jpadams · February 9, 2018 00:04
diff --git a/gistfile1.txt b/gistfile1.txt
 $install_dir = '/opt/cloud-private-ce'
 $public_ip = $facts[ipaddress]
 $shared_root_password = 'puppetlabs'
 $shared_root_pw_hash = '$6$bdVLCr58$TtGGFM8FH9jhSL6ZB9gXHncCm30gMKcHER.ByqL6zAMjarUVtSZ.SqKfhw7ip5NKR0iRVC8/Gx5KrMfrb1GSP0'

 $config_yaml = @("END")
  ---
  ansible_user: root
  ansible_ssh_pass: $shared_root_password
  ansible_ssh_common_args: "-oPubkeyAuthentication=no"
  
  # Network in IPv4 CIDR format
  network_cidr: 10.1.0.0/16
  
  # Kubernetes service IP range
  service_cluster_ip_range: 10.0.0.1/24
  
  # Flag to enable ldap with true, disabled by default.
  ldap_enabled: false
  
  # Kubernetes service domain
  cluster_domain: cluster.local
  
  # This flag is to enable the pre-check in appcenter. If enabled, it will
  # check whether the related image registry can be accessed before install
  # release. If user does not have registry access and intends to install charts
  # using pre-load image on worker, this flag must be set false.
  appcenter_precheck_enabled: false
  
  # Docker images for amd64 architecture
  # auth_image: "ibmcom/cfc-auth:1.2.0"
  # calico_cni_image: "ibmcom/calico-cni:v1.8.3"
  # calico_ctl_image: "ibmcom/calico-ctl:v1.2.1"
  # calico_image: "ibmcom/calico-node:v1.2.1"
  # calico_policy_controller_image: "ibmcom/calico-policy-controller:v0.6.0"
  # defaultbackend_image: "ibmcom/defaultbackend:1.2"
  # elasticsearch_image: "ibmcom/elasticsearch:2.4.1"
  # etcd_image: "ibmcom/etcd:v3.1.5"
  # filebeat_image: "ibmcom/filebeat:5.1.1"
  # heapster_image: "ibmcom/heapster:v1.3.0"
  # helm_image: "ibmcom/helm:v2.4.1"
  # image_manager_image: "ibmcom/cfc-image-manager:1.2.0"
  # image_registry_image: "ibmcom/registry:2"
  # indices_cleaner_image: "ibmcom/indices-cleaner:0.2"
  # k8s_image: "ibmcom/kubernetes:v1.6.1"
  # k8s_pause_image: "ibmcom/pause:3.0"
  # kubedns_dnsmasq_image: "ibmcom/k8s-dns-dnsmasq-nanny:1.14.1"
  # kubedns_image: "ibmcom/k8s-dns-kube-dns:1.14.1"
  # kubedns_sidecar_image: "ibmcom/k8s-dns-sidecar:1.14.1"
  # logstash_image: "ibmcom/logstash:2.4.0"
  # mariadb_image: "ibmcom/mariadb:10.1.16"
  # nginx_ingress_controller_image: "ibmcom/nginx-ingress-controller:0.8.3"
  # rescheduler_image: "ibmcom/rescheduler:v0.5.1"
  # router_image: "ibmcom/cfc-router:1.2.0"
  # tiller_image: "ibmcom/tiller:v2.4.1"
  # unified_router_image: "ibmcom/unified-router:1.2.0"
  
  # Docker images for ppc64le architecture
  # auth_image_ppc64le: "ppc64le/cfc-auth:1.2.0"
  # calico_cni_image_ppc64le: "ppc64le/calico-cni:v1.8.3"
  # calico_ctl_image_ppc64le: "ppc64le/calico-ctl:v1.2.1"
  # calico_image_ppc64le: "ppc64le/calico-node:v1.2.1"
  # calico_policy_controller_image_ppc64le: "ppc64le/calico-policy-controller:v0.6.0"
  # defaultbackend_image_ppc64le: "ppc64le/defaultbackend:1.2"
  # elasticsearch_image_ppc64le: "ppc64le/elasticsearch:2.4.1"
  # etcd_image_ppc64le: "ppc64le/etcd:v3.1.5"
  # filebeat_image_ppc64le: "ppc64le/filebeat:5.1.1"
  # heapster_image_ppc64le: "ppc64le/heapster:v1.3.0"
  # helm_image_ppc64le: "ppc64le/helm:v2.4.1"
  # image_manager_image_ppc64le: "ppc64le/cfc-image-manager:1.2.0"
  # image_registry_image_ppc64le: "ppc64le/registry:2"
  # indices_cleaner_image_ppc64le: "ppc64le/indices-cleaner:0.2"
  # k8s_image_ppc64le: "ppc64le/kubernetes:v1.6.1"
  # k8s_pause_image_ppc64le: "ppc64le/pause:3.0"
  # kubedns_dnsmasq_image_ppc64le: "ppc64le/k8s-dns-dnsmasq-nanny:1.14.1"
  # kubedns_image_ppc64le: "ppc64le/k8s-dns-kube-dns:1.14.1"
  # kubedns_sidecar_image_ppc64le: "ppc64le/k8s-dns-sidecar:1.14.1"
  # logstash_image_ppc64le: "ppc64le/logstash:2.4.0"
  # mariadb_image_ppc64le: "ppc64le/cfc-mariadb:10.1.16"
  # nginx_ingress_controller_image_ppc64le: "ppc64le/nginx-ingress-controller:0.8.3"
  # rescheduler_image_ppc64le: "ppc64le/rescheduler:v0.5.1"
  # router_image_ppc64le: "ppc64le/cfc-router:1.2.0"
  # tiller_image_ppc64le: "ppc64le/tiller:v2.4.1"
  # unified_router_image_ppc64le: "ppc64le/unified-router:1.2.0"
  | END

 host { $facts[hostname]:
  ip => $facts[ipaddress],
 }

 class { ntp: }

 Sysctl {
  ensure => present,
 }
 sysctl { 'vm.max_map_count':
  value  => '262144',
 }

 service { 'firewalld':
  ensure => stopped,
  enable => false,
 }

 package { 'openssh-client':
  ensure => installed,
 }

 Sshd_config {
  ensure => present,
  notify => Service['sshd'],
 }
 service { 'sshd':
  ensure => running,
 }
 sshd_config { 'PasswordAuthentication':
  value  => 'yes',
 }
 sshd_config { 'ChallengeResponseAuthentication':
  value  => 'no',
 }
 sshd_config { 'PermitRootLogin':
  value  => 'yes',
 }

 file { $install_dir:
  ensure => directory,
 }

 # docker service ensured running by docker class
 class { 'docker': }
 class { 'python': }

 user { 'root':
  password => $shared_root_pw_hash,
 }

 docker::image { 'ibmcom/cfc-installer:1.2.0': }
 ->
 exec { 'extract config files':
  command => "/usr/bin/docker run -e LICENSE=accept \
             -v ${install_dir}:/data ibmcom/cfc-installer:1.2.0 cp -r cluster /data",
  creates => "${install_dir}/cluster/config.yaml",
 }
 ->
 file { "${install_dir}/cluster/hosts":
  ensure => file,
  content => @("END")
    [master]
    ${public_ip}

    [worker]
    ${public_ip}

    [proxy]
    ${public_ip}
    | END
 }
 ->
 file { "${install_dir}/cluster/config.yaml":
  ensure  => file,
  content => $config_yaml,
 }
 ->
 # set up for password-based ssh auth
 file { "${install_dir}/cluster/ssh_key":
  ensure => absent,
 }
 ->
 exec { 'run installer':
  command => "/usr/bin/docker run -e LICENSE=accept --net=host \
              -t -v ${install_dir}:/${install_dir}/cluster \
              ibmcom/cfc-installer:1.2.0 install",
  cwd     => "${install_dir}/cluster",
 }
	$install_dir = '/opt/cloud-private-ce'
	$public_ip = $facts[ipaddress]
	$shared_root_password = 'puppetlabs'
	$shared_root_pw_hash = '$6$bdVLCr58$TtGGFM8FH9jhSL6ZB9gXHncCm30gMKcHER.ByqL6zAMjarUVtSZ.SqKfhw7ip5NKR0iRVC8/Gx5KrMfrb1GSP0'

	$config_yaml = @("END")
	---
	ansible_user: root
	ansible_ssh_pass: $shared_root_password
	ansible_ssh_common_args: "-oPubkeyAuthentication=no"

	# Network in IPv4 CIDR format
	network_cidr: 10.1.0.0/16

	# Kubernetes service IP range
	service_cluster_ip_range: 10.0.0.1/24

	# Flag to enable ldap with true, disabled by default.
	ldap_enabled: false

	# Kubernetes service domain
	cluster_domain: cluster.local

	# This flag is to enable the pre-check in appcenter. If enabled, it will
	# check whether the related image registry can be accessed before install
	# release. If user does not have registry access and intends to install charts
	# using pre-load image on worker, this flag must be set false.
	appcenter_precheck_enabled: false

	# Docker images for amd64 architecture
	# auth_image: "ibmcom/cfc-auth:1.2.0"
	# calico_cni_image: "ibmcom/calico-cni:v1.8.3"
	# calico_ctl_image: "ibmcom/calico-ctl:v1.2.1"
	# calico_image: "ibmcom/calico-node:v1.2.1"
	# calico_policy_controller_image: "ibmcom/calico-policy-controller:v0.6.0"
	# defaultbackend_image: "ibmcom/defaultbackend:1.2"
	# elasticsearch_image: "ibmcom/elasticsearch:2.4.1"
	# etcd_image: "ibmcom/etcd:v3.1.5"
	# filebeat_image: "ibmcom/filebeat:5.1.1"
	# heapster_image: "ibmcom/heapster:v1.3.0"
	# helm_image: "ibmcom/helm:v2.4.1"
	# image_manager_image: "ibmcom/cfc-image-manager:1.2.0"
	# image_registry_image: "ibmcom/registry:2"
	# indices_cleaner_image: "ibmcom/indices-cleaner:0.2"
	# k8s_image: "ibmcom/kubernetes:v1.6.1"
	# k8s_pause_image: "ibmcom/pause:3.0"
	# kubedns_dnsmasq_image: "ibmcom/k8s-dns-dnsmasq-nanny:1.14.1"
	# kubedns_image: "ibmcom/k8s-dns-kube-dns:1.14.1"
	# kubedns_sidecar_image: "ibmcom/k8s-dns-sidecar:1.14.1"
	# logstash_image: "ibmcom/logstash:2.4.0"
	# mariadb_image: "ibmcom/mariadb:10.1.16"
	# nginx_ingress_controller_image: "ibmcom/nginx-ingress-controller:0.8.3"
	# rescheduler_image: "ibmcom/rescheduler:v0.5.1"
	# router_image: "ibmcom/cfc-router:1.2.0"
	# tiller_image: "ibmcom/tiller:v2.4.1"
	# unified_router_image: "ibmcom/unified-router:1.2.0"

	# Docker images for ppc64le architecture
	# auth_image_ppc64le: "ppc64le/cfc-auth:1.2.0"
	# calico_cni_image_ppc64le: "ppc64le/calico-cni:v1.8.3"
	# calico_ctl_image_ppc64le: "ppc64le/calico-ctl:v1.2.1"
	# calico_image_ppc64le: "ppc64le/calico-node:v1.2.1"
	# calico_policy_controller_image_ppc64le: "ppc64le/calico-policy-controller:v0.6.0"
	# defaultbackend_image_ppc64le: "ppc64le/defaultbackend:1.2"
	# elasticsearch_image_ppc64le: "ppc64le/elasticsearch:2.4.1"
	# etcd_image_ppc64le: "ppc64le/etcd:v3.1.5"
	# filebeat_image_ppc64le: "ppc64le/filebeat:5.1.1"
	# heapster_image_ppc64le: "ppc64le/heapster:v1.3.0"
	# helm_image_ppc64le: "ppc64le/helm:v2.4.1"
	# image_manager_image_ppc64le: "ppc64le/cfc-image-manager:1.2.0"
	# image_registry_image_ppc64le: "ppc64le/registry:2"
	# indices_cleaner_image_ppc64le: "ppc64le/indices-cleaner:0.2"
	# k8s_image_ppc64le: "ppc64le/kubernetes:v1.6.1"
	# k8s_pause_image_ppc64le: "ppc64le/pause:3.0"
	# kubedns_dnsmasq_image_ppc64le: "ppc64le/k8s-dns-dnsmasq-nanny:1.14.1"
	# kubedns_image_ppc64le: "ppc64le/k8s-dns-kube-dns:1.14.1"
	# kubedns_sidecar_image_ppc64le: "ppc64le/k8s-dns-sidecar:1.14.1"
	# logstash_image_ppc64le: "ppc64le/logstash:2.4.0"
	# mariadb_image_ppc64le: "ppc64le/cfc-mariadb:10.1.16"
	# nginx_ingress_controller_image_ppc64le: "ppc64le/nginx-ingress-controller:0.8.3"
	# rescheduler_image_ppc64le: "ppc64le/rescheduler:v0.5.1"
	# router_image_ppc64le: "ppc64le/cfc-router:1.2.0"
	# tiller_image_ppc64le: "ppc64le/tiller:v2.4.1"
	# unified_router_image_ppc64le: "ppc64le/unified-router:1.2.0"
	\| END

	host { $facts[hostname]:
	ip => $facts[ipaddress],
	}

	class { ntp: }

	Sysctl {
	ensure => present,
	}
	sysctl { 'vm.max_map_count':
	value => '262144',
	}

	service { 'firewalld':
	ensure => stopped,
	enable => false,
	}

	package { 'openssh-client':
	ensure => installed,
	}

	Sshd_config {
	ensure => present,
	notify => Service['sshd'],
	}
	service { 'sshd':
	ensure => running,
	}
	sshd_config { 'PasswordAuthentication':
	value => 'yes',
	}
	sshd_config { 'ChallengeResponseAuthentication':
	value => 'no',
	}
	sshd_config { 'PermitRootLogin':
	value => 'yes',
	}

	file { $install_dir:
	ensure => directory,
	}

	# docker service ensured running by docker class
	class { 'docker': }
	class { 'python': }

	user { 'root':
	password => $shared_root_pw_hash,
	}

	docker::image { 'ibmcom/cfc-installer:1.2.0': }
	->
	exec { 'extract config files':
	command => "/usr/bin/docker run -e LICENSE=accept \
	-v ${install_dir}:/data ibmcom/cfc-installer:1.2.0 cp -r cluster /data",
	creates => "${install_dir}/cluster/config.yaml",
	}
	->
	file { "${install_dir}/cluster/hosts":
	ensure => file,
	content => @("END")
	[master]
	${public_ip}

	[worker]
	${public_ip}

	[proxy]
	${public_ip}
	\| END
	}
	->
	file { "${install_dir}/cluster/config.yaml":
	ensure => file,
	content => $config_yaml,
	}
	->
	# set up for password-based ssh auth
	file { "${install_dir}/cluster/ssh_key":
	ensure => absent,
	}
	->
	exec { 'run installer':
	command => "/usr/bin/docker run -e LICENSE=accept --net=host \
	-t -v ${install_dir}:/${install_dir}/cluster \
	ibmcom/cfc-installer:1.2.0 install",
	cwd => "${install_dir}/cluster",
	}
No results found