SMO deployment based on ONAP-Frankfurt-Release
- OAM-47Getting issue details... STATUS
This procedure provides:
- ONAP-DCAE
- ONAP-DMaaP
- ONAP-SDNC (single node, SMO functionality)
Limitations (wip):
- AAF: not yet supported
- ONAP-SDNC OOM deployment not yet on master branch.
Prerequisites:
- kubernetes cluster (1.13.5)
- helm installation (2.16.x)
- More details: setup cloud environment(openstack/kubernetes) https://docs.onap.org/en/elalto/guides/onap-developer/settingup/index.html
Setup
- clone oom repo from gerrit.onap.org
- fetch patchset for ONAP-SDNC
mkdir ~/workspace cd ~/workspace git clone -b frankfurt http://gerrit.onap.org/r/oom --recurse-submodules oom_smo cd oom_smo git fetch "https://gerrit.onap.org/r/oom" refs/changes/31/106331/6 && git checkout FETCH_HEAD # HEAD is now at 275f7de9 [SDNC] oom for clustered disaggregated SDN-R sudo cp -R ~/workspace/oom_smo/kubernetes/helm/plugins/ ~/.helm
- verifiy if local helm repo is available, otherwise follow intructions in onap setup
helm repo list #NAME URL #stable https://kubernetes-charts.storage.googleapis.com #local http://127.0.0.1:8879
- build local onap helm repo
cd ~/workspace/oom_smo/kubernetes make all; make onap # take a coffee helm search onap
- create an overwrite yaml file, e.g. deploy_smo_bronce.yaml
cat ~/workspace/smo/deploy_smo_bronce.yaml # Copyright © 2020 Amdocs, Bell Canada, highstreet technologies GmbH # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ################################################################### # This override file enables helm charts for all ONAP applications. ################################################################### global: aafEnabled: false masterPassword: Berlin1234! cassandra: enabled: false mariadb-galera: enabled: true aaf: enabled: false aai: enabled: false appc: enabled: false clamp: enabled: false cli: enabled: false consul: enabled: true contrib: enabled: false dcaegen2: enabled: true dmaap: enabled: true esr: enabled: false log: enabled: false sniro-emulator: enabled: false oof: enabled: false msb: enabled: true multicloud: enabled: false nbi: enabled: false policy: enabled: false pomba: enabled: false portal: enabled: false robot: enabled: false sdc: enabled: false sdnc: enabled: true replicaCount: 1 config: sdnr: sdnrwt: true sdnronly: true sdnrmode: dm mountpointRegistrarEnabled: true mountpointStateProviderEnabled: true cds: enabled: false dmaap-listener: enabled: false ueb-listener: enabled: false sdnc-portal: enabled: false sdnc-ansible-server: enabled: false dgbuilder: enabled: false sdnc-web: enabled: false so: enabled: false uui: enabled: false vfc: enabled: false vid: enabled: false vnfsdk: enabled: false modeling: enabled: false
deploy smo
helm -n dev-smo local/onap -f ~/workspace/smo/deploy_smo_bronce.yaml --namespace onap --timeout 900
- verifiy deployment
helm ls
- verifiy pnf-registration, fault notification use case, please find examples for sending VES message in gerrit.
12 Comments
Kuldeep Negi
Can pointers to run pnf-registration and fault notification use cases be provided here ? Thanks.
Martin Skorupski
Such endpoints are configured in the ONAP-DCAE-VES -Collector charts. (Page still needs to be updated...)
Sylvain Desbureaux
Hello, I'm the current PTL of OOM (ONAP installer) and saw this page from this Jira ticket https://jira.onap.org/browse/OOM-2444.
I'm happy to see that you use it for ORAN
Although I believe there are some mistakes in the page.
The most important one is that you don't install AAF but I believe it's mandatory knowing the current state of ONAP (DMaaP retrieves its certificate from it and DCAE is using it also).
What I propose if you're OK:
deploy_smo_bronce.yaml
)Would you be OK?
We can also go further later on and see if we can do a daily deployment of ONAP + O-RAN with some automated tests in order to be sure it still works!
Don't hesitate to send me an email (firstName.name@orange.com) if you want!
Martin Skorupski
HeySylvain Desbureaux - thanks for your comment here -for Bronze we decided to go without AAF and also without some other very useful ONAP components. This will change for our next release "Cheery". And "Yes!" we are ok with your proposal - how couldn't we - Let's keep in synch for Guilin and Cheery.
I'd like to add John Keeney(O-RAN-SC PTL for Non-RT-RIC: an O-RAN-SC component which could/should be deployed together with ONAP components) and user-d3360(O-RAN-SC PTL for Integration) who is very interested in a "One-Click" deployment.
Alexander Dehn
Hi Sylvain,
Martin Skorupski (TPL for o-ran-sc/OAM) and myself are engaged here as well and try to keep all SMO activities as closed as possible to ONAP, especially OOM deployment,
This page provides an intermediate step to deploy SMO for a limited functionality and therefore it is still using a pending merge for the patchset https://gerrit.onap.org/r/c/oom/+/106331.
Finally the deployment should include AAF as well.
Your support is appreciated! It is a good idea to have specific SMO override files in ONAP-OOM and in future be part of gating process. We should go ahead as soon as we have the patchset merged into master.
Alexander Dehn
Hi Sylvain,
Martin Skorupski (TPL for o-ran-sc/OAM) and myself are engaged here as well and try to keep all SMO activities as closed as possible to ONAP, especially OOM deployment,
This page provides an intermediate step to deploy SMO for a limited functionality and therefore it is still using a pending merge for the patchset https://gerrit.onap.org/r/c/oom/+/106331.
Finally the deployment should include AAF as well.
Your support is appreciated! It is a good idea to have specific SMO override files in ONAP-OOM and in future be part of gating process. We should go ahead as soon as we have the patchset merged into master.
Himesh Shukla
Hi,
For deploy smo command:
helm -n dev-smo
local
/onap
-f ~
/workspace/smo/deploy_smo_bronce
.yaml --namespace onap --timeout 900
the keyword 'deploy' is missing and needs to be added. like for instance:
helm deploy -n dev-smo
local
/onap
-f ~
/workspace/smo/deploy_smo_bronce
.yaml --namespace onap --timeout 900
Damian Nowak
I have a question/perhaps an idea...
We`re providing here a Helm overrides file, which shall be used to install a reduced ONAP installation, containing requirements needed for ORAN SMO.
Would it make sense to simplify this, and create an ONAP Helm Chart profile, following this ORAN SMO components?
We already have such profiles for vFW use-case, E2E slicing use-case, and others..
They`re stored in ONAP OOM repo → oom/kubernetes/onap/resources/overrides:
-rwxrwxrwx 1 xyz xyz 5811 Nov 2 16:41 environment.yaml
-rwxrwxrwx 1 xyz xyz 4360 Nov 6 10:20 onap-5g-network-slicing.yaml
-rwxrwxrwx 1 xyz xyz 1652 Nov 2 16:41 onap-all-ingress-nginx-vhost.yaml
-rwxrwxrwx 1 xyz xyz 1901 Nov 2 16:41 onap-all.yaml
-rwxrwxrwx 1 xyz xyz 1245 Nov 2 16:41 onap-vfw.yaml
-rwxrwxrwx 1 xyz xyz 1948 Nov 2 16:41 oom-cert-service-environment.yaml
-rwxrwxrwx 1 xyz xyz 3301 Nov 2 16:41 openstack.yaml
-rwxrwxrwx 1 xyz xyz 3282 Nov 2 16:41 sm-onap.yaml
Prakash Kolan
Hello All,
We are trying to set up the SMO deployment for the above integration use case (oran with onap) using latest ONAP Guilin release. We are facing some issues setting it up. I appreciate if anyone can point us to a relevant fix. Upon executing the commands in this post, we see that the SDNC pod doesn't initialize. Looks like the oom-cert-service has an issue with the certificate authority. Details below:
Deploying onap : helm deploy dev local/onap --namespace onap -f onap/resources/overrides/onap-smo.yaml -f onap/resources/environments/public-cloud.yaml --set global.masterPassword=onap --verbose --timeout 900 &
Output of kubectl get pods --all-namespaces : attached log file all_pods.log
An extract of all pods log for sdnc related pods:
root@onap:~/logs_with_platform# kubectl get pods -n onap | grep sdn
dev-sdnc-0 0/2 Init:CrashLoopBackOff 15 54m
dev-sdnc-db-0 1/1 Running 0 54m
dev-sdnc-sdnrdb-init-job-pgtkm 0/1 Completed 0 54m
dev-sdnrdb-coordinating-only-f67f77bf6-h4wj4 2/2 Running 0 54m
dev-sdnrdb-master-0 1/1 Running 0 54m
dev-sdnrdb-master-1 1/1 Running 0 53m
dev-sdnrdb-master-2 1/1 Running 0 53m
Output of kubectl describe pod dev-sdnc-0 -n onap is attached in dev-sdnc-0.log
Upon checking, the "certs-init" container of dev-sdnc-0 pod does not initialize properly. Attached (certs-init.log) is log of kubectl logs -n onap -f dev-sdnc-0 -c certs-init
certs-init.log
An extract from above log:
WARNING: sun.reflect.Reflection.getCallerClass is not supported. This will impact performance.
2021-01-17 18:13:33.553 ^[[32m INFO^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.c.f.ClientConfigurationFactory^[[m : Successful validation of Client configuration. Configuration data: REQUEST_URL: https://oom-cert-service:8443/v1/certificate/, REQUEST_TIMEOUT: 30000, OUTPUT_PATH: /var/custom-certs, CA_NAME: RA, OUTPUT_TYPE: P12
2021-01-17 18:13:33.565 ^[[32m INFO^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.c.f.CsrConfigurationFactory ^[[m : Successful validation of CSR configuration. Configuration data: COMMON_NAME: sdnc.simpledemo.onap.org, COUNTRY: US, STATE: California, ORGANIZATION: Linux-Foundation, ORGANIZATION_UNIT: ONAP, LOCATION: San-Francisco, SANS: null
2021-01-17 18:13:33.565 ^[[32m INFO^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.c.KeyPairFactory ^[[m : KeyPair generation started with algorithm: RSA and key size: 2048
2021-01-17 18:13:34.744 ^[[32m INFO^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.c.CsrFactory ^[[m : Creation of CSR has been started with following parameters: COMMON_NAME: sdnc.simpledemo.onap.org, COUNTRY: US, STATE: California, ORGANIZATION: Linux-Foundation, ORGANIZATION_UNIT: ONAP, LOCATION: San-Francisco, SANS: null
2021-01-17 18:13:34.806 ^[[32m INFO^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.c.CsrFactory ^[[m : Creation of CSR has been completed successfully
2021-01-17 18:13:34.807 ^[[32m INFO^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.c.CsrFactory ^[[m : Conversion of CSR to PEM has been started
2021-01-17 18:13:34.814 ^[[32m INFO^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.c.PrivateKeyToPemEncoder ^[[m : Attempt to encode private key to PEM
2021-01-17 18:13:34.926 ^[[32m INFO^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.h.HttpClient ^[[m : Attempt to send request to API, on url: https://oom-cert-service:8443/v1/certificate/RA
2021-01-17 18:13:35.336 ^[[32m INFO^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.h.HttpClient ^[[m : Received response from API
2021-01-17 18:13:35.337 ^[[31mERROR^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.h.HttpClient ^[[m : Error on API response. Response Code: 404
2021-01-17 18:13:35.356 ^[[31mERROR^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.CertServiceClient ^[[m : Cert Service Client fails in execution:
org.onap.oom.certservice.client.httpclient.exception.CertServiceApiResponseException: CertService HTTP unsuccessful response. Response code: 404 . Message from Service: Certification authority not found for given CAName
at org.onap.oom.certservice.client.httpclient.HttpClient.generateApiResponseException(HttpClient.java:96)
at org.onap.oom.certservice.client.httpclient.HttpClient.extractCertServiceResponse(HttpClient.java:84)
at org.onap.oom.certservice.client.httpclient.HttpClient.retrieveCertServiceData(HttpClient.java:62)
at org.onap.oom.certservice.client.CertServiceClient.run(CertServiceClient.java:75)
at org.onap.oom.certservice.client.MainApp.main(MainApp.java:26)
2021-01-17 18:13:35.362 ^[[32m INFO^[[m ^[[35m1^[[m [ main] ^[[36mo.o.o.c.c.AppExitHandler ^[[m : Application exits with following exit code: 5 and message: CertService HTTP unsuccessful response
Upon logging into oom-cert-service container of oom-cert-service pod (dev-oom-cert-service-5f5c5b4d64-pplwb), we see the attached error.log, audit.log, and debug.log in /var/log/onap/oom/certservice/ .
An extract from above error.log:
root@onap:~/logs_with_platform/dev-oom-cert-service_logs# vi error.log
[2021-01-17T17:31:26,950][ERROR][org.onap.oom.certservice.api.advice.CertificationExceptionAdvice] Exception occurred selecting CMPv2 server:
org.onap.oom.certservice.certification.exception.Cmpv2ServerNotFoundException: No server found for given CA name
at org.onap.oom.certservice.certification.configuration.Cmpv2ServerProvider.lambda$getCmpv2Server$1(Cmpv2ServerProvider.java:40) ~[classes!/:?]
at java.util.Optional.orElseThrow(Unknown Source) ~[?:?]
at org.onap.oom.certservice.certification.configuration.Cmpv2ServerProvider.getCmpv2Server(Cmpv2ServerProvider.java:40) ~[classes!/:?]
at org.onap.oom.certservice.certification.CertificationModelFactory.createCertificationModel(CertificationModelFactory.java:62) ~[classes!/:?]
at org.onap.oom.certservice.api.CertificationController.signCertificate(CertificationController.java:92) ~[classes!/:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
Note: As indicated in post here: https://lists.onap.org/g/onap-sdnc/topic/sdnc_pod_not_coming_up/77167276?p=,,,20,0,0,0::recentpostdate%2Fsticky,,,20,2,0,77167276, we enabled platform using:
platform:
enabled: true
I appreciate if anyone can point us to a fix for the above issue.
Thank you.
Martin Skorupski
For C-Release please refer to the INT Project: OAM Deployment in kubernetes
Prakash Kolan
Thank you Martin. The yaml file at the provided link work fine.
Pravin Kumar Damodaran
Hi Prakash Kolan . I'm facing the same issue for Honolulu based SDNC. The only difference I see in the yaml file provided in the above link given by Martin is clustering is disabled and sdnr mountpoint resitrar is enabled. Are these the only changes that you made?