name: 30092
mecm_port:
name: 30093
+docker_registry_port:
+ name: 5000
# All Center related password which needs to be specified if user
# doesn't need common password for security purpose
roles:
- eg_helm-repo
+ - eg_registry
- eg_certs
- helm
- k8s
- k8s
- helm
- eg_certs
+ - eg_registry
- eg_helm-repo
############ Center ############
- center
roles:
- - eg_pre_require
+ - eg_prerequisite
- eg_secret
- eg_set-helm-repo
- service_center
- edge
roles:
- - eg_pre_require
+ - eg_prerequisite
- eg_secret
- eg_set-helm-repo
- eg_mep
- name: Helm install appstore
# yamllint disable rule:line-length
- command: helm install --wait appstore-edgegallery edgegallery/appstore --set global.oauth2.authServerAddress=https://{{ ansible_host }}:30067 --set images.appstoreFe.tag={{vardata.eg_image_tag.name}} --set images.appstoreBe.tag={{vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
+ command: helm install appstore-edgegallery edgegallery/appstore --set global.oauth2.authServerAddress=https://{{ ansible_host }}:{{ vardata.usermgmt_port.name}} --set images.appstoreFe.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/appstore-fe --set images.appstoreBe.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/appstore-be --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/postgres --set images.initservicecenter.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/curl --set images.appstoreFe.tag={{vardata.eg_image_tag.name}} --set images.appstoreBe.tag={{vardata.eg_image_tag.name}} --set images.appstoreFe.pullPolicy=IfNotPresent --set images.appstoreBe.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set images.initservicecenter.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
- name: Developer chart installing
# yamllint disable rule:line-length
- command: helm install --wait developer-edgegallery edgegallery/developer --set global.oauth2.authServerAddress=https://{{ ansible_host }}:{{ vardata.usermgmt_port.name}} --set images.developerFe.tag={{vardata.eg_image_tag.name}} --set images.developerBe.tag={{vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
+ command: helm install developer-edgegallery edgegallery/developer --set global.oauth2.authServerAddress=https://{{ ansible_host }}:{{ vardata.usermgmt_port.name}} --set images.developerFe.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/developer-fe --set images.developerBe.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/developer-be --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/postgres --set images.initservicecenter.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/curl --set images.developerFe.tag={{vardata.eg_image_tag.name}} --set images.developerBe.tag={{vardata.eg_image_tag.name}} --set images.developerFe.pullPolicy=IfNotPresent --set images.developerBe.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set images.initservicecenter.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
- name: Install mecm-fe
# yamllint disable rule:line-length
- command: helm install --wait mecm-fe-edgegallery edgegallery/mecm-fe --set global.oauth2.authServerAddress=https://{{ ansible_host }}:{{vardata.usermgmt_port.name}} --set images.mecmFe.tag={{vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
+ command: helm install mecm-fe-edgegallery edgegallery/mecm-fe --set global.oauth2.authServerAddress=https://{{ ansible_host }}:{{vardata.usermgmt_port.name}} --set images.mecmFe.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-fe --set images.initservicecenter.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/curl --set images.mecmFe.tag={{vardata.eg_image_tag.name}} --set images.mecmFe.pullPolicy=IfNotPresent --set images.initservicecenter.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
- name: Helm install
# yamllint disable rule:line-length
- command: helm install --wait mecm-meo-edgegallery edgegallery/mecm-meo --set ssl.secretName=mecm-ssl-secret --set mecm.secretName=edgegallery-mecm-secret --set images.inventory.tag={{ vardata.eg_image_tag.name}} --set images.appo.tag={{ vardata.eg_image_tag.name}} --set images.apm.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag=12.3 --set mecm.docker.fsgroup=result.stdout
+ command: helm install mecm-meo-edgegallery edgegallery/mecm-meo --set ssl.secretName=mecm-ssl-secret --set mecm.secretName=edgegallery-mecm-secret --set images.inventory.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-inventory --set images.appo.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-appo --set images.apm.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-apm --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/postgres --set images.inventory.tag={{ vardata.eg_image_tag.name}} --set images.appo.tag={{ vardata.eg_image_tag.name}} --set images.apm.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag=12.3 --set images.inventory.pullPolicy=IfNotPresent --set images.appo.pullPolicy=IfNotPresent --set images.apm.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set mecm.docker.fsgroup=result.stdout
# yamllint disable rule:line-length
- name: Install mecm-mepm
# yamllint disable rule:line-length
- command: helm install mecm-mepm-edgegallery edgegallery/mecm-mepm --set jwt.publicKeySecretName=mecm-mepm-jwt-public-secret --set mepm.secretName=edgegallery-mepm-secret --set ssl.secretName=mecm-mepm-ssl-secret --set images.lcmcontroller.tag={{ vardata.eg_image_tag.name}} --set images.k8splugin.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag=12.3
+ command: helm install mecm-mepm-edgegaller edgegallery/mecm-mepm --set jwt.publicKeySecretName=mecm-mepm-jwt-public-secret --set mepm.secretName=edgegallery-mepm-secret --set ssl.secretName=mecm-mepm-ssl-secret --set images.lcmcontroller.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-applcm --set images.k8splugin.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-applcm-k8splugin --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/postgres --set images.lcmcontroller.tag={{ vardata.eg_image_tag.name}} --set images.k8splugin.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag=12.3 --set images.lcmcontroller.pullPolicy=IfNotPresent --set images.k8splugin.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent
# yamllint disable rule:line-length
- name: Edge gallery mep installation pull chart and image
# yamllint disable rule:line-length
- command: helm install mep-edgegallery edgegallery/mep --set networkIsolation.phyInterface.mp1={{ vardata.edge_management_interface.name}} --set networkIsolation.phyInterface.mm5={{ vardata.edge_dataplane_interface.name}} --set images.mep.tag={{ vardata.eg_image_tag.name}} --set images.mepauth.tag={{ vardata.eg_image_tag.name}} --set images.dns.tag={{ vardata.eg_image_tag.name}} --set ssl.secretName=mep-ssl
+ command: helm install mep-edgegallery edgegallery/mep --set networkIsolation.phyInterface.mp1={{ vardata.edge_management_interface.name}} --set networkIsolation.phyInterface.mm5={{ vardata.edge_dataplane_interface.name}} --set images.mep.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mep --set images.mepauth.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mepauth --set images.dns.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mep-dns-server --set images.kong.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/kong --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/postgres --set images.mep.tag={{ vardata.eg_image_tag.name}} --set images.mepauth.tag={{ vardata.eg_image_tag.name}} --set images.dns.tag={{ vardata.eg_image_tag.name}} --set images.mep.pullPolicy=IfNotPresent --set images.mepauth.pullPolicy=IfNotPresent --set images.dns.pullPolicy=IfNotPresent --set images.kong.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set ssl.secretName=mep-ssl
# yamllint disable rule:line-length
--- /dev/null
+function _help_insecure_registry()
+{
+ grep -i "insecure-registries" /etc/docker/daemon.json | grep "REGISTRIES_IP:REGISTRIES_PORT" >/dev/null 2>&1
+ if [ $? != 0 ]; then
+ mkdir -p /etc/docker
+cat <<EOF | tee /etc/docker/daemon.json
+{
+ "insecure-registries" : ["REGISTRIES_IP:REGISTRIES_PORT"]
+}
+EOF
+ service docker restart
+ fi
+}
+
+##############################################################
+############################################
+function main(){
+ _help_insecure_registry
+}
+#########################################
+#skip main in case of source
+ main $@
+######################
\ No newline at end of file
#
---
+- name: Doing deployment setup for edge gallery
+ copy:
+ src: deploy
+ dest: /tmp/eg_prerequisite/
- name: Import config file
include_vars:
file: ../../../config.yml
name: vardata
+- name: Replacing private ip
+ replace:
+ path: /tmp/eg_prerequisite/deploy/eg_daemon.sh
+ regexp: REGISTRIES_IP
+ replace: "{{ vardata.private_repo_ip.name }}"
+
+- name: Replacing private port
+ replace:
+ path: /tmp/eg_prerequisite/deploy/eg_daemon.sh
+ regexp: REGISTRIES_PORT
+ replace: "{{ vardata.docker_registry_port.name }}"
+
+- name: Execute script for docker daemon
+ command: sh /tmp/eg_prerequisite/deploy/eg_daemon.sh
+
- name: Certificate copy
debug:
msg: Copy certificate from ocd to center and edge
- synchronize:
src: /tmp/ssl-eg-keys-certs
dest: /tmp/
-
-- name: Docker login
- # yamllint disable rule:line-length
- command: docker login -u {{ vardata.dockerusr.name}} -p {{ vardata.dockerpass.name}} swr.ap-southeast-1.myhuaweicloud.com
-
-- name: Create docker-registry secret
- # yamllint disable rule:line-length
- command: kubectl create secret docker-registry swrregcred --docker-server=https://swr.ap-southeast-1.myhuaweicloud.com/v2/ --docker-username={{ vardata.swrusr.name}} --docker-password={{ vardata.swrpass.name}}
--- /dev/null
+TARBALL_PATH=/tmp/eg_registry/deploy/
+
+function _load_and_run_docker_registry()
+{
+
+ docker ps | grep registry >/dev/null
+ if [ $? != 0 ]; then
+ cd "$TARBALL_PATH"/registry
+ docker load --input registry-2.tar.gz
+ docker run -d -p 5000:5000 --restart=always --name registry registry:2
+ fi
+}
+
+function _load_swr_images_and_push_to_private_registry()
+{
+ IP=REGISTRIES_IP
+ PORT="REGISTRIES_PORT"
+ cd "$TARBALL_PATH"/eg_swr_images
+
+ for f in *.tar.gz;
+ do
+ cat $f | docker load
+ IMAGE_NAME=`echo $f|rev|cut -c8-|rev|sed -e "s/\#/:/g" | sed -e "s/\@/\//g"`;
+ docker image tag $IMAGE_NAME $IP:$PORT/$IMAGE_NAME
+ docker push $IP:$PORT/$IMAGE_NAME
+ done
+}
+
+##############################################################
+############################################
+function main(){
+ _load_and_run_docker_registry
+ _load_swr_images_and_push_to_private_registry
+}
+#########################################
+#skip main in case of source
+ main $@
+######################
\ No newline at end of file
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Doing deployment setup for edge gallery
+ copy:
+ src: deploy
+ dest: /tmp/eg_registry/
+
+- name: Download 0.9 tar
+ command: wget http://release.edgegallery.org/arm64/all/0.9.tar.gz
+ args:
+ chdir: /tmp/eg_registry/deploy/
+ when: ansible_architecture == 'aarch64'
+
+- name: Download 0.9 tar
+ command: wget http://release.edgegallery.org/x86/all/0.9.tar.gz
+ args:
+ chdir: /tmp/eg_registry/deploy/
+ when: ansible_architecture == 'x86_64'
+
+- name: Untar the donwloaded tar
+ command: tar -zxf 0.9.tar.gz
+ args:
+ chdir: /tmp/eg_registry/deploy/
+
+- name: Replacing private ip
+ replace:
+ path: /tmp/eg_registry/deploy/load-images.sh
+ regexp: REGISTRIES_IP
+ replace: "{{ vardata.private_repo_ip.name }}"
+
+- name: Replacing private port
+ replace:
+ path: /tmp/eg_registry/deploy/load-images.sh
+ regexp: REGISTRIES_PORT
+ replace: "{{ vardata.docker_registry_port.name }}"
+
+- name: Execute load-images file
+ command: sh /tmp/eg_registry/deploy/load-images.sh
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_load-iamges
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Stop registry
+ command: docker stop registry
+
+- name: Remove registry
+ command: docker rm -v registry
+
+- name: Remove tmp file
+ command: rm -v /tmp/eg_registry
- name: Install user-mgmt
# yamllint disable rule:line-length
- command: helm install --wait user-mgmt-edgegallery edgegallery/usermgmt --set global.oauth2.clients.appstore.clientUrl=https://{{ vardata.user_mgmt_oauth_appstore_client_ip.name}}:{{vardata.appstore_port.name}},global.oauth2.clients.developer.clientUrl=https://{{ vardata.user_mgmt_oauth_developer_client_ip.name}}:{{vardata.developer_port.name}},global.oauth2.clients.mecm.clientUrl=https://{{ vardata.user_mgmt_oauth_mecm_client_ip.name}}:{{vardata.mecm_port.name}}, --set jwt.secretName=user-mgmt-jwt-secret --set images.usermgmt.tag={{ vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
+ command: helm install user-mgmt-edgegallery edgegallery/usermgmt --set global.oauth2.clients.appstore.clientUrl=https://{{ ansible_host }}:{{vardata.appstore_port.name}},global.oauth2.clients.developer.clientUrl=https://{{ ansible_host }}:{{vardata.developer_port.name}},global.oauth2.clients.mecm.clientUrl=https://{{ ansible_host }}:{{vardata.mecm_port.name}}, --set jwt.secretName=user-mgmt-jwt-secret --set images.usermgmt.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/user-mgmt --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/postgres --set images.redis.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/redis --set images.initservicecenter.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/curl --set images.usermgmt.tag={{ vardata.eg_image_tag.name}} --set images.usermgmt.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set images.redis.pullPolicy=IfNotPresent --set images.initservicecenter.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
# yamllint disable rule:line-length
- name: Pull helm chart service center
# yamllint disable rule:line-length
- command: helm install service-center-edgegallery edgegallery/servicecenter --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
+ command: helm install service-center-edgegallery edgegallery/servicecenter --set images.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/service-center --set images.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
# yamllint disable rule:line-length