clear
echo -e "\e[32m=======================================================================\e[0m"
echo -e "\e[32m= Welcome to the Nutanix AI 2.5 Install Script for Microk8s on Ubuntu =\e[0m"
echo -e "\e[32m=                                                                     =\e[0m"
echo -e "\e[32m=          Courtesy of Husain Ebrahim and Simon Todd                  =\e[0m"
echo -e "\e[32m=======================================================================\e[0m"
echo -e
echo -e "======================================================================="
echo -e "= This install script will deploy out the following applications:     ="
echo -e "= microk8s services                                                   ="
echo -e "= HELM Gateway                                                        ="
echo -e "= Envoy Gateway                                                       ="
echo -e "= kserve                                                              ="
echo -e "= OpenTelemetryCollector                                              ="
echo -e "= NAI Operators                                                       ="
echo -e "= NAI Core                                                            ="
echo -e "======================================================================="
echo -e
echo "Did you run the runme1st.sh? (yes/no)"
select strictreply in "Yes" "No"; do
    relaxedreply=${strictreply:-$REPLY}
    case $relaxedreply in
        Yes | yes | y ) echo "ok, proceeding..........."; break;;
        No  | no  | n ) echo "please ensure you run the runme1st.sh script before running this one, exiting....";exit;;
    esac
done
microk8s config > .kube/config
# Check if IPv6 is disabled via sysctl
IPV6_DISABLED=$(sysctl -n net.ipv6.conf.all.disable_ipv6 2>/dev/null)
if [[ "$IPV6_DISABLED" == "0" ]]; then
    echo -e "\e[32mIPv6 Enabled: YES\e[0m"
else
    echo -e "\e[31mIPv6 Enabled: NO\e[0m";
    echo -e;
    echo -e "\e[33m=================================================================================================\e[0m"
    echo -e "\e[33mThe Underlying host has to have IPv6 enabled to continue. Please correct and re-launch the script\e[0m"
    echo -e "\e[33m=================================================================================================\e[0m"; exit
fi
echo -e "\e[31m============================================================\e[0m"
echo -e "\e[31mPlease ensure you have the following files in the ./ folder:\e[0m"
echo -e "\e[31m============================================================\e[0m"
echo -e "\e[33mvalues.yaml\e[0m - this is for the NAI-Core Install with custom storageclass to point to microk8s-hostpath"
echo -e "\e[33mfullchain1.pem\e[0m and \e[33mprivekey1.pem\e[0m - These are required for the gateway ssl certs"
echo 
echo "Do you have these files in the correct place? (yes/no)"
select strictreply in "Yes" "No"; do
    relaxedreply=${strictreply:-$REPLY}
    case $relaxedreply in
        Yes | yes | y ) echo "ok, proceeding..........."; break;;
        No  | no  | n ) echo "please ensure files are correctly located and re-run the script, exiting....";exit;;
    esac
done

echo -e "\e[32m===================================\e[0m"
echo -e "\e[32mEnter your Docker Credentials below\e[0m"
echo -e "\e[32m===================================\e[0m"
read -p "Enter Your Email: " email
read -p "Enter your Docker API Username: " username
read -p "Enter your Docker API Key: " password

#Enable Add Ons
echo -e "\e[32m==========================\e[0m"
echo -e "\e[32mEnabling mikrok8s services\e[0m"
echo -e "\e[32m==========================\e[0m"
microk8s enable dns
microk8s enable cert-manager
microk8s enable metallb:10.54.82.46-10.54.82.50
microk8s enable ingress
microk8s enable hostpath-storage
microk8s enable dashboard
microk8s enable nvidia
microk8s enable metrics-server
microk8s enable observability

#add persistent volumes
#echo -e "\e[33mCreating Volumes\e[0m"
#kubectl create -f - <<EOF
#---
# nutanix-volume
#kind: StorageClass
#apiVersion: storage.k8s.io/v1
#metadata:
#  name: nutanix-volume
#provisioner: microk8s.io/hostpath
#reclaimPolicy: Retain
#parameters:
#   pvDir: /raid0
#volumeBindingMode: WaitForFirstConsumer
#EOF

#kubectl create -f - <<EOF
#---
# nai-nfs-storage
#kind: StorageClass
#apiVersion: storage.k8s.io/v1
#metadata:
#  name: nai-nfs-storage
#provisioner: microk8s.io/hostpath
#reclaimPolicy: Retain
#parameters:
#   pvDir: /raid0
#volumeBindingMode: WaitForFirstConsumer
#EOF

#echo -e "\e[33mVerifying PVCs\e[0m"
#kubectl get pvc -A

#Show Dashboard Token
echo -e "\e[33mDashboard Token\e[0m"
kubectl describe secret -n kube-system microk8s-dashboard-token

#Sleeping for two minutes
echo -e "\e[33mWaiting two minutes for pod initialisation\e[0m"
sleep 120
kubectl logs -n gpu-operator-resources -lapp=nvidia-operator-validator -c nvidia-operator-validator

#Install the Helm Gateway
echo -e "\e[32m========================\e[0m"
echo -e "\e[32mInstalling Envoy Gateway\e[0m"
echo -e "\e[32m========================\e[0m"
helm install eg oci://docker.io/envoyproxy/gateway-helm --version v1.5.0 -n envoy-gateway-system --create-namespace
echo -e "\e[33mChecking status of Envoy Gateway\e[0m"
kubectl wait --timeout=5m -n envoy-gateway-system deployment/envoy-gateway --for=condition=Available

#Install kServe
echo -e "\e[32m=================\e[0m"
echo -e "\e[32mInstalling kserve\e[0m"
echo -e "\e[32m=================\e[0m"
export KSERVE_VERSION=v0.15.0
helm upgrade --install kserve-crd oci://ghcr.io/kserve/charts/kserve-crd --version ${KSERVE_VERSION} -n kserve --create-namespace
helm upgrade --install kserve oci://ghcr.io/kserve/charts/kserve --version ${KSERVE_VERSION} --namespace kserve --create-namespace \
--set kserve.controller.deploymentMode=RawDeployment \
--set kserve.controller.gateway.disableIngressCreation=true
echo -e "\e[33mWaiting 45 seconds for kserve to enable\e[0m"
sleep 60
kubectl get pods -n kserve

#Install CRDs
echo -e "\e[32m=================================\e[0m"
echo -e "\e[32mInstalling OpenTelemetryCollector\e[0m"
echo -e "\e[32m=================================\e[0m"
helm upgrade --install opentelemetry-operator opentelemetry-operator --repo https://open-telemetry.github.io/opentelemetry-helm-charts --version=0.93.0 -n opentelemetry --create-namespace --wait
echo -e "\e[33mWaiting 30 seconds to check status\e[0m"
sleep 30
kubectl --namespace opentelemetry get pods -l "app.kubernetes.io/instance=opentelemetry-operator"

echo -e "\e[32m========================\e[0m"
echo -e "\e[32mInstalling NAI Operators\e[0m"
echo -e "\e[32m========================\e[0m"
helm upgrade --install nai-operators ntnx-charts/nai-operators --version=2.5.0  -n nai-system --create-namespace --wait \
        --set imagePullSecret.credentials.username=$username \
        --set imagePullSecret.credentials.email=$email \
        --set imagePullSecret.credentials.password=$password \
        --insecure-skip-tls-verify
echo -e "\e[33mWaiting 30 seconds to verify operators running\e[0m"
sleep 30
kubectl --namespace nai-system get pods

#Install NAI
echo -e "\e[32m===================\e[0m"
echo -e "\e[32mInstalling NAI-Core\e[0m"
echo -e "\e[32m===================\e[0m"
helm pull ntnx-charts/nai-core --version=2.5.0 --untar=true

helm upgrade --install nai-core ntnx-charts/nai-core --version=2.5.0 -n nai-system --create-namespace --wait \
        --set imagePullSecret.credentials.username=$username \
        --set imagePullSecret.credentials.email=$email \
        --set imagePullSecret.credentials.password=$password \
        --set naiApi.storageClassName=microk8s-hostpath \
        --set defaultStorageClassName=microk8s-hostpath \
        --set naiMonitoring.opentelemetry.common.resources.requests.cpu=0.1 \
        --set "nai-clickhouse-keeper.clickhouseKeeper.resources.limits.memory=1Gi" \
        --set "nai-clickhouse-keeper.clickhouseKeeper.resources.requests.memory=1Gi" \
        -f ./values.yaml

#Gateway Config
echo -e "\e[32m==================\e[0m"
echo -e "\e[32mSetting Up Gateway\e[0m"
echo -e "\e[32m==================\e[0m"
kubectl -n nai-system create secret tls nai-cert --cert=./fullchain1.pem --key=./privkey1.pem
kubectl patch gateway nai-ingress-gateway -n nai-system --type='json' -p='[{"op": "replace", "path": "/spec/listeners/1/tls/certificateRefs/0/name", "value": "nai-cert"}]'