ONAP/DCAE setup on single node using RKE

Note: Wiki in progress (added draft notes)

Infra Setup

1. Create a VM (VCPU:12, RAM: 64 GB, Storage: 160 GB)

   1. Size is based on minimum ONAP components (AAF, Consul, Dmaap, DCAE)

2. Download RKE version (For k8s compatibility - check https://github.com/rancher/rke/releases?page=1)

   1. wget https://github.com/rancher/rke/releases/download/v1.2.5/rke_linux-amd64   (https://rancher.com/docs/rke/latest/en/installation/) 

   2. OR  https://github.com/rancher/rke/releases/download/v1.2.8/rke_linux-amd64  (https://github.com/rancher/rke/releases/tag/v1.2.8)

   3. OR https://github.com/rancher/rke/releases/download/v1.3.7/rke_linux-amd64  (Note: nameserver 8.8.8.8 to the first line of /etc/resolv.conf)

   4. OR wget  https://github.com/rancher/rke/releases/download/v1.3.11/rke_linux-amd64  (https://github.com/rancher/rke/releases/tag/v1.3.11)

3. mv rke_linux-amd64 rke

4. chmod +x rke

5. export PATH=$PATH:.

6. rke config (to specifiy cluster config)

   1. copy  ssh_key_path: /home/ubuntu/onap_dev    (chmod 644 onap_dev)

   2. optionally attached file can be edited; change VM/IP and key  

      cluster.yml - v1.20

      # If you intened to deploy Kubernetes in an air-gapped environment, # please consult the documentation on how to configure custom RKE images. nodes: - address: localhost port: "22" internal_address: "" role: - controlplane - worker - etcd hostname_override: onap6-vv user: ubuntu docker_socket: /var/run/docker.sock ssh_key: "" ssh_key_path: /home/ubuntu/setup/onap_dev ssh_cert: "" ssh_cert_path: "" labels: {} taints: [] services: etcd: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] external_urls: [] ca_cert: "" cert: "" key: "" path: "" uid: 0 gid: 0 snapshot: null retention: "" creation: "" backup_config: null kube-api: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] service_cluster_ip_range: 10.43.0.0/16 service_node_port_range: "" pod_security_policy: false always_pull_images: false secrets_encryption_config: null audit_log: null admission_configuration: null event_rate_limit: null kube-controller: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] cluster_cidr: 10.42.0.0/16 service_cluster_ip_range: 10.43.0.0/16 scheduler: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] kubelet: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] cluster_domain: cluster.local infra_container_image: "" cluster_dns_server: 10.43.0.10 fail_swap_on: false generate_serving_certificate: false kubeproxy: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] network: plugin: canal options: {} mtu: 0 node_selector: {} update_strategy: null tolerations: [] authentication: strategy: x509 sans: [] webhook: null addons: "" addons_include: [] system_images: etcd: rancher/mirrored-coreos-etcd:v3.4.15-rancher1 alpine: rancher/rke-tools:v0.1.74 nginx_proxy: rancher/rke-tools:v0.1.74 cert_downloader: rancher/rke-tools:v0.1.74 kubernetes_services_sidecar: rancher/rke-tools:v0.1.74 kubedns: rancher/mirrored-k8s-dns-kube-dns:1.15.10 dnsmasq: rancher/mirrored-k8s-dns-dnsmasq-nanny:1.15.10 kubedns_sidecar: rancher/mirrored-k8s-dns-sidecar:1.15.10 kubedns_autoscaler: rancher/mirrored-cluster-proportional-autoscaler:1.8.1 coredns: rancher/mirrored-coredns-coredns:1.8.0 coredns_autoscaler: rancher/mirrored-cluster-proportional-autoscaler:1.8.1 nodelocal: rancher/mirrored-k8s-dns-node-cache:1.15.13 kubernetes: rancher/hyperkube:v1.20.6-rancher1 flannel: rancher/coreos-flannel:v0.13.0-rancher1 flannel_cni: rancher/flannel-cni:v0.3.0-rancher6 calico_node: rancher/mirrored-calico-node:v3.17.2 calico_cni: rancher/mirrored-calico-cni:v3.17.2 calico_controllers: rancher/mirrored-calico-kube-controllers:v3.17.2 calico_ctl: rancher/mirrored-calico-ctl:v3.17.2 calico_flexvol: rancher/mirrored-calico-pod2daemon-flexvol:v3.17.2 canal_node: rancher/mirrored-calico-node:v3.17.2 canal_cni: rancher/mirrored-calico-cni:v3.17.2 canal_controllers: rancher/mirrored-calico-kube-controllers:v3.17.2 canal_flannel: rancher/coreos-flannel:v0.13.0-rancher1 canal_flexvol: rancher/mirrored-calico-pod2daemon-flexvol:v3.17.2 weave_node: weaveworks/weave-kube:2.8.1 weave_cni: weaveworks/weave-npc:2.8.1 pod_infra_container: rancher/mirrored-pause:3.2 ingress: rancher/nginx-ingress-controller:nginx-0.43.0-rancher3 ingress_backend: rancher/mirrored-nginx-ingress-controller-defaultbackend:1.5-rancher1 metrics_server: rancher/mirrored-metrics-server:v0.4.1 windows_pod_infra_container: rancher/kubelet-pause:v0.1.6 aci_cni_deploy_container: noiro/cnideploy:5.1.1.0.1ae238a aci_host_container: noiro/aci-containers-host:5.1.1.0.1ae238a aci_opflex_container: noiro/opflex:5.1.1.0.1ae238a aci_mcast_container: noiro/opflex:5.1.1.0.1ae238a aci_ovs_container: noiro/openvswitch:5.1.1.0.1ae238a aci_controller_container: noiro/aci-containers-controller:5.1.1.0.1ae238a aci_gbp_server_container: noiro/gbp-server:5.1.1.0.1ae238a aci_opflex_server_container: noiro/opflex-server:5.1.1.0.1ae238a ssh_key_path: /home/ubuntu/onap_dev ssh_cert_path: "" ssh_agent_auth: false authorization: mode: rbac options: {} ignore_docker_version: null kubernetes_version: "" private_registries: [] ingress: provider: "" options: {} node_selector: {} extra_args: {} dns_policy: "" extra_envs: [] extra_volumes: [] extra_volume_mounts: [] update_strategy: null http_port: 0 https_port: 0 network_mode: "" tolerations: [] default_backend: null default_http_backend_priority_class_name: "" nginx_ingress_controller_priority_class_name: "" cluster_name: "" cloud_provider: name: "" prefix_path: "" win_prefix_path: "" addon_job_timeout: 0 bastion_host: address: "" port: "" user: "" ssh_key: "" ssh_key_path: "" ssh_cert: "" ssh_cert_path: "" monitoring: provider: "" options: {} node_selector: {} update_strategy: null replicas: null tolerations: [] metrics_server_priority_class_name: "" restore: restore: false snapshot_name: "" rotate_encryption_key: false dns: null

      
      
      

      
      
      

      cluster.yml - v1.22

      # If you intended to deploy Kubernetes in an air-gapped environment, # please consult the documentation on how to configure custom RKE images. nodes: - address: localhost port: "22" internal_address: "" role: - controlplane - worker - etcd hostname_override: "" user: ubuntu docker_socket: /var/run/docker.sock ssh_key: "" ssh_key_path: /home/ubuntu/onap_dev ssh_cert: "" ssh_cert_path: "" labels: {} taints: [] services: etcd: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] external_urls: [] ca_cert: "" cert: "" key: "" path: "" uid: 0 gid: 0 snapshot: null retention: "" creation: "" backup_config: null kube-api: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] service_cluster_ip_range: 10.43.0.0/16 service_node_port_range: "" pod_security_policy: false always_pull_images: false secrets_encryption_config: null audit_log: null admission_configuration: null event_rate_limit: null kube-controller: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] cluster_cidr: 10.42.0.0/16 service_cluster_ip_range: 10.43.0.0/16 scheduler: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] kubelet: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] cluster_domain: cluster.local infra_container_image: "" cluster_dns_server: 10.43.0.10 fail_swap_on: false generate_serving_certificate: false kubeproxy: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] network: plugin: canal options: {} mtu: 0 node_selector: {} update_strategy: null tolerations: [] authentication: strategy: x509 sans: [] webhook: null addons: "" addons_include: [] system_images: etcd: rancher/mirrored-coreos-etcd:v3.5.0 alpine: rancher/rke-tools:v0.1.78 nginx_proxy: rancher/rke-tools:v0.1.78 cert_downloader: rancher/rke-tools:v0.1.78 kubernetes_services_sidecar: rancher/rke-tools:v0.1.78 kubedns: rancher/mirrored-k8s-dns-kube-dns:1.17.4 dnsmasq: rancher/mirrored-k8s-dns-dnsmasq-nanny:1.17.4 kubedns_sidecar: rancher/mirrored-k8s-dns-sidecar:1.17.4 kubedns_autoscaler: rancher/mirrored-cluster-proportional-autoscaler:1.8.3 coredns: rancher/mirrored-coredns-coredns:1.8.6 coredns_autoscaler: rancher/mirrored-cluster-proportional-autoscaler:1.8.5 nodelocal: rancher/mirrored-k8s-dns-node-cache:1.21.1 kubernetes: rancher/hyperkube:v1.22.6-rancher1 flannel: rancher/mirrored-coreos-flannel:v0.15.1 flannel_cni: rancher/flannel-cni:v0.3.0-rancher6 calico_node: rancher/mirrored-calico-node:v3.21.1 calico_cni: rancher/mirrored-calico-cni:v3.21.1 calico_controllers: rancher/mirrored-calico-kube-controllers:v3.21.1 calico_ctl: rancher/mirrored-calico-ctl:v3.21.1 calico_flexvol: rancher/mirrored-calico-pod2daemon-flexvol:v3.21.1 canal_node: rancher/mirrored-calico-node:v3.21.1 canal_cni: rancher/mirrored-calico-cni:v3.21.1 canal_controllers: rancher/mirrored-calico-kube-controllers:v3.21.1 canal_flannel: rancher/mirrored-coreos-flannel:v0.15.1 canal_flexvol: rancher/mirrored-calico-pod2daemon-flexvol:v3.21.1 weave_node: weaveworks/weave-kube:2.8.1 weave_cni: weaveworks/weave-npc:2.8.1 pod_infra_container: rancher/mirrored-pause:3.5 ingress: rancher/nginx-ingress-controller:nginx-1.1.0-rancher1 ingress_backend: rancher/mirrored-nginx-ingress-controller-defaultbackend:1.5-rancher1 ingress_webhook: rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.1.1 metrics_server: rancher/mirrored-metrics-server:v0.5.1 windows_pod_infra_container: rancher/kubelet-pause:v0.1.6 aci_cni_deploy_container: noiro/cnideploy:5.1.1.0.1ae238a aci_host_container: noiro/aci-containers-host:5.1.1.0.1ae238a aci_opflex_container: noiro/opflex:5.1.1.0.1ae238a aci_mcast_container: noiro/opflex:5.1.1.0.1ae238a aci_ovs_container: noiro/openvswitch:5.1.1.0.1ae238a aci_controller_container: noiro/aci-containers-controller:5.1.1.0.1ae238a aci_gbp_server_container: noiro/gbp-server:5.1.1.0.1ae238a aci_opflex_server_container: noiro/opflex-server:5.1.1.0.1ae238a ssh_key_path: ~/.ssh/id_rsa ssh_cert_path: "" ssh_agent_auth: false authorization: mode: rbac options: {} ignore_docker_version: null enable_cri_dockerd: null kubernetes_version: "" private_registries: [] ingress: provider: "" options: {} node_selector: {} extra_args: {} dns_policy: "" extra_envs: [] extra_volumes: [] extra_volume_mounts: [] update_strategy: null http_port: 0 https_port: 0 network_mode: "" tolerations: [] default_backend: null default_http_backend_priority_class_name: "" nginx_ingress_controller_priority_class_name: "" default_ingress_class: null cluster_name: "" cloud_provider: name: "" prefix_path: "" win_prefix_path: "" addon_job_timeout: 0 bastion_host: address: "" port: "" user: "" ssh_key: "" ssh_key_path: "" ssh_cert: "" ssh_cert_path: "" ignore_proxy_env_vars: false monitoring: provider: "" options: {} node_selector: {} update_strategy: null replicas: null tolerations: [] metrics_server_priority_class_name: "" restore: restore: false snapshot_name: "" rotate_encryption_key: false dns: null  

      
      
      

      cluster.yml - v1.23.6

      # If you intended to deploy Kubernetes in an air-gapped environment, # please consult the documentation on how to configure custom RKE images. nodes: - address: 10.15.100.108 port: "22" internal_address: "" role: - controlplane - worker - etcd hostname_override: "" user: ubuntu docker_socket: /var/run/docker.sock ssh_key: "" ssh_key_path: /home/ubuntu/onap_dev ssh_cert: "" ssh_cert_path: "" labels: {} taints: [] services: etcd: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] external_urls: [] ca_cert: "" cert: "" key: "" path: "" uid: 0 gid: 0 snapshot: null retention: "" creation: "" backup_config: null kube-api: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] service_cluster_ip_range: 10.43.0.0/16 service_node_port_range: "" pod_security_policy: false always_pull_images: false secrets_encryption_config: null audit_log: null admission_configuration: null event_rate_limit: null kube-controller: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] cluster_cidr: 10.42.0.0/16 service_cluster_ip_range: 10.43.0.0/16 scheduler: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] kubelet: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] cluster_domain: cluster.local infra_container_image: "" cluster_dns_server: 10.43.0.10 fail_swap_on: false generate_serving_certificate: false kubeproxy: image: "" extra_args: {} extra_binds: [] extra_env: [] win_extra_args: {} win_extra_binds: [] win_extra_env: [] network: plugin: canal options: {} mtu: 0 node_selector: {} update_strategy: null tolerations: [] authentication: strategy: x509 sans: [] webhook: null addons: "" addons_include: [] system_images: etcd: rancher/mirrored-coreos-etcd:v3.5.3 alpine: rancher/rke-tools:v0.1.80 nginx_proxy: rancher/rke-tools:v0.1.80 cert_downloader: rancher/rke-tools:v0.1.80 kubernetes_services_sidecar: rancher/rke-tools:v0.1.80 kubedns: rancher/mirrored-k8s-dns-node-cache:1.21.1 dnsmasq: rancher/mirrored-k8s-dns-dnsmasq-nanny:1.21.1 kubedns_sidecar: rancher/mirrored-k8s-dns-sidecar:1.21.1 kubedns_autoscaler: rancher/mirrored-cluster-proportional-autoscaler:1.8.5 coredns: rancher/mirrored-coredns-coredns:1.9.0 coredns_autoscaler: rancher/mirrored-cluster-proportional-autoscaler:1.8.5 nodelocal: rancher/mirrored-k8s-dns-node-cache:1.21.1 kubernetes: rancher/hyperkube:v1.23.6-rancher1 flannel: rancher/mirrored-coreos-flannel:v0.15.1 flannel_cni: rancher/flannel-cni:v0.3.0-rancher6 calico_node: rancher/mirrored-calico-node:v3.22.0 calico_cni: rancher/mirrored-calico-cni:v3.22.0 calico_controllers: rancher/mirrored-calico-kube-controllers:v3.22.0 calico_ctl: rancher/mirrored-calico-ctl:v3.22.0 calico_flexvol: rancher/mirrored-calico-pod2daemon-flexvol:v3.22.0 canal_node: rancher/mirrored-calico-node:v3.22.0 canal_cni: rancher/mirrored-calico-cni:v3.22.0 canal_controllers: rancher/mirrored-calico-kube-controllers:v3.22.0 canal_flannel: rancher/mirrored-flannelcni-flannel:v0.17.0 canal_flexvol: rancher/mirrored-calico-pod2daemon-flexvol:v3.22.0 weave_node: weaveworks/weave-kube:2.8.1 weave_cni: weaveworks/weave-npc:2.8.1 pod_infra_container: rancher/mirrored-pause:3.6 ingress: rancher/nginx-ingress-controller:nginx-1.2.0-rancher1 ingress_backend: rancher/mirrored-nginx-ingress-controller-defaultbackend:1.5-rancher1 ingress_webhook: rancher/mirrored-ingress-nginx-kube-webhook-certgen:v1.1.1 metrics_server: rancher/mirrored-metrics-server:v0.6.1 windows_pod_infra_container: rancher/mirrored-pause:3.6 aci_cni_deploy_container: noiro/cnideploy:5.1.1.0.1ae238a aci_host_container: noiro/aci-containers-host:5.1.1.0.1ae238a aci_opflex_container: noiro/opflex:5.1.1.0.1ae238a aci_mcast_container: noiro/opflex:5.1.1.0.1ae238a aci_ovs_container: noiro/openvswitch:5.1.1.0.1ae238a aci_controller_container: noiro/aci-containers-controller:5.1.1.0.1ae238a aci_gbp_server_container: noiro/gbp-server:5.1.1.0.1ae238a aci_opflex_server_container: noiro/opflex-server:5.1.1.0.1ae238a ssh_key_path: /home/ubuntu/onap_dev ssh_cert_path: "" ssh_agent_auth: false authorization: mode: rbac options: {} ignore_docker_version: null enable_cri_dockerd: null kubernetes_version: "" private_registries: [] ingress: provider: "" options: {} node_selector: {} extra_args: {} dns_policy: "" extra_envs: [] extra_volumes: [] extra_volume_mounts: [] update_strategy: null http_port: 0 https_port: 0 network_mode: "" tolerations: [] default_backend: null default_http_backend_priority_class_name: "" nginx_ingress_controller_priority_class_name: "" default_ingress_class: null cluster_name: "" cloud_provider: name: "" prefix_path: "" win_prefix_path: "" addon_job_timeout: 0 bastion_host: address: "" port: "" user: "" ssh_key: "" ssh_key_path: "" ssh_cert: "" ssh_cert_path: "" ignore_proxy_env_vars: false monitoring: provider: "" options: {} node_selector: {} update_strategy: null replicas: null tolerations: [] metrics_server_priority_class_name: "" restore: restore: false snapshot_name: "" rotate_encryption_key: false dns: null  

      
      
      

7. sudo apt-get update; sudo apt install docker.io

8. sudo usermod -a -G docker ubuntu

9.  rke up

10.  docker ps

11. Switch to root (sudo su -)

12.  Install helm - https://wiki.onap.org/display/DW/Setup+helm3+for+oom

    1. Export required helm version

       1. export HELM_VERSION=v3.5.2  # Honolulu 

       2. export HELM_VERSION=v3.5.4  # Istanbul  - wget https://get.helm.sh/helm-v3.5.4-linux-amd64.tar.gz

       3. export HELM_VERSION=v3.6.3  # Jakarta  - wget https://get.helm.sh/helm-v3.6.3-linux-amd64.tar.gz

       4. export HELM_VERSION=v3.8.2  # Kohn- wget https://get.helm.sh/helm-v3.8.2-linux-amd64.tar.gz

    2.  wget https://get.helm.sh/helm-$HELM_VERSION-linux-amd64.tar.gz

    3.  tar -zxvf helm-$HELM_VERSION-linux-amd64.tar.gz

    4.  sudo mv linux-amd64/helm /usr/local/bin/helm-$HELM_VERSION

    5.  sudo rm /usr/local/bin/helm

    6.  sudo ln -s /usr/local/bin/helm-$HELM_VERSION /usr/local/bin/helm

13. Setup kubectl

    1. cd 

    2. curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl"
       
       

    3. chmod +x ./kubectl

    4. sudo mv ./kubectl /usr/local/bin/kubectl

    5. mkdir .kube

    6. cp /home/ubuntu/kube_config_cluster.yml .kube/config

14. helm list

15. chmod 700 /root/.kube/config

ONAP Installation

(Extract from https://docs.onap.org/projects/onap-oom/en/latest/oom_quickstart_guide.html)

(as root user)

1.  git clone -b <BRANCH> http://gerrit.onap.org/r/oom --recurse-submodules    <oom.yymmdd>

   1. ln -s <oom.yymmdd> oom
      
      

2. Helm plugin install

   1. Jakarta - helm plugin install https://github.com/chartmuseum/helm-push.git --version 0.9.0

   2. Kohn - helm plugin install https://github.com/chartmuseum/helm-push.git --version v0.10.3

3. cp -R ~/oom/kubernetes/helm/plugins/* ~/.local/share/helm/plugins/

4. curl -LO https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum; chmod +x ./chartmuseum ;  mv ./chartmuseum /usr/local/bin

5. chartmuseum --storage local --storage-local-rootdir ~/helm3-storage -port 8879 &

6. helm repo add local http://127.0.0.1:8879

7. helm repo list

8. apt install make

9. cd oom/kubernetes/

10. make SKIP_LINT=TRUE all; make SKIP_LINT=TRUE onap

11. Install Strimzi Kafka operator  (from Step 4.1 - https://docs.onap.org/projects/onap-oom/en/latest/oom_quickstart_guide.html) 

    ^{helm repo add strimzi https://strimzi.io/charts/
    helm install strimzi-kafka-operator strimzi/strimzi-kafka-operator --namespace strimzi-system --version 0.28.0 --set watchAnyNamespace=true --create-namespace
    (use version 0.35.0 for London)}

    
    
    

12. helm deploy dev local/onap --namespace onap --create-namespace -f ~/onap6-override.yaml --set global.masterPassword=test1 --set global.pullPolicy=IfNotPresent

    1. Following needed for MOD
       helm install -name dev-chartmuseum local/chartmuseum -n onap  --create-namespace -f ~/UNH-onap2-override.yaml --set global.masterPassword=test1 --set global.pullPolicy=IfNotPresent
       Complete MOD deploy - DCAE MOD Flow for Helm Flow (Jakarta)
       
       
       

Other command references

1. helm install -name onap-dcaemod local/dcaemod -n onap  -f ~/UNH-onap2-override.yaml --set global.masterPassword=test1 --set global.pullPolicy=IfNotPresent
   
   

2. helm delete onap-dcaemod --namespace onap

3. helm undeploy onap --namespace onap
   
   

4. helm install -name dev-slice-analysis -n onap .  -f ~/onap-1-override.yaml --set global.masterPassword=test1 --set global.pullPolicy=IfNotPresent

External reference