Feature 11037 Installation of ingress controller in OSM community installer

author garciadeblas <gerardo.garciadeblas@telefonica.com>

Tue, 21 May 2024 10:13:50 +0000 (12:13 +0200)

committer garciadeblas <gerardo.garciadeblas@telefonica.com>

Thu, 23 May 2024 13:45:48 +0000 (15:45 +0200)
author garciadeblas <gerardo.garciadeblas@telefonica.com>
Tue, 21 May 2024 10:13:50 +0000 (12:13 +0200)
committer garciadeblas <gerardo.garciadeblas@telefonica.com>
Thu, 23 May 2024 13:45:48 +0000 (15:45 +0200)
diff --git a/installers/full_install_osm.sh b/installers/full_install_osm.sh

index a150839..472c70b 100755 (executable)
--- a/installers/full_install_osm.sh
+++ b/installers/full_install_osm.sh
@@ -195,7 +195,7 @@ function install_osmclient(){
      echo -e "\nOSM client installed"
      echo -e "OSM client assumes that OSM host is running in localhost (127.0.0.1)."
      echo -e "In case you want to interact with a different OSM host, you will have to configure this env variable in your .bashrc file:"
      echo -e "\nOSM client installed"
      echo -e "OSM client assumes that OSM host is running in localhost (127.0.0.1)."
      echo -e "In case you want to interact with a different OSM host, you will have to configure this env variable in your .bashrc file:"
-    echo "     export OSM_HOSTNAME=https://nbi.${OSM_DEFAULT_IP}.nip.io"
+    echo "     export OSM_HOSTNAME=nbi.${OSM_DEFAULT_IP}.nip.io"
      [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
      return 0
  }
      [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
      return 0
  }
@@ -275,6 +275,11 @@ EOF"
      [ ! "$OSM_DOCKER_TAG" == "testing-daily" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set-string global.image.tag=${OSM_DOCKER_TAG}"
      [ ! "$OSM_DOCKER_TAG" == "testing-daily" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set prometheus.server.sidecarContainers.prometheus-config-sidecar.image=${DOCKER_REGISTRY_URL}${DOCKER_USER}/prometheus:${OSM_DOCKER_TAG}"
  
      [ ! "$OSM_DOCKER_TAG" == "testing-daily" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set-string global.image.tag=${OSM_DOCKER_TAG}"
      [ ! "$OSM_DOCKER_TAG" == "testing-daily" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set prometheus.server.sidecarContainers.prometheus-config-sidecar.image=${DOCKER_REGISTRY_URL}${DOCKER_USER}/prometheus:${OSM_DOCKER_TAG}"
  
+    OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.hostname=${OSM_DEFAULT_IP}.nip.io"
+    OSM_HELM_OPTS="${OSM_HELM_OPTS} --set grafana.ingress.hosts={grafana.${OSM_DEFAULT_IP}.nip.io}"
+    OSM_HELM_OPTS="${OSM_HELM_OPTS} --set prometheus.server.ingress.hosts={prometheus.${OSM_DEFAULT_IP}.nip.io}"
+    # OSM_HELM_OPTS="${OSM_HELM_OPTS} --set prometheus.alertmanager.ingress.hosts={alertmanager.${OSM_DEFAULT_IP}.nip.io}"
+
      if [ -n "${INSTALL_JUJU}" ]; then
          OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.enabled=true"
          OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.host=${OSM_VCA_HOST}"
      if [ -n "${INSTALL_JUJU}" ]; then
          OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.enabled=true"
          OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.host=${OSM_VCA_HOST}"
@@ -282,6 +287,7 @@ EOF"
          OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.cacert=${OSM_VCA_CACERT}"
      fi
      [ -n "$OSM_VCA_APIPROXY" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set lcm.config.OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}"
          OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.cacert=${OSM_VCA_CACERT}"
      fi
      [ -n "$OSM_VCA_APIPROXY" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set lcm.config.OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}"
+
      [ -n "${INSTALL_NGSA}" ] || OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.oldServiceAssurance=true"
      if [ -n "${OSM_BEHIND_PROXY}" ]; then
          OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.behindHttpProxy=true"
      [ -n "${INSTALL_NGSA}" ] || OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.oldServiceAssurance=true"
      if [ -n "${OSM_BEHIND_PROXY}" ]; then
          OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.behindHttpProxy=true"
@@ -328,7 +334,7 @@ function deploy_mongodb() {
  
  function install_osm_ngsa_service() {
      [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
  
  function install_osm_ngsa_service() {
      [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
-    NGSA_OPTS="-d ${OSM_HELM_WORK_DIR} -D ${OSM_DEVOPS} -t ${OSM_DOCKER_TAG} -U ${DOCKER_USER} ${DEBUG_INSTALL}"
+    NGSA_OPTS="-i ${OSM_DEFAULT_IP} -d ${OSM_HELM_WORK_DIR} -D ${OSM_DEVOPS} -t ${OSM_DOCKER_TAG} -U ${DOCKER_USER} ${DEBUG_INSTALL}"
      [ -n "${DOCKER_REGISTRY_URL}" ] && NGSA_OPTS="${NGSA_OPTS} -r ${DOCKER_REGISTRY_URL}"
      $OSM_DEVOPS/installers/install_ngsa.sh ${NGSA_OPTS} || \
      FATAL_TRACK install_osm_ngsa_service "install_ngsa.sh failed"
      [ -n "${DOCKER_REGISTRY_URL}" ] && NGSA_OPTS="${NGSA_OPTS} -r ${DOCKER_REGISTRY_URL}"
      $OSM_DEVOPS/installers/install_ngsa.sh ${NGSA_OPTS} || \
      FATAL_TRACK install_osm_ngsa_service "install_ngsa.sh failed"
@@ -337,18 +343,20 @@ function install_osm_ngsa_service() {
  
  function add_local_k8scluster() {
      [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
  
  function add_local_k8scluster() {
      [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
-    /usr/bin/osm --all-projects vim-create \
+    # OSM_HOSTNAME=$(kubectl get --namespace osm -o jsonpath="{.spec.rules[0].host}" ingress nbi-ingress)
+    OSM_HOSTNAME="nbi.${OSM_DEFAULT_IP}.nip.io:443"
+    /usr/bin/osm --hostname ${OSM_HOSTNAME} --all-projects vim-create \
        --name _system-osm-vim \
        --account_type dummy \
        --auth_url http://dummy \
        --user osm --password osm --tenant osm \
        --description "dummy" \
        --config '{management_network_name: mgmt}'
        --name _system-osm-vim \
        --account_type dummy \
        --auth_url http://dummy \
        --user osm --password osm --tenant osm \
        --description "dummy" \
        --config '{management_network_name: mgmt}'
-    /usr/bin/osm --all-projects k8scluster-add \
+    /usr/bin/osm --hostname ${OSM_HOSTNAME} --all-projects k8scluster-add \
        --creds ${HOME}/.kube/config \
        --vim _system-osm-vim \
        --k8s-nets '{"net1": null}' \
        --creds ${HOME}/.kube/config \
        --vim _system-osm-vim \
        --k8s-nets '{"net1": null}' \
-      --version '1.15' \
+      --version '1.29' \
        --description "OSM Internal Cluster" \
        _system-osm-k8s
      [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
        --description "OSM Internal Cluster" \
        _system-osm-k8s
      [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
@@ -716,8 +724,8 @@ APT_PROXY_URL=""
  K8S_CLUSTER_ENGINE="kubeadm"
  INSTALL_FROM_SOURCE=""
  DEBUG_INSTALL=""
  K8S_CLUSTER_ENGINE="kubeadm"
  INSTALL_FROM_SOURCE=""
  DEBUG_INSTALL=""
-RELEASE="ReleaseTEN"
-REPOSITORY="stable"
+RELEASE="testing-daily"
+REPOSITORY="testing"
  INSTALL_K8S_MONITOR=""
  INSTALL_NGSA="y"
  INSTALL_PLA=""
  INSTALL_K8S_MONITOR=""
  INSTALL_NGSA="y"
  INSTALL_PLA=""
diff --git a/installers/helm/osm/templates/NOTES.txt b/installers/helm/osm/templates/NOTES.txt

index 8dd736a..45e1821 100644 (file)
--- a/installers/helm/osm/templates/NOTES.txt
+++ b/installers/helm/osm/templates/NOTES.txt
@@ -17,6 +17,7 @@
  #######################################################################################
  */}}
  1. Get the application URL by running these commands:
  #######################################################################################
  */}}
  1. Get the application URL by running these commands:
+{{- if .Values.nbi.service }}
  {{- if contains "NodePort" .Values.nbi.service.type }}
    export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services nbi)
    export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
  {{- if contains "NodePort" .Values.nbi.service.type }}
    export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services nbi)
    export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
@@ -27,5 +28,11 @@
    export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} nbi --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
    echo http://$SERVICE_IP:{{ .Values.nbi.service.port }}
  {{- end }}
    export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} nbi --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
    echo http://$SERVICE_IP:{{ .Values.nbi.service.port }}
  {{- end }}
+{{- else }}
+  export OSM_GUI_URL=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.rules[0].host}" ingress ngui-ingress)
+  echo "OSM UI: $OSM_GUI_URL"
+  export OSM_HOSTNAME=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.rules[0].host}" ingress nbi-ingress)
+  echo "OSM_HOSTNAME (for osm client): $OSM_HOSTNAME"
+{{- end }}
  2. Get Grafana credentials for admin user using below command.
    kubectl -n {{ .Release.Namespace }}  get secret grafana -o jsonpath="{.data.admin-password}" | base64 --decode ; echo
  2. Get Grafana credentials for admin user using below command.
    kubectl -n {{ .Release.Namespace }}  get secret grafana -o jsonpath="{.data.admin-password}" | base64 --decode ; echo
diff --git a/installers/helm/osm/templates/alertmanager/alertmanager-ingress.yaml b/installers/helm/osm/templates/alertmanager/alertmanager-ingress.yaml

new file mode 100644 (file)

index 0000000..d8028e8
--- /dev/null
+++ b/installers/helm/osm/templates/alertmanager/alertmanager-ingress.yaml
@@ -0,0 +1,43 @@
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.alertmanager.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: alertmanager-ingress
+  labels:
+    {{- include "osm.labels" . | nindent 4 }}
+spec:
+  ingressClassName: nginx
+  rules:
+{{- if .Values.alertmanager.ingress.host }}
+  - host: {{ .Values.alertmanager.ingress.host }}
+{{- else }}
+  - host: "alertmanager.{{ .Values.global.hostname }}"
+{{- end }}
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: alertmanager
+            port:
+              number: 9093
+{{- end }}
+{{- end }}
+\ No newline at end of file
diff --git a/installers/helm/osm/templates/nbi/nbi-certificate.yaml b/installers/helm/osm/templates/nbi/nbi-certificate.yaml

new file mode 100644 (file)

index 0000000..afb5da5
--- /dev/null
+++ b/installers/helm/osm/templates/nbi/nbi-certificate.yaml
@@ -0,0 +1,45 @@
+{{- if .Values.nbi.enabled -}}
+{{- if .Values.certauth.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: nbi
+  namespace: {{ .Release.Namespace }}
+spec:
+  secretName: nbi-cert
+  privateKey:
+    rotationPolicy: Always
+    algorithm: ECDSA
+    size: 256
+  duration: "8760h"
+  renewBefore: "2208h"
+  dnsNames:
+  {{- if .Values.nbi.ingress.host }}
+    - {{ .Values.nbi.ingress.host }}
+  {{- else }}
+    - "nbi.{{ .Values.global.hostname }}"
+  {{- end }}
+  usages:
+    - "client auth"
+  issuerRef:
+    name: ca-issuer
+    kind: ClusterIssuer
+    group: cert-manager.io
+{{- end }}
+{{- end }}
diff --git a/installers/helm/osm/templates/nbi/nbi-ingress.yaml b/installers/helm/osm/templates/nbi/nbi-ingress.yaml

new file mode 100644 (file)

index 0000000..ba0d13e
--- /dev/null
+++ b/installers/helm/osm/templates/nbi/nbi-ingress.yaml
@@ -0,0 +1,52 @@
+{{- if .Values.nbi.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: nbi-ingress
+  labels:
+    {{- include "osm.labels" . | nindent 4 }}
+  annotations:
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+spec:
+  ingressClassName: nginx
+  rules:
+{{- if .Values.nbi.ingress.host }}
+  - host: {{ .Values.nbi.ingress.host }}
+{{- else }}
+  - host: "nbi.{{ .Values.global.hostname }}"
+{{- end }}
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: nbi
+            port:
+              number: 9999
+  tls:
+    - hosts:
+    {{- if .Values.nbi.ingress.host }}
+      - {{ .Values.nbi.ingress.host }}
+    {{- else }}
+      - "nbi.{{ .Values.global.hostname }}"
+    {{- end }}
+      secretName: nbi-cert
+{{- end }}
+\ No newline at end of file
diff --git a/installers/helm/osm/templates/nbi/nbi-service.yaml b/installers/helm/osm/templates/nbi/nbi-service.yaml

index 0ea6433..bb42f42 100644 (file)
--- a/installers/helm/osm/templates/nbi/nbi-service.yaml
+++ b/installers/helm/osm/templates/nbi/nbi-service.yaml
@@ -22,10 +22,12 @@ metadata:
    labels:
      {{- include "osm.labels" . | nindent 4 }}
  spec:
    labels:
      {{- include "osm.labels" . | nindent 4 }}
  spec:
-  type: {{ .Values.nbi.service.type }}
+  type: {{ default "ClusterIP" .Values.nbi.service.type }}
    ports:
    ports:
-    - nodePort: {{ .Values.nbi.service.nodePort }}
-      port: {{ .Values.nbi.service.port }}
+    - port: {{ default 9999 .Values.nbi.service.port }}
+    {{- if .Values.nbi.service.nodePort }}
+      nodePort: {{ .Values.nbi.service.nodePort }}
+    {{- end }}
        targetPort: 9999
        protocol: TCP
    selector:
        targetPort: 9999
        protocol: TCP
    selector:
diff --git a/installers/helm/osm/templates/ng_ui/ngui-certificate.yaml b/installers/helm/osm/templates/ng_ui/ngui-certificate.yaml

new file mode 100644 (file)

index 0000000..8e03fbf
--- /dev/null
+++ b/installers/helm/osm/templates/ng_ui/ngui-certificate.yaml
@@ -0,0 +1,45 @@
+{{- if .Values.ngui.enabled -}}
+{{- if .Values.certauth.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: ngui
+  namespace: {{ .Release.Namespace }}
+spec:
+  secretName: ngui-cert
+  privateKey:
+    rotationPolicy: Always
+    algorithm: ECDSA
+    size: 256
+  duration: "8760h"
+  renewBefore: "2208h"
+  dnsNames:
+  {{- if .Values.ngui.ingress.host }}
+    - {{ .Values.ngui.ingress.host }}
+  {{- else }}
+    - {{ .Values.global.hostname }}
+  {{- end }}
+  usages:
+    - "client auth"
+  issuerRef:
+    name: ca-issuer
+    kind: ClusterIssuer
+    group: cert-manager.io
+{{- end }}
+{{- end }}
diff --git a/installers/helm/osm/templates/ng_ui/ngui-ingress.yaml b/installers/helm/osm/templates/ng_ui/ngui-ingress.yaml

new file mode 100644 (file)

index 0000000..99d689f
--- /dev/null
+++ b/installers/helm/osm/templates/ng_ui/ngui-ingress.yaml
@@ -0,0 +1,51 @@
+{{- if .Values.ngui.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ngui-ingress
+  labels:
+    {{- include "osm.labels" . | nindent 4 }}
+  annotations:
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+spec:
+  ingressClassName: nginx
+  rules:
+{{- if .Values.ngui.ingress.host }}
+  - host: {{ .Values.ngui.ingress.host }}
+{{- else }}
+  - host: "{{ .Values.global.hostname }}"
+{{- end }}
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: ng-ui
+            port:
+              number: 80
+  tls:
+    - hosts:
+    {{- if .Values.ngui.ingress.host }}
+      - {{ .Values.ngui.ingress.host }}
+    {{- else }}
+      - "nbi.{{ .Values.global.hostname }}"
+    {{- end }}
+      secretName: ngui-cert
+{{- end }}
+\ No newline at end of file
diff --git a/installers/helm/osm/templates/ng_ui/ngui-service.yaml b/installers/helm/osm/templates/ng_ui/ngui-service.yaml

index d2eb22c..212d259 100644 (file)
--- a/installers/helm/osm/templates/ng_ui/ngui-service.yaml
+++ b/installers/helm/osm/templates/ng_ui/ngui-service.yaml
@@ -22,10 +22,12 @@ metadata:
    labels:
      {{- include "osm.labels" . | nindent 4 }}
  spec:
    labels:
      {{- include "osm.labels" . | nindent 4 }}
  spec:
-  type: {{ .Values.ngui.service.type }}
+  type: {{ default "ClusterIP" .Values.ngui.service.type }}
    ports:
    ports:
-    - nodePort: {{ .Values.ngui.service.nodePort }}
-      port: {{ .Values.ngui.service.port }}
+    - port: {{ default 80 .Values.ngui.service.port }}
+    {{- if .Values.ngui.service.nodePort }}
+      nodePort: {{ .Values.ngui.service.nodePort }}
+    {{- end }}
        targetPort: 80
        protocol: TCP
    selector:
        targetPort: 80
        protocol: TCP
    selector:
diff --git a/installers/helm/osm/templates/webhook_translator/webhook-translator-ingress.yaml b/installers/helm/osm/templates/webhook_translator/webhook-translator-ingress.yaml

new file mode 100644 (file)

index 0000000..f4e8b64
--- /dev/null
+++ b/installers/helm/osm/templates/webhook_translator/webhook-translator-ingress.yaml
@@ -0,0 +1,43 @@
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.webhookTranslator.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: webhook-ingress
+  labels:
+    {{- include "osm.labels" . | nindent 4 }}
+spec:
+  ingressClassName: nginx
+  rules:
+{{- if .Values.webhookTranslator.ingress.host }}
+  - host: {{ .Values.webhookTranslator.ingress.host }}
+{{- else }}
+  - host: "webhook.{{ .Values.global.hostname }}"
+{{- end }}
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: webhook-translator
+            port:
+              number: 9998
+{{- end }}
+{{- end }}
+\ No newline at end of file
diff --git a/installers/helm/osm/templates/webhook_translator/webhook-translator-service.yaml b/installers/helm/osm/templates/webhook_translator/webhook-translator-service.yaml

index 0fb1d8e..11d2508 100644 (file)
--- a/installers/helm/osm/templates/webhook_translator/webhook-translator-service.yaml
+++ b/installers/helm/osm/templates/webhook_translator/webhook-translator-service.yaml
@@ -23,10 +23,12 @@ metadata:
    labels:
      {{- include "osm.labels" . | nindent 4 }}
  spec:
    labels:
      {{- include "osm.labels" . | nindent 4 }}
  spec:
-  type: {{ .Values.webhookTranslator.service.type }}
+  type: {{ default "ClusterIP" .Values.webhookTranslator.service.type }}
    ports:
    ports:
-    - nodePort: {{ .Values.webhookTranslator.service.nodePort }}
-      port: {{ .Values.webhookTranslator.service.port }}
+    - port: {{ default 9998 .Values.webhookTranslator.service.port }}
+    {{- if .Values.webhookTranslator.service.nodePort }}
+      nodePort: {{ .Values.webhookTranslator.service.nodePort }}
+    {{- end }}
        targetPort: 9998
        protocol: TCP
    selector:
        targetPort: 9998
        protocol: TCP
    selector:
diff --git a/installers/helm/osm/values.yaml b/installers/helm/osm/values.yaml

index 5bfc94e..1575136 100644 (file)
--- a/installers/helm/osm/values.yaml
+++ b/installers/helm/osm/values.yaml
@@ -21,7 +21,8 @@
  global:
    replicaCount: 1
    logLevel: INFO
  global:
    replicaCount: 1
    logLevel: INFO
-
+  # hostname to be used for the ingress objects
+  hostname: ~
    image:
      repositoryBase: docker.io/opensourcemano
      pullPolicy: IfNotPresent
    image:
      repositoryBase: docker.io/opensourcemano
      pullPolicy: IfNotPresent
@@ -68,16 +69,26 @@ global:
  airflow:
    enabled: true
  
  airflow:
    enabled: true
  
+alertmanager:
+  enabled: true
+  ingress: {}
+  #   host: alertmanager.<IP_ADDRESS>.nip.io
+
  certauth:
    enabled: true
  
  grafana:
    enabled: true
    fullnameOverride: "grafana"
  certauth:
    enabled: true
  
  grafana:
    enabled: true
    fullnameOverride: "grafana"
-  service:
-    type: NodePort
-    nodePort: 3000
-    port: 3000
+  # service:
+  #   type: NodePort
+  #   nodePort: 3000
+  #   port: 3000
+  ingress:
+    enabled: true
+    ingressClassName: nginx
+    # hosts:
+    #   - grafana.<IP_ADDRESS>.nip.io
    extraVolumes:
      - emptyDir: {}
        name: sc-dashboard-volume-k8s
    extraVolumes:
      - emptyDir: {}
        name: sc-dashboard-volume-k8s
@@ -218,11 +229,13 @@ mysql:
  
  nbi:
    enabled: true
  
  nbi:
    enabled: true
+  ingress: {}
+  #   host: nbi.<IP_ADDRESS>.nip.io
    logLevel: DEBUG
    logLevel: DEBUG
-  service:
-    type: NodePort
-    port: 9999
-    nodePort: 9999
+  service: {}
+  #   type: NodePort
+  #   port: 9999
+  #   nodePort: 9999
    image: {}
      # repository: opensourcemano/nbi
      # tag: "testing-daily"
    image: {}
      # repository: opensourcemano/nbi
      # tag: "testing-daily"
@@ -232,10 +245,12 @@ nbi:
  
  ngui:
    enabled: true
  
  ngui:
    enabled: true
-  service:
-    type: NodePort
-    port: 80
-    nodePort: 80
+  service: {}
+  #   type: NodePort
+  #   port: 80
+  #   nodePort: 80
+  ingress: {}
+  #   host: <IP_ADDRESS>.nip.io
    image: {}
      # repository: opensourcemano/ng-ui
      # tag: "testing-daily"
    image: {}
      # repository: opensourcemano/ng-ui
      # tag: "testing-daily"
@@ -279,8 +294,13 @@ prometheus:
      fullnameOverride: "prometheus"
      service:
        servicePort: 9090
      fullnameOverride: "prometheus"
      service:
        servicePort: 9090
-      type: NodePort
-      nodePort: 9091
+    #   type: NodePort
+    #   nodePort: 9091
+    ingress:
+      enabled: true
+      ingressClassName: nginx
+      # hosts:
+      #   - prometheus.<IP_ADDRESS>.nip.io
      sidecarContainers:
        prometheus-config-sidecar:
          securityContext:
      sidecarContainers:
        prometheus-config-sidecar:
          securityContext:
@@ -427,13 +447,23 @@ prometheus:
                static_configs:
                  - targets: ['prometheus-node-exporter:9100']
    alertmanager:
                static_configs:
                  - targets: ['prometheus-node-exporter:9100']
    alertmanager:
+    enabled: true
      fullnameOverride: "alertmanager"
      extraArgs:
        log.level: debug
      fullnameOverride: "alertmanager"
      extraArgs:
        log.level: debug
-    service:
-      type: NodePort
-      nodePort: 9093
-      port: 9093
+    # service:
+    #   type: NodePort
+    #   nodePort: 9093
+    #   port: 9093
+    # ingress:
+    #   enabled: True
+    #   className: nginx
+    #   hosts:
+    #     - host: localhost
+    #       paths:
+    #         - path: /
+    #           pathType: ImplementationSpecific
+    #   tls: []
      config:
        receivers:
          - name: default-receiver
      config:
        receivers:
          - name: default-receiver
@@ -494,11 +524,14 @@ vca:
  
  webhookTranslator:
    enabled: true
  
  webhookTranslator:
    enabled: true
-  service:
-    type: NodePort
-    nodePort: 9998
-    port: 9998
+  # replicaCount: 1
    image: {}
      # repository: opensourcemano/webhook
      # tag: "testing-daily"
    image: {}
      # repository: opensourcemano/webhook
      # tag: "testing-daily"
+  ingress: {}
+  #   host: webhook.<IP_ADDRESS>.nip.io
    # replicaCount: 1
    # replicaCount: 1
+  service: {}
+  #   type: NodePort
+  #   nodePort: 9998
+  #   port: 9998
diff --git a/installers/helm/values/airflow-values.yaml b/installers/helm/values/airflow-values.yaml

index b574ff4..bcfe583 100644 (file)
--- a/installers/helm/values/airflow-values.yaml
+++ b/installers/helm/values/airflow-values.yaml
@@ -14,10 +14,16 @@
  ---
  defaultAirflowRepository: opensourcemano/airflow
  defaultAirflowTag: "testing-daily"
  ---
  defaultAirflowRepository: opensourcemano/airflow
  defaultAirflowTag: "testing-daily"
+ingress:
+  web:
+    enabled: True
+    hosts:
+      - name: "localhost"
+    ingressClassName: nginx
  webserverSecretKeySecretName: airflow-webserver-secret
  webserver:
    service:
  webserverSecretKeySecretName: airflow-webserver-secret
  webserver:
    service:
-    type: NodePort
+    type: ClusterIP
      ports:
        - name: airflow-ui
          port: "{{ .Values.ports.airflowUI }}"
      ports:
        - name: airflow-ui
          port: "{{ .Values.ports.airflowUI }}"
diff --git a/installers/install_cluster_addons.sh b/installers/install_cluster_addons.sh

index a2bc366..245ff26 100755 (executable)
--- a/installers/install_cluster_addons.sh
+++ b/installers/install_cluster_addons.sh
@@ -88,7 +88,25 @@ function install_helm_certmanager() {
      [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
  }
  
      [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
  }
  
-#checks openebs and metallb readiness
+#installs nginx
+function install_helm_nginx() {
+    [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
+    echo "Installing nginx"
+    NGINX_VERSION="4.10.0"
+    ANNOTATIONS='--set controller.service.annotations."service\.beta\.kubernetes\.io/azure-load-balancer-health-probe-request-path"=/healthz'
+    ANNOTATIONS=${ANNOTATIONS:-""}
+    helm upgrade --install ingress-nginx ingress-nginx \
+        --repo https://kubernetes.github.io/ingress-nginx --version ${NGINX_VERSION} \
+        --namespace ingress-nginx --create-namespace ${ANNOTATIONS}
+    # Wait until ready
+    kubectl wait --namespace ingress-nginx \
+        --for=condition=ready pod \
+        --selector=app.kubernetes.io/component=controller \
+        --timeout=120s
+    [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
+}
+
+#checks openebs, metallb and cert-manager readiness
  function check_for_readiness() {
      [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
      # Default input values
  function check_for_readiness() {
      [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
      # Default input values
@@ -233,6 +251,8 @@ install_helm_metallb
  track k8scluster k8s_metallb_ok
  install_helm_certmanager
  track k8scluster k8s_certmanager_ok
  track k8scluster k8s_metallb_ok
  install_helm_certmanager
  track k8scluster k8s_certmanager_ok
+install_helm_nginx
+track k8scluster k8s_nginx_ok
  check_for_readiness
  track k8scluster k8s_ready_ok
  configure_ipaddresspool_metallb
  check_for_readiness
  track k8scluster k8s_ready_ok
  configure_ipaddresspool_metallb
diff --git a/installers/install_ngsa.sh b/installers/install_ngsa.sh

index dbfbac5..0a4f03a 100755 (executable)
--- a/installers/install_ngsa.sh
+++ b/installers/install_ngsa.sh
@@ -29,6 +29,8 @@ function install_airflow() {
      sudo sed -i "s#defaultAirflowTag:.*#defaultAirflowTag: \"${OSM_DOCKER_TAG}\"#g" ${OSM_HELM_WORK_DIR}/airflow-values.yaml
      echo "Updating Helm values file helm/values/airflow-values.yaml to use defaultAirflowRepository: ${DOCKER_REGISTRY_URL}${DOCKER_USER}/airflow"
      sudo sed -i "s#defaultAirflowRepository:.*#defaultAirflowRepository: ${DOCKER_REGISTRY_URL}${DOCKER_USER}/airflow#g" ${OSM_HELM_WORK_DIR}/airflow-values.yaml
      sudo sed -i "s#defaultAirflowTag:.*#defaultAirflowTag: \"${OSM_DOCKER_TAG}\"#g" ${OSM_HELM_WORK_DIR}/airflow-values.yaml
      echo "Updating Helm values file helm/values/airflow-values.yaml to use defaultAirflowRepository: ${DOCKER_REGISTRY_URL}${DOCKER_USER}/airflow"
      sudo sed -i "s#defaultAirflowRepository:.*#defaultAirflowRepository: ${DOCKER_REGISTRY_URL}${DOCKER_USER}/airflow#g" ${OSM_HELM_WORK_DIR}/airflow-values.yaml
+    echo "Updating Helm values file helm/values/airflow-values.yaml to set ingress.web.hosts with host \"airflow.${DEFAULT_IP}.nip.io\""
+    sudo sed -i "s#name: \"localhost\"#name: \"airflow.${DEFAULT_IP}.nip.io\"#g" ${OSM_HELM_WORK_DIR}/airflow-values.yaml
  
      helm repo add apache-airflow https://airflow.apache.org
      helm repo update
  
      helm repo add apache-airflow https://airflow.apache.org
      helm repo update
@@ -43,9 +45,13 @@ DOCKER_USER="opensourcemano"
  OSM_DEVOPS="/usr/share/osm-devops"
  OSM_DOCKER_TAG="testing-daily"
  OSM_HELM_WORK_DIR="/etc/osm/helm"
  OSM_DEVOPS="/usr/share/osm-devops"
  OSM_DOCKER_TAG="testing-daily"
  OSM_HELM_WORK_DIR="/etc/osm/helm"
+DEFAULT_IP="127.0.0.1"
  
  
-while getopts ":D:d:t:r:U:-: " o; do
+while getopts ":D:d:i:t:r:U:-: " o; do
      case "${o}" in
      case "${o}" in
+        i)
+            DEFAULT_IP="${OPTARG}"
+            ;;
          D)
              OSM_DEVOPS="${OPTARG}"
              ;;
          D)
              OSM_DEVOPS="${OPTARG}"
              ;;
@@ -83,6 +89,7 @@ done
  source $OSM_DEVOPS/common/logging
  source $OSM_DEVOPS/common/track
  
  source $OSM_DEVOPS/common/logging
  source $OSM_DEVOPS/common/track
  
+echo "DEFAULT_IP=$DEFAULT_IP"
  echo "DEBUG_INSTALL=$DEBUG_INSTALL"
  echo "OSM_DEVOPS=$OSM_DEVOPS"
  echo "OSM_DOCKER_TAG=$OSM_DOCKER_TAG"
  echo "DEBUG_INSTALL=$DEBUG_INSTALL"
  echo "OSM_DEVOPS=$OSM_DEVOPS"
  echo "OSM_DOCKER_TAG=$OSM_DOCKER_TAG"
diff --git a/jenkins/ci-pipelines/ci_stage_3.groovy b/jenkins/ci-pipelines/ci_stage_3.groovy

index cff7217..1347650 100644 (file)
--- a/jenkins/ci-pipelines/ci_stage_3.groovy
+++ b/jenkins/ci-pipelines/ci_stage_3.groovy
@@ -593,9 +593,9 @@ node("${params.NODE}") {
                                      ${osm_installation_options}
                              """
                          }
                                      ${osm_installation_options}
                              """
                          }
-                        prometheusHostname = IP_ADDRESS
-                        prometheusPort = 9091
-                        osmHostname = IP_ADDRESS
+                        prometheusHostname = "prometheus.${IP_ADDRESS}.nip.io"
+                        prometheusPort = 80
+                        osmHostname = "nbi.${IP_ADDRESS}.nip.io:443"
                      }
                  } // stage("Install")
  ///////////////////////////////////////////////////////////////////////////////////////
                      }
                  } // stage("Install")
  ///////////////////////////////////////////////////////////////////////////////////////
author	garciadeblas <gerardo.garciadeblas@telefonica.com>
	Tue, 21 May 2024 10:13:50 +0000 (12:13 +0200)
committer	garciadeblas <gerardo.garciadeblas@telefonica.com>
	Thu, 23 May 2024 13:45:48 +0000 (15:45 +0200)
installers/full_install_osm.sh		patch \| blob \| history
installers/helm/osm/templates/NOTES.txt		patch \| blob \| history
installers/helm/osm/templates/alertmanager/alertmanager-ingress.yaml	[new file with mode: 0644]	patch \| blob
installers/helm/osm/templates/nbi/nbi-certificate.yaml	[new file with mode: 0644]	patch \| blob
installers/helm/osm/templates/nbi/nbi-ingress.yaml	[new file with mode: 0644]	patch \| blob
installers/helm/osm/templates/nbi/nbi-service.yaml		patch \| blob \| history
installers/helm/osm/templates/ng_ui/ngui-certificate.yaml	[new file with mode: 0644]	patch \| blob
installers/helm/osm/templates/ng_ui/ngui-ingress.yaml	[new file with mode: 0644]	patch \| blob
installers/helm/osm/templates/ng_ui/ngui-service.yaml		patch \| blob \| history
installers/helm/osm/templates/webhook_translator/webhook-translator-ingress.yaml	[new file with mode: 0644]	patch \| blob
installers/helm/osm/templates/webhook_translator/webhook-translator-service.yaml		patch \| blob \| history
installers/helm/osm/values.yaml		patch \| blob \| history
installers/helm/values/airflow-values.yaml		patch \| blob \| history
installers/install_cluster_addons.sh		patch \| blob \| history
installers/install_ngsa.sh		patch \| blob \| history
jenkins/ci-pipelines/ci_stage_3.groovy		patch \| blob \| history