Init BM MCC+MOSK commit
Just put templates to the repo
MOSSUST-114
Change-Id: I2239dd7067d823d3ab15d1d46dc57fc2c7b9444b
diff --git a/bm_mcc_mosk/mcc_seed_2401_userdata.yaml b/bm_mcc_mosk/mcc_seed_2401_userdata.yaml
new file mode 100644
index 0000000..06eb55f
--- /dev/null
+++ b/bm_mcc_mosk/mcc_seed_2401_userdata.yaml
@@ -0,0 +1,221 @@
+#cloud-config
+output : { all : '| tee -a /var/log/cloud-init-output.log' }
+
+ssh_pwauth: True
+
+disable_root: false
+chpasswd:
+ list: |
+ ubuntu:qalab
+ root:r00tme
+ expire: False
+
+ntp:
+ enabled: true
+ servers:
+ - 0.pool.ntp.org
+ - 1.pool.ntp.org
+ - 2.pool.ntp.org
+ - 3.pool.ntp.org
+
+# this would disable apt:submodule to refresh already overwritten (below) sources.list.
+apt:
+ preserve_sources_list: true
+package_update: false
+package_upgrade: false
+package_reboot_if_required: false
+
+instance_boot:
+ - &instance_boot |
+ service="apt-daily-upgrade.service apt-daily.service apt-daily-upgrade.timer apt-daily.timer
+ kerneloops snapd snapd.socket cups-browsed.service cups apport.service apport-forward.socket motd-news.service motd-news.timer unattended-upgrades.service
+ ua-messaging.timer ua-messaging.service ua-timer.timer"
+ for r in ${service} ; do
+ systemctl disable ${r} || true
+ systemctl mask ${r} || true
+ systemctl stop ${r} || true
+ done
+
+ export DEBIAN_FRONTEND=noninteractive
+ export DEBCONF_NONINTERACTIVE_SEEN=true
+ APT_OPTS="-o APT::Install-Suggests=0 -o APT::Install-Recommends=0 -o Dpkg::Options::=--force-confold -o Dpkg::Options::=--force-confdef"
+ apt-get ${APT_OPTS} -y remove --purge unattended-upgrades || true
+
+ function wait_condition_send() {
+ local status=${1:-SUCCESS}
+ local reason=${2:-empty}
+ local data_binary="{\"status\": \"$status\", \"reason\": \"$reason\"}"
+ echo "Sending signal to wait condition: $data_binary"
+ $wait_condition_notify -k --data-binary "$data_binary"
+ if [ "$status" == "FAILURE" ]; then
+ exit 1
+ fi
+ }
+
+ # Re-pin repo, just to cleanup src\and etc metadata download
+ source /etc/lsb-release
+ cat << EOF > /etc/apt/sources.list
+ deb [arch=amd64] https://mirror.mirantis.com/nightly/ubuntu/ ${DISTRIB_CODENAME} main restricted universe
+ deb [arch=amd64] https://mirror.mirantis.com/nightly/ubuntu/ ${DISTRIB_CODENAME}-updates main restricted universe
+ EOF
+
+ # Remove 50command-not-found and update cache
+ rm -f /etc/apt/apt.conf.d/50command-not-found
+ apt-get update
+
+ if [[ -n "$hack_tuning_enabled" ]]; then
+ echo "Add dirty hacks in system"
+ sysctl -w vm.dirty_ratio=40
+ sysctl -w vm.dirty_background_ratio=20
+ echo 0 > /sys/block/vda/queue/rotational || true
+ echo 32768 > /sys/block/vda/queue/read_ahead_kb || true
+ GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0 noibrs noibpb nopti nospectre_v2 nospectre_v1 l1tf=off nospec_store_bypass_disable no_stf_barrier mds=off tsx=on tsx_async_abort=off mitigations=off"
+ if ! [[ $(cat /proc/cmdline) =~ $GRUB_CMDLINE_LINUX_DEFAULT ]]; then
+ echo "Update mount options for / partition"
+ sed -i '/rootfs/s/defaults\t/rw,noatime,nodiratime,lazytime,nobarrier,commit=240,data=ordered\t/' /etc/fstab
+ echo "Update kernel cmdline in grub and reboot"
+ echo "GRUB_CMDLINE_LINUX_DEFAULT=\"${GRUB_CMDLINE_LINUX_DEFAULT}\"" > /etc/default/grub.d/60-make-linux-fast-again.cfg
+ update-grub2
+ cloud-init clean --reboot # clean cloud-init cache and reboot so it emulates first boot
+ fi
+ fi
+
+ netplan --debug apply
+ # NOTE(vsaienko): the netplan apply is asyncronous, there is no guarantee
+ # that changes are applied when command exited. Pause some time to make
+ # sure we call next check when network is reconfigured.
+ sleep 15
+
+ echo "Checking connectivity to mirror.mirantis.com"
+ wait_time=0
+ until $( timeout 30s curl -s mirror.mirantis.com >> /dev/null ); do
+ if [[ $wait_time -gt 5 ]]; then
+ echo "FAILURE: unable to access mirror.mirantis.com (network check)"
+ wait_condition_send "FAILURE" "mirror.mirantis.com is unreachable"
+ exit 1
+ fi
+ sleep $(( 3 * wait_time++ ))
+ done
+
+ echo "Configuring regional user for clean-seed scenarios"
+ sudo groupadd docker
+ sudo groupadd regional
+ sudo useradd -g regional -G users,admin,docker -s /bin/bash -m regional
+ echo -e "\nregional ALL=(ALL) NOPASSWD: ALL\n" | sudo tee -a /etc/sudoers
+ sudo mkdir -p /home/regional/.ssh
+ sudo cp /home/ubuntu/.ssh/authorized_keys /home/regional/.ssh/authorized_keys
+ sudo chmod 600 /home/regional/.ssh/authorized_keys
+ sudo chown -R regional:regional /home/regional
+ apt-get ${APT_OPTS} -y install bridge-utils docker.io ipmitool wget golang-cfssl jq
+ usermod -aG docker ubuntu
+ cd /root/
+ wget https://binary.mirantis.com/releases/get_container_cloud.sh
+ chmod 0755 get_container_cloud.sh
+ ./get_container_cloud.sh
+ cp /root/mirantis.lic kaas-bootstrap/
+
+ echo "Sending wait_condition signal"
+ wait_condition_send "SUCCESS" "Instance is UP and running"
+
+runcmd:
+ - [bash, -cex, *instance_boot]
+
+write_files:
+ - path: /root/.ssh/authorized_keys
+ content: |
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDeGiSOs0zAwcxuc9y6BzidYFXQXLOLcBKSoW1tPYJ+bVGRwNRVh63/+/X+eOPbBp6xTNNHVyOpYHt1WUbIHsAqAx/XbzBp+j3/4+8+ucvWR3X9TTxK7Q+oB3SSy2iEeimiJmxfjiHu1hfcgN8L9YvXVquGC/EZbk/r27j7Gcxli7zesr9/kBBhigDSQeehJBJZ0ux3luVkjWSDYTeKqZhNNPFoD6eWmOfsAKNMhe/8IRD9e0zY4MsELi1tZl2zoQ69249e4M1aCuGxm+t+tHLzywX0tVZmM1yX7TDuszHbiii8HrjNwB1/K80HRwRrwVIne9P7wFSlC2exLkdfWd2D vkhlyunev
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDci6MBY68s3FJ9V1OP5vdtVo/daJnkNXCPSPYbCX8/d0E3UJKgE81YvsxfuKp3r1rUNwTuGnkq+VUWcbIgpQNy69OuKxQkoGsRgYTA8n4ZZcuWz+dVenP90xLYHcnyACg63HUVEp5foLvu1WzOdH2A4bHmsl0ePM5IdnFyToHj+Nhwz1NSvbK1OkQHoEcIbkbIkIa/kWY2mgEIIUgb9YmaCI96eiVtQpFPQ4k7hpdrUAkG4e0jT8JA3zQoB++S12p0d0K3SQtJ3+YATUm+rKnHchHZ/uEAgBgoOLiu99p7Aiie76jlGxZp8A/hPqU/zS61z7ER4lJeyR/pXh53Ja+1 maintenance-ci
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXWwy6p3t4AGvaCtFDJxqKZiPDotJnbu2IKg2p7sl7YXQw+APLKk9maHyUehQQuGzidgBZpmBOMAXENcO1FGFj56cnp4W9tldTiRq1bWcUMq42wfNwIToP6dAXj5ZyhL+UZj1GsCThSasDhFe4Xife0cn69KHJqtmahApQK6D7tpZr2UNDYNWh/2JIrUOcJXZU+BqNg7zm1KNb6e9lKXL6KLDeaCiQ0bj+L/unqepLdg26eO7AQSZ/rt2qAnbfcquozECtDhT4cbK8q9xJODlJQ3eQGOgTH3m8jGijL+3UdPFUzbo4KwSK4V9FmB711HVBCQM4nlH9zumIUSxutnkd rlubianyi@rlubianyi-pc
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDhZxqF+NSuP+Dr2nmGHf4NIpH2xWSmq+UE/HGP6j81rKSBZeRb2SuRXLtLVh3NZ+3GLa4UQGvedcnsqzgvSt05LYujloHnLxIsrsOWbLxOcdUYkorhXenGKBxKopwViRNV2PovMAnwyZ27GkXH8RQ52XISOdTIIV7r8M3kLpxCor2jHnOzJOcr7rhLeSFTK5zw6//T3S+IOQ5/HEs+8NK1sNw2lxBTuk+dAydiaCsQqm4GMl5vZSy0j7cnsy+lq69zN2/Bi4JzKLDKF2ap4zDh/ELhUBoQhh12T0djFV9Qv9fTWI4LUW8cVyqxbfreJrZqSAyMgSRrGSUBclFTmn5Z pavel@pavel-All-Series
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqfNIy3WuxzRzOY/GBNGOnP5UrCFWZ8uMzW6hEl4wgIEYYIcv8o+C1/hvrfHimG/I/rAwYRS6Dx0bZ7m49zATNxe+EVer3BV63ru34Hzel/XxxyD34ULmrDgvP3olaAKFI17gVOFQ7hCBzDRp3s4YN3ojQspPyeiO+Jt8OwVomxJWgLauAHhl7Z/XPVHpT/fssJGG/eC4oOz4RZ4jAk0BH3Yl8s63grfwrgB79H/+nr0UvBdTkBn3T5WiC4gxnm+jQQwci7/BLQsg1Z3OykfTuyftIexNyVVy/SmdsGi37RJGFKRMMovoZx+261JgaHWBoHqBJa5UpV2usi9z3Py2z avgoor@MacBook-Pro-Denis.local
+
+ - path: /etc/bash_completion.d/kaas
+ content: |
+ PATH=${PATH}:~/kaas-bootstrap/bin:/home/ubuntu/bootstrap/dev/bin
+ if [ -f ~/kubeconfig ]; then export KUBECONFIG=~/kubeconfig ; fi
+ if [ -f ~/bootstrap/dev/kubeconfig ]; then export KUBECONFIG=~/bootstrap/dev/kubeconfig; fi
+ echo "KUBECONFIG=${KUBECONFIG}"
+ echo "kubectl=$(which kubectl)"
+
+ - path: /etc/netplan/51-kaas-init.yaml
+ content: |
+ network:
+ version: 2
+ renderer: networkd
+ ethernets:
+ ens3:
+ nameservers:
+ addresses: $nameservers
+ dhcp4: false
+ dhcp6: false
+ bridges:
+ br0:
+ dhcp4: false
+ dhcp6: false
+ addresses:
+ - 172.16.180.2/23
+ mtu: 9100
+ nameservers:
+ addresses:
+ - 172.18.176.6
+ - 172.16.180.1
+ - 8.8.8.8
+ search: [ ]
+ interfaces:
+ - ens3
+ routes:
+ - to: 0.0.0.0/0
+ via: 172.16.180.1
+ parameters:
+ forward-delay: 4
+ stp: false
+ - path: /root/do_deploy.sh
+ content: |
+ set -e
+ source /root/env_vars.sh
+ while [ ! -d /root/templates ] ; do sleep 4 ; done
+ [[ "$(sed -n 693p /root/kaas-bootstrap/bootstrap.sh)" -eq "configure" ]] && sed -i "693d" /root/kaas-bootstrap/bootstrap.sh
+ /root/kaas-bootstrap/bootstrap.sh all
+ export KUBECONFIG=/root/kubeconfig
+ echo r00tme | /root/kaas-bootstrap/container-cloud bootstrap user add --username root --roles global-admin,management-admin,reader,writer,operator --kubeconfig kubeconfig --password-stdin
+ - path: /root/do_child.sh
+ content: |
+ set -e
+ while [ ! -d /root/child/templates ] ; do echo 'no child templates!' ; sleep 4 ; done
+ export KUBECONFIG=/root/kubeconfig
+ kubectl apply -f /root/child/templates/project.yaml
+ sleep 2 && kubectl -n mosk apply -f /root/child/templates/ssh_pubkeys.yaml
+ sleep 2 && kubectl -n mosk apply -f /root/child/templates/cluster.yaml
+ sleep 2 && kubectl -n mosk apply -f /root/child/templates/baremetalhosts.yaml
+ sleep 2 && kubectl -n mosk apply -f /root/child/templates/baremetalhostprofiles.yaml
+ sleep 2 && kubectl -n mosk apply -f /root/child/templates/subnets.yaml
+ sleep 2 && kubectl -n mosk apply -f /root/child/templates/l2_templates.yaml
+ sleep 2 && kubectl -n mosk apply -f /root/child/templates/metallbconfig.yaml
+ sleep 2 && kubectl -n mosk apply -f /root/child/templates/machines.yaml
+ sleep 2 && kubectl -n mosk apply -f /root/child/templates/kaascephcluster.yaml
+
+ - path: /etc/udev/rules.d/60-ssd-scheduler.rules
+ content: |
+ ACTION=="add|change", KERNEL=="sd[a-z]", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="deadline"
+
+ - path: /root/env_vars.sh
+ content: |
+ export KAAS_BM_ENABLED="true"
+ export KAAS_BM_PXE_IP="172.16.180.5"
+ export KAAS_BM_PXE_MASK="23"
+ export KAAS_BM_PXE_BRIDGE="br0"
+ export CLUSTER_NAME=kaas-mgmt
+ export OUT_DIR=/root/templates
+ - path: /root/get_child_kubeconfig.sh
+ content: |
+ /root/kaas-bootstrap/bin/kubectl --kubeconfig /root/kubeconfig -n mosk get secrets mosk-kubeconfig -o jsonpath='{.data.admin\.conf}' | base64 -d | sed 's/:5443/:443/g' | tee /root/child.kubeconfig
+ export KUBECONFIG=/root/child.kubeconfig
+ - path: /root/mirantis.lic
+ content: |
+ eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9Cg.eyJleHAiOjE3MzgzOTY4MDAsImlhdCI6MTY3NTMyNDgwMCwic3ViIjoiZGV2fHNpLWRldiIsImxpY2Vuc2UiOnsiZGV2Ijp0cnVlLCJsaW1pdHMiOnsiY2x1c3RlcnMiOjAsIndvcmtlcnNfcGVyX2NsdXN0ZXIiOjB9LCJvcGVuc3RhY2siOnsiY2x1c3RlcnMiOjAsIndvcmtlcnNfcGVyX2NsdXN0ZXIiOjB9fX0K.18naIn5bHkrQJGnqsiv8BHAEhdz_mnMSR2Oz0hAKyhVTdn5Hd7ESJFvPe2agEl7IJf4n6--NPa9zqW0y9zcixnoxB_7xvMntNCaPzfAap8Lm7RSghDJicyJ1xXTj4NNf3ocnbA8rCUNkrSbh2GKFNBqiDMqZTGC7Jozee5HjBzaxFUF0Z0Nr3T0q53DrZmiAhe0P8LtbxFhMICptcMnX-c4mw_hc5TziLZdpR0TUCJk4B0Cit4PABzZWjDCt5gWpy70ZCTTG2xo5dikd-WYBp6f43U5LUroYkhKTHjLMphHnsEDDBu2qaV18ONSuFSQ-Sfg_Mg9ndS_IMTvS9IipsA
+ - path: /etc/docker/daemon.json
+ content: '{"default-address-pools": [{"base": "10.50.0.0/16","size": 24}]}'
+
+
+
+