Uploaded image for project: 'Logging analytics'
  1. Logging analytics
  2. LOG-327

CD: Oneclick Rancher 2.0 kubernetes setup script

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Medium Medium
    • Dublin Release
    • None
    • None

      https://wiki.onap.org/display/DW/ONAP+on+Kubernetes+on+Rancher#ONAPonKubernetesonRancher-Rancher2.0

      Only docker 17.03 supports Kubernetes so far
      http://rancher.com/docs/rancher/v1.6/en/hosts/#supported-docker-versions

      https://rancher.com/blog/
Adding custom nodes to your Kubernetes cluster in Rancher 2.0 Tech Preview 2

root@ip-172-31-76-75:~# sudo docker run -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/server:preview
42d5d98fb352ae4198ea039e2ab0d54e0a4dbe882ee62d3e3168ce648f5deb7c
root@ip-172-31-76-75:~# docker ps
CONTAINER ID        IMAGE                    COMMAND                  CREATED             STATUS              PORTS                                      NAMES
42d5d98fb352        rancher/server:preview   "rancher --k8s-mod..."   6 seconds ago       Up 5 seconds        0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp   naughty_mccarthy
root@ip-172-31-76-75:~# LOGINRESPONSE=`curl -s 'https://127.0.0.1/v3-public/localProviders/local?action=login' -H 'content-type: application/json' --data-binary '{"username":"admin","password":"admin"}' --insecure`
root@ip-172-31-76-75:~# LOGINTOKEN=`echo $LOGINRESPONSE | jq -r .token`
root@ip-172-31-76-75:~# curl -s 'https://127.0.0.1/v3/users?action=changepassword' -H 'content-type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"currentPassword":"admin","newPassword":"thisisyournewpassword"}' --insecure
root@ip-172-31-76-75:~# APIRESPONSE=`curl -s 'https://127.0.0.1/v3/token' -H 'content-type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"type":"token","description":"automation"}' --insecure`
root@ip-172-31-76-75:~# APITOKEN=`echo $APIRESPONSE | jq -r .token`
root@ip-172-31-76-75:~# echo $LOGINRESPONSE
{"actions":{},"authProvider":"local","baseType":"token","created":"2018-02-17T19:46:54Z","createdTS":1518896814000,"creatorId":null,"description":"","groupPrincipals":[],"id":"token-6lpf6","isDerived":false,"labels":{"authn.management.cattle.io/token-userId":"user-dxpzc"},"lastUpdateTime":"","links":{"self":"https://127.0.0.1/v3-public/tokens/token-6lpf6"},"name":"token-6lpf6","token":"token-6lpf6:9mjxxpfz4qmz9cvbsgs7fksxjxkhpvkx8j9jlnkq59cn9rbwztzmsz","ttl":57600000,"type":"token","userId":"user-dxpzc","userPrincipal":"map[metadata:map[name:local://user-dxpzc creationTimestamp:\u003cnil\u003e] displayName:Default Admin loginName:admin kind:user me:true provider:local]","uuid":"4e7a0d5b-141b-11e8-bacc-0242ac110002"}
root@ip-172-31-76-75:~# echo $LOGINTOKEN
token-6lpf6:9mjxxpfz4qmz9cvbsgs7fksxjxkhpvkx8j9jlnkq59cn9rbwztzmsz
root@ip-172-31-76-75:~# echo $APIRESPONSE
{"actions":{},"authProvider":"local","baseType":"token","created":"2018-02-17T19:47:51Z","createdTS":1518896871000,"creatorId":null,"description":"automation","groupPrincipals":[],"id":"token-46x9z","isDerived":true,"labels":{"authn.management.cattle.io/token-userId":"user-dxpzc"},"lastUpdateTime":"","links":{"remove":"https://127.0.0.1/v3/tokens/token-46x9z","self":"https://127.0.0.1/v3/tokens/token-46x9z","update":"https://127.0.0.1/v3/tokens/token-46x9z"},"name":"token-46x9z","token":"token-46x9z:4sf88ppf7fnwtfgdzxmnd7lf5rtbkndjl4zqrpbzvr8mchj68qkt4v","ttl":57600000,"type":"token","userId":"user-dxpzc","userPrincipal":"map[kind:user me:true provider:local metadata:map[name:local://user-dxpzc creationTimestamp:\u003cnil\u003e] displayName:Default Admin loginName:admin]","uuid":"704dc296-141b-11e8-bacc-0242ac110002"}
root@ip-172-31-76-75:~# echo $APITOKEN
token-46x9z:4sf88ppf7fnwtfgdzxmnd7lf5rtbkndjl4zqrpbzvr8mchj68qkt4v

root@ip-172-31-76-75:~# CLUSTERRESPONSE=`curl -s 'https://127.0.0.1/v3/cluster' -H 'content-type: application/json' -H "Authorization: Bearer $APITOKEN" --data-binary '{"type":"cluster","nodes":[],"rancherKubernetesEngineConfig":{"ignoreDockerVersion":true},"name":"yournewcluster"}' --insecure`
root@ip-172-31-76-75:~# CLUSTERID=`echo $CLUSTERRESPONSE | jq -r .id`
root@ip-172-31-76-75:~# echo $CLUSTERRESPONSE
{"actions":{},"annotations":{},"baseType":"cluster","created":"2018-02-17T19:49:59Z","createdTS":1518896999000,"creatorId":"user-dxpzc","defaultClusterRoleForProjectMembers":null,"defaultPodSecurityPolicyTemplateId":null,"id":"cluster-ztcdt","links":{"clusterEvents":"https://127.0.0.1/v3/clusterEvents?clusterId=cluster-ztcdt","clusterLoggings":"https://127.0.0.1/v3/clusterLoggings?clusterId=cluster-ztcdt","clusterRegistrationTokens":"https://127.0.0.1/v3/clusterRegistrationTokens?clusterId=cluster-ztcdt","clusterRoleTemplateBindings":"https://127.0.0.1/v3/clusterRoleTemplateBindings?clusterId=cluster-ztcdt","machines":"https://127.0.0.1/v3/machines?clusterId=cluster-ztcdt","namespaces":"https://127.0.0.1/v3/clusters/cluster-ztcdt/namespaces","nodes":"https://127.0.0.1/v3/clusters/cluster-ztcdt/nodes","persistentVolumes":"https://127.0.0.1/v3/clusters/cluster-ztcdt/persistentvolumes","projects":"https://127.0.0.1/v3/projects?clusterId=cluster-ztcdt","remove":"https://127.0.0.1/v3/clusters/cluster-ztcdt","schemas":"https://127.0.0.1/v3/clusters/cluster-ztcdt/schemas","self":"https://127.0.0.1/v3/clusters/cluster-ztcdt","update":"https://127.0.0.1/v3/clusters/cluster-ztcdt"},"name":"yournewcluster","nodes":[],"rancherKubernetesEngineConfig":{"ignoreDockerVersion":true,"type":"/v3/schemas/rancherKubernetesEngineConfig"},"removed":null,"state":"active","transitioning":"no","transitioningMessage":"","type":"cluster","uuid":"bc584143-141b-11e8-bacc-0242ac110002"}
root@ip-172-31-76-75:~# echo $CLUSTERID
cluster-ztcdt

root@ip-172-31-76-75:~# AGENTIMAGE=`curl -s -H "Authorization: Bearer $APITOKEN" https://127.0.0.1/v3/settings/agent-image --insecure | jq -r .value`
root@ip-172-31-76-75:~# ROLEFLAGS="--etcd --controlplane --worker"
root@ip-172-31-76-75:~# RANCHERSERVER="https://cd.onap.info"
root@ip-172-31-76-75:~# AGENTTOKEN=`curl -s 'https://127.0.0.1/v3/clusterregistrationtoken' -H 'content-type: application/json' -H "Authorization: Bearer $APITOKEN" --data-binary '{"type":"clusterRegistrationToken","clusterId":"'$CLUSTERID'"}' --insecure | jq -r .token`
root@ip-172-31-76-75:~# echo $AGENTIMAGE
rancher/agent:v2.0.2
root@ip-172-31-76-75:~# echo $AGENTTOKEN
wzqlds7nshd22r7vz7m4ttk8f9s89k6ld584lj6jn2wdglr6mrkmb7

root@ip-172-31-76-75:~# CACHECKSUM=`curl -s -H "Authorization: Bearer $APITOKEN" https://127.0.0.1/v3/settings/cacerts --insecure | jq -r .value | sha256sum | awk '{ print $1 }'`
root@ip-172-31-76-75:~# AGENTCOMMAND="docker run -d --restart=unless-stopped -v /var/run/docker.sock:/var/run/docker.sock --net=host $AGENTIMAGE $ROLEFLAGS --server $RANCHERSERVER --token $AGENTTOKEN --ca-checksum $CACHECKSUM"
root@ip-172-31-76-75:~# echo $AGENTCOMMAND
docker run -d --restart=unless-stopped -v /var/run/docker.sock:/var/run/docker.sock --net=host rancher/agent:v2.0.2 --etcd --controlplane --worker --server https://cd.onap.info --token wzqlds7nshd22r7vz7m4ttk8f9s89k6ld584lj6jn2wdglr6mrkmb7 --ca-checksum d6da06563b4d056d178c33bff79edec838132ae853b4c2cdc683e3d81614dd2f
root@ip-172-31-76-75:~# $AGENTCOMMAND
Unable to find image 'rancher/agent:v2.0.2' locally
v2.0.2: Pulling from rancher/agent
d26cfb4142fa: Pull complete 
64e695836438: Pull complete 
23612a50167e: Pull complete 
0f87853aa05b: Pull complete 
196b8aba5fb6: Pull complete 
5f239a0ec768: Pull complete 
cc3d598471c6: Pull complete 
Digest: sha256:ce0821e430208a96719e9f48f9be8798b049469d76ce5c0e8fddf06ba8ba6c57
Status: Downloaded newer image for rancher/agent:v2.0.2
48c28a3e070f89036050c46836b0d83f8c961e62494e5c5b48e84c6875fd6d47

install helm, kubectl
  14  curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.8.6/bin/linux/amd64/kubectl
   15  chmod +x ./kubectl
   16  sudo mv ./kubectl /usr/local/bin/kubectl
   17  mkdir ~/.kube
   18  helm version
   19  wget http://storage.googleapis.com/kubernetes-helm/helm-v2.6.1-linux-amd64.tar.gz
   20  tar -zxvf helm-v2.6.1-linux-amd64.tar.gz
   21  sudo mv linux-amd64/helm /usr/local/bin/helm


replace url and token in 

apiVersion: v1
kind: Config
clusters:
- name: "yournewcluster"
cluster:
server: "https://amsterdam.onap.info/k8s/clusters/cluster-nlwrf"
api-version: v1
certificate-authority-data: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM3a\
kNDQWRhZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFvTVJJd0VBWURWUVFLRXdsM\
GFHVXQKY21GdVkyZ3hFakFRQmdOVkJBTVRDV05oZEhSc1pTMWpZVEFlRncweE9EQXlNVGd3T\
WpRd016QmFGdzB5T0RBeQpNVFl3TWpRd016QmFNQ2d4RWpBUUJnTlZCQW9UQ1hSb1pTMXlZV\
zVqYURFU01CQUdBMVVFQXhNSlkyRjBkR3hsCkxXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRR\
UZBQU9DQVE4QU1JSUJDZ0tDQVFFQXdsVjV6czF3cW9hVkJTQTYKdXVTeVVRWGhRTnYwbTFaW\
HdCTlJYVkVRQ0s2T2FaenBlcW1uRm9tUmQyVzZ0KzNjN0xTUDM4ekVNT0ZuWEcrNQp2N3JEY\
3A3dkpTd3A1MytiSEdzMFFEM0h2UjMxcURuVThSSWl6ZlNHbDZmcWZkNEZJLy9oTjRVNTRNM\
0g5MjF2CkQ2TkVoQlU2dmM2SlFiOU1MUFBaQ3dMWUExVHhUcDliaGhNRUhYWTg2MG5OK3RRM\
k4yVGUvK0tvZ096eG5IK3YKR2k0OU5XT1RaVGpQemx3Skh1S0tpWlFHNitJSDlDbmpqcXRWN\
mJIMzFnMHZJakwybG1OZHJGajd2OGQ1bHY2cAoxWEtqZFZKUTQvWjUrOXVpQURsNU9sSlY3S\
kpnR1Zoc2pBeXV1Vm0yUVJlOEJpbTI4YWY5WkkyYWxhTkRSb0FNCkJMemtxd0lEQVFBQm95T\
XdJVEFPQmdOVkhROEJBZjhFQkFNQ0FxUXdEd1lEVlIwVEFRSC9CQVV3QXdFQi96QU4KQmdrc\
WhraUc5dzBCQVFzRkFBT0NBUUVBUElZQjJ6Qis5Y1Z2Y1FjT2VzZ2VPMnpva2hSRk9GUk45d\
0pJQ0R6TwpsVlByWXFQazJLWkdwOEJIZVh2RHNTbGZ5TzdRRXpiRkdLaUpwSk03OE5BUVQxN\
04xMCttU1pPemdLcGxzdENPCnlvVDhZVUZUUXRwRVFLbzZCNGIwd0VTaWVRUys0eVhYcGhuR\
WN2RTZJQy9MWnFHcnpIeGNHSi9DZlprQWQ4R3kKcGFsdXRqQ3NXeTUzVjZEdlR0eGlkZzF4e\
UJYWGpXdnpIUFprb1hnTEQxc0NmL010N2d3V3ZqK0tNVUxjM1JJegpEeUZGQVFVbjArZkJle\
jdvMWFpY3lZMFovZWZHWXJZWTlid25qUTk4cGdRWVcwaHJKMkRaZC9BeXVST2s0dTNqCnBMM\
WJTSkQ2QWp4ZCtYZFNWMWZFMTBueHdGMjF6MVo0UVdMenZjbFR4NHFhQkE9PQotLS0tLUVOR\
CBDRVJUSUZJQ0FURS0tLS0t"

users:
- name: "admin"
user:
token: "token-5vmcg:qbk6b4jr7dnknvrqshsltlgj7kvcnw6jlmxss8t62flks7s6kjhrz8"

contexts:
- name: "yournewcluster"
context:
user: "admin"
cluster: "yournewcluster"

current-context: "yournewcluster"

using
   37  LOGINRESPONSE=`curl -s 'https://127.0.0.1/v3-public/localProviders/local?action=login' -H 'content-type: application/json' --data-binary '{"username":"admin","password":"admin"}' --insecure`
   38  LOGINTOKEN=`echo $LOGINRESPONSE | jq -r .token`
   39  echo $LOGINTOKEN
   40  LOGINRESPONSE=`curl -s 'https://127.0.0.1/v3-public/localProviders/local?action=login' -H 'content-type: application/json' --data-binary '{"username":"admin","password":"thisisyournewpassword"}' --insecure`
   41  echo $LOGINRESPONSE
   44  LOGINTOKEN=`echo $LOGINRESPONSE | jq -r .token`
   45  echo $LOGINTOKEN
   46  APIRESPONSE=`curl -s 'https://127.0.0.1/v3/token' -H 'content-type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"type":"token","description":"automation"}' --insecure`
   47  APITOKEN=`echo $APIRESPONSE | jq -r .token`
   48  echo $APITOKEN

        1. Screenshot 2018-02-17 15.25.59.png
          Screenshot 2018-02-17 15.25.59.png
          104 kB
        2. Screenshot 2018-02-18 22.30.48.png
          Screenshot 2018-02-18 22.30.48.png
          1.16 MB
        3. Screenshot 2018-02-18 22.34.37.png
          Screenshot 2018-02-18 22.34.37.png
          1.07 MB
        4. Screenshot 2018-02-18 22.35.45.png
          Screenshot 2018-02-18 22.35.45.png
          1.04 MB

            michaelobrien michaelobrien
            michaelobrien michaelobrien
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: