OOM Quick Start Guide
Once a Kubernetes environment is available (follow the instructions in OOM Cloud Setup Guide if you don’t have a cloud environment available), follow the following instructions to deploy ONAP.
Step 1. Clone the OOM repository from ONAP gerrit:
> git clone -b <BRANCH> http://gerrit.onap.org/r/oom --recurse-submodules
> cd oom/kubernetes
where <BRANCH> can be an official release tag, such as
4.0.0-ONAP for Dublin
5.0.1-ONAP for El Alto
6.0.0 for Frankfurt
7.0.0 for Guilin
8.0.0 for Honolulu
9.0.0 for Istanbul
Step 2. Install Helm Plugins required to deploy ONAP:
> cp -R ~/oom/kubernetes/helm/plugins/ ~/.local/share/helm/plugins
> helm plugin install https://github.com/chartmuseum/helm-push.git \
--version 0.9.0
Note
The --version 0.9.0
is required as new version of helm (3.7.0 and up) is
now using push
directly and helm-push is using cm-push
starting
version 0.10.0
and up.
Step 3. Install Chartmuseum:
> curl -LO https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum
> chmod +x ./chartmuseum
> mv ./chartmuseum /usr/local/bin
Step 4. Install Cert-Manager:
> kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.2.0/cert-manager.yaml
More details can be found here.
Step 5. Customize the Helm charts like oom/kubernetes/onap/values.yaml or an override file like onap-all.yaml, onap-vfw.yaml or openstack.yaml file to suit your deployment with items like the OpenStack tenant information.
Note
Standard and example override files (e.g. onap-all.yaml, openstack.yaml) can be found in the oom/kubernetes/onap/resources/overrides/ directory.
You may want to selectively enable or disable ONAP components by changing the
enabled: true/false
flags.Encrypt the OpenStack password using the shell tool for Robot and put it in the Robot Helm charts or Robot section of openstack.yaml
Encrypt the OpenStack password using the java based script for SO Helm charts or SO section of openstack.yaml.
Update the OpenStack parameters that will be used by Robot, SO and APPC Helm charts or use an override file to replace them.
Add in the command line a value for the global master password (global.masterPassword).
a. Enabling/Disabling Components: Here is an example of the nominal entries that need to be provided. We have different values file available for different contexts.
# Copyright © 2019 Amdocs, Bell Canada
# Copyright (c) 2020 Nordix Foundation, Modifications
# Modifications Copyright © 2020-2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#################################################################
# Global configuration overrides.
#
# These overrides will affect all helm charts (ie. applications)
# that are listed below and are 'enabled'.
#################################################################
global:
# Change to an unused port prefix range to prevent port conflicts
# with other instances running within the same k8s cluster
nodePortPrefix: 302
nodePortPrefixExt: 304
# Install test components
# test components are out of the scope of ONAP but allow to have a entire
# environment to test the different features of ONAP
# Current tests environments provided:
# - netbox (needed for CDS IPAM)
# - AWX (needed for XXX)
# - EJBCA Server (needed for CMPv2 tests)
# Today, "contrib" chart that hosting these components must also be enabled
# in order to make it work. So `contrib.enabled` must have the same value than
# addTestingComponents
addTestingComponents: &testing false
# ONAP Repository
# Four different repositories are used
# You can change individually these repositories to ones that will serve the
# right images. If credentials are needed for one of them, see below.
repository: nexus3.onap.org:10001
dockerHubRepository: &dockerHubRepository docker.io
elasticRepository: &elasticRepository docker.elastic.co
googleK8sRepository: k8s.gcr.io
githubContainerRegistry: ghcr.io
#/!\ DEPRECATED /!\
# Legacy repositories which will be removed at the end of migration.
# Please don't use
loggingRepository: *elasticRepository
busyboxRepository: *dockerHubRepository
# Default credentials
# they're optional. If the target repository doesn't need them, comment them
repositoryCred:
user: docker
password: docker
# If you want / need authentication on the repositories, please set
# Don't set them if the target repo is the same than others
# so id you've set repository to value `my.private.repo` and same for
# dockerHubRepository, you'll have to configure only repository (exclusive) OR
# dockerHubCred.
# dockerHubCred:
# user: myuser
# password: mypassord
# elasticCred:
# user: myuser
# password: mypassord
# googleK8sCred:
# user: myuser
# password: mypassord
# common global images
# Busybox for simple shell manipulation
busyboxImage: busybox:1.32
# curl image
curlImage: curlimages/curl:7.69.1
# env substitution image
envsubstImage: dibi/envsubst:1
# generate htpasswd files image
# there's only latest image for htpasswd
htpasswdImage: xmartlabs/htpasswd:latest
# kubenretes client image
kubectlImage: bitnami/kubectl:1.19
# logging agent
loggingImage: beats/filebeat:5.5.0
# mariadb client image
mariadbImage: bitnami/mariadb:10.5.8
# nginx server image
nginxImage: bitnami/nginx:1.18-debian-10
# postgreSQL client and server image
postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
# readiness check image
readinessImage: onap/oom/readiness:3.0.1
# image pull policy
pullPolicy: Always
# default java image
jreImage: onap/integration-java11:7.2.0
# default clusterName
# {{ template "common.fullname" . }}.{{ template "common.namespace" . }}.svc.{{ .Values.global.clusterName }}
clusterName: cluster.local
# default mount path root directory referenced
# by persistent volumes and log files
persistence:
mountPath: /dockerdata-nfs
enableDefaultStorageclass: false
parameters: {}
storageclassProvisioner: kubernetes.io/no-provisioner
volumeReclaimPolicy: Retain
# override default resource limit flavor for all charts
flavor: unlimited
# flag to enable debugging - application support required
debugEnabled: false
# default password complexity
# available options: phrase, name, pin, basic, short, medium, long, maximum security
# More datails: https://www.masterpasswordapp.com/masterpassword-algorithm.pdf
passwordStrength: long
# configuration to set log level to all components (the one that are using
# "common.log.level" to set this)
# can be overrided per components by setting logConfiguration.logLevelOverride
# to the desired value
# logLevel: DEBUG
# Global ingress configuration
ingress:
enabled: false
virtualhost:
baseurl: "simpledemo.onap.org"
# Global Service Mesh configuration
# POC Mode, don't use it in production
serviceMesh:
enabled: false
tls: true
# metrics part
# If enabled, exporters (for prometheus) will be deployed
# if custom resources set to yes, CRD from prometheus operartor will be
# created
# Not all components have it enabled.
#
metrics:
enabled: true
custom_resources: false
# Disabling AAF
# POC Mode, only for use in development environment
# Keep it enabled in production
aafEnabled: true
aafAgentImage: onap/aaf/aaf_agent:2.1.20
# Disabling MSB
# POC Mode, only for use in development environment
msbEnabled: true
# default values for certificates
certificate:
default:
renewBefore: 720h #30 days
duration: 8760h #365 days
subject:
organization: "Linux-Foundation"
country: "US"
locality: "San-Francisco"
province: "California"
organizationalUnit: "ONAP"
issuer:
group: certmanager.onap.org
kind: CMPv2Issuer
name: cmpv2-issuer-onap
# Enabling CMPv2
cmpv2Enabled: true
platform:
certificates:
clientSecretName: oom-cert-service-client-tls-secret
keystoreKeyRef: keystore.jks
truststoreKeyRef: truststore.jks
keystorePasswordSecretName: oom-cert-service-certificates-password
keystorePasswordSecretKey: password
truststorePasswordSecretName: oom-cert-service-certificates-password
truststorePasswordSecretKey: password
# Indicates offline deployment build
# Set to true if you are rendering helm charts for offline deployment
# Otherwise keep it disabled
offlineDeploymentBuild: false
# TLS
# Set to false if you want to disable TLS for NodePorts. Be aware that this
# will loosen your security.
# if set this element will force or not tls even if serviceMesh.tls is set.
# tlsEnabled: false
# Logging
# Currently, centralized logging is not in best shape so it's disabled by
# default
centralizedLoggingEnabled: ¢ralizedLogging false
# Example of specific for the components where you want to disable TLS only for
# it:
# if set this element will force or not tls even if global.serviceMesh.tls and
# global.tlsEnabled is set otherwise.
# robot:
# tlsOverride: false
# Global storage configuration
# Set to "-" for default, or with the name of the storage class
# Please note that if you use AAF, CDS, SDC, Netbox or Robot, you need a
# storageclass with RWX capabilities (or set specific configuration for these
# components).
# persistence:
# storageClass: "-"
# Example of specific for the components which requires RWX:
# aaf:
# persistence:
# storageClassOverride: "My_RWX_Storage_Class"
# contrib:
# netbox:
# netbox-app:
# persistence:
# storageClassOverride: "My_RWX_Storage_Class"
# cds:
# cds-blueprints-processor:
# persistence:
# storageClassOverride: "My_RWX_Storage_Class"
# sdc:
# sdc-onboarding-be:
# persistence:
# storageClassOverride: "My_RWX_Storage_Class"
#################################################################
# Enable/disable and configure helm charts (ie. applications)
# to customize the ONAP deployment.
#################################################################
aaf:
enabled: false
aai:
enabled: false
appc:
enabled: false
config:
openStackType: OpenStackProvider
openStackName: OpenStack
openStackKeyStoneUrl: http://localhost:8181/apidoc/explorer/index.html
openStackServiceTenantName: default
openStackDomain: default
openStackUserName: admin
openStackEncryptedPassword: admin
cassandra:
enabled: false
cds:
enabled: false
clamp:
enabled: false
cli:
enabled: false
consul:
enabled: false
# Today, "contrib" chart that hosting these components must also be enabled
# in order to make it work. So `contrib.enabled` must have the same value than
# addTestingComponents
contrib:
enabled: *testing
cps:
enabled: false
dcaegen2:
enabled: false
dcaegen2-services:
enabled: false
dcaemod:
enabled: false
holmes:
enabled: false
dmaap:
enabled: false
# Today, "logging" chart that perform the central part of logging must also be
# enabled in order to make it work. So `logging.enabled` must have the same
# value than centralizedLoggingEnabled
log:
enabled: *centralizedLogging
sniro-emulator:
enabled: false
oof:
enabled: false
mariadb-galera:
enabled: false
msb:
enabled: false
multicloud:
enabled: false
nbi:
enabled: false
config:
# openstack configuration
openStackRegion: "Yolo"
openStackVNFTenantId: "1234"
policy:
enabled: false
pomba:
enabled: false
portal:
enabled: false
robot:
enabled: false
config:
# openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment
openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
sdc:
enabled: false
sdnc:
enabled: false
replicaCount: 1
mysql:
replicaCount: 1
so:
enabled: false
replicaCount: 1
liveness:
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: false
# so server configuration
config:
# message router configuration
dmaapTopic: "AUTO"
# openstack configuration
openStackUserName: "vnf_user"
openStackRegion: "RegionOne"
openStackKeyStoneUrl: "http://1.2.3.4:5000"
openStackServiceTenantName: "service"
openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
# in order to enable static password for so-monitoring uncomment:
# so-monitoring:
# server:
# monitoring:
# password: demo123456!
uui:
enabled: false
vfc:
enabled: false
vid:
enabled: false
vnfsdk:
enabled: false
modeling:
enabled: false
platform:
enabled: false
a1policymanagement:
enabled: false
cert-wrapper:
enabled: true
repository-wrapper:
enabled: true
roles-wrapper:
enabled: true
b. Generating ROBOT Encrypted Password: The Robot encrypted Password uses the same encryption.key as SO but an openssl algorithm that works with the python based Robot Framework.
Note
To generate Robot openStackEncryptedPasswordHere
:
cd so/resources/config/mso/
/oom/kubernetes/so/resources/config/mso# echo -n "<openstack tenant password>" | openssl aes-128-ecb -e -K `cat encryption.key` -nosalt | xxd -c 256 -p``
c. Generating SO Encrypted Password: The SO Encrypted Password uses a java based encryption utility since the Java encryption library is not easy to integrate with openssl/python that Robot uses in Dublin and upper versions.
Note
To generate SO openStackEncryptedPasswordHere
and openStackSoEncryptedPassword
ensure default-jdk is installed:
apt-get update; apt-get install default-jdk
Then execute:
SO_ENCRYPTION_KEY=`cat ~/oom/kubernetes/so/resources/config/mso/encryption.key`
OS_PASSWORD=XXXX_OS_CLEARTESTPASSWORD_XXXX
git clone http://gerrit.onap.org/r/integration
cd integration/deployment/heat/onap-rke/scripts
javac Crypto.java
java Crypto "$OS_PASSWORD" "$SO_ENCRYPTION_KEY"
Update the OpenStack parameters:
There are assumptions in the demonstration VNF Heat templates about the networking available in the environment. To get the most value out of these templates and the automation that can help confirm the setup is correct, please observe the following constraints.
openStackPublicNetId:
This network should allow Heat templates to add interfaces. This need not be an external network, floating IPs can be assigned to the ports on the VMs that are created by the heat template but its important that neutron allow ports to be created on them.
openStackPrivateNetCidr: "10.0.0.0/16"
This ip address block is used to assign OA&M addresses on VNFs to allow ONAP connectivity. The demonstration Heat templates assume that 10.0 prefix can be used by the VNFs and the demonstration ip addressing plan embodied in the preload template prevent conflicts when instantiating the various VNFs. If you need to change this, you will need to modify the preload data in the Robot Helm chart like integration_preload_parameters.py and the demo/heat/preload_data in the Robot container. The size of the CIDR should be sufficient for ONAP and the VMs you expect to create.
openStackOamNetworkCidrPrefix: "10.0"
This ip prefix mush match the openStackPrivateNetCidr and is a helper variable to some of the Robot scripts for demonstration. A production deployment need not worry about this setting but for the demonstration VNFs the ip asssignment strategy assumes 10.0 ip prefix.
Example Keystone v2.0
#################################################################
# This override file configures openstack parameters for ONAP
#################################################################
appc:
config:
enableClustering: false
openStackType: "OpenStackProvider"
openStackName: "OpenStack"
# OS_AUTH_URL from the openstack .RC file
openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0"
openStackServiceTenantName: "OPENSTACK_TENANTNAME_HERE"
# OS_USER_DOMAIN_NAME from the openstack .RC file
openStackDomain: "Default"
openStackUserName: "OPENSTACK_USERNAME_HERE"
openStackEncryptedPassword: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PASSWORD_HERE_XXXXXXXXXXXXXXXX"
robot:
appcUsername: "appc@appc.onap.org"
appcPassword: "demo123456!"
# OS_AUTH_URL without the /v2.0 from the openstack .RC file
openStackKeyStoneUrl: "http://10.12.25.2:5000"
# From openstack network list output
openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4"
# tenantID=`openstack project show $tenantName | grep -w id | awk '{print $4}'`
# where "tenantName" is OS_PROJECT_NAME from openstack .RC file
openStackTenantId: "09d8566ea45e43aa974cf447ed591d77"
openStackUserName: "OPENSTACK_USERNAME_HERE"
ubuntu14Image: "ubuntu-14-04-cloud-amd64"
ubuntu16Image: "ubuntu-16-04-cloud-amd64"
# From openstack network list output
openStackPrivateNetId: "c7824f00-bef7-4864-81b9-f6c3afabd313"
# From openstack network list output
openStackPrivateSubnetId: "2a0e8888-f93e-4615-8d28-fc3d4d087fc3"
openStackPrivateNetCidr: "10.0.0.0/16"
# From openstack security group list output
openStackSecurityGroup: "3a7a1e7e-6d15-4264-835d-fab1ae81e8b0"
openStackOamNetworkCidrPrefix: "10.0"
# Control node IP
dcaeCollectorIp: "10.12.6.88"
# SSH public key
vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh"
demoArtifactsVersion: "1.4.0-SNAPSHOT"
demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases"
scriptVersion: "1.4.0-SNAPSHOT"
# rancher node IP where RKE configired
rancherIpAddress: "10.12.5.127"
config:
# openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment
openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX"
so:
# so server configuration
so-catalog-db-adapter:
config:
openStackUserName: "OPENSTACK_USERNAME_HERE"
# OS_AUTH_URL from the openstack .RC file
openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0"
openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX"
Example Keystone v3 (required for Rocky and later releases)
#################################################################
# This override file configures openstack parameters for ONAP
#################################################################
robot:
enabled: true
flavor: large
appcUsername: "appc@appc.onap.org"
appcPassword: "demo123456!"
# KEYSTONE Version 3 Required for Rocky and beyond
openStackKeystoneAPIVersion: "v3"
# OS_AUTH_URL without the /v3 from the openstack .RC file
openStackKeyStoneUrl: "http://10.12.25.2:5000"
# tenantID=`openstack project show $tenantName | grep -w id | awk '{print $4}'`
# where "tenantName" is OS_PROJECT_NAME from openstack .RC file
openStackTenantId: "09d8566ea45e43aa974cf447ed591d77"
# OS_USERNAME from the openstack .RC file
openStackUserName: "OS_USERNAME_HERE"
# OS_PROJECT_DOMAIN_ID from the openstack .RC file
# in some environments it is a string but in other environmens it may be a numeric
openStackDomainId: "default"
# OS_USER_DOMAIN_NAME from the openstack .RC file
openStackUserDomain: "Default"
openStackProjectName: "OPENSTACK_PROJECT_NAME_HERE"
ubuntu14Image: "ubuntu-14-04-cloud-amd64"
ubuntu16Image: "ubuntu-16-04-cloud-amd64"
# From openstack network list output
openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4"
# From openstack network list output
openStackPrivateNetId: "83c84b68-80be-4990-8d7f-0220e3c6e5c8"
# From openstack network list output
openStackPrivateSubnetId: "e571c1d1-8ac0-4744-9b40-c3218d0a53a0"
openStackPrivateNetCidr: "10.0.0.0/16"
openStackOamNetworkCidrPrefix: "10.0"
# From openstack security group list output
openStackSecurityGroup: "bbe028dc-b64f-4f11-a10f-5c6d8d26dc89"
dcaeCollectorIp: "10.12.6.109"
# SSH public key
vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh"
demoArtifactsVersion: "1.4.0"
demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases"
scriptVersion: "1.4.0"
# rancher node IP where RKE configired
rancherIpAddress: "10.12.6.160"
config:
# use the python utility to encrypt the OS_PASSWORD for the OS_USERNAME
openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PYTHON_PASSWORD_HERE_XXXXXXXXXXXXXXXX"
openStackSoEncryptedPassword: "YYYYYYYYYYYYYYYYYYYYYYYY_OPENSTACK_JAVA_PASSWORD_HERE_YYYYYYYYYYYYYYYY"
so:
enabled: true
so-catalog-db-adapter:
config:
openStackUserName: "OS_USERNAME_HERE"
# OS_AUTH_URL (keep the /v3) from the openstack .RC file
openStackKeyStoneUrl: "http://10.12.25.2:5000/v3"
# use the SO Java utility to encrypt the OS_PASSWORD for the OS_USERNAME
openStackEncryptedPasswordHere: "YYYYYYYYYYYYYYYYYYYYYYYY_OPENSTACK_JAVA_PASSWORD_HERE_YYYYYYYYYYYYYYYY"
appc:
enabled: true
replicaCount: 3
config:
enableClustering: true
openStackType: "OpenStackProvider"
openStackName: "OpenStack"
# OS_AUTH_URL from the openstack .RC file
openStackKeyStoneUrl: "http://10.12.25.2:5000/v3"
openStackServiceTenantName: "OPENSTACK_PROJECT_NAME_HERE"
openStackDomain: "OPEN_STACK_DOMAIN_NAME_HERE"
openStackUserName: "OS_USER_NAME_HERE"
openStackEncryptedPassword: "OPENSTACK_CLEAR_TEXT_PASSWORD_HERE"
Step 6. To setup a local Helm server to server up the ONAP charts:
> chartmuseum --storage local --storage-local-rootdir ~/helm3-storage -port 8879 &
Note the port number that is listed and use it in the Helm repo add as follows:
> helm repo add local http://127.0.0.1:8879
Step 7. Verify your Helm repository setup with:
> helm repo list
NAME URL
local http://127.0.0.1:8879
Step 8. Build a local Helm repository (from the kubernetes directory):
> make SKIP_LINT=TRUE [HELM_BIN=<HELM_PATH>] all ; make SKIP_LINT=TRUE [HELM_BIN=<HELM_PATH>] onap
- HELM_BIN
Sets the helm binary to be used. The default value use helm from PATH
Step 9. Display the onap charts that available to be deployed:
> helm repo update
> helm search repo onap
NAME CHART VERSION APP VERSION DESCRIPTION
local/onap 9.0.0 Istanbul Open Network Automation Platform (ONAP)
local/aaf 9.0.0 ONAP Application Authorization Framework
local/aai 9.0.0 ONAP Active and Available Inventory
local/appc 9.0.0 Application Controller
local/cassandra 9.0.0 ONAP cassandra
local/cds 9.0.0 ONAP Controller Design Studio (CDS)
local/clamp 9.0.0 ONAP Clamp
local/cli 9.0.0 ONAP Command Line Interface
local/common 9.0.0 Common templates for inclusion in other charts
local/consul 9.0.0 ONAP Consul Agent
local/contrib 9.0.0 ONAP optional tools
local/cps 9.0.0 ONAP Configuration Persistene Service (CPS)
local/dcaegen2 9.0.0 ONAP DCAE Gen2
local/dgbuilder 9.0.0 D.G. Builder application
local/dmaap 9.0.0 ONAP DMaaP components
local/log 9.0.0 ONAP Logging ElasticStack
local/mariadb-galera 9.0.0 Chart for MariaDB Galera cluster
local/mongo 9.0.0 MongoDB Server
local/msb 9.0.0 ONAP MicroServices Bus
local/multicloud 9.0.0 ONAP multicloud broker
local/music 9.0.0 MUSIC - Multi-site State Coordination Service
local/mysql 9.0.0 MySQL Server
local/nbi 9.0.0 ONAP Northbound Interface
local/network-name-gen 9.0.0 Name Generation Micro Service
local/nfs-provisioner 9.0.0 NFS provisioner
local/oof 9.0.0 ONAP Optimization Framework
local/policy 9.0.0 ONAP Policy Administration Point
local/pomba 9.0.0 ONAP Post Orchestration Model Based Audit
local/portal 9.0.0 ONAP Web Portal
local/postgres 9.0.0 ONAP Postgres Server
local/robot 9.0.0 A helm Chart for kubernetes-ONAP Robot
local/sdc 9.0.0 Service Design and Creation Umbrella Helm charts
local/sdnc 9.0.0 SDN Controller
local/sdnc-prom 9.0.0 ONAP SDNC Policy Driven Ownership Management
local/sniro-emulator 9.0.0 ONAP Mock Sniro Emulator
local/so 9.0.0 ONAP Service Orchestrator
local/uui 9.0.0 ONAP uui
local/vfc 9.0.0 ONAP Virtual Function Controller (VF-C)
local/vid 9.0.0 ONAP Virtual Infrastructure Deployment
local/vnfsdk 9.0.0 ONAP VNF SDK
Note
The setup of the Helm repository is a one time activity. If you make changes
to your deployment charts or values be sure to use make
to update your
local Helm repository.
Step 10. Once the repo is setup, installation of ONAP can be done with a single command
Note
The --timeout 900s
is currently required in Dublin and later
versions up to address long running initialization tasks for DMaaP
and SO. Without this timeout value both applications may fail to
deploy.
Danger
We’ve added the master password on the command line. You shouldn’t put it in a file for safety reason please don’t forget to change the value to something random
A space is also added in front of the command so “history” doesn’t catch it. This masterPassword is very sensitive, please be careful!
To deploy all ONAP applications use this command:
> cd oom/kubernetes
> helm deploy dev local/onap --namespace onap --create-namespace --set global.masterPassword=myAwesomePasswordThatINeedToChange -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900s
All override files may be customized (or replaced by other overrides) as per needs.
- onap-all.yaml
Enables the modules in the ONAP deployment. As ONAP is very modular, it is possible to customize ONAP and disable some components through this configuration file.
- onap-all-ingress-nginx-vhost.yaml
Alternative version of the onap-all.yaml but with global ingress controller enabled. It requires the cluster configured with the nginx ingress controller and load balancer. Please use this file instead onap-all.yaml if you want to use experimental ingress controller feature.
- environment.yaml
Includes configuration values specific to the deployment environment.
Example: adapt readiness and liveness timers to the level of performance of your infrastructure
- openstack.yaml
Includes all the OpenStack related information for the default target tenant you want to use to deploy VNFs from ONAP and/or additional parameters for the embedded tests.
Step 11. Verify ONAP installation
Use the following to monitor your deployment and determine when ONAP is ready for use:
> kubectl get pods -n onap -o=wide
Note
While all pods may be in a Running state, it is not a guarantee that all components are running fine.
Launch the healthcheck tests using Robot to verify that the components are healthy:
> ~/oom/kubernetes/robot/ete-k8s.sh onap health
Step 12. Undeploy ONAP
> helm undeploy dev
More examples of using the deploy and undeploy plugins can be found here: https://wiki.onap.org/display/DW/OOM+Helm+%28un%29Deploy+plugins