Deploy Orchestrator using Juju (Beta)
This how-to guide can be used to deploy Magma's Orchestrator on any cloud environment. It contains steps to set up a Kubernetes cluster, bootstrap a Juju controller, deploy charmed operators for Magma Orchestrator and configure DNS A records. For more information on Charmed Magma, please visit the project's homepage.
Charmed-Magma is in Beta and is not yet production ready or feature complete.
- Ubuntu 20.04 machine with internet access
- A public domain
Set up your management environment
From a Ubuntu 20.04 machine, install the following tools:
Create a Kubernetes cluster and bootstrap a Juju controller
Select a Kubernetes environment and follow the guide to create the cluster and bootstrap a Juju controller on it.
Deploy charmed Magma Orchestrator
From your Ubuntu machine, create an
overlay.yaml file that contains
the following content:
applications: fluentd: options: domain: <your domain name> elasticsearch-url: <your elasticsearch https url> orc8r-certifier: options: domain: <your domain name> orc8r-eventd: options: elasticsearch-url: <your elasticsearch http url> orc8r-nginx: options: domain: <your domain name> tls-certificates-operator: options: generate-self-signed-certificates: true ca-common-name: rootca.<your domain name>
Warning: This configuration is unsecure because it uses self-signed certificates.
Note: Elasticsearch is not part of magma-orc8r bundle and needs to be deployed prior to deploying the bundle. Elasticsearch needs to support both
juju deploy magma-orc8r --overlay overlay.yaml --trust --channel=edge
The deployment is completed when all services are in the
Import the admin operator HTTPS certificate
Retrieve the PFX package and password that contains the certificates to authenticate against Magma Orchestrator:
juju scp --container="magma-orc8r-certifier" orc8r-certifier/0:/var/opt/magma/certs/admin_operator.pfx admin_operator.pfx juju run-action orc8r-certifier/leader get-pfx-package-password --wait
The pfx package was copied to your current working directory and can now be loaded in your browser.
Retrieve the services that need to be exposed:
juju run-action orc8r-orchestrator/leader get-load-balancer-services --wait
In your domain registrar, create A records for the following Kubernetes services:
Verify the deployment
Get the host organization's username and password:
juju run-action nms-magmalte/leader get-master-admin-credentials --wait
Confirm successful deployment by visiting
https://master.nms.<your domain> and logging in
admin-password outputted here.