added ADAPT DO M24

parent 59e49e4a
The plan is to release the ADAPT Deployment Orchestrator component, developed by HPE, as open source software. HPE has to follow an internal process with reviews and decisions at corporate level to decide and approve the license under which to release the developed software. Unfortunately this process takes time and it’s not yet completed at the time of writing, therefore the licensing information for the released software is not yet available.
For more information please contact us through this website https://www.decide-h2020.eu/contact
\ No newline at end of file
FROM tiangolo/uwsgi-nginx-flask:python3.6
RUN apt-get update && apt-get install unzip && wget https://releases.hashicorp.com/terraform/0.10.7/terraform_0.10.7_linux_amd64.zip?_ga=2.121414664.102068769.1507033863-2054770415.1501495729 -O temp.zip && unzip temp.zip -d /usr/local/bin && rm temp.zip && mkdir -p /app/repo && mkdir -p /home/ubuntu/terraform/certs && mkdir -p /home/ubuntu/terraform/scripts && mkdir /home/ubuntu/terraform/keypairs && pip install flask-restplus && pip install -U flask-cors && pip install pymongo==3.7 && wget http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u9_amd64.deb && dpkg -i libssl1.0.0_1.0.1t-1+deb8u9_amd64.deb && wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1604-4.0.0.tgz && tar -zxvf mongodb-linux-*-4.0.0.tgz && mkdir -p /data/db && export PATH=mongodb-linux-x86_64-ubuntu1604-4.0.0/bin:$PATH && cp mongodb-linux-x86_64-ubuntu1604-4.0.0/bin/* /usr/local/bin
RUN apt-get update && apt-get install unzip && apt-get install -y vim && wget https://releases.hashicorp.com/terraform/0.10.7/terraform_0.10.7_linux_amd64.zip?_ga=2.121414664.102068769.1507033863-2054770415.1501495729 -O temp.zip && unzip temp.zip -d /usr/local/bin && rm temp.zip && mkdir -p /app/repo && mkdir -p /home/ubuntu/terraform/certs && mkdir -p /home/ubuntu/terraform/scripts && mkdir /home/ubuntu/terraform/keypairs && pip install flask-restplus && pip install -U flask-cors && pip install pymongo==3.7 && pip install jsonschema==3.0.0a3 && wget http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u9_amd64.deb && dpkg -i libssl1.0.0_1.0.1t-1+deb8u9_amd64.deb && wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1604-4.0.0.tgz && tar -zxvf mongodb-linux-*-4.0.0.tgz && mkdir -p /data/db && export PATH=mongodb-linux-x86_64-ubuntu1604-4.0.0/bin:$PATH && cp mongodb-linux-x86_64-ubuntu1604-4.0.0/bin/* /usr/local/bin
COPY app/ /app/
COPY tfplugin/terraform-provider-cloudbroker /usr/local/bin
......
......@@ -27,6 +27,10 @@ variable "vm_region_id" {
default = "4265ddb9-e862-4814-82a4-d6b92f25e8e5"
}
variable "vm_user" {
default = "ubuntu"
}
variable "instance_type_id" {
default = "e3ca8e4c-0f91-4e83-9bd9-4cef88d054a8"
}
......@@ -71,6 +75,7 @@ resource "cloudbroker_instance" "decide-vm" {
resource_id = "${var.vm_resource_id}"
region_id = "${var.vm_region_id}"
instance_type_id = "${var.instance_type_id}"
vm_user = "${var.vm_user}"
isolated = "false"
key_pair_id = "${var.key_pair_id}"
disable_autostop = "true"
......@@ -91,7 +96,7 @@ resource "cloudbroker_instance" "decide-vm" {
connection {
type = "ssh"
user = "ubuntu"
user = "${var.vm_user}"
private_key = "${file("/home/ubuntu/terraform/keypairs/${var.app_name}/private-key-openssh")}"
}
}
......@@ -105,7 +110,7 @@ resource "cloudbroker_instance" "decide-vm" {
connection {
type = "ssh"
user = "ubuntu"
user = "${var.vm_user}"
private_key = "${file("/home/ubuntu/terraform/keypairs/${var.app_name}/private-key-openssh")}"
}
}
......@@ -113,7 +118,10 @@ resource "cloudbroker_instance" "decide-vm" {
provisioner "local-exec" {
command = <<CMD
mkdir -p /home/ubuntu/terraform/certs/${cloudbroker_instance.decide-vm.external_ip_address} \
&& scp -i /home/ubuntu/terraform/keypairs/${var.app_name}/private-key-openssh -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -r ubuntu@${cloudbroker_instance.decide-vm.external_ip_address}:~/.docker/client/keys/ /home/ubuntu/terraform/certs/${cloudbroker_instance.decide-vm.external_ip_address}
&& scp -i /home/ubuntu/terraform/keypairs/${var.app_name}/private-key-openssh -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -r ${var.vm_user}@${cloudbroker_instance.decide-vm.external_ip_address}:/tmp/scripts/tempkeys/ /home/ubuntu/terraform/certs/${cloudbroker_instance.decide-vm.external_ip_address} \
&& mv /home/ubuntu/terraform/certs/${cloudbroker_instance.decide-vm.external_ip_address}/tempkeys /home/ubuntu/terraform/certs/${cloudbroker_instance.decide-vm.external_ip_address}/keys \
&& chmod -v 0400 /home/ubuntu/terraform/certs/${cloudbroker_instance.decide-vm.external_ip_address}/keys/key.pem \
&& chmod -v 0444 /home/ubuntu/terraform/certs/${cloudbroker_instance.decide-vm.external_ip_address}/keys/cert.pem
CMD
}
......
......@@ -10,17 +10,17 @@ provider "docker" {
resource "null_resource" "{{ imageName|replace("/", "-") }}-{{ containerName }}" {
provisioner "remote-exec" {
inline = [
"echo 'Performing login...' >> /home/ubuntu/log.txt",
"docker -H ${trimspace(file("/app/{{ appName }}-{{ dockerHostNodeName }}-ip.txt"))}:8376 --tls=true --tlscert=/home/ubuntu/.docker/client/keys/cert.pem --tlscacert=/home/ubuntu/.docker/client/keys/ca.pem --tlskey=/home/ubuntu/.docker/client/keys/key.pem login {{ dockerPrivateRegistryIp }}:{{ dockerPrivateRegistryPort }} -u {{ dockerPrivateRegistryUser }} -p {{ dockerPrivateRegistryPassword }}",
"echo '...login done' >> /home/ubuntu/log.txt",
"echo 'Pulling image...' >> /home/ubuntu/log.txt",
"docker -H ${trimspace(file("/app/{{ appName }}-{{ dockerHostNodeName }}-ip.txt"))}:8376 --tls=true --tlscert=/home/ubuntu/.docker/client/keys/cert.pem --tlscacert=/home/ubuntu/.docker/client/keys/ca.pem --tlskey=/home/ubuntu/.docker/client/keys/key.pem pull {{ dockerPrivateRegistryIp }}:{{ dockerPrivateRegistryPort }}/{{ imageName }}:{{ imageTag }}",
"echo '... pull done' >> /home/ubuntu/log.txt",
"echo 'Performing login...' >> $HOME/log.txt",
"docker -H ${trimspace(file("/app/{{ appName }}-{{ dockerHostNodeName }}-ip.txt"))}:8376 --tls=true --tlscert=/decide/.docker/client/keys/cert.pem --tlscacert=/decide/.docker/client/keys/ca.pem --tlskey=/decide/.docker/client/keys/key.pem login {{ dockerPrivateRegistryIp }}:{{ dockerPrivateRegistryPort }} -u {{ dockerPrivateRegistryUser }} -p {{ dockerPrivateRegistryPassword }}",
"echo '...login done' >> $HOME/log.txt",
"echo 'Pulling image...' >> $HOME/log.txt",
"docker -H ${trimspace(file("/app/{{ appName }}-{{ dockerHostNodeName }}-ip.txt"))}:8376 --tls=true --tlscert=/decide/.docker/client/keys/cert.pem --tlscacert=/decide/.docker/client/keys/ca.pem --tlskey=/decide/.docker/client/keys/key.pem pull {{ dockerPrivateRegistryIp }}:{{ dockerPrivateRegistryPort }}/{{ imageName }}:{{ imageTag }}",
"echo '... pull done' >> $HOME/log.txt",
]
connection {
host = "${trimspace(file("/app/{{ appName }}-{{ dockerHostNodeName }}-ip.txt"))}"
type = "ssh"
user = "ubuntu"
user = "{{ vmUser }}"
private_key = "${file("/home/ubuntu/terraform/keypairs/{{ appName }}/private-key-openssh")}"
}
}
......
......@@ -9,17 +9,12 @@
resource "null_resource" "{{ imageName|replace("/", "-") }}-{{ containerName }}" {
provisioner "remote-exec" {
inline = [
"echo 'Performing login...' >> /home/ubuntu/log.txt",
"docker -H ${data.terraform_remote_state.{{ appName }}.{{ dockerHostNodeName }}.external_ip_address}:8376 --tls=true --tlscert=/home/ubuntu/.docker/client/keys/cert.pem --tlscacert=/home/ubuntu/.docker/client/keys/ca.pem --tlskey=/home/ubuntu/.docker/client/keys/key.pem login {{ dockerPrivateRegistryIp }}:{{ dockerPrivateRegistryPort }} -u {{ dockerPrivateRegistryUser }} -p {{ dockerPrivateRegistryPassword }}",
"echo '...login done' >> /home/ubuntu/log.txt",
"echo 'Pulling image...' >> /home/ubuntu/log.txt",
"docker -H ${data.terraform_remote_state.{{ appName }}.{{ dockerHostNodeName }}.external_ip_address}:8376 --tls=true --tlscert=/home/ubuntu/.docker/client/keys/cert.pem --tlscacert=/home/ubuntu/.docker/client/keys/ca.pem --tlskey=/home/ubuntu/.docker/client/keys/key.pem pull {{ dockerPrivateRegistryIp }}:{{ dockerPrivateRegistryPort }}/{{ imageName }}:{{ imageTag }}",
"echo '... pull done' >> /home/ubuntu/log.txt",
"/tmp/scripts//registry-login-and-pull.sh ${trimspace(file("/app/{{ appName }}-{{ dockerHostNodeName }}-ip.txt"))}:8376 {{ dockerPrivateRegistryUser }} {{ dockerPrivateRegistryPassword }} {{ dockerPrivateRegistryIp }} {{ dockerPrivateRegistryPort }} {{ imageName }} {{ imageTag }}",
]
connection {
host = "${data.terraform_remote_state.{{ appName }}.{{ dockerHostNodeName }}.external_ip_address}"
type = "ssh"
user = "ubuntu"
user = "{{ vmUser }}"
private_key = "${file("/home/ubuntu/terraform/keypairs/{{ appName }}/private-key-openssh")}"
}
}
......
terraform {
backend "consul" {
address = "54.221.168.175:8500"
address = "{{ consulJoinIp }}:8500"
path = "{{ appName }}/services/terraform_state"
datacenter = "dc1-aws"
}
......@@ -19,7 +19,7 @@ provider "docker" {
data "terraform_remote_state" "{{ appName }}" {
backend = "consul"
config {
address = "54.221.168.175:8500"
address = "{{ consulJoinIp }}:8500"
path = "{{ appName }}/infrastructure/terraform_state"
datacenter = "dc1-aws"
}
......@@ -28,7 +28,7 @@ data "terraform_remote_state" "{{ appName }}" {
provider "consul" {
version = "~> 1.0.0"
address = "54.221.168.175:8500"
address = "{{ consulJoinIp }}:8500"
datacenter = "dc1-aws"
}
terraform {
backend "consul" {
address = "54.221.168.175:8500"
address = "{{ consulJoinIp }}:8500"
path = "{{ appName }}/infrastructure/terraform_state"
datacenter = "dc1-aws"
}
......@@ -17,6 +17,7 @@ module "{{ appName }}-{{ dockerHostNodeName }}" {
vm_software_id = "{{ vmSoftwareId }}",
vm_resource_id = "{{ vmResourceId }}",
vm_region_id = "{{ vmRegionId }}",
vm_user = "{{ vmUser }}",
instance_type_id = "{{ instanceTypeId }}",
key_pair_id = "{{ keyPairId }}",
app_name = "{{ appName }}",
......
{
"name": "My-Example-App",
"cloudbrokerEndpoint": "https://decide-prototype.cloudbroker.com",
"cloudbrokerUsername": "TO_BE_FILLED",
"cloudbrokerPassword": "TO_BE_FILLED",
"virtualMachines": [
{
"vmSoftwareId": "21b7ebed-5076-43b6-8351-0e06cf16eedc",
"vmResourceId": "18d07329-07f6-4d59-b1c1-676f64d1663f",
"vmRegionId": "4265ddb9-e862-4814-82a4-d6b92f25e8e5",
"instanceTypeId": "e3ca8e4c-0f91-4e83-9bd9-4cef88d054a8",
"keyPairId": "TO_BE_FILLED",
"openedPort": "22,80,8000-9000,9411",
"consulJoinIp": "127.0.0.1",
"dockerPrivateRegistryIp": "54.172.38.173",
"dockerPrivateRegistryPort": "8200",
"dockerHostNodeName": "node-adapt"
}
],
"containers":[
{
"containerName":"adapt",
"imageName":"adapt",
"imageTag":"v0.1",
"dockerPrivateRegistryIp": "54.172.38.173",
"dockerPrivateRegistryPort": "8200",
"dockerPrivateRegistryUser": "decide-user",
"dockerPrivateRegistryPassword": "TO_BE_FILLED",
"hostname": "adapt",
"restart": "always",
"dockerHostNodeName": "node-adapt",
"consulKvProviderNodeName": "node-adapt",
"addConsulService": 1,
"consulServicePort": 80,
"addConsulTraefikRules": 0,
"portMapping": [
{
"hostPort": "8472",
"containerPort": "80"
}
]
}
]
}
{
"cloudbroker_username": "paolo.barone@hpe.com",
"cloudbroker_password": "xxxxxxxx"
}
{
"cloudbroker_endpoint":"https://decide-prototype.cloudbroker.com",
"cloudbroker_username":"[TO BE_FILLED_CB_USER]",
"cloudbroker_password":"[TO BE_FILLED_CB_PWD]",
"repository_user":"[TO BE_FILLED_GIT_USER]",
"repository_pwd":"[TO BE_FILLED_GIT_PWD]",
"repository_url": "[TO_BE_FILLED_GIT_REPO]",
"revision": "[TO_BE_FILLED_REV_NO]",
"filepath": "demo/app-descriptor.json"
}
{
"cloudbroker_endpoint":"https://decide-prototype.cloudbroker.com",
"cloudbroker_username":"[TO BE_FILLED_CB_USER]",
"cloudbroker_password":"[TO BE_FILLED_CB_PWD]",
"repository_user":"[TO BE_FILLED_GIT_USER]",
"repository_pwd":"[TO BE_FILLED_GIT_PWD]",
"repository_url": "[TO_BE_FILLED_GIT_REPO]",
"revision": "[TO_BE_FILLED_REV_NO]",
"filepath": "demo/app-descriptor.json"
}
# Copyright 2015 Container Solutions
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
default: build plan
deps:
go install github.com/hashicorp/terraform
build:
go build -o terraform-provider-awesome .
test:
go test -v .
plan:
@terraform plan
provider "cloudbroker" {
username = "me@mycompany.com"
password = "*********"
endpoint = "https://decide-prototype.cloudbroker.com"
timeout = 60
max_retries = 5
}
resource "cloudbroker_instance" "sample-server" {
name = "speedracer"
cpus = 4
ram = 16384
}
......@@ -13,20 +13,23 @@ openssl req -subj "/C=IT/ST=Italy/L=Italy/O=decide/OU=IT Department/CN=$1" -sha2
echo subjectAltName = DNS:decide.org,IP:$1,IP:127.0.0.1 > extfile.cnf
openssl x509 -req -days 365 -sha256 -passin pass:1234 -in server.csr -CA ca.pem -CAkey ca-key.pem \
-CAcreateserial -out server-cert.pem -extfile extfile.cnf
-CAcreateserial -out server-cert.pem -extfile extfile.cnf
rm -v server.csr server.pass.key
rm -v server.csr server.pass.key
sudo chmod -R 777 ~/.docker
rm -r ~/.docker
sudo chmod -R 777 /decide/.docker
sudo rm -r /decide/.docker
mkdir -pv ~/.docker/server/keys
mkdir -pv ~/.docker/client/keys
sudo mkdir -pv /decide/.docker/server/keys
sudo mkdir -pv /decide/.docker/client/keys
cp -v {ca,server-cert,server-key}.pem ~/.docker/server/keys
sudo cp -v {ca,server-cert,server-key}.pem /decide/.docker/server/keys
sudo chmod -v 0400 ~/.docker/server/keys/*-key.pem
sudo chmod -v 0444 ~/.docker/server/keys/{ca,server-cert}.pem
sudo mkdir -pv /tmp/scripts/tempkeys
sudo cp -v {ca,server-cert,server-key}.pem /tmp/scripts/tempkeys
sudo chmod -v 0400 /decide/.docker/server/keys/*-key.pem
sudo chmod -v 0444 /decide/.docker/server/keys/{ca,server-cert}.pem
openssl genrsa -out key.pem 4096
openssl req -subj '/CN=client' -new -key key.pem -out client.csr
......@@ -37,8 +40,12 @@ openssl x509 -req -days 365 -sha256 -passin pass:1234 -in client.csr -CA ca.pem
rm -v client.csr ca.srl
#Configure docker secure by default on port 8376
cp -v {ca,cert,key}.pem ~/.docker/client/keys
sudo chmod -v 0400 ~/.docker/client/keys/key.pem
sudo chmod -v 0444 ~/.docker/client/keys/cert.pem
sudo cp -v {ca,cert,key}.pem /decide/.docker/client/keys
sudo cp -v {ca,cert,key}.pem /tmp/scripts/tempkeys
sudo chmod -v 0400 /decide/.docker/client/keys/key.pem
sudo chmod -v 0444 /decide/.docker/client/keys/cert.pem
rm -v *.pem
export DOCKER_HOST=tcp://localhost:8376 DOCKER_TLS_VERIFY=1
export DOCKER_HOST=tcp://$IP:8376 DOCKER_TLS_VERIFY=1
export DOCKER_CERT_PATH=/decide/.docker/client/keys
echo "export DOCKER_HOST=tcp://$IP:8376 DOCKER_TLS_VERIFY=1" >> $HOME/.bashrc
echo "export DOCKER_CERT_PATH=/decide/.docker/client/keys" >> $HOME/.bashrc
......@@ -3,14 +3,15 @@ Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service
Wants=network-online.target
Requires=docker.socket
#Had to remove this for Arsys vms missing sime module!
#Requires=docker.socket
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd --tlsverify --tlscacert=/home/ubuntu/.docker/server/keys/ca.pem --tlscert=/home/ubuntu/.docker/server/keys/server-cert.pem --tlskey=/home/ubuntu/.docker/server/keys/server-key.pem -H=0.0.0.0:8376
ExecStart=/usr/bin/dockerd --tlsverify --tlscacert=/decide/.docker/server/keys/ca.pem --tlscert=/decide/.docker/server/keys/server-cert.pem --tlskey=/decide/.docker/server/keys/server-key.pem -H=0.0.0.0:8376
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576
# Having non-zero Limit*s causes performance problems due to accounting overhead
......
......@@ -21,9 +21,9 @@ RETRIES=0
RESULT=0
echo "About to curl for declaring that VM is up and running, and in a 'configuring' state"
curl -X POST $5/vm/vmlist/$2/configuring
curl --max-time 4 -X POST $5/vm/vmlist/$2/configuring
echo "About to curl for step 1: cleanup"
curl -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'", "status": "configuring", "step": 1, "steps": 9, "desc": "clean before update"}' $5/vm/$2/status || RESULT=$?
curl --max-time 4 -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'", "status": "configuring", "step": 1, "steps": 9, "desc": "clean before update"}' $5/vm/$2/status || RESULT=$?
if [ $RESULT -ne 0 ] ; then
......@@ -49,7 +49,7 @@ if [ $RETRIES -eq $MAX_RETRIES ]; then
fi
echo "About to curl for step 2: update"
curl -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 2, "steps": 9, "desc": "update packages"}' $5/vm/$2/status || RESULT=$?
curl --max-time 4 -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 2, "steps": 9, "desc": "update packages"}' $5/vm/$2/status || RESULT=$?
if [ $RESULT -ne 0 ] ; then
echo "Could not log step status"
......@@ -100,10 +100,12 @@ fi
chmod +x /tmp/scripts/install-docker-and-compose.sh
chmod +x /tmp/scripts/configure-sec.sh
chmod +x /tmp/scripts/install-and-run-consul.sh
chmod +x /tmp/scripts/registry-login-and-pull.sh
echo "Configuring security..." >> /tmp/scripts/install.log
echo "About to curl for step 3: security"
curl -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 3, "steps": 9, "desc": "configuring security"}' $5/vm/$2/status || RESULT=$?
curl --max-time 4 -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 3, "steps": 9, "desc": "configuring security"}' $5/vm/$2/status || RESULT=$?
if [ $RESULT -ne 0 ] ; then
echo "Could not log step status"
......@@ -119,7 +121,7 @@ fi
echo "installing docker and docker-compose..." >> /tmp/scripts/install.log
echo "About to curl for step 4: install docker and docker compose"
curl -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 4, "steps": 9, "desc": "installing docker and docker compose"}' $5/vm/$2/status || RESULT=$?
curl --max-time 4 -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 4, "steps": 9, "desc": "installing docker and docker compose"}' $5/vm/$2/status || RESULT=$?
if [ $RESULT -ne 0 ] ; then
echo "Could not log step status"
......@@ -133,7 +135,7 @@ else
fi
echo "About to curl for step 5: configure docker as service"
curl -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 5, "steps": 9, "desc": "configuring docker as service"}' $5/vm/$2/status || RESULT=$?
curl --max-time 4 -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 5, "steps": 9, "desc": "configuring docker as service"}' $5/vm/$2/status || RESULT=$?
if [ $RESULT -ne 0 ] ; then
echo "Could not log step status"
......@@ -153,7 +155,7 @@ fi
echo "Installing and running consul..." >> /tmp/scripts/install.log
echo "About to curl for step 6: install consul"
curl -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 6, "steps": 9, "desc": "intalling consul"}' $5/vm/$2/status || RESULT=$?
curl --max-time 4 -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 6, "steps": 9, "desc": "installing consul"}' $5/vm/$2/status || RESULT=$?
if [ $RESULT -ne 0 ] ; then
echo "Could not log step status"
......@@ -167,7 +169,7 @@ else
fi
echo "About to curl for step 7: joining cluster"
curl -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 7, "steps": 9, "desc": "joining consul wan cluster"}' $5/vm/$2/status || RESULT=$?
curl --max-time 4 -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 7, "steps": 9, "desc": "joining consul wan cluster"}' $5/vm/$2/status || RESULT=$?
if [ $RESULT -ne 0 ] ; then
echo "Could not log step status"
......@@ -184,7 +186,7 @@ fi
if [ $# -ge 7 ]
then
echo "About to curl for step 8: configuring access to private registry"
curl -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 8, "steps": 9, "desc": "configuring access to private registry"}' $5/vm/$2/status || RESULT=$?
curl --max-time 4 -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "configuring", "step": 8, "steps": 9, "desc": "configuring access to private registry"}' $5/vm/$2/status || RESULT=$?
if [ $RESULT -ne 0 ] ; then
echo "Could not log step status"
......@@ -199,10 +201,14 @@ if [ $# -ge 7 ]
fi
echo "About to curl for step 9: ready"
curl -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "ready", "step": 9, "steps": 9, "desc": "ready for microservices installation"}' $5/vm/$2/status || RESULT=$?
curl --max-time 4 -X POST -H 'Content-Type: application/json;charset=UTF-8' -d '{"vmName": "'$1'", "vmPublicIp": "'$2'","status": "ready", "step": 9, "steps": 9, "desc": "ready for microservices installation"}' $5/vm/$2/status || RESULT=$?
if [ $RESULT -ne 0 ] ; then
echo "Could not log step status"
fi
echo "About to curl for declaring that VM is up and running, and in a 'ready' state"
curl -X POST $5/vm/vmlist/$2/ready
curl --max-time 4 -X POST $5/vm/vmlist/$2/ready
echo "init-vm.sh done"
......@@ -3,8 +3,8 @@
sudo apt-get install -y unzip
sudo mkdir -p /usr/local/bin
sudo unzip -o /tmp/scripts/consul.zip -d /usr/local/bin
mkdir -p /home/ubuntu/consul/config
cat > /home/ubuntu/consul/config/config.json << EOF
mkdir -p $HOME/consul/config
cat > $HOME/consul/config/config.json << EOF
{
"datacenter": "$1",
"encrypt": "s2aLWrsvz+h0w6HM/NkXRA==",
......@@ -14,6 +14,6 @@ cat > /home/ubuntu/consul/config/config.json << EOF
}
EOF
nohup /usr/local/bin/consul agent -bootstrap-expect=1 -server -data-dir=/home/ubuntu/consul/data -config-file=/home/ubuntu/consul/config/config.json -advertise-wan=$2 -bind=$3 -ui -client=$3 > /home/ubuntu/consul/nohup.out &
nohup /usr/local/bin/consul agent -bootstrap-expect=1 -server -data-dir=$HOME/consul/data -config-file=$HOME/consul/config/config.json -advertise-wan=$2 -bind=$3 -ui -client=$3 > $HOME/consul/nohup.out &
sleep 2
......@@ -34,8 +34,8 @@ while fuser /var/lib/dpkg/lock >/dev/null 2>&1 ; do
sleep 0.5
done
sudo mkdir -p /home/ubuntu/.docker/server/keys/
sudo mkdir -p /home/ubuntu/.docker/client/keys/
sudo mkdir -p /decide/.docker/server/keys/
sudo mkdir -p /decide/.docker/client/keys/
sudo apt-get install docker-ce -y
......
#S1: public ip of the docker engine
#S2: registry user
#S3: registry pwd
#S4: registry registry ip
#S5: registry port
#S6: image name
#S7: image tag
export DOCKER_HOST=tcp://$1 DOCKER_TLS_VERIFY=1
export DOCKER_CERT_PATH=/decide/.docker/client/keys
docker login -u $2 -p $3 $4:$5
docker pull $4:$5/$6:$7
\ No newline at end of file
#!/bin/bash
# What you need:
#- jq tool
#- ip address and port of the ADAPT DO node
#- application name
#- filepath of the private ssh key to set in the nodes to allow ssh passworldless
#- the json body to POST to enpoints (as for the ADAPT DO REST API)
#- APPLY: define if really apply the terraform actions or just plan them
. ./params.txt
./deploy-infrastructure.sh
./deploy-microservices.sh
#!/bin/bash
# What you need:
#- jq tool
#- ip address and port of the ADAPT DO node
#- application name
#- filepath of the private ssh key to set in the nodes to allow ssh passworldless
#- the json body to POST to enpoints (as for the ADAPT DO REST API)
#- APPLY: define if really apply the terraform actions or just plan them
. ./params.txt
./upload-cert.sh
##############
echo "Preparing configuration environment for Terraform..."
echo "curl -s -X POST -H 'Content-Type: application/json' --data @$PREPARATION_JSON http://$ADAPT_IP:$ADAPT_PORT/terraform/all | $JQ_HOME/jq -r '.result'"
RESULT=`curl -s -X POST -H 'Content-Type: application/json' --data @$PREPARATION_JSON http://$ADAPT_IP:$ADAPT_PORT/terraform/all | $JQ_HOME/jq -r '.result'`
if [ "$RESULT" != "success" ]; then
echo "Error in POST operation. Exiting"
exit 1
fi
./upload-sshkey.sh
#############
echo "Initializing infrastructure"
RESULT_URL=`curl -s -H "Content-Type: application/json" -X POST --data @$PREPARATION_JSON http://$ADAPT_IP:$ADAPT_PORT/terraform/init/$APPLICATION_NAME/infrastructure | $JQ_HOME/jq -r '.get_result_url'`
if [ -z "$RESULT_URL" ]; then
echo "Error in POST operation. Exiting"
exit 1
fi
RESULT=`curl -s $RESULT_URL | $JQ_HOME/jq -r '.result'`
while [ "$RESULT" == "running" ]; do
sleep 2
echo "Checking result..."
RESULT=`curl -s $RESULT_URL | $JQ_HOME/jq -r '.result'`
echo "Result: $RESULT"
done
if [ "$RESULT" != "success" ]; then
echo "Error in POST operation. Exiting"
exit 1
fi
##############
echo "Creating infrastructure deployment plan"
RESULT_URL=`curl -s -H "Content-Type: application/json" -X POST --data @$PREPARATION_JSON http://$ADAPT_IP:$ADAPT_PORT/terraform/plan/$APPLICATION_NAME/infrastructure | $JQ_HOME/jq -r '.get_result_url'`
if [ -z "$RESULT_URL" ]; then
echo "Error in POST operation. Exiting"
exit 1
fi
RESULT=`curl -s $RESULT_URL | $JQ_HOME/jq -r '.result'`
while [ "$RESULT" == "running" ]; do
sleep 2
echo "Checking result..."
RESULT=`curl -s $RESULT_URL | $JQ_HOME/jq -r '.result'`
echo "Result: $RESULT"
done
if [ "$RESULT" != "success" ]; then
echo "Error in POST operation. Exiting"
exit 1
fi
##############
if $APPLY ; then
echo "Applying infrastructure deployment plan"
RESULT_URL=`curl -s -H "Content-Type: application/json" -X POST --data @$PREPARATION_JSON http://$ADAPT_IP:$ADAPT_PORT/terraform/apply/$APPLICATION_NAME/infrastructure | $JQ_HOME/jq -r '.get_result_url'`
if [ -z "$RESULT_URL" ]; then
echo "Error in POST operation. Exiting"
exit 1
fi
RESULT=`curl -s $RESULT_URL | $JQ_HOME/jq -r '.result'`
while [ "$RESULT" == "running" ]; do
sleep 2
echo "Checking result..."
RESULT=`curl -s $RESULT_URL | $JQ_HOME/jq -r '.result'`
echo "Result: $RESULT"
done
if [ "$RESULT" != "success" ]; then
echo "Error in POST operation. Exiting"
exit 1
fi
fi
echo "Infrastructure successfully deployed for app $APPLICATION_NAME!"
#!/bin/bash
# What you need:
#- jq tool
#- ip address and port of the ADAPT DO node
#- application name
#- filepath of the private ssh key to set in the nodes to allow ssh passworldless
#- the json body to POST to enpoints (as for the ADAPT DO REST API)
#- APPLY: define if really apply the terraform actions or just plan them
. ./params.txt
#############
echo "Initializing services"
RESULT_URL=`curl -s -H "Content-Type: application/json" -X POST --data @$PREPARATION_JSON http://$ADAPT_IP:$ADAPT_PORT/terraform/init/$APPLICATION_NAME/services | $JQ_HOME/jq -r '.get_result_url'`
if [ -z "$RESULT_URL" ]; then
echo "Error in POST operation. Exiting"
exit 1
fi
RESULT=`curl -s $RESULT_URL | $JQ_HOME/jq -r '.result'`
while [ "$RESULT" == "running" ]; do
sleep 2
echo "Checking result..."
RESULT=`curl -s $RESULT_URL | $JQ_HOME/jq -r '.result'`
echo "Result: $RESULT"
done
if [ "$RESULT" != "success" ]; then
echo "Error in POST operation. Exiting"
exit 1
fi
##############
echo "Creating services deployment plan"
RESULT_URL=`curl -s -H "Content-Type: application/json" -X POST --data @$PREPARATION_JSON http://$ADAPT_IP:$ADAPT_PORT/terraform/plan/$APPLICATION_NAME/services | $JQ_HOME/jq -r '.get_result_url'`
if [ -z "$RESULT_URL" ]; then
echo "Error in POST operation. Exiting"
exit 1
fi
RESULT=`curl -s $RESULT_URL | $JQ_HOME/jq -r '.result'`
while [ "$RESULT" == "running" ]; do
sleep 2
echo "Checking result..."
RESULT=`curl -s $RESULT_URL | $JQ_HOME/jq -r '.result'`
echo "Result: $RESULT"
done
if [ "$RESULT" != "success" ]; then
echo "Error in POST operation. Exiting"
exit 1
fi
##############