diff options
Diffstat (limited to 'opensteak/tools/templates_foreman')
| -rw-r--r-- | opensteak/tools/templates_foreman/install.sh | 216 | ||||
| -rw-r--r-- | opensteak/tools/templates_foreman/kvm-config | 65 | ||||
| -rw-r--r-- | opensteak/tools/templates_foreman/meta-data | 12 | ||||
| -rw-r--r-- | opensteak/tools/templates_foreman/user-data | 25 |
4 files changed, 318 insertions, 0 deletions
diff --git a/opensteak/tools/templates_foreman/install.sh b/opensteak/tools/templates_foreman/install.sh new file mode 100644 index 0000000..497be86 --- /dev/null +++ b/opensteak/tools/templates_foreman/install.sh @@ -0,0 +1,216 @@ +#!/bin/sh +# -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# Authors: +# @author: David Blaisonneau <david.blaisonneau@orange.com> +# @author: Arnaud Morin <arnaud1.morin@orange.com> + +### Set vars +NAME="${name}" +DOMAIN="${domain}" +DATEE=$$(date +%F-%Hh%M) +IP="${ip}" +MASK="${netmaskshort}" +NET="${network}" +DHCP_RANGE="${dhcprange}" +REVERSE_DNS="${reversedns}" +DNS_FORWARDER="${dns}" +ADMIN="${admin}" +PASSWORD="${password}" + +### Set correct env +#dpkg-reconfigure locales +export LC_CTYPE=en_US.UTF-8 +export LANG=en_US.UTF-8 +unset LC_ALL +umask 0022 + +### Check hostname is on the public interface +echo "* Ensure hostname point to external IP" +# Remove useless lines +perl -i -pe 's/^127.0.1.1.*\n$$//' /etc/hosts +perl -i -pe "s/^$${IP}.*\n$$//" /etc/hosts +# Append a line +echo "$${IP} $${NAME}.$${DOMAIN} $${NAME}" >> /etc/hosts + +### Dependencies +echo "* Install dependencies" +apt-get -y install ca-certificates wget git isc-dhcp-server + +### Set AppArmor +echo "* Set App armor" +cat /etc/apparmor.d/local/usr.sbin.dhcpd | grep '/etc/bind/rndc.key r,' >/dev/null +if [ $$? -eq 1 ] ; then + echo "/etc/bind/rndc.key r," >> /etc/apparmor.d/local/usr.sbin.dhcpd +fi + +### Prepare repos +echo "* Enable Puppet labs repo" +if [ "Z" = "Z$$(dpkg -l |grep 'ii puppetlabs-release')" ] ; then + wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb + dpkg -i puppetlabs-release-trusty.deb + apt-get update +fi + +# Install puppetmaster +echo "* Install puppetmaster" +if [ "Z" = "Z$$(dpkg -l |grep 'ii puppetmaster')" ] ; then + apt-get -y install puppetmaster +fi + +# Enable the Foreman repo +echo "* Enable Foreman repo" +if [ ! -e /etc/apt/sources.list.d/foreman.list ] ; then + echo "deb http://deb.theforeman.org/ trusty 1.8" > /etc/apt/sources.list.d/foreman.list + echo "deb http://deb.theforeman.org/ plugins 1.8" >> /etc/apt/sources.list.d/foreman.list + wget -q http://deb.theforeman.org/pubkey.gpg -O- | apt-key add - + apt-get update +fi + +### Install Foreman +echo "* Install foreman-installer" +if [ "Z" = "Z$$(dpkg -l |grep 'ii foreman-installer')" ] ; then + apt-get -y install foreman-installer +fi +if [ "Z" = "Z$$(gem list --local |grep rubyipmi)" ] ; then + gem install -q rubyipmi +fi + +### Execute foreman installer +echo "* Execute foreman installer" + +foreman-installer \ + --foreman-admin-username="$$ADMIN" \ + --foreman-admin-password="$$PASSWORD" \ + --enable-foreman-plugin-templates \ + --enable-foreman-plugin-discovery \ + --foreman-plugin-discovery-install-images=true \ + --enable-foreman-compute-libvirt + + +foreman-installer \ + --foreman-admin-username="$$ADMIN" \ + --foreman-admin-password="$$PASSWORD" \ + --enable-foreman-plugin-templates \ + --enable-foreman-plugin-discovery \ + --foreman-plugin-discovery-install-images=true \ + --enable-foreman-compute-libvirt \ + --enable-foreman-proxy \ + --foreman-proxy-bmc=true \ + --foreman-proxy-tftp=true \ + --foreman-proxy-tftp-servername="$$IP" \ + --foreman-proxy-dhcp=true \ + --foreman-proxy-dhcp-interface="eth0" \ + --foreman-proxy-dhcp-gateway="$$IP" \ + --foreman-proxy-dhcp-range="$$DHCP_RANGE" \ + --foreman-proxy-dhcp-nameservers="$$IP" \ + --foreman-proxy-dns=true \ + --foreman-proxy-dns-interface="eth0" \ + --foreman-proxy-dns-zone="$$DOMAIN" \ + --foreman-proxy-dns-reverse="$$REVERSE_DNS" \ + --foreman-proxy-dns-forwarders="$$DNS_FORWARDER" \ + --foreman-proxy-foreman-base-url="https://localhost" + +### Sync community templates for last ubuntu versions + +echo "* Sync community templates for last ubuntu versions" +foreman-rake templates:sync + +### Get and install OpenSteak files + +echo "* Get OpenSteak repos" +if [ -d /usr/local/opensteak ] ; then + cd /usr/local/opensteak + git pull +else + cd /usr/local/ + git clone https://github.com/Orange-OpenSource/opnfv.git -b foreman opensteak +fi +cd /usr/local/opensteak/infra/puppet_master + +echo "* Set puppet auth" +echo "*.$$DOMAIN" > /etc/puppet/autosign.conf +if [ -e /etc/puppet/auth.conf ] ; then + # Make a backup + mv /etc/puppet/auth.conf /etc/puppet/auth.conf.$$DATEE +fi +cp etc/puppet/auth.conf /etc/puppet/auth.conf +perl -i -pe "s/__NET__/$$NET/" /etc/puppet/auth.conf +perl -i -pe "s/__MASK__/$$MASK/" /etc/puppet/auth.conf + +# Set Hiera Conf +echo "* Push Hiera conf into /etc/puppet/" +if [ -e /etc/puppet/hiera.yaml ] ; then + # Make a backup + mv /etc/puppet/hiera.yaml /etc/puppet/hiera.yaml.$$DATEE +fi +cp etc/puppet/hiera.yaml /etc/puppet/hiera.yaml +if [ -e /etc/hiera.yaml ] ; then + rm /etc/hiera.yaml +fi +ln -s /etc/puppet/hiera.yaml /etc/hiera.yaml +cp -rf etc/puppet/hieradata /etc/puppet/ +rename s/DOMAIN/$$DOMAIN/ /etc/puppet/hieradata/production/nodes/*.yaml +cp etc/puppet/manifests/site.pp /etc/puppet/manifests/site.pp +cp ../config/common.yaml /etc/puppet/hieradata/production/common.yaml +chgrp puppet /etc/puppet/hieradata/production/*.yaml + +# Install and config r10k +echo "* Install and setup r10k" +if [ "Z" = "Z$$(gem list --local |grep r10k)" ] ; then + gem install -q r10k +fi +if [ -e /etc/r10k.yaml ] ; then + # Make a backup + mv /etc/r10k.yaml /etc/r10k.yaml.$$DATEE +fi +cp etc/r10k.yaml /etc/r10k.yaml + +# Install opensteak-r10k-update script +echo "* Install opensteak-r10k-update script into /usr/local/bin" +cp usr/local/bin/opensteak-r10k-update /usr/local/bin/opensteak-r10k-update +chmod +x /usr/local/bin/opensteak-r10k-update + +echo "* Run R10k. You can re-run r10k by calling:" +echo " opensteak-r10k-update" +opensteak-r10k-update + +#### Install VIM puppet +echo "* Install VIM puppet" +if [ ! -d ~/.vim/autoload ] ; then + mkdir -p ~/.vim/autoload +fi +if [ ! -d ~/.vim/bundle ] ; then + mkdir -p ~/.vim/bundle +fi +curl -LSso ~/.vim/autoload/pathogen.vim https://tpo.pe/pathogen.vim +cat <<EOF > ~/.vimrc +execute pathogen#infect() +syntax on +filetype plugin indent on +EOF +cd ~/.vim/bundle +if [ ! -d vim-puppet ] ; then + git clone https://github.com/rodjek/vim-puppet.git > /dev/null +fi + +### Gen SSH key for foreman +echo "* SSH Key" +cp /mnt/id_rsa /usr/share/foreman/.ssh/ +cp /mnt/id_rsa.pub /usr/share/foreman/.ssh/ +chown foreman:foreman /usr/share/foreman/.ssh/ -R + +### Run puppet +puppet agent -t -v + diff --git a/opensteak/tools/templates_foreman/kvm-config b/opensteak/tools/templates_foreman/kvm-config new file mode 100644 index 0000000..7e3d65d --- /dev/null +++ b/opensteak/tools/templates_foreman/kvm-config @@ -0,0 +1,65 @@ +<domain type='kvm'> + <name>${name}</name> + <memory>${ram}</memory> + <currentMemory>${ram}</currentMemory> + <vcpu>${cpu}</vcpu> + <os> + <type arch='x86_64'>hvm</type> + <!-- uncomment to enable PXE boot + <boot dev='network'/> + --> + <boot dev='hd'/> + </os> + <features> + <acpi/><apic/><pae/> + </features> + <clock offset="utc"/> + <on_poweroff>preserve</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>restart</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <disk type='file' device='disk'> + <driver name='qemu' type='qcow2'/> + <source file='/var/lib/libvirt/images/${name}'/> + <target dev='vda' bus='virtio'/> + </disk> + <disk type='file' device='disk'> + <driver name='qemu' type='raw'/> + <source file='/var/lib/libvirt/images/${name}-configuration.iso'/> + <target dev='vdb' bus='virtio'/> + </disk> + <input type='mouse' bus='ps2'/> + <!-- uncomment to allow virsh console + <console type='pty'/> + <!- - end --> + <!-- uncomment to allow console to a log file --> + <serial type='file'> + <source path='/var/log/libvirt/qemu/${name}-serial.log'/> + <target port='0'/> + <alias name='serial0'/> + </serial> + <serial type='pty'> + <source path='/dev/pts/1'/> + <target port='1'/> + <alias name='serial1'/> + </serial> + <console type='file'> + <source path='/var/log/libvirt/qemu/${name}-serial.log'/> + <target type='serial' port='0'/> + <alias name='serial0'/> + </console> + <!-- end --> + <graphics type='spice' port='-1' autoport='no'/> + <video> + <model type='qxl' ram='65536' vram='65536' heads='1'/> + <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/> + </video> + <memballoon model='virtio'/> + <interface type='bridge'> + <source bridge='${bridge}'/> + ${bridgeconfig} + <model type='virtio'/> + </interface> + </devices> +</domain> diff --git a/opensteak/tools/templates_foreman/meta-data b/opensteak/tools/templates_foreman/meta-data new file mode 100644 index 0000000..b4cb9b6 --- /dev/null +++ b/opensteak/tools/templates_foreman/meta-data @@ -0,0 +1,12 @@ +instance-id: ${name}; +network-interfaces: | + auto lo + iface lo inet loopback + auto eth0 + iface eth0 inet static + address ${ip} + netmask ${netmaskshort} + gateway ${gateway} + dns-nameservers ${dns} + dns-search ${domain} +local-hostname: ${name} diff --git a/opensteak/tools/templates_foreman/user-data b/opensteak/tools/templates_foreman/user-data new file mode 100644 index 0000000..281b5d4 --- /dev/null +++ b/opensteak/tools/templates_foreman/user-data @@ -0,0 +1,25 @@ +#cloud-config +############################################# +# OPENSTEAK VM '${name}' +############################################# +password: ${password} +chpasswd: { expire: False } +ssh_pwauth: True +dsmode: net +hostname: ${name} +############################################# +# FIRST BOOT COMMAND +# - reload main interface +# - install puppet from puppetlabs +# - remove cloud-init +############################################# +runcmd: + - [ sh, -c, "mount /dev/vdb /mnt"] + - [ sh, -c, "sudo bash /mnt/install.sh"] +# This is the id_rsa.sansmotdepasse key +ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDY15cdBmIs2XOpe4EiFCsaY6bmUmK/GysMoLl4UG51JCfJwvwoWCoA+6mDIbymZxhxq9IGxilp/yTA6WQ9s/5pBag1cUMJmFuda9PjOkXl04jgqh5tR6I+GZ97AvCg93KAECis5ubSqw1xOCj4utfEUtPoF1OuzqM/lE5mY4N6VKXn+fT7pCD6cifBEs6JHhVNvs5OLLp/tO8Pa3kKYQOdyS0xc3rh+t2lrzvKUSWGZbX+dLiFiEpjsUL3tDqzkEMNUn4pdv69OJuzWHCxRWPfdrY9Wg0j3mJesP29EBht+w+EC9/kBKq+1VKdmsXUXAcjEvjovVL8l1BrX3BY0R8D sansmotdepasse +############################################# +# FINAL MESSAGE AT END OF BOOT +############################################# +final_message: "The system '${name}' is finally up, after $$UPTIME seconds" |