo
FATAL "K8S CLUSTER IS BROKEN"
else
echo
echo "K8S CLUSTER IS READY"
fi
#deploys flannel as daemonsets
function deploy_cni_provider() {
CNI_DIR="$(mktemp -d -q --tmpdir "flannel.XXXXXX")"
trap 'rm -rf "${CNI_DIR}"' EXIT
wget -q https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml -P $CNI_DIR
kubectl apply -f $CNI_DIR
[ $? -ne 0 ] && FATAL "Cannot Install Flannel"
}
#creates secrets from env files which will be used by containers
function kube_secrets(){
kubectl create ns $OSM_STACK_NAME
kubectl create secret generic lcm-secret -n $OSM_STACK_NAME --from-env-file=$OSM_DOCKER_WORK_DIR/lcm.env
kubectl create secret generic mon-secret -n $OSM_STACK_NAME --from-env-file=$OSM_DOCKER_WORK_DIR/mon.env
kubectl create secret generic nbi-secret -n $OSM_STACK_NAME --from-env-file=$OSM_DOCKER_WORK_DIR/nbi.env
kubectl create secret generic ro-db-secret -n $OSM_STACK_NAME --from-env-file=$OSM_DOCKER_WORK_DIR/ro-db.env
kubectl create secret generic ro-secret -n $OSM_STACK_NAME --from-env-file=$OSM_DOCKER_WORK_DIR/ro.env
kubectl create secret generic keystone-secret -n $OSM_STACK_NAME --from-env-file=$OSM_DOCKER_WORK_DIR/keystone.env
kubectl create secret generic pol-secret -n $OSM_STACK_NAME --from-env-file=$OSM_DOCKER_WORK_DIR/pol.env
}
#taints K8s master node
function taint_master_node() {
K8S_MASTER=$(kubectl get nodes | awk '$3~/master/'| awk '{print $1}')
kubectl taint node $K8S_MASTER node-role.kubernetes.io/master:NoSchedule-
sleep 5
}
#deploys osm pods and services
function deploy_osm_services() {
kubectl apply -n $OSM_STACK_NAME -f $OSM_K8S_WORK_DIR
}