}'
}
+function generate_secret() {
+ head /dev/urandom | tr -dc A-Za-z0-9 | head -c 32
+}
+
function remove_volumes() {
stack=$1
volumes="mongo_db mon_db osm_packages ro_db"
function configure_VCA(){
echo -e " Configuring VCA"
- JUJU_PASSWD=`date +%s | sha256sum | base64 | head -c 32`
+ JUJU_PASSWD=$(generate_secret)
echo -e "$JUJU_PASSWD\n$JUJU_PASSWD" | lxc exec VCA -- juju change-user-password
}
elif [ -z "$TO_REBUILD" ] || echo $TO_REBUILD | grep -q LW-UI ; then
git -C ${LWTEMPDIR} clone https://osm.etsi.org/gerrit/osm/LW-UI
git -C ${LWTEMPDIR}/LW-UI checkout ${COMMIT_ID}
- sg docker -c "docker build ${LWTEMPDIR}/LW-UI -t osm/light-ui -f ${LWTEMPDIR}/LW-UI/Dockerfile --no-cache" || FATAL "cannot build LW-UI docker image"
+ sg docker -c "docker build ${LWTEMPDIR}/LW-UI -t osm/light-ui -f ${LWTEMPDIR}/LW-UI/docker/Dockerfile --no-cache" || FATAL "cannot build LW-UI docker image"
fi
if [ -n "$PULL_IMAGES" ]; then
function generate_docker_env_files() {
echo "Generating docker env files"
- echo "OSMLCM_VCA_HOST=${OSMLCM_VCA_HOST}" | $WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/lcm.env
- echo "OSMLCM_VCA_SECRET=${OSMLCM_VCA_SECRET}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
+ # LCM
+ if [ ! -f $OSM_DOCKER_WORK_DIR/lcm.env ]; then
+ echo "OSMLCM_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
+ fi
+
+ if ! grep -Fq "OSMLCM_VCA_HOST" $OSM_DOCKER_WORK_DIR/lcm.env; then
+ echo "OSMLCM_VCA_HOST=${OSM_VCA_HOST}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
+ else
+ $WORKDIR_SUDO sed -i "s|OSMLCM_VCA_HOST.*|OSMLCM_VCA_HOST=$OSM_VCA_HOST|g" $OSM_DOCKER_WORK_DIR/lcm.env
+ fi
- MYSQL_ROOT_PASSWORD=`date +%s | sha256sum | base64 | head -c 32`
+ if ! grep -Fq "OSMLCM_VCA_SECRET" $OSM_DOCKER_WORK_DIR/lcm.env; then
+ echo "OSMLCM_VCA_SECRET=${OSM_VCA_SECRET}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env
+ else
+ $WORKDIR_SUDO sed -i "s|OSMLCM_VCA_SECRET.*|OSMLCM_VCA_SECRET=$OSM_VCA_SECRET|g" $OSM_DOCKER_WORK_DIR/lcm.env
+ fi
+
+ # RO
+ MYSQL_ROOT_PASSWORD=$(generate_secret)
if [ ! -f $OSM_DOCKER_WORK_DIR/ro-db.env ]; then
echo "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/ro-db.env
fi
echo "RO_DB_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/ro.env
fi
- MYSQL_ROOT_PASSWORD=`date +%s | sha256sum | base64 | head -c 32` && sleep 1
- KEYSTONE_DB_PASSWORD=`date +%s | sha256sum | base64 | head -c 32` && sleep 1
- #ADMIN_PASSWORD=`date +%s | sha256sum | base64 | head -c 32` && sleep 1
- NBI_PASSWORD=`date +%s | sha256sum | base64 | head -c 32`
+ # Keystone
+ MYSQL_ROOT_PASSWORD=$(generate_secret)
+ KEYSTONE_DB_PASSWORD=$(generate_secret)
+ NBI_PASSWORD=$(generate_secret)
if [ ! -f $OSM_DOCKER_WORK_DIR/keystone-db.env ]; then
echo "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/keystone-db.env
fi
if [ ! -f $OSM_DOCKER_WORK_DIR/keystone.env ]; then
echo "ROOT_DB_PASSWORD=${MYSQL_ROOT_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/keystone.env
echo "KEYSTONE_DB_PASSWORD=${KEYSTONE_DB_PASSWORD}" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/keystone.env
- #echo "ADMIN_PASSWORD=${ADMIN_PASSWORD}" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/keystone.env
echo "NBI_PASSWORD=${NBI_PASSWORD}" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/keystone.env
fi
+ # NBI
if [ ! -f $OSM_DOCKER_WORK_DIR/nbi.env ]; then
echo "OSMNBI_AUTHENTICATION_SERVICE_PASSWORD=${NBI_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/nbi.env
+ echo "OSMNBI_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/nbi.env
fi
- echo "OS_NOTIFIER_URI=http://${DEFAULT_IP}:8662" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/mon.env
+ # MON
+ if [ ! -f $OSM_DOCKER_WORK_DIR/mon.env ]; then
+ echo "OSMMON_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env
+ fi
+
+ if ! grep -Fq "OS_NOTIFIER_URI" $OSM_DOCKER_WORK_DIR/mon.env; then
+ echo "OS_NOTIFIER_URI=http://${DEFAULT_IP}:8662" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env
+ else
+ $WORKDIR_SUDO sed -i "s|OS_NOTIFIER_URI.*|OS_NOTIFIER_URI=http://$DEFAULT_IP:8662|g" $OSM_DOCKER_WORK_DIR/mon.env
+ fi
+
+ if ! grep -Fq "OSMMON_VCA_HOST" $OSM_DOCKER_WORK_DIR/mon.env; then
+ echo "OSMMON_VCA_HOST=${OSM_VCA_HOST}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env
+ else
+ $WORKDIR_SUDO sed -i "s|OSMMON_VCA_HOST.*|OSMMON_VCA_HOST=$OSM_VCA_HOST|g" $OSM_DOCKER_WORK_DIR/mon.env
+ fi
+
+ if ! grep -Fq "OSMMON_VCA_SECRET" $OSM_DOCKER_WORK_DIR/mon.env; then
+ echo "OSMMON_VCA_SECRET=${OSM_VCA_SECRET}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env
+ else
+ $WORKDIR_SUDO sed -i "s|OSMMON_VCA_SECRET.*|OSMMON_VCA_SECRET=$OSM_VCA_SECRET|g" $OSM_DOCKER_WORK_DIR/mon.env
+ fi
echo "Finished generation of docker env files"
}
function deploy_elk() {
echo "Pulling docker images for ELK"
- sg docker -c "docker pull docker.elastic.co/elasticsearch/elasticsearch-oss:6.2.3" || FATAL "cannot get elasticsearch docker image"
- sg docker -c "docker pull docker.elastic.co/logstash/logstash-oss:6.2.3" || FATAL "cannot get logstash docker image"
- sg docker -c "docker pull docker.elastic.co/kibana/kibana-oss:6.2.3" || FATAL "cannot get kibana docker image"
+ sg docker -c "docker pull docker.elastic.co/elasticsearch/elasticsearch-oss:${ELASTIC_VERSION}" || FATAL "cannot get elasticsearch docker image"
+ sg docker -c "docker pull docker.elastic.co/beats/metricbeat:${ELASTIC_VERSION}" || FATAL "cannot get metricbeat docker image"
+ sg docker -c "docker pull docker.elastic.co/beats/filebeat:${ELASTIC_VERSION}" || FATAL "cannot get filebeat docker image"
+ sg docker -c "docker pull docker.elastic.co/kibana/kibana-oss:${ELASTIC_VERSION}" || FATAL "cannot get kibana docker image"
echo "Finished pulling elk docker images"
$WORKDIR_SUDO mkdir -p "$OSM_DOCKER_WORK_DIR/osm_elk"
$WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/osm_elk/* $OSM_DOCKER_WORK_DIR/osm_elk
echo "ELK is up and running. Trying to create index pattern..."
#Create index pattern
curl -f -XPOST -H "Content-Type: application/json" -H "kbn-xsrf: anything" \
- "http://127.0.0.1:5601/api/saved_objects/index-pattern/logstash-*" \
- -d"{\"attributes\":{\"title\":\"logstash-*\",\"timeFieldName\":\"@timestamp\"}}" 2>/dev/null
+ "http://127.0.0.1:5601/api/saved_objects/index-pattern/filebeat-*" \
+ -d"{\"attributes\":{\"title\":\"filebeat-*\",\"timeFieldName\":\"@timestamp\"}}" 2>/dev/null
#Make it the default index
curl -f -XPOST -H "Content-Type: application/json" -H "kbn-xsrf: anything" \
"http://127.0.0.1:5601/api/kibana/settings/defaultIndex" \
- -d"{\"value\":\"logstash-*\"}" 2>/dev/null
+ -d"{\"value\":\"filebeat-*\"}" 2>/dev/null
else
echo "Cannot connect to Kibana to create index pattern."
echo "Once Kibana is running, you can use the following instructions to create index pattern:"
echo 'curl -f -XPOST -H "Content-Type: application/json" -H "kbn-xsrf: anything" \
- "http://127.0.0.1:5601/api/saved_objects/index-pattern/logstash-*" \
- -d"{\"attributes\":{\"title\":\"logstash-*\",\"timeFieldName\":\"@timestamp\"}}"'
+ "http://127.0.0.1:5601/api/saved_objects/index-pattern/filebeat-*" \
+ -d"{\"attributes\":{\"title\":\"filebeat-*\",\"timeFieldName\":\"@timestamp\"}}"'
echo 'curl -XPOST -H "Content-Type: application/json" -H "kbn-xsrf: anything" \
"http://127.0.0.1:5601/api/kibana/settings/defaultIndex" \
- -d"{\"value\":\"logstash-*\"}"'
+ -d"{\"value\":\"filebeat-*\"}"'
fi
echo "Finished deployment of ELK stack"
return 0
DEFAULT_MTU=$(ip addr show ${DEFAULT_IF} | perl -ne 'if (/mtu\s(\d+)/) {print $1;}')
# if no host is passed in, we need to install lxd/juju, unless explicilty asked not to
- if [ -z "$OSMLCM_VCA_HOST" ] && [ -z "$INSTALL_NOLXD" ]; then
+ if [ -z "$OSM_VCA_HOST" ] && [ -z "$INSTALL_NOLXD" ]; then
need_packages_lw="lxd snapd"
echo -e "Checking required packages: $need_packages_lw"
dpkg -l $need_packages_lw &>/dev/null \
track prereqok
[ -z "$INSTALL_NOJUJU" ] && install_juju
- if [ -z "$OSMLCM_VCA_HOST" ]; then
+ if [ -z "$OSM_VCA_HOST" ]; then
juju_createcontroller
- OSMLCM_VCA_HOST=`sg lxd -c "juju show-controller $OSM_STACK_NAME"|grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
- [ -z "$OSMLCM_VCA_HOST" ] && FATAL "Cannot obtain juju controller IP address"
+ OSM_VCA_HOST=`sg lxd -c "juju show-controller $OSM_STACK_NAME"|grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
+ [ -z "$OSM_VCA_HOST" ] && FATAL "Cannot obtain juju controller IP address"
+ fi
+ if [ -z "$OSM_VCA_SECRET" ]; then
+ OSM_VCA_SECRET=$(parse_juju_password $OSM_STACK_NAME)
+ [ -z "$OSM_VCA_SECRET" ] && FATAL "Cannot obtain juju secret"
fi
- if [ -z "$OSMLCM_VCA_SECRET" ]; then
- OSMLCM_VCA_SECRET=$(parse_juju_password $OSM_STACK_NAME)
- [ -z "$OSMLCM_VCA_SECRET" ] && FATAL "Cannot obtain juju secret"
+
+ if [ -z "$OSM_DATABASE_COMMONKEY" ]; then
+ OSM_DATABASE_COMMONKEY=$(generate_secret)
+ [ -z "OSM_DATABASE_COMMONKEY" ] && FATAL "Cannot generate common db secret"
fi
track juju
[ -n "$INSTALL_NODOCKER" ] || install_docker_ce
track docker_ce
#install_docker_compose
+ [ -n "$INSTALL_NODOCKER" ] || init_docker_swarm
[ -z "$DOCKER_NOBUILD" ] && generate_docker_images
track docker_build
generate_docker_env_files
generate_config_log_folders
- [ -n "$INSTALL_NODOCKER" ] || init_docker_swarm
# remove old stack
remove_stack $OSM_STACK_NAME
create_docker_network
RELEASE_DAILY=""
SESSION_ID=`date +%s`
OSM_DEVOPS=
-OSMLCM_VCA_HOST=
-OSMLCM_VCA_SECRET=
+OSM_VCA_HOST=
+OSM_VCA_SECRET=
OSM_STACK_NAME=osm
NO_HOST_PORTS=""
DOCKER_NOBUILD=""
KAFKA_TAG=2.11-1.0.2
PROMETHEUS_TAG=v2.4.3
KEYSTONEDB_TAG=10
+OSM_DATABASE_COMMONKEY=
+ELASTIC_VERSION=6.4.2
while getopts ":hy-:b:r:k:u:R:l:p:D:o:m:H:S:s:w:t:" o; do
case "${o}" in
OSM_STACK_NAME="${OPTARG}"
;;
H)
- OSMLCM_VCA_HOST="${OPTARG}"
+ OSM_VCA_HOST="${OPTARG}"
;;
S)
- OSMLCM_VCA_SECRET="${OPTARG}"
+ OSM_VCA_SECRET="${OPTARG}"
;;
w)
# when specifying workdir, do not use sudo for access