Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / mcp / tcp-qa / 5f87ad00696f58302c301e1f6bbba54e6bae52c0 / . / tcp_tests / templates / cookied-model-generator / underlay--user-data-cfg01.yaml
blob: 7bd7a022b97b02bb0fdb0462f6a9c519c4e22fb0 [file] [log] [blame]
Dennis Dmitriev85559962018-01-30 15:35:51 +0200[diff] [blame]1| # All the data below will be stored as a string object
2 #cloud-config, see http://cloudinit.readthedocs.io/en/latest/topics/examples.html
3
4 ssh_pwauth: True
5 users:
6 - name: root
7 sudo: ALL=(ALL) NOPASSWD:ALL
8 shell: /bin/bash
9 ssh_authorized_keys:
10 {% for key in config.underlay.ssh_keys %}
11 - ssh-rsa {{ key['public'] }}
12 {% endfor %}
13
14 disable_root: false
15 chpasswd:
16 list: |
17 root:r00tme
18 expire: False
19
20 bootcmd:
21 # Block access to SSH while node is preparing
Dennis Dmitrievbf6e4e02018-03-26 20:37:44 +0300[diff] [blame]22 #- cloud-init-per once sudo iptables -A INPUT -p tcp --dport 22 -j DROP
23 - cloud-init-per once sudo ifdown ens4
24
Dennis Dmitriev85559962018-01-30 15:35:51 +0200[diff] [blame]25 # Enable root access
Dennis Dmitrievbf6e4e02018-03-26 20:37:44 +0300[diff] [blame]26 - cloud-init-per once sudo sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin yes/' /etc/ssh/sshd_config
27 - cloud-init-per once sudo service sshd restart
Dennis Dmitrievf4e6efc2018-03-26 06:15:10 -0500[diff] [blame]28
Dennis Dmitriev85559962018-01-30 15:35:51 +0200[diff] [blame]29 output:
30 all: '| tee -a /var/log/cloud-init-output.log /dev/tty0'
31
32 runcmd:
33 # Prepare network connection
34 - sudo ifdown ens3
Dennis Dmitrievbf6e4e02018-03-26 20:37:44 +0300[diff] [blame]35 - sudo ifup ens3
Dennis Dmitriev85559962018-01-30 15:35:51 +0200[diff] [blame]36 #- sudo route add default gw {gateway} {interface_name}
37
Dennis Dmitrievbf6e4e02018-03-26 20:37:44 +0300[diff] [blame]38 # Purge the unattended-upgrades package (Workaround for PROD-17904, PROD-18736)"
39 - echo "APT::Periodic::Update-Package-Lists 0;" > /etc/apt/apt.conf.d/99dont_update_package_list-salt
40 - echo "APT::Periodic::Download-Upgradeable-Packages 0;" > /etc/apt/apt.conf.d/99dont_update_download_upg_packages-salt
41 - echo "APT::Periodic::Unattended-Upgrade 0;" > /etc/apt/apt.conf.d/99disable_unattended_upgrade-salt
42 - apt-get -y purge unattended-upgrades
43 # Stop currently running apt-daily service, source: https://unix.stackexchange.com/a/315517
44 - systemctl stop apt-daily.service
45 - systemctl kill --kill-who=all apt-daily.service
46 - while ! (systemctl list-units --all apt-daily.service | fgrep -q dead); do sleep 1; done
47
Dennis Dmitriev85559962018-01-30 15:35:51 +0200[diff] [blame]48 # Configure dhclient
49 - sudo echo "nameserver {gateway}" >> /etc/resolvconf/resolv.conf.d/base
50 - sudo resolvconf -u
51
52 # Enable grub menu using updated config below
53 - update-grub
54
55 # Create swap
56 #- fallocate -l 16G /swapfile
57 #- chmod 600 /swapfile
58 #- mkswap /swapfile
59 #- swapon /swapfile
60 #- echo "/swapfile none swap defaults 0 0" >> /etc/fstab
61
62 ############## TCP Cloud cfg01 node ##################
63 - echo "Preparing base OS"
64
65 - echo "nameserver 172.18.208.44" >> /etc/resolv.conf;
Dennis Dmitriev85559962018-01-30 15:35:51 +0200[diff] [blame]66
67 - apt-get clean
68 - apt-get update
69
70 # Ensure that the salt-master service is ready to receive requests
71 - salt-key -y -D
72 - service salt-master restart
73 - service salt-minion restart
Dennis Dmitriev1d3472e2018-02-16 22:04:19 +0200[diff] [blame]74 - apt-get install -y salt-formula-*
Dennis Dmitrievadef0952018-02-17 17:17:02 +0200[diff] [blame]75 - for f in $(ls -1 /usr/share/salt-formulas/reclass/service); do ln -s /usr/share/salt-formulas/reclass/service/$f /srv/salt/reclass/classes/service/ || true; done
Dennis Dmitriev85559962018-01-30 15:35:51 +0200[diff] [blame]76 - salt-call --timeout=180 test.ping
77
78 ########################################################
79 # Node is ready, allow SSH access
Dennis Dmitrievbf6e4e02018-03-26 20:37:44 +0300[diff] [blame]80 #- echo "Allow SSH access ..."
81 #- sudo iptables -D INPUT -p tcp --dport 22 -j DROP
82 - sudo ifup ens4
Dennis Dmitriev85559962018-01-30 15:35:51 +0200[diff] [blame]83 ########################################################
84
Dennis Dmitrievf4e6efc2018-03-26 06:15:10 -0500[diff] [blame]85
Dennis Dmitriev85559962018-01-30 15:35:51 +0200[diff] [blame]86 write_files:
87 - path: /etc/default/grub.d/97-enable-grub-menu.cfg
88 content: |
89 GRUB_RECORDFAIL_TIMEOUT=30
90 GRUB_TIMEOUT=3
91 GRUB_TIMEOUT_STYLE=menu
92
93 - path: /etc/network/interfaces
94 content: |
95 auto ens3
96 iface ens3 inet dhcp
Dennis Dmitrievbf6e4e02018-03-26 20:37:44 +0300[diff] [blame]97 auto ens4
98 iface ens4 inet dhcp
Dennis Dmitriev85559962018-01-30 15:35:51 +0200[diff] [blame]99
100 - path: /root/.ssh/config
101 owner: root:root
102 permissions: '0600'
103 content: |
104 Host *
105 ServerAliveInterval 300
106 ServerAliveCountMax 10
107 StrictHostKeyChecking no
108 UserKnownHostsFile /dev/null
109
110 # Fix hardcoded IP address in the minion.conf
111 - path: /etc/salt/minion.d/minion.conf
112 content: |
113 master: 127.0.0.1
114 id: cfg01.{{ DOMAIN_NAME }}