--- /dev/null
+#!/bin/bash
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+function usage(){
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
+ echo -e "usage: $0 [OPTIONS]"
+ echo -e "Install Juju for OSM"
+ echo -e " OPTIONS"
+ echo -e " -h / --help: print this help"
+ echo -e " -D <devops path> use local devops installation path"
+ echo -e " -s <stack name> or <namespace> user defined stack name when installed using swarm or namespace when installed using k8s, default is osm"
+ echo -e " -H <VCA host> use specific juju host controller IP"
+ echo -e " -S <VCA secret> use VCA/juju secret key"
+ echo -e " -P <VCA pubkey> use VCA/juju public key file"
+ echo -e " -l: LXD cloud yaml file"
+ echo -e " -L: LXD credentials yaml file"
+ echo -e " -K: Specifies the name of the controller to use - The controller must be already bootstrapped"
+ echo -e " --debug: debug mode"
+ echo -e " --cachelxdimages: cache local lxd images, create cronjob for that cache (will make installation longer)"
+ echo -e " --nojuju: do not juju, assumes already installed"
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
+}
+
+function update_juju_images(){
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
+ crontab -l | grep update-juju-lxc-images || (crontab -l 2>/dev/null; echo "0 4 * * 6 $USER ${OSM_DEVOPS}/installers/update-juju-lxc-images --xenial --bionic") | crontab -
+ ${OSM_DEVOPS}/installers/update-juju-lxc-images --xenial --bionic
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
+}
+
+function install_juju() {
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
+ echo "Installing juju"
+ sudo snap install juju --classic --channel=$JUJU_VERSION/stable
+ [[ ":$PATH": != *":/snap/bin:"* ]] && PATH="/snap/bin:${PATH}"
+ [ -n "$INSTALL_CACHELXDIMAGES" ] && update_juju_images
+ echo "Finished installation of juju"
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
+ return 0
+}
+
+function juju_createcontroller_k8s(){
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
+ cat $HOME/.kube/config | juju add-k8s $OSM_VCA_K8S_CLOUDNAME --client \
+ || FATAL "Failed to add K8s endpoint and credential for client in cloud $OSM_VCA_K8S_CLOUDNAME"
+ juju bootstrap -v --debug $OSM_VCA_K8S_CLOUDNAME $OSM_STACK_NAME \
+ --config controller-service-type=loadbalancer \
+ --agent-version=$JUJU_AGENT_VERSION \
+ || FATAL "Failed to bootstrap controller $OSM_STACK_NAME in cloud $OSM_VCA_K8S_CLOUDNAME"
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
+}
+
+function juju_addlxd_cloud(){
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
+ mkdir -p /tmp/.osm
+ OSM_VCA_CLOUDNAME="lxd-cloud"
+ LXDENDPOINT=$DEFAULT_IP
+ LXD_CLOUD=/tmp/.osm/lxd-cloud.yaml
+ LXD_CREDENTIALS=/tmp/.osm/lxd-credentials.yaml
+
+ cat << EOF > $LXD_CLOUD
+clouds:
+ $OSM_VCA_CLOUDNAME:
+ type: lxd
+ auth-types: [certificate]
+ endpoint: "https://$LXDENDPOINT:8443"
+ config:
+ ssl-hostname-verification: false
+EOF
+ openssl req -nodes -new -x509 -keyout /tmp/.osm/client.key -out /tmp/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
+ local server_cert=`cat /var/snap/lxd/common/lxd/server.crt | sed 's/^/ /'`
+ local client_cert=`cat /tmp/.osm/client.crt | sed 's/^/ /'`
+ local client_key=`cat /tmp/.osm/client.key | sed 's/^/ /'`
+
+ cat << EOF > $LXD_CREDENTIALS
+credentials:
+ $OSM_VCA_CLOUDNAME:
+ lxd-cloud:
+ auth-type: certificate
+ server-cert: |
+$server_cert
+ client-cert: |
+$client_cert
+ client-key: |
+$client_key
+EOF
+ lxc config trust add local: /tmp/.osm/client.crt
+ juju add-cloud -c $OSM_STACK_NAME $OSM_VCA_CLOUDNAME $LXD_CLOUD --force
+ juju add-credential -c $OSM_STACK_NAME $OSM_VCA_CLOUDNAME -f $LXD_CREDENTIALS
+ sg lxd -c "lxd waitready"
+ juju controller-config features=[k8s-operators]
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
+}
+
+#Safe unattended install of iptables-persistent
+function check_install_iptables_persistent(){
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
+ echo -e "\nChecking required packages: iptables-persistent"
+ if ! dpkg -l iptables-persistent &>/dev/null; then
+ echo -e " Not installed.\nInstalling iptables-persistent requires root privileges"
+ echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
+ echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
+ sudo apt-get -yq install iptables-persistent
+ fi
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
+}
+
+function juju_createproxy() {
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
+ check_install_iptables_persistent
+
+ if ! sudo iptables -t nat -C PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST; then
+ sudo iptables -t nat -A PREROUTING -p tcp -m tcp -d $DEFAULT_IP --dport 17070 -j DNAT --to-destination $OSM_VCA_HOST
+ sudo netfilter-persistent save
+ fi
+ [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
+}
+
+DEBUG_INSTALL=""
+INSTALL_CACHELXDIMAGES=""
+INSTALL_NOJUJU=""
+JUJU_AGENT_VERSION=2.9.29
+JUJU_VERSION=2.9
+OSM_DEVOPS=
+OSM_STACK_NAME=osm
+OSM_VCA_HOST=
+OSM_VCA_CLOUDNAME="localhost"
+OSM_VCA_K8S_CLOUDNAME="k8scloud"
+RE_CHECK='^[a-z0-9]([-a-z0-9]*[a-z0-9])?$'
+
+while getopts ":D:i:s:H:l:L:K:-: h" o; do
+ case "${o}" in
+ D)
+ OSM_DEVOPS="${OPTARG}"
+ ;;
+ i)
+ DEFAULT_IP="${OPTARG}"
+ ;;
+ s)
+ OSM_STACK_NAME="${OPTARG}" && [[ ! "${OPTARG}" =~ $RE_CHECK ]] && echo "Namespace $OPTARG is invalid. Regex used for validation is $RE_CHECK" && exit 0
+ ;;
+ H)
+ OSM_VCA_HOST="${OPTARG}"
+ ;;
+ l)
+ LXD_CLOUD_FILE="${OPTARG}"
+ ;;
+ L)
+ LXD_CRED_FILE="${OPTARG}"
+ ;;
+ K)
+ CONTROLLER_NAME="${OPTARG}"
+ ;;
+ -)
+ [ "${OPTARG}" == "help" ] && usage && exit 0
+ [ "${OPTARG}" == "debug" ] && DEBUG_INSTALL="--debug" && continue
+ [ "${OPTARG}" == "nojuju" ] && INSTALL_NOJUJU="y" && continue
+ [ "${OPTARG}" == "cachelxdimages" ] && INSTALL_CACHELXDIMAGES="y" && continue
+ echo -e "Invalid option: '--$OPTARG'\n" >&2
+ usage && exit 1
+ ;;
+ :)
+ echo "Option -$OPTARG requires an argument" >&2
+ usage && exit 1
+ ;;
+ \?)
+ echo -e "Invalid option: '-$OPTARG'\n" >&2
+ usage && exit 1
+ ;;
+ h)
+ usage && exit 0
+ ;;
+ *)
+ usage && exit 1
+ ;;
+ esac
+done
+
+source $OSM_DEVOPS/common/logging
+source $OSM_DEVOPS/common/track
+
+echo "DEBUG_INSTALL=$DEBUG_INSTALL"
+echo "DEFAULT_IP=$DEFAULT_IP"
+echo "OSM_DEVOPS=$OSM_DEVOPS"
+echo "HOME=$HOME"
+
+[ -z "$INSTALL_NOJUJU" ] && install_juju
+track juju juju_install_ok
+
+if [ -z "$OSM_VCA_HOST" ]; then
+ if [ -z "$CONTROLLER_NAME" ]; then
+ juju_createcontroller_k8s
+ juju_addlxd_cloud
+ if [ -n "$LXD_CLOUD_FILE" ]; then
+ [ -z "$LXD_CRED_FILE" ] && FATAL "The installer needs the LXD credential yaml if the LXD is external"
+ OSM_VCA_CLOUDNAME="lxd-cloud"
+ juju add-cloud $OSM_VCA_CLOUDNAME $LXD_CLOUD_FILE --force || juju update-cloud $OSM_VCA_CLOUDNAME --client -f $LXD_CLOUD_FILE
+ juju add-credential $OSM_VCA_CLOUDNAME -f $LXD_CRED_FILE || juju update-credential $OSM_VCA_CLOUDNAME lxd-cloud-creds -f $LXD_CRED_FILE
+ fi
+ juju_createproxy
+ else
+ OSM_VCA_CLOUDNAME="lxd-cloud"
+ if [ -n "$LXD_CLOUD_FILE" ]; then
+ [ -z "$LXD_CRED_FILE" ] && FATAL "The installer needs the LXD credential yaml if the LXD is external"
+ juju add-cloud -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME $LXD_CLOUD_FILE --force || juju update-cloud lxd-cloud -c $CONTROLLER_NAME -f $LXD_CLOUD_FILE
+ juju add-credential -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME -f $LXD_CRED_FILE || juju update-credential lxd-cloud -c $CONTROLLER_NAME -f $LXD_CRED_FILE
+ else
+ mkdir -p ~/.osm
+ cat << EOF > ~/.osm/lxd-cloud.yaml
+clouds:
+ lxd-cloud:
+ type: lxd
+ auth-types: [certificate]
+ endpoint: "https://$DEFAULT_IP:8443"
+ config:
+ ssl-hostname-verification: false
+EOF
+ openssl req -nodes -new -x509 -keyout ~/.osm/client.key -out ~/.osm/client.crt -days 365 -subj "/C=FR/ST=Nice/L=Nice/O=ETSI/OU=OSM/CN=osm.etsi.org"
+ local server_cert=`cat /var/snap/lxd/common/lxd/server.crt | sed 's/^/ /'`
+ local client_cert=`cat ~/.osm/client.crt | sed 's/^/ /'`
+ local client_key=`cat ~/.osm/client.key | sed 's/^/ /'`
+ cat << EOF > ~/.osm/lxd-credentials.yaml
+credentials:
+ lxd-cloud:
+ lxd-cloud:
+ auth-type: certificate
+ server-cert: |
+$server_cert
+ client-cert: |
+$client_cert
+ client-key: |
+$client_key
+EOF
+ lxc config trust add local: ~/.osm/client.crt
+ juju add-cloud -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME ~/.osm/lxd-cloud.yaml --force || juju update-cloud lxd-cloud -c $CONTROLLER_NAME -f ~/.osm/lxd-cloud.yaml
+ juju add-credential -c $CONTROLLER_NAME $OSM_VCA_CLOUDNAME -f ~/.osm/lxd-credentials.yaml || juju update-credential lxd-cloud -c $CONTROLLER_NAME -f ~/.osm/lxd-credentials.yaml
+ fi
+ fi
+ [ -z "$CONTROLLER_NAME" ] && OSM_VCA_HOST=`sg lxd -c "juju show-controller $OSM_STACK_NAME"|grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
+ [ -n "$CONTROLLER_NAME" ] && OSM_VCA_HOST=`juju show-controller $CONTROLLER_NAME |grep api-endpoints|awk -F\' '{print $2}'|awk -F\: '{print $1}'`
+ [ -z "$OSM_VCA_HOST" ] && FATAL "Cannot obtain juju controller IP address"
+fi
+track juju juju_controller_ok
+
+
projects / osm / devops.git / commitdiff