Skip to content

Instantly share code, notes, and snippets.

@netmarkjp

netmarkjp/install_openshift.sh

Last active December 16, 2015 11:49
Show Gist options
  • Save netmarkjp/5429850 to your computer and use it in GitHub Desktop.
Save netmarkjp/5429850 to your computer and use it in GitHub Desktop.
Download ZIP
install openshift to Fedora18
Raw
install_openshift.sh
#!/bin/bash
MYHOSTNAME=$(uname -n)
if [ "${MYDOMAIN}x" == "x" ];then
echo 'MUST DO: export MYDOMAIN="example.com"'
exit 1
fi
if [ `grep -c -w "${MYHOSTNAME:?}" /etc/hosts` -eq 0 ];then
    echo "127.0.0.1 ${MYHOSTNAME:?} ${MYHOSTNAME:?}.${MYDOMAIN:?}" >> /etc/hosts
fi
yum -y install openshift-origin-broker openshift-origin-cartridge-diy
setenforce 0
sed -i -e 's|SELINUX=enforcing|SELINUX=permissive|' /etc/selinux/config
yum -y install rubygem-openshift-origin-auth-mongo mongodb-server
cp -a /etc/mongodb.conf{,.orig}
cat <<FIN >>/etc/mongodb.conf
auth = true
smallfiles = true
FIN
systemctl start mongod
systemctl enable mongod
mongo stickshift_broker_dev --eval 'db.addUser("stickshift", "mooo")'
mongo stickshift_broker_dev --eval 'db.auth_user.update({"_id":"admin"}, {"_id":"admin","user":"admin","password":"2a8462d93a13e51387a5e607cbd1139f"}, true)'
firewall-cmd --add-service=ssh
firewall-cmd --add-service=https
firewall-cmd --add-service=http
sed -i "s/^#ServerName .*/ServerName ${MYHOSTNAME:?}/" /etc/httpd/conf/httpd.conf
chkconfig network on
systemctl enable httpd
systemctl enable openshift-broker
systemctl enable sshd
yum -y install rubygem-openshift-origin-msg-broker-mcollective mcollective-qpid-plugin qpid-cpp-server
systemctl enable qpidd
systemctl start qpidd
systemctl enable mcollective
firewall-cmd --add-port=5672/tcp
yum -y install openshift-origin-msg-node-mcollective
cp -a /etc/mcollective/client.cfg{,.orig}
cat <<FIN > /etc/mcollective/client.cfg
topicprefix = /topic/
main_collective = mcollective
collectives = mcollective
libdir = /usr/libexec/mcollective
loglevel = debug
logfile = /var/log/mcollective-client.log
# Plugins
securityprovider = psk
plugin.psk = unset
connector = qpid
plugin.qpid.host=broker.${MYDOMAIN:?}
plugin.qpid.secure=false
plugin.qpid.timeout=5
# Facts
factsource = yaml
plugin.yaml = /etc/mcollective/facts.yaml
FIN
cp -a /etc/mcollective/server.cfg{,.orig}
cat <<FIN >/etc/mcollective/server.cfg
topicprefix = /topic/
main_collective = mcollective
collectives = mcollective
libdir = /usr/libexec/mcollective
logfile = /var/log/mcollective.log
loglevel = debug
daemonize = 1
direct_addressing = n
# Plugins
securityprovider = psk
plugin.psk = unset
connector = qpid
plugin.qpid.host=broker.${MYDOMAIN:?}
plugin.qpid.secure=false
plugin.qpid.timeout=5
# Facts
factsource = yaml
plugin.yaml = /etc/mcollective/facts.yaml
FIN
yum -y install rubygem-openshift-origin-dns-bind
export keyfile=/var/named/${MYDOMAIN:?}.key
rm -vf /var/named/K${MYDOMAIN:?}*
cd /var/named
dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom ${MYDOMAIN:?}
KEY="$(grep Key: K${MYDOMAIN:?}*.private | cut -d ' ' -f 2)"
rndc-confgen -a -r /dev/urandom
restorecon -v /etc/rndc.* /etc/named.*
chown -v root:named /etc/rndc.key
chmod -v 640 /etc/rndc.key
echo "forwarders { 8.8.8.8; 8.8.4.4; } ;" > /var/named/forwarders.conf
chmod -v 755 /var/named/forwarders.conf
sed "s/example.com/${MYDOMAIN:?}/g" < /usr/share/gems/gems/openshift-origin-dns-bind-*/doc/examples/example.com.db > /var/named/dynamic/${MYDOMAIN:?}.db
cat > /var/named/${MYDOMAIN:?}.key <<EOF
key ${MYDOMAIN:?} {
algorithm HMAC-MD5;
secret "${KEY}";
};
EOF
chown -Rv named:named /var/named
restorecon -rv /var/named
mv /etc/named.conf /etc/named.conf.backup
sed "s/example.com/${MYDOMAIN:?}/g" < /usr/share/doc/rubygem-openshift-origin-dns-bind-*/examples/named.conf > /etc/named.conf
chown -v root:named /etc/named.conf
restorecon -v /etc/named.conf
/bin/systemctl start named
/bin/systemctl enable named
cat <<FIN | nsupdate -k ${keyfile:?}
server 127.0.0.1
update delete broker.${MYDOMAIN:?} A
update add broker.${MYDOMAIN:?} 180 A 127.0.0.1
send
FIN
echo 'nameserver 127.0.0.1' >/etc/resolv.conf
echo 'DNS1=127.0.0.1' >> /etc/sysconfig/network-scripts/ifcfg-eth0
firewall-cmd --add-service=dns
cat <<FIN >>/var/www/openshift/broker/Gemfile
gem 'openshift-origin-msg-broker-mcollective'
gem 'openshift-origin-dns-bind'
gem 'openshift-origin-auth-mongo'
FIN
cd /var/www/openshift/broker/
yum -y install ruby-devel gcc
bundle
cat <<FIN >>/var/www/openshift/broker/config/environments/development.rb
require File.expand_path('../plugin-config/openshift-origin-msg-broker-mcollective.rb', __FILE__)
require File.expand_path('../plugin-config/openshift-origin-dns-bind.rb', __FILE__)
require File.expand_path('../plugin-config/openshift-origin-auth-mongo.rb', __FILE__)
FIN
mkdir -p /var/www/openshift/broker/config/environments/plugin-config
cat <<FIN > /var/www/openshift/broker/config/environments/plugin-config/uplift-bind-plugin.rb
Broker::Application.configure do
config.dns = {
:server => "127.0.0.1",
:port => 53,
:keyname => "${MYDOMAIN:?}",
:keyvalue => "${KEY}",
:zone => "${MYDOMAIN:?}"
}
end
FIN
chown -v apache:apache /var/www/openshift/broker/config/environments/plugin-config/uplift-bind-plugin.rb
restorecon -v /var/www/openshift/broker/config/environments/plugin-config/uplift-bind-plugin.rb
perl -p -i -e "s/.*:domain_suffix.*/ :domain_suffix => \"${MYDOMAIN:?}\",/" /var/www/openshift/broker/config/environments/*.rb
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment