summaryrefslogtreecommitdiffstats
path: root/kud/hosting_providers/vagrant/installer.sh
blob: 39da50e74b8cd50072faeaf313fc3789f88ef340 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
#!/bin/bash
#SPDX-license-identifier: Apache-2.0
##############################################################################
# Copyright (c) 2018
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################

set -o errexit
set -o nounset
set -o pipefail

INSTALLER_DIR="$(readlink -f "$(dirname "${BASH_SOURCE[0]}")")"

source ${INSTALLER_DIR}/../../tests/_functions.sh

# _install_go() - Install GoLang package
function _install_go {
    version=$(grep "go_version" ${kud_playbooks}/kud-vars.yml | awk -F "'" '{print $2}')
    local tarball=go$version.linux-amd64.tar.gz

    #gcc is required for go apps compilation
    if ! which gcc; then
        sudo apt-get install -y gcc
    fi

    if $(go version &>/dev/null); then
        return
    fi

    wget https://dl.google.com/go/$tarball
    sudo tar -C /usr/local -xzf $tarball
    rm $tarball

    export PATH=$PATH:/usr/local/go/bin
    sudo sed -i "s|^PATH=.*|PATH=\"$PATH\"|" /etc/environment
    #allow golang to work with sudo
    sudo sed -i 's|secure_path="\([^"]\+\)"|secure_path="\1:/usr/local/go/bin"|' /etc/sudoers
}

# _install_pip() - Install Python Package Manager
function _install_pip {
    if $(pip --version &>/dev/null); then
        sudo -E pip install --no-cache-dir --upgrade pip
    else
        sudo apt-get install -y python-dev
        curl -sL https://bootstrap.pypa.io/pip/2.7/get-pip.py | sudo python
    fi
}

# _install_ansible() - Install and Configure Ansible program
function _install_ansible {
    if $(ansible --version &>/dev/null); then
        sudo pip uninstall -y ansible
    fi
    _install_pip
    local version=$(grep "ansible_version" ${kud_playbooks}/kud-vars.yml | awk -F ': ' '{print $2}')
    sudo mkdir -p /etc/ansible/
    sudo -E pip install --no-cache-dir ansible==$version
}

# _install_docker() - Download and install docker-engine
function _install_docker {
    local max_concurrent_downloads=${1:-3}

    if $(docker version &>/dev/null); then
        return
    fi
    sudo apt-get install -y apt-transport-https ca-certificates curl
    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
    sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
    sudo apt-get update
    sudo apt-get install -y docker-ce

    sudo mkdir -p /etc/systemd/system/docker.service.d
    if [ ${http_proxy:-} ]; then
        echo "[Service]" | sudo tee /etc/systemd/system/docker.service.d/http-proxy.conf
        echo "Environment=\"HTTP_PROXY=$http_proxy\"" | sudo tee --append /etc/systemd/system/docker.service.d/http-proxy.conf
    fi
    if [ ${https_proxy:-} ]; then
        echo "[Service]" | sudo tee /etc/systemd/system/docker.service.d/https-proxy.conf
        echo "Environment=\"HTTPS_PROXY=$https_proxy\"" | sudo tee --append /etc/systemd/system/docker.service.d/https-proxy.conf
    fi
    if [ ${no_proxy:-} ]; then
        echo "[Service]" | sudo tee /etc/systemd/system/docker.service.d/no-proxy.conf
        echo "Environment=\"NO_PROXY=$no_proxy\"" | sudo tee --append /etc/systemd/system/docker.service.d/no-proxy.conf
    fi
    sudo systemctl daemon-reload
    echo "DOCKER_OPTS=\"-H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --max-concurrent-downloads $max_concurrent_downloads \"" | sudo tee --append /etc/default/docker
    if [[ -z $(groups | grep docker) ]]; then
        sudo usermod -aG docker $USER
    fi

    sudo systemctl restart docker
    sleep 10
}

function _set_environment_file {
    # By default ovn central interface is the first active network interface on localhost. If other wanted, need to export this variable in aio.sh or Vagrant file.
    OVN_CENTRAL_INTERFACE="${OVN_CENTRAL_INTERFACE:-$(ip addr show | awk '/inet.*brd/{print $NF; exit}')}"
    echo "export OVN_CENTRAL_INTERFACE=${OVN_CENTRAL_INTERFACE}" | sudo tee --append /etc/environment
    echo "export OVN_CENTRAL_ADDRESS=$(get_ovn_central_address)" | sudo tee --append /etc/environment
    echo "export KUBE_CONFIG_DIR=/opt/kubeconfig" | sudo tee --append /etc/environment
    echo "export CSAR_DIR=/opt/csar" | sudo tee --append /etc/environment
    echo "export ANSIBLE_CONFIG=${ANSIBLE_CONFIG}" | sudo tee --append /etc/environment
}

# install_k8s() - Install Kubernetes using kubespray tool
function install_k8s {
    echo "Deploying kubernetes"
    local dest_folder=/opt
    version=$(grep "kubespray_version" ${kud_playbooks}/kud-vars.yml | awk -F ': ' '{print $2}')
    local_release_dir=$(grep "local_release_dir" $kud_inventory_folder/group_vars/k8s-cluster.yml | awk -F "\"" '{print $2}')
    local tarball=v$version.tar.gz
    sudo apt-get install -y sshpass make unzip # install make to run mitogen target and unzip is mitogen playbook dependency
    sudo apt-get install -y gnupg2 software-properties-common
    _install_docker
    _install_ansible
    wget https://github.com/kubernetes-incubator/kubespray/archive/$tarball
    sudo tar -C $dest_folder -xzf $tarball
    sudo chown -R $USER $dest_folder/kubespray-$version
    sudo mkdir -p ${local_release_dir}/containers
    rm $tarball

    pushd $dest_folder/kubespray-$version/
    sudo -E pip install --no-cache-dir -r ./requirements.txt
    make mitogen
    popd
    rm -f $kud_inventory_folder/group_vars/all.yml 2> /dev/null
    if [[ -n "${verbose:-}" ]]; then
        echo "kube_log_level: 5" | tee $kud_inventory_folder/group_vars/all.yml
    else
        echo "kube_log_level: 2" | tee $kud_inventory_folder/group_vars/all.yml
    fi
    echo "kubeadm_enabled: true" | tee --append $kud_inventory_folder/group_vars/all.yml
    if [[ -n "${http_proxy:-}" ]]; then
        echo "http_proxy: \"$http_proxy\"" | tee --append $kud_inventory_folder/group_vars/all.yml
    fi
    if [[ -n "${https_proxy:-}" ]]; then
        echo "https_proxy: \"$https_proxy\"" | tee --append $kud_inventory_folder/group_vars/all.yml
    fi
    export ANSIBLE_CONFIG=$dest_folder/kubespray-$version/ansible.cfg

    ansible-playbook $verbose -i $kud_inventory \
        $kud_playbooks/preconfigure-kubespray.yml --become --become-user=root \
        | sudo tee $log_folder/setup-kubernetes.log
    if [ "$container_runtime" == "docker" ]; then
        /bin/echo -e "\n\e[1;42mDocker will be used as the container runtime interface\e[0m"
        ansible-playbook $verbose -i $kud_inventory \
            $dest_folder/kubespray-$version/cluster.yml --become \
            --become-user=root | sudo tee $log_folder/setup-kubernetes.log
    elif [ "$container_runtime" == "containerd" ]; then
        /bin/echo -e "\n\e[1;42mContainerd will be used as the container runtime interface\e[0m"
        # Because the kud_kata_override_variable has its own quotations in it
        # a eval command is needed to properly execute the ansible script
        ansible_kubespray_cmd="ansible-playbook $verbose -i $kud_inventory \
            $dest_folder/kubespray-$version/cluster.yml \
            -e ${kud_kata_override_variables} --become --become-user=root | \
            sudo tee $log_folder/setup-kubernetes.log"
        eval $ansible_kubespray_cmd
        ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" \
            $kud_playbooks/configure-kata.yml --become --become-user=root | \
            sudo tee $log_folder/setup-kata.log
    else
        echo "Only Docker or Containerd are supported container runtimes"
        exit 1
    fi

    # Configure environment
    mkdir -p $HOME/.kube
    cp $kud_inventory_folder/artifacts/admin.conf $HOME/.kube/config
    # Copy Kubespray kubectl to be usable in host running Ansible. Requires kubectl_localhost: true in inventory/group_vars/k8s-cluster.yml
    sudo cp $kud_inventory_folder/artifacts/kubectl /usr/local/bin/
}

# install_addons() - Install Kubenertes AddOns
function install_addons {
    source /etc/environment
    echo "Installing Kubernetes AddOns"
    _install_ansible
    sudo ansible-galaxy install $verbose -r $kud_infra_folder/galaxy-requirements.yml --ignore-errors
    ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" $kud_playbooks/configure-kud.yml | sudo tee $log_folder/setup-kud.log

    # The order of KUD_ADDONS is important: some plugins (sriov, qat)
    # require nfd to be enabled. Some addons are not currently supported with containerd
    if [ "${container_runtime}" == "docker" ]; then
        kud_addons=${KUD_ADDONS:-virtlet ovn4nfv nfd sriov \
            qat optane cmk}
    elif [ "${container_runtime}" == "containerd" ]; then
        kud_addons=${KUD_ADDONS:-ovn4nfv nfd}
    fi

    for addon in ${kud_addons}; do
        echo "Deploying $addon using configure-$addon.yml playbook.."
        ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" \
            $kud_playbooks/configure-${addon}.yml | \
            sudo tee $log_folder/setup-${addon}.log
    done

    echo "Run the test cases if testing_enabled is set to true."
    if [[ "${testing_enabled}" == "true" ]]; then
        failed_kud_tests=""
        # Run Kata test first if Kata was installed
        if [ "${container_runtime}" == "containerd" ]; then
            #Install Kata webhook for test pods
            ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" \
                -e "kata_webhook_runtimeclass=$kata_webhook_runtimeclass" \
                $kud_playbooks/configure-kata-webhook.yml \
                --become --become-user=root | \
                sudo tee $log_folder/setup-kata-webhook.log
            kata_webhook_deployed=true
            pushd $kud_tests
            bash kata.sh || failed_kud_tests="${failed_kud_tests} kata"
            popd
        fi
        # Run other plugin tests
        # The topology-manager is added to the tests here as it is
        # enabled via kubelet config, not an addon
        for addon in topology-manager ${kud_addons}; do
            pushd $kud_tests
            bash ${addon}.sh || failed_kud_tests="${failed_kud_tests} ${addon}"
            popd
        done
        # Remove Kata webhook if user didn't want it permanently installed
        if ! [ "${enable_kata_webhook}" == "true" ]; then
            ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" \
                -e "kata_webhook_runtimeclass=$kata_webhook_runtimeclass" \
                $kud_playbooks/configure-kata-webhook-reset.yml \
                --become --become-user=root | \
                sudo tee $log_folder/kata-webhook-reset.log
        fi
        if [[ ! -z "$failed_kud_tests" ]]; then
            echo "Test cases failed:${failed_kud_tests}"
            return 1
        fi
    fi
    # Check if Kata webhook should be installed and isn't already installed
    if [ "$enable_kata_webhook" == "true" ] && ! [ "$kata_webhook_deployed" == "true" ]; then
        ansible-playbook $verbose -i $kud_inventory -e "base_dest=$HOME" \
            -e "kata_webhook_runtimeclass=$kata_webhook_runtimeclass" \
            $kud_playbooks/configure-kata-webhook.yml \
            --become --become-user=root | \
            sudo tee $log_folder/setup-kata-webhook.log
    fi
    echo "Add-ons deployment complete..."
}

# install_plugin() - Install ONAP Multicloud Kubernetes plugin
function install_plugin {
    echo "Installing multicloud/k8s plugin"
    _install_docker
    sudo -E pip install --no-cache-dir docker-compose

    sudo mkdir -p /opt/{kubeconfig,consul/config}
    sudo cp $HOME/.kube/config /opt/kubeconfig/kud

    pushd $kud_folder/../../../deployments
    sudo ./build.sh
    if [[ "${testing_enabled}" == "true" ]]; then
        sudo ./start.sh
        pushd $kud_tests
        for functional_test in plugin plugin_edgex plugin_fw plugin_eaa; do
            bash ${functional_test}.sh
        done
        popd
    fi
    popd
}

# _print_kubernetes_info() - Prints the login Kubernetes information
function _print_kubernetes_info {
    if ! $(kubectl version &>/dev/null); then
        return
    fi
    # Expose Dashboard using NodePort
    node_port=30080
    KUBE_EDITOR="sed -i \"s|type\: ClusterIP|type\: NodePort|g\"" kubectl -n kube-system edit service kubernetes-dashboard
    KUBE_EDITOR="sed -i \"s|nodePort\: .*|nodePort\: $node_port|g\"" kubectl -n kube-system edit service kubernetes-dashboard

    master_ip=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}' | awk -F '[:/]' '{print $4}')

    printf "Kubernetes Info\n===============\n" > $k8s_info_file
    echo "Dashboard URL: https://$master_ip:$node_port" >> $k8s_info_file
    echo "Admin user: kube" >> $k8s_info_file
    echo "Admin password: secret" >> $k8s_info_file
}

sudo -k # forgot sudo password
if ! sudo -n "true"; then
    echo ""
    echo "passwordless sudo is needed for '$(id -nu)' user."
    echo "Please fix your /etc/sudoers file. You likely want an"
    echo "entry like the following one..."
    echo ""
    echo "$(id -nu) ALL=(ALL) NOPASSWD: ALL"
    exit 1
fi

verbose=""
if [[ -n "${KUD_DEBUG:-}" ]]; then
    set -o xtrace
    verbose="-vvv"
fi

# Configuration values
log_folder=/var/log/kud
kud_folder=${INSTALLER_DIR}
kud_infra_folder=$kud_folder/../../deployment_infra
export kud_inventory_folder=$kud_folder/inventory
kud_inventory=$kud_inventory_folder/hosts.ini
kud_playbooks=$kud_infra_folder/playbooks
kud_tests=$kud_folder/../../tests
k8s_info_file=$kud_folder/k8s_info.log
testing_enabled=${KUD_ENABLE_TESTS:-false}
container_runtime=${CONTAINER_RUNTIME:-docker}
enable_kata_webhook=${ENABLE_KATA_WEBHOOK:-false}
kata_webhook_runtimeclass=${KATA_WEBHOOK_RUNTIMECLASS:-kata-clh}
kata_webhook_deployed=false
# For containerd the etcd_deployment_type: docker is the default and doesn't work.
# You have to use either etcd_kubeadm_enabled: true or etcd_deployment_type: host
# See https://github.com/kubernetes-sigs/kubespray/issues/5713
kud_kata_override_variables="container_manager=containerd \
    -e etcd_deployment_type=host -e kubelet_cgroup_driver=cgroupfs \
    -e \"{'download_localhost': false}\" -e \"{'download_run_once': false}\""

sudo mkdir -p $log_folder
sudo mkdir -p /opt/csar
sudo chown -R $USER /opt/csar
# Install dependencies
# Setup proxy variables
if [ -f $kud_folder/sources.list ]; then
    sudo mv /etc/apt/sources.list /etc/apt/sources.list.backup
    sudo cp $kud_folder/sources.list /etc/apt/sources.list
fi
echo "Removing ppa for jonathonf/python-3.6"
sudo ls /etc/apt/sources.list.d/ || true
sudo find /etc/apt/sources.list.d -maxdepth 1 -name '*jonathonf*' -delete || true
sudo apt-get update
_install_go
install_k8s
_set_environment_file
install_addons
if ${KUD_PLUGIN_ENABLED:-false}; then
    install_plugin
fi
_print_kubernetes_info