bootstrap/vagrant-minimal-onap/Vagrantfile

   1 # -*- mode: ruby -*-
   2 # -*- coding: utf-8 -*-
   3
   4 host_ip = "192.168.121.1"
   5 operator_key = "${HOME}/.ssh/onap-key"
   6 vagrant_user = "vagrant"
   7 vagrant_password = "vagrant"
   8 synced_folder_main = "/vagrant"
   9 synced_folder_config = "#{synced_folder_main}/config"
  10 synced_folder_tools_config = "#{synced_folder_main}/tools/config"
  11 os_config = "#{synced_folder_config}/local.conf"
  12 os_env = "#{synced_folder_config}/dot_env"
  13 cluster_yml = "cluster.yml"
  14 apt_prefs_dir = "/etc/apt/apt.conf.d"
  15 apt_prefs = "95silent-approval"
  16 helm_timeout = "1800"
  17 helm_master_password = "vagrant"
  18
  19 vm_memory = 1 * 1024
  20 vm_memory_os = 4 * 1024
  21 vm_memory_onap = 64 * 1024
  22 vm_cpu = 1
  23 vm_cpus = 8
  24 vm_box = "generic/ubuntu1804"
  25 vm_box_op = "generic/ubuntu2004"
  26 vm_disk = 32
  27 vm_disk_onap = 64
  28 vm_storage_pool = "default"
  29
  30 operation = {
  31   name: 'operator',
  32   hostname: 'operator',
  33   ip: '172.17.4.254',
  34   box: vm_box_op,
  35   cpus: vm_cpu,
  36   memory: vm_memory,
  37   disk: vm_disk,
  38   pool: vm_storage_pool
  39 }
  40 devstack = {
  41   name: 'devstack',
  42   hostname: 'devstack',
  43   ip: '172.17.4.200',
  44   box: vm_box,
  45   cpus: vm_cpu,
  46   memory: vm_memory_os,
  47   disk: vm_disk,
  48   pool: vm_storage_pool
  49 }
  50 control = {
  51   name: 'control',
  52   hostname: 'control',
  53   ip: '172.17.4.100',
  54   box: vm_box,
  55   cpus: vm_cpu,
  56   memory: vm_memory,
  57   disk: vm_disk,
  58   pool: vm_storage_pool
  59 }
  60 worker = {
  61   name: 'worker',
  62   hostname: 'worker',
  63   ip: '172.17.4.101',
  64   box: vm_box,
  65   cpus: vm_cpus,
  66   memory: vm_memory_onap,
  67   disk: vm_disk_onap,
  68   pool: vm_storage_pool
  69 }
  70
  71 cluster = [] << control << worker
  72 all = cluster.dup << operation << devstack
  73
  74 operation_post_msg = "Run: \"vagrant provision #{operation[:name]} --provision-with=rke_up,setup_kubectl,setup_helm_cluster,setup_helm_repo,deploy_onap\" to complete ONAP deployment"
  75
  76 $replace_dns = <<-SCRIPT
  77   HOST_IP="$1"
  78   rm -f /etc/resolv.conf # drop its dynamic management by systemd-resolved
  79   echo nameserver "$HOST_IP" | tee /etc/resolv.conf
  80 SCRIPT
  81
  82 $enable_ipv6 = <<-SCRIPT
  83   sed -i'' 's/net.ipv6.conf.all.disable_ipv6.*$/net.ipv6.conf.all.disable_ipv6 = 0/' /etc/sysctl.conf
  84   sysctl -p
  85 SCRIPT
  86
  87 $setup_devstack = <<-SCRIPT
  88   CONFIG="$1"
  89   git clone https://opendev.org/openstack/devstack
  90   cd devstack
  91   cp "$CONFIG" .
  92   ./stack.sh
  93 SCRIPT
  94
  95 $add_to_docker_group = <<-SCRIPT
  96   USER="$1"
  97   echo "Adding ${USER} to 'docker' group"
  98   usermod -aG docker "$USER"
  99 SCRIPT
 100
 101 $setup_debconf = <<-SCRIPT
 102   echo "Setting debconf frontend to noninteractive"
 103   sed -i'.orig' '/^Config:/a Frontend: noninteractive' /etc/debconf.conf
 104 SCRIPT
 105
 106 $install_sshpass = <<-SCRIPT
 107   apt-get update
 108   echo "Installing 'sshpass'"
 109   apt-get install sshpass
 110 SCRIPT
 111
 112 $install_make = <<-SCRIPT
 113   apt-get update
 114   echo "Installing 'make'"
 115   apt-get install make
 116 SCRIPT
 117
 118 $install_docker = <<-SCRIPT
 119   apt-get update
 120   echo "Setting up 'docker' repository"
 121   apt-get install \
 122     apt-transport-https \
 123     ca-certificates \
 124     curl \
 125     gnupg-agent \
 126     software-properties-common
 127   curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
 128   add-apt-repository \
 129    "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
 130    $(lsb_release -cs) \
 131    stable"
 132   apt-get update
 133
 134   echo "Installing 'docker'"
 135   apt-get install docker-ce docker-ce-cli containerd.io
 136 SCRIPT
 137
 138 $resize_disk = <<-SCRIPT
 139   DEV=${1:-vda}
 140   PART=${2:-3}
 141   echo ", +" | sfdisk -N "$PART" "/dev/$DEV" --no-reread
 142   partprobe
 143   resize2fs "/dev/${DEV}${PART}"
 144 SCRIPT
 145
 146 $generate_key = <<-SCRIPT
 147   KEY_FILE="$1"
 148   echo "Generating SSH key (${KEY_FILE})"
 149   ssh-keygen -q -b 4096 -t rsa -f "$KEY_FILE" -N ""
 150 SCRIPT
 151
 152 $deploy_key = <<-SCRIPT
 153   KEY="$1"
 154   USER="$2"
 155   PASS="$PASSWORD"
 156   IPS="$3"
 157   echo "Deploying ${KEY} for ${USER}"
 158   for ip in $IPS; do
 159     echo "on ${ip}"
 160     sshpass -p "$PASS" ssh-copy-id -o StrictHostKeyChecking=no -i "$KEY" "${USER}@${ip}"
 161   done
 162 SCRIPT
 163
 164 $link_dotfiles = <<-SCRIPT
 165   SYNC_DIR="$1"
 166   for rc in ${SYNC_DIR}/dot_*; do
 167     src="$rc"
 168     dst="${HOME}/.${rc##*dot_}"
 169     echo "Symlinking ${src} to ${dst}"
 170     ln -sf "$src" "$dst"
 171   done
 172 SCRIPT
 173
 174 $link_file = <<-SCRIPT
 175   SYNC_DIR="$1"
 176   FILE="$2"
 177   src="${SYNC_DIR}/${FILE}"
 178   dst="$3"
 179   echo "Symlinking ${src} to ${dst}"
 180   ln -sf "$src" "$dst"
 181 SCRIPT
 182
 183 $rke_up = "rke up"
 184 $rke_down = "rke remove --force || true" # best effort
 185
 186 $get_oom = <<-SCRIPT
 187   BRANCH="${1:-7.0.0-ONAP}"
 188   REPO="${2:-https://git.onap.org/oom}"
 189   git clone -b "$BRANCH" "$REPO" --recurse-submodules
 190 SCRIPT
 191
 192 $get_helm_plugins = "mkdir -p ${HOME}/.helm && cp -R ${HOME}/oom/kubernetes/helm/plugins/ ${HOME}/.helm"
 193
 194 $setup_helm_cluster = <<-SCRIPT
 195   export KUBECONFIG="${HOME}/.kube/config.onap"
 196   kubectl config use-context onap
 197   kubectl -n kube-system create serviceaccount tiller
 198   kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
 199   helm init --service-account tiller
 200   kubectl -n kube-system rollout status deploy/tiller-deploy
 201 SCRIPT
 202
 203 # FIXME: replace sleep command with helm repo readiness probe
 204 $setup_helm_repo = <<-SCRIPT
 205   helm serve &
 206   sleep 3
 207   helm repo add local http://127.0.0.1:8879
 208   make -e SKIP_LINT=TRUE -C ${HOME}/oom/kubernetes all
 209 SCRIPT
 210
 211 $deploy_onap = <<-SCRIPT
 212   OVERRIDE="${1:-${HOME}/oom/kubernetes/onap/resources/environments/core-onap.yaml}"
 213
 214   ENV="${2:-#{os_env}}"
 215   export $(cat "$ENV" | xargs)
 216
 217   TIMEOUT="${3:-#{helm_timeout}}"
 218   MASTER_PASSWORD="${4:-#{helm_master_password}}"
 219
 220   encrypt () {
 221     KEY="${HOME}/oom/kubernetes/so/resources/config/mso/encryption.key"
 222     echo -n "$1" \
 223     | openssl aes-128-ecb -e -K `cat "$KEY"` -nosalt \
 224     | xxd -c 256 -p
 225   }
 226
 227   export OPENSTACK_ENCRYPTED_PASSWORD="$(encrypt $OPENSTACK_PASSWORD)"
 228
 229   export KUBECONFIG="${HOME}/.kube/config.onap"
 230
 231   helm deploy core local/onap --verbose \
 232     --set global.masterPassword="$MASTER_PASSWORD" \
 233     --namespace onap --timeout "$TIMEOUT" -f "$OVERRIDE"
 234 SCRIPT
 235
 236 Vagrant.configure('2') do |config|
 237   all.each do |machine|
 238     config.vm.define machine[:name] do |config|
 239       config.vm.box = machine[:box]
 240       config.vm.hostname = machine[:hostname]
 241
 242       config.vm.provider :virtualbox do |v|
 243         v.name = machine[:name]
 244         v.memory = machine[:memory]
 245         v.cpus = machine[:cpus]
 246       end
 247
 248       config.vm.provider :libvirt do |v|
 249         v.memory = machine[:memory]
 250         v.cpus = machine[:cpus]
 251         v.machine_virtual_size = machine[:disk] # set at VM creation
 252         v.storage_pool_name = machine[:pool]
 253       end
 254
 255       config.vm.network :private_network, ip: machine[:ip]
 256       config.vm.provision "replace_dns", type: :shell, run: "always", inline: $replace_dns, args: host_ip
 257
 258       if machine[:name] == 'devstack'
 259         config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: "Vagrantfile"
 260
 261         config.vm.provision "enable_ipv6", type: :shell, run: "always", inline: $enable_ipv6
 262         config.vm.provision "setup_devstack", type: :shell, privileged: false, inline: $setup_devstack, args: os_config
 263       end
 264
 265       if machine[:name] == 'control'
 266         config.vm.provision "customize_control", type: :shell, path: "tools/imported/openstack-k8s-controlnode.sh"
 267         config.vm.provision "fix_groups_control", type: :shell, inline: $add_to_docker_group, args: vagrant_user
 268       end
 269
 270       if machine[:name] == 'worker'
 271         config.vm.provision "customize_worker", type: :shell, path: "tools/imported/openstack-k8s-workernode.sh"
 272         config.vm.provision "fix_groups_worker", type: :shell, inline: $add_to_docker_group, args: vagrant_user
 273         config.vm.provision "resize_disk", type: :shell, inline: $resize_disk
 274       end
 275
 276       if machine[:name] == 'operator'
 277         config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: ["Vagrantfile", "operator"]
 278         config.vm.synced_folder "~/.ssh", "/home/#{vagrant_user}/.ssh", type: "rsync", rsync__exclude: "authorized_keys"
 279         config.vm.synced_folder "./operator", "/home/#{vagrant_user}", type: "sshfs", reverse: true, sshfs_opts_append: "-o nonempty"
 280
 281         config.vm.provision "setup_debconf", type: :shell, inline: $setup_debconf
 282         config.vm.provision "link_apt_prefs", type: :shell, run: "always" do |s|
 283           s.inline = $link_file
 284           s.args = [synced_folder_tools_config, apt_prefs, apt_prefs_dir]
 285         end
 286         config.vm.provision "link_dotfiles_root", type: :shell, run: "always" do |s|
 287           s.inline = $link_dotfiles
 288           s.args = synced_folder_tools_config
 289         end
 290         config.vm.provision "link_dotfiles_user", type: :shell, run: "always" do |s|
 291           s.privileged = false
 292           s.inline = $link_dotfiles
 293           s.args = synced_folder_tools_config
 294         end
 295
 296         config.vm.provision "install_docker", type: :shell, inline: $install_docker
 297         config.vm.provision "fix_groups_operator", type: :shell, inline: $add_to_docker_group, args: vagrant_user
 298         config.vm.provision "install_sshpass", type: :shell, inline: $install_sshpass
 299         config.vm.provision "generate_key", type: :shell, privileged: false, inline: $generate_key, args: operator_key
 300
 301         ips = ""
 302         cluster.each { |node| ips << node[:ip] << " " }
 303         config.vm.provision "deploy_key", type: :shell do |s|
 304           s.privileged = false
 305           s.inline = $deploy_key
 306           s.args = [operator_key, vagrant_user, ips]
 307           s.env = {'PASSWORD': vagrant_password}
 308         end
 309
 310         config.vm.provision "get_rke", type: :shell, path: "tools/get_rke.sh"
 311         config.vm.provision "link_cluster_yml", type: :shell, run: "always" do |s|
 312           s.privileged = false
 313           s.inline = $link_file
 314           s.args = [synced_folder_config, cluster_yml, "$HOME"]
 315         end
 316
 317         config.vm.post_up_message = operation_post_msg
 318         config.vm.provision "rke_up", type: :shell, run: "never", privileged: false, inline: $rke_up
 319         config.trigger.before :destroy do |trigger|
 320           trigger.warn = "Removing cluster"
 321           trigger.run_remote = {privileged: false, inline: $rke_down}
 322         end
 323
 324         config.vm.provision "get_kubectl", type: :shell, path: "tools/get_kubectl.sh"
 325         config.vm.provision "setup_kubectl", type: :shell, run: "never" do |s|
 326           s.privileged = false
 327           s.path = "tools/setup_kubectl.sh"
 328         end
 329         config.vm.provision "get_helm", type: :shell, path: "tools/get_helm.sh"
 330         config.vm.provision "get_oom", type: :shell do |s|
 331           s.privileged = false
 332           s.inline = $get_oom
 333         end
 334         config.vm.provision "get_helm_plugins", type: :shell, privileged: false, inline: $get_helm_plugins
 335         config.vm.provision "install_make", type: :shell, inline: $install_make
 336         config.vm.provision "setup_helm_cluster", type: :shell, run: "never", privileged: false, inline: $setup_helm_cluster
 337         config.vm.provision "setup_helm_repo", type: :shell, run: "never", privileged: false, inline: $setup_helm_repo
 338         config.vm.provision "deploy_onap", type: :shell, run: "never" do |s|
 339           s.privileged = false
 340           s.inline = $deploy_onap
 341         end
 342       end
 343     end
 344   end
 345 end