Integrate grafana-k8s and prometheus-k8s

[osm/devops.git] / installers / charmed_install.sh

diff --git a/installers/charmed_install.sh b/installers/charmed_install.sh
index a1e5001..975cbbd 100755 (executable)
--- a/installers/charmed_install.sh
+++ b/installers/charmed_install.sh
@@ -15,17 +15,20 @@
 
 # set -eux
 
-LXD_VERSION=4.0
+LXD_VERSION=5.0
 JUJU_VERSION=2.9
-JUJU_AGENT_VERSION=2.9.22
+JUJU_AGENT_VERSION=2.9.43
 K8S_CLOUD_NAME="k8s-cloud"
 KUBECTL="microk8s.kubectl"
-MICROK8S_VERSION=1.23
+MICROK8S_VERSION=1.26
 OSMCLIENT_VERSION=latest
 IMAGES_OVERLAY_FILE=~/.osm/images-overlay.yaml
 PASSWORD_OVERLAY_FILE=~/.osm/password-overlay.yaml
 PATH=/snap/bin:${PATH}
 OSM_DEVOPS="$( cd "$( dirname "${BASH_SOURCE[0]}" )"/.. &> /dev/null && pwd )"
+INSTALL_PLA=""
+PLA_OVERLAY_FILE=~/.osm/pla-overlay.yaml
+
 if [ -f ${OSM_DEVOPS}/common/all_funcs ] ; then
     source ${OSM_DEVOPS}/common/all_funcs
 else
@@ -41,7 +44,7 @@ MODEL_NAME=osm
 
 OSM_BUNDLE=ch:osm
 OSM_HA_BUNDLE=ch:osm-ha
-CHARMHUB_CHANNEL=latest/edge
+CHARMHUB_CHANNEL=latest/beta
 unset TAG
 
 function check_arguments(){
@@ -51,6 +54,7 @@ function check_arguments(){
             --overlay) OVERLAY="$2" ;;
             --k8s) KUBECFG="$2" ;;
             --vca) CONTROLLER="$2" ;;
+            --small-profile) INSTALL_NOLXD=y;;
             --lxd) LXD_CLOUD="$2" ;;
             --lxd-cred) LXD_CREDENTIALS="$2" ;;
             --microstack) MICROSTACK=y ;;
@@ -58,6 +62,7 @@ function check_arguments(){
             --tag) TAG="$2" ;;
             --registry) REGISTRY_INFO="$2" ;;
             --only-vca) ONLY_VCA=y ;;
+            --pla) INSTALL_PLA=y ;;
         esac
         shift
     done
@@ -132,7 +137,7 @@ EOF
     else
         sg ${KUBEGRP} -c "echo ${DEFAULT_IP}-${DEFAULT_IP} | microk8s.enable metallb"
         sg ${KUBEGRP} -c "microk8s.enable ingress"
-        sg ${KUBEGRP} -c "microk8s.enable storage dns"
+        sg ${KUBEGRP} -c "microk8s.enable hostpath-storage dns"
         TIME_TO_WAIT=30
         start_time="$(date -u +%s)"
         while true
@@ -157,30 +162,33 @@ EOF
     fi
     track bootstrap_k8s bootstrap_k8s_ok
 
-    if [ -v LXD_CLOUD ]; then
-        if [ ! -v LXD_CREDENTIALS ]; then
-            echo "The installer needs the LXD server certificate if the LXD is external"
-            FATAL_TRACK bootstrap_lxd "No LXD certificate supplied"
-        fi
-    else
-        LXDENDPOINT=$DEFAULT_IP
-        LXD_CLOUD=~/.osm/lxd-cloud.yaml
-        LXD_CREDENTIALS=~/.osm/lxd-credentials.yaml
-        # Apply sysctl production values for optimal performance
-        sudo cp /usr/share/osm-devops/installers/60-lxd-production.conf /etc/sysctl.d/60-lxd-production.conf
-        sudo sysctl --system
-        # Install LXD snap
-        sudo apt-get remove --purge -y liblxc1 lxc-common lxcfs lxd lxd-client
-        sudo snap install lxd --channel $LXD_VERSION/stable
-        # Configure LXD
-        sudo usermod -a -G lxd `whoami`
-        cat /usr/share/osm-devops/installers/lxd-preseed.conf | sed 's/^config: {}/config:\n  core.https_address: '$LXDENDPOINT':8443/' | sg lxd -c "lxd init --preseed"
-        sg lxd -c "lxd waitready"
-        DEFAULT_MTU=$(ip addr show $DEFAULT_IF | perl -ne 'if (/mtu\s(\d+)/) {print $1;}')
-        sg lxd -c "lxc profile device set default eth0 mtu $DEFAULT_MTU"
-        sg lxd -c "lxc network set lxdbr0 bridge.mtu $DEFAULT_MTU"
-
-        cat << EOF > $LXD_CLOUD
+    if [ ! -v INSTALL_NOLXD ]; then
+          if [ -v LXD_CLOUD ]; then
+              if [ ! -v LXD_CREDENTIALS ]; then
+                  echo "The installer needs the LXD server certificate if the LXD is external"
+                  FATAL_TRACK bootstrap_lxd "No LXD certificate supplied"
+              fi
+          else
+              LXDENDPOINT=$DEFAULT_IP
+              LXD_CLOUD=~/.osm/lxd-cloud.yaml
+              LXD_CREDENTIALS=~/.osm/lxd-credentials.yaml
+              # Apply sysctl production values for optimal performance
+              sudo cp /usr/share/osm-devops/installers/60-lxd-production.conf /etc/sysctl.d/60-lxd-production.conf
+              sudo sysctl --system
+              # Install LXD snap
+              sudo apt-get remove --purge -y liblxc1 lxc-common lxcfs lxd lxd-client
+              snap info lxd | grep installed > /dev/null
+              if [ $? -eq 0 ]; then
+                sudo snap refresh lxd --channel $LXD_VERSION/stable
+              else
+                sudo snap install lxd --channel $LXD_VERSION/stable
+              fi
+              # Configure LXD
+              sudo usermod -a -G lxd `whoami`
+              cat /usr/share/osm-devops/installers/lxd-preseed.conf | sed 's/^config: {}/config:\n  core.https_address: '$LXDENDPOINT':8443/' | sg lxd -c "lxd init --preseed"
+              sg lxd -c "lxd waitready"
+
+              cat << EOF > $LXD_CLOUD
 clouds:
   lxd-cloud:
     type: lxd
@@ -189,31 +197,25 @@ clouds:
     config:
       ssl-hostname-verification: false
 EOF
-        openssl req -nodes -new -x509 -keyout ~/.osm/client.key -out ~/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
-        local server_cert=`cat /var/snap/lxd/common/lxd/server.crt | sed 's/^/        /'`
-        local client_cert=`cat ~/.osm/client.crt | sed 's/^/        /'`
-        local client_key=`cat ~/.osm/client.key | sed 's/^/        /'`
-
-        cat << EOF > $LXD_CREDENTIALS
+              openssl req -nodes -new -x509 -keyout ~/.osm/client.key -out ~/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
+              cat << EOF > $LXD_CREDENTIALS
 credentials:
   lxd-cloud:
     lxd-cloud:
       auth-type: certificate
-      server-cert: |
-$server_cert
-      client-cert: |
-$client_cert
-      client-key: |
-$client_key
+      server-cert: /var/snap/lxd/common/lxd/server.crt
+      client-cert: ~/.osm/client.crt
+      client-key: ~/.osm/client.key
 EOF
-        lxc config trust add local: ~/.osm/client.crt
+              lxc config trust add local: ~/.osm/client.crt
+          fi
+
+          juju add-cloud -c $CONTROLLER_NAME lxd-cloud $LXD_CLOUD --force
+          juju add-credential -c $CONTROLLER_NAME lxd-cloud -f $LXD_CREDENTIALS
+          sg lxd -c "lxd waitready"
+          juju controller-config features=[k8s-operators]
+          track bootstrap_lxd bootstrap_lxd_ok
     fi
-
-    juju add-cloud -c $CONTROLLER_NAME lxd-cloud $LXD_CLOUD --force
-    juju add-credential -c $CONTROLLER_NAME lxd-cloud -f $LXD_CREDENTIALS
-    sg lxd -c "lxd waitready"
-    juju controller-config features=[k8s-operators]
-    track bootstrap_lxd bootstrap_lxd_ok
 }
 
 function deploy_charmed_osm(){
@@ -258,10 +260,12 @@ function deploy_charmed_osm(){
 
     generate_password_overlay && secret_overlay="--overlay $PASSWORD_OVERLAY_FILE"
 
+    [ -n "$INSTALL_PLA" ] && create_pla_overlay && pla_overlay="--overlay $PLA_OVERLAY_FILE"
+
     if [ -v BUNDLE ]; then
-        juju deploy --trust --channel $CHARMHUB_CHANNEL -m $MODEL_NAME $BUNDLE --overlay ~/.osm/vca-overlay.yaml $images_overlay $extra_overlay $secret_overlay
+        juju deploy --trust --channel $CHARMHUB_CHANNEL -m $MODEL_NAME $BUNDLE $images_overlay $extra_overlay $secret_overlay $pla_overlay
     else
-        juju deploy --trust --channel $CHARMHUB_CHANNEL -m $MODEL_NAME $OSM_BUNDLE --overlay ~/.osm/vca-overlay.yaml $images_overlay $extra_overlay $secret_overlay
+        juju deploy --trust --channel $CHARMHUB_CHANNEL -m $MODEL_NAME $OSM_BUNDLE $images_overlay $extra_overlay $secret_overlay $pla_overlay
     fi
 
     if [ ! -v KUBECFG ]; then
@@ -274,25 +278,90 @@ function deploy_charmed_osm(){
         hostport="$(echo ${url/$user@/} | cut -d/ -f1)"
         API_SERVER="$(echo $hostport | sed -e 's,:.*,,g')"
     fi
-    # Expose OSM services
-    juju config -m $MODEL_NAME nbi site_url=https://nbi.${API_SERVER}.nip.io
-    juju config -m $MODEL_NAME ng-ui site_url=https://ui.${API_SERVER}.nip.io
-    juju config -m $MODEL_NAME grafana site_url=https://grafana.${API_SERVER}.nip.io
-    juju config -m $MODEL_NAME prometheus site_url=https://prometheus.${API_SERVER}.nip.io
 
+    configure_vca_integrator
+    expose_osm_services
     echo "Waiting for deployment to finish..."
-    check_osm_deployed
-    grafana_leader=`juju status -m $MODEL_NAME grafana | grep "*" | cut -d "*" -f 1`
-    grafana_admin_password=`juju run -m $MODEL_NAME --unit $grafana_leader "echo \\$GF_SECURITY_ADMIN_PASSWORD"`
-    juju config -m $MODEL_NAME mon grafana_password=$grafana_admin_password
-    check_osm_deployed
+    check_osm_deployed_before_config
+    config_grafana_and_prometheus
+    check_osm_deployed_after_config
     echo "OSM with charms deployed"
 }
 
-function check_osm_deployed() {
+function configure_vca_integrator(){
+    if [ ! -v INSTALL_NOLXD ]; then
+        juju config vca \
+          k8s-cloud=microk8s \
+          lxd-cloud=lxd-cloud:lxd-cloud \
+          controllers="`cat ~/.local/share/juju/controllers.yaml`" \
+          accounts="`cat ~/.local/share/juju/accounts.yaml`" \
+          public-key="`cat ~/.local/share/juju/ssh/juju_id_rsa.pub`"
+    else
+        juju config vca \
+          k8s-cloud=microk8s \
+          controllers="`cat ~/.local/share/juju/controllers.yaml`" \
+          accounts="`cat ~/.local/share/juju/accounts.yaml`" \
+          public-key="`cat ~/.local/share/juju/ssh/juju_id_rsa.pub`"
+    fi
+}
+
+function expose_osm_services(){
+    juju config -m $MODEL_NAME nbi external-hostname=nbi.${API_SERVER}.nip.io
+    juju config -m $MODEL_NAME ng-ui external-hostname=ui.${API_SERVER}.nip.io
+    juju config -m $MODEL_NAME grafana web_external_url=https://grafana.${API_SERVER}.nip.io
+}
+
+function config_grafana_and_prometheus() {
+    echo "Setting Grafana and Prometheus configuration"
+    grafana_leader=`juju status -m $MODEL_NAME grafana | grep "*" | cut -d "*" -f 1`
+    grafana_admin_password=`juju run-action -m $MODEL_NAME $grafana_leader get-admin-password --wait | grep "admin-password" | cut -d ":" -f 2`
+    juju config -m $MODEL_NAME mon grafana-password="$grafana_admin_password"
+    juju config -m $MODEL_NAME mon grafana-user=admin
+    juju config -m $MODEL_NAME mon grafana-url=http://grafana:3000
+    prometheus_url="http://prometheus:9090"
+    juju config -m $MODEL_NAME mon prometheus-url=$prometheus_url
+    juju config -m $MODEL_NAME nbi prometheus-url=$prometheus_url
+    mon_leader=`juju status -m $MODEL_NAME mon | grep "*" | cut -d "*" -f 1`
+    juju run-action --m $MODEL_NAME $mon_leader create-datasource name=osm_prometheus url=$prometheus_url --wait
+}
+
+function check_osm_deployed_before_config() {
     TIME_TO_WAIT=600
     start_time="$(date -u +%s)"
-    total_service_count=14
+    total_active_services=13
+    [ -n "$INSTALL_PLA" ] && total_active_services=$((total_active_services + 1))
+    previous_count=0
+    while true
+    do
+        juju_status=$(juju status --format json -m $MODEL_NAME)
+        active_service_count=$(echo $juju_status | jq '.applications[]."application-status".current'| grep active | wc -l)
+        echo "$active_service_count / $total_active_services services active"
+        if [ $active_service_count -eq $total_active_services ]; then
+            mon_is_blocked=$(echo $juju_status | jq '.applications["mon"].units[]."workload-status".current' | grep blocked | wc -l)
+            nbi_is_blocked=$(echo $juju_status | jq '.applications["nbi"].units[]."workload-status".current' | grep blocked | wc -l)
+            if [ $mon_is_blocked -a $nbi_is_blocked ]; then
+                echo "MON and NBI are blocked"
+                break
+            fi
+        fi
+        if [ $active_service_count -ne $previous_count ]; then
+            previous_count=$active_service_count
+            start_time="$(date -u +%s)"
+        fi
+        now="$(date -u +%s)"
+        if [[ $(( now - start_time )) -gt $TIME_TO_WAIT ]];then
+            echo "Timed out waiting for OSM services to become ready"
+            FATAL_TRACK deploy_osm "Timed out waiting for services to become ready"
+        fi
+        sleep 10
+    done
+}
+
+function check_osm_deployed_after_config() {
+    TIME_TO_WAIT=600
+    start_time="$(date -u +%s)"
+    total_service_count=15
+    [ -n "$INSTALL_PLA" ] && total_service_count=$((total_service_count + 1))
     previous_count=0
     while true
     do
@@ -315,20 +384,15 @@ function check_osm_deployed() {
 }
 
 function generate_password_overlay() {
-    # prometheus
-    web_config_password=`openssl rand -base64 16`
     # keystone
-    keystone_db_password=`openssl rand -base64 16`
-    keystone_admin_password=`openssl rand -base64 16`
-    keystone_service_password=`openssl rand -base64 16`
+    keystone_db_password=`openssl rand -hex 16`
+    keystone_admin_password=`openssl rand -hex 16`
+    keystone_service_password=`openssl rand -hex 16`
     #  mariadb
     mariadb_password=`openssl rand -hex 16`
     mariadb_root_password=`openssl rand -hex 16`
     cat << EOF > /tmp/password-overlay.yaml
 applications:
-  prometheus:
-    options:
-      web_config_password: $web_config_password
   keystone:
     options:
       keystone-db-password: $keystone_db_password
@@ -342,50 +406,34 @@ EOF
     mv /tmp/password-overlay.yaml $PASSWORD_OVERLAY_FILE
 }
 
-function create_overlay() {
-    sudo snap install jq
-    sudo snap install yq
-    local HOME=/home/$USER
-    local vca_user=$(cat $HOME/.local/share/juju/accounts.yaml | yq e .controllers.$CONTROLLER_NAME.user - )
-    local vca_secret=$(cat $HOME/.local/share/juju/accounts.yaml | yq e .controllers.$CONTROLLER_NAME.password - )
-    local vca_host=$(cat $HOME/.local/share/juju/controllers.yaml | yq e .controllers.$CONTROLLER_NAME.api-endpoints[0] - | cut -d ":" -f 1)
-    local vca_port=$(cat $HOME/.local/share/juju/controllers.yaml | yq e .controllers.$CONTROLLER_NAME.api-endpoints[0] - | cut -d ":" -f 2)
-    local vca_pubkey=\"$(cat $HOME/.local/share/juju/ssh/juju_id_rsa.pub)\"
-    local vca_cloud="lxd-cloud"
-    # Get the VCA Certificate
-    local vca_cacert=$(cat $HOME/.local/share/juju/controllers.yaml | yq e .controllers.$CONTROLLER_NAME.ca-cert - | base64 | tr -d \\n)
-
-    # Calculate the default route of this machine
-    local DEFAULT_IF=`ip route list match 0.0.0.0 | awk '{print $5}'`
-
-    # Generate a new overlay.yaml, overriding any existing one
-    cat << EOF > /tmp/vca-overlay.yaml
+function create_pla_overlay(){
+    echo "Creating PLA Overlay"
+    [ $BUNDLE == $OSM_HA_BUNDLE ] && scale=3 || scale=1
+    cat << EOF > /tmp/pla-overlay.yaml
 applications:
-  lcm:
-    options:
-      vca_user: $vca_user
-      vca_secret: $vca_secret
-      vca_host: $vca_host
-      vca_port: $vca_port
-      vca_pubkey: $vca_pubkey
-      vca_cacert: $vca_cacert
-      vca_cloud: $vca_cloud
-      vca_k8s_cloud: $K8S_CLOUD_NAME
-  mon:
+  pla:
+    charm: osm-pla
+    channel: latest/stable
+    scale: $scale
+    series: kubernetes
     options:
-      vca_user: $vca_user
-      vca_secret: $vca_secret
-      vca_host: $vca_host
-      vca_cacert: $vca_cacert
+      log_level: DEBUG
+    resources:
+      image: opensourcemano/pla:testing-daily
+relations:
+  - - pla:kafka
+    - kafka:kafka
+  - - pla:mongodb
+    - mongodb:database
 EOF
-    mv /tmp/vca-overlay.yaml ~/.osm/
-    OSM_VCA_HOST=$vca_host
+     mv /tmp/pla-overlay.yaml $PLA_OVERLAY_FILE
 }
 
 function generate_images_overlay(){
     echo "applications:" > /tmp/images-overlay.yaml
 
-    charms_with_resources="nbi lcm mon pol ng-ui ro pla"
+    charms_with_resources="nbi lcm mon pol ng-ui ro"
+    [ -n "$INSTALL_PLA" ] && charms_with_resources+=" pla"
     for charm in $charms_with_resources; do
         cat << EOF > /tmp/${charm}_registry.yaml
 registrypath: ${REGISTRY_URL}opensourcemano/${charm}:$TAG
@@ -398,7 +446,7 @@ EOF
         cat << EOF >> /tmp/images-overlay.yaml
   ${charm}:
     resources:
-      image: /tmp/${charm}_registry.yaml
+      ${charm}-image: /tmp/${charm}_registry.yaml
 
 EOF
     done
@@ -539,27 +587,22 @@ check_arguments $@
 mkdir -p ~/.osm
 install_snaps
 bootstrap_k8s_lxd
-create_overlay
 if [ -v ONLY_VCA ]; then
     HOME=/home/$USER
-    vca_user=$(cat $HOME/.local/share/juju/accounts.yaml | yq e .controllers.$CONTROLLER_NAME.user - )
-    vca_secret=$(cat $HOME/.local/share/juju/accounts.yaml | yq e .controllers.$CONTROLLER_NAME.password - )
-    vca_host=$(cat $HOME/.local/share/juju/controllers.yaml | yq e .controllers.$CONTROLLER_NAME.api-endpoints[0] - | cut -d ":" -f 1)
-    vca_port=$(cat $HOME/.local/share/juju/controllers.yaml | yq e .controllers.$CONTROLLER_NAME.api-endpoints[0] - | cut -d ":" -f 2)
-    vca_pubkey=\"$(cat $HOME/.local/share/juju/ssh/juju_id_rsa.pub)\"
-    vca_cloud="lxd-cloud"
-    vca_cacert=$(cat $HOME/.local/share/juju/controllers.yaml | yq e .controllers.$CONTROLLER_NAME.ca-cert - | base64 | tr -d \\n)
-    hostname=`cat /etc/hostname`
-
-    echo "Use the following command to register the installed VCA to your OSM:"
-    echo -e "  osm vca-add --endpoints $vca_host:$vca_port \\\n         --user $vca_user \\\n         --secret $vca_secret \\\n         --cacert $vca_cacert \\\n         --lxd-cloud lxd-cloud \\\n         --lxd-credentials lxd-cloud \\\n         --k8s-cloud microk8s \\\n         --k8s-credentials microk8s\\\n         $hostname-vca"
+    k8scloud=microk8s
+    lxdcloud=lxd-cloud:lxd-cloud
+    controllers="`cat $HOME/.local/share/juju/controllers.yaml`"
+    accounts="`cat $HOME/.local/share/juju/accounts.yaml`"
+    publickey="`cat $HOME/.local/share/juju/ssh/juju_id_rsa.pub`"
+    echo "Use the following command to register the installed VCA to your OSM VCA integrator charm"
+    echo -e "  juju config vca \\\n    k8s-cloud=$k8scloud \\\n    lxd-cloud=$lxdcloud \\\n    controllers=$controllers \\\n    accounts=$accounts \\\n    public-key=$publickey"
     track deploy_osm deploy_vca_only_ok
 else
     deploy_charmed_osm
     track deploy_osm deploy_osm_services_k8s_ok
     install_osmclient
     track osmclient osmclient_ok
-    export OSM_HOSTNAME=$(juju config -m $MODEL_NAME nbi site_url | sed "s/http.*\?:\/\///"):443
+    export OSM_HOSTNAME=$(juju config -m $MODEL_NAME nbi external-hostname):443
     export OSM_PASSWORD=$keystone_admin_password
     sleep 10
     add_local_k8scluster