Prior to installing the driver, it may be necessary to:
- configure the source for NS Packages. See Configuring NS Package Location
- configure the Kafka host and create mandatory topics. See Configuring Kafka
- configure a secret containing trusted client certificates. See Configuring Certificates
Download the Helm chart for the required version of the NFVO Driver. Run the following command to install the Helm chart with the default values:
helm install sol005-lifecycle-driver sol005-lifecycle-driver-<version>.tgzNOTES: Before installing the driver, add a secret for icr.io by editing secrets through the following OpenShift console:
https://console-openshift-console.apps.DEV-CLUSTER.cp.fyre.ibm.com/k8s/ns/openshift-config/secrets/pull-secret/editusername: iamapikey password: < API key generated through IBM cloud account https://cloud.ibm.com/iam/apikeys >
Use lmctl for onboard the driver into LM. For full details on how to install or use lmctl, refer to its documentation.
Certificate used by sol005 driver can be obtained from the secret sol005-lifecycle-driver-tls. This certificate needs to be used while onboarding NFVO driver. Use the following command to obtain sol005 certificate.
oc get secret sol005-lifecycle-driver-tls -o 'go-template={{index .data "tls.crt"}}' | base64 -d > sol005-lifecycle-tls.pemThe following command will onboard the NFVO Driver into CP4NA environment called 'dev01':
lmctl resourcedriver add --type sol005 --url https://sol005-lifecycle-driver:8296 dev01 --certificate sol005-lifecycle-tls.pemA route need to be created to access NFVO driver externally. In this example we are using reencrypt route.
Create certificates for the route.
openssl req -newkey rsa:2048 -keyout route-tls.key -x509 -days 365 -out route-tls.crt -nodesNOTES: Use Common Name as sol005-lifecycle-driver.apps.<cluster-name>.<domain-name> while creating certificates.
Get CA certificate from secret.
oc get secret sol005-lifecycle-driver-tls -o 'go-template={{index .data "ca.crt"}}' | base64 -d > sol005-ca.crtCreate route.
oc create route reencrypt --service=sol005-lifecycle-driver --cert=route-tls.crt --key=route-tls.key --dest-ca-cert=sol005-ca.crt --hostname=sol005-lifecycle-driver.apps.<cluster-name>.<domain-name>NOTES:
- The above example assumes lmctl has been configured with an environment called 'dev01'. Replace this environment name accordingly
- If this configuration doesn't include the password for the environment, one will be prompted for