blob: e0ddafd9d2637ea79a37d47fa58b97d7e28836bd [file] [log] [blame]
# -*- mode: ruby -*-
# -*- coding: utf-8 -*-
host_ip = "192.168.121.1"
operator_key = "${HOME}/.ssh/onap-key"
vagrant_user = "vagrant"
vagrant_password = "vagrant"
synced_folder_main = "/vagrant"
synced_folder_config = "#{synced_folder_main}/config"
synced_folder_tools_config = "#{synced_folder_main}/tools/config"
os_config = "#{synced_folder_config}/local.conf"
os_env = "#{synced_folder_config}/dot_env"
cluster_yml = "cluster.yml"
apt_prefs_dir = "/etc/apt/apt.conf.d"
apt_prefs = "95silent-approval"
helm_timeout = "1800"
helm_master_password = "vagrant"
vm_memory = 1 * 1024
vm_memory_os = 4 * 1024
vm_memory_onap = 64 * 1024
vm_cpu = 1
vm_cpus = 8
vm_box = "generic/ubuntu1804"
vm_box_op = "generic/ubuntu2004"
vm_disk = 32
vm_disk_onap = 64
vm_storage_pool = "default"
operation = {
name: 'operator',
hostname: 'operator',
ip: '172.17.4.254',
box: vm_box_op,
cpus: vm_cpu,
memory: vm_memory,
disk: vm_disk,
pool: vm_storage_pool
}
devstack = {
name: 'devstack',
hostname: 'devstack',
ip: '172.17.4.200',
box: vm_box,
cpus: vm_cpu,
memory: vm_memory_os,
disk: vm_disk,
pool: vm_storage_pool
}
control = {
name: 'control',
hostname: 'control',
ip: '172.17.4.100',
box: vm_box,
cpus: vm_cpu,
memory: vm_memory,
disk: vm_disk,
pool: vm_storage_pool
}
worker = {
name: 'worker',
hostname: 'worker',
ip: '172.17.4.101',
box: vm_box,
cpus: vm_cpus,
memory: vm_memory_onap,
disk: vm_disk_onap,
pool: vm_storage_pool
}
cluster = [] << control << worker
all = cluster.dup << operation << devstack
operation_post_msg = "Run: \"vagrant provision #{operation[:name]} --provision-with=rke_up,setup_kubectl,setup_helm_cluster,setup_helm_repo,deploy_onap\" to complete ONAP deployment"
$replace_dns = <<-SCRIPT
HOST_IP="$1"
rm -f /etc/resolv.conf # drop its dynamic management by systemd-resolved
echo nameserver "$HOST_IP" | tee /etc/resolv.conf
SCRIPT
$enable_ipv6 = <<-SCRIPT
sed -i'' 's/net.ipv6.conf.all.disable_ipv6.*$/net.ipv6.conf.all.disable_ipv6 = 0/' /etc/sysctl.conf
sysctl -p
SCRIPT
$setup_devstack = <<-SCRIPT
CONFIG="$1"
git clone https://opendev.org/openstack/devstack
cd devstack
cp "$CONFIG" .
./stack.sh
SCRIPT
$add_to_docker_group = <<-SCRIPT
USER="$1"
echo "Adding ${USER} to 'docker' group"
usermod -aG docker "$USER"
SCRIPT
$setup_debconf = <<-SCRIPT
echo "Setting debconf frontend to noninteractive"
sed -i'.orig' '/^Config:/a Frontend: noninteractive' /etc/debconf.conf
SCRIPT
$install_sshpass = <<-SCRIPT
apt-get update
echo "Installing 'sshpass'"
apt-get install sshpass
SCRIPT
$install_make = <<-SCRIPT
apt-get update
echo "Installing 'make'"
apt-get install make
SCRIPT
$install_docker = <<-SCRIPT
apt-get update
echo "Setting up 'docker' repository"
apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
apt-get update
echo "Installing 'docker'"
apt-get install docker-ce docker-ce-cli containerd.io
SCRIPT
$resize_disk = <<-SCRIPT
DEV=${1:-vda}
PART=${2:-3}
echo ", +" | sfdisk -N "$PART" "/dev/$DEV" --no-reread
partprobe
resize2fs "/dev/${DEV}${PART}"
SCRIPT
$generate_key = <<-SCRIPT
KEY_FILE="$1"
echo "Generating SSH key (${KEY_FILE})"
ssh-keygen -q -b 4096 -t rsa -f "$KEY_FILE" -N ""
SCRIPT
$deploy_key = <<-SCRIPT
KEY="$1"
USER="$2"
PASS="$PASSWORD"
IPS="$3"
echo "Deploying ${KEY} for ${USER}"
for ip in $IPS; do
echo "on ${ip}"
sshpass -p "$PASS" ssh-copy-id -o StrictHostKeyChecking=no -i "$KEY" "${USER}@${ip}"
done
SCRIPT
$link_dotfiles = <<-SCRIPT
SYNC_DIR="$1"
for rc in ${SYNC_DIR}/dot_*; do
src="$rc"
dst="${HOME}/.${rc##*dot_}"
echo "Symlinking ${src} to ${dst}"
ln -sf "$src" "$dst"
done
SCRIPT
$link_file = <<-SCRIPT
SYNC_DIR="$1"
FILE="$2"
src="${SYNC_DIR}/${FILE}"
dst="$3"
echo "Symlinking ${src} to ${dst}"
ln -sf "$src" "$dst"
SCRIPT
$rke_up = "rke up"
$rke_down = "rke remove --force || true" # best effort
$get_oom = <<-SCRIPT
BRANCH="${1:-7.0.0-ONAP}"
REPO="${2:-https://git.onap.org/oom}"
git clone -b "$BRANCH" "$REPO" --recurse-submodules
SCRIPT
$get_helm_plugins = "mkdir -p ${HOME}/.helm && cp -R ${HOME}/oom/kubernetes/helm/plugins/ ${HOME}/.helm"
$setup_helm_cluster = <<-SCRIPT
export KUBECONFIG="${HOME}/.kube/config.onap"
kubectl config use-context onap
kubectl -n kube-system create serviceaccount tiller
kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
helm init --stable-repo-url https://charts.helm.sh/stable --service-account tiller
kubectl -n kube-system rollout status deploy/tiller-deploy
SCRIPT
# FIXME: replace sleep command with helm repo readiness probe
$setup_helm_repo = <<-SCRIPT
helm serve &
sleep 3
helm repo add local http://127.0.0.1:8879
make -e SKIP_LINT=TRUE -C ${HOME}/oom/kubernetes all
SCRIPT
$deploy_onap = <<-SCRIPT
OVERRIDE="${1:-${HOME}/oom/kubernetes/onap/resources/environments/core-onap.yaml}"
ENV="${2:-#{os_env}}"
export $(cat "$ENV" | xargs)
TIMEOUT="${3:-#{helm_timeout}}"
MASTER_PASSWORD="${4:-#{helm_master_password}}"
encrypt () {
KEY="${HOME}/oom/kubernetes/so/resources/config/mso/encryption.key"
echo -n "$1" \
| openssl aes-128-ecb -e -K `cat "$KEY"` -nosalt \
| xxd -c 256 -p
}
export OPENSTACK_ENCRYPTED_PASSWORD="$(encrypt $OPENSTACK_PASSWORD)"
export KUBECONFIG="${HOME}/.kube/config.onap"
helm deploy core local/onap --verbose \
--set global.masterPassword="$MASTER_PASSWORD" \
--namespace onap --timeout "$TIMEOUT" -f "$OVERRIDE"
SCRIPT
Vagrant.configure('2') do |config|
all.each do |machine|
config.vm.define machine[:name] do |config|
config.vm.box = machine[:box]
config.vm.hostname = machine[:hostname]
config.vm.provider :virtualbox do |v|
v.name = machine[:name]
v.memory = machine[:memory]
v.cpus = machine[:cpus]
end
config.vm.provider :libvirt do |v|
v.memory = machine[:memory]
v.cpus = machine[:cpus]
v.machine_virtual_size = machine[:disk] # set at VM creation
v.storage_pool_name = machine[:pool]
end
config.vm.network :private_network, ip: machine[:ip]
config.vm.provision "replace_dns", type: :shell, run: "always", inline: $replace_dns, args: host_ip
if machine[:name] == 'devstack'
config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: "Vagrantfile"
config.vm.provision "enable_ipv6", type: :shell, run: "always", inline: $enable_ipv6
config.vm.provision "setup_devstack", type: :shell, privileged: false, inline: $setup_devstack, args: os_config
end
if machine[:name] == 'control'
config.vm.provision "customize_control", type: :shell, path: "tools/imported/openstack-k8s-controlnode.sh"
config.vm.provision "fix_groups_control", type: :shell, inline: $add_to_docker_group, args: vagrant_user
end
if machine[:name] == 'worker'
config.vm.provision "customize_worker", type: :shell, path: "tools/imported/openstack-k8s-workernode.sh"
config.vm.provision "fix_groups_worker", type: :shell, inline: $add_to_docker_group, args: vagrant_user
config.vm.provision "resize_disk", type: :shell, inline: $resize_disk
end
if machine[:name] == 'operator'
config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: ["Vagrantfile", "operator"]
config.vm.synced_folder "~/.ssh", "/home/#{vagrant_user}/.ssh", type: "rsync", rsync__exclude: "authorized_keys"
config.vm.synced_folder "./operator", "/home/#{vagrant_user}", type: "sshfs", reverse: true, sshfs_opts_append: "-o nonempty"
config.vm.provision "setup_debconf", type: :shell, inline: $setup_debconf
config.vm.provision "link_apt_prefs", type: :shell, run: "always" do |s|
s.inline = $link_file
s.args = [synced_folder_tools_config, apt_prefs, apt_prefs_dir]
end
config.vm.provision "link_dotfiles_root", type: :shell, run: "always" do |s|
s.inline = $link_dotfiles
s.args = synced_folder_tools_config
end
config.vm.provision "link_dotfiles_user", type: :shell, run: "always" do |s|
s.privileged = false
s.inline = $link_dotfiles
s.args = synced_folder_tools_config
end
config.vm.provision "install_docker", type: :shell, inline: $install_docker
config.vm.provision "fix_groups_operator", type: :shell, inline: $add_to_docker_group, args: vagrant_user
config.vm.provision "install_sshpass", type: :shell, inline: $install_sshpass
config.vm.provision "generate_key", type: :shell, privileged: false, inline: $generate_key, args: operator_key
ips = ""
cluster.each { |node| ips << node[:ip] << " " }
config.vm.provision "deploy_key", type: :shell do |s|
s.privileged = false
s.inline = $deploy_key
s.args = [operator_key, vagrant_user, ips]
s.env = {'PASSWORD': vagrant_password}
end
config.vm.provision "get_rke", type: :shell, path: "tools/get_rke.sh"
config.vm.provision "link_cluster_yml", type: :shell, run: "always" do |s|
s.privileged = false
s.inline = $link_file
s.args = [synced_folder_config, cluster_yml, "$HOME"]
end
config.vm.post_up_message = operation_post_msg
config.vm.provision "rke_up", type: :shell, run: "never", privileged: false, inline: $rke_up
config.trigger.before :destroy do |trigger|
trigger.warn = "Removing cluster"
trigger.run_remote = {privileged: false, inline: $rke_down}
end
config.vm.provision "get_kubectl", type: :shell, path: "tools/get_kubectl.sh"
config.vm.provision "setup_kubectl", type: :shell, run: "never" do |s|
s.privileged = false
s.path = "tools/setup_kubectl.sh"
end
config.vm.provision "get_helm", type: :shell, path: "tools/get_helm.sh"
config.vm.provision "get_oom", type: :shell do |s|
s.privileged = false
s.inline = $get_oom
end
config.vm.provision "get_helm_plugins", type: :shell, privileged: false, inline: $get_helm_plugins
config.vm.provision "install_make", type: :shell, inline: $install_make
config.vm.provision "setup_helm_cluster", type: :shell, run: "never", privileged: false, inline: $setup_helm_cluster
config.vm.provision "setup_helm_repo", type: :shell, run: "never", privileged: false, inline: $setup_helm_repo
config.vm.provision "deploy_onap", type: :shell, run: "never" do |s|
s.privileged = false
s.inline = $deploy_onap
end
end
end
end
end