Deploy Charmed Magma Orchestrator 1.6
Requirements
The Orchestrator must be installed on a Kubernetes cluster with the following specifications:
- Kubernetes: A cluster with a total of a minimum of 6 vCPUs and 16 GB of RAM.
- Juju 2.9: A Juju controller with access to the Kubernetes cluster
Note
If the Juju controller is running on your Kubernetes cluster, it should use a LoadBalancer service type
Deploy the magma-orc8r bundle
Create an overlay.yaml
file that contains the following content:
applications:
fluentd:
options:
domain: <your domain name>
elasticsearch-url: <your elasticsearch https url>
orc8r-certifier:
options:
domain: <your domain name>
orc8r-eventd:
options:
elasticsearch-url: <your elasticsearch http url>
orc8r-nginx:
options:
domain: <your domain name>
tls-certificates-operator:
options:
generate-self-signed-certificates: true
ca-common-name: rootca.<your domain name>
Warning
This configuration is unsecure because it uses self-signed certificates.
Info
Elasticsearch is not part of the magma-orc8r bundle and needs to be deployed separately. For details regarding Elasticsearch integration please visit Integrate Charmed Magma Orchestrator to Elasticsearch
Deploy Orchestrator:
juju deploy magma-orc8r --overlay overlay.yaml --trust --channel=1.6/stable
The deployment is completed when all services are in the Active-Idle
state.
Import the admin operator HTTPS certificate
Retrieve the PFX package that contains the certificates to authenticate against Magma Orchestrator:
juju scp --container="magma-orc8r-certifier" orc8r-certifier/0:/var/opt/magma/certs/admin_operator.pfx admin_operator.pfx
Retrieve the pfx package password:
juju run-action orc8r-certifier/leader get-pfx-package-password --wait
Info
The pfx package was copied to your current working directory. It can now be loaded in your browser or used to make API calls to Magma orchestrator.
Setup DNS
Retrieve the services that need to be exposed:
juju run-action orc8r-orchestrator/leader get-load-balancer-services --wait
In your domain registrar, create A records for the following Kubernetes services:
Address | Hostname |
---|---|
<orc8r-bootstrap-nginx External IP> |
bootstrapper-controller.<your domain> |
<orc8r-nginx-proxy External IP> |
api.<your domain> |
<orc8r-clientcert-nginx External IP> |
controller.<your domain> |
<nginx-proxy External IP> |
*.nms.<your domain> |
<fluentd External IP> |
fluentd.<your domain> |
Verify the deployment
Get the master organization's username and password:
juju run-action nms-magmalte/leader get-master-admin-credentials --wait
Confirm successful deployment by visiting https://master.nms.<your domain>
and logging in
with the admin-username
and admin-password
outputted here.