@@ -330,7 +330,7 @@ E.g. You may edit "TITLE", "WIKI", etc properties with your domain title. Also c
Example file:
```
```json
{
"TITLE":"OpenSlice by ETSI",
"PORTALVERSION":"2024Q2",
@@ -479,9 +479,7 @@ Hosts File Location:
2 - Replace http://localhost/auth/ with http://keycloak:8080/auth/ in your Keycloak config for AngularJS and Angular (see examples below).
> Explanation
Nginx uses the http://keycloak:8080 URL, which is accessible via the internal docker system's network.
> **Explanation**: Nginx uses the http://keycloak:8080 URL, which is accessible via the internal docker system's network.
The Front-end (TS/Angular) shall also use the http://keycloak:8080.
This way, you will not get the invalid token error, as the API is acquiring the token from http://keycloak:8080 (internally) and the Front-end is getting verified by an issuer at the same URL, as well.
@@ -500,7 +498,7 @@ nano config.prod.json
After editing, the displayed properties should look like the example below:
Replace `<helm-release-name>` with the name of your OpenSlice Helm release.
* More details regarding the Nginx Ingress Controller (Kubernetes Community Edition) can be found [here](https://kubernetes.github.io/ingress-nginx/deploy/).
* **Other Ingress Controller:** For non-Nginx ingress controllers, modify `[repo-root]/kubernetes/helm/openslice/templates/openslice-ingress.yaml` to meet your controller’s requirements.
***Storage Class:** In a production environment, specify your `storageClass` in `[repo-root]/kubernetes/helm/openslice/values.yaml` under `storageClass`. If not defined, PVs will be created and managed manually.
***Disclaimer:** Before deploying, confirm that your storage system supports claims of one 10G and two 1G volumes.
> **Disclaimer:** Before deploying, confirm that your storage system supports claims of one 10G and two 1G volumes.
## Preparing the environment
@@ -94,9 +96,7 @@ We recommend:
When deploying OpenSlice with Helm, service configurations are handled through the `values.yaml` file. This file allows you to define all necessary configurations for your deployment, including database credentials, service URLs, and logging levels. Below are examples of how to configure your services in Helm based on your provided values.
### Configuring Services
#### 1. Database Configuration
### Database
To configure MySQL and other related services, you can directly set the values in your `values.yaml` file under the `oscreds` and `mysql` sections. For example:
@@ -117,7 +117,7 @@ oscreds:
password:"12345"
```
#### 2. Keycloak Configuration
### Keycloak
Keycloak settings, including the database and admin password, are part of the `oscreds.mysql.keycloak` section. If you need to adjust Keycloak-specific settings like realms or client configurations, you'll likely need to customize your Helm chart further or manage these settings directly within Keycloak after deployment. The Keycloak realm configuration that is imported by default can be found under `kubernetes/helm/openslice/files/keycloak-init/realm-export.json`.
@@ -131,7 +131,7 @@ oscreds:
adminpassword:"Pa55w0rd"
```
#### 3. CRIDGE Configuration
### CRIDGE
To create and manage Kubernetes Custom Resources (CRs), you have to install and configure the CRIDGE component.
@@ -139,7 +139,7 @@ For CRIDGE to work properly, you need to provide a **cluster-wide scope kubeconf
There are two ways to install CRIDGE:
##### 3.1 **Bundled CRIDGE deployment with the OpenSlice Helm chart (same cluster environment)**
#### **Bundled CRIDGE deployment with the OpenSlice Helm chart (same cluster environment)**
By default, the OpenSlice Helm chart also deploys CRIDGE alongside the bundle. To configure CRIDGE, there are three different ways to provide this kubeconfig file during deployment:
@@ -172,7 +172,7 @@ By default, the OpenSlice Helm chart also deploys CRIDGE alongside the bundle. T
> **Note:** Regardless of the method you choose, if you're using a non-standard kubeconfig file name, make sure to adjust the references or rename the file as needed.
##### 3.2 **Standalone CRIDGE deployment**
#### **Standalone CRIDGE deployment**
There can be cases where a separate deployment of CRIDGE, apart from the bundled OpenSlice deployment, may be needed. These cases comprise:
OpenSlice also offers management support of *multiple Kubernetes Clusters* simultaneously.
For this, you will have to replicate the steps in [Standalone CRIDGE deployment](#32-standalone-cridge-deployment) for every Cluster. Each CRIDGE instance will be in charged with the management of one Kubernetes Cluster.
#### 4. External Services Configuration
### External Services (optional)
For configuring optional external services like Bugzilla and CentralLog, specify their URLs and credentials in the `values.yaml` file:
@@ -259,7 +259,7 @@ Bugzilla should have the following components under the specified product:
Also in the 'Main Site Operations' product, a version named 'unspecified' must be created.
#### 5. Application and Logging Configuration
### Application and Logging
Application-specific configurations, such as OAuth client secrets, can be set in the `spring` section:
@@ -268,7 +268,7 @@ spring:
oauthClientSecret:"secret"
```
#### 6. Ingress and Root URL
### Ingress and Root URL
To configure the ingress controller and root URL for OpenSlice, update the rooturl field with your ingress load balancer IP or domain. This setting is crucial for external access to your application:
@@ -278,7 +278,7 @@ rooturl: "http://openslice.com" # Example domain
rooturl:"http://3.15.198.35:8080"# Example IP with port
```
#### 7. Persistent Volume for MySQL
### Persistent Volume for MySQL
For persistent storage, especially for MySQL, define the storage size under the `mysql` section. This ensures that your database retains data across pod restarts and deployments.
@@ -287,7 +287,7 @@ mysql:
storage:"10Gi"
```
#### 8. Configuring TCP Forwarding for Artemis
### TCP Forwarding for Artemis
To expose the message bus service (Artemis) via the ingress controller, it’s essential to configure TCP traffic forwarding. Artemis listens on port `61616`, and this traffic needs to be directed to the Artemis service within your Kubernetes cluster.
@@ -296,7 +296,7 @@ In the [Ingress Controller Setup](#software-requirements) section, you already c
This setup ensures that the message bus service is accessible externally via the ingress controller, completing the necessary configuration for Artemis.
### Configure Web UI
### Web UI
In folder `kubernetes/helm/openslice/files/org.etsi.osl.portal.web/src/js` you must make a copy of `config.js.default` file and rename it to `config.js`.
@@ -304,7 +304,7 @@ This is **mandatory** for the configuration file to be discoverable.
Edit the `config.js` configuration file with your static configuration, if needed.
```
```js
{
TITLE:"OpenSlice by ETSI",
WIKI:"https://osl.etsi.org/documentation/",
@@ -319,7 +319,7 @@ Edit the `config.js` configuration file with your static configuration, if neede
### Configure TMF Web UI
### TMF Web UI
In the folder `kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config` there are 3 files available for configuration:
@@ -343,7 +343,7 @@ cd kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config
E.g. You may edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application, if needed.
```
```json
{
"TITLE":"OpenSlice by ETSI",
"PORTALVERSION":"2024Q2",
@@ -475,9 +475,9 @@ If a pod is not in the expected state, you can access its logs for troubleshooti
kubectl logs <pod-name> -n openslice
```
## Post installation steps
## Post installation steps (mandatory)
After the successful deployment of OpenSlice, to ensure the E2E user experience, **this section is mandatory**. It contains crucial configuration in regard of authentication and user creation.
After the successful deployment of OpenSlice, to ensure the end-to-end user experience, **this section is mandatory**. It contains crucial configuration in regard of authentication and user creation.
