Add tools to deploy DE UCP
Related-Prod: PRODX-2027
Change-Id: I8339518506588cdfddc818fa968c92df1088edc3
diff --git a/de/heat-templates/scripts/instance_boot.sh b/de/heat-templates/scripts/instance_boot.sh
new file mode 100644
index 0000000..a9ece06
--- /dev/null
+++ b/de/heat-templates/scripts/instance_boot.sh
@@ -0,0 +1,141 @@
+#!/bin/bash
+set -x
+
+DOCKER_DEFAULT_ADDRESS_POOL=${DOCKER_DEFAULT_ADDRESS_POOL:-10.10.1.0/16}
+# DOCKER_DEFAULT_ADDRESS_SIZE have to be less then netmask in DOCKER_DEFAULT_ADDRESS_POOL because
+# to the fact that actual netmask for docker_gwbridge is given from it
+DOCKER_DEFAULT_ADDRESS_SIZE=${DOCKER_DEFAULT_ADDRESS_SIZE:-24}
+HOST_INTERFACE=${HOST_INTERFACE:-ens3}
+UCP_USERNAME=${UCP_USERNAME:-admin}
+UCP_PASSWORD=${UCP_PASSWORD:-administrator}
+OS_CODENAME=$(lsb_release -c -s)
+
+NODE_TYPE=$node_type
+UCP_MASTER_HOST=$ucp_master_host
+
+function wait_condition_send {
+ local status=${1:-SUCCESS}
+ local reason=${2:-empty}
+ local data_binary="{\"status\": \"$status\", \"reason\": \"$reason\"}"
+ echo "Trying to send signal to wait condition 5 times: $data_binary"
+ WAIT_CONDITION_NOTIFY_EXIT_CODE=2
+ i=0
+ while (( ${WAIT_CONDITION_NOTIFY_EXIT_CODE} != 0 && ${i} < 5 )); do
+ $wait_condition_notify -k --data-binary "$data_binary" && WAIT_CONDITION_NOTIFY_EXIT_CODE=0 || WAIT_CONDITION_NOTIFY_EXIT_CODE=2
+ i=$((i + 1))
+ sleep 1
+ done
+ if (( ${WAIT_CONDITION_NOTIFY_EXIT_CODE} !=0 && "${status}" == "SUCCESS" ))
+ then
+ status="FAILURE"
+ reason="Can't reach metadata service to report about SUCCESS."
+ fi
+ if [ "$status" == "FAILURE" ]; then
+ exit 1
+ fi
+}
+
+function install_docker_ce {
+ apt install -y apt-transport-https ca-certificates curl software-properties-common
+ curl --retry 6 --retry-delay 5 -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+ add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu ${OS_CODENAME} stable"
+ apt-get update
+ apt-get install -y docker-ce jq unzip
+}
+
+function update_docker_network {
+ mkdir -p /etc/docker
+ cat <<EOF > /etc/docker/daemon.json
+{
+ "default-address-pools": [
+ { "base": "${DOCKER_DEFAULT_ADDRESS_POOL}", "size": ${DOCKER_DEFAULT_ADDRESS_SIZE} }
+ ]
+}
+EOF
+
+}
+
+function install_ucp {
+ local tmpd
+ tmpd=$(mktemp -d)
+ cat <<EOF > ${tmpd}/docker_subscription.lic
+$ucp_license_key
+EOF
+
+ node_ip_address=$(ip addr show dev ${HOST_INTERFACE} |grep -Po 'inet \K[\d.]+' |egrep -v "127.0.|172.17")
+ docker container run --rm --name ucp \
+ -v /var/run/docker.sock:/var/run/docker.sock \
+ -v $tmpd/docker_subscription.lic:/config/docker_subscription.lic \
+ docker/ucp:3.2.4 install \
+ --host-address $node_ip_address \
+ --admin-username $UCP_USERNAME \
+ --admin-password $UCP_PASSWORD \
+ --existing-config
+}
+
+function download_bundles {
+ local tmpd
+ tmpd=$(mktemp -d)
+ # Download the bundle https://docs.docker.com/ee/ucp/user-access/cli/
+ # Create an environment variable with the user security token
+ AUTHTOKEN=$(curl -sk -d '{"username":"'$UCP_USERNAME'","password":"'$UCP_PASSWORD'"}' https://${UCP_MASTER_HOST}/auth/login | jq -r .auth_token)
+
+ # Download the client certificate bundle
+ curl -k -H "Authorization: Bearer $AUTHTOKEN" https://${UCP_MASTER_HOST}/api/clientbundle -o ${tmpd}/bundle.zip
+
+ pushd $tmpd
+ # Unzip the bundle.
+ unzip bundle.zip
+
+ # Run the utility script.
+ eval "$(<env.sh)"
+ popd
+}
+
+function join_node {
+ env -i $(docker swarm join-token $1 |grep 'docker swarm join' | xargs)
+}
+
+function create_ucp_config {
+ echo "[scheduling_configuration]
+ enable_admin_ucp_scheduling = true
+ default_node_orchestrator = \"kubernetes\"" | docker config create com.docker.ucp.config -
+}
+
+function swarm_init {
+ docker swarm init --advertise-addr ${HOST_INTERFACE}
+}
+
+function rm_ucp_config {
+ docker config rm com.docker.ucp.config
+}
+
+
+case "$NODE_TYPE" in
+ ucp)
+ update_docker_network
+ install_docker_ce
+ swarm_init
+ create_ucp_config
+ install_ucp
+ rm_ucp_config
+ ;;
+ master)
+ update_docker_network
+ install_docker_ce
+ download_bundles
+ join_node manager
+ ;;
+ worker)
+ update_docker_network
+ install_docker_ce
+ download_bundles
+ join_node worker
+ ;;
+ *)
+ echo "Usage: $0 {ucp|master|worker}"
+ exit 1
+esac
+
+
+wait_condition_send "SUCCESS" "Instance successfuly started."
diff --git a/de/heat-templates/scripts/license.lic b/de/heat-templates/scripts/license.lic
new file mode 100644
index 0000000..a923a91
--- /dev/null
+++ b/de/heat-templates/scripts/license.lic
@@ -0,0 +1 @@
+{"key_id":"lm_DfgeIFfNITZK-oUibhI4poRik1cMA-OFmuofxyeAz","private_key":"tExKBK6pHfFdWoYAeqBbRKQuV8UTCG4jRh7j9WyW43ih","authorization":"ewogICAicGF5bG9hZCI6ICJleUpsZUhCcGNtRjBhVzl1SWpvaU1qQXlNQzB3TVMweE9GUXhORG93T1RvMU9Gb2lMQ0owYjJ0bGJpSTZJa3BGVUU5MVIzVnRObmROYjNRM056VnRVbEpwZEdGZlZXTndaakZHZVRWb2RYWnRhMU5aUkZJMldFRTlJaXdpYldGNFJXNW5hVzVsY3lJNk1UQXNJbk5qWVc1dWFXNW5SVzVoWW14bFpDSTZkSEoxWlN3aWJHbGpaVzV6WlZSNWNHVWlPaUpQYm14cGJtVWlMQ0owYVdWeUlqb2lWSEpwWVd3aUxDSnpkV0p6WTNKcGNIUnBiMjVmYVdRaU9pSnpkV0l0WlRFMVl6ZGhOell0WldKaU1pMDBZekF4TFRobE9HWXRaakkyTUdKak5ETTJORE5sSWl3aWNISnZaSFZqZEY5cFpDSTZJbVJ2WTJ0bGNpMWxaUzF6WlhKMlpYSXRkV0oxYm5SMUlpd2ljbUYwWlY5d2JHRnVYMmxrSWpvaVpHOWphMlZ5TFdWbExYTmxjblpsY2kxMVluVnVkSFV0ZEhKcFlXd3RkR2xsY2lJc0luWmxjbk5wYjI0aU9qRXNJbWR5WVdObFgyUmhlWE1pT2pFc0ltMWxkR0ZrWVhSaElqcDdJblZ6WlhKdVlXMWxJam9pYW5WdGNHOXFiM2tpTENKamIyMXdZVzU1SWpvaWVHRjBZU0o5TENKd2NtbGphVzVuWDJOdmJYQnZibVZ1ZEhNaU9sdDdJbTVoYldVaU9pSk9iMlJsY3lJc0luWmhiSFZsSWpveE1IMWRmUSIsCiAgICJzaWduYXR1cmVzIjogWwogICAgICB7CiAgICAgICAgICJoZWFkZXIiOiB7CiAgICAgICAgICAgICJqd2siOiB7CiAgICAgICAgICAgICAgICJlIjogIkFRQUIiLAogICAgICAgICAgICAgICAia2V5SUQiOiAiSjdMRDo2N1ZSOkw1SFo6VTdCQToyTzRHOjRBTDM6T0YyTjpKSEdCOkVGVEg6NUNWUTpNRkVPOkFFSVQiLAogICAgICAgICAgICAgICAia2lkIjogIko3TEQ6NjdWUjpMNUhaOlU3QkE6Mk80Rzo0QUwzOk9GMk46SkhHQjpFRlRIOjVDVlE6TUZFTzpBRUlUIiwKICAgICAgICAgICAgICAgImt0eSI6ICJSU0EiLAogICAgICAgICAgICAgICAibiI6ICJ5ZEl5LWxVN283UGNlWS00LXMtQ1E1T0VnQ3lGOEN4SWNRSVd1Szg0cElpWmNpWTY3MzB5Q1lud0xTS1Rsdy1VNlVDX1FSZVdSaW9NTk5FNURzNVRZRVhiR0c2b2xtMnFkV2JCd2NDZy0yVVVIX09jQjlXdVA2Z1JQSHBNRk1zeER6V3d2YXk4SlV1SGdZVUxVcG0xSXYtbXE3bHA1blFfUnhyVDBLWlJBUVRZTEVNRWZHd20zaE1PX2dlTFBTLWhnS1B0SUhsa2c2X1djb3hUR29LUDc5ZF93YUhZeEdObDdXaFNuZWlCU3hicGJRQUtrMjFsZzc5OFhiN3ZaeUVBVERNclJSOU1lRTZBZGo1SEpwWTNDb3lSQVBDbWFLR1JDSzR1b1pTb0l1MGhGVmxLVVB5YmJ3MDAwR08td2EyS044VXdnSUltMGk1STF1VzlHa3E0empCeTV6aGdxdVVYYkc5YldQQU9ZcnE1UWE4MUR4R2NCbEp5SFlBcC1ERFBFOVRHZzR6WW1YakpueFpxSEVkdUdxZGV2WjhYTUkwdWtma0dJSTE0d1VPaU1JSUlyWGxFY0JmXzQ2SThnUVdEenh5Y1plX0pHWC1MQXVheVhyeXJVRmVoVk5VZFpVbDl3WE5hSkIta2FDcXo1UXdhUjkzc0d3LVFTZnREME52TGU3Q3lPSC1FNnZnNlN0X05lVHZndjhZbmhDaVhJbFo4SE9mSXdOZTd0RUZfVWN6NU9iUHlrbTN0eWxyTlVqdDBWeUFtdHRhY1ZJMmlHaWhjVVBybWs0bFZJWjdWRF9MU1ctaTd5b1N1cnRwc1BYY2UycEtESW8zMGxKR2hPXzNLVW1sMlNVWkNxekoxeUVtS3B5c0g1SERXOWNzSUZDQTNkZUFqZlpVdk43VSIKICAgICAgICAgICAgfSwKICAgICAgICAgICAgImFsZyI6ICJSUzI1NiIKICAgICAgICAgfSwKICAgICAgICAgInNpZ25hdHVyZSI6ICJLOTdEcC1yMTlPV1k0c0taZ0c0SGdGWGk0ZHJZX056a3hzeDJIbGY0NXJ5a0tWU3VOWWtrblYyaFMwdlY3ODB3anM5M1B3cTJLR2l2dkVteG5vc05qeWVodnJxYktDVFBUWEE5S1REQnNIT052QlEwT3gzSFpPdWRCXzF6Y2xSY3NIX3oyT1I0RFV5NFBXNGhHNUVSa055WnJHbE5FSFBXR2hMT1RVckU4OEIxRjc4eFAtU2RncGxtb3dkVVdaUEhPdzJxZUlxQ1NNUHZ2cHJ3OGVDSE1vYnJvNnZ2d00wTThxdkMxMkI1Tk5JUkMwTXVrbFhYdnVuN3pQTnU0c0dId2xfUDlfaU1VMkVCajlhOTBYRkJRWklQVFJlVG9JbmdPT2xuNExRTk9DdzNsYXZzRjhrbWRxZkdwSWRhNHFINWhYSmx6eEVWdlZEelNFUDlTbWY2QVFaUlNHT0h1TkZ0THZYRTB5TlBYOXNzV3B2Zy1GM0VZUUl2S0ZXdDBUbG9lS3lhdllnZEc4bFQ5VE8xdEZYdEJrdEdFb3hYa0FKb3BKWGJpc3pTdzJnd2c2dGJ6N0J6bFdQbWZzelBHUk94UTY3ZjFrQ3VGOXhKQ0RTcFhJb1BzM1FIWWJZMUVQMkJNUzRqNFVHQVVTaV8yanJQajhmZEpBaWFIeF9LWUZaSGMtMmZKd2R5VUQ4eWhmWk02UXlMRF95cDZyeGNiYkpuU1Z4TVlwRjc5SGxRR0d2UzBSN3Y5VUl2czhDRW9NLXBDeEJrc1NabjZtVVpnMTRjdGZLYVQ4cEtYd3NGRnFBZmthandxWDk4WjI5T1dtZTJlNmoxRWRXZWtOSVU5dzA0THlYR0lITmk5cHlpbzlVX2V5bnFFbkZNbjZ1aW5mcDVMa3U2TnZHUXgzQSIsCiAgICAgICAgICJwcm90ZWN0ZWQiOiAiZXlKbWIzSnRZWFJNWlc1bmRHZ2lPalExTUN3aVptOXliV0YwVkdGcGJDSTZJbVpSSWl3aWRHbHRaU0k2SWpJd01Ua3RNVEl0TVRkVU1UVTZORFU2TkROYUluMCIKICAgICAgfQogICBdCn0="}
\ No newline at end of file