Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / mcp / mcp-common-scripts / d453a71eeac8474458c6e0f09d31d31901c60ff4 / . / config-drive / master_config.sh
blob: e472cc026bb9fa97fa301fc2b83384b470ce4e16 [file] [log] [blame]
Richard Felkl4c4829d2017-11-11 00:12:20 +0100[diff] [blame]1#!/bin/bash -xe
alexzd90608b2018-04-12 23:49:03 +0200[diff] [blame]2
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]3#==============================================================================
4# Required packages:
5# apt-get install -y jq
6#==============================================================================
Petr Ruzicka6f9aea02018-06-19 16:46:01 +0200[diff] [blame]7export SALT_MASTER_DEPLOY_IP=${SALT_MASTER_DEPLOY_IP:-"172.16.164.15"}
8export SALT_MASTER_MINION_ID=${SALT_MASTER_MINION_ID:-"cfg01.deploy-name.local"}
9export DEPLOY_NETWORK_GW=${DEPLOY_NETWORK_GW:-"172.16.164.1"}
10export DEPLOY_NETWORK_NETMASK=${DEPLOY_NETWORK_NETMASK:-"255.255.255.192"}
Petr Ruzickaa5407452018-07-03 12:30:16 +0200[diff] [blame]11export DEPLOY_NETWORK_MTU=${DEPLOY_NETWORK_MTU:-"1500"}
Petr Ruzicka6f9aea02018-06-19 16:46:01 +0200[diff] [blame]12export DNS_SERVERS=${DNS_SERVERS:-"8.8.8.8"}
13export http_proxy=${http_proxy:-""}
14export https_proxy=${https_proxy:-""}
15export PIPELINES_FROM_ISO=${PIPELINES_FROM_ISO:-"true"}
16export PIPELINE_REPO_URL=${PIPELINE_REPO_URL:-"https://github.com/Mirantis"}
17export MCP_VERSION=${MCP_VERSION:-"stable"}
18export MCP_SALT_REPO_KEY=${MCP_SALT_REPO_KEY:-"http://apt.mirantis.com/public.gpg"}
19export MCP_SALT_REPO_URL=${MCP_SALT_REPO_URL:-"http://apt.mirantis.com/xenial"}
Richard Felkl98b45342018-04-06 13:30:28 +0200[diff] [blame]20export MCP_SALT_REPO="deb [arch=amd64] $MCP_SALT_REPO_URL $MCP_VERSION salt"
21export FORMULAS="salt-formula-*"
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]22# for cloning from aptly image use port 8088
Jiri Broulikcee20532018-01-08 13:30:15 +0100[diff] [blame]23#export PIPELINE_REPO_URL=http://172.16.47.182:8088
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]24#
25SALT_OPTS="-l debug -t 10 --retcode-passthrough --no-color"
Richard Felkl4c4829d2017-11-11 00:12:20 +0100[diff] [blame]26
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]27# Funcs =======================================================================
alexzd90608b2018-04-12 23:49:03 +0200[diff] [blame]28function _post_maas_cfg(){
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]29 chmod 0755 /var/lib/maas/.maas_login.sh
30 source /var/lib/maas/.maas_login.sh
31 # disable backports for maas enlist pkg repo. Those operation enforce maas
32 # to re-create sources.list and drop [source] fetch-definition from it.
33 main_arch_id=$(maas ${PROFILE} package-repositories read | jq -r '.[] | select(.name=="main_archive") | .id')
34 maas ${PROFILE} package-repository update ${main_arch_id} "disabled_pockets=backports" || true
35 maas ${PROFILE} package-repository update ${main_arch_id} "disabled_components=multiverse" || true
36 maas ${PROFILE} package-repository update ${main_arch_id} "arches=amd64" || true
37 # Remove stale notifications, which appear during sources configuration.
38 for i in $(maas ${PROFILE} notifications read | jq '.[]| .id'); do
39 maas ${PROFILE} notification delete ${i} || true
Pavel Cizinsky5f8fb092018-05-30 17:27:19 +0200[diff] [blame]40 done
alexzd90608b2018-04-12 23:49:03 +0200[diff] [blame]41}
42
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]43function process_formulas(){
44 local RECLASS_ROOT=${RECLASS_ROOT:-/srv/salt/reclass/}
45 local FORMULAS_PATH=${FORMULAS_PATH:-/usr/share/salt-formulas}
46
47 echo "Configuring formulas ..."
48 curl -s $MCP_SALT_REPO_KEY | apt-key add -
49 echo $MCP_SALT_REPO > /etc/apt/sources.list.d/mcp_salt.list
50 apt-get update
51 apt-get install -y $FORMULAS
52
53 [ ! -d ${RECLASS_ROOT}/classes/service ] && mkdir -p ${RECLASS_ROOT}/classes/service
54 for formula_service in $(ls /usr/share/salt-formulas/reclass/service/); do
55 #Since some salt formula names contain "-" and in symlinks they should contain "_" adding replacement
56 formula_service=${formula_service//-/$'_'}
Dennis Dmitrieve00716b2018-07-05 14:50:45 +0300[diff] [blame]57 if [ ! -L "${RECLASS_ROOT}/classes/service/${formula_service}" ]; then
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]58 ln -sf ${FORMULAS_PATH}/reclass/service/${formula_service} ${RECLASS_ROOT}/classes/service/${formula_service}
Dennis Dmitrieve00716b2018-07-05 14:50:45 +0300[diff] [blame]59 fi
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]60 done
61}
62
63function enable_services(){
64 local services="postgresql.service salt-api salt-master salt-minion jenkins"
65 for s in ${services} ; do
66 systemctl enable ${s} || true
67 systemctl restart ${s} || true
68 done
69}
70
71function process_network(){
72 echo "Configuring network interfaces"
73 find /etc/network/interfaces.d/ -type f -delete
74 kill $(pidof /sbin/dhclient) || /bin/true
75 envsubst < /root/interfaces > /etc/network/interfaces
76 ip a flush dev ens3
77 rm -f /var/run/network/ifstate.ens3
78 if [[ $(grep -E '^\ *gateway\ ' /etc/network/interfaces) ]]; then
79 (ip r s | grep ^default) && ip r d default || /bin/true
80 fi;
81 ifup ens3
82}
83
azvyagintsev42a47622018-07-06 13:12:08 +0300[diff] [blame]84function process_maas(){
85 _region=$(salt-call --out=text pillar.get maas:region:enabled | awk '{print $2}' | tr "[:upper:]" "[:lower:]" )
86 if [[ "${maas_cluster_enabled}" == 'true' ]]; then
87 salt-call ${SALT_OPTS} state.sls maas.cluster
88 else
89 echo 'WARNING: maas.cluster skipped!'
90 fi
91 if [[ "$_region" == 'true' ]]; then
azvyagintsevd453a712018-08-03 10:50:59 +0200[diff] [blame^]92 # FIXME MAAS still can fail in rare race condition.
93 salt-call ${SALT_OPTS} state.sls maas.region || salt-call ${SALT_OPTS} state.sls maas.region
azvyagintsev42a47622018-07-06 13:12:08 +0300[diff] [blame]94 else
95 echo 'WARNING: maas.region skipped!'
96 fi
97 # Don't move it under first cluster-only check!
98 if [[ "${maas_cluster_enabled}" == 'true' ]]; then
99 _post_maas_cfg
100 fi
101}
102
103function process_jenkins(){
104 _jjobs=$(salt-call --out=text pillar.get jenkins:client:job | awk '{print $2}')
105 if [[ "${_jjobs}" != '' ]]; then
106 salt-call ${SALT_OPTS} state.sls jenkins.client
107 fi
108}
109
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]110# Body ========================================================================
111process_network
Richard Felkl4c4829d2017-11-11 00:12:20 +0100[diff] [blame]112
113echo "Preparing metadata model"
114mount /dev/cdrom /mnt/
Leontii Istomin68553f12018-02-21 18:10:12 +0100[diff] [blame]115cp -rT /mnt/model/model /srv/salt/reclass
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]116chown -R root:root /srv/salt/reclass/* || true
alexzd90608b2018-04-12 23:49:03 +0200[diff] [blame]117chown -R root:root /srv/salt/reclass/.git* || true
118chmod -R 644 /srv/salt/reclass/classes/cluster/* || true
119chmod -R 644 /srv/salt/reclass/classes/system/* || true
Richard Felkl4c4829d2017-11-11 00:12:20 +0100[diff] [blame]120
Richard Felkl4c4829d2017-11-11 00:12:20 +0100[diff] [blame]121echo "Configuring salt"
Richard Felkl4c4829d2017-11-11 00:12:20 +0100[diff] [blame]122envsubst < /root/minion.conf > /etc/salt/minion.d/minion.conf
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]123enable_services
Dennis Dmitrieve00716b2018-07-05 14:50:45 +0300[diff] [blame]124
125# Wait for salt-master and salt-minion to wake up after restart
126salt-call --timeout=120 test.ping
127
Richard Felkl4c4829d2017-11-11 00:12:20 +0100[diff] [blame]128while true; do
129 salt-key | grep "$SALT_MASTER_MINION_ID" && break
130 sleep 5
131done
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]132
Vasyl Saienkob873ca42018-07-19 19:23:10 +0000[diff] [blame]133sleep 5
134for i in $(salt-key -l accepted | grep -v Accepted | grep -v "$SALT_MASTER_MINION_ID"); do
135 salt-key -d $i -y
136done
137
Richard Felkl4c4829d2017-11-11 00:12:20 +0100[diff] [blame]138find /var/lib/jenkins/jenkins.model.JenkinsLocationConfiguration.xml -type f -print0 | xargs -0 sed -i -e 's/10.167.4.15/'$SALT_MASTER_DEPLOY_IP'/g'
139
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]140echo "updating local git repos"
alexzd90608b2018-04-12 23:49:03 +0200[diff] [blame]141if [[ "$PIPELINES_FROM_ISO" == "true" ]] ; then
Jiri Broulikcee20532018-01-08 13:30:15 +0100[diff] [blame]142 cp -r /mnt/mk-pipelines/* /home/repo/mk/mk-pipelines/
143 cp -r /mnt/pipeline-library/* /home/repo/mcp-ci/pipeline-library/
alexzd90608b2018-04-12 23:49:03 +0200[diff] [blame]144 umount /dev/cdrom || true
Jiri Broulikcee20532018-01-08 13:30:15 +0100[diff] [blame]145 chown -R git:www-data /home/repo/mk/mk-pipelines/*
146 chown -R git:www-data /home/repo/mcp-ci/pipeline-library/*
147else
alexzd90608b2018-04-12 23:49:03 +0200[diff] [blame]148 umount /dev/cdrom || true
149 git clone --mirror "${PIPELINE_REPO_URL}/mk-pipelines.git" /home/repo/mk/mk-pipelines/
150 git clone --mirror "${PIPELINE_REPO_URL}/pipeline-library.git" /home/repo/mcp-ci/pipeline-library/
Jiri Broulikcee20532018-01-08 13:30:15 +0100[diff] [blame]151 chown -R git:www-data /home/repo/mk/mk-pipelines/*
152 chown -R git:www-data /home/repo/mcp-ci/pipeline-library/*
153fi
154
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]155process_formulas
Richard Felkl98b45342018-04-06 13:30:28 +0200[diff] [blame]156
Richard Felkl4c4829d2017-11-11 00:12:20 +0100[diff] [blame]157salt-call saltutil.refresh_pillar
158salt-call saltutil.sync_all
alexzd90608b2018-04-12 23:49:03 +0200[diff] [blame]159if ! $(reclass -n ${SALT_MASTER_MINION_ID} > /dev/null ) ; then
160 echo "ERROR: Reclass render failed!"
161 exit 1
Jiri Broulik0173a272018-04-11 10:56:35 +0200[diff] [blame]162fi
163
Dennis Dmitrievb5c17a02018-07-06 13:07:49 +0300[diff] [blame]164salt-call ${SALT_OPTS} state.sls linux.network,linux,openssh
Dennis Dmitrieve00716b2018-07-05 14:50:45 +0300[diff] [blame]165# PROD-21179: Run salt.minion.ca to prepare CA certificate before salt.minion.cert is used
166salt-call ${SALT_OPTS} state.sls salt.minion.ca
Dennis Dmitrievb5c17a02018-07-06 13:07:49 +0300[diff] [blame]167salt-call ${SALT_OPTS} state.sls salt
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]168salt-call ${SALT_OPTS} pkg.install salt-master,salt-minion
Dennis Dmitrieve00716b2018-07-05 14:50:45 +0300[diff] [blame]169
Jiri Broulik6b7ca672018-04-19 13:16:32 +0200[diff] [blame]170sleep 5
Dennis Dmitrieve00716b2018-07-05 14:50:45 +0300[diff] [blame]171# Wait for salt-master and salt-minion to wake up after restart
172salt-call --timeout=120 test.ping
173
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]174salt-call ${SALT_OPTS} state.sls salt
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]175salt-call ${SALT_OPTS} state.sls reclass
Jiri Broulik1261ca32018-01-18 15:30:25 +0100[diff] [blame]176
azvyagintsev42a47622018-07-06 13:12:08 +0300[diff] [blame]177maas_cluster_enabled=$(salt-call --out=text pillar.get maas:cluster:enabled | awk '{print $2}' | tr "[:upper:]" "[:lower:]" )
178process_maas
alexzd90608b2018-04-12 23:49:03 +0200[diff] [blame]179
180ssh-keyscan cfg01 > /var/lib/jenkins/.ssh/known_hosts || true
181
azvyagintsev42a47622018-07-06 13:12:08 +0300[diff] [blame]182process_jenkins
Richard Felkl4c4829d2017-11-11 00:12:20 +0100[diff] [blame]183
azvyagintsevb2a55792018-06-05 17:38:17 +0300[diff] [blame]184stop_services="salt-api salt-master salt-minion jenkins maas-rackd.service maas-regiond.service postgresql.service"
185for s in ${stop_services} ; do
186 systemctl stop ${s} || true
187 sleep 1
188done
189sync
Dmitry Stremkouskia94b5f32017-12-02 00:41:54 +0300[diff] [blame]190reboot