X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=installers%2Fcharmed_install.sh;h=4cee0a3751bec1ad6c201a95add23b46661f6552;hb=38e4926c6f1d56df6690c8e3689a0e4bf1ce716a;hp=a1e5001f1efafaf9f919c334c26d6027c6dc615f;hpb=ce7b460470a5a68524533472dbb12beb5376281a;p=osm%2Fdevops.git diff --git a/installers/charmed_install.sh b/installers/charmed_install.sh index a1e5001f..4cee0a37 100755 --- a/installers/charmed_install.sh +++ b/installers/charmed_install.sh @@ -17,7 +17,7 @@ LXD_VERSION=4.0 JUJU_VERSION=2.9 -JUJU_AGENT_VERSION=2.9.22 +JUJU_AGENT_VERSION=2.9.29 K8S_CLOUD_NAME="k8s-cloud" KUBECTL="microk8s.kubectl" MICROK8S_VERSION=1.23 @@ -51,6 +51,7 @@ function check_arguments(){ --overlay) OVERLAY="$2" ;; --k8s) KUBECFG="$2" ;; --vca) CONTROLLER="$2" ;; + --small-profile) INSTALL_NOLXD=y;; --lxd) LXD_CLOUD="$2" ;; --lxd-cred) LXD_CREDENTIALS="$2" ;; --microstack) MICROSTACK=y ;; @@ -157,30 +158,31 @@ EOF fi track bootstrap_k8s bootstrap_k8s_ok - if [ -v LXD_CLOUD ]; then - if [ ! -v LXD_CREDENTIALS ]; then - echo "The installer needs the LXD server certificate if the LXD is external" - FATAL_TRACK bootstrap_lxd "No LXD certificate supplied" - fi - else - LXDENDPOINT=$DEFAULT_IP - LXD_CLOUD=~/.osm/lxd-cloud.yaml - LXD_CREDENTIALS=~/.osm/lxd-credentials.yaml - # Apply sysctl production values for optimal performance - sudo cp /usr/share/osm-devops/installers/60-lxd-production.conf /etc/sysctl.d/60-lxd-production.conf - sudo sysctl --system - # Install LXD snap - sudo apt-get remove --purge -y liblxc1 lxc-common lxcfs lxd lxd-client - sudo snap install lxd --channel $LXD_VERSION/stable - # Configure LXD - sudo usermod -a -G lxd `whoami` - cat /usr/share/osm-devops/installers/lxd-preseed.conf | sed 's/^config: {}/config:\n core.https_address: '$LXDENDPOINT':8443/' | sg lxd -c "lxd init --preseed" - sg lxd -c "lxd waitready" - DEFAULT_MTU=$(ip addr show $DEFAULT_IF | perl -ne 'if (/mtu\s(\d+)/) {print $1;}') - sg lxd -c "lxc profile device set default eth0 mtu $DEFAULT_MTU" - sg lxd -c "lxc network set lxdbr0 bridge.mtu $DEFAULT_MTU" - - cat << EOF > $LXD_CLOUD + if [ ! -v INSTALL_NOLXD ]; then + if [ -v LXD_CLOUD ]; then + if [ ! -v LXD_CREDENTIALS ]; then + echo "The installer needs the LXD server certificate if the LXD is external" + FATAL_TRACK bootstrap_lxd "No LXD certificate supplied" + fi + else + LXDENDPOINT=$DEFAULT_IP + LXD_CLOUD=~/.osm/lxd-cloud.yaml + LXD_CREDENTIALS=~/.osm/lxd-credentials.yaml + # Apply sysctl production values for optimal performance + sudo cp /usr/share/osm-devops/installers/60-lxd-production.conf /etc/sysctl.d/60-lxd-production.conf + sudo sysctl --system + # Install LXD snap + sudo apt-get remove --purge -y liblxc1 lxc-common lxcfs lxd lxd-client + sudo snap install lxd --channel $LXD_VERSION/stable + # Configure LXD + sudo usermod -a -G lxd `whoami` + cat /usr/share/osm-devops/installers/lxd-preseed.conf | sed 's/^config: {}/config:\n core.https_address: '$LXDENDPOINT':8443/' | sg lxd -c "lxd init --preseed" + sg lxd -c "lxd waitready" + DEFAULT_MTU=$(ip addr show $DEFAULT_IF | perl -ne 'if (/mtu\s(\d+)/) {print $1;}') + sg lxd -c "lxc profile device set default eth0 mtu $DEFAULT_MTU" + sg lxd -c "lxc network set lxdbr0 bridge.mtu $DEFAULT_MTU" + + cat << EOF > $LXD_CLOUD clouds: lxd-cloud: type: lxd @@ -189,31 +191,25 @@ clouds: config: ssl-hostname-verification: false EOF - openssl req -nodes -new -x509 -keyout ~/.osm/client.key -out ~/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org" - local server_cert=`cat /var/snap/lxd/common/lxd/server.crt | sed 's/^/ /'` - local client_cert=`cat ~/.osm/client.crt | sed 's/^/ /'` - local client_key=`cat ~/.osm/client.key | sed 's/^/ /'` - - cat << EOF > $LXD_CREDENTIALS + openssl req -nodes -new -x509 -keyout ~/.osm/client.key -out ~/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org" + cat << EOF > $LXD_CREDENTIALS credentials: lxd-cloud: lxd-cloud: auth-type: certificate - server-cert: | -$server_cert - client-cert: | -$client_cert - client-key: | -$client_key + server-cert: /var/snap/lxd/common/lxd/server.crt + client-cert: ~/.osm/client.crt + client-key: ~/.osm/client.key EOF - lxc config trust add local: ~/.osm/client.crt + lxc config trust add local: ~/.osm/client.crt + fi + + juju add-cloud -c $CONTROLLER_NAME lxd-cloud $LXD_CLOUD --force + juju add-credential -c $CONTROLLER_NAME lxd-cloud -f $LXD_CREDENTIALS + sg lxd -c "lxd waitready" + juju controller-config features=[k8s-operators] + track bootstrap_lxd bootstrap_lxd_ok fi - - juju add-cloud -c $CONTROLLER_NAME lxd-cloud $LXD_CLOUD --force - juju add-credential -c $CONTROLLER_NAME lxd-cloud -f $LXD_CREDENTIALS - sg lxd -c "lxd waitready" - juju controller-config features=[k8s-operators] - track bootstrap_lxd bootstrap_lxd_ok } function deploy_charmed_osm(){ @@ -316,11 +312,11 @@ function check_osm_deployed() { function generate_password_overlay() { # prometheus - web_config_password=`openssl rand -base64 16` + web_config_password=`openssl rand -hex 16` # keystone - keystone_db_password=`openssl rand -base64 16` - keystone_admin_password=`openssl rand -base64 16` - keystone_service_password=`openssl rand -base64 16` + keystone_db_password=`openssl rand -hex 16` + keystone_admin_password=`openssl rand -hex 16` + keystone_service_password=`openssl rand -hex 16` # mariadb mariadb_password=`openssl rand -hex 16` mariadb_root_password=`openssl rand -hex 16`