projects / osm / devops.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Rename install_juju to install_juju_client in install_juju.sh
[osm/devops.git] / installers / install_juju.sh
1 #!/bin/bash
2 #
3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
6 #
7 # http://www.apache.org/licenses/LICENSE-2.0
8 #
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
14 #
15
16 function usage(){
17 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
18 echo -e "usage: $0 [OPTIONS]"
19 echo -e "Install Juju for OSM"
20 echo -e " OPTIONS"
21 echo -e " -h / --help: print this help"
22 echo -e " -D <devops path> use local devops installation path"
23 echo -e " -s <stack name> or <namespace> user defined stack name when installed using swarm or namespace when installed using k8s, default is osm"
24 echo -e " -H <VCA host> use specific juju host controller IP"
25 echo -e " -S <VCA secret> use VCA/juju secret key"
26 echo -e " -P <VCA pubkey> use VCA/juju public key file"
27 echo -e " -l: LXD cloud yaml file"
28 echo -e " -L: LXD credentials yaml file"
29 echo -e " -K: Specifies the name of the controller to use - The controller must be already bootstrapped"
30 echo -e " --debug: debug mode"
31 echo -e " --cachelxdimages: cache local lxd images, create cronjob for that cache (will make installation longer)"
32 echo -e " --nojuju: do not juju, assumes already installed"
33 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
34 }
35
36 function update_juju_images(){
37 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
38 crontab -l | grep update-juju-lxc-images || (crontab -l 2>/dev/null; echo "0 4 * * 6 $USER ${OSM_DEVOPS}/installers/update-juju-lxc-images --xenial --bionic") | crontab -
39 ${OSM_DEVOPS}/installers/update-juju-lxc-images --xenial --bionic
40 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
41 }
42
43 function install_juju_client() {
44 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
45 echo "Installing juju client"
46 sudo snap install juju --classic --channel=$JUJU_VERSION/stable
47 [[ ":$PATH": != *":/snap/bin:"* ]] && PATH="/snap/bin:${PATH}"
48 [ -n "$INSTALL_CACHELXDIMAGES" ] && update_juju_images
49 echo "Finished installation of juju client"
50 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
51 return 0
52 }
53
54 function juju_createcontroller_k8s(){
55 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
56 cat $HOME/.kube/config | juju add-k8s $OSM_VCA_K8S_CLOUDNAME --client \
57 || FATAL_TRACK juju "Failed to add K8s endpoint and credential for client in cloud $OSM_VCA_K8S_CLOUDNAME"
58
59 JUJU_BOOTSTRAP_OPTS=""
60 if [ -n "${OSM_BEHIND_PROXY}" ] ; then
61 K8S_SVC_CLUSTER_IP=$(kubectl get svc/kubernetes -o jsonpath='{.spec.clusterIP}')
62 NO_PROXY="${NO_PROXY},${K8S_SVC_CLUSTER_IP},.svc,.cluster.local"
63 mkdir -p /tmp/.osm
64 JUJU_MODEL_CONFIG_FILE=/tmp/.osm/model-config.yaml
65 cat << EOF > $JUJU_MODEL_CONFIG_FILE
66 apt-http-proxy: ${HTTP_PROXY}
67 apt-https-proxy: ${HTTPS_PROXY}
68 juju-http-proxy: ${HTTP_PROXY}
69 juju-https-proxy: ${HTTPS_PROXY}
70 juju-no-proxy: ${NO_PROXY}
71 snap-http-proxy: ${HTTP_PROXY}
72 snap-https-proxy: ${HTTPS_PROXY}
73 EOF
74 JUJU_BOOTSTRAP_OPTS="--model-default /tmp/.osm/model-config.yaml"
75 fi
76 juju bootstrap -v --debug $OSM_VCA_K8S_CLOUDNAME $OSM_NAMESPACE \
77 --config controller-service-type=loadbalancer \
78 --agent-version=$JUJU_AGENT_VERSION \
79 ${JUJU_BOOTSTRAP_OPTS} \
80 || FATAL_TRACK juju "Failed to bootstrap controller $OSM_NAMESPACE in cloud $OSM_VCA_K8S_CLOUDNAME"
81 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
82 }
83
84 function juju_addlxd_cloud(){
85 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
86 mkdir -p /tmp/.osm
87 OSM_VCA_CLOUDNAME="lxd-cloud"
88 LXDENDPOINT=$DEFAULT_IP
89 LXD_CLOUD=/tmp/.osm/lxd-cloud.yaml
90 LXD_CREDENTIALS=/tmp/.osm/lxd-credentials.yaml
91
92 cat << EOF > $LXD_CLOUD
93 clouds:
94 $OSM_VCA_CLOUDNAME:
95 type: lxd
96 auth-types: [certificate]
97 endpoint: "https://$LXDENDPOINT:8443"
98 config:
99 ssl-hostname-verification: false
100 EOF
101 openssl req -nodes -new -x509 -keyout /tmp/.osm/client.key -out /tmp/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
102 cat << EOF > $LXD_CREDENTIALS
103 credentials:
104 $OSM_VCA_CLOUDNAME:
105 lxd-cloud:
106 auth-type: certificate
107 server-cert: /var/snap/lxd/common/lxd/server.crt
108 client-cert: /tmp/.osm/client.crt
109 client-key: /tmp/.osm/client.key
110 EOF
111 lxc config trust add local: /tmp/.osm/client.crt
112 juju add-cloud -c $OSM_NAMESPACE $OSM_VCA_CLOUDNAME $LXD_CLOUD --force
113 juju add-credential -c $OSM_NAMESPACE $OSM_VCA_CLOUDNAME -f $LXD_CREDENTIALS
114 sg lxd -c "lxd waitready"
115 juju controller-config features=[k8s-operators]
116 if [ -n "${OSM_BEHIND_PROXY}" ] ; then
117 if [ -n "${HTTP_PROXY}" ]; then
118 juju model-default lxd-cloud apt-http-proxy="$HTTP_PROXY"
119 juju model-default lxd-cloud juju-http-proxy="$HTTP_PROXY"
120 juju model-default lxd-cloud snap-http-proxy="$HTTP_PROXY"
121 fi
122 if [ -n "${HTTPS_PROXY}" ]; then
123 juju model-default lxd-cloud apt-https-proxy="$HTTPS_PROXY"
124 juju model-default lxd-cloud juju-https-proxy="$HTTPS_PROXY"
125 juju model-default lxd-cloud snap-https-proxy="$HTTPS_PROXY"
126 fi
127 [ -n "${NO_PROXY}" ] && juju model-default lxd-cloud juju-no-proxy="$NO_PROXY"
128 fi
129 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
130 }
131
132 #Safe unattended install of iptables-persistent
133 function check_install_iptables_persistent(){
134 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
135 echo -e "\nChecking required packages: iptables-persistent"
136 if ! dpkg -l iptables-persistent &>/dev/null; then
137 echo -e " Not installed.\nInstalling iptables-persistent requires root privileges"
138 echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
139 echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
140 sudo apt-get -yq install iptables-persistent
141 fi
142 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
143 }
144
145 function juju_createproxy() {
146 [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
147 check_install_iptables_persistent
148
149 if ! sudo iptables -t nat -C PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST; then
150 sudo iptables -t nat -A PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST
151 sudo netfilter-persistent save
152 fi
153 [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
154 }
155
156 DEBUG_INSTALL=""
157 INSTALL_CACHELXDIMAGES=""
158 INSTALL_NOJUJU=""
159 JUJU_AGENT_VERSION=2.9.34
160 JUJU_VERSION=2.9
161 OSM_BEHIND_PROXY=""
162 OSM_DEVOPS=
163 OSM_NAMESPACE=osm
164 OSM_VCA_HOST=
165 OSM_VCA_CLOUDNAME="localhost"
166 OSM_VCA_K8S_CLOUDNAME="k8scloud"
167 RE_CHECK='^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'
168
169 while getopts ":D:i:s:H:l:L:K:-: hP" o; do
170 case "${o}" in
171 D)
172 OSM_DEVOPS="${OPTARG}"
173 ;;
174 i)
175 DEFAULT_IP="${OPTARG}"
176 ;;
177 s)
178 OSM_NAMESPACE="${OPTARG}" && [[ ! "${OPTARG}" =~ $RE_CHECK ]] && echo "Namespace $OPTARG is invalid. Regex used for validation is $RE_CHECK" && exit 0
179 ;;
180 H)
181 OSM_VCA_HOST="${OPTARG}"
182 ;;
183 l)
184 LXD_CLOUD_FILE="${OPTARG}"
185 ;;
186 L)
187 LXD_CRED_FILE="${OPTARG}"
188 ;;
189 K)
190 CONTROLLER_NAME="${OPTARG}"
191 ;;
192 P)
193 OSM_BEHIND_PROXY="y"
194 ;;
195 -)
196 [ "${OPTARG}" == "help" ] && usage && exit 0
197 [ "${OPTARG}" == "debug" ] && DEBUG_INSTALL="--debug" && continue
198 [ "${OPTARG}" == "nojuju" ] && INSTALL_NOJUJU="y" && continue
199 [ "${OPTARG}" == "cachelxdimages" ] && INSTALL_CACHELXDIMAGES="y" && continue
200 echo -e "Invalid option: '--$OPTARG'\n" >&2
201 usage && exit 1
202 ;;
203 :)
204 echo "Option -$OPTARG requires an argument" >&2
205 usage && exit 1
206 ;;
207 \?)
208 echo -e "Invalid option: '-$OPTARG'\n" >&2
209 usage && exit 1
210 ;;
211 h)
212 usage && exit 0
213 ;;
214 *)
215 usage && exit 1
216 ;;
217 esac
218 done
219
220 source $OSM_DEVOPS/common/logging
221 source $OSM_DEVOPS/common/track
222
223 echo "DEBUG_INSTALL=$DEBUG_INSTALL"
224 echo "DEFAULT_IP=$DEFAULT_IP"
225 echo "OSM_BEHIND_PROXY=$OSM_BEHIND_PROXY"
226 echo "OSM_DEVOPS=$OSM_DEVOPS"
227 echo "HOME=$HOME"
228
229 [ -z "$INSTALL_NOJUJU" ] && install_juju_client
230 track juju juju_client_ok
231
232 if [ -z "$OSM_VCA_HOST" ]; then
233 if [ -z "$CONTROLLER_NAME" ]; then
234 juju_createcontroller_k8s
235 juju_addlxd_cloud
236 if [ -n "$LXD_CLOUD_FILE" ]; then
237 [ -z "$LXD_CRED_FILE" ] && FATAL_TRACK juju "The installer needs the LXD credential yaml if the LXD is external"
238 OSM_VCA_CLOUDNAME="lxd-cloud"
239 juju add-cloud $OSM_VCA_CLOUDNAME $LXD_CLOUD_FILE --force || juju update-cloud $OSM_VCA_CLOUDNAME --client -f $LXD_CLOUD_FILE
240 juju add-credential $OSM_VCA_CLOUDNAME -f $LXD_CRED_FILE || juju update-credential $OSM_VCA_CLOUDNAME lxd-cloud-creds -f $LXD_CRED_FILE
241 fi
242 juju_createproxy
243 else
244 OSM_VCA_CLOUDNAME="lxd-cloud"
245 if [ -n "$LXD_CLOUD_FILE" ]; then
246 [ -z "$LXD_CRED_FILE" ] && FATAL_TRACK juju "The installer needs the LXD credential yaml if the LXD is external"
247 juju add-cloud -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME $LXD_CLOUD_FILE --force || juju update-cloud lxd-cloud -c $CONTROLLER_NAME -f $LXD_CLOUD_FILE
248 juju add-credential -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME -f $LXD_CRED_FILE || juju update-credential lxd-cloud -c $CONTROLLER_NAME -f $LXD_CRED_FILE
249 else
250 mkdir -p ~/.osm
251 cat << EOF > ~/.osm/lxd-cloud.yaml
252 clouds:
253 lxd-cloud:
254 type: lxd
255 auth-types: [certificate]
256 endpoint: "https://$DEFAULT_IP:8443"
257 config:
258 ssl-hostname-verification: false
259 EOF
260 openssl req -nodes -new -x509 -keyout ~/.osm/client.key -out ~/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
261 local server_cert=`cat /var/snap/lxd/common/lxd/server.crt | sed 's/^/ /'`
262 local client_cert=`cat ~/.osm/client.crt | sed 's/^/ /'`
263 local client_key=`cat ~/.osm/client.key | sed 's/^/ /'`
264 cat << EOF > ~/.osm/lxd-credentials.yaml
265 credentials:
266 lxd-cloud:
267 lxd-cloud:
268 auth-type: certificate
269 server-cert: |
270 $server_cert
271 client-cert: |
272 $client_cert
273 client-key: |
274 $client_key
275 EOF
276 lxc config trust add local: ~/.osm/client.crt
277 juju add-cloud -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME ~/.osm/lxd-cloud.yaml --force || juju update-cloud lxd-cloud -c $CONTROLLER_NAME -f ~/.osm/lxd-cloud.yaml
278 juju add-credential -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME -f ~/.osm/lxd-credentials.yaml || juju update-credential lxd-cloud -c $CONTROLLER_NAME -f ~/.osm/lxd-credentials.yaml
279 fi
280 fi
281 [ -z "$CONTROLLER_NAME" ] && OSM_VCA_HOST=`sg lxd -c "juju show-controller $OSM_NAMESPACE"|grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
282 [ -n "$CONTROLLER_NAME" ] && OSM_VCA_HOST=`juju show-controller $CONTROLLER_NAME |grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
283 [ -z "$OSM_VCA_HOST" ] && FATAL_TRACK juju "Cannot obtain juju controller IP address"
284 fi
285 track juju juju_controller_ok