# Nonrt-RIC install manul ## ubuntu 22.04 version ### Spec | Package | version | |--------------------|---------------| |Kubernetes |v1.28.2 | |Docker |v24.0.5 | |nexus |v3.38.1 | |Flannel |v0.24.0 | |Flannel-CNI |v1.2.0 | |Calico |v3.26.1 | ### Directory Overview ```bash= nonrtric_release_v3_4 ├── a1 │ ├── a1ei │ ├── a1policy │ ├── prepare │ └── rapp_demo │ ├── env_install │ ├── backend_mysql │ ├── backend_nexus │ └── cert │ ├── non-ric-frontend │ ├── public │ └── src │ ├── non-rt-ric │ ├── database │ ├── file │ ├── kubernetes │ ├── routes │ ├── o1 │ ├── r1-dme │ ├── dme │ └── prepare │ └── r1_sme ├── capifcore └── itri_deployment ``` nexus3_v3.38.1.tar.gz is too big to push to git please get it from the engineer and put it into `/env_install/backend_nexus/` ## Install env tools enter "env_install" folder ```bash= cd env_install ``` p.s if run any shell script shows the error message `/bin/bash^M: bad interpreter: No such file or directory` run this command to replace the character ```bash= sed -i -e "s/\r//" *.sh ``` ### instal k8s 1. run install_k8s.sh ```bash= ./install_k8s.sh ``` ### instal helm 1. run get_helm.sh ```bash= ./get_helm.sh ``` ### instal r1 interface exposure tool and database 1. run deploy_env.sh ```bash= ./deploy_env.sh ``` ### instal and setting rapp manager backend tool 1. run backend_env.sh (install) ```bash= ./backend_env.sh ``` 2. nexus setting for creating an image repository - (a). Open browser and connect to: http://{HOST_IP}:32000 - (b). Click sign in button  - (c). Input username and password  - username: admin - password: the message shows user can check password at the following location ```bash= cat /mnt/nexus-data/admin.password ``` p.s. After login, window will show "Configure Anonymous Access", user can select enable or disable. Next, it will show the change password window. - (d). Modify the password to 'iclk200'  - (e). Create the docker image repository Click the setting and Repositories icons, and create a repository   - (f). Finish the image repository settings(only need to input name and http port), then click `create repository`   3. Modify the docker JSON file `/etc/docker/daemon.json`. - (a). Replace the HOST_IP to the Kubernetes IP of your server. Here is an example where the cluster runs on `192.168.1.115`. - `sudo vim /etc/docker/daemon.json` ```bash= { "insecure-registries":["192.168.1.115:32001"] } ``` - (b). Then run commands as follows to enable the configuration. ```bash= sudo systemctl daemon-reload sudo systemctl restart docker ``` 4. Try to login docker and check the password file p.s Replace the HOST_IP with the Kubernetes IP of your server. ```bash= sudo docker login -u admin -p iclk200 {HOST_IP}:32001 #ex: sudo docker login -u admin -p iclk200 192.168.1.115:32001 ```  5. According to the login response message, check there is a file `root/.docker/config.json`(this file should be ctreted after login docker) - /root/.docker/config.json ```bash= sudo cat /root/.docker/config.json #run under super-user { "auths": { "192.168.122.61:32001": { "auth": "YWRtaW46aWNsazIwMA==" } } } ``` copying this file to under your namespace and using the file to create secrets for backend and rApps. (p.s. please revise the command path if the config.json is not at the same location or hostname is not 'k300' ) ```bash= # if user don't have this folder mkdir /home/k300/.docker # copy from root avoid the Permission denied issue sudo cp /root/.docker/config.json /home/k300/.docker/config.json sudo chmod -R 777 /home/k300/.docker/ # For the namespace nonrtric kubectl create secret generic regcred --from-file=.dockerconfigjson=/home/k300/.docker/config.json --type=kubernetes.io/dockerconfigjson -n nonrtric # For the namespace nonrtric-rapp kubectl create secret generic regcred --from-file=.dockerconfigjson=/home/k300/.docker/config.json --type=kubernetes.io/dockerconfigjson -n nonrtric-rapp ``` - Check there are secrets. ```bash= kubectl get -A secret | grep regcred ```  6. To ensure the kubectl pod can pull image without the https issue.  please edit the file `/etc/containerd/config.toml` ```bash= sudo nano /etc/containerd/config.toml ``` `config.toml` ```bash= disabled_plugins = [] imports = [] oom_score = 0 plugin_dir = "" ... ... #find the line [plugins."io.containerd.grpc.v1.cri".registry.configs] [plugins."io.containerd.grpc.v1.cri".registry.configs] #add the 6 lines below that line, the ip should be replaced with your host ip! [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.145.23:32001"] [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.145.23:32001".tls] ca_file = "" cert_file = "" insecure_skip_verify = true key_file = "" [plugins."io.containerd.grpc.v1.cri".registry.headers] #find the line [plugins."io.containerd.grpc.v1.cri".registry.configs] [plugins."io.containerd.grpc.v1.cri".registry.mirrors] # add the 2 lines below this line, the ip should be replaced with your host ip! [plugins."io.containerd.grpc.v1.cri".registry.mirrors."192.168.145.23:32001"] endpoint = ["http://192.168.145.23:32001"] ```  save the change and restart the containerd ```bash= sudo systemctl restart containerd ``` if restart fail, can use "sudo containerd" to check error ## deploy rapp manager frontend and backend ### backend enter "non-rt-ric" folder ```bash= cd non-rt-ric ``` #### Modify fields in the conf file `backend-configmap.yml`. - Token - Get token - Reason: to give the backend application the permission to access K8s API server. ```bash= # Get the token kubectl describe secrets -n nonrtric nonrtric-account-secret ```  - Fill the `NONRTRIC_TOKEN` field in `backend-configmap.yml`. ```bash= vim backend-configmap.yml ```  - IP - Modify the ip of the field `HOST_IP` in `backend-configmap.yml` as the Kubernetes IP of your server. - Note: The default node port used by backend is 30980 described in `non-rt-ric/service.yaml` - Modify the ip of the fields `HUB_IP` in `backend-configmap.yml`  - HOSTNAME - Modify the hostname field `HOST_NAME` in `backend-configmap.yml` p.s. hostname should be all lowercase!! (even if your hostname has some uppercase) - Note: you can check the hostname with `cat /etc/hostname`.  - HOST KUBE CA - Modify the host k8s ca `HOST_CA` in `backend-configmap.yml` 1. check the/home/{USER_NAME}/.kube/pki/ca.crt file exist 2. if ca.crt file does not exist, copy it from kubernetes to your host ```bash= sudo cp /etc/kubernetes/pki/ca.crt /home/{USER_NAME}/.kube/pki/ca.crt sudo cp /etc/kubernetes/pki/ca.key /home/{USERT_NAME}/.kube/pki/ca.key ``` 3. Modify `HOST_CA` to `/home/{USER_NAME}/.kube/pki/ca.crt`  #### build image and deploy(first run or re-build code) ```bash= ./install_backend.sh ``` #### undeploy ```bash= ./undeploy.sh ``` #### deploy (without build docker image) ```bash= ./deploy.sh ``` ### frontend enter "non-ric-frontend" folder ```bash= cd non-ric-frontend ``` #### Modify fields in the conf file `frontend-configmap.yml`. - Backend IP - Modify the backend ip of the field `VUE_APP_BACKEND_URL` in `frontend-configmap.yml` as the backend ip (usually it is your host ip). - backend default port is 30980  #### build image and deploy(first run or re-build code) ```bash= ./install_frontend.sh ``` #### undeploy ```bash= ./undeploy.sh ``` #### deploy (without build docker image) ```bash= ./deploy.sh ``` ## deploy A1 Policy and A1 EI enter "a1" folder ```bash= cd a1 ``` P.S. Before deplyment, user should check the near-ric ip in `deployment_a1.yaml` (If need to connect to near ric)  #### build image and deploy(first run or re-build code) ```bash= ./install_a1.sh ``` #### undeploy ```bash= ./undeploy_a1.sh ``` #### deploy (without build docker image) ```bash= ./deploy_a1.sh ``` ## deploy R1 DME and R1 SME ### R1 DME enter "r1-dme" folder ```bash= cd r1-dme ``` #### build image and deploy(first run or re-build code) ```bash= ./install_r1dme.sh ``` #### undeploy ```bash= ./undeploy_r1dme.sh ``` #### deploy (without build docker image) ```bash= ./deploy_r1dme.sh ``` ### R1 SME enter "r1-sme/itri_deployment" folder ```bash= cd r1_sme/itri_deployment ``` #### build image and deploy(first run or re-build code) ```bash= ./install_r1sme.sh ``` #### undeploy ```bash= ./undeploy_r1sme.sh ``` #### deploy (without build docker image) ```bash= ./deploy_r1sme.sh ``` ## deploy O1 enter "o1" folder ```bash= cd o1 ``` - edit the conf.txt ip to real ems ip  #### build image and deploy(first run or re-build code) ```bash= ./install_o1.sh ``` #### undeploy ```bash= ./undeploy.sh ``` #### deploy (without build docker image) ```bash= ./deploy.sh ``` ## Verification 1. K8s - Node status - The status of the node should be `Ready`. ```bash= kubectl get node ```  - Pods status - All status of pods in the namespace `nonrtric` should be `Running`. ```bash= kubectl get po -n nonrtric ```  2. Backend - Check the log of backend. - You should see `Login Succeeded` in the log. ```bash= # Get the log the backend pod. Use :q to leave. kubectl logs -n nonrtric $(kubectl get po -n nonrtric | grep backend | awk '{print $1}') | less ```  3. Frontend - Open a browser, then type the IP of your machine and port `30979`. You should see there are `Memory Usage` and `CPU Utilization` information. - Note: the default port number is `30979`. You would need to change it if you modify the port number in the frontend section.  4. A1 - Check the service is living. ```bash= cd env_install/cert curl 'https://nonrtric.example.com/a1-policy/v2/status' --cacert ./server.crt ```  5. R1 - DME ```bash= cd env_install/cert curl 'https://nonrtric.example.com/data-access/v1/status' --cacert ./server.crt ```  - SME ```bash= cd env_install/cert curl -i --location 'https://nonrtric.example.com/service-apis/v1/allServiceAPIs?api-invoker-id=api_invoker_id_invoker_tls' --cacert ./server.crt ```  6. O1 ```bash= curl -X POST https://nonrtric.example.com/o1/v4/irm/login -i -H 'cache-control: no-cache' -H 'content-type: application/json' -d '{ "key":"d98f348ea667397d49853aee"}' -c ./cookie.txt -k ```