/nubomedia-paas

NUBOMEDIA PaaS

Primary LanguageJavaScriptApache License 2.0Apache-2.0

Copyright © 2016 NUBOMEDIA. Licensed under Apache 2.0 License.

NUBOMEDIA PaaS Manager

The NUBOMEDIA PaaS manager is the manager for PaaS Platform that exposes REST API to allow NUBOMEDIA users to build and deploy applications on the NUBOMEDIA Platform. This is a short guide to deploy and install the NUBOMEDIA PaaS Manager.

Getting Started

The PaaS Manager is implemented in java using the spring.io framework. This manager requires that all infrastructure is running:

  • Openbaton is up and running
  • The MS-VNFM is up, running and registered to Openbaton
  • The PaaS is configured and running (this API are tested with version 1.1 of Openshift binaries)
  • A keystore with the PaaS SSL certificates exists and is available on the PaaS API machine (you can use this guide or this software to do that)

Installation

You can install the NUBOMEDIA PaaS manager either automatically by downloading and executing the bootstrap or manually. Both options are described below.

Option 1) Automatic installation and start

The bootstrap repository contains the script to install and start the NUBOMEDIA PaaS Manager automatically. In order to do it you can run the following command:

bash <(curl -fsSkl https://raw.githubusercontent.com/nubomedia/nubomedia-paas/master/bootstrap)

At the end of the installation process the NUBOMEDIA PaaS Manager dashboard is reachable at localhost:8081

Afterwards the source code of the NUBOMEDIA PaaS Manager is located in /opt/nubomedia/nubomedia-paas. Check if the NFVO and/or the MS-VNFM is not installed and started, otherwise the NUBOMEDIA PaaS Manager start will fail and you need to start it manually when the NFVO and the MS-VNFM are up and running.

Front end setup

  • Install nodejs, follow the link
  https://nodejs.org/en/download/package-manager/
  • Install npm
  npm install npm -g
  • Install gulp globally
  npm install --global gulp-cli
  • In nubomedia-paas/src/main/resources/static run the followings:
  npm install
  bower install
  • To compile sass run the following in .../nubomedia-paas/src/main/resources/static

for normal css run

  gulp

for minified css run

  gulp --production

the sass is compiled in nubomedia-paas/src/main/resources/static/assets/app.css

Start the PaaS after the frontend installation

In case the NUBOMEDIA PaaS Manager are already installed you can start them manually using the provided script as described here

Option 2) Install the NUBOMEDIA PaaS Manager manually

  1. Download the source code from git:
git clone https://github.com/fhg-fokus-nubomedia/nubomedia-paas.git
  1. Change the properties file to reflect your infrastructure configuration:
vim NUBOMEDIA-paas/src/main/resources/paas.properties
  1. Run the provided script to create the base folder for properties file (and copy the file in it)
cd nubomedia-paas/
./nubomedia-paas.sh init

NOTE if you are not root it will ask for sudo password

  1. Compile the code using the provided script
cd nubomedia-paas/
./nubomedia-paas.sh compile

Start the NUBOMEDIA PaaS Manager Manually

The NUBOMEDIA PaaS Manager can to started by executing the following command (in the directory nubomedia-paas)

./nubomedia-paas.sh start

Once the NUBOMEDIA PaaS Manager is started you can access the screen session that is in another window with the ms-vnfm running:

screen -r nubomedia

and move to the windows named nubomedia-paas

Configuration

The configuration can to fount in /etc/nubomedia/paas.properties.

Here you can configure:

  • PaaS address
  • OpenShift
  • NFVO
  • VNF Manager (MS-VNFM aka EMM)
  • Vim (according to ETSI Specification) properties
  • KMS image
  • RabbitMQ
  • Database
  • Log Levels

After changing any configuration, you need to restart.

Configuration parameters

The following table provides you with descriptions of the main properties to be modified in order to configure the PaaS Manager:

parameter default value description
paas.security.admin.password nub0m3d14 defines the admin password for the PaaS Manager
paas.security.project.name default defines the default project for the PaaS Manager
paas.port 8081 defines the URL of the PaaS Manager itself (used internally)
openshift.baseURL https://localhost:8443 defines where your OpenShift instance is running
openshift.domainName your.domain.com defines your domain used to create the route
openshift.project nubomedia defines the project to be used in OpenShift (must exist)
openshift.token - configure your token used to access the OpenShift instance (produced by OpenShift in this way)
kms.image nubomedia/kurento-media-server Specifies the image to be used for running KMS
nfvo.ip localhost defines the ip where the NFVO is running
nfvo.port port defines the port on which Marketplace is reachable
nfvo.username admin defines the username to be used for the NFVO
nfvo.password openbaton defines the password to be used for the NFVO
nfvo.project.name nubomedia defines the project to be used
vnfm.ip localhost defines the ip where the VNFM is running
vnfm.port 9000 defines the port on which VNFM is reachable
marketplace.ip defines the ip where the Marketplace is running
marketplace.port defines the port on which Marketplace is reachable
vim.authURL http://localhost:5000/v2.0 defines the authentication URL of the cloud infrastructure to be used
vim.name nubomedia-vim defines the name of the VIM instance (used as an identifier)
vim.tenant nubomedia defines the tenant to be used for allocating resources in the cloud infrastructure
vim.username nubomedia defines the username to be used for authorizing against the cloud infrastructure
vim.password nubomedia defines the password to be used for authorizing against the cloud infrastructure
vim.keypair nubomedia defines the keypair to be used to access the VMs (must exist in cloud infrastructure)
vim.type openstack defines the type of cloud infrastructure
rabbitmq.host localhost defines the host where the RabbitMQ server is running
rabbitmq.username admin defines the username to authorize against the RabbitMQ server
rabbitmq.password openbaton defines the password to authorize against the RabbitMQ server
logging.level.* - defines the log levels of the specified packages

Create OpenShift token

The token created in this part is used internally to authorize against OpenShift. It must be placed in the configuration file under 'openshift.token' in order to let the PaaS Manager communicate with the OpenShift server.

First you need to create a new service account by running this command from the OpenShift command line:

$ echo '{"kind":"ServiceAccount","apiVersion":"v1","metadata":{"name":"paas-user"}}' | oc create -n nubomedia -f -
serviceaccount "paas-develop" created

Afterwards you need to execute the following command in order to add the new service account the the project nubomedia

$ oc policy add-role-to-user edit --serviceaccount=paas-user -n nubomedia

To get the token created you can list first the names of the tokens that were added automatically during the step before.

$ oc get secrets
paas-develop-dockercfg-lejqo           kubernetes.io/dockercfg               1         23s
paas-develop-token-lljjd               kubernetes.io/service-account-token   2         23s
paas-develop-token-yt0zr               kubernetes.io/service-account-token   2         23s

Just execute one of the following commands to retrieve the token created. Either this:

$ oc describe secrets paas-develop-token-lljjd
Name:           paas-develop-token-lljjd
Namespace:      nubomedia
Labels:         <none>
Annotations:    kubernetes.io/service-account.name=paas-develop,kubernetes.io/service-account.uid=bd9ec0fe-48fb-11e6-b950-001a648f9cf6

Type:   kubernetes.io/service-account-token

Data
====
token:  eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJudWJvbWVkaW
EiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlY3JldC5uYW1lIjoicGFhcy1kZXZlbG9wLXRva2VuLWxsampkIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQub
mFtZSI6InBhYXMtZGV2ZWxvcCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImJkOWVjMGZlLTQ4ZmItMTFlNi1iOTUwLTAwMWE2NDhmOWNmNiIsInN1YiI6InN5
c3RlbTpzZXJ2aWNlYWNjb3VudDpudWJvbWVkaWE6cGFhcy1kZXZlbG9wIn0.LzBw_k6S1NnqDIy127nTRGHRVQBatiOHN0mrayo6Bg_aDk_qtxW9o8hF5_HYkE1xFQNarewHTu5F4f3ngHZG4aJ4GkHJVaPkEHI
gQGtp7pZbEJqwNuV8pPpvZmAV8zvFJvGgCBxRcyEL4tsArshcCX3D3z1vVIS5ZvDZr12qdgp-gKs1KOeLJM-B4CxE_hV43EicY3_tbyNFdlVVsPe_FYisG-KPYwqgKdkfTPuxx3WlKQ0JUgDDaPj0MqCoETVTQ0
THcJKr25lqyvzZUJm5qzPAKvaPn8xbI7lli4TjQd1ORVc3SsE4lpfUk0FADqVsLf9Fy4xeaQ3YwuKFeZhQ7B
ca.crt: 1066 bytes

or this:

$ oc describe secrets paas-develop-token-yt0zr
Name:           paas-develop-token-yt0zr
Namespace:      nubomedia
Labels:         <none>
Annotations:    kubernetes.io/service-account.name=paas-develop,kubernetes.io/service-account.uid=bd9ec0fe-48fb-11e6-b950-001a648f9cf6

Type:   kubernetes.io/service-account-token

Data
====
ca.crt: 1066 bytes
token:  eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJudWJvbWVkaW
EiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlY3JldC5uYW1lIjoicGFhcy1kZXZlbG9wLXRva2VuLXl0MHpyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQub
mFtZSI6InBhYXMtZGV2ZWxvcCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImJkOWVjMGZlLTQ4ZmItMTFlNi1iOTUwLTAwMWE2NDhmOWNmNiIsInN1YiI6InN5
c3RlbTpzZXJ2aWNlYWNjb3VudDpudWJvbWVkaWE6cGFhcy1kZXZlbG9wIn0.dOe6d0fUkRK1gF2bjqZ6vsoic8hM0YjBoXzfg0Rn3ma_R1Vc0U0P6ytzJ8C_sPDLSE7HiLanIowKVy7AZifSDOWi53r3slxKP15
fbxw8_HunToMIR4WWIiKRjywsO184gqC1LZrmBfz0Y86-Xo91fFRMITx3rqXsHx-FkSwpNBKNFGC7cIF8Ch52LM6JXnZwazi_uP3lde3i9TdZ1tqDQKA9Eldu7Wgl3YRMiVN2xOrz4N4-vbZXYEvIQDKhCDF2QZ
Q9CJfruHrhczLeiY5yvpKfhMZ4JJxUjiDnbULtdA48GFxZszvNMpIyoX_fhqOiI3GoUFHyChcZ4B6_zZtegW

Copy & paste on of those tokens to your configuration file.

Identity Management

The Identity Management includes the following entities:

  • user: A user have his own credentials to login into the PaaS Manager. The user might be assigned to one or more projects with specific roles. Only the role:ADMIN has acces to all projects and can manage (create, delete) users and projects. The role:USER can manage applications in the assigned project and role:GUEST can browse only through the applications.
  • project: A project has an isolated view on the applications that are running in this project. A project might be used by one or multiple projects.
  • role: Roles are defining the set of actions that are permitted to execute. role:ADMIN can create and delete users and projects; and has access to all projects. role:USER can manage the applications in the assigned projects. role:GUEST can only browse through the applications of the assigned projects.

NOTE The password for the ADMIN is defined in the configuration file. Changing this password will be applied after a restart of the PaaS Manager. NOTE admin user and admin project can not be deleted or done anything that limits the access of the admin user.

Marketplace

The marketplace for NUBOMEDIA applications serves a store where the full configuration of applications can be stored. It is integrated directly in the NUBOMEDIA GUI. From the marketplace you can launch applications via your PaaS GUI without doing anything. The marketplace itself is an centralized component that might be used by several PaaS Managers. In order to use it you need to define the IP and port in the configuration file.

What is NUBOMEDIA

This project is part of NUBOMEDIA, which is an open source cloud Platform as a Service (PaaS) which makes possible to integrate Real Time Communications (RTC) and multimedia through advanced media processing capabilities. The aim of NUBOMEDIA is to democratize multimedia technologies helping all developers to include advanced multimedia capabilities into their Web and smartphone applications in a simple, direct and fast manner. To accomplish that objective, NUBOMEDIA provides a set of APIs that try to abstract all the low level details of service deployment, management, and exploitation allowing applications to transparently scale and adapt to the required load while preserving QoS guarantees.

Documentation

The NUBOMEDIA project provides detailed documentation including tutorials, installation and Development Guide.

Source

Source code for other NUBOMEDIA projects can be found in the GitHub NUBOMEDIA Group.

News

Follow us on Twitter @NUBOMEDIA Twitter.

Issue tracker

Issues and bug reports should be posted to GitHub Issues.

Licensing and distribution

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Contribution policy

You can contribute to the NUBOMEDIA community through bug-reports, bug-fixes, new code or new documentation. For contributing to the NUBOMEDIA community, drop a post to the NUBOMEDIA Public Mailing List providing full information about your contribution and its value. In your contributions, you must comply with the following guidelines

  • You must specify the specific contents of your contribution either through a detailed bug description, through a pull-request or through a patch.
  • You must specify the licensing restrictions of the code you contribute.
  • For newly created code to be incorporated in the NUBOMEDIA code-base, you must accept NUBOMEDIA to own the code copyright, so that its open source nature is guaranteed.
  • You must justify appropriately the need and value of your contribution. The NUBOMEDIA project has no obligations in relation to accepting contributions from third parties.
  • The NUBOMEDIA project leaders have the right of asking for further explanations, tests or validations of any code contributed to the community before it being incorporated into the NUBOMEDIA code-base. You must be ready to addressing all these kind of concerns before having your code approved.

Support

The NUBOMEDIA community provides support through the NUBOMEDIA Public Mailing List.