From 2c73d2ebca3f53cc840509aa80502d499e4233a7 Mon Sep 17 00:00:00 2001
From: Tim Gross <tgross@hashicorp.com>
Date: Thu, 3 Sep 2020 16:30:58 -0400
Subject: [PATCH] e2e: Linux AMI setup cleanup (#8821)

As we add new Linux targets for E2E, the existing setup.sh script will be used
only for Ubuntu. Rather than have the service and config files echo'd from the
script, move them into files we upload so they can be reused.

Includes some general noise reduction in the setup.sh script and removal of
unused bits.
---
 e2e/terraform/packer/linux/dnsmasq           |   8 ++
 e2e/terraform/packer/linux/io.podman.service |  15 +++
 e2e/terraform/packer/linux/io.podman.socket  |  10 ++
 e2e/terraform/packer/linux/setup.sh          | 121 +++++++------------
 e2e/terraform/packer/packer.json             |  19 +--
 5 files changed, 76 insertions(+), 97 deletions(-)
 create mode 100644 e2e/terraform/packer/linux/dnsmasq
 create mode 100644 e2e/terraform/packer/linux/io.podman.service
 create mode 100644 e2e/terraform/packer/linux/io.podman.socket

diff --git a/e2e/terraform/packer/linux/dnsmasq b/e2e/terraform/packer/linux/dnsmasq
new file mode 100644
index 000000000..42b06f6e5
--- /dev/null
+++ b/e2e/terraform/packer/linux/dnsmasq
@@ -0,0 +1,8 @@
+port=53
+resolv-file=/var/run/dnsmasq/resolv.conf
+bind-interfaces
+interface=docker0
+interface=lo
+interface=eth0
+listen-address=127.0.0.1
+server=/consul/127.0.0.1#8600
diff --git a/e2e/terraform/packer/linux/io.podman.service b/e2e/terraform/packer/linux/io.podman.service
new file mode 100644
index 000000000..5be5329f4
--- /dev/null
+++ b/e2e/terraform/packer/linux/io.podman.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Podman Remote API Service
+Requires=io.podman.socket
+After=io.podman.socket
+Documentation=man:podman-varlink(1)
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/podman varlink unix:%t/podman/io.podman --timeout=60000
+TimeoutStopSec=30
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+Also=io.podman.socket
diff --git a/e2e/terraform/packer/linux/io.podman.socket b/e2e/terraform/packer/linux/io.podman.socket
new file mode 100644
index 000000000..89ef28127
--- /dev/null
+++ b/e2e/terraform/packer/linux/io.podman.socket
@@ -0,0 +1,10 @@
+[Unit]
+Description=Podman Remote API Socket
+Documentation=man:podman-varlink(1) https://podman.io/blogs/2019/01/16/podman-varlink.html
+
+[Socket]
+ListenStream=%t/podman/io.podman
+SocketMode=0600
+
+[Install]
+WantedBy=sockets.target
diff --git a/e2e/terraform/packer/linux/setup.sh b/e2e/terraform/packer/linux/setup.sh
index 0b414b1ac..b2f61d1e7 100755
--- a/e2e/terraform/packer/linux/setup.sh
+++ b/e2e/terraform/packer/linux/setup.sh
@@ -1,30 +1,29 @@
 #!/bin/bash
+# setup script for Ubuntu Linux 18.04. Assumes that Packer has placed
+# build-time config files at /tmp/linux
 
 set -e
 
+# Will be overwritten at test time with the version specified
+NOMADVERSION=0.9.1
+CONSULVERSION=1.7.3
+VAULTVERSION=1.1.1
+
+NOMAD_PLUGIN_DIR=/opt/nomad/plugins/
+
+mkdir_for_root() {
+    sudo mkdir -p "$1"
+    sudo chmod 755 "$1"
+}
+
 # Disable interactive apt prompts
 export DEBIAN_FRONTEND=noninteractive
 echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections
 
-
 sudo mkdir -p /ops/shared
 sudo chown -R ubuntu:ubuntu /ops/shared
-cd /ops
 
-CONSULVERSION=1.7.3
-CONSULDOWNLOAD=https://releases.hashicorp.com/consul/${CONSULVERSION}/consul_${CONSULVERSION}_linux_amd64.zip
-CONSULCONFIGDIR=/etc/consul.d
-CONSULDIR=/opt/consul
-VAULTVERSION=1.1.1
-VAULTDOWNLOAD=https://releases.hashicorp.com/vault/${VAULTVERSION}/vault_${VAULTVERSION}_linux_amd64.zip
-VAULTCONFIGDIR=/etc/vault.d
-VAULTDIR=/opt/vault
-
-# Will be overwritten by sha specified
-NOMADVERSION=0.9.1
-NOMADCONFIGDIR=/etc/nomad.d
-NOMADDIR=/opt/nomad
-NOMADPLUGINDIR=/opt/nomad/plugins
+mkdir_for_root /opt
 
 # Dependencies
 sudo apt-get update
@@ -43,42 +42,37 @@ sudo chown root:root /usr/local/bin/sockaddr
 sudo ufw disable || echo "ufw not installed"
 
 echo "Install Consul"
-curl -fsL -o /tmp/consul.zip $CONSULDOWNLOAD
+curl -fsL -o /tmp/consul.zip \
+     "https://releases.hashicorp.com/consul/${CONSULVERSION}/consul_${CONSULVERSION}_linux_amd64.zip"
 sudo unzip -q /tmp/consul.zip -d /usr/local/bin
 sudo chmod 0755 /usr/local/bin/consul
 sudo chown root:root /usr/local/bin/consul
 
 echo "Configure Consul"
-sudo mkdir -p $CONSULCONFIGDIR
-sudo chmod 755 $CONSULCONFIGDIR
-sudo mkdir -p $CONSULDIR
-sudo chmod 755 $CONSULDIR
-sudo mv /tmp/consul.service /etc/systemd/system/consul.service
+mkdir_for_root /etc/consul.d
+mkdir_for_root /opt/consul
+sudo mv /tmp/linux/consul_aws.service /etc/systemd/system/consul.service
 
 echo "Install Vault"
-curl -fsL -o /tmp/vault.zip $VAULTDOWNLOAD
+curl -fsL -o /tmp/vault.zip \
+     "https://releases.hashicorp.com/vault/${VAULTVERSION}/vault_${VAULTVERSION}_linux_amd64.zip"
 sudo unzip -q /tmp/vault.zip -d /usr/local/bin
 sudo chmod 0755 /usr/local/bin/vault
 sudo chown root:root /usr/local/bin/vault
 
 echo "Configure Vault"
-sudo mkdir -p $VAULTCONFIGDIR
-sudo chmod 755 $VAULTCONFIGDIR
-sudo mkdir -p $VAULTDIR
-sudo chmod 755 $VAULTDIR
-sudo mv /tmp/vault.service /etc/systemd/system/vault.service
+mkdir_for_root /etc/vault.d
+mkdir_for_root /opt/vault
+sudo mv /tmp/linux/vault.service /etc/systemd/system/vault.service
 
 echo "Configure Nomad"
-sudo mkdir -p $NOMADCONFIGDIR
-sudo chmod 755 $NOMADCONFIGDIR
-sudo mkdir -p $NOMADDIR
-sudo chmod 755 $NOMADDIR
-sudo mkdir -p $NOMADPLUGINDIR
-sudo chmod 755 $NOMADPLUGINDIR
-sudo mv /tmp/nomad.service /etc/systemd/system/nomad.service
+mkdir_for_root /etc/nomad.d
+mkdir_for_root /opt/nomad
+mkdir_for_root $NOMAD_PLUGIN_DIR
+sudo mv /tmp/linux/nomad.service /etc/systemd/system/nomad.service
 
 echo "Install Nomad"
-sudo mv /tmp/install-nomad /opt/install-nomad
+sudo mv /tmp/linux/install-nomad /opt/install-nomad
 sudo chmod +x /opt/install-nomad
 /opt/install-nomad --nomad_version $NOMADVERSION --nostart
 
@@ -104,7 +98,6 @@ sudo apt-get install -y docker-ce
 
 echo "Installing Java"
 sudo apt-get install -y openjdk-8-jdk
-JAVA_HOME=$(readlink -f /usr/bin/java | sed "s:bin/java::")
 
 echo "Installing CNI plugins"
 sudo mkdir -p /opt/cni/bin
@@ -125,56 +118,22 @@ echo "Installing latest podman task driver"
 # install nomad-podman-driver and move to plugin dir
 latest_podman=$(curl -s https://releases.hashicorp.com/nomad-driver-podman/index.json | jq --raw-output '.versions |= with_entries(select(.key|match("^\\d+\\.\\d+\\.\\d+$"))) | .versions | keys[]' | sort -rV | head -n1)
 
-wget -q -P /tmp https://releases.hashicorp.com/nomad-driver-podman/${latest_podman}/nomad-driver-podman_${latest_podman}_linux_amd64.zip
-sudo unzip -q /tmp/nomad-driver-podman_${latest_podman}_linux_amd64.zip -d $NOMADPLUGINDIR
-sudo chmod +x $NOMADPLUGINDIR/nomad-driver-podman
+wget -q -P /tmp "https://releases.hashicorp.com/nomad-driver-podman/${latest_podman}/nomad-driver-podman_${latest_podman}_linux_amd64.zip"
+sudo unzip -q "/tmp/nomad-driver-podman_${latest_podman}_linux_amd64.zip" -d "$NOMAD_PLUGIN_DIR"
+sudo chmod +x "${NOMAD_PLUGIN_DIR}/nomad-driver-podman"
 
 # enable varlink socket (not included in ubuntu package)
-sudo tee /etc/systemd/system/io.podman.service << EOF
-[Unit]
-Description=Podman Remote API Service
-Requires=io.podman.socket
-After=io.podman.socket
-Documentation=man:podman-varlink(1)
+sudo mv /tmp/linux/io.podman.service /etc/systemd/system/io.podman.service
+sudo mv /tmp/linux/io.podman.socket /etc/systemd/system/io.podman.socket
 
-[Service]
-Type=simple
-ExecStart=/usr/bin/podman varlink unix:%t/podman/io.podman --timeout=60000
-TimeoutStopSec=30
-KillMode=process
-
-[Install]
-WantedBy=multi-user.target
-Also=io.podman.socket
-EOF
-
-sudo tee /etc/systemd/system/io.podman.socket << EOF
-[Unit]
-Description=Podman Remote API Socket
-Documentation=man:podman-varlink(1) https://podman.io/blogs/2019/01/16/podman-varlink.html
-
-[Socket]
-ListenStream=%t/podman/io.podman
-SocketMode=0600
-
-[Install]
-WantedBy=sockets.target
-EOF
+echo "Configuring dnsmasq"
 
 # disable systemd-resolved and configure dnsmasq to forward local requests to
 # consul. the resolver files need to dynamic configuration based on the VPC
 # address and docker bridge IP, so those will be rewritten at boot time.
 sudo systemctl disable systemd-resolved.service
-echo '
-port=53
-resolv-file=/var/run/dnsmasq/resolv.conf
-bind-interfaces
-interface=docker0
-interface=lo
-interface=eth0
-listen-address=127.0.0.1
-server=/consul/127.0.0.1#8600
-' | sudo tee /etc/dnsmasq.d/default
+sudo mv /tmp/linux/dnsmasq /etc/dnsmasq.d/default
+sudo chown root:root /etc/dnsmasq.d/default
 
 # this is going to be overwritten at provisioning time, but we need something
 # here or we can't fetch binaries to do the provisioning
@@ -183,11 +142,13 @@ sudo mv /tmp/resolv.conf /etc/resolv.conf
 
 sudo systemctl restart dnsmasq
 
+echo "Updating boot parameters"
+
 # enable cgroup_memory and swap
 sudo sed -i 's/GRUB_CMDLINE_LINUX="[^"]*/& cgroup_enable=memory swapaccount=1/' /etc/default/grub
 sudo update-grub
 
-echo "Configure user shell"
+echo "Configuring user shell"
 sudo tee -a /home/ubuntu/.bashrc << 'EOF'
 IP_ADDRESS=$(/usr/local/bin/sockaddr eval 'GetPrivateIP')
 export CONSUL_RPC_ADDR=$IP_ADDRESS:8400
diff --git a/e2e/terraform/packer/packer.json b/e2e/terraform/packer/packer.json
index f02a8ffe4..accf322c0 100644
--- a/e2e/terraform/packer/packer.json
+++ b/e2e/terraform/packer/packer.json
@@ -16,23 +16,8 @@
   "provisioners": [
     {
       "type": "file",
-      "source": "./linux/install-nomad",
-      "destination": "/tmp/install-nomad"
-    },
-    {
-      "type": "file",
-      "source": "./linux/nomad.service",
-      "destination": "/tmp/nomad.service"
-    },
-    {
-      "type": "file",
-      "source": "./linux/consul_aws.service",
-      "destination": "/tmp/consul.service"
-    },
-    {
-      "type": "file",
-      "source": "./linux/vault.service",
-      "destination": "/tmp/vault.service"
+      "source": "./linux",
+      "destination": "/tmp/linux"
     },
     {
       "type": "shell",