# ============LICENSE_START==========================================
# ===================================================================
# Copyright (c) 2017 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#============LICENSE_END============================================

# this is the cloud init. It will install the reqiured packages and do some basic config on every VM.

node_templates:

  cloudify_host_cloud_config:
    type: cloudify.nodes.CloudInit.CloudConfig
    properties:
      resource_config:
        groups:
          - docker
        users:
          - name: { get_input: agent_user }
            primary-group: wheel
            groups: docker
            shell: /bin/bash
            sudo: ['ALL=(ALL) NOPASSWD:ALL']
            ssh-authorized-keys:
              - { get_secret: agent_key_public }
        write_files:
          - path: /etc/yum.repos.d/docker.repo
            owner: root:root
            permissions: '0444'
            content: |
              # installed by cloud-init
              [dockerrepo]
              name=Docker Repository
              baseurl=https://yum.dockerproject.org/repo/main/centos/7
              enabled=1
              gpgcheck=1
              gpgkey=https://yum.dockerproject.org/gpg
          - path: /etc/yum.repos.d/kubernetes.repo
            owner: root:root
            permissions: '0444'
            content: |
              # installed by cloud-init
              [kubernetes]
              name=Kubernetes
              baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
              enabled=1
              gpgcheck=1
              repo_gpgcheck=1
              gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
                     https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

          - path: /etc/sysctl.d/k8s.conf
            owner: root:root
            permissions: '0444'
            content: |
              # installed by cloud-init
              net.bridge.bridge-nf-call-ip6tables = 1
              net.bridge.bridge-nf-call-iptables = 1

        packages:
          - [docker-engine, 17.03.0.ce-1.el7.centos]
          - [kubelet, 1.8.10-0]
          - [kubeadm, 1.8.10-0]
          - [kubectl, 1.8.10-0]
          - [kubernetes-cni, 0.5.1-1]
          - [nfs-utils]
          - git
          - wget
        runcmd:
          - [ setenforce, 0 ]
          - [ sysctl , '--system' ]
          - [ update-ca-trust, force-enable ]
          - "sed -i 's|/usr/bin/dockerd|/usr/bin/dockerd --exec-opt native.cgroupdriver=systemd|g' /usr/lib/systemd/system/docker.service"
          - [ systemctl, enable, docker ]
          - [ systemctl, start, docker ]
          - [ chmod, 655, /etc/systemd/system/kubelet.service ]
          - [ chmod, 655, /etc/systemd/system/kubelet.service.d/10-kubeadm.conf ]
          - [ systemctl, enable, kubelet ]
          - [ systemctl, start, kubelet ]
          - [ iptables, --flush ]
          - [ iptables, -tnat, --flush ]
          - [ mkdir, '-p', /tmp/data ]
          - [ chcon, '-Rt', svirt_sandbox_file_t, /tmp/data ]
          - [ mkdir, '-p', /dockerdata-nfs ]
          - [ chmod, 777, /dockerdata-nfs ]