diff --git a/kubernetes/helm/README.md b/kubernetes/helm/README.md index 57bb9b09c49456cbc41eeb0ab5488af7812704fb..7507a2e4c18e9b473753d21993bb3dfbf93a1abe 100644 --- a/kubernetes/helm/README.md +++ b/kubernetes/helm/README.md @@ -26,7 +26,7 @@ helm uninstall myopenslice --namespace openslice | --------------------------------- | ------------------------------------ | | 4 CPU cores | 8 CPU cores | | 8 GB RAM | 16 GB RAM | -| 20 GB storage | 40 GB storage | +| 30 GB storage | 50 GB storage | ### Software Requirements: @@ -47,16 +47,16 @@ Refer to the official Kubernetes documentation for setting up a cluster. Ensure ### 2. Installing Helm Helm must be installed on your machine to deploy OpenSlice via Helm charts. Follow the [official Helm installation guide](https://helm.sh/docs/intro/install/). -## Downloading the Project +## Downloading the project -### 1. Create a New Folder to Download the Project +### 1. Create a new folder to download the project ```bash mkdir openslice cd openslice ``` -### 2. Download the Project Code +### 2. Download the project code Clone the project code from the GitLab repository. **Note:** This process will be simplified once the charts are published in the GitLab registry, requiring only the chart to be pulled. @@ -69,9 +69,10 @@ cd kubernetes/helm/openslice/ Before deploying the Helm chart, ensure you have configured the necessary components as detailed in the [Configure Helm Chart Services](#configure-helm-chart-services) section. By default, the `main` branch is selected for deployment. -We recommend using: -- The **main** branch for the most stable experience. -- The **develop** branch for access to the latest features. For the develop branch installation, it's strongly advisable to follow the [develop documentation](https://osl.etsi.org/documentation/develop/deployment/). +We recommend: + +* main branch for the most stable experience and +* develop branch for an experience with the latest features (for develop branch installation, it is strongly advisable that you may as well follow the [develop documentation](https://osl.etsi.org/documentation/develop/deployment/)) Deploy OpenSlice with Helm: @@ -99,7 +100,7 @@ oscreds: database: "keycloak" username: "keycloak" password: "password" - adminpassword: "keycloakadminpass" + adminpassword: "Pa55w0rd" portal: database: "osdb" username: "portaluser" @@ -138,7 +139,7 @@ oscreds: database: "keycloak" username: "keycloak" password: "password" - adminpassword: "keycloakadminpass" + adminpassword: "Pa55w0rd" ``` #### 4. Application and Logging Configuration @@ -176,15 +177,27 @@ In folder `kubernetes/helm/openslice/files/org.etsi.osl.portal.web/src/js` edit ``` -{ - TITLE: "Openslice demo", - WIKI: "{{ .Values.rooturl }}", - BUGZILLA: "{{ .Values.rooturl }}/bugzilla/", - STATUS: "{{ .Values.rooturl }}/", - APIURL: "{{ .Values.rooturl }}", - WEBURL: "{{ .Values.rooturl }}/nfvportal", - APIOAUTHURL: "{{ .Values.rooturl }}/auth/realms/openslice", - APITMFURL: "{{ .Values.rooturl }}/tmf-api/serviceCatalogManagement/v4" +{ + TITLE: "OpenSlice by ETSI", + WIKI: "https://osl.etsi.org/documentation/", + BUGZILLA: "{{ .Values.rooturl }}/bugzilla", + STATUS: "{{ .Values.rooturl }}/status", + APIURL: "{{ .Values.rooturl }}", + WEBURL: "{{ .Values.rooturl }}/nfvportal", + APIOAUTHURL: "{{ .Values.rooturl }}/auth/realms/openslice", + APITMFURL: "{{ .Values.rooturl }}/tmf-api/serviceCatalogManagement/v4" +} +``` + +Example file: +``` +{ + BUGZILLA: "ROOTURL/bugzilla/", + STATUS: "ROOTURL/status/", + APIURL: "http://localhost", + WEBURL: "ROOTURL/nfvportal", + APIOAUTHURL: "ROOTURL/auth/realms/openslice", + APITMFURL: "ROOTURL/tmf-api/serviceCatalogManagement/v4" } ``` @@ -199,19 +212,24 @@ In the folder `kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/c * config.theming.json (HTML configuration - Logo, Favicon, Footer) -The first 2 files above (i.e. config.prod.json, theming.scss) are essential for the successful deployment of OpenSlice. -Therefore, ensure that you check the `config.prod.json` and `theming.scss` files and readjust to your deployment if needed. -Default versions of such files exist in this path, which must be renamed to not include the `.default` suffix, before deploying OpenSlice. +The first 2 files above (i.e. config.prod.json, theming.scss) are essential for the successful deployment of OpenSlice, thus created automatically during the initial deployment at `org.etsi.osl.tmf.web/src/assets/config` directory as a copy of the default ones from the remote repository. -E.g. Edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application, if needed. +Ensure that you check the `config.prod.json` and `theming.scss` files and readjust to your deployment if needed. + +```bash +# Starting from the root project directory +cd kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config +``` + +E.g. You may edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application, if needed. ``` { "TITLE": "OpenSlice by ETSI", - "PORTALVERSION":"2024-Q2 1.0.0", + "PORTALVERSION":"2024Q2", "WIKI": "https://osl.etsi.org/documentation", "BUGZILLA": "{BASEURL}/bugzilla/", - "STATUS": "http://status.localhost/", + "STATUS": "{BASEURL}/status/", "WEBURL": "{BASEURL}", "PORTAL_REPO_APIURL": "{BASEURL}/osapi", "ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api", @@ -251,7 +269,6 @@ cd kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config ```bash sudo cp config.theming.default.json config.theming.json ``` -#This seems irrelevant now. > ***IMPORTANT NOTE:*** If you want to apply changes to the JSON configuration files without the need to rebuild the application, you have to apply the changes at the `org.etsi.osl.tmf.web/dist/io-openslice-portal-web/assets/config` directory. Although, it is <u>mandatory</u> to also apply these changes to the `org.etsi.osl.tmf.web/src/assets/config` for <u>persistancy</u>, as after any future rebuild of OpenSlice the `/dist` directory is being overwritten along with its contents. The OpenSlice team strongly recommends to always apply your changes to the TMF web UI configuration files at `org.etsi.osl.tmf.web/src/assets/config` and rebuild the application. @@ -285,7 +302,6 @@ NAME READY STATUS RESTARTS AGE IP activemq-59d4bfdb4b-bvjqr 1/1 Running 0 109s 192.168.43.97 kc-2 <none> <none> bugzilla-client-7dd7cb47cb-8qb8m 1/1 Running 0 100s 192.168.12.114 kc-3 <none> <none> centrallog-95bbf7867-k8fpt 1/1 Running 0 100s 192.168.12.107 kc-3 <none> <none> -consul-b5dd76b76-64dzk 1/1 Running 0 107s 192.168.43.90 kc-2 <none> <none> keycloak-7c5b6bbc95-k2qfl 1/1 Running 0 105s 192.168.12.106 kc-3 <none> <none> manoclient-95f68f4c9-c9t6r 1/1 Running 0 104s 192.168.12.113 kc-3 <none> <none> mysql-portal-0 1/1 Running 0 107s 192.168.43.99 kc-2 <none> <none> @@ -302,7 +318,6 @@ NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS activemq 1/1 1 1 2m15s anactivemq webcenter/activemq:5.14.3 org.etsi.osl.service=activemq bugzilla-client 1/1 1 1 2m6s bugzilla-client openslice/org.etsi.osl.bugzilla:latest org.etsi.osl.service=bugzilla-client centrallog 1/1 1 1 2m6s centrallog openslice/org.etsi.osl.centrallog.service org.etsi.osl.service=centrallog -consul 1/1 1 1 2m13s aconsul consul org.etsi.osl.service=consul keycloak 1/1 1 1 2m11s keycloak quay.io/keycloak/keycloak:11.0.3 org.etsi.osl.service=keycloak manoclient 1/1 1 1 2m10s manoclient openslice/org.etsi.osl.mano:latest org.etsi.osl.service=manoclient osom 1/1 1 1 2m10s openslice-osom openslice/org.etsi.osl.osom:latest org.etsi.osl.service=osom @@ -318,7 +333,6 @@ NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) activemq ClusterIP 10.111.160.120 <none> 8161/TCP,61616/TCP 2m22s org.etsi.osl.service=activemq bugzilla-client ClusterIP 10.101.43.28 <none> 13010/TCP 2m14s org.etsi.osl.service=bugzilla-client centrallog ClusterIP 10.109.15.151 <none> 13013/TCP 2m14s org.etsi.osl.service=centrallog -consul ClusterIP 10.101.103.240 <none> 8500/TCP,8600/TCP 2m21s org.etsi.osl.service=consul keycloak ClusterIP 10.110.216.62 <none> 8080/TCP,8443/TCP 2m19s org.etsi.osl.service=keycloak manoclient ClusterIP 10.108.112.84 <none> 13011/TCP 2m18s org.etsi.osl.service=manoclient mysql-portal ClusterIP None <none> 3306/TCP 2m19s org.etsi.osl.service=mysql-portal @@ -347,7 +361,7 @@ The Keycloack server is managing authentication and running on a container at po - Login with the credentials from section [Keycloak Configuration](#3-keycloak-configuration). Default values are: - user: admin - - password: KEYCLOAK_PASSWORD + - password: Pa55w0rd > if you are running in HTTP you will get a message: HTTPS required. @@ -362,7 +376,7 @@ To resolve this issue <u>when running in HTTP</u>: #### 1. Configure redirects -Navigate to realm Openslice > client > osapiWebClientId and change the Root URL to your domain. +Navigate to realm Openslice > Clients > osapiWebClientId and change the Root URL to your domain. Also, insert your domain, e.g. http://example.org/*, at: * Valid Redirect URIs @@ -372,18 +386,21 @@ Also, insert your domain, e.g. http://example.org/*, at: Keycloak allows new users to register. Subsequently, this will also allow new users to register to the OpenSlice portal. -On Tab Login > check User registration, Verify email, Forgot password etc. +Navigate to realm Openslice > Realm Settings > Login Tab > check User registration, Verify email, Forgot password etc. + +Finally, enter the details of the mail server at the Email Tab. + +> Email configuration is optional for test runs, but if not provided the above functionalities (e.g. external user registration) will not be possible. -Also, enter the details on Realm > Email > Enable Authentication. #### 3. Add an OpenSlice admin user This step is mandatory so as to access the OpenSlice Web UI. To add an OpenSlice admin user you must: -- Navigate to manage/users and add an OpenSlice admin user, e.g. username=admin. +- Navigate to realm Openslice > Users > Add user - Set a password -- Navigate to Role Mappings and add ADMIN and MENTOR to Assigned Roles. +- Upon creation, navigate to Role Mappings and add ADMIN to Assigned Roles list -> That user is different from the Keycloak admin user. It is required to login and browse the OpenSlice Web UI. The Roles ADMIN and MENTOR guarantee full access through the Openslice UI, thus such a user is always required. +> That user is different from the Keycloak admin user. It is required to login and browse the OpenSlice Web UI. The Role ADMIN guarantee full access through the OpenSlice UI, thus such a user is always required. ***IMPORTANT: The following is not currently supported in Kubernetes installation.** ### Keycloak at localhost @@ -422,19 +439,10 @@ cd org.etsi.osl.tmf.web/src/assets/config nano config.prod.json ``` -After editing it should look like the example bellow: +After editing, the displayed properties should look like the example below: ```yaml { - "TITLE": "OpenSlice by ETSI", - "PORTALVERSION":"2023-Q3 1.2.0-SNAPSHOT", - "WIKI": "https://openslice.readthedocs.io/en/stable/", - "BUGZILLA": "{BASEURL}/bugzilla/", - "STATUS": "http://status.localhost/", - "WEBURL": "{BASEURL}", - "PORTAL_REPO_APIURL": "{BASEURL}/osapi", - "ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api", - "APITMFURL": "{BASEURL}/tmf-api", "OAUTH_CONFIG" : { "issuer": "http://keycloak:8080/auth/realms/openslice", "loginUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth", @@ -442,18 +450,7 @@ After editing it should look like the example bellow: "userinfoEndpoint": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/userinfo", "redirectUri": "{BASEURL}/redirect", "logoutUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/logout", - "postLogoutRedirectUri": "{BASEURL}", - - "responseType": "code", - "oidc": false, - "clientId": "osapiWebClientId", - "dummyClientSecret": "secret", - - "requireHttps": false, - "useHttpBasicAuth": true, - clearHashAfterLogin": false, - - "showDebugInformation": true + "postLogoutRedirectUri": "{BASEURL}" } } ``` @@ -473,7 +470,7 @@ cd org.etsi.osl.portal.web/src/js nano config.js ``` -after editing it should look like the example bellow: +After editing, the displayed properties should look like the example below: ``` var appConfig = angular.module('portalwebapp.config',[]); @@ -481,19 +478,12 @@ var appConfig = angular.module('portalwebapp.config',[]); appConfig.factory('APIEndPointService', function() { return { - TITLE: "OpenSlice by ETSI", - WIKI: "https://openslice.readthedocs.io/en/stable/", - BUGZILLA: "ROOTURL/bugzilla/", - STATUS: "ROOTURL/status/", - APIURL: "http://localost:13000", - WEBURL: "ROOTURL/nfvportal", - APIOAUTHURL: "ROOTURL/auth/realms/openslice", - APITMFURL: "ROOTURL/tmf-api/serviceCatalogManagement/v4" + APIOAUTHURL: "http://keycloak:8080/auth/realms/openslice", }; }); ``` -> Note the difference in "APIOAUTHURL" property +> Note the difference in "APIOAUTHURL" property, changing ROOTURL -> http://keycloak:8080 ### NFV Orchestrator Configuration diff --git a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json index 339aa51ca5fdf5fb22ba09f51ed2b9cd4fe7e10c..df966b650f4defefc941ba0b338e9666b29b0a35 100644 --- a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json +++ b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json @@ -3,7 +3,7 @@ "DEPLOYMENT_LOGO_PATH":"assets/images/logo_clear.png", "DEFAULT_SERVICE_LOGO_PATH":"assets/images/logo_icon_original.png", "FAVICON_PATH":"favicon.ico", -"WHO_WE_ARE_HTML":"<address class='font-weight-light'><span class='font-weight-bold'>openslice.io project</span> | <a href='http://openslice.io/' class='text-white'>openslice.io</a><br>openslice.io an opensource OSS</address><address class='font-weight-light'><span class='font-weight-bold'>Openslice demo</span> | <a href='http://portal.openslice.io' class='text-white'>http://portal.openslice.io</a><br>A portal that allows 5G experimenters to deploy experiment descriptors towards the infrastructure.</address><address class='font-weight-light'><span class='font-weight-bold'>Openslice demo wiki</span> | <a href='https://openslice.readthedocs.io/en/stable/' class='text-white'>https://openslice.readthedocs.io/en/stable/</a><br>A wiki containing project documentation.</address><address class='font-weight-light'><span class='font-weight-bold'>Openslice demo Report Issues</span> | <a href='http://portal.openslice.io/bugzilla/' class='text-white'>http://portal.openslice.io/bugzilla/</a><br>Our issue tracking system.</address>", -"CONNECT_WITH_US_HTML":"<div class='col-xs-12 col-sm-6 col-md-3'><div><a href='https://twitter.com/OpensliceOSS' class='font-weight-light text-white'><i class='fab fa-twitter mr-2'></i>Twitter</a></div></div><div class='col-xs-12 col-sm-6 col-md-3'><div><a href='https://openslice.slack.com/' class='font-weight-light text-white'><i class='fab fa-slack mr-2'></i>Slack</a></div></div>", +"WHO_WE_ARE_HTML":"<address class='font-weight-light'><span class='font-weight-bold'>ETSI SDG OpenSlice</span>|<a href='https://osl.etsi.org/' class='text-white'>https://osl.etsi.org</a><br>The ETSI Software Development Group for OpenSlice (SDG OSL) is developing an open source service based Operations Support System (OSS) to deliver Network Slice as a Service (NSaaS).</address><address class='font-weight-light'><span class='font-weight-bold'>OpenSlice by ETSI</span>|<a href='http' class='text-white'>http://portal.openslice.io</a><br>A portal that allows 5G experimenters to design and deploy network services towards the infrastructure.</address><address class='font-weight-light'><span class='font-weight-bold'>OpenSlice by ETSI wiki</span>|<a href='https://osl.etsi.org/documentation' class='text-white'>https://osl.etsi.org/documentation</a><br>A wiki containing OpenSlice software documentation.</address>", +"CONNECT_WITH_US_HTML":"<div class='col-lg-3 col-md-6 col-sm-12'><div><a class='font-weight-light text-white' href='https://www.linkedin.com/company/openslice'><i class='fab mr-2 fa-linkedin'></i>LinkedIn</a></div></div><div class='col-lg-3 col-md-6 col-sm-12'><div><a class='font-weight-light text-white' href='https://openslice.slack.com/'><i class='fab mr-2 fa-slack'></i>Slack</a></div></div><div class='col-lg-3 col-md-6 col-sm-12'><div><a class='font-weight-light text-white' href='https://twitter.com/OpensliceOSS'><i class='fab mr-2 fa-twitter'></i>Twitter</a></div></div>", "FOOTER_HTML":"<div class='row align-items-center'><div class='col-md-2'><img src='assets/images/eu-commission.png' /></div><div class='col-md-10 font-weight-light'>OpenSlice has received funding from<div class='font-weight-light'>5GinFIRE | https://5ginfire.eu/ project from the European Horizon 2020 Programme for research, technological development and demonstration under grant agreement number 732497.</div><div class='font-weight-light'>5G-VINNI project | https://5g-vinni.eu/ 5G-VINNI project has received funding from the European Horizon 2020 Programme for research, technological development and demonstration under grant agreement number 815279</div><div class='font-weight-light'>Openslice by ETSI running OSL version 2024Q2 | <a href='https://osl.etsi.org/files/SDG_OSL_Terms_and_Conditions.pdf' class='font-weight-light'>Terms and Conditions</a> | © 2024 on behalf of <a target='_blank' href='https://osl.etsi.org/' title='osl.etsi.org' class='font-weight-light'>osl.etsi.org</a></div></div></div>" } diff --git a/kubernetes/helm/openslice/templates/cridge.yaml b/kubernetes/helm/openslice/templates/cridge.yaml index 3b90404a5f87cce2bc5151ad8fb72393f8cc8405..5ddf1aa057cc50742810f3d6b9807b36645cf377 100644 --- a/kubernetes/helm/openslice/templates/cridge.yaml +++ b/kubernetes/helm/openslice/templates/cridge.yaml @@ -40,7 +40,7 @@ spec: "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", "logging.level.org.springframework" : "{{ .Values.spring.logLevel | default "INFO" }}", - "org.etsi.osl.cridge" : "{{ .Values.cridge.mode | default "DEBUG" }}" + "logging.level.org.etsi.osl.cridge" : "{{ .Values.cridge.logLevel | default "DEBUG" }}" } resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/kubernetes/helm/openslice/templates/osom.yaml b/kubernetes/helm/openslice/templates/osom.yaml index 12edc14626ad446a6114fec67e38954cd46e8bac..eb4f70b1dce149891fbe84a81b8d658457932989 100644 --- a/kubernetes/helm/openslice/templates/osom.yaml +++ b/kubernetes/helm/openslice/templates/osom.yaml @@ -32,6 +32,7 @@ spec: - name: SPRING_APPLICATION_JSON value: >- { + "spring.datasource.url" : "{{ .Values.spring.datasource.url | default "jdbc:h2:~/tempdb;DB_CLOSE_DELAY=-1" }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", diff --git a/kubernetes/helm/openslice/templates/osportalapi.yaml b/kubernetes/helm/openslice/templates/osportalapi.yaml index c84ee91f0b44ef930b1d4c510a9ce12a2b8b7556..ac99f4cbb8780392c902bc851e229fe64cab0bcd 100644 --- a/kubernetes/helm/openslice/templates/osportalapi.yaml +++ b/kubernetes/helm/openslice/templates/osportalapi.yaml @@ -56,7 +56,8 @@ spec: "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", - "logging.level.org.springframework" : "{{ .Values.spring.logLevel | default "INFO" }}" + "logging.level.org.springframework" : "{{ .Values.spring.logLevel | default "INFO" }}", + "logging.level.org.etsi.osl.portal.api": "{{ .Values.portalapi.logLevel | default "INFO" }}" } resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index 2f6cccaa56be85aaecd3fa3e7a233e03a00f9a46..0298ecb92ababd27629089d70a5b75b43affa54a 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -50,6 +50,7 @@ image: pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. tag: "develop" + logLevel: INFO osscapi: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.api pullPolicy: Always @@ -80,6 +81,7 @@ image: pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. tag: "develop" + logLevel: DEBUG bugzillaurl: example.com:443/bugzilla bugzillakey: VH2Vw0iI5aYgALFFzVDWqhACwt6Hu3bXla9kSC1Z @@ -99,7 +101,7 @@ oscreds: database: keycloak username: keycloak password: password - adminpassword: keycloakadminpass + adminpassword: Pa55w0rd portal: database: osdb username: portaluser @@ -108,6 +110,8 @@ oscreds: spring: oauthClientSecret: secret loglevel: INFO + datasource: + url: "jdbc:h2:~/tempdb;DB_CLOSE_DELAY=-1" mysql: storage: 10Gi