diff options
Diffstat (limited to 'bootstrap/vagrant-minimal-onap/Vagrantfile')
-rw-r--r-- | bootstrap/vagrant-minimal-onap/Vagrantfile | 345 |
1 files changed, 345 insertions, 0 deletions
diff --git a/bootstrap/vagrant-minimal-onap/Vagrantfile b/bootstrap/vagrant-minimal-onap/Vagrantfile new file mode 100644 index 000000000..e0ddafd9d --- /dev/null +++ b/bootstrap/vagrant-minimal-onap/Vagrantfile @@ -0,0 +1,345 @@ +# -*- mode: ruby -*- +# -*- coding: utf-8 -*- + +host_ip = "192.168.121.1" +operator_key = "${HOME}/.ssh/onap-key" +vagrant_user = "vagrant" +vagrant_password = "vagrant" +synced_folder_main = "/vagrant" +synced_folder_config = "#{synced_folder_main}/config" +synced_folder_tools_config = "#{synced_folder_main}/tools/config" +os_config = "#{synced_folder_config}/local.conf" +os_env = "#{synced_folder_config}/dot_env" +cluster_yml = "cluster.yml" +apt_prefs_dir = "/etc/apt/apt.conf.d" +apt_prefs = "95silent-approval" +helm_timeout = "1800" +helm_master_password = "vagrant" + +vm_memory = 1 * 1024 +vm_memory_os = 4 * 1024 +vm_memory_onap = 64 * 1024 +vm_cpu = 1 +vm_cpus = 8 +vm_box = "generic/ubuntu1804" +vm_box_op = "generic/ubuntu2004" +vm_disk = 32 +vm_disk_onap = 64 +vm_storage_pool = "default" + +operation = { + name: 'operator', + hostname: 'operator', + ip: '172.17.4.254', + box: vm_box_op, + cpus: vm_cpu, + memory: vm_memory, + disk: vm_disk, + pool: vm_storage_pool +} +devstack = { + name: 'devstack', + hostname: 'devstack', + ip: '172.17.4.200', + box: vm_box, + cpus: vm_cpu, + memory: vm_memory_os, + disk: vm_disk, + pool: vm_storage_pool +} +control = { + name: 'control', + hostname: 'control', + ip: '172.17.4.100', + box: vm_box, + cpus: vm_cpu, + memory: vm_memory, + disk: vm_disk, + pool: vm_storage_pool +} +worker = { + name: 'worker', + hostname: 'worker', + ip: '172.17.4.101', + box: vm_box, + cpus: vm_cpus, + memory: vm_memory_onap, + disk: vm_disk_onap, + pool: vm_storage_pool +} + +cluster = [] << control << worker +all = cluster.dup << operation << devstack + +operation_post_msg = "Run: \"vagrant provision #{operation[:name]} --provision-with=rke_up,setup_kubectl,setup_helm_cluster,setup_helm_repo,deploy_onap\" to complete ONAP deployment" + +$replace_dns = <<-SCRIPT + HOST_IP="$1" + rm -f /etc/resolv.conf # drop its dynamic management by systemd-resolved + echo nameserver "$HOST_IP" | tee /etc/resolv.conf +SCRIPT + +$enable_ipv6 = <<-SCRIPT + sed -i'' 's/net.ipv6.conf.all.disable_ipv6.*$/net.ipv6.conf.all.disable_ipv6 = 0/' /etc/sysctl.conf + sysctl -p +SCRIPT + +$setup_devstack = <<-SCRIPT + CONFIG="$1" + git clone https://opendev.org/openstack/devstack + cd devstack + cp "$CONFIG" . + ./stack.sh +SCRIPT + +$add_to_docker_group = <<-SCRIPT + USER="$1" + echo "Adding ${USER} to 'docker' group" + usermod -aG docker "$USER" +SCRIPT + +$setup_debconf = <<-SCRIPT + echo "Setting debconf frontend to noninteractive" + sed -i'.orig' '/^Config:/a Frontend: noninteractive' /etc/debconf.conf +SCRIPT + +$install_sshpass = <<-SCRIPT + apt-get update + echo "Installing 'sshpass'" + apt-get install sshpass +SCRIPT + +$install_make = <<-SCRIPT + apt-get update + echo "Installing 'make'" + apt-get install make +SCRIPT + +$install_docker = <<-SCRIPT + apt-get update + echo "Setting up 'docker' repository" + apt-get install \ + apt-transport-https \ + ca-certificates \ + curl \ + gnupg-agent \ + software-properties-common + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - + add-apt-repository \ + "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ + $(lsb_release -cs) \ + stable" + apt-get update + + echo "Installing 'docker'" + apt-get install docker-ce docker-ce-cli containerd.io +SCRIPT + +$resize_disk = <<-SCRIPT + DEV=${1:-vda} + PART=${2:-3} + echo ", +" | sfdisk -N "$PART" "/dev/$DEV" --no-reread + partprobe + resize2fs "/dev/${DEV}${PART}" +SCRIPT + +$generate_key = <<-SCRIPT + KEY_FILE="$1" + echo "Generating SSH key (${KEY_FILE})" + ssh-keygen -q -b 4096 -t rsa -f "$KEY_FILE" -N "" +SCRIPT + +$deploy_key = <<-SCRIPT + KEY="$1" + USER="$2" + PASS="$PASSWORD" + IPS="$3" + echo "Deploying ${KEY} for ${USER}" + for ip in $IPS; do + echo "on ${ip}" + sshpass -p "$PASS" ssh-copy-id -o StrictHostKeyChecking=no -i "$KEY" "${USER}@${ip}" + done +SCRIPT + +$link_dotfiles = <<-SCRIPT + SYNC_DIR="$1" + for rc in ${SYNC_DIR}/dot_*; do + src="$rc" + dst="${HOME}/.${rc##*dot_}" + echo "Symlinking ${src} to ${dst}" + ln -sf "$src" "$dst" + done +SCRIPT + +$link_file = <<-SCRIPT + SYNC_DIR="$1" + FILE="$2" + src="${SYNC_DIR}/${FILE}" + dst="$3" + echo "Symlinking ${src} to ${dst}" + ln -sf "$src" "$dst" +SCRIPT + +$rke_up = "rke up" +$rke_down = "rke remove --force || true" # best effort + +$get_oom = <<-SCRIPT + BRANCH="${1:-7.0.0-ONAP}" + REPO="${2:-https://git.onap.org/oom}" + git clone -b "$BRANCH" "$REPO" --recurse-submodules +SCRIPT + +$get_helm_plugins = "mkdir -p ${HOME}/.helm && cp -R ${HOME}/oom/kubernetes/helm/plugins/ ${HOME}/.helm" + +$setup_helm_cluster = <<-SCRIPT + export KUBECONFIG="${HOME}/.kube/config.onap" + kubectl config use-context onap + kubectl -n kube-system create serviceaccount tiller + kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller + helm init --stable-repo-url https://charts.helm.sh/stable --service-account tiller + kubectl -n kube-system rollout status deploy/tiller-deploy +SCRIPT + +# FIXME: replace sleep command with helm repo readiness probe +$setup_helm_repo = <<-SCRIPT + helm serve & + sleep 3 + helm repo add local http://127.0.0.1:8879 + make -e SKIP_LINT=TRUE -C ${HOME}/oom/kubernetes all +SCRIPT + +$deploy_onap = <<-SCRIPT + OVERRIDE="${1:-${HOME}/oom/kubernetes/onap/resources/environments/core-onap.yaml}" + + ENV="${2:-#{os_env}}" + export $(cat "$ENV" | xargs) + + TIMEOUT="${3:-#{helm_timeout}}" + MASTER_PASSWORD="${4:-#{helm_master_password}}" + + encrypt () { + KEY="${HOME}/oom/kubernetes/so/resources/config/mso/encryption.key" + echo -n "$1" \ + | openssl aes-128-ecb -e -K `cat "$KEY"` -nosalt \ + | xxd -c 256 -p + } + + export OPENSTACK_ENCRYPTED_PASSWORD="$(encrypt $OPENSTACK_PASSWORD)" + + export KUBECONFIG="${HOME}/.kube/config.onap" + + helm deploy core local/onap --verbose \ + --set global.masterPassword="$MASTER_PASSWORD" \ + --namespace onap --timeout "$TIMEOUT" -f "$OVERRIDE" +SCRIPT + +Vagrant.configure('2') do |config| + all.each do |machine| + config.vm.define machine[:name] do |config| + config.vm.box = machine[:box] + config.vm.hostname = machine[:hostname] + + config.vm.provider :virtualbox do |v| + v.name = machine[:name] + v.memory = machine[:memory] + v.cpus = machine[:cpus] + end + + config.vm.provider :libvirt do |v| + v.memory = machine[:memory] + v.cpus = machine[:cpus] + v.machine_virtual_size = machine[:disk] # set at VM creation + v.storage_pool_name = machine[:pool] + end + + config.vm.network :private_network, ip: machine[:ip] + config.vm.provision "replace_dns", type: :shell, run: "always", inline: $replace_dns, args: host_ip + + if machine[:name] == 'devstack' + config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: "Vagrantfile" + + config.vm.provision "enable_ipv6", type: :shell, run: "always", inline: $enable_ipv6 + config.vm.provision "setup_devstack", type: :shell, privileged: false, inline: $setup_devstack, args: os_config + end + + if machine[:name] == 'control' + config.vm.provision "customize_control", type: :shell, path: "tools/imported/openstack-k8s-controlnode.sh" + config.vm.provision "fix_groups_control", type: :shell, inline: $add_to_docker_group, args: vagrant_user + end + + if machine[:name] == 'worker' + config.vm.provision "customize_worker", type: :shell, path: "tools/imported/openstack-k8s-workernode.sh" + config.vm.provision "fix_groups_worker", type: :shell, inline: $add_to_docker_group, args: vagrant_user + config.vm.provision "resize_disk", type: :shell, inline: $resize_disk + end + + if machine[:name] == 'operator' + config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: ["Vagrantfile", "operator"] + config.vm.synced_folder "~/.ssh", "/home/#{vagrant_user}/.ssh", type: "rsync", rsync__exclude: "authorized_keys" + config.vm.synced_folder "./operator", "/home/#{vagrant_user}", type: "sshfs", reverse: true, sshfs_opts_append: "-o nonempty" + + config.vm.provision "setup_debconf", type: :shell, inline: $setup_debconf + config.vm.provision "link_apt_prefs", type: :shell, run: "always" do |s| + s.inline = $link_file + s.args = [synced_folder_tools_config, apt_prefs, apt_prefs_dir] + end + config.vm.provision "link_dotfiles_root", type: :shell, run: "always" do |s| + s.inline = $link_dotfiles + s.args = synced_folder_tools_config + end + config.vm.provision "link_dotfiles_user", type: :shell, run: "always" do |s| + s.privileged = false + s.inline = $link_dotfiles + s.args = synced_folder_tools_config + end + + config.vm.provision "install_docker", type: :shell, inline: $install_docker + config.vm.provision "fix_groups_operator", type: :shell, inline: $add_to_docker_group, args: vagrant_user + config.vm.provision "install_sshpass", type: :shell, inline: $install_sshpass + config.vm.provision "generate_key", type: :shell, privileged: false, inline: $generate_key, args: operator_key + + ips = "" + cluster.each { |node| ips << node[:ip] << " " } + config.vm.provision "deploy_key", type: :shell do |s| + s.privileged = false + s.inline = $deploy_key + s.args = [operator_key, vagrant_user, ips] + s.env = {'PASSWORD': vagrant_password} + end + + config.vm.provision "get_rke", type: :shell, path: "tools/get_rke.sh" + config.vm.provision "link_cluster_yml", type: :shell, run: "always" do |s| + s.privileged = false + s.inline = $link_file + s.args = [synced_folder_config, cluster_yml, "$HOME"] + end + + config.vm.post_up_message = operation_post_msg + config.vm.provision "rke_up", type: :shell, run: "never", privileged: false, inline: $rke_up + config.trigger.before :destroy do |trigger| + trigger.warn = "Removing cluster" + trigger.run_remote = {privileged: false, inline: $rke_down} + end + + config.vm.provision "get_kubectl", type: :shell, path: "tools/get_kubectl.sh" + config.vm.provision "setup_kubectl", type: :shell, run: "never" do |s| + s.privileged = false + s.path = "tools/setup_kubectl.sh" + end + config.vm.provision "get_helm", type: :shell, path: "tools/get_helm.sh" + config.vm.provision "get_oom", type: :shell do |s| + s.privileged = false + s.inline = $get_oom + end + config.vm.provision "get_helm_plugins", type: :shell, privileged: false, inline: $get_helm_plugins + config.vm.provision "install_make", type: :shell, inline: $install_make + config.vm.provision "setup_helm_cluster", type: :shell, run: "never", privileged: false, inline: $setup_helm_cluster + config.vm.provision "setup_helm_repo", type: :shell, run: "never", privileged: false, inline: $setup_helm_repo + config.vm.provision "deploy_onap", type: :shell, run: "never" do |s| + s.privileged = false + s.inline = $deploy_onap + end + end + end + end +end |