1.8.0

Deploy Orchestrator using Juju

This how-to guide can be used to deploy Magma's Orchestrator on any cloud environment. It contains steps to set up a Kubernetes cluster, bootstrap a Juju controller, deploy charmed operators for Magma Orchestrator and configure DNS A records. For more information on Charmed Magma, please visit the project's homepage.

Pre-requisites

  • A machine with internet access
  • A public domain

Set up your management environment

From your machine, install the following tools:

Create a Kubernetes cluster and bootstrap a Juju controller

Select a Kubernetes environment and follow the guide to create the cluster and bootstrap a Juju controller on it.

  1. MicroK8s
  2. Google Cloud (GKE)
  3. Amazon Web Services (EKS)
  4. Microsoft Azure (AKS)

Deploy charmed Magma Orchestrator

From your machine, create an overlay.yaml file that contains the following content:

applications:
  fluentd:
    options:
      domain: <your domain name>
      elasticsearch-url: <your elasticsearch https url>
  orc8r-certifier:
    options:
      domain: <your domain name>
  orc8r-eventd:
    options:
      elasticsearch-url: <your elasticsearch http url>
  orc8r-nginx:
    options:
      domain: <your domain name>
  tls-certificates-operator:
    options:
      generate-self-signed-certificates: true
      ca-common-name: rootca.<your domain name>

Warning: This configuration is unsecure because it uses self-signed certificates.

Deploy Orchestrator:

juju deploy magma-orc8r --overlay overlay.yaml --channel=1.8/stable

The deployment is completed when all services are in the Active-Idle state.

Import the admin operator HTTPS certificate

Retrieve the PFX package and password that contains the certificates to authenticate against Magma Orchestrator:

juju scp --container="magma-orc8r-certifier" orc8r-certifier/0:/var/opt/magma/certs/admin_operator.pfx admin_operator.pfx
juju run-action orc8r-certifier/leader get-pfx-package-password --wait

The pfx package was copied to your current working directory and can now be loaded in your browser.

Setup DNS

Retrieve the services that need to be exposed:

juju run-action orc8r-orchestrator/leader get-load-balancer-services --wait

In your domain registrar, create A records for the following Kubernetes services:

AddressHostname
<orc8r-bootstrap-nginx External IP>bootstrapper-controller.<your domain>
<orc8r-nginx-proxy External IP>api.<your domain>
<orc8r-clientcert-nginx External IP>controller.<your domain>
<nginx-proxy External IP>*.nms.<your domain>
<fluentd External IP>fluentd.<your domain>

Verify the deployment

Get the host organization's username and password:

juju run-action nms-magmalte/leader get-host-admin-credentials --wait

Confirm successful deployment by visiting https://host.nms.<your domain> and logging in with the admin-username and admin-password outputted here.

Install OrchestratorTerraform Options