mirror of
https://github.com/kemko/nomad.git
synced 2026-01-04 01:15:43 +03:00
e2e: Linux AMI setup cleanup (#8821)
As we add new Linux targets for E2E, the existing setup.sh script will be used only for Ubuntu. Rather than have the service and config files echo'd from the script, move them into files we upload so they can be reused. Includes some general noise reduction in the setup.sh script and removal of unused bits.
This commit is contained in:
Tim Gross
8
e2e/terraform/packer/linux/dnsmasq
Normal file
8
e2e/terraform/packer/linux/dnsmasq
Normal file
@@ -0,0 +1,8 @@
|
||||
port=53
|
||||
resolv-file=/var/run/dnsmasq/resolv.conf
|
||||
bind-interfaces
|
||||
interface=docker0
|
||||
interface=lo
|
||||
interface=eth0
|
||||
listen-address=127.0.0.1
|
||||
server=/consul/127.0.0.1#8600
|
||||
15
e2e/terraform/packer/linux/io.podman.service
Normal file
15
e2e/terraform/packer/linux/io.podman.service
Normal file
@@ -0,0 +1,15 @@
|
||||
[Unit]
|
||||
Description=Podman Remote API Service
|
||||
Requires=io.podman.socket
|
||||
After=io.podman.socket
|
||||
Documentation=man:podman-varlink(1)
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStart=/usr/bin/podman varlink unix:%t/podman/io.podman --timeout=60000
|
||||
TimeoutStopSec=30
|
||||
KillMode=process
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Also=io.podman.socket
|
||||
10
e2e/terraform/packer/linux/io.podman.socket
Normal file
10
e2e/terraform/packer/linux/io.podman.socket
Normal file
@@ -0,0 +1,10 @@
|
||||
[Unit]
|
||||
Description=Podman Remote API Socket
|
||||
Documentation=man:podman-varlink(1) https://podman.io/blogs/2019/01/16/podman-varlink.html
|
||||
|
||||
[Socket]
|
||||
ListenStream=%t/podman/io.podman
|
||||
SocketMode=0600
|
||||
|
||||
[Install]
|
||||
WantedBy=sockets.target
|
||||
@@ -1,30 +1,29 @@
|
||||
#!/bin/bash
|
||||
# setup script for Ubuntu Linux 18.04. Assumes that Packer has placed
|
||||
# build-time config files at /tmp/linux
|
||||
|
||||
set -e
|
||||
|
||||
# Will be overwritten at test time with the version specified
|
||||
NOMADVERSION=0.9.1
|
||||
CONSULVERSION=1.7.3
|
||||
VAULTVERSION=1.1.1
|
||||
|
||||
NOMAD_PLUGIN_DIR=/opt/nomad/plugins/
|
||||
|
||||
mkdir_for_root() {
|
||||
sudo mkdir -p "$1"
|
||||
sudo chmod 755 "$1"
|
||||
}
|
||||
|
||||
# Disable interactive apt prompts
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections
|
||||
|
||||
|
||||
sudo mkdir -p /ops/shared
|
||||
sudo chown -R ubuntu:ubuntu /ops/shared
|
||||
cd /ops
|
||||
|
||||
CONSULVERSION=1.7.3
|
||||
CONSULDOWNLOAD=https://releases.hashicorp.com/consul/${CONSULVERSION}/consul_${CONSULVERSION}_linux_amd64.zip
|
||||
CONSULCONFIGDIR=/etc/consul.d
|
||||
CONSULDIR=/opt/consul
|
||||
VAULTVERSION=1.1.1
|
||||
VAULTDOWNLOAD=https://releases.hashicorp.com/vault/${VAULTVERSION}/vault_${VAULTVERSION}_linux_amd64.zip
|
||||
VAULTCONFIGDIR=/etc/vault.d
|
||||
VAULTDIR=/opt/vault
|
||||
|
||||
# Will be overwritten by sha specified
|
||||
NOMADVERSION=0.9.1
|
||||
NOMADCONFIGDIR=/etc/nomad.d
|
||||
NOMADDIR=/opt/nomad
|
||||
NOMADPLUGINDIR=/opt/nomad/plugins
|
||||
mkdir_for_root /opt
|
||||
|
||||
# Dependencies
|
||||
sudo apt-get update
|
||||
@@ -43,42 +42,37 @@ sudo chown root:root /usr/local/bin/sockaddr
|
||||
sudo ufw disable || echo "ufw not installed"
|
||||
|
||||
echo "Install Consul"
|
||||
curl -fsL -o /tmp/consul.zip $CONSULDOWNLOAD
|
||||
curl -fsL -o /tmp/consul.zip \
|
||||
"https://releases.hashicorp.com/consul/${CONSULVERSION}/consul_${CONSULVERSION}_linux_amd64.zip"
|
||||
sudo unzip -q /tmp/consul.zip -d /usr/local/bin
|
||||
sudo chmod 0755 /usr/local/bin/consul
|
||||
sudo chown root:root /usr/local/bin/consul
|
||||
|
||||
echo "Configure Consul"
|
||||
sudo mkdir -p $CONSULCONFIGDIR
|
||||
sudo chmod 755 $CONSULCONFIGDIR
|
||||
sudo mkdir -p $CONSULDIR
|
||||
sudo chmod 755 $CONSULDIR
|
||||
sudo mv /tmp/consul.service /etc/systemd/system/consul.service
|
||||
mkdir_for_root /etc/consul.d
|
||||
mkdir_for_root /opt/consul
|
||||
sudo mv /tmp/linux/consul_aws.service /etc/systemd/system/consul.service
|
||||
|
||||
echo "Install Vault"
|
||||
curl -fsL -o /tmp/vault.zip $VAULTDOWNLOAD
|
||||
curl -fsL -o /tmp/vault.zip \
|
||||
"https://releases.hashicorp.com/vault/${VAULTVERSION}/vault_${VAULTVERSION}_linux_amd64.zip"
|
||||
sudo unzip -q /tmp/vault.zip -d /usr/local/bin
|
||||
sudo chmod 0755 /usr/local/bin/vault
|
||||
sudo chown root:root /usr/local/bin/vault
|
||||
|
||||
echo "Configure Vault"
|
||||
sudo mkdir -p $VAULTCONFIGDIR
|
||||
sudo chmod 755 $VAULTCONFIGDIR
|
||||
sudo mkdir -p $VAULTDIR
|
||||
sudo chmod 755 $VAULTDIR
|
||||
sudo mv /tmp/vault.service /etc/systemd/system/vault.service
|
||||
mkdir_for_root /etc/vault.d
|
||||
mkdir_for_root /opt/vault
|
||||
sudo mv /tmp/linux/vault.service /etc/systemd/system/vault.service
|
||||
|
||||
echo "Configure Nomad"
|
||||
sudo mkdir -p $NOMADCONFIGDIR
|
||||
sudo chmod 755 $NOMADCONFIGDIR
|
||||
sudo mkdir -p $NOMADDIR
|
||||
sudo chmod 755 $NOMADDIR
|
||||
sudo mkdir -p $NOMADPLUGINDIR
|
||||
sudo chmod 755 $NOMADPLUGINDIR
|
||||
sudo mv /tmp/nomad.service /etc/systemd/system/nomad.service
|
||||
mkdir_for_root /etc/nomad.d
|
||||
mkdir_for_root /opt/nomad
|
||||
mkdir_for_root $NOMAD_PLUGIN_DIR
|
||||
sudo mv /tmp/linux/nomad.service /etc/systemd/system/nomad.service
|
||||
|
||||
echo "Install Nomad"
|
||||
sudo mv /tmp/install-nomad /opt/install-nomad
|
||||
sudo mv /tmp/linux/install-nomad /opt/install-nomad
|
||||
sudo chmod +x /opt/install-nomad
|
||||
/opt/install-nomad --nomad_version $NOMADVERSION --nostart
|
||||
|
||||
@@ -104,7 +98,6 @@ sudo apt-get install -y docker-ce
|
||||
|
||||
echo "Installing Java"
|
||||
sudo apt-get install -y openjdk-8-jdk
|
||||
JAVA_HOME=$(readlink -f /usr/bin/java | sed "s:bin/java::")
|
||||
|
||||
echo "Installing CNI plugins"
|
||||
sudo mkdir -p /opt/cni/bin
|
||||
@@ -125,56 +118,22 @@ echo "Installing latest podman task driver"
|
||||
# install nomad-podman-driver and move to plugin dir
|
||||
latest_podman=$(curl -s https://releases.hashicorp.com/nomad-driver-podman/index.json | jq --raw-output '.versions |= with_entries(select(.key|match("^\\d+\\.\\d+\\.\\d+$"))) | .versions | keys[]' | sort -rV | head -n1)
|
||||
|
||||
wget -q -P /tmp https://releases.hashicorp.com/nomad-driver-podman/${latest_podman}/nomad-driver-podman_${latest_podman}_linux_amd64.zip
|
||||
sudo unzip -q /tmp/nomad-driver-podman_${latest_podman}_linux_amd64.zip -d $NOMADPLUGINDIR
|
||||
sudo chmod +x $NOMADPLUGINDIR/nomad-driver-podman
|
||||
wget -q -P /tmp "https://releases.hashicorp.com/nomad-driver-podman/${latest_podman}/nomad-driver-podman_${latest_podman}_linux_amd64.zip"
|
||||
sudo unzip -q "/tmp/nomad-driver-podman_${latest_podman}_linux_amd64.zip" -d "$NOMAD_PLUGIN_DIR"
|
||||
sudo chmod +x "${NOMAD_PLUGIN_DIR}/nomad-driver-podman"
|
||||
|
||||
# enable varlink socket (not included in ubuntu package)
|
||||
sudo tee /etc/systemd/system/io.podman.service << EOF
|
||||
[Unit]
|
||||
Description=Podman Remote API Service
|
||||
Requires=io.podman.socket
|
||||
After=io.podman.socket
|
||||
Documentation=man:podman-varlink(1)
|
||||
sudo mv /tmp/linux/io.podman.service /etc/systemd/system/io.podman.service
|
||||
sudo mv /tmp/linux/io.podman.socket /etc/systemd/system/io.podman.socket
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStart=/usr/bin/podman varlink unix:%t/podman/io.podman --timeout=60000
|
||||
TimeoutStopSec=30
|
||||
KillMode=process
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Also=io.podman.socket
|
||||
EOF
|
||||
|
||||
sudo tee /etc/systemd/system/io.podman.socket << EOF
|
||||
[Unit]
|
||||
Description=Podman Remote API Socket
|
||||
Documentation=man:podman-varlink(1) https://podman.io/blogs/2019/01/16/podman-varlink.html
|
||||
|
||||
[Socket]
|
||||
ListenStream=%t/podman/io.podman
|
||||
SocketMode=0600
|
||||
|
||||
[Install]
|
||||
WantedBy=sockets.target
|
||||
EOF
|
||||
echo "Configuring dnsmasq"
|
||||
|
||||
# disable systemd-resolved and configure dnsmasq to forward local requests to
|
||||
# consul. the resolver files need to dynamic configuration based on the VPC
|
||||
# address and docker bridge IP, so those will be rewritten at boot time.
|
||||
sudo systemctl disable systemd-resolved.service
|
||||
echo '
|
||||
port=53
|
||||
resolv-file=/var/run/dnsmasq/resolv.conf
|
||||
bind-interfaces
|
||||
interface=docker0
|
||||
interface=lo
|
||||
interface=eth0
|
||||
listen-address=127.0.0.1
|
||||
server=/consul/127.0.0.1#8600
|
||||
' | sudo tee /etc/dnsmasq.d/default
|
||||
sudo mv /tmp/linux/dnsmasq /etc/dnsmasq.d/default
|
||||
sudo chown root:root /etc/dnsmasq.d/default
|
||||
|
||||
# this is going to be overwritten at provisioning time, but we need something
|
||||
# here or we can't fetch binaries to do the provisioning
|
||||
@@ -183,11 +142,13 @@ sudo mv /tmp/resolv.conf /etc/resolv.conf
|
||||
|
||||
sudo systemctl restart dnsmasq
|
||||
|
||||
echo "Updating boot parameters"
|
||||
|
||||
# enable cgroup_memory and swap
|
||||
sudo sed -i 's/GRUB_CMDLINE_LINUX="[^"]*/& cgroup_enable=memory swapaccount=1/' /etc/default/grub
|
||||
sudo update-grub
|
||||
|
||||
echo "Configure user shell"
|
||||
echo "Configuring user shell"
|
||||
sudo tee -a /home/ubuntu/.bashrc << 'EOF'
|
||||
IP_ADDRESS=$(/usr/local/bin/sockaddr eval 'GetPrivateIP')
|
||||
export CONSUL_RPC_ADDR=$IP_ADDRESS:8400
|
||||
|
||||
@@ -16,23 +16,8 @@
|
||||
"provisioners": [
|
||||
{
|
||||
"type": "file",
|
||||
"source": "./linux/install-nomad",
|
||||
"destination": "/tmp/install-nomad"
|
||||
},
|
||||
{
|
||||
"type": "file",
|
||||
"source": "./linux/nomad.service",
|
||||
"destination": "/tmp/nomad.service"
|
||||
},
|
||||
{
|
||||
"type": "file",
|
||||
"source": "./linux/consul_aws.service",
|
||||
"destination": "/tmp/consul.service"
|
||||
},
|
||||
{
|
||||
"type": "file",
|
||||
"source": "./linux/vault.service",
|
||||
"destination": "/tmp/vault.service"
|
||||
"source": "./linux",
|
||||
"destination": "/tmp/linux"
|
||||
},
|
||||
{
|
||||
"type": "shell",
|
||||
|
||||
Reference in New Issue
Block a user