Versions Compared

Old Version 10

changes.mady.by.user Jack Lucas

Saved on

compared with

New Version 11

changes.mady.by.user Jack Lucas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

For information about the functionality provided by the Acumos adapter and about the adapter's architecture, see this overview.

...

These instructions assume that you are familiar with Helm and Kubernetes commands and can install the kubectl and helm executables on whatever machine you will be using for driving the installation process.

Build the OOM common chart

If you have used OOM to deploy DCAE and DCAE MOD, you've already done this, and the common chart is available in your local Helm repository.  If not, you need to download the ONAP OOM repository (https://gerrit.onap.org/r/admin/repos/oom). set up a local Helm repository instance, and build (at a minimum) the common chart.  See the OOM Quick Start Guide for more detailed instructions.

Set up appropriate networking arrangements

...

  1. Clone the ONAP dcaegen2/platform repository.
  2. Enter the Acumos Helm chart subdirectory (adapter/acumos-deployment) in the cloned repository.
  3. Populate the dependencies for the chart by executing:
    helm dep up

  4. Create a YAML file containing information about the Docker registry and the Acumos instance that the adapter will use.  The table below shows the properties that must be in this file.

    Property NameDescription
    dockerUserUser name to be used by the adapter to push images to the Docker registry
    dockerPassPassword to be used by the adapter to push images to the Docker registry
    dockerTargetRegistryAddress of the Docker registry where the adapter will push images, in the format host_name:port
    acumosCertThe certificate information needed for the adapter to authenticate itself to the Acumos instance, in PEM format.  The information contains the following elements, in this order:
    • The unencrypted private key associated with the certificate
    • The client certificate
    • If the certificate has been signed by one or more intermediate certificate authorities, the intermediate certificate authority certificates

    Note that this property is a multi-line string in YAML.

    Here is an example of the file, with some sensitive information truncated or omitted.

    dockerUser: example-user
    dockerPass: example-pass
    dockerTargetRegistry: nexus.example.com:18448
    acumosCert: |
      -----BEGIN PRIVATE KEY-----
      MII...
     (remainder of private key)
      -----END PRIVATE KEY-----
      -----BEGIN CERTIFICATE-----
      MII...
      (remainder of client certificate)
      -----END CERTIFICATE-----
      -----BEGIN CERTIFICATE-----
      MII...
     (remainder of intermediate CA certificate)
     -----END CERTIFICATE-----


  5. Deploy the Acumos adapter using helm:
    helm install -n helm_release_name --namespace namespace_of_running_onap_instance -f /path/to/yaml_file/path/to/acumos_adapter_chart_directory
    For example:
        Helm release name: testadapt
        Namespace of running ONAP instance: onap   
        YAML file with docker & cert info: ~/acumos-adapter-demo/overrides.yaml
        Executing in the directory holding the Acumos adapter Helm chart
    helm install -n testadapt --namespace onap -f ~/acumos-adapter-demo/overrides.yaml  .

  6. If the Docker registry requires authentication for pulling an image, some additional configuration will be needed.  After you've imported a model and used DCAE MOD to create a flow, you will want to deploy the flow using the blueprints generated by MOD.   The Cloudify Manager component executes the deployment operation, using a Kubernetes plugin (k8splugin). The plugin needs the Docker pull credentials to pass to Kubernetes, so that Kubernetes can pull the Docker images created by the adapter.  There are two steps:
    1. Create a Kubernetes image pull secret. (See the Kubernetes documentation for details.  The secret must be created in the namespace where the ONAP instance is running.  The command has the form:
      kubectl -n onap_namespace create secret docker-registry secret_name --docker-server=docker_registry_server --docker-username=docker_user --docker-password=docker_password
      For example, using the Docker information from the example in step 3 above and the namespace from the example in step 4, and choosing the name testadapt-adapter-pull-secret for the secret, the command would be:
      kubectl -n onap create secret docker-registry testadapt-adapter-pull-secret --docker-server=nexus.example.com:18448 --docker-username=example-user --docker-password=example-pass
    2. Make the secret available to the Kubernetes plugin.  The plugin's configuration, which includes is stored in the ONAP Consul key-value store, includes a list of image pull secrets to pass to Kubernetes.  You can use the Consul graphical interface to update the configuration.
      1. To make the Consul graphical interface accessible to your machine, set up Kubernetes port forwarding, using:
        kubectl -n onap_namespace port-forward svc/consul-server-ui 8500:8500
        where onap_namespace is the namespace where the ONAP instance is running.
        This will make the Consul UI service available on your machine at port 8500.
      2. Using a Web browser on your machine, navigate to http://localhost:8500/ui/#/dc1/kv/k8s-plugin/edit. This will take you to a page where you can edit the Kubernetes plugin configuration.  The current configuration is presented in a text box that you edit.  Change the line that reads:
        "image_pull_secrets" : ["onap-docker-registry-key"],
        to
        "image_pull_secrets" : ["onap-docker-registry-key", "secret_name"],
        where secret_name is the name you gave to the image pull secret you created in step a.
        Once you have made the change,  press the "Update" button under the text box.

        The image below shows the update using the secret name from the example in step a.

...