From e46c85749e10391279f08e227639d55d4d810022 Mon Sep 17 00:00:00 2001 From: Bonrob2 <59453630+Bonrob2@users.noreply.github.com> Date: Fri, 3 Nov 2023 16:27:40 -0400 Subject: [PATCH 1/5] NMS-16108: OpenShift: Documentation NMS-16108: OpenShift: Documentation - adding a section in the deployment section of the core documentation on how to use Helm charts to deploy Horzion with Kubernetes/OpenShift. --- .../deployment/pages/core/containers.adoc | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 docs/modules/deployment/pages/core/containers.adoc diff --git a/docs/modules/deployment/pages/core/containers.adoc b/docs/modules/deployment/pages/core/containers.adoc new file mode 100644 index 000000000000..4df5c547db40 --- /dev/null +++ b/docs/modules/deployment/pages/core/containers.adoc @@ -0,0 +1,33 @@ + +[[container-deployment]] += Deploy {page-component-title} in a Containerized Environment +:description: Learn how to install OpenNMS Horizon/Meridian in a containerized environment like Kubernetes or Red Hat OpenShift. + +If your organization uses Kubernetes or Red Hat OpenShift, OpenNMS makes a Helm chart available to simplify {page-component-title} deployment. + +Each deployment through Helm charts has a single Core server, Grafana, a custom Ingress that shares the RRD files and some configuration files, and multiple Sentinels for flow processing. + +This section describes the configuration parameters and information you will need to install {page-component-title}. + +The OpenNMS Helm Chart is based and tested against the latest {page-component-title}. +The minimum versions available are Horizon 32.x and Meridian 2023.x. + +== Before you begin +You must have a deep understanding of containerized environments. + + +overview +architecture diagram of what is installed + +== Install +== Configure +== Upgrade +== Uninstall + +Do we monitor the containers? +How is that done? + +== Example of ingress with path +== Example of extra volume mounting + + From 9b3ed69a4b9cbc88444883a88a6ae0e984321b6c Mon Sep 17 00:00:00 2001 From: Bonrob2 <59453630+Bonrob2@users.noreply.github.com> Date: Mon, 6 Nov 2023 15:47:13 -0500 Subject: [PATCH 2/5] NMS-16108: OpenShift Documentation NMS-16108: OpenShift Documentation - updated OpenShift documentation and restructured the main docs to add a section on containerized environment deployment. Related tickets will remove the existing separate Helm Charts docs and update the associated readme file. --- docs/modules/deployment/nav.adoc | 1 + .../deployment/pages/core/containers.adoc | 91 ++++++++++++++++--- .../pages/core/system-requirements.adoc | 3 + 3 files changed, 80 insertions(+), 15 deletions(-) diff --git a/docs/modules/deployment/nav.adoc b/docs/modules/deployment/nav.adoc index 46d60289269e..2ac31a84adfa 100644 --- a/docs/modules/deployment/nav.adoc +++ b/docs/modules/deployment/nav.adoc @@ -3,6 +3,7 @@ * xref:core/introduction.adoc[] ** xref:core/system-requirements.adoc[] ** xref:core/getting-started.adoc[] +** xref:core/containers.adoc[] ** xref:core/setup-message-broker.adoc[] ** xref:core/admin-password-reset.adoc[] * xref:minion/introduction.adoc[] diff --git a/docs/modules/deployment/pages/core/containers.adoc b/docs/modules/deployment/pages/core/containers.adoc index 4df5c547db40..b7e99a715cd0 100644 --- a/docs/modules/deployment/pages/core/containers.adoc +++ b/docs/modules/deployment/pages/core/containers.adoc @@ -1,33 +1,94 @@ [[container-deployment]] -= Deploy {page-component-title} in a Containerized Environment += Containerized Deployment :description: Learn how to install OpenNMS Horizon/Meridian in a containerized environment like Kubernetes or Red Hat OpenShift. If your organization uses Kubernetes or Red Hat OpenShift, OpenNMS makes a Helm chart available to simplify {page-component-title} deployment. +For information on deploying in a Docker environment, see the Docker tabs in https://docs.opennms.com/horizon/latest/deployment/core/getting-started.html[installation and configuration]. Each deployment through Helm charts has a single Core server, Grafana, a custom Ingress that shares the RRD files and some configuration files, and multiple Sentinels for flow processing. -This section describes the configuration parameters and information you will need to install {page-component-title}. - The OpenNMS Helm Chart is based and tested against the latest {page-component-title}. -The minimum versions available are Horizon 32.x and Meridian 2023.x. +The minimum version available is +ifeval::["{page-component-title}" == "Horizon"] +Horizon 32.x. +endif::[] + +ifeval::["{page-component-title}" == "Meridian"] +Meridian 2023.x. +endif::[] == Before you begin -You must have a deep understanding of containerized environments. +You must have a deep understanding of containerized environments (https://kubernetes.io/docs/home/[Kubernetes], https://access.redhat.com/documentation/en-us/openshift_container_platform/[Red Hat OpenShift]) and https://helm.sh/docs[Helm], the package manager for Kubernetes. + +You should also be familiar with {page-component-title}, its components, and how the environment works. + +== Requirements + +* https://kubernetes.io/docs/reference/kubectl/[kubectl] +* https://kubernetes.io/docs/reference/kubectl/[Helm] version 3 +* Kubernetes 1.20+ OR Red Hat OpenShift 4.12+ + +When using cloud resources, make sure you have https://learn.microsoft.com/en-us/cli/azure/reference-index?view=azure-cli-latest[az] for Azure or https://cloud.google.com/sdk/gcloud[gcloud] for Google Cloud. + +=== External dependencies + +{page-component-title} requires the following as part of its monitoring environment. +Make sure to set them up, with SSL enabled, before deploying {page-component-title}. + +* PostgreSQL server as the central database for OpenNMS and Grafana. +** For Google Cloud, the solution was tested using Google SQL for PostgreSQL with SSL and a private IP. +* Elasticsearch cluster for flow persistence +* Grafana Loki server for log aggregation +** https://grafana.com/docs/loki/v2.8.x/tools/logcli/[logcli] helps extract OpenNMS logs from the command line for troubleshooting purposes. +* https://cert-manager.io/docs/[cert-manager] to provide HTTPS/TLS support to the web-based services the ingress controller manages. +** A `ClusterIssuer` to use it across multiple independent {page-component-title} installations. +* Nginx Ingress Controller, as the solution has not been tested with other Ingress implementations. + +== Deployment on Kubernetes +Once you have set up Helm properly, use the following commands to deploy {page-component-title} on Kubernetes: + +[source, console] +---- +helm repo add opennms https://opennms.github.io/helm-charts + +helm install monms opennms/horizon --set domain=domain1.com --create-namespace +---- + +Update configuration values in the `values.yml` file, as required, for your environment. +These values include various passwords (Kafka, database, PostgreSQL), timezone, CPU limits, and so on. +For a list of values and their defaults, see https://github.com/OpenNMS/helm-charts/blob/main/horizon/README.md#values[Values] in the project's readme file on GitHub. + +== Installation on OpenShift + +There are a few known issues and limitations with installation on OpenShift: -overview -architecture diagram of what is installed +* Removing `CAP_NET_RAW` capability or setting allowPrivilegeEscalation to false will impact ICMP and auto discovery features. + ** WORKAROUND: Use a Minion that is located outside of the OpenShift cluster. -== Install -== Configure -== Upgrade -== Uninstall + * By default, OpenNMS will create a ClusterRole, ClusterRoleBinding, Route, SecurityContextConstraints, and ServiceAccount. + The user used to install OpenNMS must have the required permissions to make these modifications the OpenShift Cluster, including admin access. + There are options to disable the creation of these elements, but if you do so, you will need to figure out a way to get the pods to work. -Do we monitor the containers? -How is that done? +To install {page-component-title} on OpenShift, follow these steps: -== Example of ingress with path -== Example of extra volume mounting +1. Log in to OpenShift and switch to Developer view. +2. Create a project with a unique name. +3. Go to the Helm section. +4. In the Create drop-down menu, select Repository. + * In the Create Repository page, + * Add a unique name and display name. + * Use https://opennms.github.io/helm-charts/ for the URL. + * Save the changes. +5. In the Create drop-down menu, select Helm Release. +6. Under Repository, select the newly created repository entry. +7. Click on Horizon. +8. Make sure that the project name matches the name you set in step 2. + * Skip this step if you are setting “CreateNamespace” option to true. +9. Make the required modifications (for example, set the PostgreSQL information). +10. Click Create. +11. Wait for the pods to come up. This may take a few minutes. +NOTE: The process to install the Minion is similar. diff --git a/docs/modules/deployment/pages/core/system-requirements.adoc b/docs/modules/deployment/pages/core/system-requirements.adoc index 4292e0b3dab3..a4e60eef4d36 100644 --- a/docs/modules/deployment/pages/core/system-requirements.adoc +++ b/docs/modules/deployment/pages/core/system-requirements.adoc @@ -92,3 +92,6 @@ Components marked with an asterisk are required: | Browser * | Latest https://www.mozilla.org[Mozilla Firefox] or https://www.google.com/intl/en_us/chrome/[Google Chrome] |=== + +== Containerized environments +See xref:deployment:core/containers.adoc[containerized deployment] for information on deploying {page-component-title} via Kubernetes or OpenShift. \ No newline at end of file From 4b23a6e0c1d9ea088548a3ce0b04b03fd1790ec3 Mon Sep 17 00:00:00 2001 From: Bonrob2 <59453630+Bonrob2@users.noreply.github.com> Date: Tue, 7 Nov 2023 10:43:29 -0500 Subject: [PATCH 3/5] NMS-16108: OpenShift Documentation NMS-16108: OpenShift Documentation - updated containerization documentation based on reviewer feedback. --- docs/modules/deployment/pages/core/containers.adoc | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/docs/modules/deployment/pages/core/containers.adoc b/docs/modules/deployment/pages/core/containers.adoc index b7e99a715cd0..c81ae40bb1f4 100644 --- a/docs/modules/deployment/pages/core/containers.adoc +++ b/docs/modules/deployment/pages/core/containers.adoc @@ -6,8 +6,6 @@ If your organization uses Kubernetes or Red Hat OpenShift, OpenNMS makes a Helm chart available to simplify {page-component-title} deployment. For information on deploying in a Docker environment, see the Docker tabs in https://docs.opennms.com/horizon/latest/deployment/core/getting-started.html[installation and configuration]. -Each deployment through Helm charts has a single Core server, Grafana, a custom Ingress that shares the RRD files and some configuration files, and multiple Sentinels for flow processing. - The OpenNMS Helm Chart is based and tested against the latest {page-component-title}. The minimum version available is ifeval::["{page-component-title}" == "Horizon"] @@ -20,7 +18,7 @@ endif::[] == Before you begin -You must have a deep understanding of containerized environments (https://kubernetes.io/docs/home/[Kubernetes], https://access.redhat.com/documentation/en-us/openshift_container_platform/[Red Hat OpenShift]) and https://helm.sh/docs[Helm], the package manager for Kubernetes. +You must have a deep understanding of containerized environments (https://kubernetes.io/docs/home/[Kubernetes], https://access.redhat.com/documentation/en-us/openshift_container_platform/[Red Hat OpenShift]) and https://helm.sh/docs[Helm], which is the package manager for Kubernetes. You should also be familiar with {page-component-title}, its components, and how the environment works. @@ -30,8 +28,6 @@ You should also be familiar with {page-component-title}, its components, and how * https://kubernetes.io/docs/reference/kubectl/[Helm] version 3 * Kubernetes 1.20+ OR Red Hat OpenShift 4.12+ -When using cloud resources, make sure you have https://learn.microsoft.com/en-us/cli/azure/reference-index?view=azure-cli-latest[az] for Azure or https://cloud.google.com/sdk/gcloud[gcloud] for Google Cloud. - === External dependencies {page-component-title} requires the following as part of its monitoring environment. From db79e28bd587f64c94d1d4c07a2e9106e04d4436 Mon Sep 17 00:00:00 2001 From: Benjamin Reed Date: Tue, 7 Nov 2023 13:09:17 -0500 Subject: [PATCH 4/5] Release Notes for OpenNMS Horizon 32.0.5 --- debian/changelog | 11 +++++++ .../modules/releasenotes/pages/changelog.adoc | 31 +++++++++++++++++++ .../minion/src/main/filtered/debian/changelog | 11 +++++++ .../src/main/filtered/debian/changelog | 11 +++++++ 4 files changed, 64 insertions(+) diff --git a/debian/changelog b/debian/changelog index 57a4559940b4..fa7b893d4901 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +opennms (32.0.5-1) stable; urgency=high + + * Release 32.0.5 contains a bunch of security updates to Drools, + Hibernate, Jetty, and more, plus a number of other bug fixes and + a slew of documentation updates. + + For details on what has changed, see: + https://docs.opennms.com/horizon/32.0.5/index.html + + -- OpenNMS Release Manager Tue, 07 Nov 2023 13:08:00 -0500 + opennms (32.0.4-1) stable; urgency=low * Release 32.0.4 contains documentation updates as well as a number of diff --git a/docs/modules/releasenotes/pages/changelog.adoc b/docs/modules/releasenotes/pages/changelog.adoc index e7021ef08d01..ecbaaab97f3b 100644 --- a/docs/modules/releasenotes/pages/changelog.adoc +++ b/docs/modules/releasenotes/pages/changelog.adoc @@ -2,6 +2,37 @@ = Changelog +[[releasenotes-changelog-32.0.5]] + +== Release 32.0.5 + +Release 32.0.5 contains a bunch of security updates to Drools, Hibernate, Jetty, and more, plus a number of other bug fixes and a slew of documentation updates. + +The codename for Horizon 32.0.5 is https://volt.fm/genre/6385/deep-swedish-rock[_Deep Swedish Rock_]. + +=== Enhancement + +* BMP docs could use some TLC (Issue https://issues.opennms.org/browse/NMS-13891[NMS-13891]) +* Provisiond threads description discrepancies (Issue https://issues.opennms.org/browse/NMS-14766[NMS-14766]) +* OpenShift: Documentation (Issue https://issues.opennms.org/browse/NMS-16108[NMS-16108]) +* Backport Drools 8.x to foundation 2023 to address a couple of CVEs (Issue https://issues.opennms.org/browse/NMS-16179[NMS-16179]) +* Integrate hibernate-core related patch from Debian (Issue https://issues.opennms.org/browse/NMS-16181[NMS-16181]) +* Version bump of json for CVE-2023-5072 (Issue https://issues.opennms.org/browse/NMS-16191[NMS-16191]) +* Version bump of jetty to 9.4.53 version (Issue https://issues.opennms.org/browse/NMS-16192[NMS-16192]) +* Bump to the latest netty 4 version (Issue https://issues.opennms.org/browse/NMS-16193[NMS-16193]) +* Version bump of snappy java (Issue https://issues.opennms.org/browse/NMS-16194[NMS-16194]) +* Docs: Remove deprecated resourcecli section (Issue https://issues.opennms.org/browse/NMS-16216[NMS-16216]) +* Post install/upgrade instructions on how to join OpenNMS Community (Issue https://issues.opennms.org/browse/NMS-16213[NMS-16213]) + +=== Bug + +* Local Geo Map (using gwt.openlayers.url ) working in version 29.0.1 is not anymore in 31.0.3-1 (Issue https://issues.opennms.org/browse/NMS-15400[NMS-15400]) +* Access Denied when deleting a node with admin user (Issue https://issues.opennms.org/browse/NMS-15746[NMS-15746]) +* Map dashlet for Ops Boards references old map systems (Issue https://issues.opennms.org/browse/NMS-16044[NMS-16044]) +* Reports -> Chart page does not load graphs (Issue https://issues.opennms.org/browse/NMS-16085[NMS-16085]) +* Event parameters with `<>` not rendering in event/alarm views (Issue https://issues.opennms.org/browse/NMS-16157[NMS-16157]) +* Add Basic Auth to OpenConfig gNMI for Call Credentials (Issue https://issues.opennms.org/browse/NMS-16158[NMS-16158]) + [[releasenotes-changelog-32.0.4]] == Release 32.0.4 diff --git a/opennms-assemblies/minion/src/main/filtered/debian/changelog b/opennms-assemblies/minion/src/main/filtered/debian/changelog index e5911ef3652f..96876fc4c511 100644 --- a/opennms-assemblies/minion/src/main/filtered/debian/changelog +++ b/opennms-assemblies/minion/src/main/filtered/debian/changelog @@ -1,3 +1,14 @@ +opennms-minion (32.0.5-1) stable; urgency=high + + * Release 32.0.5 contains a bunch of security updates to Drools, + Hibernate, Jetty, and more, plus a number of other bug fixes and + a slew of documentation updates. + + For details on what has changed, see: + https://docs.opennms.com/horizon/32.0.5/index.html + + -- OpenNMS Release Manager Tue, 07 Nov 2023 13:08:00 -0500 + opennms-minion (32.0.4-1) stable; urgency=low * Release 32.0.4 contains documentation updates as well as a number of diff --git a/opennms-assemblies/sentinel/src/main/filtered/debian/changelog b/opennms-assemblies/sentinel/src/main/filtered/debian/changelog index 1f6f1abdbf96..82568be0bf28 100644 --- a/opennms-assemblies/sentinel/src/main/filtered/debian/changelog +++ b/opennms-assemblies/sentinel/src/main/filtered/debian/changelog @@ -1,3 +1,14 @@ +opennms-sentinel (32.0.5-1) stable; urgency=high + + * Release 32.0.5 contains a bunch of security updates to Drools, + Hibernate, Jetty, and more, plus a number of other bug fixes and + a slew of documentation updates. + + For details on what has changed, see: + https://docs.opennms.com/horizon/32.0.5/index.html + + -- OpenNMS Release Manager Tue, 07 Nov 2023 13:08:00 -0500 + opennms-sentinel (32.0.4-1) stable; urgency=low * Release 32.0.4 contains documentation updates as well as a number of From ec477935faff02808f4e433cc7b3103f1324d711 Mon Sep 17 00:00:00 2001 From: Benjamin Reed Date: Tue, 7 Nov 2023 13:33:32 -0500 Subject: [PATCH 5/5] spacey space Co-authored-by: Bonrob2 <59453630+Bonrob2@users.noreply.github.com> --- docs/modules/releasenotes/pages/changelog.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/modules/releasenotes/pages/changelog.adoc b/docs/modules/releasenotes/pages/changelog.adoc index ecbaaab97f3b..eae4ca77bf24 100644 --- a/docs/modules/releasenotes/pages/changelog.adoc +++ b/docs/modules/releasenotes/pages/changelog.adoc @@ -26,7 +26,7 @@ The codename for Horizon 32.0.5 is https://volt.fm/genre/6385/deep-swedish-rock[ === Bug -* Local Geo Map (using gwt.openlayers.url ) working in version 29.0.1 is not anymore in 31.0.3-1 (Issue https://issues.opennms.org/browse/NMS-15400[NMS-15400]) +* Local Geo Map (using gwt.openlayers.url) working in version 29.0.1 is not anymore in 31.0.3-1 (Issue https://issues.opennms.org/browse/NMS-15400[NMS-15400]) * Access Denied when deleting a node with admin user (Issue https://issues.opennms.org/browse/NMS-15746[NMS-15746]) * Map dashlet for Ops Boards references old map systems (Issue https://issues.opennms.org/browse/NMS-16044[NMS-16044]) * Reports -> Chart page does not load graphs (Issue https://issues.opennms.org/browse/NMS-16085[NMS-16085])