4 OCNWDAF CAP4C Installation
Verifying nwdaf-cap4c-kubernetes-installer
Note:
Once the OCNWDAF release package is untarred, it exposes anwdaf-cap4c-kubernetes-optional-installer
folder.
- Copy the
nwdaf-cap4c-kubernetes-optional-installerfolder to the home of the kubernetes bastion. - Verify by running the following
command:
The following output displays:[ -d ~/nwdaf-cap4c-kubernetes-installer ] && echo "nwdaf-cap4c-kubernetes-installer exist!"nwdaf-cap4c-kubernetes-installer exist!
Setting Required Environment Variables
Export the following required environment variables:
export IMAGE_REGISTRY="<image-registry-uri>"
export K8_NAMESPACE="<nwdaf-kubernetes-namespace>"
export ENCRYPT_KEY="<symetric-encrypt-key>"Replace the <image-registry-uri>, <nwdaf-kubernetes-namespace>, <symetric-encrypt-key> with the appropiate values. For instance, the K8_NAMESPACE should be set to ocn-nwdaf as per the OCNWDAF installation preparation steps.
Configure the Database
Follow the procedure to create CAP4C MySQL database and grant user permissions to the required users, to perform the necessary operations on the database:
- Log in to the server or machine with permission to access the SQL nodes of the NDB cluster.
- Connect to the SQL node of the NDB cluster or connect to the cnDBTier. Run the following command to connect to the cnDBTier:
kubectl -n <cndbtier_namespace> exec -it <cndbtier_sql_pod_name> -c <cndbtier_sql_container_name> -- bash - Run the following command to log in to the MySQL prompt as a user with root permissions. A user with root permission can create users with required permissions, to perform necessary operations on the database.
mysql -h -uroot -p - Run the following commands:
SQL Statements
Note:
Use the “ ` ” (back tick) and the “ ' ” (single quote) as specified in the commands below./* CAP4C Model controller user */ CREATE USER IF NOT EXISTS 'cap4c-model-controller' IDENTIFIED BY 'cap4c-model-controller'; /* CAP4C model controller database */ CREATE DATABASE IF NOT EXISTS `cap4c-model-controller`; USE `cap4c-model-controller`; GRANT ALL PRIVILEGES ON `cap4c-model-controller`.* TO 'cap4c-model-controller'; /* Scheduler service user */ CREATE USER IF NOT EXISTS 'nwdaf-cap4c-scheduler-service' IDENTIFIED BY 'nwdaf-cap4c-scheduler-service'; /* Scheduler service database */ CREATE DATABASE IF NOT EXISTS `nwdaf-cap4c-scheduler-service`; USE `nwdaf-cap4c-scheduler-service`; GRANT ALL PRIVILEGES ON `nwdaf-cap4c-scheduler-service`.* TO 'nwdaf-cap4c-scheduler-service';
Creating NWDAF-TLS Secret Base on TLS Certificates
Create the nwdaf-tls secret based on the TLS certificates using the following command:
K8_NAMESPACE=<insert-your-namespace>
CERT_PATH=<certificate-path>
kubectl create secret generic nwdaf-tls \
--save-config \
--dry-run=client \
--from-file=${CERT_PATH}/nwdaf.crt --from-file=${CERT_PATH}/nwdaf.key -o yaml | \
kubectl -n ${K8_NAMESPACE} apply -f -Note:
The .crt and .key files should be named nwdaf.crt and nwdaf.key.Installing Dependencies
01-install-dependencies.sh as
follows:sh ~/nwdaf-cap4c-kubernetes-installer/scripts/01-install-dependencies.shVerifying Dependencies
Run the following command to verify if the dependencies are running:
kubectl get pods -n ${K8_NAMESPACE}Also, verify if all the dependencies (listed bellow) are on the Running status (If any pod is not in the Running status, wait until restart has occurred at most five times) :
NAME READY STATUS RESTARTS AGE
druid-pod 1/1 Running 0 01s
kafka-sts-0 1/1 Running 0 01s
kafka-sts-1 1/1 Running 0 01s
kafka-sts-2 1/1 Running 0 01s
nwdaf-cap4c-spring-cloud-config-server-deploy-xxxxxxxxx-xxxxx 1/1 Running 0 01s
redis-master-pod 1/1 Running 0 01s
redis-slave-sts-0 1/1 Running 0 01s
redis-slave-sts-1 1/1 Running 0 01s
zookeper-sts-0 1/1 Running 0 01sThe following table lists the default variables used to configure OCNWDAF. You can export any variable and it will be replaced on the deployed configuration.
| Key | Value |
|---|---|
| MYSQL_HOST | mysql |
| MYSQL_PORT | 3306 |
| KAFKA_BROKERS_HOST | kafka-sts-0.kafka-headless-svc:9092,kafka-sts-1.kafka-headless-svc:9092,kafka-sts-2.kafka-headless-svc:9092 |
| DRUID_HOST | druid |
| DRUID_PORT | 8888 |
| REDIS_HOST | redis-master |
| REDIS_PORT | 6379 |
| NWDAF_CONFIGURATION_HOST | ocn-nwdaf-configuration-service-internal |
| NWDAF_CONFIGURATION_PORT | 8096 |
| AUTH_CLIENT_ID | NWDAF_portal |
| AUTH_CLIENT_SECRET | NWDAF_secret |
| AUTH_REALM | NWDAF_realm |
| CAP4C_MODEL_CONTROLLER_HOST | cap4c-model-controller |
| CAP4C_MODEL_CONTROLLER_PORT | 8080 |
| CAP4C_MODEL_CONTROLLER_DATABASE | cap4c-model-controller |
| CAP4C_MODEL_CONTROLLER_USER | cap4c-model-controller |
| CAP4C_MODEL_CONTROLLER_PASSWORD | cap4c-model-controller |
| NWDAF_CAP4C_SCHEDULER_SERVICE_DATABASE | nwdaf-cap4c-scheduler-service |
| NWDAF_CAP4C_SCHEDULER_SERVICE_USER | nwdaf-cap4c-scheduler-service |
| NWDAF_CAP4C_SCHEDULER_SERVICE_PASSWORD | nwdaf-cap4c-scheduler-service |
| CAP4C_STREAM_ANALYTICS_REDIS_DATABASE | 0 |
Typically, following are the environment variables that are replaced:
export MYSQL_HOST=<any-other-mysql-host>
export AUTH_CLIENT_ID=<auth-client-id>
export AUTH_CLIENT_SECRET=<auth-client-secret>
export AUTH_REALM=<auth-client-relam>
export CAP4C_MODEL_CONTROLLER_PASSWORD=<cap4c-model-controller-password>
export NWDAF_CAP4C_SCHEDULER_SERVICE_PASSWORD=<nwdaf-cap4c-scheduler-service-password>Setting up Encrypted Credentials
To encrypt the credentials, run the following command:
export CAP4C_MODEL_CONTROLLER_PASSWORD=cap4c-model-controller
export CAP4C_MODEL_CONTROLLER_PASSWORD="'{cipher}$(kubectl -n ${K8_NAMESPACE} exec $(kubectl -n ${K8_NAMESPACE} get pods --no-headers -o custom-columns=":metadata.name" | grep nwdaf-cap4c-spring-cloud-config-server) -- curl -s localhost:8888/encrypt -d ${CAP4C_MODEL_CONTROLLER_PASSWORD})'"
Configuring Dependencies
Run 02-prepare-dependencies.sh, as
follows:
sh ~/nwdaf-cap4c-kubernetes-installer/scripts/02-prepare-dependencies.shInstalling CAP4C Images
Run 03-install-applications.sh, as
follows:
sh ~/nwdaf-cap4c-kubernetes-installer/scripts/03-install-applications.sh