joshuarubin · August 29, 2015 14:19
diff --git a/config.rb b/config.rb
 # To automatically replace the discovery token on 'vagrant up', uncomment
 # the lines below:
 #
 #if File.exists?('user-data') && ARGV[0].eql?('up')
 #  require 'open-uri'
 #  require 'yaml'
 #
 #  token = open('https://discovery.etcd.io/new').read
 #
 #  data = YAML.load(IO.readlines('user-data')[1..-1].join)
 #  data['coreos']['etcd']['discovery'] = token
 #
 #  yaml = YAML.dump(data)
 #  File.open('user-data', 'w') { |file| file.write("#cloud-config\n\n#{yaml}") }
 #end
 #

 #
 # coreos-vagrant is configured through a series of configuration
 # options (global ruby variables) which are detailed below. To modify
 # these options, first copy this file to "config.rb". Then simply
 # uncomment the necessary lines, leaving the $, and replace everything
 # after the equals sign..

 # Size of the CoreOS cluster created by Vagrant
 $num_instances=3

 # Official CoreOS channel from which updates should be downloaded
 $update_channel='stable'

 # Log the serial consoles of CoreOS VMs to log/
 # Enable by setting value to true, disable with false
 # WARNING: Serial logging is known to result in extremely high CPU usage with
 # VirtualBox, so should only be used in debugging situations
 #$enable_serial_logging=false

 # Enable port forwarding of Docker TCP socket
 # Set to the TCP port you want exposed on the *host* machine, default is 2375
 # If 2375 is used, Vagrant will auto-increment (e.g. in the case of $num_instances > 1)
 # You can then use the docker tool locally by setting the following env var:
 #   export DOCKER_HOST='tcp://127.0.0.1:2375'
 $expose_docker_tcp=2375

 # Setting for VirtualBox VMs
 #$vb_gui = false
 $vb_memory = 1024
 $vb_cpus = 2
diff --git a/user-data b/user-data
 #cloud-config

 coreos:
  ## NOTE: etcd is commented out here because this cluster uses etcd2
  #etcd:
  #  discovery: <DISCOVERY_URL>
  #  addr: $public_ipv4:4001
  #  peer-addr: $public_ipv4:7001
  fleet:
    public-ip: $public_ipv4
  ## NOTE: flannel is the software defined network used to allow direct
  ## container-to-container connections anywhere within the cluster
  flannel:
    interface: $public_ipv4
  units:
    - name: flanneld.service
      drop-ins:
        - name: 50-network-config.conf
          content: |
            [Service]
            ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{ "Network": "10.1.0.0/16", "Backend": {"Type": "vxlan"} }'
      command: start
    ## NOTE: this is the etcd2 unit file
    - name: etcd.service
      command: start
      content: |
        [Unit]
        Description=etcd
        Requires=early-docker.service
        After=early-docker.service
        Before=early-docker.target

        [Service]
        User=etcd
        PermissionsStartOnly=true
        EnvironmentFile=/etc/environment
        Restart=always
        RestartSec=10s
        Environment="ETCD_VERSION=v2.0.10"
        Environment="ETCD_DISCOVERY=<YOUR_DISCOVERY_URL>"
        Environment="DOCKER_HOST=unix:///var/run/early-docker.sock"
        ExecStart=/usr/bin/docker run \
          --rm \
          --net=host \
          -v /var/lib/%p:/data \
          -v /usr/share/ca-certificates/:/etc/ssl/certs \
          quay.io/coreos/etcd:${ETCD_VERSION} \
            -name %m \
            -discovery ${ETCD_DISCOVERY} \
            -data-dir /data \
            -advertise-client-urls http://${COREOS_PRIVATE_IPV4}:4001 \
            -listen-client-urls http://0.0.0.0:4001 \
            -initial-advertise-peer-urls http://${COREOS_PRIVATE_IPV4}:7001 \
            -listen-peer-urls http://0.0.0.0:7001
    - name: docker-tcp.socket
      command: start
      enable: true
      content: |
        [Unit]
        Description=Docker Socket for the API

        [Socket]
        ListenStream=2375
        BindIPv6Only=both
        Service=docker.service

        [Install]
        WantedBy=sockets.target
    - name: fleet.service
      command: start
    - name: envetcd-install.service
      command: start
      content: |
        [Unit]
        Description=Install envetcd
        After=network-online.target
        Requires=network-online.target
        Before=fleet.service

        [Service]
        Type=oneshot
        ExecStart=/opt/bin/envetcd_install
 ssh_authorized_keys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
  ## NOTE: put your public key here
 write_files:
  - path: /home/core/.dockercfg
    owner: core:core
    permissions: 0644
    content: |
      {
        "https://index.docker.io/v1/": {
          "auth": "<YOUR_DOCKER_AUTH_KEY>",
          "email": "<YOUR_DOCKER_EMAIL>"
        }
      }
  - path: /etc/systemd/system/docker.service.d/50-registry-mirror.conf
    content: |
        [Service]
        Environment=DOCKER_OPTS='--registry-mirror=http://$public_ipv4:9000'
  - path: /opt/bin/envetcd_install
    permissions: 0755
    content: |
      #!/bin/bash -e

      DIR=`mktemp -d`
      function cleanup {
        echo "Cleaning up" 1>&2
        rm -rf $DIR
      }
      trap cleanup EXIT

      echo "Using temp directory ${DIR}" 1>&2
      cd $DIR

      SLEEP_TIME=5
      COUNT_LIMIT=10

      function fetch {
        URL=$1
        COUNTER=0
        while [ $COUNTER -lt $COUNT_LIMIT ]; do
          echo "Fetching ${URL}" 1>&2
          if curl -fsLO $1; then
            echo "Successfully received ${URL}" 1>&2
            break
          fi

          if [ $COUNTER -eq $COUNT_LIMIT ]; then
            echo "Giving up fetching ${URL} after ${COUNTER} tries" 1>&2
            exit 1
          fi

          echo "Failed to fetch ${URL} on try number ${COUNTER}" 1>&2
          echo "Sleeping for ${SLEEP_TIME} seconds" 1>&2
          sleep $SLEEP_TIME
          let COUNTER=COUNTER+1
        done
      }

      fetch https://api.github.com/repos/zvelo/envetcd/releases

      VERSION=`cat releases | grep 'tag_name' | awk '{print $2}' | sed 's/[",v]//g' | sort -nr | head -n 1`
      echo "Latest version of envetcd is ${VERSION}" 1>&2

      if [ -x /opt/bin/envetcd ] && [ "$VERSION" = "`/opt/bin/envetcd -v | awk '{print $3}'`" ]; then
        echo "Latest version of envetcd is already installed, not downloading" 1>&2
        exit
      fi

      fetch https://github.com/zvelo/envetcd/releases/download/v$VERSION/envetcd-$VERSION-linux-amd64.tgz
      tar -zx --strip-components=1 -f envetcd-$VERSION-linux-amd64.tgz

      echo "Installing envetcd version ${VERSION}" 1>&2
      install -D envetcd /opt/bin/envetcd

      echo "Successfully installed envetcd version ${VERSION}" 1>&2
	# To automatically replace the discovery token on 'vagrant up', uncomment
	# the lines below:
	#
	#if File.exists?('user-data') && ARGV[0].eql?('up')
	# require 'open-uri'
	# require 'yaml'
	#
	# token = open('https://discovery.etcd.io/new').read
	#
	# data = YAML.load(IO.readlines('user-data')[1..-1].join)
	# data['coreos']['etcd']['discovery'] = token
	#
	# yaml = YAML.dump(data)
	# File.open('user-data', 'w') { \|file\| file.write("#cloud-config\n\n#{yaml}") }
	#end
	#

	#
	# coreos-vagrant is configured through a series of configuration
	# options (global ruby variables) which are detailed below. To modify
	# these options, first copy this file to "config.rb". Then simply
	# uncomment the necessary lines, leaving the $, and replace everything
	# after the equals sign..

	# Size of the CoreOS cluster created by Vagrant
	$num_instances=3

	# Official CoreOS channel from which updates should be downloaded
	$update_channel='stable'

	# Log the serial consoles of CoreOS VMs to log/
	# Enable by setting value to true, disable with false
	# WARNING: Serial logging is known to result in extremely high CPU usage with
	# VirtualBox, so should only be used in debugging situations
	#$enable_serial_logging=false

	# Enable port forwarding of Docker TCP socket
	# Set to the TCP port you want exposed on the host machine, default is 2375
	# If 2375 is used, Vagrant will auto-increment (e.g. in the case of $num_instances > 1)
	# You can then use the docker tool locally by setting the following env var:
	# export DOCKER_HOST='tcp://127.0.0.1:2375'
	$expose_docker_tcp=2375

	# Setting for VirtualBox VMs
	#$vb_gui = false
	$vb_memory = 1024
	$vb_cpus = 2
	#cloud-config

	coreos:
	## NOTE: etcd is commented out here because this cluster uses etcd2
	#etcd:
	# discovery: <DISCOVERY_URL>
	# addr: $public_ipv4:4001
	# peer-addr: $public_ipv4:7001
	fleet:
	public-ip: $public_ipv4
	## NOTE: flannel is the software defined network used to allow direct
	## container-to-container connections anywhere within the cluster
	flannel:
	interface: $public_ipv4
	units:
	- name: flanneld.service
	drop-ins:
	- name: 50-network-config.conf
	content: \|
	[Service]
	ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{ "Network": "10.1.0.0/16", "Backend": {"Type": "vxlan"} }'
	command: start
	## NOTE: this is the etcd2 unit file
	- name: etcd.service
	command: start
	content: \|
	[Unit]
	Description=etcd
	Requires=early-docker.service
	After=early-docker.service
	Before=early-docker.target

	[Service]
	User=etcd
	PermissionsStartOnly=true
	EnvironmentFile=/etc/environment
	Restart=always
	RestartSec=10s
	Environment="ETCD_VERSION=v2.0.10"
	Environment="ETCD_DISCOVERY=<YOUR_DISCOVERY_URL>"
	Environment="DOCKER_HOST=unix:///var/run/early-docker.sock"
	ExecStart=/usr/bin/docker run \
	--rm \
	--net=host \
	-v /var/lib/%p:/data \
	-v /usr/share/ca-certificates/:/etc/ssl/certs \
	quay.io/coreos/etcd:${ETCD_VERSION} \
	-name %m \
	-discovery ${ETCD_DISCOVERY} \
	-data-dir /data \
	-advertise-client-urls http://${COREOS_PRIVATE_IPV4}:4001 \
	-listen-client-urls http://0.0.0.0:4001 \
	-initial-advertise-peer-urls http://${COREOS_PRIVATE_IPV4}:7001 \
	-listen-peer-urls http://0.0.0.0:7001
	- name: docker-tcp.socket
	command: start
	enable: true
	content: \|
	[Unit]
	Description=Docker Socket for the API

	[Socket]
	ListenStream=2375
	BindIPv6Only=both
	Service=docker.service

	[Install]
	WantedBy=sockets.target
	- name: fleet.service
	command: start
	- name: envetcd-install.service
	command: start
	content: \|
	[Unit]
	Description=Install envetcd
	After=network-online.target
	Requires=network-online.target
	Before=fleet.service

	[Service]
	Type=oneshot
	ExecStart=/opt/bin/envetcd_install
	ssh_authorized_keys:
	- ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
	## NOTE: put your public key here
	write_files:
	- path: /home/core/.dockercfg
	owner: core:core
	permissions: 0644
	content: \|
	{
	"https://index.docker.io/v1/": {
	"auth": "<YOUR_DOCKER_AUTH_KEY>",
	"email": "<YOUR_DOCKER_EMAIL>"
	}
	}
	- path: /etc/systemd/system/docker.service.d/50-registry-mirror.conf
	content: \|
	[Service]
	Environment=DOCKER_OPTS='--registry-mirror=http://$public_ipv4:9000'
	- path: /opt/bin/envetcd_install
	permissions: 0755
	content: \|
	#!/bin/bash -e

	DIR=`mktemp -d`
	function cleanup {
	echo "Cleaning up" 1>&2
	rm -rf $DIR
	}
	trap cleanup EXIT

	echo "Using temp directory ${DIR}" 1>&2
	cd $DIR

	SLEEP_TIME=5
	COUNT_LIMIT=10

	function fetch {
	URL=$1
	COUNTER=0
	while [ $COUNTER -lt $COUNT_LIMIT ]; do
	echo "Fetching ${URL}" 1>&2
	if curl -fsLO $1; then
	echo "Successfully received ${URL}" 1>&2
	break
	fi

	if [ $COUNTER -eq $COUNT_LIMIT ]; then
	echo "Giving up fetching ${URL} after ${COUNTER} tries" 1>&2
	exit 1
	fi

	echo "Failed to fetch ${URL} on try number ${COUNTER}" 1>&2
	echo "Sleeping for ${SLEEP_TIME} seconds" 1>&2
	sleep $SLEEP_TIME
	let COUNTER=COUNTER+1
	done
	}

	fetch https://api.github.com/repos/zvelo/envetcd/releases

	VERSION=`cat releases \| grep 'tag_name' \| awk '{print $2}' \| sed 's/[",v]//g' \| sort -nr \| head -n 1`
	echo "Latest version of envetcd is ${VERSION}" 1>&2

	if [ -x /opt/bin/envetcd ] && [ "$VERSION" = "`/opt/bin/envetcd -v \| awk '{print $3}'`" ]; then
	echo "Latest version of envetcd is already installed, not downloading" 1>&2
	exit
	fi

	fetch https://github.com/zvelo/envetcd/releases/download/v$VERSION/envetcd-$VERSION-linux-amd64.tgz
	tar -zx --strip-components=1 -f envetcd-$VERSION-linux-amd64.tgz

	echo "Installing envetcd version ${VERSION}" 1>&2
	install -D envetcd /opt/bin/envetcd

	echo "Successfully installed envetcd version ${VERSION}" 1>&2