diff options
Diffstat (limited to 'deployment/Azure_ARM_Template/scripts/azure-rancher-server.sh')
-rw-r--r-- | deployment/Azure_ARM_Template/scripts/azure-rancher-server.sh | 190 |
1 files changed, 190 insertions, 0 deletions
diff --git a/deployment/Azure_ARM_Template/scripts/azure-rancher-server.sh b/deployment/Azure_ARM_Template/scripts/azure-rancher-server.sh new file mode 100644 index 000000000..1c4373c4d --- /dev/null +++ b/deployment/Azure_ARM_Template/scripts/azure-rancher-server.sh @@ -0,0 +1,190 @@ +#!/bin/bash + +set -x + +DOCKER_VERSION=17.03 +RANCHER_VERSION=1.6.14 +KUBECTL_VERSION=1.8.10 +HELM_VERSION=2.9.1 + +# setup root access - default login: oom/oom - comment out to restrict access too ssh key only +sed -i 's/PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config +sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config +service sshd restart +echo -e "oom\noom" | passwd root + +apt-get update +curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh +mkdir -p /etc/systemd/system/docker.service.d/ +cat > /etc/systemd/system/docker.service.d/docker.conf << EOF +[Service] +ExecStart= +ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry=nexus3.onap.org:10001 +EOF +systemctl daemon-reload +systemctl restart docker +apt-mark hold docker-ce + +#IP_ADDY=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` +#HOSTNAME=`hostname` + +#echo "$IP_ADDY $HOSTNAME" >> /etc/hosts + +docker login -u docker -p docker nexus3.onap.org:10001 + +sudo apt-get install make -y + +sudo docker run -d --restart=unless-stopped -p 8080:8080 --name rancher_server rancher/server:v$RANCHER_VERSION +sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl +sudo chmod +x ./kubectl +sudo mv ./kubectl /usr/local/bin/kubectl +sudo mkdir ~/.kube +wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz +sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz +sudo mv linux-amd64/helm /usr/local/bin/helm + +# nfs server +sudo apt-get install nfs-kernel-server -y + +sudo mkdir -p /nfs_share +sudo chown nobody:nogroup /nfs_share/ + + +sudo mkdir -p /dockerdata-nfs +sudo chmod 777 -R /dockerdata-nfs +sudo chown nobody:nogroup /dockerdata-nfs/ + +NFS_EXP="*(rw,sync,no_root_squash,no_subtree_check) " + +echo "/dockerdata-nfs "$NFS_EXP | sudo tee -a /etc/exports + +#Restart the NFS service +sudo exportfs -a +sudo systemctl restart nfs-kernel-server + +echo "wait before installing rancher server" +sleep 60 + +# Create ONAP environment on rancher and register the nodes... +SERVER=$1 +PRIVATE_IP=$2 +NODE_COUNT=$3 + +echo "SERVER: ${SERVER}" +echo "PRIVATE_IP: ${PRIVATE_IP}" +echo "NODE_COUNT: ${NODE_COUNT}" +#install sshpass to login to the k8s nodes to run rancher agent +sudo apt-get install sshpass + +# create kubernetes environment on rancher using cli +RANCHER_CLI_VER=0.6.7 +KUBE_ENV_NAME='onap' +wget https://releases.rancher.com/cli/v${RANCHER_CLI_VER}/rancher-linux-amd64-v${RANCHER_CLI_VER}.tar.gz +sudo tar -zxvf rancher-linux-amd64-v${RANCHER_CLI_VER}.tar.gz +sudo cp rancher-v${RANCHER_CLI_VER}/rancher . +sudo chmod +x ./rancher + +sudo apt install jq -y +echo "wait for rancher server container to finish - 3 min" +sleep 60 +echo "2 more min" +sleep 60 +echo "1 min left" +sleep 60 +echo "get public and private tokens back to the rancher server so we can register the client later" +API_RESPONSE=`curl -s 'http://$SERVER:8080/v2-beta/apikey' -d '{"type":"apikey","accountId":"1a1","name":"autoinstall","description":"autoinstall","created":null,"kind":null,"removeTime":null,"removed":null,"uuid":null}'` +# Extract and store token +echo "API_RESPONSE: $API_RESPONSE" +KEY_PUBLIC=`echo $API_RESPONSE | jq -r .publicValue` +KEY_SECRET=`echo $API_RESPONSE | jq -r .secretValue` +echo "publicValue: $KEY_PUBLIC secretValue: $KEY_SECRET" + +export RANCHER_URL=http://${SERVER}:8080 +export RANCHER_ACCESS_KEY=$KEY_PUBLIC +export RANCHER_SECRET_KEY=$KEY_SECRET +./rancher env ls +echo "wait 60 sec for rancher environments can settle before we create the onap kubernetes one" +sleep 60 + +echo "Creating kubernetes environment named ${KUBE_ENV_NAME}" +./rancher env create -t kubernetes $KUBE_ENV_NAME > kube_env_id.json +PROJECT_ID=$(<kube_env_id.json) +echo "env id: $PROJECT_ID" +export RANCHER_HOST_URL=http://${SERVER}:8080/v1/projects/$PROJECT_ID +echo "you should see an additional kubernetes environment usually with id 1a7" +./rancher env ls +# optionally disable cattle env + +# add host registration url +# https://github.com/rancher/rancher/issues/2599 +# wait for REGISTERING to ACTIVE +echo "sleep 60 to wait for REG to ACTIVE" +./rancher env ls +sleep 30 +echo "check on environments again before registering the URL response" +./rancher env ls +sleep 30 +REG_URL_RESPONSE=`curl -X POST -u $KEY_PUBLIC:$KEY_SECRET -H 'Accept: application/json' -H 'ContentType: application/json' -d '{"name":"$SERVER"}' "http://$SERVER:8080/v1/projects/$PROJECT_ID/registrationtokens"` +echo "REG_URL_RESPONSE: $REG_URL_RESPONSE" +echo "wait for server to finish url configuration - 2 min" +sleep 60 +echo "60 more sec" +sleep 60 + +# see registrationUrl in +REGISTRATION_TOKENS=`curl http://$SERVER:8080/v2-beta/registrationtokens` +echo "REGISTRATION_TOKENS: $REGISTRATION_TOKENS" +REGISTRATION_URL=`echo $REGISTRATION_TOKENS | jq -r .data[0].registrationUrl` +REGISTRATION_DOCKER=`echo $REGISTRATION_TOKENS | jq -r .data[0].image` +REGISTRATION_TOKEN=`echo $REGISTRATION_TOKENS | jq -r .data[0].token` +echo "Registering host for image: $REGISTRATION_DOCKER url: $REGISTRATION_URL registrationToken: $REGISTRATION_TOKEN" +HOST_REG_COMMAND=`echo $REGISTRATION_TOKENS | jq -r .data[0].command` + +#Loop using the private IP and the no of VMS to SSH into each machine +for i in `seq 1 $((${NODE_COUNT}-1))`; +do + NODE_IP=${PRIVATE_IP}$i + sshpass -p "oom" ssh -o StrictHostKeyChecking=no root@${NODE_IP} "hostnamectl set-hostname node$i && docker run --rm --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/racher:/var/lib/rancher $REGISTRATION_DOCKER $RANCHER_URL/v1/scripts/$REGISTRATION_TOKEN" +done + +echo "waiting 10 min for host registration to finish" +sleep 540 +echo "1 more min" +sleep 60 +#read -p "wait for host registration to complete before generating the client token....." + +# base64 encode the kubectl token from the auth pair +# generate this after the host is registered +KUBECTL_TOKEN=$(echo -n 'Basic '$(echo -n "$RANCHER_ACCESS_KEY:$RANCHER_SECRET_KEY" | base64 -w 0) | base64 -w 0) +echo "KUBECTL_TOKEN base64 encoded: ${KUBECTL_TOKEN}" +# add kubectl config - NOTE: the following spacing has to be "exact" or kubectl will not connect - with a localhost:8080 error +cat > ~/.kube/config <<EOF +apiVersion: v1 +kind: Config +clusters: +- cluster: + api-version: v1 + insecure-skip-tls-verify: true + server: "https://$SERVER:8080/r/projects/$PROJECT_ID/kubernetes:6443" + name: "${ENVIRON}" +contexts: +- context: + cluster: "${ENVIRON}" + user: "${ENVIRON}" + name: "${ENVIRON}" +current-context: "${ENVIRON}" +users: +- name: "${ENVIRON}" + user: + token: "$KUBECTL_TOKEN" + +EOF + +echo "run the following if you installed a higher kubectl version than the server" +echo "helm init --upgrade" +echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added" +echo "kubectl get pods --all-namespaces" +kubectl get pods --all-namespaces + + +exit 0 |