3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
7 # http://www.apache.org/licenses/LICENSE-2.0
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
17 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of
function
18 echo -e "usage: $0 [OPTIONS]"
19 echo -e "Install Juju for OSM"
21 echo -e " -h / --help: print this help"
22 echo -e " -D <devops path> use local devops installation path"
23 echo -e " -s <stack name> or <namespace> user defined stack name when installed using swarm or namespace when installed using k8s, default is osm"
24 echo -e " -H <VCA host> use specific juju host controller IP"
25 echo -e " -S <VCA secret> use VCA/juju secret key"
26 echo -e " -P <VCA pubkey> use VCA/juju public key file"
27 echo -e " -l: LXD cloud yaml file"
28 echo -e " -L: LXD credentials yaml file"
29 echo -e " -K: Specifies the name of the controller to use - The controller must be already bootstrapped"
30 echo -e " --debug: debug mode"
31 echo -e " --cachelxdimages: cache local lxd images, create cronjob for that cache (will make installation longer)"
32 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of
function
35 function update_juju_images
(){
36 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of
function
37 crontab
-l |
grep update-juju-lxc-images ||
(crontab
-l 2>/dev
/null
; echo "0 4 * * 6 $USER ${OSM_DEVOPS}/installers/update-juju-lxc-images --xenial --bionic") | crontab
-
38 ${OSM_DEVOPS}/installers
/update-juju-lxc-images
--xenial --bionic
39 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of
function
42 function install_juju_client
() {
43 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of
function
44 echo "Installing juju client"
45 sudo snap
install juju
--classic --channel=$JUJU_VERSION/stable
46 [[ ":$PATH": != *":/snap/bin:"* ]] && PATH
="/snap/bin:${PATH}"
47 [ -n "$INSTALL_CACHELXDIMAGES" ] && update_juju_images
48 echo "Finished installation of juju client"
49 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of
function
53 function juju_createcontroller_k8s
(){
54 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of
function
55 cat $HOME/.kube
/config | juju add-k8s
$OSM_VCA_K8S_CLOUDNAME --client \
56 || FATAL_TRACK juju
"Failed to add K8s endpoint and credential for client in cloud $OSM_VCA_K8S_CLOUDNAME"
58 JUJU_BOOTSTRAP_OPTS
=""
59 if [ -n "${OSM_BEHIND_PROXY}" ] ; then
60 K8S_SVC_CLUSTER_IP
=$
(kubectl get svc
/kubernetes
-o jsonpath
='{.spec.clusterIP}')
61 NO_PROXY
="${NO_PROXY},${K8S_SVC_CLUSTER_IP},.svc,.cluster.local"
63 JUJU_MODEL_CONFIG_FILE
=/tmp
/.osm
/model-config.yaml
64 cat << EOF > $JUJU_MODEL_CONFIG_FILE
65 apt-http-proxy: ${HTTP_PROXY}
66 apt-https-proxy: ${HTTPS_PROXY}
67 juju-http-proxy: ${HTTP_PROXY}
68 juju-https-proxy: ${HTTPS_PROXY}
69 juju-no-proxy: ${NO_PROXY}
70 snap-http-proxy: ${HTTP_PROXY}
71 snap-https-proxy: ${HTTPS_PROXY}
73 JUJU_BOOTSTRAP_OPTS
="--model-default /tmp/.osm/model-config.yaml"
75 juju bootstrap
-v --debug $OSM_VCA_K8S_CLOUDNAME $OSM_NAMESPACE \
76 --config controller-service-type
=loadbalancer \
77 --agent-version=$JUJU_AGENT_VERSION \
78 ${JUJU_BOOTSTRAP_OPTS} \
79 || FATAL_TRACK juju
"Failed to bootstrap controller $OSM_NAMESPACE in cloud $OSM_VCA_K8S_CLOUDNAME"
80 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of
function
83 function juju_addlxd_cloud
(){
84 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of
function
86 OSM_VCA_CLOUDNAME
="lxd-cloud"
87 LXDENDPOINT
=$DEFAULT_IP
88 LXD_CLOUD
=/tmp
/.osm
/lxd-cloud.yaml
89 LXD_CREDENTIALS
=/tmp
/.osm
/lxd-credentials.yaml
91 cat << EOF > $LXD_CLOUD
95 auth-types: [certificate]
96 endpoint: "https://$LXDENDPOINT:8443"
98 ssl-hostname-verification: false
100 openssl req
-nodes -new -x509 -keyout /tmp
/.osm
/client.key
-out /tmp
/.osm
/client.crt
-days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
101 cat << EOF > $LXD_CREDENTIALS
105 auth-type: certificate
106 server-cert: /var/snap/lxd/common/lxd/server.crt
107 client-cert: /tmp/.osm/client.crt
108 client-key: /tmp/.osm/client.key
110 lxc config trust add
local: /tmp
/.osm
/client.crt
111 juju add-cloud
-c $OSM_NAMESPACE $OSM_VCA_CLOUDNAME $LXD_CLOUD --force
112 juju add-credential
-c $OSM_NAMESPACE $OSM_VCA_CLOUDNAME -f $LXD_CREDENTIALS
113 sg lxd
-c "lxd waitready"
114 juju controller-config features
=[k8s-operators
]
115 if [ -n "${OSM_BEHIND_PROXY}" ] ; then
116 if [ -n "${HTTP_PROXY}" ]; then
117 juju model-default lxd-cloud apt-http-proxy
="$HTTP_PROXY"
118 juju model-default lxd-cloud juju-http-proxy
="$HTTP_PROXY"
119 juju model-default lxd-cloud snap-http-proxy
="$HTTP_PROXY"
121 if [ -n "${HTTPS_PROXY}" ]; then
122 juju model-default lxd-cloud apt-https-proxy
="$HTTPS_PROXY"
123 juju model-default lxd-cloud juju-https-proxy
="$HTTPS_PROXY"
124 juju model-default lxd-cloud snap-https-proxy
="$HTTPS_PROXY"
126 [ -n "${NO_PROXY}" ] && juju model-default lxd-cloud juju-no-proxy
="$NO_PROXY"
128 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of
function
131 #Safe unattended install of iptables-persistent
132 function check_install_iptables_persistent
(){
133 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of
function
134 echo -e "\nChecking required packages: iptables-persistent"
135 if ! dpkg
-l iptables-persistent
&>/dev
/null
; then
136 echo -e " Not installed.\nInstalling iptables-persistent requires root privileges"
137 echo iptables-persistent iptables-persistent
/autosave_v4 boolean true | sudo debconf-set-selections
138 echo iptables-persistent iptables-persistent
/autosave_v6 boolean true | sudo debconf-set-selections
139 sudo apt-get
-yq install iptables-persistent
141 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of
function
144 function juju_createproxy
() {
145 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of
function
146 check_install_iptables_persistent
148 if ! sudo iptables
-t nat
-C PREROUTING
-p tcp
-m tcp
-d $DEFAULT_IP --dport 17070 -j DNAT
--to-destination $OSM_VCA_HOST; then
149 sudo iptables
-t nat
-A PREROUTING
-p tcp
-m tcp
-d $DEFAULT_IP --dport 17070 -j DNAT
--to-destination $OSM_VCA_HOST
150 sudo netfilter-persistent save
152 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of
function
156 INSTALL_CACHELXDIMAGES
=""
158 JUJU_AGENT_VERSION
=2.9.43
164 OSM_VCA_CLOUDNAME
="localhost"
165 OSM_VCA_K8S_CLOUDNAME
="k8scloud"
166 RE_CHECK
='^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'
168 while getopts ":D:i:s:H:l:L:K:-: hP" o
; do
171 OSM_DEVOPS
="${OPTARG}"
174 DEFAULT_IP
="${OPTARG}"
177 OSM_NAMESPACE
="${OPTARG}" && [[ ! "${OPTARG}" =~
$RE_CHECK ]] && echo "Namespace $OPTARG is invalid. Regex used for validation is $RE_CHECK" && exit 0
180 OSM_VCA_HOST
="${OPTARG}"
183 LXD_CLOUD_FILE
="${OPTARG}"
186 LXD_CRED_FILE
="${OPTARG}"
189 CONTROLLER_NAME
="${OPTARG}"
195 [ "${OPTARG}" == "help" ] && usage
&& exit 0
196 [ "${OPTARG}" == "debug" ] && DEBUG_INSTALL
="--debug" && continue
197 [ "${OPTARG}" == "cachelxdimages" ] && INSTALL_CACHELXDIMAGES
="y" && continue
198 echo -e "Invalid option: '--$OPTARG'\n" >&2
202 echo "Option -$OPTARG requires an argument" >&2
206 echo -e "Invalid option: '-$OPTARG'\n" >&2
218 source $OSM_DEVOPS/common
/logging
219 source $OSM_DEVOPS/common
/track
221 echo "DEBUG_INSTALL=$DEBUG_INSTALL"
222 echo "DEFAULT_IP=$DEFAULT_IP"
223 echo "OSM_BEHIND_PROXY=$OSM_BEHIND_PROXY"
224 echo "OSM_DEVOPS=$OSM_DEVOPS"
227 [ -z "$INSTALL_NOJUJU" ] && install_juju_client
228 track juju juju_client_ok
230 if [ -z "$OSM_VCA_HOST" ]; then
231 if [ -z "$CONTROLLER_NAME" ]; then
232 juju_createcontroller_k8s
234 if [ -n "$LXD_CLOUD_FILE" ]; then
235 [ -z "$LXD_CRED_FILE" ] && FATAL_TRACK juju
"The installer needs the LXD credential yaml if the LXD is external"
236 OSM_VCA_CLOUDNAME
="lxd-cloud"
237 juju add-cloud
$OSM_VCA_CLOUDNAME $LXD_CLOUD_FILE --force || juju update-cloud
$OSM_VCA_CLOUDNAME --client -f $LXD_CLOUD_FILE
238 juju add-credential
$OSM_VCA_CLOUDNAME -f $LXD_CRED_FILE || juju update-credential
$OSM_VCA_CLOUDNAME lxd-cloud-creds
-f $LXD_CRED_FILE
242 OSM_VCA_CLOUDNAME
="lxd-cloud"
243 if [ -n "$LXD_CLOUD_FILE" ]; then
244 [ -z "$LXD_CRED_FILE" ] && FATAL_TRACK juju
"The installer needs the LXD credential yaml if the LXD is external"
245 juju add-cloud
-c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME $LXD_CLOUD_FILE --force || juju update-cloud lxd-cloud
-c $CONTROLLER_NAME -f $LXD_CLOUD_FILE
246 juju add-credential
-c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME -f $LXD_CRED_FILE || juju update-credential lxd-cloud
-c $CONTROLLER_NAME -f $LXD_CRED_FILE
249 cat << EOF > ~/.osm/lxd-cloud.yaml
253 auth-types: [certificate]
254 endpoint: "https://$DEFAULT_IP:8443"
256 ssl-hostname-verification: false
258 openssl req
-nodes -new -x509 -keyout ~
/.osm
/client.key
-out ~
/.osm
/client.crt
-days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
259 local server_cert
=`cat /var/snap/lxd/common/lxd/server.crt | sed 's/^/ /'`
260 local client_cert
=`cat ~/.osm/client.crt | sed 's/^/ /'`
261 local client_key
=`cat ~/.osm/client.key | sed 's/^/ /'`
262 cat << EOF > ~/.osm/lxd-credentials.yaml
266 auth-type: certificate
274 lxc config trust add
local: ~
/.osm
/client.crt
275 juju add-cloud
-c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME ~
/.osm
/lxd-cloud.yaml
--force || juju update-cloud lxd-cloud
-c $CONTROLLER_NAME -f ~
/.osm
/lxd-cloud.yaml
276 juju add-credential
-c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME -f ~
/.osm
/lxd-credentials.yaml || juju update-credential lxd-cloud
-c $CONTROLLER_NAME -f ~
/.osm
/lxd-credentials.yaml
279 [ -z "$CONTROLLER_NAME" ] && OSM_VCA_HOST
=`sg lxd -c "juju show-controller $OSM_NAMESPACE"|grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
280 [ -n "$CONTROLLER_NAME" ] && OSM_VCA_HOST
=`juju show-controller $CONTROLLER_NAME |grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
281 [ -z "$OSM_VCA_HOST" ] && FATAL_TRACK juju
"Cannot obtain juju controller IP address"
283 track juju juju_controller_ok