Newer
Older

Dimitrios Giannopoulos
committed
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
<li class="md-nav__item">
<a href="../architecture/nfvapi/" class="md-nav__link">
<span class="md-ellipsis">
NFV API
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../architecture/tmfweb/" class="md-nav__link">
<span class="md-ellipsis">
TMF WEB
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../architecture/nfvweb/" class="md-nav__link">
<span class="md-ellipsis">
NFV WEB
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../architecture/issuemgt/" class="md-nav__link">
<span class="md-ellipsis">
Issue management
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../architecture/centrallog/" class="md-nav__link">
<span class="md-ellipsis">
Central logging
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_4" >
<label class="md-nav__link" for="__nav_4" id="__nav_4_label" tabindex="0">
<span class="md-ellipsis">
Contributing
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_4_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_4">
<span class="md-nav__icon md-icon"></span>
Contributing
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../contributing/developing/" class="md-nav__link">
<span class="md-ellipsis">
Developing
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#requirements" class="md-nav__link">
<span class="md-ellipsis">
Requirements
</span>
</a>
<nav class="md-nav" aria-label="Requirements">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#hardware-requirements" class="md-nav__link">
<span class="md-ellipsis">
Hardware requirements:
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#software-requirements" class="md-nav__link">
<span class="md-ellipsis">
Software Requirements:
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#preparing-the-environment" class="md-nav__link">
<span class="md-ellipsis">
Preparing the environment
</span>
</a>
<nav class="md-nav" aria-label="Preparing the environment">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-backup-your-previous-database-if-necessary" class="md-nav__link">
<span class="md-ellipsis">
1. Backup your previous database if necessary:
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-install-docker" class="md-nav__link">
<span class="md-ellipsis">
2. Install docker
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-configure-containers-to-properly-resolve-the-dns-of-your-domain-optional" class="md-nav__link">
<span class="md-ellipsis">
3. Configure containers to properly resolve the DNS of your domain (optional)
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#downloading-the-project" class="md-nav__link">
<span class="md-ellipsis">
Downloading the project
</span>
</a>
<nav class="md-nav" aria-label="Downloading the project">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-create-a-new-folder-to-download-the-project" class="md-nav__link">
<span class="md-ellipsis">
1. Create a new folder to download the project
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-download-the-deployment-script" class="md-nav__link">
<span class="md-ellipsis">
2. Download the deployment script
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-run-the-deployment-script" class="md-nav__link">
<span class="md-ellipsis">
3. Run the deployment script
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#configure-docker-compose-services" class="md-nav__link">
<span class="md-ellipsis">
Configure docker-compose services
</span>
</a>
<nav class="md-nav" aria-label="Configure docker-compose services">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-create-configuration-specific-docker-compose-file-from-the-template" class="md-nav__link">
<span class="md-ellipsis">
1. Create configuration specific Docker Compose file from the template
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-configure-mysql-portal-container-optional" class="md-nav__link">
<span class="md-ellipsis">
2. Configure mysql-portal container (optional)
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-configure-keycloak-container-optional" class="md-nav__link">
<span class="md-ellipsis">
3. Configure keycloak container (optional)
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#4-configure-bugzilla-container-optional" class="md-nav__link">
<span class="md-ellipsis">
4. Configure bugzilla container (optional)
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#5-configure-osportalapi-container-nfv-services-conditional" class="md-nav__link">
<span class="md-ellipsis">
5. Configure osportalapi container (NFV services) (conditional)
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#6-osscapi-container-tmf-api-service-conditional" class="md-nav__link">
<span class="md-ellipsis">
6. osscapi container (TMF API service) (conditional)
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#configure-nginx" class="md-nav__link">
<span class="md-ellipsis">
Configure nginx
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#configure-web-ui" class="md-nav__link">
<span class="md-ellipsis">
Configure Web UI
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#configure-tmf-web-ui" class="md-nav__link">
<span class="md-ellipsis">
Configure TMF Web UI
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#deploy-openslice-via-docker-compose" class="md-nav__link">
<span class="md-ellipsis">
Deploy OpenSlice via Docker Compose
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#validating-deployments-and-container-monitoring" class="md-nav__link">
<span class="md-ellipsis">
Validating deployments and container monitoring
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#post-installation-steps" class="md-nav__link">
<span class="md-ellipsis">
Post installation steps
</span>
</a>
<nav class="md-nav" aria-label="Post installation steps">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#configure-keycloak-server" class="md-nav__link">
<span class="md-ellipsis">
Configure Keycloak server
</span>
</a>
<nav class="md-nav" aria-label="Configure Keycloak server">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-configure-redirects" class="md-nav__link">
<span class="md-ellipsis">
1. Configure redirects
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-configure-email" class="md-nav__link">
<span class="md-ellipsis">
2. Configure email
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-add-an-openslice-admin-user" class="md-nav__link">
<span class="md-ellipsis">
3. Add an OpenSlice admin user
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#keycloak-at-localhost" class="md-nav__link">
<span class="md-ellipsis">
Keycloak at localhost
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#nfv-orchestrator-configuration" class="md-nav__link">
<span class="md-ellipsis">
NFV Orchestrator Configuration
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#kubernetes-installation" class="md-nav__link">
<span class="md-ellipsis">
Kubernetes installation
</span>
</a>
</li>
</ul>
</nav>
</div>

Dimitrios Giannopoulos
committed
</div>

Dimitrios Giannopoulos
committed
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">

Dimitrios Giannopoulos
committed

Dimitrios Giannopoulos
committed
<h1>Deployment/Installation</h1>

Dimitrios Giannopoulos
committed

Dimitrios Giannopoulos
committed
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
<h2 id="requirements">Requirements</h2>
<h3 id="hardware-requirements">Hardware requirements:</h3>
<table>
<thead>
<tr>
<th><strong>Minimum Hardware Requirements</strong></th>
<th><strong>Recomended Hardware Requirements</strong></th>
</tr>
</thead>
<tbody>
<tr>
<td>4 CPU cores</td>
<td>8 CPU cores</td>
</tr>
<tr>
<td>8 GB RAM</td>
<td>16 GB RAM</td>
</tr>
<tr>
<td>20 GB storage</td>
<td>40 GB storage</td>
</tr>
</tbody>
</table>
<h3 id="software-requirements">Software Requirements:</h3>
<ul>
<li>Docker (Docker Compose installation)</li>
<li>Kubernetes (Kubernetes installation - experimental)</li>
</ul>
<h2 id="preparing-the-environment">Preparing the environment</h2>
<blockquote>
<p>See the <a href="#Kubernetes-installation">Kubernetes section</a>, if you would like to deploy OpenSlice in a Kubernetes cluster.</p>
</blockquote>
<h3 id="1-backup-your-previous-database-if-necessary">1. Backup your previous database if necessary:</h3>
<pre><code class="language-bash">sudo docker exec amysql /usr/bin/mysqldump -u root --password=letmein ostmfdb > backup_ostmfdb.sql

Dimitrios Giannopoulos
committed
</code></pre>

Dimitrios Giannopoulos
committed
<h3 id="2-install-docker">2. Install docker</h3>
<blockquote>
<p>Since July 2023 Docker Compose V1 stopped receiving updates. OpenSlice fully reverted to Compose V2, which is integrated in the Docker installation.</p>
</blockquote>
<h3 id="3-configure-containers-to-properly-resolve-the-dns-of-your-domain-optional">3. Configure containers to properly resolve the DNS of your domain (optional)</h3>
<pre><code>sudo nano /etc/docker/daemon.json

Dimitrios Giannopoulos
committed
</code></pre>

Dimitrios Giannopoulos
committed
<p>and add:</p>

Dimitrios Giannopoulos
committed
<pre><code>{
"dns": ["8.8.8.8", "8.8.4.4"]
}
</code></pre>

Dimitrios Giannopoulos
committed
<p>After editing daemon.json restart docker daemon for the changes to take place</p>
<pre><code class="language-bash">sudo systemctl restart docker
</code></pre>
<h2 id="downloading-the-project">Downloading the project</h2>
<h3 id="1-create-a-new-folder-to-download-the-project">1. Create a new folder to download the project</h3>
<pre><code class="language-bash">mkdir openslice
</code></pre>
<pre><code class="language-bash">cd openslice
</code></pre>
<h3 id="2-download-the-deployment-script">2. Download the deployment script</h3>
<p>Download the deployment / environment preparation script</p>

Dimitrios Giannopoulos
committed
<pre><code class="language-bash">wget https://labs.etsi.org/rep/osl/code/org.etsi.osl.main/-/raw/develop/compose/deploy.sh

Dimitrios Giannopoulos
committed
</code></pre>
<p>Make it executable</p>
<pre><code class="language-bash">sudo chmod +x deploy.sh
</code></pre>
<h3 id="3-run-the-deployment-script">3. Run the deployment script</h3>
<p>OpenSlice is a multi repo project. This script selects the same branch for all repositories of the project to pull from.</p>
<p>After that it builds the respective jar files locally and installs all the npm packages needed for the UI.</p>
<p>If you run the script without selecting a branch the the main branch is going to be selected.</p>
<p>We recommend:</p>
<ul>
<li>main branch for the most stable experience and</li>
<li>develop branch for an experience with the latest features (for develop branch installation, it is strongly advisable that you may as well follow the <a href="https://osl.etsi.org/documentation/develop/deployment/">develop documentation</a>)</li>
</ul>

Dimitrios Giannopoulos
committed
<pre><code class="language-bash">sudo ./deploy.sh develop #[or replace main with other branch name]

Dimitrios Giannopoulos
committed
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
</code></pre>
<blockquote>
<p><strong>We recommend running the deploy.sh script with root permissions! In other case, some directories may not be accessible by the project building tools and hinder the smooth installation.</strong></p>
</blockquote>
<h2 id="configure-docker-compose-services">Configure docker-compose services</h2>
<h3 id="1-create-configuration-specific-docker-compose-file-from-the-template">1. Create configuration specific Docker Compose file from the template</h3>
<pre><code class="language-bash">cd org.etsi.osl.main/compose/
</code></pre>
<pre><code class="language-bash">sudo cp docker-compose.yaml.configure docker-compose.yaml
</code></pre>
<h3 id="2-configure-mysql-portal-container-optional">2. Configure mysql-portal container <em>(optional)</em></h3>
<ol>
<li>In folder <code>org.etsi.osl.main/compose/mysql-init</code> edit the file <code>01-databases.sql</code>.</li>
<li>In the <code>org.etsi.osl.main/compose/docker-compose.yaml</code> edit the credentials of the users that services use to connect to the databases, if you wish.<ul>
<li>portaluser (default is 12345) and</li>
<li>keycloak (default is password)</li>
</ul>
</li>
</ol>
<h3 id="3-configure-keycloak-container-optional">3. Configure keycloak container <em>(optional)</em></h3>
<ol>
<li>
<p>If you made changes to keycloak's mysql credentials:</p>
<p>In folder <code>org.etsi.osl.main/compose/</code> edit the file <code>docker-compose.yaml</code>.</p>
</li>
</ol>

Dimitrios Giannopoulos
committed
<pre><code>DB_DATABASE: keycloak
DB_USER: keycloak
DB_PASSWORD: password
</code></pre>

Dimitrios Giannopoulos
committed
<ol>
<li>
<p>If you want to change the keycloak admin password:</p>
<p>In folder <code>org.etsi.osl.main/compose/</code> edit the file <code>docker-compose.yaml</code></p>
</li>
</ol>

Dimitrios Giannopoulos
committed
<pre><code>KEYCLOAK_PASSWORD: Pa55w0rd
</code></pre>

Dimitrios Giannopoulos
committed
<h3 id="4-configure-bugzilla-container-optional">4. Configure bugzilla container <em>(optional)</em></h3>
<p>If you want to utilise the Bugzilla connector:</p>
<p>In folder <code>org.etsi.osl.main/compose/</code> edit the file <code>docker-compose.yaml</code></p>

Dimitrios Giannopoulos
committed
<pre><code>SPRING_APPLICATION_JSON: '{

Dimitrios Giannopoulos
committed
"spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false",
"spring.activemq.user": "artemis",
"spring.activemq.password": "artemis",
"bugzillaurl":"",
"bugzillakey":"",
"main_operations_product":""
}'
</code></pre>
<p>And add the provided Bugzilla installation information:</p>

Dimitrios Giannopoulos
committed
<pre><code>"bugzillaurl":"bugzillaurl.xx:443/bugzilla/",
"bugzillakey":"exampleKeyeqNNwxBlgxZgMEIne0Oeq0Bz",

Dimitrios Giannopoulos
committed
"main_operations_product":"Main Site Operations" // this is the default product to issue tickets

Dimitrios Giannopoulos
committed
</code></pre>

Dimitrios Giannopoulos
committed
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
<p>Bugzilla should have the following components under the specified product: </p>
<ul>
<li>NSD Deployment Request: Component used to schedule deployment req </li>
<li>Onboarding: Issues related to VNF/NSD Onboarding </li>
<li>Operations Support: Default component for operations support </li>
<li>Validation: Use to track validation processes of VNFs and NSDs </li>
<li>VPN Credentials/Access: Used for requesting VPN Credentials/Access </li>
</ul>
<p>Also in the 'Main Site Operations' product, a version named 'unspecified' must be created.</p>
<h3 id="5-configure-osportalapi-container-nfv-services-conditional">5. Configure osportalapi container (NFV services) <em>(conditional)</em></h3>
<p>Change the respective fields: </p>
<ul>
<li>If you made changes to mysql and keycloak credentials.</li>
<li>If you want to change logging level (TRACE / DEBUG / INFO / WARN / ERROR).</li>
</ul>
<blockquote>
<p><strong><em>If you are using a non-local domain, replace everywhere the http://keycloak:8080 with the respective {{protocol://domain.name}}, as well as "spring.portal.main.domain" property.</em></strong></p>
</blockquote>
<p>In folder <code>org.etsi.osl.main/compose/</code> edit the file <code>docker-compose.yaml</code></p>
<pre><code>SPRING_APPLICATION_JSON: '{
"spring.datasource.username":"root",
"spring.datasource.password":"letmein",
"spring-addons.issuers[0].uri": "http://keycloak:8080/auth/realms/openslice",
"spring.security.oauth2.resourceserver.jwt.issuer-uri": "http://keycloak:8080/auth/realms/openslice",
"springdoc.oAuthFlow.authorizationUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth",
"springdoc.oAuthFlow.tokenUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token",
"spring.portal.main.domain": "http://localhost",
"logging.level.org.springframework" : "INFO"
}'

Dimitrios Giannopoulos
committed
</code></pre>

Dimitrios Giannopoulos
committed
<h3 id="6-osscapi-container-tmf-api-service-conditional">6. osscapi container (TMF API service) <em>(conditional)</em></h3>
<p>Change the respective fields: </p>
<ul>
<li>If you made changes to mysql and keycloak credentials.</li>
<li>If you want to change logging level (TRACE / DEBUG / INFO / WARN / ERROR).</li>
</ul>
<blockquote>
<p><strong>If you are using a non-local domain, replace everywhere the http://keycloak:8080 with the respective {{protocol://domain.name}}.</strong></p>
</blockquote>
<p>In folder <code>org.etsi.osl.main/compose/</code> edit the file <code>docker-compose.yaml</code></p>
<pre><code>SPRING_APPLICATION_JSON: '{
"spring.datasource.username":"root",
"spring.datasource.password":"letmein",
"spring-addons.issuers[0].uri": "http://keycloak:8080/auth/realms/openslice",
"spring.security.oauth2.resourceserver.jwt.issuer-uri": "http://keycloak:8080/auth/realms/openslice",
"springdoc.oAuthFlow.authorizationUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth",
"springdoc.oAuthFlow.tokenUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token",
"logging.level.org.springframework" : "INFO"
}'

Dimitrios Giannopoulos
committed
</code></pre>

Dimitrios Giannopoulos
committed
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
<h2 id="configure-nginx">Configure nginx</h2>
<p>In folder <code>org.etsi.osl.main/compose/nginx</code> create a configuration specific <code>nginx.conf</code> file.</p>
<pre><code class="language-bash">cd org.etsi.osl.main/compose/nginx/
</code></pre>
<pre><code class="language-bash">sudo cp nginx.conf.default nginx.conf
</code></pre>
<p>If needed, in the nginx.conf file, edit the server_name for an non-local deployment.</p>
<h2 id="configure-web-ui">Configure Web UI</h2>
<p>In folder <code>org.etsi.osl.portal.web/src/js/</code> create a configuration specific <code>config.js</code> file.</p>
<pre><code class="language-bash">cd org.etsi.osl.portal.web/src/js
</code></pre>
<pre><code class="language-bash">sudo cp config.js.default config.js
</code></pre>
<p>Edit the <code>config.js</code> file with the information of your domain</p>
<pre><code>{
TITLE: "OpenSlice by ETSI",
WIKI: "https://openslice.readthedocs.io/en/stable/",
BUGZILLA: "ROOTURL/bugzilla/",
STATUS: "ROOTURL/status/",
APIURL: "http://localost:13000",
WEBURL: "ROOTURL/nfvportal",
APIOAUTHURL: "ROOTURL/auth/realms/openslice",
APITMFURL: "ROOTURL/tmf-api/serviceCatalogManagement/v4"
}
</code></pre>
<h2 id="configure-tmf-web-ui">Configure TMF Web UI</h2>
<p>In the folder <code>org.etsi.osl.tmf.web/src/assets/config</code> there are 3 files available for configuration:</p>

Dimitrios Giannopoulos
committed
<ul>
<li>config.prod.json (Basic information + API configuration)</li>
<li>theming.scss (CSS color palette theming)</li>
<li>config.theming.json (HTML configuration - Logo, Favicon, Footer)</li>
</ul>

Dimitrios Giannopoulos
committed
<p>The first 2 files above (i.e. config.prod.json, theming.scss) are essential for the successful deployment of OpenSlice, thus created automatically during the initial deployment at <code>org.etsi.osl.tmf.web/src/assets/config</code> directory as a copy of the default ones from the remote repository.</p>
<p>Ensure that you check the <code>config.prod.json</code> file and readjust to your deployment if needed.</p>
<pre><code class="language-bash"># Starting from the root project directory
cd org.etsi.osl.tmf.web/src/assets/config

Dimitrios Giannopoulos
committed
</code></pre>

Dimitrios Giannopoulos
committed
<pre><code class="language-bash">sudo cp config.theming.default.json config.theming.json

Dimitrios Giannopoulos
committed
</code></pre>

Dimitrios Giannopoulos
committed
<p>E.g. Edit "TITLE" or "WIKI" property with your domain title</p>
<pre><code>{
TITLE: "OpenSlice by ETSI",
WIKI: "https://osl.etsi.org/documentation/latest/deployment/",
}

Dimitrios Giannopoulos
committed
</code></pre>
<blockquote>

Dimitrios Giannopoulos
committed
<p>The {BASEURL} placeholder in the file automatically detects the Origin (Protocol://Domain:Port) of the deployment and applies it to every respective property. E.g. If you are attempting a local deployment of Openslice, then {BASEURL} is automatically translated to "http://localhost". Similarly, you may use {BASEURL} to translate to a public deployment configuration, e.g. "https://portal.openslice.io".</p>

Dimitrios Giannopoulos
committed
</blockquote>

Dimitrios Giannopoulos
committed
<p>If further customization, apart from the default provided, is needed for branding (Logo, Footer) then config.theming.json needs to be created in io.openslice.tmf.web/src/assets/config directory, as follows:</p>
<pre><code class="language-bash"># Starting from the root project directory
cd org.etsi.osl.tmf.web/src/assets/config

Dimitrios Giannopoulos
committed
</code></pre>

Dimitrios Giannopoulos
committed
<pre><code class="language-bash">sudo cp config.theming.default.json config.theming.json
</code></pre>
<blockquote>
<p><strong><em>IMPORTANT NOTE:</em></strong>
If you want to apply changes to the JSON configuration files without the need to rebuild the application, you have to apply the changes at the <code>org.etsi.osl.tmf.web/dist/io-openslice-portal-web/assets/config</code> directory. Although, it is <u>mandatory</u> to also apply these changes to the <code>org.etsi.osl.tmf.web/src/assets/config</code> for <u>persistancy</u>, as after any future rebuild of OpenSlice the <code>/dist</code> directory is being overwritten along with its contents. The OpenSlice team strongly recommends to always apply your changes to the TMF web UI configuration files at <code>org.etsi.osl.tmf.web/src/assets/config</code> and rebuild the application.</p>
</blockquote>
<h2 id="deploy-openslice-via-docker-compose">Deploy OpenSlice via Docker Compose</h2>
<p>After configuring the services, and editing the docker compose file accordingly, the docker compose instantiation command can be performed.</p>
<pre><code class="language-bash"># Starting from the root project directory
cd org.etsi.osl.main/compose/
</code></pre>
<pre><code class="language-bash">sudo docker compose --profile prod down;sudo docker compose --profile prod up -d --build
</code></pre>
<blockquote>
<p>Depending on your machine, this process might take time. if for any reason the deployment fails during first time, please rerun the above before any further measures.</p>
</blockquote>
<h2 id="validating-deployments-and-container-monitoring">Validating deployments and container monitoring</h2>
<p>You can monitor containers' status with portainer at port 9000 (http://your-ip:9000).</p>

Dimitrios Giannopoulos
committed
<p>Initially, you may monitor the local machine at portainer.</p>
<p>Please check that all containers are in running state.</p>

Dimitrios Giannopoulos
committed
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
<h2 id="post-installation-steps">Post installation steps</h2>
<p>After the successful deployment of OpenSlice, to ensure the E2E user experience, <strong>this section is mandatory</strong>. It contains crucial configuration in regard of authentication and user creation.</p>
<h3 id="configure-keycloak-server">Configure Keycloak server</h3>
<p>The Keycloack server is managing authentication and running on a container at port 8080. It is also proxied to your host via nginx under http://localhost/auth. </p>
<ul>
<li>
<p>Navigate to http://domain.com/auth/ or https://domain.com/auth/, (http://ipaddress:8080/auth/ or https://ipaddress:8443/auth/ which are directly accessible without proxy) </p>
</li>
<li>
<p>Navigate to Administration Console </p>
</li>
<li>
<p>Login with the credentials from section <a href="#3-configure-keycloak-container-optional">Configure keycloak container</a>. Default values are:</p>
<ul>
<li>user: admin and </li>
<li>password: KEYCLOAK_PASSWORD</li>
</ul>
</li>
</ul>
<blockquote>
<p>if you are running in HTTP you will get a message: HTTPS required.</p>
</blockquote>
<p>To resolve this issue <u>when running in HTTP</u>: </p>
<ul>
<li>Select the master realm from top left corner</li>
<li>Go to login Tab and select "Require SSL": None</li>
<li>Repeat for realm Openslice</li>
</ul>
<blockquote>
<p>If you are running in HTTPS, then "Require SSL" can be left unchanged to external requests.</p>
</blockquote>
<h4 id="1-configure-redirects">1. Configure redirects</h4>
<p>Navigate to realm Openslice > client > osapiWebClientId and change the Root URL to your domain. </p>
<p>Also, insert your domain, e.g. http://example.org/*, at:
* Valid Redirect URIs
* Web Origins</p>
<h4 id="2-configure-email">2. Configure email</h4>
<p>Keycloak allows new users to register. Subsequently, this will also allow new users to register to the OpenSlice portal.</p>
<p>On Tab Login > check User registration, Verify email, Forgot password etc.</p>
<p>Also, enter the details on Realm > Email > Enable Authentication.</p>
<h4 id="3-add-an-openslice-admin-user">3. Add an OpenSlice admin user</h4>
<p>This step is mandatory so as to access the OpenSlice Web UI. To add an OpenSlice admin user you must:
- Navigate to manage/users and add an OpenSlice admin user, e.g. username=admin.
- Set a password
- Navigate to Role Mappings and add ADMIN and MENTOR to Assigned Roles.</p>
<blockquote>
<p>That user is different from the Keycloak admin user. It is required to login and browse the OpenSlice Web UI. The Roles ADMIN and MENTOR guarantee full access through the Openslice UI, thus such a user is always required.</p>
</blockquote>
<h3 id="keycloak-at-localhost">Keycloak at localhost</h3>
<blockquote>
<p><strong>This is an important step if you run Keycloak on localhost!</strong></p>
</blockquote>
<p>1 - Edit your Hosts File, adding the line below</p>
<p><code>127.0.0.1 keycloak</code></p>
<p>Hosts File Location:</p>
<ul>
<li>
<p>In Linux/Unix, the file's location is at /etc/hosts </p>
</li>
<li>
<p>In Windows, its location is at c:\Windows\System32\Drivers\etc\hosts</p>
</li>
</ul>
<p>2 - Replace http://localhost/auth/ with http://keycloak:8080/auth/ in your Keycloak config for AngularJS and Angular (see examples below).</p>
<blockquote>
<p>Explanation</p>
</blockquote>
<p>Nginx uses the http://keycloak:8080 URL, which is accessible via the internal docker system's network.
The Front-end (TS/Angular) shall also use the http://keycloak:8080.
This way, you will not get the invalid token error, as the API is acquiring the token from http://keycloak:8080 (internally) and the Front-end is getting verified by an issuer at the same URL, as well.</p>
<p>2.1 - For the Angular configuration (TMF portal UI), navigate to org.etsi.osl.tmf.web/src/assets/config and edit config.prod.json</p>
<pre><code class="language-bash"># Starting from the root project directory
cd org.etsi.osl.tmf.web/src/assets/config
</code></pre>
<pre><code class="language-bash">nano config.prod.json
</code></pre>
<p>After editing it should look like the example bellow:</p>
<pre><code class="language-yaml">{
"TITLE": "OpenSlice by ETSI",
"PORTALVERSION":"2023-Q3 1.2.0-SNAPSHOT",
"WIKI": "https://openslice.readthedocs.io/en/stable/",
"BUGZILLA": "{BASEURL}/bugzilla/",
"STATUS": "http://status.localhost/",
"WEBURL": "{BASEURL}",
"PORTAL_REPO_APIURL": "{BASEURL}/osapi",
"ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api",
"APITMFURL": "{BASEURL}/tmf-api",
"OAUTH_CONFIG" : {
"issuer": "http://keycloak:8080/auth/realms/openslice",
"loginUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth",
"tokenEndpoint": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token",
"userinfoEndpoint": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/userinfo",
"redirectUri": "{BASEURL}/redirect",
"logoutUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/logout",
"postLogoutRedirectUri": "{BASEURL}",
"responseType": "code",
"oidc": false,
"clientId": "osapiWebClientId",
"dummyClientSecret": "secret",
"requireHttps": false,
"useHttpBasicAuth": true,
clearHashAfterLogin": false,
"showDebugInformation": true
}
}
</code></pre>
<blockquote>
<p>Note the difference in changing {BASEURL} -> http://keycloak:8080</p>
<p>If you want the changes to take place immediately without rebuilding the project, then repeat the process for org.etsi.osl.tmf.web/dist/org.etsi.osl.tmf.web/assets/config/config.prod.json</p>
</blockquote>
<p>2.2 - For the AngularJS configuration (NVF portal UI), navigate to org.etsi.osl.portal.web/src/js and edit config.js</p>
<pre><code class="language-bash"># Starting from the root project directory
cd org.etsi.osl.portal.web/src/js
</code></pre>
<pre><code class="language-bash">nano config.js
</code></pre>
<p>after editing it should look like the example bellow:</p>
<pre><code>var appConfig = angular.module('portalwebapp.config',[]);
appConfig.factory('APIEndPointService', function() {
return {
TITLE: "OpenSlice by ETSI",
WIKI: "https://openslice.readthedocs.io/en/stable/",
BUGZILLA: "ROOTURL/bugzilla/",
STATUS: "ROOTURL/status/",
APIURL: "http://localost:13000",
WEBURL: "ROOTURL/nfvportal",
APIOAUTHURL: "ROOTURL/auth/realms/openslice",
APITMFURL: "ROOTURL/tmf-api/serviceCatalogManagement/v4"
};
});
</code></pre>
<blockquote>
<p>Note the difference in "APIOAUTHURL" property</p>
</blockquote>
<h3 id="nfv-orchestrator-configuration">NFV Orchestrator Configuration</h3>
<p>After successfully deploying and configuring OpenSlice, you may configure its environment (e.g. the NFVO) that will facilitate the deployment of NFV artifacts.</p>
<p>See <a href="../nfvoconfig/">NFV Orchestrator Configuration</a>.</p>

Dimitrios Giannopoulos
committed
<p><br></p>

Dimitrios Giannopoulos
committed
<h2 id="kubernetes-installation">Kubernetes installation</h2>
<p>Openslice can be installed in a Kubernetes cluster. </p>

Dimitrios Giannopoulos
committed
<p>The related scripts are inside the kubernetes folder. Follow these steps along the lines. You need to configure the ingress properly depending on how you want to expose Openslice. </p>

Dimitrios Giannopoulos
committed
<p>1 - Create an openslice namespace</p>
<pre><code class="language-bash">kubectl create namespace openslice

Dimitrios Giannopoulos
committed
</code></pre>

Dimitrios Giannopoulos
committed
<p>2 - Apply or create an ingress. Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Traffic routing is controlled by rules defined on the Ingress resource.

Dimitrios Giannopoulos
committed
An Ingress may be configured to give Services externally-reachable URLs, load balance traffic, terminate SSL / TLS, and offer name-based virtual hosting. An Ingress controller is responsible for fulfilling the Ingress, usually with a load balancer, though it may also configure your edge router or additional frontends to help handle the traffic. You must have an Ingress controller to satisfy an Ingress.
You may need to deploy an Ingress controller such as ingress-nginx.</p>
<p>You can also adapt it to connect to public cloud load balancers depending on your needs.</p>

Dimitrios Giannopoulos
committed
<p>The following will expose an ingress resource from one of your a k8s nodes on port 80.</p>
<pre><code class="language-bash"> kubectl apply -f openslice-ingress.yaml

Dimitrios Giannopoulos
committed
</code></pre>
<p>Finding the ingress IP:</p>

Dimitrios Giannopoulos
committed
<pre><code class="language-bash">

Dimitrios Giannopoulos
committed
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
kubectl describe -f openslice-ingress.yaml
Name: openslice-ingress
Namespace: openslice
Address: 10.10.10.35
Default backend: default-http-backend:80 (<error: endpoints "default-http-backend" not found>)
Rules:
Host Path Backends
---- ---- --------
*
/services tmfweb:80 (<error: endpoints "tmfweb" not found>)
/tmf-api osscapi:13082 (<error: endpoints "osscapi" not found>)
/auth keycloak:8080 (<error: endpoints "keycloak" not found>)
/osapi osportalapi:13000 (<error: endpoints "osportalapi" not found>)
/ portalweb:80 (<error: endpoints "portalweb" not found>)
Annotations: kubernetes.io/ingress.class: nginx
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Sync 9m29s (x2 over 9m58s) nginx-ingress-controller Scheduled for sync
</code></pre>
<p>From the above example, our exposed ingress is at Address: 10.10.10.35</p>

Dimitrios Giannopoulos
committed
<p>3 - We need to configure the expose address and deploy openslice (IP or URL e.g. http://myopenslice.xxx)</p>
<pre><code class="language-bash">./k8sdeploy.sh 10.10.10.35

Dimitrios Giannopoulos
committed
</code></pre>

Dimitrios Giannopoulos
committed
<p>4 - Check the status of Openslice in the cluster. Should be similar to the following:</p>
<pre><code class="language-bash">

Dimitrios Giannopoulos
committed
kubectl get pods --namespace=openslice -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
activemq-59d4bfdb4b-bvjqr 1/1 Running 0 109s 192.168.43.97 kc-2 <none> <none>
bugzilla-client-7dd7cb47cb-8qb8m 1/1 Running 0 100s 192.168.12.114 kc-3 <none> <none>
centrallog-95bbf7867-k8fpt 1/1 Running 0 100s 192.168.12.107 kc-3 <none> <none>
consul-b5dd76b76-64dzk 1/1 Running 0 107s 192.168.43.90 kc-2 <none> <none>
keycloak-7c5b6bbc95-k2qfl 1/1 Running 0 105s 192.168.12.106 kc-3 <none> <none>
manoclient-95f68f4c9-c9t6r 1/1 Running 0 104s 192.168.12.113 kc-3 <none> <none>
mysql-portal-0 1/1 Running 0 107s 192.168.43.99 kc-2 <none> <none>
osom-6d548cf555-q8ptj 1/1 Running 0 104s 192.168.43.93 kc-2 <none> <none>
osportalapi-5fff744db8-5g4zs 1/1 Running 0 103s 192.168.43.98 kc-2 <none> <none>
osscapi-6d68b54d97-jn8tz 0/1 Running 0 102s 192.168.12.104 kc-3 <none> <none>
portalweb-8469d57df4-94tfj 1/1 Running 0 101s 192.168.48.44 kc-nfs <none> <none>
tmfweb-868f7bb9c5-x4lfh 1/1 Running 0 102s 192.168.48.43 kc-nfs <none> <none>

Dimitrios Giannopoulos
committed
</code></pre>
<pre><code class="language-bash">kubectl get deployments --namespace=openslice -o wide

Dimitrios Giannopoulos
committed
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
activemq 1/1 1 1 2m15s anactivemq webcenter/activemq:5.14.3 org.etsi.osl.service=activemq
bugzilla-client 1/1 1 1 2m6s bugzilla-client openslice/org.etsi.osl.bugzilla:latest org.etsi.osl.service=bugzilla-client
centrallog 1/1 1 1 2m6s centrallog openslice/org.etsi.osl.centrallog.service org.etsi.osl.service=centrallog
consul 1/1 1 1 2m13s aconsul consul org.etsi.osl.service=consul
keycloak 1/1 1 1 2m11s keycloak quay.io/keycloak/keycloak:11.0.3 org.etsi.osl.service=keycloak
manoclient 1/1 1 1 2m10s manoclient openslice/org.etsi.osl.mano:latest org.etsi.osl.service=manoclient
osom 1/1 1 1 2m10s openslice-osom openslice/org.etsi.osl.osom:latest org.etsi.osl.service=osom
osportalapi 1/1 1 1 2m9s openslice-portalapi openslice/org.etsi.osl.portal.api:latest org.etsi.osl.service=osportalapi
osscapi 1/1 1 1 2m8s openslice-scapi openslice/org.etsi.osl.tmf.api:latest org.etsi.osl.service=osscapi
portalweb 1/1 1 1 2m7s openslice-portalweb openslice/org.etsi.osl.portal.web:latest org.etsi.osl.service=portalweb
tmfweb 1/1 1 1 2m8s openslice-tmfweb openslice/org.etsi.osl.tmf.web:latest org.etsi.osl.service=tmfweb

Dimitrios Giannopoulos
committed
</code></pre>