projects / osm / devops.git / blob
? search:


7181981caff5f5e61dd22f401c020f0a7c608b99
[osm/devops.git] / installers / install_juju.sh
1 #!/bin/bash
2 #
3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
6 #
7 # http://www.apache.org/licenses/LICENSE-2.0
8 #
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
14 #
15
16 function usage(){
17 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
18 echo -e "usage: $0 [OPTIONS]"
19 echo -e "Install Juju for OSM"
20 echo -e " OPTIONS"
21 echo -e " -h / --help: print this help"
22 echo -e " -D <devops path> use local devops installation path"
23 echo -e " -s <stack name> or <namespace> user defined stack name when installed using swarm or namespace when installed using k8s, default is osm"
24 echo -e " -H <VCA host> use specific juju host controller IP"
25 echo -e " -S <VCA secret> use VCA/juju secret key"
26 echo -e " -P <VCA pubkey> use VCA/juju public key file"
27 echo -e " -l: LXD cloud yaml file"
28 echo -e " -L: LXD credentials yaml file"
29 echo -e " -K: Specifies the name of the controller to use - The controller must be already bootstrapped"
30 echo -e " --debug: debug mode"
31 echo -e " --cachelxdimages: cache local lxd images, create cronjob for that cache (will make installation longer)"
32 echo -e " --nojuju: do not juju, assumes already installed"
33 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
34 }
35
36 function update_juju_images(){
37 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
38 crontab -l | grep update-juju-lxc-images || (crontab -l 2>/dev/null; echo "0 4 * * 6 $USER ${OSM_DEVOPS}/installers/update-juju-lxc-images --xenial --bionic") | crontab -
39 ${OSM_DEVOPS}/installers/update-juju-lxc-images --xenial --bionic
40 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
41 }
42
43 function install_juju() {
44 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
45 echo "Installing juju"
46 sudo snap install juju --classic --channel=$JUJU_VERSION/stable
47 [[ ":$PATH": != *":/snap/bin:"* ]] && PATH="/snap/bin:${PATH}"
48 [ -n "$INSTALL_CACHELXDIMAGES" ] && update_juju_images
49 echo "Finished installation of juju"
50 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
51 return 0
52 }
53
54 function juju_createcontroller_k8s(){
55 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
56 cat $HOME/.kube/config | juju add-k8s $OSM_VCA_K8S_CLOUDNAME --client \
57 || FATAL "Failed to add K8s endpoint and credential for client in cloud $OSM_VCA_K8S_CLOUDNAME"
58 juju bootstrap $OSM_VCA_K8S_CLOUDNAME $OSM_STACK_NAME \
59 --config controller-service-type=loadbalancer \
60 --agent-version=$JUJU_AGENT_VERSION \
61 || FATAL "Failed to bootstrap controller $OSM_STACK_NAME in cloud $OSM_VCA_K8S_CLOUDNAME"
62 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
63 }
64
65 function juju_addlxd_cloud(){
66 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
67 mkdir -p /tmp/.osm
68 OSM_VCA_CLOUDNAME="lxd-cloud"
69 LXDENDPOINT=$DEFAULT_IP
70 LXD_CLOUD=/tmp/.osm/lxd-cloud.yaml
71 LXD_CREDENTIALS=/tmp/.osm/lxd-credentials.yaml
72
73 cat << EOF > $LXD_CLOUD
74 clouds:
75 $OSM_VCA_CLOUDNAME:
76 type: lxd
77 auth-types: [certificate]
78 endpoint: "https://$LXDENDPOINT:8443"
79 config:
80 ssl-hostname-verification: false
81 EOF
82 openssl req -nodes -new -x509 -keyout /tmp/.osm/client.key -out /tmp/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
83 local server_cert=`cat /var/snap/lxd/common/lxd/server.crt | sed 's/^/ /'`
84 local client_cert=`cat /tmp/.osm/client.crt | sed 's/^/ /'`
85 local client_key=`cat /tmp/.osm/client.key | sed 's/^/ /'`
86
87 cat << EOF > $LXD_CREDENTIALS
88 credentials:
89 $OSM_VCA_CLOUDNAME:
90 lxd-cloud:
91 auth-type: certificate
92 server-cert: |
93 $server_cert
94 client-cert: |
95 $client_cert
96 client-key: |
97 $client_key
98 EOF
99 lxc config trust add local: /tmp/.osm/client.crt
100 juju add-cloud -c $OSM_STACK_NAME $OSM_VCA_CLOUDNAME $LXD_CLOUD --force
101 juju add-credential -c $OSM_STACK_NAME $OSM_VCA_CLOUDNAME -f $LXD_CREDENTIALS
102 sg lxd -c "lxd waitready"
103 juju controller-config features=[k8s-operators]
104 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
105 }
106
107 function juju_createcontroller() {
108 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
109 if ! juju show-controller $OSM_STACK_NAME &> /dev/null; then
110 # Not found created, create the controller
111 sudo usermod -a -G lxd ${USER}
112 sg lxd -c "juju bootstrap --bootstrap-series=xenial --agent-version=$JUJU_AGENT_VERSION $OSM_VCA_CLOUDNAME $OSM_STACK_NAME"
113 fi
114 [ $(juju controllers | awk "/^${OSM_STACK_NAME}[\*| ]/{print $1}"|wc -l) -eq 1 ] || FATAL "Juju installation failed"
115 juju controller-config features=[k8s-operators]
116 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
117 }
118
119 #Safe unattended install of iptables-persistent
120 function check_install_iptables_persistent(){
121 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
122 echo -e "\nChecking required packages: iptables-persistent"
123 if ! dpkg -l iptables-persistent &>/dev/null; then
124 echo -e " Not installed.\nInstalling iptables-persistent requires root privileges"
125 echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
126 echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
127 sudo apt-get -yq install iptables-persistent
128 fi
129 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
130 }
131
132 function juju_createproxy() {
133 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
134 check_install_iptables_persistent
135
136 if ! sudo iptables -t nat -C PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST; then
137 sudo iptables -t nat -A PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST
138 sudo netfilter-persistent save
139 fi
140 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
141 }
142
143 DEBUG_INSTALL=""
144 INSTALL_CACHELXDIMAGES=""
145 INSTALL_NOJUJU=""
146 JUJU_AGENT_VERSION=2.9.17
147 JUJU_VERSION=2.9
148 OSM_DEVOPS=
149 OSM_STACK_NAME=osm
150 OSM_VCA_HOST=
151 OSM_VCA_CLOUDNAME="localhost"
152 OSM_VCA_K8S_CLOUDNAME="k8scloud"
153 RE_CHECK='^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'
154
155 while getopts ":D:i:s:H:l:L:K:-: h" o; do
156 case "${o}" in
157 D)
158 OSM_DEVOPS="${OPTARG}"
159 ;;
160 i)
161 DEFAULT_IP="${OPTARG}"
162 ;;
163 s)
164 OSM_STACK_NAME="${OPTARG}" && [[ ! "${OPTARG}" =~ $RE_CHECK ]] && echo "Namespace $OPTARG is invalid. Regex used for validation is $RE_CHECK" && exit 0
165 ;;
166 H)
167 OSM_VCA_HOST="${OPTARG}"
168 ;;
169 l)
170 LXD_CLOUD_FILE="${OPTARG}"
171 ;;
172 L)
173 LXD_CRED_FILE="${OPTARG}"
174 ;;
175 K)
176 CONTROLLER_NAME="${OPTARG}"
177 ;;
178 -)
179 [ "${OPTARG}" == "help" ] && usage && exit 0
180 [ "${OPTARG}" == "debug" ] && DEBUG_INSTALL="--debug" && continue
181 [ "${OPTARG}" == "nojuju" ] && INSTALL_NOJUJU="y" && continue
182 [ "${OPTARG}" == "cachelxdimages" ] && INSTALL_CACHELXDIMAGES="y" && continue
183 echo -e "Invalid option: '--$OPTARG'\n" >&2
184 usage && exit 1
185 ;;
186 :)
187 echo "Option -$OPTARG requires an argument" >&2
188 usage && exit 1
189 ;;
190 \?)
191 echo -e "Invalid option: '-$OPTARG'\n" >&2
192 usage && exit 1
193 ;;
194 h)
195 usage && exit 0
196 ;;
197 *)
198 usage && exit 1
199 ;;
200 esac
201 done
202
203 source $OSM_DEVOPS/common/logging
204 source $OSM_DEVOPS/common/track
205
206 echo "DEBUG_INSTALL=$DEBUG_INSTALL"
207 echo "DEFAULT_IP=$DEFAULT_IP"
208 echo "OSM_DEVOPS=$OSM_DEVOPS"
209 echo "HOME=$HOME"
210
211 [ -z "$INSTALL_NOJUJU" ] && install_juju
212 track juju_install
213
214 if [ -z "$OSM_VCA_HOST" ]; then
215 if [ -z "$CONTROLLER_NAME" ]; then
216 juju_createcontroller_k8s
217 juju_addlxd_cloud
218 if [ -n "$LXD_CLOUD_FILE" ]; then
219 [ -z "$LXD_CRED_FILE" ] && FATAL "The installer needs the LXD credential yaml if the LXD is external"
220 OSM_VCA_CLOUDNAME="lxd-cloud"
221 juju add-cloud $OSM_VCA_CLOUDNAME $LXD_CLOUD_FILE --force || juju update-cloud $OSM_VCA_CLOUDNAME --client -f $LXD_CLOUD_FILE
222 juju add-credential $OSM_VCA_CLOUDNAME -f $LXD_CRED_FILE || juju update-credential $OSM_VCA_CLOUDNAME lxd-cloud-creds -f $LXD_CRED_FILE
223 fi
224 juju_createcontroller
225 juju_createproxy
226 else
227 OSM_VCA_CLOUDNAME="lxd-cloud"
228 if [ -n "$LXD_CLOUD_FILE" ]; then
229 [ -z "$LXD_CRED_FILE" ] && FATAL "The installer needs the LXD credential yaml if the LXD is external"
230 juju add-cloud -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME $LXD_CLOUD_FILE --force || juju update-cloud lxd-cloud -c $CONTROLLER_NAME -f $LXD_CLOUD_FILE
231 juju add-credential -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME -f $LXD_CRED_FILE || juju update-credential lxd-cloud -c $CONTROLLER_NAME -f $LXD_CRED_FILE
232 else
233 mkdir -p ~/.osm
234 cat << EOF > ~/.osm/lxd-cloud.yaml
235 clouds:
236 lxd-cloud:
237 type: lxd
238 auth-types: [certificate]
239 endpoint: "https://$DEFAULT_IP:8443"
240 config:
241 ssl-hostname-verification: false
242 EOF
243 openssl req -nodes -new -x509 -keyout ~/.osm/client.key -out ~/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
244 local server_cert=`cat /var/snap/lxd/common/lxd/server.crt | sed 's/^/ /'`
245 local client_cert=`cat ~/.osm/client.crt | sed 's/^/ /'`
246 local client_key=`cat ~/.osm/client.key | sed 's/^/ /'`
247 cat << EOF > ~/.osm/lxd-credentials.yaml
248 credentials:
249 lxd-cloud:
250 lxd-cloud:
251 auth-type: certificate
252 server-cert: |
253 $server_cert
254 client-cert: |
255 $client_cert
256 client-key: |
257 $client_key
258 EOF
259 lxc config trust add local: ~/.osm/client.crt
260 juju add-cloud -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME ~/.osm/lxd-cloud.yaml --force || juju update-cloud lxd-cloud -c $CONTROLLER_NAME -f ~/.osm/lxd-cloud.yaml
261 juju add-credential -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME -f ~/.osm/lxd-credentials.yaml || juju update-credential lxd-cloud -c $CONTROLLER_NAME -f ~/.osm/lxd-credentials.yaml
262 fi
263 fi
264 [ -z "$CONTROLLER_NAME" ] && OSM_VCA_HOST=`sg lxd -c "juju show-controller $OSM_STACK_NAME"|grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
265 [ -n "$CONTROLLER_NAME" ] && OSM_VCA_HOST=`juju show-controller $CONTROLLER_NAME |grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
266 [ -z "$OSM_VCA_HOST" ] && FATAL "Cannot obtain juju controller IP address"
267 fi
268 track juju_controller
269
270