Gitiles
Code Review Sign In
gerrit.nordix.org / onap / integration / 92938ec051c2a8038f5ccfe71a8c0fe068974dd9 / . / test / security / k8s / vagrant / dublin / Vagrantfile
blob: 1ccc3ef9f41f21db868057b9d3005e9fc16419f5 [file] [log] [blame]
Pawel Wieczorekb7f08112019-07-19 19:10:07 +0200[diff] [blame]1# -*- mode: ruby -*-
2# -*- coding: utf-8 -*-
3
4host_ip = "192.168.121.1"
Pawel Wieczorek9cf6f592019-07-26 13:40:23 +0200[diff] [blame]5operator_key = "${HOME}/.ssh/onap-key"
6vagrant_user = "vagrant"
7vagrant_password = "vagrant"
Pawel Wieczorek3664e042019-07-26 15:53:26 +0200[diff] [blame]8synced_folder_main = "/vagrant"
9synced_folder_config = "#{synced_folder_main}/config"
10cluster_yml = "cluster.yml"
Pawel Wieczorek625be0d2019-07-30 16:43:19 +0200[diff] [blame]11apt_prefs_dir = "/etc/apt/apt.conf.d"
12apt_prefs = "95silent-approval"
Pawel Wieczorekb7f08112019-07-19 19:10:07 +0200[diff] [blame]13
14vm_memory = 2 * 1024
15vm_cpus = 1
16vm_box = "generic/ubuntu1804"
17
Pawel Wieczorek15541742019-09-30 14:23:30 +0200[diff] [blame]18operation = { name: 'operator', hostname: 'operator', ip: '172.17.4.254' }
Pawel Wieczorekb7f08112019-07-19 19:10:07 +0200[diff] [blame]19cluster = [
Pawel Wieczorek15541742019-09-30 14:23:30 +0200[diff] [blame]20 { name: 'control', hostname: 'control', ip: '172.17.4.100' },
21 { name: 'worker', hostname: 'worker', ip: '172.17.4.101' }
Pawel Wieczorekb7f08112019-07-19 19:10:07 +0200[diff] [blame]22]
23
24all = cluster.dup << operation
25
Pawel Wieczorek2d13ea82019-07-29 13:17:51 +0200[diff] [blame]26operation_post_msg = "Run: \"vagrant provision #{operation[:name]} --provision-with=rke_up,setup_kubectl\" to complete cluster creation"
Pawel Wieczorek64092cb2019-07-30 16:27:45 +0200[diff] [blame]27
Pawel Wieczorek6b1f78b2019-07-26 14:04:39 +0200[diff] [blame]28$replace_dns = <<-SCRIPT
29 HOST_IP="$1"
30 rm -f /etc/resolv.conf # drop its dynamic management by systemd-resolved
31 echo nameserver "$HOST_IP" | tee /etc/resolv.conf
32SCRIPT
33
Pawel Wieczorek5ee92062019-07-26 13:58:02 +0200[diff] [blame]34$add_to_docker_group = <<-SCRIPT
35 USER="$1"
Pawel Wieczorek435200f2019-07-26 14:14:19 +0200[diff] [blame]36 echo "Adding ${USER} to 'docker' group"
Pawel Wieczorek5ee92062019-07-26 13:58:02 +0200[diff] [blame]37 usermod -aG docker "$USER"
38SCRIPT
39
Pawel Wieczorek625be0d2019-07-30 16:43:19 +0200[diff] [blame]40$setup_debconf = <<-SCRIPT
41 echo "Setting debconf frontend to noninteractive"
42 sed -i'.orig' '/^Config:/a Frontend: noninteractive' /etc/debconf.conf
43SCRIPT
44
Pawel Wieczorek6b1f78b2019-07-26 14:04:39 +0200[diff] [blame]45$install_sshpass = <<-SCRIPT
46 apt-get update
Pawel Wieczorek435200f2019-07-26 14:14:19 +0200[diff] [blame]47 echo "Installing 'sshpass'"
Pawel Wieczorek6b1f78b2019-07-26 14:04:39 +0200[diff] [blame]48 apt-get install sshpass
49SCRIPT
50
51$generate_key = <<-SCRIPT
52 KEY_FILE="$1"
Pawel Wieczorek435200f2019-07-26 14:14:19 +0200[diff] [blame]53 echo "Generating SSH key (${KEY_FILE})"
Pawel Wieczorek6b1f78b2019-07-26 14:04:39 +0200[diff] [blame]54 ssh-keygen -q -b 4096 -t rsa -f "$KEY_FILE" -N ""
55SCRIPT
56
Pawel Wieczorek9cf6f592019-07-26 13:40:23 +0200[diff] [blame]57$deploy_key = <<-SCRIPT
58 KEY="$1"
59 USER="$2"
60 PASS="$PASSWORD"
61 IPS="$3"
Pawel Wieczorek435200f2019-07-26 14:14:19 +0200[diff] [blame]62 echo "Deploying ${KEY} for ${USER}"
Pawel Wieczorek9cf6f592019-07-26 13:40:23 +0200[diff] [blame]63 for ip in $IPS; do
Pawel Wieczorek435200f2019-07-26 14:14:19 +0200[diff] [blame]64 echo "on ${ip}"
Pawel Wieczorek9cf6f592019-07-26 13:40:23 +0200[diff] [blame]65 sshpass -p "$PASS" ssh-copy-id -o StrictHostKeyChecking=no -i "$KEY" "${USER}@${ip}"
66 done
67SCRIPT
68
Pawel Wieczorek34e59322019-07-26 13:29:50 +0200[diff] [blame]69$link_dotfiles = <<-SCRIPT
Pawel Wieczorekeb166a52019-07-26 14:38:54 +0200[diff] [blame]70 SYNC_DIR="$1"
71 for rc in ${SYNC_DIR}/dot_*; do
Pawel Wieczorek435200f2019-07-26 14:14:19 +0200[diff] [blame]72 src="$rc"
73 dst="${HOME}/.${rc##*dot_}"
74 echo "Symlinking ${src} to ${dst}"
75 ln -sf "$src" "$dst"
Pawel Wieczorek34e59322019-07-26 13:29:50 +0200[diff] [blame]76 done
77SCRIPT
78
Pawel Wieczorek625be0d2019-07-30 16:43:19 +0200[diff] [blame]79$link_file = <<-SCRIPT
Pawel Wieczorek3664e042019-07-26 15:53:26 +0200[diff] [blame]80 SYNC_DIR="$1"
Pawel Wieczorek625be0d2019-07-30 16:43:19 +0200[diff] [blame]81 FILE="$2"
82 src="${SYNC_DIR}/${FILE}"
83 dst="$3"
Pawel Wieczorek3664e042019-07-26 15:53:26 +0200[diff] [blame]84 echo "Symlinking ${src} to ${dst}"
85 ln -sf "$src" "$dst"
86SCRIPT
87
88$rke_up = "rke up"
Pawel Wieczorek59511652019-07-29 11:47:26 +0200[diff] [blame]89$rke_down = "rke remove --force"
Pawel Wieczorek3664e042019-07-26 15:53:26 +0200[diff] [blame]90
Pawel Wieczorekb7f08112019-07-19 19:10:07 +0200[diff] [blame]91Vagrant.configure('2') do |config|
92 all.each do |machine|
93 config.vm.define machine[:name] do |config|
94 config.vm.box = vm_box
95 config.vm.hostname = machine[:hostname]
96
97 config.vm.provider :virtualbox do |v|
98 v.name = machine[:name]
99 v.memory = vm_memory
100 v.cpus = vm_cpus
101 end
102
103 config.vm.provider :libvirt do |v|
104 v.memory = vm_memory
105 v.cpus = vm_cpus
106 end
107
108 config.vm.network :private_network, ip: machine[:ip]
Pawel Wieczorek63640ac2019-07-26 14:22:03 +0200[diff] [blame]109 config.vm.provision "replace_dns", type: :shell, run: "always", inline: $replace_dns, args: host_ip
Pawel Wieczorekb7f08112019-07-19 19:10:07 +0200[diff] [blame]110
111 if machine[:name] == 'control'
Pawel Wieczorek63640ac2019-07-26 14:22:03 +0200[diff] [blame]112 config.vm.provision "customize_control", type: :shell, path: "../../tools/dublin/imported/openstack-k8s-controlnode.sh"
113 config.vm.provision "fix_groups_control", type: :shell, inline: $add_to_docker_group, args: vagrant_user
Pawel Wieczorekb7f08112019-07-19 19:10:07 +0200[diff] [blame]114 end
115
116 if machine[:name] == 'worker'
Pawel Wieczorek63640ac2019-07-26 14:22:03 +0200[diff] [blame]117 config.vm.provision "customize_worker", type: :shell, path: "../../tools/dublin/imported/openstack-k8s-workernode.sh"
118 config.vm.provision "fix_group_worker", type: :shell, inline: $add_to_docker_group, args: vagrant_user
Pawel Wieczorekb7f08112019-07-19 19:10:07 +0200[diff] [blame]119 end
120
121 if machine[:name] == 'operator'
Pawel Wieczorek3664e042019-07-26 15:53:26 +0200[diff] [blame]122 config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: "Vagrantfile"
123 config.vm.synced_folder "../../tools/config", synced_folder_config, type: "rsync"
Pawel Wieczorek34e59322019-07-26 13:29:50 +0200[diff] [blame]124
Pawel Wieczorek625be0d2019-07-30 16:43:19 +0200[diff] [blame]125 config.vm.provision "setup_debconf", type: :shell, inline: $setup_debconf
126 config.vm.provision "link_apt_prefs", type: :shell, run: "always" do |s|
127 s.inline = $link_file
128 s.args = [synced_folder_config, apt_prefs, apt_prefs_dir]
129 end
Pawel Wieczorekeb166a52019-07-26 14:38:54 +0200[diff] [blame]130 config.vm.provision "link_dotfiles_root", type: :shell, run: "always" do |s|
131 s.inline = $link_dotfiles
Pawel Wieczorek3664e042019-07-26 15:53:26 +0200[diff] [blame]132 s.args = synced_folder_config
Pawel Wieczorekeb166a52019-07-26 14:38:54 +0200[diff] [blame]133 end
134 config.vm.provision "link_dotfiles_user", type: :shell, run: "always" do |s|
135 s.privileged = false
136 s.inline = $link_dotfiles
Pawel Wieczorek3664e042019-07-26 15:53:26 +0200[diff] [blame]137 s.args = synced_folder_config
Pawel Wieczorekeb166a52019-07-26 14:38:54 +0200[diff] [blame]138 end
Pawel Wieczorek34e59322019-07-26 13:29:50 +0200[diff] [blame]139
Pawel Wieczorek63640ac2019-07-26 14:22:03 +0200[diff] [blame]140 config.vm.provision "install_sshpass", type: :shell, inline: $install_sshpass
141 config.vm.provision "generate_key", type: :shell, privileged: false, inline: $generate_key, args: operator_key
Pawel Wieczorekb7f08112019-07-19 19:10:07 +0200[diff] [blame]142
143 ips = ""
144 cluster.each { |node| ips << node[:ip] << " " }
Pawel Wieczorek63640ac2019-07-26 14:22:03 +0200[diff] [blame]145 config.vm.provision "deploy_key", type: :shell do |s|
Pawel Wieczorek9cf6f592019-07-26 13:40:23 +0200[diff] [blame]146 s.privileged = false
147 s.inline = $deploy_key
148 s.args = [operator_key, vagrant_user, ips]
149 s.env = {'PASSWORD': vagrant_password}
150 end
Pawel Wieczorek3664e042019-07-26 15:53:26 +0200[diff] [blame]151
152 config.vm.provision "get_rke", type: :shell, path: "../../tools/dublin/get_rke.sh"
153 config.vm.provision "link_cluster_yml", type: :shell, run: "always" do |s|
154 s.privileged = false
Pawel Wieczorek625be0d2019-07-30 16:43:19 +0200[diff] [blame]155 s.inline = $link_file
156 s.args = [synced_folder_main, cluster_yml, "$HOME"]
Pawel Wieczorek3664e042019-07-26 15:53:26 +0200[diff] [blame]157 end
Pawel Wieczorek64092cb2019-07-30 16:27:45 +0200[diff] [blame]158
159 config.vm.post_up_message = operation_post_msg
Pawel Wieczorek3664e042019-07-26 15:53:26 +0200[diff] [blame]160 config.vm.provision "rke_up", type: :shell, run: "never", privileged: false, inline: $rke_up
Pawel Wieczorek59511652019-07-29 11:47:26 +0200[diff] [blame]161 config.trigger.before :destroy do |trigger|
162 trigger.warn = "Removing cluster"
163 trigger.run_remote = {privileged: false, inline: $rke_down}
164 end
Pawel Wieczorek2d13ea82019-07-29 13:17:51 +0200[diff] [blame]165
166 config.vm.provision "get_kubectl", type: :shell, path: "../../tools/dublin/get_kubectl.sh"
167 config.vm.provision "setup_kubectl", type: :shell, run: "never" do |s|
168 s.privileged = false
169 s.path = "../../tools/dublin/setup_kubectl.sh"
170 end
Pawel Wieczorekb7f08112019-07-19 19:10:07 +0200[diff] [blame]171 end
172 end
173 end
174end