+# Kubernetes Deployment
+## Summary
+This project offers a means for deploying a Kubernetes cluster
+that satisfies the requirements of [ONAP multicloud/k8s plugin][1]. Its
+ansible playbooks allow to provision a deployment on Virtual Machines.
+## Deployment
+The [installer](installer.sh) bash script contains the minimal
+Ubuntu instructions required for running this project.
+### Virtual Machines
+This project uses [Vagrant tool][2] for provisioning Virtual Machines
+automatically. The [setup](setup.sh) bash script contains the
+Linux instructions to install dependencies and plugins required for
+its usage. This script supports two Virtualization technologies
+(Libvirt and VirtualBox).
+ $ ./setup.sh -p libvirt
+Once Vagrant is installed, it's possible to provision a cluster using
+the following instructions:
+ $ vagrant up && vagrant up installer
+## License
+[1]: https://git.onap.org/multicloud/k8s
+[2]: https://www.vagrantup.com/
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+# SPDX-license-identifier: Apache-2.0
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+box = {
+ :virtualbox => { :name => 'elastic/ubuntu-16.04-x86_64', :version => '20180708.0.0' },
+ :libvirt => { :name => 'elastic/ubuntu-16.04-x86_64', :version=> '20180210.0.0'}
+require 'yaml'
+pdf = File.dirname(__FILE__) + '/config/default.yml'
+if File.exist?(File.dirname(__FILE__) + '/config/pdf.yml')
+ pdf = File.dirname(__FILE__) + '/config/pdf.yml'
+nodes = YAML.load_file(pdf)
+# Inventory file creation
+File.open(File.dirname(__FILE__) + "/inventory/hosts.ini", "w") do |inventory_file|
+ inventory_file.puts("[all]")
+ nodes.each do |node|
+ inventory_file.puts("#{node['name']}\tansible_ssh_host=#{node['ip']} ansible_ssh_port=22")
+ end
+ ['kube-master', 'kube-node', 'etcd', 'ovn-central', 'ovn-controller', 'virtlet'].each do|group|
+ inventory_file.puts("\n[#{group}]")
+ nodes.each do |node|
+ if node['roles'].include?("#{group}")
+ inventory_file.puts(node['name'])
+ end
+ end
+ end
+ inventory_file.puts("\n[k8s-cluster:children]\nkube-node\nkube-master")
+provider = (ENV['VAGRANT_DEFAULT_PROVIDER'] || :libvirt).to_sym
+puts "[INFO] Provider: #{provider} "
+if ENV['no_proxy'] != nil or ENV['NO_PROXY']
+ $no_proxy = ENV['NO_PROXY'] || ENV['no_proxy'] || ",localhost"
+ nodes.each do |node|
+ $no_proxy += "," + node['ip']
+ end
+ $subnet = "192.168.121"
+ if provider == :virtualbox
+ $subnet = "10.0.2"
+ end
+ # NOTE: This range is based on vagrant-libvirt network definition CIDR
+ (1..31).each do |i|
+ $no_proxy += ",#{$subnet}.#{i}"
+ end
+Vagrant.configure("2") do |config|
+ config.vm.box = box[provider][:name]
+ config.vm.box_version = box[provider][:version]
+ config.ssh.insert_key = false
+ if ENV['http_proxy'] != nil and ENV['https_proxy'] != nil
+ if Vagrant.has_plugin?('vagrant-proxyconf')
+ config.proxy.http = ENV['http_proxy'] || ENV['HTTP_PROXY'] || ""
+ config.proxy.https = ENV['https_proxy'] || ENV['HTTPS_PROXY'] || ""
+ config.proxy.no_proxy = $no_proxy
+ config.proxy.enabled = { docker: false }
+ end
+ end
+ nodes.each do |node|
+ config.vm.define node['name'] do |nodeconfig|
+ nodeconfig.vm.hostname = node['name']
+ nodeconfig.vm.network :private_network, :ip => node['ip'], :type => :static
+ nodeconfig.vm.provider 'virtualbox' do |v|
+ v.customize ["modifyvm", :id, "--memory", node['memory']]
+ v.customize ["modifyvm", :id, "--cpus", node['cpus']]
+ if node.has_key? "volumes"
+ node['volumes'].each do |volume|
+ $volume_file = "#{node['name']}-#{volume['name']}.vdi"
+ unless File.exist?($volume_file)
+ v.customize ['createmedium', 'disk', '--filename', $volume_file, '--size', volume['size']]
+ end
+ v.customize ['storageattach', :id, '--storagectl', 'IDE Controller', '--port', 1, '--device', 0, '--type', 'hdd', '--medium', $volume_file]
+ end
+ end
+ end
+ nodeconfig.vm.provider 'libvirt' do |v|
+ v.memory = node['memory']
+ v.cpus = node['cpus']
+ v.nested = true
+ v.cpu_mode = 'host-passthrough'
+ v.management_network_address = ""
+ nodeconfig.vm.provision 'shell' do |sh|
+ sh.path = "node.sh"
+ if node.has_key? "volumes"
+ $volume_mounts_dict = ''
+ node['volumes'].each do |volume|
+ $volume_mounts_dict += "#{volume['name']}=#{volume['mount']},"
+ $volume_file = "./#{node['name']}-#{volume['name']}.qcow2"
+ v.storage :file, :bus => 'sata', :device => volume['name'], :size => volume['size']
+ end
+ sh.args = ['-v', $volume_mounts_dict[0...-1]]
+ end
+ end
+ end
+ end
+ end
+ sync_type = "virtualbox"
+ if provider == :libvirt
+ sync_type = "nfs"
+ end
+ config.vm.define :installer, primary: true, autostart: false do |installer|
+ installer.vm.hostname = "multicloud"
+ installer.vm.network :private_network, :ip => "", :type => :static
+ installer.vm.synced_folder '../../../', '/home/vagrant/multicloud-k8s/', type: sync_type
+ installer.vm.provision 'shell', privileged: false do |sh|
+ sh.env = {'KUD_PLUGIN_ENABLED': 'true'}
+ sh.inline = <<-SHELL
+ cp /vagrant/insecure_keys/key.pub /home/vagrant/.ssh/id_rsa.pub
+ cp /vagrant/insecure_keys/key /home/vagrant/.ssh/id_rsa
+ chown vagrant /home/vagrant/.ssh/id_rsa
+ chmod 400 /home/vagrant/.ssh/id_rsa
+ cd /home/vagrant/multicloud-k8s/kud/hosting_providers/vagrant/ && ./installer.sh | tee kud_installer.log
+ end
+ end
+# SPDX-license-identifier: Apache-2.0
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+set -o errexit
+set -o nounset
+set -o pipefail
+if [[ $(whoami) != 'root' ]];then
+ echo "This bash script must be executed as root user"
+ exit 1
+echo "Cloning and configuring KUD project..."
+git clone https://git.onap.org/multicloud/k8s/
+cd k8s/kud/hosting_providers/baremetal/
+cat <<EOL > inventory/hosts.ini
+sed -i '/andrewrothstein.kubectl/d' ../../deployment_infra/playbooks/configure-*.yml
+echo -e "\n\n\n" | ssh-keygen -t rsa -N ""
+cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
+chmod og-wx ~/.ssh/authorized_keys
+echo "Enabling nested-virtualization"
+echo "Deploying KRD project"
+./installer.sh | tee kud_installer.log
+# SPDX-license-identifier: Apache-2.0
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+- name: "controller01"
+ ip: ""
+ memory: 8192
+ cpus: 2
+ roles:
+ - kube-master
+ - etcd
+ - ovn-central
+- name: "controller02"
+ ip: ""
+ memory: 8192
+ cpus: 2
+ roles:
+ - kube-master
+ - etcd
+ - ovn-controller
+- name: "controller03"
+ ip: ""
+ memory: 8192
+ cpus: 2
+ roles:
+ - kube-master
+ - etcd
+ - ovn-controller
+- name: "compute01"
+ ip: ""
+ memory: 32768
+ cpus: 16
+ volumes:
+ - name: sda
+ size: 50
+ mount: /var/lib/docker/
+ roles:
+ - kube-node
+ - ovn-controller
+ - virtlet
+- name: "compute02"
+ ip: ""
+ memory: 8192
+ cpus: 4
+ roles:
+ - kube-node
+ - ovn-controller
+# SPDX-license-identifier: Apache-2.0
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+- name: "kubernetes"
+ ip: ""
+ memory: 32768
+ cpus: 16
+ volumes:
+ - name: sda
+ size: 50
+ mount: /var/lib/docker/
+ roles:
+ - kube-master
+ - etcd
+ - ovn-central
+ - kube-node
+ - ovn-controller
+ - virtlet
+# SPDX-license-identifier: Apache-2.0
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+- name: "master"
+ ip: ""
+ memory: 8192
+ cpus: 2
+ roles:
+ - kube-master
+ - etcd
+ - ovn-central
+- name: "minion01"
+ ip: ""
+ memory: 65536
+ cpus: 16
+ roles:
+ - kube-node
+ - ovn-controller
+ - virtlet
+- name: "minion02"
+ ip: ""
+ memory: 65536
+ cpus: 16
+ roles:
+ - kube-node
+ - ovn-controller
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
+#SPDX-license-identifier: Apache-2.0
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+set -o errexit
+set -o pipefail
+# _install_go() - Install GoLang package
+function _install_go {
+ version=$(grep "go_version" ${kud_playbooks}/kud-vars.yml | awk -F "'" '{print $2}')
+ local tarball=go$version.linux-amd64.tar.gz
+ if $(go version &>/dev/null); then
+ return
+ fi
+ wget https://dl.google.com/go/$tarball
+ sudo tar -C /usr/local -xzf $tarball
+ rm $tarball
+ export PATH=$PATH:/usr/local/go/bin
+ sudo sed -i "s|^PATH=.*|PATH=\"$PATH\"|" /etc/environment
+# _install_pip() - Install Python Package Manager
+function _install_pip {
+ if $(pip --version &>/dev/null); then
+ sudo apt-get install -y python-dev
+ curl -sL https://bootstrap.pypa.io/get-pip.py | sudo python
+ else
+ sudo -E pip install --upgrade pip
+ fi
+# _install_ansible() - Install and Configure Ansible program
+function _install_ansible {
+ sudo mkdir -p /etc/ansible/
+ if $(ansible --version &>/dev/null); then
+ return
+ fi
+ _install_pip
+ sudo -E pip install ansible
+# _install_docker() - Download and install docker-engine
+function _install_docker {
+ local max_concurrent_downloads=${1:-3}
+ if $(docker version &>/dev/null); then
+ return
+ fi
+ sudo apt-get install -y apt-transport-https ca-certificates curl
+ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
+ sudo apt-get update
+ sudo apt-get install -y docker-ce
+ sudo mkdir -p /etc/systemd/system/docker.service.d
+ if [ $http_proxy ]; then
+ echo "[Service]" | sudo tee /etc/systemd/system/docker.service.d/http-proxy.conf
+ echo "Environment=\"HTTP_PROXY=$http_proxy\"" | sudo tee --append /etc/systemd/system/docker.service.d/http-proxy.conf
+ fi
+ if [ $https_proxy ]; then
+ echo "[Service]" | sudo tee /etc/systemd/system/docker.service.d/https-proxy.conf
+ echo "Environment=\"HTTPS_PROXY=$https_proxy\"" | sudo tee --append /etc/systemd/system/docker.service.d/https-proxy.conf
+ fi
+ if [ $no_proxy ]; then
+ echo "[Service]" | sudo tee /etc/systemd/system/docker.service.d/no-proxy.conf
+ echo "Environment=\"NO_PROXY=$no_proxy\"" | sudo tee --append /etc/systemd/system/docker.service.d/no-proxy.conf
+ fi
+ sudo systemctl daemon-reload
+ echo "DOCKER_OPTS=\"-H tcp:// -H unix:///var/run/docker.sock --max-concurrent-downloads $max_concurrent_downloads \"" | sudo tee --append /etc/default/docker
+ if [[ -z $(groups | grep docker) ]]; then
+ sudo usermod -aG docker $USER
+ newgrp docker
+ fi
+ sudo systemctl restart docker
+ sleep 10
+function _set_environment_file {
+ ansible_ifconfig=$(ansible ovn-central[0] -i $kud_inventory -m shell -a "ifconfig eth1 |grep \"inet addr\" |awk '{print \$2}' |awk -F: '{print \$2}'")
+ if [[ $ansible_ifconfig != *CHANGED* ]]; then
+ echo "Fail to get the OVN central IP address from eth1 nic"
+ exit
+ fi
+ echo "export OVN_CENTRAL_ADDRESS=$(echo ${ansible_ifconfig#*>>} | tr '\n' ':')6641" | sudo tee --append /etc/environment
+ echo "export KUBE_CONFIG_DIR=/opt/kubeconfig" | sudo tee --append /etc/environment
+# install_k8s() - Install Kubernetes using kubespray tool
+function install_k8s {
+ echo "Deploying kubernetes"
+ local dest_folder=/opt
+ version=$(grep "kubespray_version" ${kud_playbooks}/kud-vars.yml | awk -F ': ' '{print $2}')
+ local_release_dir=$(grep "local_release_dir" $kud_inventory_folder/group_vars/k8s-cluster.yml | awk -F "\"" '{print $2}')
+ local tarball=v$version.tar.gz
+ sudo apt-get install -y sshpass
+ _install_docker
+ _install_ansible
+ wget https://github.com/kubernetes-incubator/kubespray/archive/$tarball
+ sudo tar -C $dest_folder -xzf $tarball
+ sudo mv $dest_folder/kubespray-$version/ansible.cfg /etc/ansible/ansible.cfg
+ sudo chown -R $USER $dest_folder/kubespray-$version
+ sudo mkdir -p ${local_release_dir}/containers
+ rm $tarball
+ sudo -E pip install -r $dest_folder/kubespray-$version/requirements.txt
+ rm -f $kud_inventory_folder/group_vars/all.yml 2> /dev/null
+ if [[ -n "${verbose}" ]]; then
+ echo "kube_log_level: 5" | tee $kud_inventory_folder/group_vars/all.yml
+ else
+ echo "kube_log_level: 2" | tee $kud_inventory_folder/group_vars/all.yml
+ fi
+ echo "kubeadm_enabled: true" | tee --append $kud_inventory_folder/group_vars/all.yml
+ if [[ -n "${http_proxy}" ]]; then
+ echo "http_proxy: \"$http_proxy\"" | tee --append $kud_inventory_folder/group_vars/all.yml
+ fi
+ if [[ -n "${https_proxy}" ]]; then
+ echo "https_proxy: \"$https_proxy\"" | tee --append $kud_inventory_folder/group_vars/all.yml
+ fi
+ ansible-playbook $verbose -i $kud_inventory $dest_folder/kubespray-$version/cluster.yml --become --become-user=root | sudo tee $log_folder/setup-kubernetes.log
+ # Configure environment
+ mkdir -p $HOME/.kube
+ cp $kud_inventory_folder/artifacts/admin.conf $HOME/.kube/config
+# install_addons() - Install Kubenertes AddOns
+function install_addons {
+ echo "Installing Kubernetes AddOns"
+ _install_ansible
+ sudo ansible-galaxy install $verbose -r $kud_infra_folder/galaxy-requirements.yml --ignore-errors
+ ansible-playbook $verbose -i $kud_inventory $kud_playbooks/configure-kud.yml | sudo tee $log_folder/setup-kud.log
+ for addon in ${KRD_ADDONS:-virtlet ovn4nfv}; do
+ echo "Deploying $addon using configure-$addon.yml playbook.."
+ ansible-playbook $verbose -i $kud_inventory $kud_playbooks/configure-${addon}.yml | sudo tee $log_folder/setup-${addon}.log
+ if [[ "${testing_enabled}" == "true" ]]; then
+ pushd $kud_tests
+ bash ${addon}.sh
+ popd
+ fi
+ done
+# install_plugin() - Install ONAP Multicloud Kubernetes plugin
+function install_plugin {
+ echo "Installing multicloud/k8s plugin"
+ _install_go
+ _install_docker
+ sudo -E pip install docker-compose
+ sudo mkdir -p /opt/{kubeconfig,consul/config}
+ sudo cp $HOME/.kube/config /opt/kubeconfig/kud
+ _set_environment_file
+ source /etc/environment
+ pushd $kud_folder/../../../deployments
+ sudo ./build.sh
+ if [[ "${testing_enabled}" == "true" ]]; then
+ docker-compose up -d
+ pushd $kud_tests
+ for functional_test in plugin plugin_edgex; do
+ bash ${functional_test}.sh
+ done
+ popd
+ fi
+ popd
+# _print_kubernetes_info() - Prints the login Kubernetes information
+function _print_kubernetes_info {
+ if ! $(kubectl version &>/dev/null); then
+ return
+ fi
+ # Expose Dashboard using NodePort
+ node_port=30080
+ KUBE_EDITOR="sed -i \"s|type\: ClusterIP|type\: NodePort|g\"" kubectl -n kube-system edit service kubernetes-dashboard
+ KUBE_EDITOR="sed -i \"s|nodePort\: .*|nodePort\: $node_port|g\"" kubectl -n kube-system edit service kubernetes-dashboard
+ master_ip=$(kubectl cluster-info | grep "Kubernetes master" | awk -F ":" '{print $2}')
+ printf "Kubernetes Info\n===============\n" > $k8s_info_file
+ echo "Dashboard URL: https:$master_ip:$node_port" >> $k8s_info_file
+ echo "Admin user: kube" >> $k8s_info_file
+ echo "Admin password: secret" >> $k8s_info_file
+if ! sudo -n "true"; then
+ echo ""
+ echo "passwordless sudo is needed for '$(id -nu)' user."
+ echo "Please fix your /etc/sudoers file. You likely want an"
+ echo "entry like the following one..."
+ echo ""
+ echo "$(id -nu) ALL=(ALL) NOPASSWD: ALL"
+ exit 1
+if [[ -n "${KUD_DEBUG}" ]]; then
+ set -o xtrace
+ verbose="-vvv"
+# Configuration values
+export kud_inventory_folder=$kud_folder/inventory
+sudo mkdir -p $log_folder
+sudo mkdir -p /opt/csar
+sudo chown -R $USER /opt/csar
+echo "export CSAR_DIR=/opt/csar" | sudo tee --append /etc/environment
+# Install dependencies
+# Setup proxy variables
+if [ -f $kud_folder/sources.list ]; then
+ sudo mv /etc/apt/sources.list /etc/apt/sources.list.backup
+ sudo cp $kud_folder/sources.list /etc/apt/sources.list
+sudo apt-get update
+if [[ "${KUD_PLUGIN_ENABLED:-false}" ]]; then
+ install_plugin
+# SPDX-license-identifier: Apache-2.0
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Kubernetes configuration dirs and system namespace.
+# Those are where all the additional config stuff goes
+# kubernetes normally puts in /srv/kubernetes.
+# This puts them in a sane location and namespace.
+# Editing those values will almost surely break something.
+system_namespace: kube-system
+# Logging directory (sysvinit systems)
+kube_log_dir: "/var/log/kubernetes"
+kube_api_anonymous_auth: true
+# Users to create for basic auth in Kubernetes API via HTTP
+# Optionally add groups for user
+kube_api_pwd: "secret"
+ kube:
+ pass: "{{kube_api_pwd}}"
+ role: admin
+ groups:
+ - system:masters
+## It is possible to activate / deactivate selected authentication methods (basic auth, static token auth)
+#kube_oidc_auth: false
+kube_basic_auth: true
+kube_token_auth: true
+# Choose network plugin (calico, contiv, weave or flannel)
+# Can also be set to 'cloud', which lets the cloud provider setup appropriate routing
+kube_network_plugin: flannel
+# Make a copy of kubeconfig on the host that runs Ansible in GITDIR/artifacts
+kubeconfig_localhost: true
+# Enable MountPropagation gate feature
+local_volumes_enabled: true
+local_volume_provisioner_enabled: true
+## Change this to use another Kubernetes version, e.g. a current beta release
+kube_version: v1.12.3
+# Helm deployment
+helm_enabled: true
+# Kube-proxy proxyMode configuration.
+# NOTE: Ipvs is based on netfilter hook function, but uses hash table as the underlying data structure and
+# works in the kernel space
+# https://kubernetes.io/docs/concepts/services-networking/service/#proxy-mode-ipvs
+#kube_proxy_mode: ipvs
+# Download container images only once then push to cluster nodes in batches
+download_run_once: true
+# Where the binaries will be downloaded.
+# Note: ensure that you've enough disk space (about 1G)
+local_release_dir: "/tmp/releases"
+# Makes the installer node a delegate for pushing images while running
+# the deployment with ansible. This maybe the case if cluster nodes
+# cannot access each over via ssh or you want to use local docker
+# images as a cache for multiple clusters.
+download_localhost: true
+# SPDX-license-identifier: Apache-2.0
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+set -o nounset
+set -o pipefail
+# usage() - Prints the usage of the program
+function usage {
+ cat <<EOF
+usage: $0 [-v volumes]
+Optional Argument:
+ -v List of key pair values for volumes and mount points ( e. g. sda=/var/lib/docker/,sdb=/var/lib/libvirt/ )
+# mount_external_partition() - Create partition and mount the external volume
+function mount_external_partition {
+ local dev_name="/dev/$1"
+ local mount_dir=$2
+ sfdisk $dev_name --no-reread << EOF
+ mkfs -t ext4 ${dev_name}1
+ mkdir -p $mount_dir
+ mount ${dev_name}1 $mount_dir
+ echo "${dev_name}1 $mount_dir ext4 errors=remount-ro,noatime,barrier=0 0 1" >> /etc/fstab
+while getopts "h?v:" opt; do
+ case $opt in
+ v)
+ dict_volumes="$OPTARG"
+ ;;
+ h|\?)
+ usage
+ exit
+ ;;
+ esac
+swapoff -a
+if [[ -n "${dict_volumes+x}" ]]; then
+ for kv in ${dict_volumes//,/ } ;do
+ mount_external_partition ${kv%=*} ${kv#*=}
+ done
+vendor_id=$(lscpu|grep "Vendor ID")
+if [[ $vendor_id == *GenuineIntel* ]]; then
+ kvm_ok=$(cat /sys/module/kvm_intel/parameters/nested)
+ if [[ $kvm_ok == 'N' ]]; then
+ echo "Enable Intel Nested-Virtualization"
+ rmmod kvm-intel
+ echo 'options kvm-intel nested=y' >> /etc/modprobe.d/dist.conf
+ modprobe kvm-intel
+ echo kvm-intel >> /etc/modules
+ fi
+ kvm_ok=$(cat /sys/module/kvm_amd/parameters/nested)
+ if [[ $kvm_ok == '0' ]]; then
+ echo "Enable AMD Nested-Virtualization"
+ rmmod kvm-amd
+ sh -c "echo 'options kvm-amd nested=1' >> /etc/modprobe.d/dist.conf"
+ modprobe kvm-amd
+ echo kvm-amd >> /etc/modules
+ fi
+modprobe vhost_net
+echo vhost_net >> /etc/modules
+source /etc/os-release || source /usr/lib/os-release
+case ${ID,,} in
+ *suse)
+ ;;
+ ubuntu|debian)
+ apt-get install -y cpu-checker
+ kvm-ok
+ ;;
+ rhel|centos|fedora)
+ ;;
+# SPDX-license-identifier: Apache-2.0
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+set -o nounset
+set -o pipefail
+if ! vagrant version &>/dev/null; then
+ enable_vagrant_install=true
+ if [[ "$vagrant_version" != "$(vagrant version | awk 'NR==1{print $3}')" ]]; then
+ enable_vagrant_install=true
+ fi
+function usage {
+ cat <<EOF
+usage: $0 -p <PROVIDER>
+Installation of vagrant and its dependencies in Linux OS
+ -p Vagrant provider
+while getopts ":p:" OPTION; do
+ case $OPTION in
+ p)
+ provider=$OPTARG
+ ;;
+ \?)
+ usage
+ exit 1
+ ;;
+ esac
+if [[ -z "${provider+x}" ]]; then
+ usage
+ exit 1
+case $provider in
+ "virtualbox" | "libvirt" )
+ export VAGRANT_DEFAULT_PROVIDER=${provider}
+ ;;
+ * )
+ usage
+ exit 1
+source /etc/os-release || source /usr/lib/os-release
+case ${ID,,} in
+ *suse)
+ INSTALLER_CMD="sudo -H -E zypper -q install -y --no-recommends"
+ packages+=(python-devel)
+ # Vagrant installation
+ if [[ "${enable_vagrant_install+x}" ]]; then
+ vagrant_pgp="pgp_keys.asc"
+ wget -q https://keybase.io/hashicorp/$vagrant_pgp
+ wget -q https://releases.hashicorp.com/vagrant/$vagrant_version/vagrant_${vagrant_version}_x86_64.rpm
+ gpg --quiet --with-fingerprint $vagrant_pgp
+ sudo rpm --import $vagrant_pgp
+ sudo rpm --checksig vagrant_${vagrant_version}_x86_64.rpm
+ sudo rpm --install vagrant_${vagrant_version}_x86_64.rpm
+ rm vagrant_${vagrant_version}_x86_64.rpm
+ rm $vagrant_pgp
+ fi
+ virtualbox)
+ wget -q "http://download.virtualbox.org/virtualbox/rpm/opensuse/$VERSION/virtualbox.repo" -P /etc/zypp/repos.d/
+ $INSTALLER_CMD --enablerepo=epel dkms
+ wget -q https://www.virtualbox.org/download/oracle_vbox.asc -O- | rpm --import -
+ packages+=(VirtualBox-5.1)
+ ;;
+ libvirt)
+ # vagrant-libvirt dependencies
+ packages+=(qemu libvirt libvirt-devel ruby-devel gcc qemu-kvm zlib-devel libxml2-devel libxslt-devel make)
+ # NFS
+ packages+=(nfs-kernel-server)
+ ;;
+ esac
+ sudo zypper -n ref
+ ;;
+ ubuntu|debian)
+ libvirt_group="libvirtd"
+ INSTALLER_CMD="sudo -H -E apt-get -y -q=3 install"
+ packages+=(python-dev)
+ # Vagrant installation
+ if [[ "${enable_vagrant_install+x}" ]]; then
+ wget -q https://releases.hashicorp.com/vagrant/$vagrant_version/vagrant_${vagrant_version}_x86_64.deb
+ sudo dpkg -i vagrant_${vagrant_version}_x86_64.deb
+ rm vagrant_${vagrant_version}_x86_64.deb
+ fi
+ virtualbox)
+ echo "deb http://download.virtualbox.org/virtualbox/debian trusty contrib" >> /etc/apt/sources.list
+ wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add -
+ wget -q https://www.virtualbox.org/download/oracle_vbox.asc -O- | sudo apt-key add -
+ packages+=(virtualbox-5.1 dkms)
+ ;;
+ libvirt)
+ # vagrant-libvirt dependencies
+ packages+=(qemu libvirt-bin ebtables dnsmasq libxslt-dev libxml2-dev libvirt-dev zlib1g-dev ruby-dev cpu-checker)
+ # NFS
+ packages+=(nfs-kernel-server)
+ ;;
+ esac
+ sudo apt-get update
+ ;;
+ rhel|centos|fedora)
+ PKG_MANAGER=$(which dnf || which yum)
+ sudo "$PKG_MANAGER" updateinfo
+ INSTALLER_CMD="sudo -H -E ${PKG_MANAGER} -q -y install"
+ packages+=(python-devel)
+ # Vagrant installation
+ if [[ "${enable_vagrant_install+x}" ]]; then
+ wget -q https://releases.hashicorp.com/vagrant/$vagrant_version/vagrant_${vagrant_version}_x86_64.rpm
+ $INSTALLER_CMD vagrant_${vagrant_version}_x86_64.rpm
+ rm vagrant_${vagrant_version}_x86_64.rpm
+ fi
+ virtualbox)
+ wget -q http://download.virtualbox.org/virtualbox/rpm/rhel/virtualbox.repo -P /etc/yum.repos.d
+ $INSTALLER_CMD --enablerepo=epel dkms
+ wget -q https://www.virtualbox.org/download/oracle_vbox.asc -O- | rpm --import -
+ packages+=(VirtualBox-5.1)
+ ;;
+ libvirt)
+ # vagrant-libvirt dependencies
+ packages+=(qemu libvirt libvirt-devel ruby-devel gcc qemu-kvm)
+ # NFS
+ packages+=(nfs-utils nfs-utils-lib)
+ ;;
+ esac
+ ;;
+# Enable Nested-Virtualization
+vendor_id=$(lscpu|grep "Vendor ID")
+if [[ $vendor_id == *GenuineIntel* ]]; then
+ kvm_ok=$(cat /sys/module/kvm_intel/parameters/nested)
+ if [[ $kvm_ok == 'N' ]]; then
+ echo "Enable Intel Nested-Virtualization"
+ sudo rmmod kvm-intel
+ echo 'options kvm-intel nested=y' | sudo tee --append /etc/modprobe.d/dist.conf
+ sudo modprobe kvm-intel
+ fi
+ kvm_ok=$(cat /sys/module/kvm_amd/parameters/nested)
+ if [[ $kvm_ok == '0' ]]; then
+ echo "Enable AMD Nested-Virtualization"
+ sudo rmmod kvm-amd
+ echo 'options kvm-amd nested=1' | sudo tee --append /etc/modprobe.d/dist.conf
+ sudo modprobe kvm-amd
+ fi
+sudo modprobe vhost_net
+${INSTALLER_CMD} "${packages[@]}"
+if ! which pip; then
+ curl -sL https://bootstrap.pypa.io/get-pip.py | sudo python
+ sudo -H -E pip install --upgrade pip
+sudo -H -E pip install tox
+if [[ ${http_proxy+x} ]]; then
+ vagrant plugin install vagrant-proxyconf
+if [ "$VAGRANT_DEFAULT_PROVIDER" == libvirt ]; then
+ vagrant plugin install vagrant-libvirt
+ sudo usermod -a -G $libvirt_group "$USER" # This might require to reload user's group assigments
+ sudo systemctl restart libvirtd
+ # Start statd service to prevent NFS lock errors
+ sudo systemctl enable rpc-statd
+ sudo systemctl start rpc-statd
+ case ${ID,,} in
+ ubuntu|debian)
+ kvm-ok
+ ;;
+ esac