diff options
Diffstat (limited to 'platform_base_installation/installer')
| -rwxr-xr-x | platform_base_installation/installer | 350 |
1 files changed, 350 insertions, 0 deletions
diff --git a/platform_base_installation/installer b/platform_base_installation/installer new file mode 100755 index 0000000..600849b --- /dev/null +++ b/platform_base_installation/installer @@ -0,0 +1,350 @@ +#!/bin/bash +# +# ============LICENSE_START========================================== +# =================================================================== +# Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END============================================ +# +# ECOMP and OpenECOMP are trademarks +# and service marks of AT&T Intellectual Property. +# + +# URLs for artifacts needed for installation +DESIGTYPES={{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/type_files/dnsdesig/dns_types.yaml +DESIGPLUG={{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/dnsdesig-1.0.0-py27-none-any.wgn +SSHKEYTYPES={{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/type_files/sshkeyshare/sshkey_types.yaml +SSHKEYPLUG={{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/sshkeyshare-1.0.0-py27-none-any.wgn +CMVMBP={{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/blueprints/centos_vm.yaml +CONSULBP={{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/blueprints/consul_cluster.yaml +# Wagon package for OpenStack plugin +OSPLUGIN={{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/cloudify_openstack_plugin-1.4-py27-none-linux_x86_64-centos-Core.wgn + +# Make sure ssh doesn't prompt for new host or choke on a new host with an IP it's seen before +SSHOPTS="-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" +STARTDIR=$(pwd) + +LOCATION= +SSHUSER=centos +PVTKEY= +INPUTS=inputs.yaml +PUBIP= + +while [ "$#" != 0 ] +do + case "$1" in + '--inputs') + INPUTS="$2" + shift 2 + ;; + '--remote-user') + SSHUSER="$2" + shift 2 + ;; + '--fqdn') + PUBIP="$2" + shift 2 + ;; + '--ssh-key') + PVTKEY="$2" + shift 2 + ;; + '--location-id') + LOCATION="$2" + shift 2 + ;; + *) + LOCATION="" + break; + ;; + esac +done + +if [ "$PVTKEY" = "" -o "$LOCATION" = "" ] +then + echo Usage: "$0" '--ssh-key ssh-private-key-file --location-id location-id [--remote-user remote-user-name] [--fqdn fqdn] [--inputs inputs-file-path]' + exit 1 +fi + + +set -e +set -x + +# Create a virtual environment +virtualenv dcaeinstall +source dcaeinstall/bin/activate + +# Install Cloudify +pip install cloudify==3.4.0 + +# Install the Cloudify OpenStack plugin from a wagon +# (Avoid changes in dependency versions that could cause conflict) +wget -O osplugin.wgn ${OSPLUGIN} +wagon install -s osplugin.wgn + +# Do we need to spin up a VM +if [ -z ${PUBIP} ] +then + # Get the Designate and SSH key plugins and type files + mkdir -p plugins/dnsdesig + mkdir plugins/sshkeyshare + mkdir types + + wget -qO- ${DESIGTYPES} > types/dns_types.yaml + wget -qO- ${SSHKEYTYPES} > types/sshkey_types.yaml + + wget -O dnsdesig.wgn ${DESIGPLUG} + wget -O sshkeyshare.wgn ${SSHKEYPLUG} + + wagon install -s dnsdesig.wgn + wagon install -s sshkeyshare.wgn + + # Get the blueprint for the Centos VM needed for Cloudify Manager + wget -O centos_vm.yaml ${CMVMBP} + + # Fix up the inputs file to get the private key locally + sed -e "s#key_filename:.*#key_filename: $PVTKEY#" < ${INPUTS} > /tmp/local_inputs + # Now install the VM + cfy local init --install-plugins -p centos_vm.yaml -i /tmp/local_inputs -i "datacenter=$LOCATION" + cfy local execute -w install --task-retries=10 + PUBIP=$(cfy local outputs | grep -Po '"public_ip": "\K.*?(?=")') + + # It's probably not completely ready when the installation finish, so wait + sleep 180 +fi + +echo "Installing Cloudify Manager on ${PUBIP}." + +PVTIP=$(ssh $SSHOPTS -i "$PVTKEY" "$SSHUSER"@"$PUBIP" 'echo PVTIP=`curl --silent http://169.254.169.254/2009-04-04/meta-data/local-ipv4`' | grep PVTIP | sed 's/PVTIP=//') +if [ "$PVTIP" = "" ] +then + echo Cannot access specified machine at $PUBIP using supplied credentials + exit 1 +fi + + +# Copy private key onto Cloudify Manager VM +PVTKEYPATH=$(cat ${INPUTS} | grep "key_filename" | cut -d "'" -f2) +PVTKEYNAME=$(basename $PVTKEYPATH) +PVTKEYDIR=$(dirname $PVTKEYPATH) +scp $SSHOPTS -i $PVTKEY $PVTKEY $SSHUSER@$PUBIP:/tmp/$PVTKEYNAME +ssh -t $SSHOPTS -i $PVTKEY $SSHUSER@$PUBIP sudo mkdir -p $PVTKEYDIR +ssh -t $SSHOPTS -i $PVTKEY $SSHUSER@$PUBIP sudo mv /tmp/$PVTKEYNAME $PVTKEYPATH + +ESMAGIC=$(uuidgen -r) +WORKDIR=$HOME/cmtmp +BSDIR=$WORKDIR/cmbootstrap +PVTKEY2=$BSDIR/id_rsa.cfybootstrap +TMPBASE=$WORKDIR/tmp +TMPDIR=$TMPBASE/lib +SRCS=$WORKDIR/srcs.tar +TOOL=$WORKDIR/tool.py +rm -rf $WORKDIR +mkdir -p $BSDIR $TMPDIR/cloudify/wheels $TMPDIR/cloudify/sources $TMPDIR/manager +chmod 700 $WORKDIR +cp "$PVTKEY" $PVTKEY2 +cat >$TOOL <<!EOF +#!/usr/local/bin/python + +import yaml +import sys +bsdir = sys.argv[1] +with open(bsdir + '/simple-manager-blueprint-inputs.yaml', 'r') as f: + inpyaml = yaml.load(f) +with open(bsdir + '/simple-manager-blueprint.yaml', 'r') as f: + bpyaml = yaml.load(f) +for param, value in bpyaml['inputs'].items(): + if value.has_key('default') and not inpyaml.has_key(param): + inpyaml[param] = value['default'] +print inpyaml['manager_resources_package'] +!EOF + +# +# Try to disable attempt to download virtualenv when not needed +# +ssh $SSHOPTS -t -i $PVTKEY2 $SSHUSER@$PUBIP 'sudo bash -xc "echo y; mkdir -p /root/.virtualenv; echo '"'"'[virtualenv]'"'"' >/root/.virtualenv/virtualenv.ini; echo no-download=true >>/root/.virtualenv/virtualenv.ini"' + +# Gather installation artifacts +# from documentation, URL for manager blueprints archive +BSURL=https://github.com/cloudify-cosmo/cloudify-manager-blueprints/archive/3.4.tar.gz +BSFILE=$(basename $BSURL) + +umask 022 +wget -qO- $BSURL >$BSDIR/$BSFILE +cd $BSDIR +tar xzvf $BSFILE +MRPURL=$(python $TOOL $BSDIR/cloudify-manager-blueprints-3.4) +MRPFILE=$(basename $MRPURL) +wget -qO- $MRPURL >$TMPDIR/cloudify/sources/$MRPFILE + +tar cf $SRCS -C $TMPDIR cloudify +rm -rf $TMPBASE +# +# Load required package files onto VM +# +scp $SSHOPTS -i $PVTKEY2 $SRCS $SSHUSER@$PUBIP:/tmp/. +ssh -t $SSHOPTS -i $PVTKEY2 $SSHUSER@$PUBIP 'sudo bash -xc "cd /opt; tar xf /tmp/srcs.tar; chown -R root:root /opt/cloudify /opt/manager; rm -rf /tmp/srcs.tar"' +# +# Install config file -- was done by DCAE controller. What now? +# +ssh $SSHOPTS -t -i $PVTKEY2 $SSHUSER@$PUBIP 'sudo bash -xc '"'"'mkdir -p /opt/dcae; if [ -f /tmp/cfy-config.txt ]; then cp /tmp/cfy-config.txt /opt/dcae/config.txt && chmod 644 /opt/dcae/config.txt; fi'"'" +cd $WORKDIR + +# +# Check for and set up https certificate information +# +rm -f $BSDIR/cloudify-manager-blueprints-3.4/resources/ssl/server.key $BSDIR/cloudify-manager-blueprints-3.4/resources/ssl/server.crt +ssh -t $SSHOPTS -i $PVTKEY2 $SSHUSER@$PUBIP 'sudo bash -xc "openssl pkcs12 -in /opt/app/dcae-certificate/certificate.pkcs12 -passin file:/opt/app/dcae-certificate/.password -nodes -chain"' | awk 'BEGIN{x="/dev/null";}/-----BEGIN CERTIFICATE-----/{x="'$BSDIR'/cloudify-manager-blueprints-3.4/resources/ssl/server.crt";}/-----BEGIN PRIVATE KEY-----/{x="'$BSDIR'/cloudify-manager-blueprints-3.4/resources/ssl/server.key";}{print >x;}/-----END /{x="/dev/null";}' +USESSL=false +if [ -f $BSDIR/cloudify-manager-blueprints-3.4/resources/ssl/server.key -a -f $BSDIR/cloudify-manager-blueprints-3.4/resources/ssl/server.crt ] +then + USESSL=true +fi +# +# Set up configuration for the bootstrap +# +export CLOUDIFY_USERNAME=admin CLOUDIFY_PASSWORD=encc0fba9f6d618a1a51935b42342b17658 +cd $BSDIR/cloudify-manager-blueprints-3.4 +cp simple-manager-blueprint.yaml bootstrap-blueprint.yaml +ed bootstrap-blueprint.yaml <<'!EOF' +/^node_types:/-1a + plugin_resources: + description: > + Holds any archives that should be uploaded to the manager. + default: [] + dsl_resources: + description: > + Holds a set of dsl required resources + default: [] +. +/^ upload_resources:/a + plugin_resources: { get_input: plugin_resources } +. +w +q +!EOF +sed <simple-manager-blueprint-inputs.yaml >bootstrap-inputs.yaml \ + -e "s;.*public_ip: .*;public_ip: '$PUBIP';" \ + -e "s;.*private_ip: .*;private_ip: '$PVTIP';" \ + -e "s;.*ssh_user: .*;ssh_user: '$SSHUSER';" \ + -e "s;.*ssh_key_filename: .*;ssh_key_filename: '$PVTKEY2';" \ + -e "s;.*elasticsearch_java_opts: .*;elasticsearch_java_opts: '-Des.cluster.name=$ESMAGIC';" \ + -e "/ssl_enabled: /s/.*/ssl_enabled: $USESSL/" \ + -e "/security_enabled: /s/.*/security_enabled: $USESSL/" \ + -e "/admin_password: /s/.*/admin_password: '$CLOUDIFY_PASSWORD'/" \ + -e "/admin_username: /s/.*/admin_username: '$CLOUDIFY_USERNAME'/" \ + -e "s;.*manager_resources_package: .*;manager_resources_package: 'http://169.254.169.254/nosuchthing/$MRPFILE';" \ + -e "s;.*ignore_bootstrap_validations: .*;ignore_bootstrap_validations: true;" \ + +# Add plugin resources +cat >>bootstrap-inputs.yaml <<'!EOF' +plugin_resources: + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/dnsdesig-0.1.4-py27-none-any.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/sshkeyshare-0.1.0-py27-none-any.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/cdapcloudify-12.0.0-py27-none-linux_x86_64-centos-Core.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/cdapcloudify-12.1.0-py27-none-any-none-none.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/cdapcloudify-13.0.0-py27-none-any-none-none.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/cdapcloudify-13.1.0-py27-none-any-none-none.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/dockerplugin-1.0.0-py27-none-linux_x86_64-centos-Core.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/dockerplugin-2.0.0-py27-none-linux_x86_64-centos-Core.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/dockerplugin-2.1.0-py27-none-any.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/relationshipplugin-0.3.3-py27-none-linux_x86_64-centos-Core.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/relationshipplugin-1.0.0-py27-none-linux_x86_64-centos-Core.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/brokerdeletioncloudify-0.2.0-py27-none-linux_x86_64-centos-Core.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/reworkdockerplugin-0.6.1-py27-none-linux_x86_64-centos-Core.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/cloudifydmaapplugin-1.0.0-py27-none-any-none-none.wgn' + - '{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk }}/plugins/cloudifydmaapplugin-1.1.0-py27-none-any-none-none.wgn' +!EOF +# +# And away we go +# +cfy init -r +cfy bootstrap --install-plugins -p bootstrap-blueprint.yaml -i bootstrap-inputs.yaml +rm -f resources/ssl/server.key + +# Install Consul VM via a blueprint +cd $STARTDIR +mkdir consul +cd consul +cfy init -r +cfy use -t ${PUBIP} +echo "Deploying Consul VM" +# Get the blueprint for the Consul VM +wget -O consul.yaml ${CONSULBP} +cfy install -p consul.yaml -d consul -i ${INPUTS} -i "datacenter=$LOCATION" + +# Get the floating IP for one member of the cluster +# Needed for instructing the Consul agent on CM host to join the cluster +CONSULIP=$(cfy deployments outputs -d consul | grep -Po 'Value: \K.*') +echo Consul deployed at $CONSULIP + +# Wait for Consul API to come up +until curl http://$CONSULIP:8500/v1/agent/services +do + echo Waiting for Consul API + sleep 60 +done + +# Wait for a leader to be elected +until [[ "$(curl -Ss http://$CONSULIP:8500/v1/status/leader)" != '""' ]] +do + echo Waiting for leader + sleep 30 +done + +# Instruct the client-mode Consul agent running on the CM to join the cluster +curl http://$PUBIP:8500/v1/agent/join/$CONSULIP + +# Register Cloudify Manager in Consul via the local agent on CM host + +REGREQ=" +{ + \"Name\" : \"cloudify_manager\", + \"ID\" : \"cloudify_manager\", + \"Tags\" : [\"http://${PUBIP}/api/v2.1\"], + \"Address\": \"${PUBIP}\", + \"Port\": 80, + \"Check\" : { + \"Name\" : \"cloudify_manager_health\", + \"Interval\" : \"300s\", + \"HTTP\" : \"http://${PUBIP}/api/v2.1/status\", + \"Status\" : \"passing\", + \"DeregisterCriticalServiceAfter\" : \"30m\" + } +} +" + +curl -X PUT -H 'Content-Type: application/json' --data-binary "$REGREQ" http://$PUBIP:8500/v1/agent/service/register +# Make Consul address available to plugins on Cloudify Manager +# +# FURTHER REVIEW: This is probably no longer necessary. Components should register to the Consul agent on their local VM +# REVIEW: Replace Consul ip with fqdn of Consul that components can resolve. The referred fqdn is the +# Consul fqdn e.g. consul.service.consul which will return a list of Consul nodes. The ability to +# resolve the fqdn must be in place first. +# +# Methods to resolve: +# * Use Consul servers - All VMs spun up for the platform to have all the Consul server ips in the +# resolve.conf seems to be the most transparent approach +# * Use Consul clients that are connected to Consul servers - All VMs spun up for the platform would +# require a Consul agent in client mode which co-located components would use +# * Use Designate - Designate would need to direct requests to Consul for Consul names +ENVINI=$(mktemp) +cat <<!EOF > $ENVINI +[$LOCATION] +CONSUL_HOST=$CONSULIP +CONFIG_BINDING_SERVICE=config_binding_service +!EOF +scp $SSHOPTS -i $PVTKEY $ENVINI $SSHUSER@$PUBIP:/tmp/env.ini +ssh -t $SSHOPTS -i $PVTKEY $SSHUSER@$PUBIP sudo mv /tmp/env.ini /opt/env.ini +rm $ENVINI |