| Dmitry Tyzhnenko | 2b730a0 | 2017-04-07 19:31:32 +0300 | [diff] [blame] | 1 | | # All the data below will be stored as a string object |
| 2 | #cloud-config, see http://cloudinit.readthedocs.io/en/latest/topics/examples.html |
| 3 | |
| 4 | ssh_pwauth: True |
| 5 | users: |
| 6 | - name: root |
| 7 | sudo: ALL=(ALL) NOPASSWD:ALL |
| 8 | shell: /bin/bash |
| 9 | ssh_authorized_keys: |
| 10 | - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGwjUlYn9UsmWmAGSuEA2sICad7WqxgsJR0HKcMbbxi0tn96h4Cq2iGYmzlJ48egLm5R5pxyWnFvL4b/2zb+kKTPCMwRc9nv7xEGosEFNQEoSDd+gYu2CO0dgS2bX/7m2DXmzvhqPjxWQUXXsb0OYAS1r9Es65FE8y4rLaegz8V35xfH45bTCA0W8VSKh264XtGz12hacqsttE/UvyjJTZe+/XV+xJy3WAWxe8J/MuW1VqbqNewTmpTE/LJU8i6pG4msU6+wH99UvsGAOKQOduynUHKWG3VZg5YCjpbbV/t/pfW/vHB3b3jiifQmNhulyiG/CNnSQ5BahtV/7qPsYt vagrant@cfg01 |
| 11 | |
| 12 | disable_root: false |
| 13 | chpasswd: |
| 14 | list: | |
| 15 | root:r00tme |
| 16 | expire: False |
| 17 | |
| 18 | bootcmd: |
| 19 | # Block access to SSH while node is preparing |
| 20 | - cloud-init-per once sudo iptables -A INPUT -p tcp --dport 22 -j DROP |
| 21 | # Configure dhclient |
| 22 | - cloud-init-per once echo "nameserver {gateway}" >> /etc/resolvconf/resolv.conf.d/base |
| 23 | - cloud-init-per once resolvconf -u |
| 24 | - cloud-init-per once echo "172.18.248.114 jenkins.mcp.mirantis.net gerrit.mcp.mirantis.net" >> /etc/hosts |
| 25 | - cloud-init-per once echo "185.135.196.10 apt-mk.mirantis.com" >> /etc/hosts |
| 26 | # Enable root access |
| 27 | - sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin yes/' /etc/ssh/sshd_config |
| 28 | - service sshd restart |
| 29 | output: |
| 30 | all: '| tee -a /var/log/cloud-init-output.log /dev/tty0' |
| 31 | |
| 32 | apt: |
| 33 | preserve_sources_list: true |
| 34 | sources: |
| 35 | mcp_salt.list: |
| 36 | source: "deb [arch=amd64] http://apt-mk.mirantis.com/xenial nightly salt extra" |
| 37 | keyid: A76882D3 |
| 38 | saltstack.list: |
| 39 | source: "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main" |
| 40 | keyid: DE57BFBE |
| 41 | tcpcloud_salt.list: |
| 42 | source: "deb [arch=amd64] http://apt.tcpcloud.eu/nightly xenial tcp-salt" |
| 43 | keyid: A76882D3 |
| 44 | |
| 45 | packages: |
| 46 | - wget |
| 47 | - git |
| 48 | - salt-minion |
| 49 | - python-pip |
| 50 | - curl |
| 51 | - tmux |
| 52 | - byobu |
| 53 | - iputils-ping |
| 54 | - traceroute |
| 55 | - htop |
| 56 | - tree |
| 57 | - screen |
| 58 | |
| 59 | runcmd: |
| 60 | # Configure dhclient |
| 61 | - sudo echo "nameserver {gateway}" >> /etc/resolvconf/resolv.conf.d/base |
| 62 | - sudo resolvconf -u |
| 63 | |
| 64 | # Prepare network connection |
| 65 | - sudo ifup eth0 |
| 66 | #- sudo route add default gw {gateway} {interface_name} |
| 67 | - sudo ifup eth1 |
| 68 | |
| 69 | # Create swap |
| 70 | - fallocate -l 4G /swapfile |
| 71 | - chmod 600 /swapfile |
| 72 | - mkswap /swapfile |
| 73 | - swapon /swapfile |
| 74 | - echo "/swapfile none swap defaults 0 0" >> /etc/fstab |
| 75 | |
| 76 | ############## TCP Cloud cfg01 node ################## |
| 77 | #- sleep 120 |
| 78 | # - echo "Preparing base OS" |
| 79 | # - which wget >/dev/null || (apt-get update; apt-get install -y wget) |
| 80 | # - echo "deb [arch=amd64] http://apt.tcpcloud.eu/nightly/ trusty main security extra tcp tcp-salt" > /etc/apt/sources.list |
| 81 | # - wget -O - http://apt.tcpcloud.eu/public.gpg | apt-key add - |
| 82 | # saltstack repo is for minions that have the same version in the xenial and trusty (2016.3.3) |
| 83 | #- echo "deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest trusty main" > /etc/apt/sources.list.d/saltstack.list |
| 84 | #- wget -O - https://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest/SALTSTACK-GPG-KEY.pub | apt-key add - |
| 85 | # - echo "deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/2016.3 trusty main" > /etc/apt/sources.list.d/saltstack.list |
| 86 | # - wget -O - https://repo.saltstack.com/apt/ubuntu/14.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub | apt-key add - |
| 87 | |
| 88 | # - apt-get clean |
| 89 | # - apt-get update |
| 90 | # - apt-get -y upgrade |
| 91 | |
| 92 | # Install common packages |
| 93 | # - apt-get install -y python-pip git |
| 94 | # - apt-get install -y curl tmux byobu iputils-ping traceroute htop tree |
| 95 | |
| 96 | # - apt-get install -y salt-minion |
| 97 | |
| 98 | # To be configured from inventory/fuel-devops by operator or autotests |
| 99 | # - 'echo "id: {hostname}" >> /etc/salt/minion' |
| 100 | # - 'echo "master: 192.168.10.100" >> /etc/salt/minion' |
| 101 | |
| 102 | - echo "Restarting minion service with workarounds..." |
| 103 | - rm -f /etc/salt/pki/minion/minion_master.pub |
| 104 | - service salt-minion restart |
| 105 | - sleep 5 |
| 106 | - rm -f /etc/salt/pki/minion/minion_master.pub |
| 107 | - service salt-minion restart |
| 108 | |
| 109 | #- echo "Showing node metadata..." |
| 110 | #- salt-call pillar.data |
| 111 | |
| 112 | #- echo "Running complete state ..." |
| 113 | #- salt-call state.sls linux,openssh,salt |
| 114 | |
| 115 | # Workaround for bug https://mirantis.jira.com/browse/PROD-8214 |
| 116 | - apt-get -y install --install-recommends linux-generic-lts-xenial |
| 117 | - reboot |
| 118 | |
| 119 | ######################################################## |
| 120 | # Node is ready, allow SSH access |
| 121 | ##- echo "Allow SSH access ..." |
| 122 | ##- sudo iptables -D INPUT -p tcp --dport 22 -j DROP |
| 123 | ######################################################## |
| 124 | |
| 125 | write_files: |
| 126 | - path: /etc/network/interfaces |
| 127 | content: | |
| 128 | auto eth0 |
| 129 | iface eth0 inet dhcp |
| 130 | auto eth1 |
| 131 | iface eth1 inet dhcp |
| 132 | |
| 133 | - path: /etc/salt/minion.d/minion.conf |
| 134 | content: | |
| 135 | id: {hostname} |
| 136 | master: 192.168.10.100 |