Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • helm_release: v3.8.2
  • kubernetes_release: v1.23.8
  • istio_release: 1.14.1
  • Cert-Manager: 1.5.4
  • Strimzi-Operator: 0.30.0 

Install Istio

Source: https://istio.io/latest/docs/setup/install/helm/

...

  • enabled: true → enables Ingress using: Nginx (when SM disabled), Istio IngressGateway (when SM enabled)  
  • virtualhost.baseurl: "simpledemo.onap.org" → sets globally the URL for all Interfaces set by the components, resulting in e.g. "aai-api.simpledemo.onap.org"
  • config.ssl: redirect → sets in the Ingress globally the redirection of all Interfaces from http (port 80) to https (port 443)
  • config.tls.secret: "..." → (optional) overrides the default selfsigned SSL certificate with a certificate stored in the specified secret
  • namespace: istio-ingress → (optional) overrides the namespace of the ingress gateway which is used for the created SSL certificate

Install ONAP

  1. Clone OOM repository from ONAP

    Code Block
    $ git clone -b <BRANCH> http://gerrit.onap.org/r/oom --recurse-submodules


  2. Create an ServiceMesh override file (here ~/onap-overides.yaml) with the following example content (including a workarround for DMAAP AAF issue)
    The Ingress configuration can be found in ~/oom/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml

    Code Block
    ---
    global:
      serviceMesh:
        enabled: true
        tls: true
      aafEnabled: false
      tlsEnabled: false
      msbEnabled: false
    
    aaf:
      # workarround for DMAAP SM issue
      enabled: true
      global:
        aafEnabled: true
    dmaap:
      # workarround for DMAAP SM issue
      global:
        aafEnabled: true


  3. Install Helm Plugins

    Code Block
    $ helm plugin install --version v0.10.2 https://github.com/chartmuseum/helm-push.git
    $ helm plugin install /opt/oom/kubernetes/helm/plugins/deploy
    $ helm plugin install /opt/oom/kubernetes/helm/plugins/undeploy


  4. Install ChartMuseum as Helm Registry, start it and add local repository

    Code Block
    $ curl -LO https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum
    $ chmod +x ./chartmuseum
    $ mv ./chartmuseum /usr/local/bin
    $ chartmuseum --storage local --storage-local-rootdir ~/helm3-storage -port 8879 &
    $ helm repo add local http://127.0.0.1:8879


  5. Compile ONAP helm charts (here with 4 parallel threads)

    Code Block
    $ cd ~/oom
    $ make all -j4


  6. Create ONAP namespace and label it Label namespace for Istio sidecar injection:

    Code Block
    $ kubectl create namespace onap
    $ kubectl label namespace onap istio-injection=enabled --overwrite=true


  7. Deploy ONAP:

    Code Block
    $ helm deploy onap local/onap --namespace onap --version 11.0.0 --values ~/oom/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml --values ~/oom/kubernetes/onap/resources/overrides/environment.yaml --values ~/onap-overrides.yaml --timeout '900s'


  8. Re-deploy or upgrade a single components (here platform)

    Code Block
    $ helm upgrade -i onap-platform local/platform --namespace onap --version 11.0.0 --values ~/oom/kubernetes/onap/values.yaml --values ~/oom/kubernetes/onap/resources/overrides/onap-all-ingress-istio.yaml --values ~/oom/kubernetes/onap/resources/overrides/environment.yaml --values ~/onap-overrides.yaml --timeout '900s'


Access ONAP APIs/UIs

In the ServiceMesh deployment the Istio IngressGateway is the only accesspoint for ONAP component interfaces.
Usually the Ingress is accessed via a LoadBalancer IP (<ingress-IP>, which is used as central address.
All APIs/UIs are provided via separate URLs which are routed to the component service.
To use these URLs they need to be resolvable via DNS or via /etc/hosts, here is the example:

Code Block
<ingress-IP> aaf-cm-api.simpledemo.onap.org
<ingress-IP> aaf-fs-api.simpledemo.onap.org
<ingress-IP> aaf-locate-api.simpledemo.onap.org
<ingress-IP> aaf-oauth-api.simpledemo.onap.org
<ingress-IP> aaf-service-api.simpledemo.onap.org
<ingress-IP> aaf-ui.simpledemo.onap.org
<ingress-IP> aai-api.simpledemo.onap.org
<ingress-IP> aai-babel-api.simpledemo.onap.org
<ingress-IP> aai-sparkybe-api.simpledemo.onap.org
<ingress-IP> appc-dgbuilder.simpledemo.onap.org
<ingress-IP> appc-api.simpledemo.onap.org
<ingress-IP> cds-blueprintsprocessor-api.simpledemo.onap.org
<ingress-IP> cds-ui.simpledemo.onap.org
<ingress-IP> cli-api.simpledemo.onap.org
<ingress-IP> cli2-api.simpledemo.onap.org
<ingress-IP> consul-api.simpledemo.onap.org
<ingress-IP> cps-core-api.simpledemo.onap.org
<ingress-IP> cps-ncmp-dmi-plugin-api.simpledemo.onap.org
<ingress-IP> cps-temporal-api.simpledemo.onap.org
<ingress-IP> dcaemod-distributor-api.simpledemo.onap.org
<ingress-IP> dcaemod-genprocessor-api.simpledemo.onap.org
<ingress-IP> dcaemod-nifi-ui.simpledemo.onap.org
<ingress-IP> dcaemod-nifi-api.simpledemo.onap.org
<ingress-IP> dcaemod-onboarding-api.simpledemo.onap.org
<ingress-IP> dmaap-bc-api.simpledemo.onap.org
<ingress-IP> dmaap-dr-node-api.simpledemo.onap.org
<ingress-IP> dmaap-dr-prov-api.simpledemo.onap.org
<ingress-IP> dmaap-mr-api.simpledemo.onap.org
<ingress-IP> keycloak-ui.simpledemo.onap.org
<ingress-IP> log-es-api.simpledemo.onap.org
<ingress-IP> log-kibana-ui.simpledemo.onap.org
<ingress-IP> log-ls-api.simpledemo.onap.org
<ingress-IP> log-ls-http-api.simpledemo.onap.org
<ingress-IP> msb-consul-api.simpledemo.onap.org
<ingress-IP> msb-discovery-api.simpledemo.onap.org
<ingress-IP> msb-eag-ui.simpledemo.onap.org
<ingress-IP> msb-iag-ui.simpledemo.onap.org
<ingress-IP> nbi-api.simpledemo.onap.org
<ingress-IP> oof-has-api.simpledemo.onap.org
<ingress-IP> oof-osdf-api.simpledemo.onap.org
<ingress-IP> policy-ui.simpledemo.onap.org
<ingress-IP> robot-api.simpledemo.onap.org
<ingress-IP> sdc-be-api.simpledemo.onap.org