Sudhakar Reddy | d10ae12 | 2018-08-16 17:40:56 +0530 | [diff] [blame] | 1 | #!/bin/bash |
| 2 | |
| 3 | set -x |
| 4 | |
| 5 | DOCKER_VERSION=17.03 |
| 6 | RANCHER_VERSION=1.6.14 |
| 7 | KUBECTL_VERSION=1.8.10 |
| 8 | HELM_VERSION=2.9.1 |
| 9 | |
| 10 | # setup root access - default login: oom/oom - comment out to restrict access too ssh key only |
| 11 | sed -i 's/PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config |
| 12 | sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config |
| 13 | service sshd restart |
| 14 | echo -e "oom\noom" | passwd root |
| 15 | |
| 16 | apt-get update |
| 17 | curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh |
| 18 | mkdir -p /etc/systemd/system/docker.service.d/ |
| 19 | cat > /etc/systemd/system/docker.service.d/docker.conf << EOF |
| 20 | [Service] |
| 21 | ExecStart= |
| 22 | ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry=nexus3.onap.org:10001 |
| 23 | EOF |
| 24 | systemctl daemon-reload |
| 25 | systemctl restart docker |
| 26 | apt-mark hold docker-ce |
| 27 | |
| 28 | #IP_ADDY=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` |
| 29 | #HOSTNAME=`hostname` |
| 30 | |
| 31 | #echo "$IP_ADDY $HOSTNAME" >> /etc/hosts |
| 32 | |
| 33 | docker login -u docker -p docker nexus3.onap.org:10001 |
| 34 | |
| 35 | sudo apt-get install make -y |
| 36 | |
| 37 | sudo docker run -d --restart=unless-stopped -p 8080:8080 --name rancher_server rancher/server:v$RANCHER_VERSION |
| 38 | sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl |
| 39 | sudo chmod +x ./kubectl |
| 40 | sudo mv ./kubectl /usr/local/bin/kubectl |
| 41 | sudo mkdir ~/.kube |
| 42 | wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz |
| 43 | sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz |
| 44 | sudo mv linux-amd64/helm /usr/local/bin/helm |
| 45 | |
| 46 | # nfs server |
| 47 | sudo apt-get install nfs-kernel-server -y |
| 48 | |
| 49 | sudo mkdir -p /nfs_share |
| 50 | sudo chown nobody:nogroup /nfs_share/ |
| 51 | |
| 52 | |
| 53 | sudo mkdir -p /dockerdata-nfs |
| 54 | sudo chmod 777 -R /dockerdata-nfs |
| 55 | sudo chown nobody:nogroup /dockerdata-nfs/ |
| 56 | |
| 57 | NFS_EXP="*(rw,sync,no_root_squash,no_subtree_check) " |
| 58 | |
| 59 | echo "/dockerdata-nfs "$NFS_EXP | sudo tee -a /etc/exports |
| 60 | |
| 61 | #Restart the NFS service |
| 62 | sudo exportfs -a |
| 63 | sudo systemctl restart nfs-kernel-server |
| 64 | |
| 65 | echo "wait before installing rancher server" |
| 66 | sleep 60 |
| 67 | |
| 68 | # Create ONAP environment on rancher and register the nodes... |
| 69 | SERVER=$1 |
| 70 | PRIVATE_IP=$2 |
| 71 | NODE_COUNT=$3 |
| 72 | |
| 73 | echo "SERVER: ${SERVER}" |
| 74 | echo "PRIVATE_IP: ${PRIVATE_IP}" |
| 75 | echo "NODE_COUNT: ${NODE_COUNT}" |
| 76 | #install sshpass to login to the k8s nodes to run rancher agent |
| 77 | sudo apt-get install sshpass |
| 78 | |
| 79 | # create kubernetes environment on rancher using cli |
| 80 | RANCHER_CLI_VER=0.6.7 |
| 81 | KUBE_ENV_NAME='onap' |
| 82 | wget https://releases.rancher.com/cli/v${RANCHER_CLI_VER}/rancher-linux-amd64-v${RANCHER_CLI_VER}.tar.gz |
| 83 | sudo tar -zxvf rancher-linux-amd64-v${RANCHER_CLI_VER}.tar.gz |
| 84 | sudo cp rancher-v${RANCHER_CLI_VER}/rancher . |
| 85 | sudo chmod +x ./rancher |
| 86 | |
| 87 | sudo apt install jq -y |
| 88 | echo "wait for rancher server container to finish - 3 min" |
| 89 | sleep 60 |
| 90 | echo "2 more min" |
| 91 | sleep 60 |
| 92 | echo "1 min left" |
| 93 | sleep 60 |
| 94 | echo "get public and private tokens back to the rancher server so we can register the client later" |
| 95 | API_RESPONSE=`curl -s 'http://$SERVER:8080/v2-beta/apikey' -d '{"type":"apikey","accountId":"1a1","name":"autoinstall","description":"autoinstall","created":null,"kind":null,"removeTime":null,"removed":null,"uuid":null}'` |
| 96 | # Extract and store token |
| 97 | echo "API_RESPONSE: $API_RESPONSE" |
| 98 | KEY_PUBLIC=`echo $API_RESPONSE | jq -r .publicValue` |
| 99 | KEY_SECRET=`echo $API_RESPONSE | jq -r .secretValue` |
| 100 | echo "publicValue: $KEY_PUBLIC secretValue: $KEY_SECRET" |
| 101 | |
| 102 | export RANCHER_URL=http://${SERVER}:8080 |
| 103 | export RANCHER_ACCESS_KEY=$KEY_PUBLIC |
| 104 | export RANCHER_SECRET_KEY=$KEY_SECRET |
| 105 | ./rancher env ls |
| 106 | echo "wait 60 sec for rancher environments can settle before we create the onap kubernetes one" |
| 107 | sleep 60 |
| 108 | |
| 109 | echo "Creating kubernetes environment named ${KUBE_ENV_NAME}" |
| 110 | ./rancher env create -t kubernetes $KUBE_ENV_NAME > kube_env_id.json |
| 111 | PROJECT_ID=$(<kube_env_id.json) |
| 112 | echo "env id: $PROJECT_ID" |
| 113 | export RANCHER_HOST_URL=http://${SERVER}:8080/v1/projects/$PROJECT_ID |
| 114 | echo "you should see an additional kubernetes environment usually with id 1a7" |
| 115 | ./rancher env ls |
| 116 | # optionally disable cattle env |
| 117 | |
| 118 | # add host registration url |
| 119 | # https://github.com/rancher/rancher/issues/2599 |
| 120 | # wait for REGISTERING to ACTIVE |
| 121 | echo "sleep 60 to wait for REG to ACTIVE" |
| 122 | ./rancher env ls |
| 123 | sleep 30 |
| 124 | echo "check on environments again before registering the URL response" |
| 125 | ./rancher env ls |
| 126 | sleep 30 |
| 127 | REG_URL_RESPONSE=`curl -X POST -u $KEY_PUBLIC:$KEY_SECRET -H 'Accept: application/json' -H 'ContentType: application/json' -d '{"name":"$SERVER"}' "http://$SERVER:8080/v1/projects/$PROJECT_ID/registrationtokens"` |
| 128 | echo "REG_URL_RESPONSE: $REG_URL_RESPONSE" |
| 129 | echo "wait for server to finish url configuration - 2 min" |
| 130 | sleep 60 |
| 131 | echo "60 more sec" |
| 132 | sleep 60 |
| 133 | |
| 134 | # see registrationUrl in |
| 135 | REGISTRATION_TOKENS=`curl http://$SERVER:8080/v2-beta/registrationtokens` |
| 136 | echo "REGISTRATION_TOKENS: $REGISTRATION_TOKENS" |
| 137 | REGISTRATION_URL=`echo $REGISTRATION_TOKENS | jq -r .data[0].registrationUrl` |
| 138 | REGISTRATION_DOCKER=`echo $REGISTRATION_TOKENS | jq -r .data[0].image` |
| 139 | REGISTRATION_TOKEN=`echo $REGISTRATION_TOKENS | jq -r .data[0].token` |
| 140 | echo "Registering host for image: $REGISTRATION_DOCKER url: $REGISTRATION_URL registrationToken: $REGISTRATION_TOKEN" |
| 141 | HOST_REG_COMMAND=`echo $REGISTRATION_TOKENS | jq -r .data[0].command` |
| 142 | |
| 143 | #Loop using the private IP and the no of VMS to SSH into each machine |
| 144 | for i in `seq 1 $((${NODE_COUNT}-1))`; |
| 145 | do |
| 146 | NODE_IP=${PRIVATE_IP}$i |
| 147 | sshpass -p "oom" ssh -o StrictHostKeyChecking=no root@${NODE_IP} "hostnamectl set-hostname node$i && docker run --rm --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/racher:/var/lib/rancher $REGISTRATION_DOCKER $RANCHER_URL/v1/scripts/$REGISTRATION_TOKEN" |
| 148 | done |
| 149 | |
| 150 | echo "waiting 10 min for host registration to finish" |
| 151 | sleep 540 |
| 152 | echo "1 more min" |
| 153 | sleep 60 |
| 154 | #read -p "wait for host registration to complete before generating the client token....." |
| 155 | |
| 156 | # base64 encode the kubectl token from the auth pair |
| 157 | # generate this after the host is registered |
| 158 | KUBECTL_TOKEN=$(echo -n 'Basic '$(echo -n "$RANCHER_ACCESS_KEY:$RANCHER_SECRET_KEY" | base64 -w 0) | base64 -w 0) |
| 159 | echo "KUBECTL_TOKEN base64 encoded: ${KUBECTL_TOKEN}" |
| 160 | # add kubectl config - NOTE: the following spacing has to be "exact" or kubectl will not connect - with a localhost:8080 error |
| 161 | cat > ~/.kube/config <<EOF |
| 162 | apiVersion: v1 |
| 163 | kind: Config |
| 164 | clusters: |
| 165 | - cluster: |
| 166 | api-version: v1 |
| 167 | insecure-skip-tls-verify: true |
| 168 | server: "https://$SERVER:8080/r/projects/$PROJECT_ID/kubernetes:6443" |
| 169 | name: "${ENVIRON}" |
| 170 | contexts: |
| 171 | - context: |
| 172 | cluster: "${ENVIRON}" |
| 173 | user: "${ENVIRON}" |
| 174 | name: "${ENVIRON}" |
| 175 | current-context: "${ENVIRON}" |
| 176 | users: |
| 177 | - name: "${ENVIRON}" |
| 178 | user: |
| 179 | token: "$KUBECTL_TOKEN" |
| 180 | |
| 181 | EOF |
| 182 | |
| 183 | echo "run the following if you installed a higher kubectl version than the server" |
| 184 | echo "helm init --upgrade" |
| 185 | echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added" |
| 186 | echo "kubectl get pods --all-namespaces" |
| 187 | kubectl get pods --all-namespaces |
| 188 | |
| 189 | |
| 190 | exit 0 |