OOM Base Platform

As part of the initial base setup of the host Kubernetes cluster, the following mandatory installation and configuration steps must be completed.

For additional platform add-ons, see the OOM Optional Addons section.

Install & configure kubectl

The Kubernetes command line interface used to manage a Kubernetes cluster needs to be installed and configured to run as non root.

For additional information regarding kubectl installation and configuration see the kubectl installation guide

To install kubectl, execute the following, replacing the <recommended-kubectl-version> with the version defined in the OOM Software Requirements (base) table:

> curl -LO https://dl.k8s.io/release/v<recommended-kubectl-version>/bin/linux/amd64/kubectl

> chmod +x ./kubectl

> sudo mv ./kubectl /usr/local/bin/kubectl

> mkdir ~/.kube

> cp kube_config_cluster.yml ~/.kube/config.onap

> export KUBECONFIG=~/.kube/config.onap

> kubectl config use-context onap

Validate the installation:

> kubectl get nodes
NAME             STATUS   ROLES               AGE     VERSION
onap-control-1   Ready    controlplane,etcd   3h53m   v1.23.8
onap-control-2   Ready    controlplane,etcd   3h53m   v1.23.8
onap-k8s-1       Ready    worker              3h53m   v1.23.8
onap-k8s-2       Ready    worker              3h53m   v1.23.8
onap-k8s-3       Ready    worker              3h53m   v1.23.8
onap-k8s-4       Ready    worker              3h53m   v1.23.8
onap-k8s-5       Ready    worker              3h53m   v1.23.8
onap-k8s-6       Ready    worker              3h53m   v1.23.8

Install & configure helm

Helm is used for package and configuration management of the relevant helm charts. For additional information, see the helm installation guide

To install helm, execute the following, replacing the <recommended-helm-version> with the version defined in the OOM Software Requirements (base) table:

> wget https://get.helm.sh/helm-v<recommended-helm-version>-linux-amd64.tar.gz

> tar -zxvf helm-v<recommended-helm-version>-linux-amd64.tar.gz

> sudo mv linux-amd64/helm /usr/local/bin/helm

Verify the helm version with:

> helm version

Helm’s default CNCF provided Curated applications for Kubernetes repository called stable can be removed to avoid confusion:

> helm repo remove stable

Install the additional OOM plugins required to un/deploy the OOM helm charts:

> git clone http://gerrit.onap.org/r/oom

> cp -R ~/oom/kubernetes/helm/plugins/ /usr/local/bin/helm/plugins

Verify the plugins are installed:

> helm plugin ls
deploy      1.0.0     install (upgrade if release exists) parent charty and all subcharts as separate but related releases
undeploy    1.0.0     delete parent chart and subcharts that were deployed as separate releases

Install the strimzi kafka operator

Strimzi Apache Kafka provides a way to run an Apache Kafka cluster on Kubernetes in various deployment configurations by using kubernetes operators. Operators are a method of packaging, deploying, and managing Kubernetes applications.

Strimzi Operators extend the Kubernetes functionality, automating common and complex tasks related to a Kafka deployment. By implementing knowledge of Kafka operations in code, the Kafka administration tasks are simplified and require less manual intervention.

The Strimzi cluster operator is deployed using helm to install the parent chart containing all of the required custom resource definitions. This should be done by a kubernetes administrator to allow for deployment of custom resources in to any kubernetes namespace within the cluster.

Full installation instructions can be found in the Strimzi Apache Kafka Operator helm Installation documentation.

To add the required helm repository, execute the following:

> helm repo add strimzi https://strimzi.io/charts/

To install the strimzi kafka operator, execute the following, replacing the <recommended-strimzi-version> with the version defined in the OOM Software Requirements (base) table:

> helm install strimzi-kafka-operator strimzi/strimzi-kafka-operator --namespace strimzi-system --version <recommended-strimzi-version> --set watchAnyNamespace=true --create-namespace

Verify the installation:

> kubectl get po -n strimzi-system
NAME                                        READY   STATUS    RESTARTS       AGE
strimzi-cluster-operator-7f7d6b46cf-mnpjr   1/1     Running   0              2m

Install Cert-Manager

Cert-Manager is a native Kubernetes certificate management controller. It can help with issuing certificates from a variety of sources, such as Let’s Encrypt, HashiCorp Vault, Venafi, a simple signing key pair, self signed or external issuers. It ensures certificates are valid and up to date, and attempt to renew certificates at a configured time before expiry.

Cert-Manager is deployed using regular YAML manifests which include all the needed resources (the CustomResourceDefinitions, cert-manager, namespace, and the webhook component).

Full installation instructions, including details on how to configure extra functionality in Cert-Manager can be found in the Cert-Manager Installation documentation.

There is also a kubectl plugin (kubectl cert-manager) that can help you to manage cert-manager resources inside your cluster. For installation steps, please refer to Cert-Manager kubectl plugin documentation.

To install cert-manager, execute the following, replacing the <recommended-cm-version> with the version defined in the OOM Software Requirements (base) table:

> kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v<recommended-cm-version>/cert-manager.yaml

Verify the installation:

> kubectl get po -n cert-manager
NAME                                       READY   STATUS    RESTARTS      AGE
cert-manager-776c4cfcb6-vgnpw              1/1     Running   0             2m
cert-manager-cainjector-7d9668978d-hdxf7   1/1     Running   0             2m
cert-manager-webhook-66c8f6c75-dxmtz       1/1     Running   0             2m