X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=installers%2Ffull_install_osm.sh;h=7b45761a1467a9984c681c9ae9e443bf6048bb57;hb=a7e5d0103241459c2aae06c53931bebed13b4cec;hp=c6363263246a405fdc95d131cd953db388a36487;hpb=183e5806678bdf2f8cbd757167ae66bbd736899c;p=osm%2Fdevops.git diff --git a/installers/full_install_osm.sh b/installers/full_install_osm.sh index c6363263..7b45761a 100755 --- a/installers/full_install_osm.sh +++ b/installers/full_install_osm.sh @@ -29,10 +29,13 @@ function usage(){ echo -e " -s user defined stack name, default is osm" echo -e " -H use specific juju host controller IP" echo -e " -S use VCA/juju secret key" + echo -e " -P use VCA/juju public key file" + echo -e " -C use VCA/juju CA certificate file" + echo -e " -A use VCA/juju API proxy" echo -e " --vimemu: additionally deploy the VIM emulator as a docker container" echo -e " --elk_stack: additionally deploy an ELK docker stack for event logging" echo -e " --pm_stack: additionally deploy a Prometheus+Grafana stack for performance monitoring (PM)" - echo -e " -m : install OSM but only rebuild the specified docker images (RO, LCM, NBI, LW-UI, MON, POL, KAFKA, MONGO, PROMETHEUS, KEYSTONE-DB, NONE)" + echo -e " -m : install OSM but only rebuild the specified docker images (LW-UI, NBI, LCM, RO, MON, POL, KAFKA, MONGO, PROMETHEUS, KEYSTONE-DB, NONE)" echo -e " -o : ONLY (un)installs one of the addons (vimemu, elk_stack, pm_stack)" echo -e " -D use local devops installation path" echo -e " -w Location to store runtime installation" @@ -179,7 +182,7 @@ EONG remove_network $OSM_STACK_NAME echo "Removing $OSM_DOCKER_WORK_DIR" $WORKDIR_SUDO rm -rf $OSM_DOCKER_WORK_DIR - sg lxd -c "juju destroy-controller --yes $OSM_STACK_NAME" + sg lxd -c "juju destroy-controller --destroy-all-models --yes $OSM_STACK_NAME" fi echo "Some docker images will be kept in case they are used by other docker stacks" echo "To remove them, just run 'docker image prune' in a terminal" @@ -542,8 +545,8 @@ function install_osmclient(){ sudo add-apt-repository -y "deb [arch=amd64] $CLIENT_REPOSITORY_BASE/$CLIENT_RELEASE $CLIENT_REPOSITORY osmclient" sudo apt-get update sudo apt-get install -y python-pip - sudo -H LC_ALL=C pip install pip==9.0.3 - sudo -H LC_ALL=C pip install python-magic + sudo -H LC_ALL=C pip install -U pip + sudo -H LC_ALL=C python -m pip install python-magic sudo apt-get install -y python-osmclient #sed 's,OSM_SOL005=[^$]*,OSM_SOL005=True,' -i ${HOME}/.bashrc #echo 'export OSM_HOSTNAME=localhost' >> ${HOME}/.bashrc @@ -642,6 +645,17 @@ function juju_createcontroller() { [ $(juju controllers | awk "/^${OSM_STACK_NAME}[\*| ]/{print $1}"|wc -l) -eq 1 ] || FATAL "Juju installation failed" } +function juju_createproxy() { + echo -e "\nChecking required packages: iptables-persistent" + dpkg -l iptables-persistent &>/dev/null || ! echo -e " Not installed.\nInstalling iptables-persistent requires root privileges" || \ + sudo DEBIAN_FRONTEND=noninteractive apt-get -yq install iptables-persistent + + if ! sudo iptables -t nat -C PREROUTING -p tcp -m tcp --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST; then + sudo iptables -t nat -A PREROUTING -p tcp -m tcp --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST + sudo netfilter-persistent save + fi +} + function generate_docker_images() { echo "Pulling and generating docker images" _build_from=$COMMIT_ID @@ -745,15 +759,26 @@ function cmp_overwrite() { fi } -function generate_config_log_folders() { - echo "Generating config and log folders" - $WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/docker-compose.yaml $OSM_DOCKER_WORK_DIR/docker-compose.yaml - $WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/prometheus.yml $OSM_DOCKER_WORK_DIR/prometheus.yml - echo "Finished generation of config and log folders" -} function generate_docker_env_files() { + echo "Doing a backup of existing env files" + $WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/keystone-db.env{,~} + $WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/keystone.env{,~} + $WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/lcm.env{,~} + $WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/lwui.env{,~} + $WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/mon.env{,~} + $WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/nbi.env{,~} + $WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/pol.env{,~} + $WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/ro-db.env{,~} + $WORKDIR_SUDO cp $OSM_DOCKER_WORK_DIR/ro.env{,~} + echo "Generating docker env files" + # Docker-compose + $WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/docker-compose.yaml $OSM_DOCKER_WORK_DIR/docker-compose.yaml + + # Prometheus + $WORKDIR_SUDO cp -b ${OSM_DEVOPS}/installers/docker/prometheus.yml $OSM_DOCKER_WORK_DIR/prometheus.yml + # LCM if [ ! -f $OSM_DOCKER_WORK_DIR/lcm.env ]; then echo "OSMLCM_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env @@ -771,6 +796,24 @@ function generate_docker_env_files() { $WORKDIR_SUDO sed -i "s|OSMLCM_VCA_SECRET.*|OSMLCM_VCA_SECRET=$OSM_VCA_SECRET|g" $OSM_DOCKER_WORK_DIR/lcm.env fi + if ! grep -Fq "OSMLCM_VCA_PUBKEY" $OSM_DOCKER_WORK_DIR/lcm.env; then + echo "OSMLCM_VCA_PUBKEY=\"${OSM_VCA_PUBKEY}\"" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env + else + $WORKDIR_SUDO sed -i "s|OSMLCM_VCA_PUBKEY.*|OSMLCM_VCA_PUBKEY=\"${OSM_VCA_PUBKEY}\"|g" $OSM_DOCKER_WORK_DIR/lcm.env + fi + + if ! grep -Fq "OSMLCM_VCA_CACERT" $OSM_DOCKER_WORK_DIR/lcm.env; then + echo "OSMLCM_VCA_CACERT=${OSM_VCA_CACERT}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env + else + $WORKDIR_SUDO sed -i "s|OSMLCM_VCA_CACERT.*|OSMLCM_VCA_CACERT=${OSM_VCA_CACERT}|g" $OSM_DOCKER_WORK_DIR/lcm.env + fi + + if ! grep -Fq "OSMLCM_VCA_APIPROXY" $OSM_DOCKER_WORK_DIR/lcm.env; then + echo "OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lcm.env + else + $WORKDIR_SUDO sed -i "s|OSMLCM_VCA_APIPROXY.*|OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}|g" $OSM_DOCKER_WORK_DIR/lcm.env + fi + # RO MYSQL_ROOT_PASSWORD=$(generate_secret) if [ ! -f $OSM_DOCKER_WORK_DIR/ro-db.env ]; then @@ -781,27 +824,27 @@ function generate_docker_env_files() { fi # Keystone - MYSQL_ROOT_PASSWORD=$(generate_secret) KEYSTONE_DB_PASSWORD=$(generate_secret) - NBI_PASSWORD=$(generate_secret) + SERVICE_PASSWORD=$(generate_secret) if [ ! -f $OSM_DOCKER_WORK_DIR/keystone-db.env ]; then echo "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/keystone-db.env fi if [ ! -f $OSM_DOCKER_WORK_DIR/keystone.env ]; then echo "ROOT_DB_PASSWORD=${MYSQL_ROOT_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/keystone.env echo "KEYSTONE_DB_PASSWORD=${KEYSTONE_DB_PASSWORD}" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/keystone.env - echo "NBI_PASSWORD=${NBI_PASSWORD}" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/keystone.env + echo "SERVICE_PASSWORD=${SERVICE_PASSWORD}" |$WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/keystone.env fi # NBI if [ ! -f $OSM_DOCKER_WORK_DIR/nbi.env ]; then - echo "OSMNBI_AUTHENTICATION_SERVICE_PASSWORD=${NBI_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/nbi.env + echo "OSMNBI_AUTHENTICATION_SERVICE_PASSWORD=${SERVICE_PASSWORD}" |$WORKDIR_SUDO tee $OSM_DOCKER_WORK_DIR/nbi.env echo "OSMNBI_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/nbi.env fi # MON if [ ! -f $OSM_DOCKER_WORK_DIR/mon.env ]; then echo "OSMMON_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env + echo "OSMMON_SQL_DATABASE_URI=mysql://root:${MYSQL_ROOT_PASSWORD}@mysql:3306/mon" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/mon.env fi if ! grep -Fq "OS_NOTIFIER_URI" $OSM_DOCKER_WORK_DIR/mon.env; then @@ -822,6 +865,16 @@ function generate_docker_env_files() { $WORKDIR_SUDO sed -i "s|OSMMON_VCA_SECRET.*|OSMMON_VCA_SECRET=$OSM_VCA_SECRET|g" $OSM_DOCKER_WORK_DIR/mon.env fi + # POL + if [ ! -f $OSM_DOCKER_WORK_DIR/pol.env ]; then + echo "OSMPOL_SQL_DATABASE_URI=mysql://root:${MYSQL_ROOT_PASSWORD}@mysql:3306/pol" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/pol.env + fi + + # LW-UI + if [ ! -f $OSM_DOCKER_WORK_DIR/lwui.env ]; then + echo "OSMUI_SQL_DATABASE_URI=mysql://root:${MYSQL_ROOT_PASSWORD}@mysql:3306/lwui" | $WORKDIR_SUDO tee -a $OSM_DOCKER_WORK_DIR/lwui.env + fi + echo "Finished generation of docker env files" } @@ -888,7 +941,7 @@ function deploy_lightweight() { echo "export KEYSTONEDB_TAG=${KEYSTONEDB_TAG}" | $WORKDIR_SUDO tee --append $OSM_DOCKER_WORK_DIR/osm_ports.sh pushd $OSM_DOCKER_WORK_DIR - sg docker -c "source ./osm_ports.sh; docker stack deploy -c $OSM_DOCKER_WORK_DIR/docker-compose.yaml $OSM_STACK_NAME" + sg docker -c ". ./osm_ports.sh; docker stack deploy -c $OSM_DOCKER_WORK_DIR/docker-compose.yaml $OSM_STACK_NAME" popd echo "Finished deployment of lightweight build" @@ -1003,7 +1056,20 @@ function install_lightweight() { OSM_VCA_SECRET=$(parse_juju_password $OSM_STACK_NAME) [ -z "$OSM_VCA_SECRET" ] && FATAL "Cannot obtain juju secret" fi + if [ -z "$OSM_VCA_PUBKEY" ]; then + OSM_VCA_PUBKEY=$(cat $HOME/.local/share/juju/ssh/juju_id_rsa.pub) + [ -z "$OSM_VCA_PUBKEY" ] && FATAL "Cannot obtain juju public key" + fi + if [ -z "$OSM_VCA_APIPROXY" ]; then + OSM_VCA_APIPROXY=$DEFAULT_IP + [ -z "$OSM_VCA_APIPROXY" ] && FATAL "Cannot obtain juju api proxy" + fi + juju_createproxy + if [ -z "$OSM_VCA_CACERT" ]; then + OSM_VCA_CACERT=$(juju controllers --format json | jq -r '.controllers["osm"]["ca-cert"]' | base64 | tr -d \\n) + [ -z "$OSM_VCA_CACERT" ] && FATAL "Cannot obtain juju CA certificate" + fi if [ -z "$OSM_DATABASE_COMMONKEY" ]; then OSM_DATABASE_COMMONKEY=$(generate_secret) [ -z "OSM_DATABASE_COMMONKEY" ] && FATAL "Cannot generate common db secret" @@ -1018,7 +1084,6 @@ function install_lightweight() { [ -z "$DOCKER_NOBUILD" ] && generate_docker_images track docker_build generate_docker_env_files - generate_config_log_folders # remove old stack remove_stack $OSM_STACK_NAME @@ -1031,7 +1096,7 @@ function install_lightweight() { [ -n "$INSTALL_PERFMON" ] && deploy_perfmon && track perfmon [ -z "$INSTALL_NOHOSTCLIENT" ] && install_osmclient track osmclient - wget -q -O- https://osm-download.etsi.org/ftp/osm-5.0-five/README2.txt &> /dev/null + wget -q -O- https://osm-download.etsi.org/ftp/osm-6.0-six/README2.txt &> /dev/null track end return 0 } @@ -1096,6 +1161,7 @@ function dump_vars(){ echo "OSM_DEVOPS=$OSM_DEVOPS" echo "OSM_VCA_HOST=$OSM_VCA_HOST" echo "OSM_VCA_SECRET=$OSM_VCA_SECRET" + echo "OSM_VCA_PUBKEY=$OSM_VCA_PUBKEY" echo "NO_HOST_PORTS=$NO_HOST_PORTS" echo "DOCKER_NOBUILD=$DOCKER_NOBUILD" echo "WORKDIR_SUDO=$WORKDIR_SUDO" @@ -1133,7 +1199,7 @@ SHOWOPTS="" COMMIT_ID="" ASSUME_YES="" INSTALL_FROM_SOURCE="" -RELEASE="ReleaseFIVE" +RELEASE="ReleaseSIX" REPOSITORY="stable" INSTALL_VIMEMU="" INSTALL_FROM_LXDIMAGES="" @@ -1154,6 +1220,7 @@ SESSION_ID=`date +%s` OSM_DEVOPS= OSM_VCA_HOST= OSM_VCA_SECRET= +OSM_VCA_PUBKEY= OSM_STACK_NAME=osm NO_HOST_PORTS="" DOCKER_NOBUILD="" @@ -1172,7 +1239,7 @@ OSM_DATABASE_COMMONKEY= ELASTIC_VERSION=6.4.2 ELASTIC_CURATOR_VERSION=5.5.4 -while getopts ":hy-:b:r:k:u:R:l:p:D:o:m:H:S:s:w:t:U:" o; do +while getopts ":hy-:b:r:k:u:R:l:p:D:o:m:H:S:s:w:t:U:P:A:" o; do case "${o}" in h) usage && exit 0 @@ -1218,6 +1285,12 @@ while getopts ":hy-:b:r:k:u:R:l:p:D:o:m:H:S:s:w:t:U:" o; do S) OSM_VCA_SECRET="${OPTARG}" ;; + P) + OSM_VCA_PUBKEY=$(cat ${OPTARG}) + ;; + A) + OSM_VCA_APIPROXY="${OPTARG}" + ;; w) # when specifying workdir, do not use sudo for access WORKDIR_SUDO= @@ -1233,13 +1306,16 @@ while getopts ":hy-:b:r:k:u:R:l:p:D:o:m:H:S:s:w:t:U:" o; do [ "${OPTARG}" == "pm_stack" ] && INSTALL_PERFMON="y" && continue ;; m) - [ "${OPTARG}" == "RO" ] && TO_REBUILD="$TO_REBUILD RO" && continue - [ "${OPTARG}" == "LCM" ] && TO_REBUILD="$TO_REBUILD LCM" && continue - [ "${OPTARG}" == "NBI" ] && TO_REBUILD="$TO_REBUILD NBI" && continue [ "${OPTARG}" == "LW-UI" ] && TO_REBUILD="$TO_REBUILD LW-UI" && continue + [ "${OPTARG}" == "NBI" ] && TO_REBUILD="$TO_REBUILD NBI" && continue + [ "${OPTARG}" == "LCM" ] && TO_REBUILD="$TO_REBUILD LCM" && continue + [ "${OPTARG}" == "RO" ] && TO_REBUILD="$TO_REBUILD RO" && continue [ "${OPTARG}" == "MON" ] && TO_REBUILD="$TO_REBUILD MON" && continue + [ "${OPTARG}" == "POL" ] && TO_REBUILD="$TO_REBUILD POL" && continue [ "${OPTARG}" == "KAFKA" ] && TO_REBUILD="$TO_REBUILD KAFKA" && continue [ "${OPTARG}" == "MONGO" ] && TO_REBUILD="$TO_REBUILD MONGO" && continue + [ "${OPTARG}" == "PROMETHEUS" ] && TO_REBUILD="$TO_REBUILD PROMETHEUS" && continue + [ "${OPTARG}" == "KEYSTONE-DB" ] && TO_REBUILD="$TO_REBUILD KEYSTONE-DB" && continue [ "${OPTARG}" == "NONE" ] && TO_REBUILD="$TO_REBUILD NONE" && continue ;; -) @@ -1353,7 +1429,7 @@ OSM_JENKINS="$OSM_DEVOPS/jenkins" [ -n "$INSTALL_ONLY" ] && echo -e "\nDONE" && exit 0 #Installation starts here -wget -q -O- https://osm-download.etsi.org/ftp/osm-5.0-five/README.txt &> /dev/null +wget -q -O- https://osm-download.etsi.org/ftp/osm-6.0-six/README.txt &> /dev/null track start [ -n "$INSTALL_LIGHTWEIGHT" ] && install_lightweight && echo -e "\nDONE" && exit 0 @@ -1409,6 +1485,6 @@ fi #Install vim-emu (optional) [ -n "$INSTALL_VIMEMU" ] && install_docker_ce && install_vimemu -wget -q -O- https://osm-download.etsi.org/ftp/osm-5.0-five/README2.txt &> /dev/null +wget -q -O- https://osm-download.etsi.org/ftp/osm-6.0-six/README2.txt &> /dev/null track end echo -e "\nDONE"