fix: updated doc after retest (e8be70dc) · Commits · OSL / code / org.etsi.osl.main

kubernetes/helm/README.md

+57 −133

Original line number	Original line	Diff line number	Diff line
	@@ -273,62 +273,67 @@ helm install myopenslice . --namespace openslice --create-namespace

	In a Kubernetes environment, you can monitor the status of your deployments and containers using `kubectl`, the Kubernetes command-line tool, which provides powerful capabilities for inspecting the state of resources in your cluster.		In a Kubernetes environment, you can monitor the status of your deployments and containers using `kubectl`, the Kubernetes command-line tool, which provides powerful capabilities for inspecting the state of resources in your cluster.


	## Post installation steps

	After the successful deployment of OpenSlice, to ensure the E2E user experience, this section is mandatory. It contains crucial configuration in regard of authentication and user creation.

	### Checking the Status of your application's deployment		### Checking the Status of your application's deployment

	To check the status of your deployment, use the following commands. The output should be similar:		To check the status of your deployment, use the following commands. The output should be similar:

	```bash		```bash

	kubectl get pods -n openslice -o wide		kubectl get pods -n openslice

	NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES		NAME READY UP-TO-DATE AVAILABLE AGE
	activemq-59d4bfdb4b-bvjqr 1/1 Running 0 109s 192.168.43.97 kc-2 <none> <none>		myopenslice-artemis 1/1 1 1 6m28s
	bugzilla-client-7dd7cb47cb-8qb8m 1/1 Running 0 100s 192.168.12.114 kc-3 <none> <none>		myopenslice-blockdiag 1/1 1 1 6m28s
	centrallog-95bbf7867-k8fpt 1/1 Running 0 100s 192.168.12.107 kc-3 <none> <none>		myopenslice-bugzilla 1/1 1 1 6m28s
	keycloak-7c5b6bbc95-k2qfl 1/1 Running 0 105s 192.168.12.106 kc-3 <none> <none>		myopenslice-centrallog 1/1 1 1 6m28s
	manoclient-95f68f4c9-c9t6r 1/1 Running 0 104s 192.168.12.113 kc-3 <none> <none>		myopenslice-cridge 1/1 1 1 6m28s
	mysql-portal-0 1/1 Running 0 107s 192.168.43.99 kc-2 <none> <none>		myopenslice-keycloak 1/1 1 1 6m28s
	osom-6d548cf555-q8ptj 1/1 Running 0 104s 192.168.43.93 kc-2 <none> <none>		myopenslice-kroki 1/1 1 1 6m28s
	osportalapi-5fff744db8-5g4zs 1/1 Running 0 103s 192.168.43.98 kc-2 <none> <none>		myopenslice-manoclient 1/1 1 1 6m28s
	osscapi-6d68b54d97-jn8tz 0/1 Running 0 102s 192.168.12.104 kc-3 <none> <none>		myopenslice-oasapi 1/1 1 1 6m28s
	portalweb-8469d57df4-94tfj 1/1 Running 0 101s 192.168.48.44 kc-nfs <none> <none>		myopenslice-osom 1/1 1 1 6m28s
	tmfweb-868f7bb9c5-x4lfh 1/1 Running 0 102s 192.168.48.43 kc-nfs <none> <none>		myopenslice-osportalapi 1/1 1 1 6m28s
			myopenslice-osscapi 1/1 1 1 6m28s
			myopenslice-portalweb 1/1 1 1 6m28s
			myopenslice-tmfweb 1/1 1 1 6m28s
	```		```
	```bash		```bash
	kubectl get deployments -n openslice -o wide		kubectl get deployments -n openslice

	NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR		NAME READY UP-TO-DATE AVAILABLE AGE
	activemq 1/1 1 1 2m15s anactivemq webcenter/activemq:5.14.3 org.etsi.osl.service=activemq		myopenslice-artemis 1/1 1 1 7m17s
	bugzilla-client 1/1 1 1 2m6s bugzilla-client openslice/org.etsi.osl.bugzilla:latest org.etsi.osl.service=bugzilla-client		myopenslice-blockdiag 1/1 1 1 7m17s
	centrallog 1/1 1 1 2m6s centrallog openslice/org.etsi.osl.centrallog.service org.etsi.osl.service=centrallog		myopenslice-bugzilla 1/1 1 1 7m17s
	keycloak 1/1 1 1 2m11s keycloak quay.io/keycloak/keycloak:11.0.3 org.etsi.osl.service=keycloak		myopenslice-centrallog 1/1 1 1 7m17s
	manoclient 1/1 1 1 2m10s manoclient openslice/org.etsi.osl.mano:latest org.etsi.osl.service=manoclient		myopenslice-cridge 1/1 1 1 7m17s
	osom 1/1 1 1 2m10s openslice-osom openslice/org.etsi.osl.osom:latest org.etsi.osl.service=osom		myopenslice-keycloak 1/1 1 1 7m17s
	osportalapi 1/1 1 1 2m9s openslice-portalapi openslice/org.etsi.osl.portal.api:latest org.etsi.osl.service=osportalapi		myopenslice-kroki 1/1 1 1 7m17s
	osscapi 1/1 1 1 2m8s openslice-scapi openslice/org.etsi.osl.tmf.api:latest org.etsi.osl.service=osscapi		myopenslice-manoclient 1/1 1 1 7m17s
	portalweb 1/1 1 1 2m7s openslice-portalweb openslice/org.etsi.osl.portal.web:latest org.etsi.osl.service=portalweb		myopenslice-oasapi 1/1 1 1 7m17s
	tmfweb 1/1 1 1 2m8s openslice-tmfweb openslice/org.etsi.osl.tmf.web:latest org.etsi.osl.service=tmfweb		myopenslice-osom 1/1 1 1 7m17s
			myopenslice-osportalapi 1/1 1 1 7m17s
			myopenslice-osscapi 1/1 1 1 7m17s
			myopenslice-portalweb 1/1 1 1 7m17s
			myopenslice-tmfweb 1/1 1 1 7m17s
	```		```
	```bash		```bash
	kubectl get services -n openslice -o wide		kubectl get services -n openslice

	NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR		NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
	activemq ClusterIP 10.111.160.120 <none> 8161/TCP,61616/TCP 2m22s org.etsi.osl.service=activemq		myopenslice-artemis ClusterIP 10.101.128.223 <none> 8161/TCP,61616/TCP,61613/TCP 7m43s
	bugzilla-client ClusterIP 10.101.43.28 <none> 13010/TCP 2m14s org.etsi.osl.service=bugzilla-client		myopenslice-blockdiag ClusterIP 10.109.196.90 <none> 8001/TCP 7m43s
	centrallog ClusterIP 10.109.15.151 <none> 13013/TCP 2m14s org.etsi.osl.service=centrallog		myopenslice-bugzilla ClusterIP 10.107.10.101 <none> 13010/TCP 7m43s
	keycloak ClusterIP 10.110.216.62 <none> 8080/TCP,8443/TCP 2m19s org.etsi.osl.service=keycloak		myopenslice-centrallog ClusterIP 10.109.84.33 <none> 13013/TCP 7m43s
	manoclient ClusterIP 10.108.112.84 <none> 13011/TCP 2m18s org.etsi.osl.service=manoclient		myopenslice-keycloak ClusterIP 10.104.172.73 <none> 8080/TCP,8443/TCP 7m43s
	mysql-portal ClusterIP None <none> 3306/TCP 2m19s org.etsi.osl.service=mysql-portal		myopenslice-kroki ClusterIP 10.106.92.111 <none> 8000/TCP 7m43s
	osom ClusterIP 10.105.173.85 <none> 13100/TCP 2m18s org.etsi.osl.service=osom		myopenslice-manoclient ClusterIP 10.100.143.154 <none> 13011/TCP 7m43s
	osportalapi ClusterIP 10.104.121.164 <none> 13000/TCP 2m17s org.etsi.osl.service=osportalapi		myopenslice-mysql ClusterIP 10.108.206.75 <none> 3306/TCP 7m43s
	osscapi ClusterIP 10.108.6.161 <none> 13082/TCP 2m16s org.etsi.osl.service=osscapi		myopenslice-oasapi ClusterIP 10.100.107.66 <none> 13101/TCP 7m43s
	portalweb ClusterIP 10.97.126.98 <none> 80/TCP 2m15s org.etsi.osl.service=portalweb		myopenslice-osom ClusterIP 10.97.88.133 <none> 13100/TCP 7m43s
	tmfweb ClusterIP 10.98.56.82 <none> 80/TCP 2m15s org.etsi.osl.service=tmfweb		myopenslice-osportalapi ClusterIP 10.111.212.76 <none> 13000/TCP 7m43s
			myopenslice-osscapi ClusterIP 10.101.84.220 <none> 13082/TCP 7m43s
			myopenslice-portalweb ClusterIP 10.101.16.112 <none> 80/TCP 7m43s
			myopenslice-tmfweb ClusterIP 10.101.157.185 <none> 80/TCP 7m43s
	```		```

	### Accessing Logs for Troubleshooting		### Accessing Logs for Troubleshooting
	@@ -339,11 +344,15 @@ If a pod is not in the expected state, you can access its logs for troubleshooti
	kubectl logs <pod-name> -n openslice		kubectl logs <pod-name> -n openslice
	```		```

			## Post installation steps

			After the successful deployment of OpenSlice, to ensure the E2E user experience, this section is mandatory. It contains crucial configuration in regard of authentication and user creation.

	### Configure Keycloak server		### Configure Keycloak server

	The Keycloack server is managing authentication and running on a container at port 8080. It is also proxied to your host via the ingress resource under http://<your-domain>/auth.		The Keycloack server is managing authentication and running on a container at port 8080. It is also proxied to your host via the ingress resource under http://your-domain/auth.

	- Navigate to http://<your-domain>/auth/ or https://<your-domain>/auth/, (http://ipaddress:8080/auth/ or https://ipaddress:8443/auth/ which are directly accessible without proxy)		- Navigate to http://your-domain/auth/ or https://your-domain/auth/, (http://ipaddress:8080/auth/ or https://ipaddress:8443/auth/ which are directly accessible without proxy)

	- Navigate to Administration Console		- Navigate to Administration Console

	@@ -390,91 +399,6 @@ This step is mandatory so as to access the OpenSlice Web UI. To add an OpenSlice

	> That user is different from the Keycloak admin user. It is required to login and browse the OpenSlice Web UI. The Role ADMIN guarantee full access through the OpenSlice UI, thus such a user is always required.		> That user is different from the Keycloak admin user. It is required to login and browse the OpenSlice Web UI. The Role ADMIN guarantee full access through the OpenSlice UI, thus such a user is always required.

	*IMPORTANT: The following is not currently supported in Kubernetes installation.

	### Keycloak at localhost

	> This is an important step if you run Keycloak on localhost!

	1 - Edit your Hosts File, adding the line below

	```127.0.0.1 keycloak```

	Hosts File Location:

	- In Linux/Unix, the file's location is at /etc/hosts

	- In Windows, its location is at c:\Windows\System32\Drivers\etc\hosts

	2 - Replace http://localhost/auth/ with http://keycloak:8080/auth/ in your Keycloak config for AngularJS and Angular (see examples below).


	> Explanation

	Nginx uses the http://keycloak:8080 URL, which is accessible via the internal docker system's network.
	The Front-end (TS/Angular) shall also use the http://keycloak:8080.
	This way, you will not get the invalid token error, as the API is acquiring the token from http://keycloak:8080 (internally) and the Front-end is getting verified by an issuer at the same URL, as well.



	2.1 - For the Angular configuration (TMF portal UI), navigate to org.etsi.osl.tmf.web/src/assets/config and edit config.prod.json

	```bash
	# Starting from the root project directory
	cd org.etsi.osl.tmf.web/src/assets/config
	```

	```bash
	nano config.prod.json
	```

	After editing, the displayed properties should look like the example below:

	```yaml
	{
	"OAUTH_CONFIG" : {
	"issuer": "http://keycloak:8080/auth/realms/openslice",
	"loginUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth",
	"tokenEndpoint": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token",
	"userinfoEndpoint": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/userinfo",
	"redirectUri": "{BASEURL}/redirect",
	"logoutUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/logout",
	"postLogoutRedirectUri": "{BASEURL}"
	}
	}
	```

	> Note the difference in changing {BASEURL} -> http://keycloak:8080

	> If you want the changes to take place immediately without rebuilding the project, then repeat the process for org.etsi.osl.tmf.web/dist/org.etsi.osl.tmf.web/assets/config/config.prod.json

	2.2 - For the AngularJS configuration (NVF portal UI), navigate to org.etsi.osl.portal.web/src/js and edit config.js

	```bash
	# Starting from the root project directory
	cd org.etsi.osl.portal.web/src/js
	```

	```bash
	nano config.js
	```

	After editing, the displayed properties should look like the example below:

	```
	var appConfig = angular.module('portalwebapp.config',[]);


	appConfig.factory('APIEndPointService', function() {
	return {
	APIOAUTHURL: "http://keycloak:8080/auth/realms/openslice",
	};
	});
	```

	> Note the difference in "APIOAUTHURL" property, changing ROOTURL -> http://keycloak:8080


	### NFV Orchestrator Configuration		### NFV Orchestrator Configuration

	After successfully deploying and configuring OpenSlice, you may configure its environment (e.g. the NFVO) that will facilitate the deployment of NFV artifacts.		After successfully deploying and configuring OpenSlice, you may configure its environment (e.g. the NFVO) that will facilitate the deployment of NFV artifacts.