Gitiles
Code Review Sign In
gerrit.nordix.org / onap / integration / c3ae5e96f36146259c66f8b9775a09e23fa12e5d / . / deployment / Azure_ARM_Template / scripts / azure-rancher-server.sh
blob: fc92c295e3527897f9223634767a4f1578c31b5d [file] [log] [blame]
Sudhakar Reddyd10ae122018-08-16 17:40:56 +0530[diff] [blame]1#!/bin/bash
2
3set -x
4
5DOCKER_VERSION=17.03
Sudhakar Reddy78a63122018-09-18 18:10:35 +0530[diff] [blame]6RANCHER_VERSION=1.6.18
Sudhakar Reddyd10ae122018-08-16 17:40:56 +0530[diff] [blame]7KUBECTL_VERSION=1.8.10
8HELM_VERSION=2.9.1
9
10# setup root access - default login: oom/oom - comment out to restrict access too ssh key only
11sed -i 's/PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
12sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config
13service sshd restart
14echo -e "oom\noom" | passwd root
15
16apt-get update
17curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh
18mkdir -p /etc/systemd/system/docker.service.d/
19cat > /etc/systemd/system/docker.service.d/docker.conf << EOF
20[Service]
21ExecStart=
22ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry=nexus3.onap.org:10001
23EOF
24systemctl daemon-reload
25systemctl restart docker
26apt-mark hold docker-ce
27
28#IP_ADDY=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'`
29#HOSTNAME=`hostname`
30
31#echo "$IP_ADDY $HOSTNAME" >> /etc/hosts
32
33docker login -u docker -p docker nexus3.onap.org:10001
34
35sudo apt-get install make -y
36
37sudo docker run -d --restart=unless-stopped -p 8080:8080 --name rancher_server rancher/server:v$RANCHER_VERSION
38sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl
39sudo chmod +x ./kubectl
40sudo mv ./kubectl /usr/local/bin/kubectl
41sudo mkdir ~/.kube
42wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz
43sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz
44sudo mv linux-amd64/helm /usr/local/bin/helm
45
46# nfs server
47sudo apt-get install nfs-kernel-server -y
48
49sudo mkdir -p /nfs_share
50sudo chown nobody:nogroup /nfs_share/
51
52
53sudo mkdir -p /dockerdata-nfs
54sudo chmod 777 -R /dockerdata-nfs
55sudo chown nobody:nogroup /dockerdata-nfs/
56
57NFS_EXP="*(rw,sync,no_root_squash,no_subtree_check) "
58
59echo "/dockerdata-nfs "$NFS_EXP | sudo tee -a /etc/exports
60
61#Restart the NFS service
62sudo exportfs -a
63sudo systemctl restart nfs-kernel-server
64
65echo "wait before installing rancher server"
66sleep 60
67
68# Create ONAP environment on rancher and register the nodes...
69SERVER=$1
70PRIVATE_IP=$2
71NODE_COUNT=$3
72
73echo "SERVER: ${SERVER}"
74echo "PRIVATE_IP: ${PRIVATE_IP}"
75echo "NODE_COUNT: ${NODE_COUNT}"
76#install sshpass to login to the k8s nodes to run rancher agent
77sudo apt-get install sshpass
78
79# create kubernetes environment on rancher using cli
80RANCHER_CLI_VER=0.6.7
81KUBE_ENV_NAME='onap'
82wget https://releases.rancher.com/cli/v${RANCHER_CLI_VER}/rancher-linux-amd64-v${RANCHER_CLI_VER}.tar.gz
83sudo tar -zxvf rancher-linux-amd64-v${RANCHER_CLI_VER}.tar.gz
84sudo cp rancher-v${RANCHER_CLI_VER}/rancher .
85sudo chmod +x ./rancher
86
87sudo apt install jq -y
88echo "wait for rancher server container to finish - 3 min"
89sleep 60
90echo "2 more min"
91sleep 60
92echo "1 min left"
93sleep 60
94echo "get public and private tokens back to the rancher server so we can register the client later"
95API_RESPONSE=`curl -s 'http://$SERVER:8080/v2-beta/apikey' -d '{"type":"apikey","accountId":"1a1","name":"autoinstall","description":"autoinstall","created":null,"kind":null,"removeTime":null,"removed":null,"uuid":null}'`
96# Extract and store token
97echo "API_RESPONSE: $API_RESPONSE"
98KEY_PUBLIC=`echo $API_RESPONSE | jq -r .publicValue`
99KEY_SECRET=`echo $API_RESPONSE | jq -r .secretValue`
100echo "publicValue: $KEY_PUBLIC secretValue: $KEY_SECRET"
101
102export RANCHER_URL=http://${SERVER}:8080
103export RANCHER_ACCESS_KEY=$KEY_PUBLIC
104export RANCHER_SECRET_KEY=$KEY_SECRET
105./rancher env ls
106echo "wait 60 sec for rancher environments can settle before we create the onap kubernetes one"
107sleep 60
108
109echo "Creating kubernetes environment named ${KUBE_ENV_NAME}"
110./rancher env create -t kubernetes $KUBE_ENV_NAME > kube_env_id.json
111PROJECT_ID=$(<kube_env_id.json)
112echo "env id: $PROJECT_ID"
113export RANCHER_HOST_URL=http://${SERVER}:8080/v1/projects/$PROJECT_ID
114echo "you should see an additional kubernetes environment usually with id 1a7"
115./rancher env ls
116# optionally disable cattle env
117
118# add host registration url
119# https://github.com/rancher/rancher/issues/2599
120# wait for REGISTERING to ACTIVE
121echo "sleep 60 to wait for REG to ACTIVE"
122./rancher env ls
123sleep 30
124echo "check on environments again before registering the URL response"
125./rancher env ls
126sleep 30
127REG_URL_RESPONSE=`curl -X POST -u $KEY_PUBLIC:$KEY_SECRET -H 'Accept: application/json' -H 'ContentType: application/json' -d '{"name":"$SERVER"}' "http://$SERVER:8080/v1/projects/$PROJECT_ID/registrationtokens"`
128echo "REG_URL_RESPONSE: $REG_URL_RESPONSE"
129echo "wait for server to finish url configuration - 2 min"
130sleep 60
131echo "60 more sec"
132sleep 60
133
134# see registrationUrl in
135REGISTRATION_TOKENS=`curl http://$SERVER:8080/v2-beta/registrationtokens`
136echo "REGISTRATION_TOKENS: $REGISTRATION_TOKENS"
137REGISTRATION_URL=`echo $REGISTRATION_TOKENS | jq -r .data[0].registrationUrl`
138REGISTRATION_DOCKER=`echo $REGISTRATION_TOKENS | jq -r .data[0].image`
139REGISTRATION_TOKEN=`echo $REGISTRATION_TOKENS | jq -r .data[0].token`
140echo "Registering host for image: $REGISTRATION_DOCKER url: $REGISTRATION_URL registrationToken: $REGISTRATION_TOKEN"
141HOST_REG_COMMAND=`echo $REGISTRATION_TOKENS | jq -r .data[0].command`
142
143#Loop using the private IP and the no of VMS to SSH into each machine
144for i in `seq 1 $((${NODE_COUNT}-1))`;
145do
146 NODE_IP=${PRIVATE_IP}$i
147 sshpass -p "oom" ssh -o StrictHostKeyChecking=no root@${NODE_IP} "hostnamectl set-hostname node$i && docker run --rm --privileged -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/racher:/var/lib/rancher $REGISTRATION_DOCKER $RANCHER_URL/v1/scripts/$REGISTRATION_TOKEN"
148done
149
150echo "waiting 10 min for host registration to finish"
151sleep 540
152echo "1 more min"
153sleep 60
154#read -p "wait for host registration to complete before generating the client token....."
155
156# base64 encode the kubectl token from the auth pair
157# generate this after the host is registered
158KUBECTL_TOKEN=$(echo -n 'Basic '$(echo -n "$RANCHER_ACCESS_KEY:$RANCHER_SECRET_KEY" | base64 -w 0) | base64 -w 0)
159echo "KUBECTL_TOKEN base64 encoded: ${KUBECTL_TOKEN}"
160# add kubectl config - NOTE: the following spacing has to be "exact" or kubectl will not connect - with a localhost:8080 error
161cat > ~/.kube/config <<EOF
162apiVersion: v1
163kind: Config
164clusters:
165- cluster:
166 api-version: v1
167 insecure-skip-tls-verify: true
168 server: "https://$SERVER:8080/r/projects/$PROJECT_ID/kubernetes:6443"
169 name: "${ENVIRON}"
170contexts:
171- context:
172 cluster: "${ENVIRON}"
173 user: "${ENVIRON}"
174 name: "${ENVIRON}"
175current-context: "${ENVIRON}"
176users:
177- name: "${ENVIRON}"
178 user:
179 token: "$KUBECTL_TOKEN"
180
181EOF
182
183echo "run the following if you installed a higher kubectl version than the server"
184echo "helm init --upgrade"
185echo "Verify all pods up on the kubernetes system - will return localhost:8080 until a host is added"
186echo "kubectl get pods --all-namespaces"
187kubectl get pods --all-namespaces
188
189
190exit 0