elarif · September 19, 2016 04:13
diff --git a/01.preparer le poste de deploiement b/01.preparer le poste de deploiement
 #!/bin/sh
 HOSTS_CSV=(master1.mydev,master2.mydev,node1.mydev,node2.mydev,node3.mydev)
 HOSTS=(master1.mydev master2.mydev node1.mydev node2.mydev node3.mydev)
 DOCKER_HOST=docker.mydev

 ## install prerequistes
 yum -y install pdsh wget git net-tools bind-utils iptables-services bridge-utils bash-completion ansible 
 yum -y update
 git clone https://github.com/openshift/openshift-ansible --depth=1
 cd openshift-ansible

 cp ./roles/openshift_repos/files/origin/repos/openshift-ansible-centos-paas-sig.repo /etc/yum.repos.d/
 cp ./roles/openshift_repos/files/origin/gpg_keys/openshift-ansible-CentOS-SIG-PaaS /etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
 yum -y install --disablerepo='*' --enablerepo='centos-openshift-origin' docker
 docker-storage-setup
 systemctl enable docker && systemctl start docker

 ## run dns
 docker volume create --name bind-data
 docker run --name bind -d --restart=always -p 53:53/tcp -p 53:53/udp -p 10000:10000/tcp -v bind-data:/data sameersbn/bind:latest
 docker run --rm -v bind-data:/data sameersbn/bind:latest  sh -c '
 sed -i "16i forwarders {8.8.8.8;8.8.4.4;};\nallow-recursion { 192.168.1.0/24; 127.0.0.1;172.30.0.0/16; };\n" /etc/bind/named.conf.options
 cat << EOF >> /etc/bind/named.conf.local
 zone "mydev" {
 type master;
   file "/etc/bind/db.mydev";
 };
 EOF
 cat << EOF >> /etc/bind/db.mydev
 mydev. 86400 IN SOA mydev. hostmaster.mydev. (
               20091028 ; serial yyyy-mm-dd
               10800; refresh every 15 min
                3600; retry every hour
                 3600000; expire after 1 month +
                86400 ); min ttl of 1 day
                IN      NS      ns01
                IN      NS      ns02
 ns01            IN      A       0.0.0.0
 ns02            IN      A       0.0.0.0
 master1  IN A 192.168.1.28
 master2  IN A 192.168.1.100
 node1       IN A 192.168.1.44
 openshift   IN A 192.168.1.28
 docker      IN A 192.168.1.53
 git         IN A 192.168.1.53
 *.appli     IN A 192.168.1.93
 EOF
 '
 # docker volume inspect bind-data | grep "Mountpoint" | cut -d: -f2 | awk '{gsub(/^[ "]+|[ "]+$/,"")} {print $0}'

 ## run mirror proxy cache
 docker volume create --name registry-data
 docker run -d --restart=always -p 5000:5000 --name registry -v registry-data:/var/lib/registry -e REGISTRY_PROXY_REMOTEURL=https://registry-1.docker.io registry:2
 sed -e "s/^OPTIONS='\([^']*\)'/OPTIONS='\1 --log-opt max-size=1M --log-opt max-file=3 --registry-mirror=http:\/\/$DOCKER_HOST:5000'/" /etc/sysconfig/docker
 cat << EOF >> /etc/sysconfig/docker
 ADD_REGISTRY='--add-registry $DOCKER_HOST:5000'
 INSECURE_REGISTRY='--insecure-registry $DOCKER_HOST:5000'
 EOF
 #docker volume inspect registry-data | grep "Mountpoint" | cut -d: -f2 | awk '{gsub(/^[ "]+|[ "]+$/,"")} {print $0}'

 ## run gogs
 docker volume create --name gogs-data
 docker run --name=gogs -v gogs-data:/data -p 10022:22 -p 10080:3000 -d --restart=always gogs/gogs
 #docker volume inspect gogs-data | grep "Mountpoint" | cut -d: -f2 | awk '{gsub(/^[ "]+|[ "]+$/,"")} {print $0}'

 ## restart docker
 systemctl daemon-reload && systemctl restart docker

 ## pull openshift base images
 OPENSHIFT_IMAGES=("openshift/origin-deployer" "openshift/origin-docker-registry" "openshift/origin-haproxy-router" "openshift/origin-pod" "openshift/origin-sti-builder" "openshift/wildfly-100-centos7")
 for i in ${OPENSHIFT_IMAGES[@]}; do docker pull $DOCKER_HOST:5000/$i; done

 ## copy ssh key
 ssh-keygen -N '' -f ~/.ssh/id_rsa
 for i in ${HOSTS[@]}; do ssh-copy-id -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa.pub $i;done

 ## config nodes dns
 pdsh -w $HOSTS_CSV << EOF
 echo "prepend domain-name-servers 192.168.1.53;" > /etc/dhcp/dhclient.conf
 systemctl restart network
 EOF

 ## add centos-openshift-origin repo 		
 for i in ${HOSTS[@]}; do scp ./roles/openshift_repos/files/origin/repos/openshift-ansible-centos-paas-sig.repo $i:/etc/yum.repos.d/; scp ./roles/openshift_repos/files/origin/gpg_keys/openshift-ansible-CentOS-SIG-PaaS $i:/etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS ;done

 ## create ansibles hosts
 cat << EOF > /etc/ansible/hosts
 [OSEv3:children]
 masters
 nodes
 etcd
 #lb

 # Déclaration des différentes variables ansible.
 [OSEv3:vars]
 ansible_ssh_user=root
 deployment_type=origin

 openshift_master_cluster_method=native
 openshift_master_cluster_hostname=openshift.mydev
 openshift_master_cluster_public_hostname=openshift.mydev
 openshift_master_default_subdomain=mydev

 openshift_install_examples=false

 openshift_docker_additional_registries=$DOCKER_HOST:5000
 openshift_docker_blocked_registries=docker.io
 openshift_docker_insecure_registries=$DOCKER_HOST:5000

 openshift_hosted_router_force_subdomain="${name}-${namespace}.apps.mydev"

 openshift_router_selector='region=infra'

 openshift_registry_selector='region=infra'

 [masters]
 master1.mydev
 master2.mydev

 # Regroupement des nodes
 [nodes]
 master1.mydev openshift_scheduleable=false
 node1.mydev openshift_node_labels="{'region':'infra','zone':'default'}"
 node2.mydev
 node3.mydev

 [etcd]
 master1.mydev
 master2.mydev

 #[lb]
 #ha.mydev
 EOF

 ## install prereq on nodes
 pdsh -w $HOSTS_CSV << EOF
 yum -y remove openshift 'openshift-*' etcd 'docker*'
 rm -rf /etc/origin /var/lib/openshift /etc/etcd /var/lib/etcd '/etc/sysconfig/atomic-openshift*' '/etc/sysconfig/docker*'  /root/.kube/config /etc/ansible/facts.d /usr/share/openshift
 yum -y install wget git net-tools bind-utils iptables-services bridge-utils bash-completion policycoreutils-python
 yum -y update 
 yum -y install --disablerepo='*' --enablerepo='centos-openshift-origin' docker
 yum -y clean all
 sed -i -e "s/\(^OPTIONS='--selinux-enabled\)/\1 --insecure-registry 172.30.0.0\/16/" /etc/sysconfig/docker
 docker-storage-setup 
 systemctl enable docker 
 systemctl start docker
 EOF

 ## time playbook exec
 time ansible-playbook ~/openshift-ansible/playbooks/byo/config.yml
	#!/bin/sh
	HOSTS_CSV=(master1.mydev,master2.mydev,node1.mydev,node2.mydev,node3.mydev)
	HOSTS=(master1.mydev master2.mydev node1.mydev node2.mydev node3.mydev)
	DOCKER_HOST=docker.mydev

	## install prerequistes
	yum -y install pdsh wget git net-tools bind-utils iptables-services bridge-utils bash-completion ansible
	yum -y update
	git clone https://github.com/openshift/openshift-ansible --depth=1
	cd openshift-ansible

	cp ./roles/openshift_repos/files/origin/repos/openshift-ansible-centos-paas-sig.repo /etc/yum.repos.d/
	cp ./roles/openshift_repos/files/origin/gpg_keys/openshift-ansible-CentOS-SIG-PaaS /etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
	yum -y install --disablerepo='*' --enablerepo='centos-openshift-origin' docker
	docker-storage-setup
	systemctl enable docker && systemctl start docker

	## run dns
	docker volume create --name bind-data
	docker run --name bind -d --restart=always -p 53:53/tcp -p 53:53/udp -p 10000:10000/tcp -v bind-data:/data sameersbn/bind:latest
	docker run --rm -v bind-data:/data sameersbn/bind:latest sh -c '
	sed -i "16i forwarders {8.8.8.8;8.8.4.4;};\nallow-recursion { 192.168.1.0/24; 127.0.0.1;172.30.0.0/16; };\n" /etc/bind/named.conf.options
	cat << EOF >> /etc/bind/named.conf.local
	zone "mydev" {
	type master;
	file "/etc/bind/db.mydev";
	};
	EOF
	cat << EOF >> /etc/bind/db.mydev
	mydev. 86400 IN SOA mydev. hostmaster.mydev. (
	20091028 ; serial yyyy-mm-dd
	10800; refresh every 15 min
	3600; retry every hour
	3600000; expire after 1 month +
	86400 ); min ttl of 1 day
	IN NS ns01
	IN NS ns02
	ns01 IN A 0.0.0.0
	ns02 IN A 0.0.0.0
	master1 IN A 192.168.1.28
	master2 IN A 192.168.1.100
	node1 IN A 192.168.1.44
	openshift IN A 192.168.1.28
	docker IN A 192.168.1.53
	git IN A 192.168.1.53
	*.appli IN A 192.168.1.93
	EOF
	'
	# docker volume inspect bind-data \| grep "Mountpoint" \| cut -d: -f2 \| awk '{gsub(/^[ "]+\|[ "]+$/,"")} {print $0}'

	## run mirror proxy cache
	docker volume create --name registry-data
	docker run -d --restart=always -p 5000:5000 --name registry -v registry-data:/var/lib/registry -e REGISTRY_PROXY_REMOTEURL=https://registry-1.docker.io registry:2
	sed -e "s/^OPTIONS='\([^']*\)'/OPTIONS='\1 --log-opt max-size=1M --log-opt max-file=3 --registry-mirror=http:\/\/$DOCKER_HOST:5000'/" /etc/sysconfig/docker
	cat << EOF >> /etc/sysconfig/docker
	ADD_REGISTRY='--add-registry $DOCKER_HOST:5000'
	INSECURE_REGISTRY='--insecure-registry $DOCKER_HOST:5000'
	EOF
	#docker volume inspect registry-data \| grep "Mountpoint" \| cut -d: -f2 \| awk '{gsub(/^[ "]+\|[ "]+$/,"")} {print $0}'

	## run gogs
	docker volume create --name gogs-data
	docker run --name=gogs -v gogs-data:/data -p 10022:22 -p 10080:3000 -d --restart=always gogs/gogs
	#docker volume inspect gogs-data \| grep "Mountpoint" \| cut -d: -f2 \| awk '{gsub(/^[ "]+\|[ "]+$/,"")} {print $0}'

	## restart docker
	systemctl daemon-reload && systemctl restart docker

	## pull openshift base images
	OPENSHIFT_IMAGES=("openshift/origin-deployer" "openshift/origin-docker-registry" "openshift/origin-haproxy-router" "openshift/origin-pod" "openshift/origin-sti-builder" "openshift/wildfly-100-centos7")
	for i in ${OPENSHIFT_IMAGES[@]}; do docker pull $DOCKER_HOST:5000/$i; done

	## copy ssh key
	ssh-keygen -N '' -f ~/.ssh/id_rsa
	for i in ${HOSTS[@]}; do ssh-copy-id -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa.pub $i;done

	## config nodes dns
	pdsh -w $HOSTS_CSV << EOF
	echo "prepend domain-name-servers 192.168.1.53;" > /etc/dhcp/dhclient.conf
	systemctl restart network
	EOF

	## add centos-openshift-origin repo
	for i in ${HOSTS[@]}; do scp ./roles/openshift_repos/files/origin/repos/openshift-ansible-centos-paas-sig.repo $i:/etc/yum.repos.d/; scp ./roles/openshift_repos/files/origin/gpg_keys/openshift-ansible-CentOS-SIG-PaaS $i:/etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS ;done

	## create ansibles hosts
	cat << EOF > /etc/ansible/hosts
	[OSEv3:children]
	masters
	nodes
	etcd
	#lb

	# Déclaration des différentes variables ansible.
	[OSEv3:vars]
	ansible_ssh_user=root
	deployment_type=origin

	openshift_master_cluster_method=native
	openshift_master_cluster_hostname=openshift.mydev
	openshift_master_cluster_public_hostname=openshift.mydev
	openshift_master_default_subdomain=mydev

	openshift_install_examples=false

	openshift_docker_additional_registries=$DOCKER_HOST:5000
	openshift_docker_blocked_registries=docker.io
	openshift_docker_insecure_registries=$DOCKER_HOST:5000

	openshift_hosted_router_force_subdomain="${name}-${namespace}.apps.mydev"

	openshift_router_selector='region=infra'

	openshift_registry_selector='region=infra'

	[masters]
	master1.mydev
	master2.mydev

	# Regroupement des nodes
	[nodes]
	master1.mydev openshift_scheduleable=false
	node1.mydev openshift_node_labels="{'region':'infra','zone':'default'}"
	node2.mydev
	node3.mydev

	[etcd]
	master1.mydev
	master2.mydev

	#[lb]
	#ha.mydev
	EOF

	## install prereq on nodes
	pdsh -w $HOSTS_CSV << EOF
	yum -y remove openshift 'openshift-' etcd 'docker'
	rm -rf /etc/origin /var/lib/openshift /etc/etcd /var/lib/etcd '/etc/sysconfig/atomic-openshift' '/etc/sysconfig/docker' /root/.kube/config /etc/ansible/facts.d /usr/share/openshift
	yum -y install wget git net-tools bind-utils iptables-services bridge-utils bash-completion policycoreutils-python
	yum -y update
	yum -y install --disablerepo='*' --enablerepo='centos-openshift-origin' docker
	yum -y clean all
	sed -i -e "s/\(^OPTIONS='--selinux-enabled\)/\1 --insecure-registry 172.30.0.0\/16/" /etc/sysconfig/docker
	docker-storage-setup
	systemctl enable docker
	systemctl start docker
	EOF

	## time playbook exec
	time ansible-playbook ~/openshift-ansible/playbooks/byo/config.yml