mirror of
https://github.com/jpetazzo/container.training.git
synced 2026-03-05 02:40:27 +00:00
167 lines
6.2 KiB
Plaintext
Executable File
167 lines
6.2 KiB
Plaintext
Executable File
pssh -I tee /tmp/settings.yaml < $SETTINGS
|
|
|
|
pssh sudo easy_install pyyaml
|
|
|
|
pssh -I tee /tmp/postprep.py <<EOF
|
|
#!/usr/bin/env python
|
|
import os
|
|
import platform
|
|
import sys
|
|
import time
|
|
import urllib
|
|
import yaml
|
|
|
|
#################################
|
|
|
|
config = yaml.load(open("/tmp/settings.yaml"))
|
|
COMPOSE_VERSION = config["compose_version"]
|
|
MACHINE_VERSION = config["machine_version"]
|
|
SWARM_VERSION = config["swarm_version"]
|
|
CLUSTER_SIZE = config["clustersize"]
|
|
ENGINE_VERSION = config["engine_version"]
|
|
|
|
#################################
|
|
|
|
# This script will be run as ubuntu user, which has root privileges.
|
|
# docker commands will require sudo because the ubuntu user has no access to the docker socket.
|
|
|
|
STEP = 0
|
|
START = time.time()
|
|
|
|
def bold(msg):
|
|
return "{} {} {}".format("$(tput smso)", msg, "$(tput rmso)")
|
|
|
|
def system(cmd):
|
|
global STEP
|
|
with open("/tmp/pp.status", "a") as f:
|
|
t1 = time.time()
|
|
f.write(bold("--- RUNNING [step {}] ---> {}...".format(STEP, cmd)))
|
|
retcode = os.system(cmd)
|
|
if retcode:
|
|
retcode = bold(retcode)
|
|
t2 = time.time()
|
|
td = str(t2-t1)[:5]
|
|
f.write("[{}] in {}s\n".format(retcode, td))
|
|
STEP += 1
|
|
with open("/home/ubuntu/.bash_history", "a") as f:
|
|
f.write("{}\n".format(cmd))
|
|
|
|
# On EC2, the ephemeral disk might be mounted on /mnt.
|
|
# If /mnt is a mountpoint, place Docker workspace on it.
|
|
system("if mountpoint -q /mnt; then sudo mkdir /mnt/docker && sudo ln -s /mnt/docker /var/lib/docker; fi")
|
|
|
|
# Put our public IP in /tmp/ipv4
|
|
# ipv4_retrieval_endpoint = "http://169.254.169.254/latest/meta-data/public-ipv4"
|
|
ipv4_retrieval_endpoint = "http://myip.enix.org/REMOTE_ADDR"
|
|
system("curl --silent {} > /tmp/ipv4".format(ipv4_retrieval_endpoint))
|
|
|
|
ipv4 = open("/tmp/ipv4").read()
|
|
|
|
# Add a "docker" user with password "training"
|
|
system("sudo useradd -d /home/docker -m -s /bin/bash docker")
|
|
system("echo docker:training | sudo chpasswd")
|
|
|
|
# Fancy prompt courtesy of @soulshake.
|
|
system("echo \"export PS1='\e[1m\[\033[0;32m\][\h] \e[1m\[\033[0;35m\]\u@{}\[\033[0;33m\] \w\[\033[00m\]\n$ '\" | sudo -u docker tee -a /home/docker/.bashrc".format(ipv4))
|
|
|
|
# add docker user to sudoers and allow password authentication
|
|
system("sudo bash -c \"echo 'docker ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/docker\"")
|
|
system("sudo sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config")
|
|
|
|
system("sudo service ssh restart")
|
|
system("sudo apt-get -q update")
|
|
system("sudo apt-get -qy install git jq python-pip")
|
|
|
|
# increase the size of the conntrack table so we don't blow it up when going crazy with http load testing
|
|
system("echo 1000000 | sudo tee /proc/sys/net/nf_conntrack_max")
|
|
|
|
#######################
|
|
### DOCKER INSTALLS ###
|
|
#######################
|
|
|
|
# This will install the latest Docker.
|
|
system("curl --silent https://{}/ | grep -v '( set -x; sleep 20 )' | sudo sh".format(ENGINE_VERSION))
|
|
|
|
# Make sure that the daemon listens on 55555 (for orchestration workshop).
|
|
# To test, run: export DOCKER_HOST=tcp://localhost:55555 ; docker ps
|
|
# or, run "curl localhost:55555" (it should return 404 not found). If it tells you connection refused, that's a bad sign
|
|
system("sudo sed -i 's,-H fd://$,-H fd:// -H tcp://0.0.0.0:55555,' /lib/systemd/system/docker.service")
|
|
system("sudo systemctl daemon-reload")
|
|
|
|
# There seems to be a bug in the systemd scripts; so work around it.
|
|
# See https://github.com/docker/docker/issues/18444
|
|
# If docker is already running, need to do a restart
|
|
system("curl --silent localhost:55555 || sudo systemctl restart docker ") # does this work? if not, next line should cover it
|
|
system("sudo systemctl start docker || true")
|
|
|
|
### Install docker-compose
|
|
system("sudo pip install -U docker-compose=={}".format(COMPOSE_VERSION))
|
|
|
|
### Install docker-machine
|
|
system("sudo curl -sSL -o /usr/local/bin/docker-machine https://github.com/docker/machine/releases/download/v{}/docker-machine-{}-{}".format(MACHINE_VERSION, platform.system(), platform.machine()))
|
|
system("sudo chmod +x /usr/local/bin/docker-machine*")
|
|
|
|
system("sudo apt-get remove -y --purge dnsmasq-base")
|
|
system("sudo apt-get -qy install python-setuptools pssh apache2-utils httping htop unzip mosh")
|
|
|
|
### Wait for Docker to be up.
|
|
### (If we don't do this, Docker will not be responsive during the next step.)
|
|
system("while ! sudo -u docker docker version ; do sleep 2; done")
|
|
|
|
### Install Swarm
|
|
system("docker pull swarm:{}".format(SWARM_VERSION))
|
|
system("docker tag -f swarm:{} swarm".format(SWARM_VERSION))
|
|
|
|
|
|
### BEGIN CLUSTERING ###
|
|
|
|
addresses = list(l.strip() for l in sys.stdin)
|
|
|
|
assert ipv4 in addresses
|
|
|
|
def makenames(addrs):
|
|
return [ "node%s"%(i+1) for i in range(len(addrs)) ]
|
|
|
|
while addresses:
|
|
cluster = addresses[:CLUSTER_SIZE]
|
|
addresses = addresses[CLUSTER_SIZE:]
|
|
if ipv4 not in cluster:
|
|
continue
|
|
names = makenames(cluster)
|
|
for ipaddr, name in zip(cluster, names):
|
|
system("grep ^{} /etc/hosts || echo {} {} | sudo tee -a /etc/hosts"
|
|
.format(ipaddr, ipaddr, name))
|
|
print(cluster)
|
|
|
|
mynode = cluster.index(ipv4) + 1
|
|
system("echo 'node{}' | sudo -u docker tee /tmp/node".format(mynode))
|
|
system("sudo -u docker mkdir -p /home/docker/.ssh")
|
|
system("sudo -u docker touch /home/docker/.ssh/authorized_keys")
|
|
|
|
if ipv4 == cluster[0]:
|
|
# If I'm node1 and don't have a private key, generate one (with empty passphrase)
|
|
system("sudo -u docker [ -f /home/docker/.ssh/id_rsa ] || sudo -u docker ssh-keygen -t rsa -f /home/docker/.ssh/id_rsa -P ''")
|
|
|
|
FINISH = time.time()
|
|
duration = "Initial deployment took {}s".format(str(FINISH - START)[:5])
|
|
system("echo {}".format(duration))
|
|
|
|
EOF
|
|
|
|
IPS_FILE=ips.txt
|
|
if [ ! -s $IPS_FILE ]; then
|
|
echo "ips.txt not found."
|
|
exit 1
|
|
fi
|
|
|
|
pssh --timeout 900 --send-input "python /tmp/postprep.py >>/tmp/pp.out 2>>/tmp/pp.err" < $IPS_FILE
|
|
|
|
# If /home/docker/.ssh/id_rsa doesn't exist, copy it from node1
|
|
pssh "sudo -u docker [ -f /home/docker/.ssh/id_rsa ] || ssh -o StrictHostKeyChecking=no node1 sudo -u docker tar -C /home/docker -cvf- .ssh | sudo -u docker tar -C /home/docker -xf-"
|
|
|
|
# if 'docker@' doesn't appear in /home/docker/.ssh/authorized_keys, copy it there
|
|
pssh "grep docker@ /home/docker/.ssh/authorized_keys \
|
|
|| cat /home/docker/.ssh/id_rsa.pub \
|
|
| sudo -u docker tee -a /home/docker/.ssh/authorized_keys"
|
|
|