README.md 4.83 KB
Newer Older
1
# OSDU module/deployment framework
ethiraj krishnamanaidu's avatar
ethiraj krishnamanaidu committed
2

3
Creates fully functional GCP based OSDU installation.
Oleksandr Kosse (EPAM)'s avatar
Oleksandr Kosse (EPAM) committed
4

5
## Prerequisites
6

7
8
9
10
11
12
13
14
15
16
- **Terraform** (version: v1.0.0) [terraform](https://www.terraform.io/downloads.html)
- **Gcloud** (version: Google Cloud SDK 345.0.0) [googleCloud](https://cloud.google.com/sdk/docs/install)
- **Kubectl** (version: v1.21.0) [kubectl](https://kubernetes.io/docs/tasks/tools/#kubectl)
- **kpt** (version: v0.39.3) [github](https://github.com/GoogleContainerTools/kpt/releases/tag/v0.39.3)
- **jq** (version: jq-1.6)

### Manual actions

These actions couldn't be automated at this moment. Should be done once in a new Google Cloud project.

17
18
19
20
21
22
- Enable Cloud Resource Manager API:
  - Go to -> `APIs & Services` -> click on `Enable Apis and Services` -> search for `Cloud Resource Manager API` and **enable** this API.
- Get credentials from gcloud command:
  - Acquire new user credentials via gcloud command to use for Application default credentials (use this link [cloud.google.com](https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login) as an example).
- Create AppEngine app using Google Console GUI:
  - Go to -> `App Engine` -> click `Create app` -> choose region corresponding your deployment **Or** use bash script for creating datastore indexes located [here](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-gcp-provisioning/-/blob/master/bootstrap_infra/create-definitions/create-index-definitions.sh)
23

24
## Before install
25

26
27
28
29
30
31
At the respective GCP project, we need to create OAuth 2.0 Client ID.
According to GCP requirement, you need:

- Create `OAuth consent screen`
- Activate `API & Services`
- Create `OAuth 2.0 Client ID (type: Web application)`
32

33
### **To create OAuth consent screen:**
34

35
Go to **GCP navigation menu** -> **API & Services** -> **OAuth consent screen**
36

37
- Choose type `External` and click `CREATE`
38
39
40
41
42
43
- Fill in these fields (you can fild example below):
  - `App name`
  - `User support email`
  - `Authorized domains`
  - `Developer contact information`
- Press now and later `SAVE AND CONTINUE`
44

45
![alt text](img/gcp-consent-screen.png "Content Screen")
Oleksandr Kosse (EPAM)'s avatar
Oleksandr Kosse (EPAM) committed
46

47
### **To create OAuth 2.0 Client ID of type Web application:**
48

49
50
51
52
53
54
55
56
57
- Go to **GCP navigation menu** -> **API & Services** -> **Credentials**
- Click `+ CREATE CREDENTIALS`
- Use `OAuth client ID`
- Application type (choose `Web application`)
- Fill in `Name` field like `project_name-audiences`
- Add Authorized redirect URIs:
  - `http://localhost:8080/auth/callback`
  - `https://developers.google.com/oauthplayground/`
- Click `CREATE`
58

59
60
![alt text](img/web-credentials.png "Web application credentials")

61
## How to run **osdu-module** with **Terraform**
62

63
64
Make sure that your gcloud client is configured with appropriate GCP **project** and **region**\
Use this links as examples:
65

66
67
- Set default [project](https://cloud.google.com/artifact-registry/docs/gcloud-defaults)
- Set default [region](https://cloud.google.com/compute/docs/gcloud-compute#set_default_zone_and_region_in_your_local_client)
68

69
### To start installation, use the following commands
70

71
72
73
74
```\
- git clone git@community.opengroup.org:osdu/platform/deployment-and-operations/infra-gcp-provisioning.git
- cd infra-gcp-provisioning/examples/simple_osdu/
```
Oleksandr Kosse (EPAM)'s avatar
Oleksandr Kosse (EPAM) committed
75

76
### Then you need to fill in **mandatory** variables at **variables.tf** file
77

78
79
80
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
**project_id** | your GCP project ID | string | none | yes
81
82
**project_region** | your GCP project region | string | none | yes
**project_zone** | your GCP project zone | string | none | yes
83
84
85
**data_partition_id** | Data Partition ID and also Tenant Name | string | **dataid** | yes
**domain** | DNS name for OSDU installation | string | none | yes
**elastic_pass** | password for ElasticSearch instance | string | none | yes
86
**elastic_host** | domain name of ElasticSearch instance | string | none | yes
87
88
89
**audiences** | this variable is ClientID from previous step of creating OAuth 2.0 Client ID | string | none | yes
**admin_user_email** | Admin person user email in project or at google identity service | string | **user@example.com** | yes

90
91
92
93
> **data_partition_id** variable could contain only lowercase letters and numbers, and couldn't be longer than 25 characters.
>
> **elastic_host** variable might look like: instance-name.es.us-central1.cloud.es.io
>
94
> **audiences** variable could look like: 689762842995-pv21xxxxxxx803kk6gqf52qb5amos3a9.apps.googleusercontent.com
95

96
Then perform following commands:
97

98
```\
99
100
101
terraform init
terraform plan
terraform apply
102
```
103

104
105
106
You can provide variables by `-var` option when running the terraform plan and terraform apply commands.\
Example: `terraform apply -var="domain=example.com"`

107
## Post install steps
108

109
110
After successfull installation, look at the **outputs** of terraform execution and
get **ingress_ip** variable value for usage this ip-address in DNS domain name