From 325d5c22d5c3575b0f06937defab70b2a779e52d Mon Sep 17 00:00:00 2001 From: SES Date: Fri, 21 Oct 2016 13:16:38 -0500 Subject: [PATCH 01/12] added OSX check for sed, RHN_SUB_POOL and username vars. --- prepare-bastion.sh | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/prepare-bastion.sh b/prepare-bastion.sh index 3d39ee1..1c02a97 100755 --- a/prepare-bastion.sh +++ b/prepare-bastion.sh @@ -3,24 +3,33 @@ set -e # set the ssh key cp $SSH_PUB_KEY ./my_id.pub -a=`whoami` -sed -i "s/^/$a:/" ./my_id.pub +username=`whoami` +platform='unknown' +unamestr=`uname` +if [[ "$unamestr" == 'Linux' ]]; then + echo "Creating a Linux Key" + sed -i "s/^/$username:/" ./my_id.pub +elif [[ "$unamestr" == 'Darwin' ]]; then + echo "Creating a Darwin Key" + sed -i '' "s/^/$username:/" ./my_id.pub +fi + gcloud compute project-info add-metadata --metadata-from-file sshKeys=./my_id.pub #install subcription manager and clean ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo yum install -y subscription-manager && sudo subscription-manager clean' #subscribe -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD' # configure subscriptions -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo subscription-manager attach --pool=8a85f9843e3d687a013e3ddd471a083e && sudo subscription-manager refresh && sudo subscription-manager repos --disable="*" && sudo subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-optional-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-3.3-rpms"' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo subscription-manager attach --pool=$RHN_SUB_POOL && sudo subscription-manager refresh && sudo subscription-manager repos --disable="*" && sudo subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-optional-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-3.3-rpms"' #update install packages ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo yum update -y && sudo yum install -y git ansible atomic-openshift-utils' # generate and add keys ssh `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'ssh-keygen -t rsa -f .ssh/id_rsa -N ""' # set the key in gcloud metadata -ssh `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'cat /home/rspazzol/.ssh/id_rsa.pub' > ./id_rsa.pub -sed -i "s/^/$a:/" ./id_rsa.pub +ssh `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'cat /home/$username/.ssh/id_rsa.pub' > ./id_rsa.pub +sed "s/^/$username:/" ./id_rsa.pub cat id_rsa.pub >> my_id.pub gcloud compute project-info add-metadata --metadata-from-file sshKeys=./my_id.pub From b6c6251afada81dcec032665818272010ee73023 Mon Sep 17 00:00:00 2001 From: SES Date: Fri, 21 Oct 2016 15:13:36 -0500 Subject: [PATCH 02/12] add firewall rule for ssh --- provision-gcp.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/provision-gcp.sh b/provision-gcp.sh index 5ad83ea..bfe1fac 100755 --- a/provision-gcp.sh +++ b/provision-gcp.sh @@ -75,6 +75,7 @@ gcloud beta compute forwarding-rules create master-internal --load-balancing-sch wait #create firewall rules +gcloud compute firewall-rules create "oc-ssh" --allow tcp:22 --network "default" --source-ranges "0.0.0.0/0" gcloud compute firewall-rules create "oc-master" --allow tcp:8443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "master" gcloud compute firewall-rules create "oc-infranode" --allow tcp:80,tcp:443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "infranode" From 5841a96609736073ac6f98720eeea6eab0b65de9 Mon Sep 17 00:00:00 2001 From: SES Date: Fri, 21 Oct 2016 15:16:11 -0500 Subject: [PATCH 03/12] added parameters RHN_USERNAME RHN_PASSWORD DNS_DOMAIN RHN_SUB_POOL BASTION_USERNAME to ssh usage and to sshd_config to extend script usability. Also updated sed commands to support Linux and OSX (Darwin) --- prepare-bastion.sh | 36 +++++++++++++++++++++++++----------- prepare-cluster.sh | 2 +- 2 files changed, 26 insertions(+), 12 deletions(-) diff --git a/prepare-bastion.sh b/prepare-bastion.sh index 1c02a97..5bc5d47 100755 --- a/prepare-bastion.sh +++ b/prepare-bastion.sh @@ -3,41 +3,55 @@ set -e # set the ssh key cp $SSH_PUB_KEY ./my_id.pub -username=`whoami` +export BASTION_USERNAME=`whoami` platform='unknown' unamestr=`uname` if [[ "$unamestr" == 'Linux' ]]; then echo "Creating a Linux Key" - sed -i "s/^/$username:/" ./my_id.pub + sed -i "s/^/$BASTION_USERNAME:/" ./my_id.pub elif [[ "$unamestr" == 'Darwin' ]]; then echo "Creating a Darwin Key" - sed -i '' "s/^/$username:/" ./my_id.pub + sed -i '' "s/^/$BASTION_USERNAME:/" ./my_id.pub fi gcloud compute project-info add-metadata --metadata-from-file sshKeys=./my_id.pub +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'echo AcceptEnv RHN_USERNAME RHN_PASSWORD DNS_DOMAIN RHN_SUB_POOL BASTION_USERNAME | sudo tee -a /etc/ssh/sshd_config > /dev/null' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo systemctl restart sshd +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'echo "$RHN_USERNAME $RHN_PASSWORD $DNS_DOMAIN $RHN_SUB_POOL $BASTION_USERNAME"' #install subcription manager and clean ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo yum install -y subscription-manager && sudo subscription-manager clean' #subscribe -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD 'sudo subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD' # configure subscriptions -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo subscription-manager attach --pool=$RHN_SUB_POOL && sudo subscription-manager refresh && sudo subscription-manager repos --disable="*" && sudo subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-optional-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-3.3-rpms"' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_SUB_POOL 'sudo subscription-manager attach --pool=$RHN_SUB_POOL && sudo subscription-manager refresh && sudo subscription-manager repos --disable="*" && sudo subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-optional-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-3.3-rpms"' #update install packages ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo yum update -y && sudo yum install -y git ansible atomic-openshift-utils' # generate and add keys ssh `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'ssh-keygen -t rsa -f .ssh/id_rsa -N ""' # set the key in gcloud metadata -ssh `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'cat /home/$username/.ssh/id_rsa.pub' > ./id_rsa.pub -sed "s/^/$username:/" ./id_rsa.pub +ssh `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=BASTION_USERNAME 'cat /home/$BASTION_USERNAME/.ssh/id_rsa.pub' > ./id_rsa.pub + + +if [[ "$unamestr" == 'Linux' ]]; then + echo "Creating a Linux Key" + sed -i "s/^/$BASTION_USERNAME:/" ./id_rsa.pub +elif [[ "$unamestr" == 'Darwin' ]]; then + echo "Creating a Darwin Key" + sed -i '' "s/^/$BASTION_USERNAME:/" ./id_rsa.pub +fi + cat id_rsa.pub >> my_id.pub gcloud compute project-info add-metadata --metadata-from-file sshKeys=./my_id.pub # prepare bastion to receive variables -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'echo AcceptEnv RHN_USERNAME RHN_PASSWORD DNS_DOMAIN | sudo tee -a /etc/ssh/sshd_config > /dev/null' -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo systemctl restart sshd +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'echo AcceptEnv RHN_USERNAME RHN_PASSWORD DNS_DOMAIN | sudo tee -a /etc/ssh/sshd_config > /dev/null' +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo systemctl restart sshd # disable host check on ssh connections -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'echo StrictHostKeyChecking no | sudo tee -a /etc/ssh/ssh_config > /dev/null' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'echo StrictHostKeyChecking no | sudo tee -a /etc/ssh/ssh_config > /dev/null' # download git -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` git clone https://github.com/raffaelespazzoli/openshift-enablement-exam \ No newline at end of file +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` git clone https://github.com/raffaelespazzoli/openshift-enablement-exam + +unset BASTION_USERNAME \ No newline at end of file diff --git a/prepare-cluster.sh b/prepare-cluster.sh index dcbfd1f..60b2ed5 100755 --- a/prepare-cluster.sh +++ b/prepare-cluster.sh @@ -2,6 +2,6 @@ set -e # Prepare Cluster -ansible nodes -b -i hosts -m shell -a "yum install -y subscription-manager && subscription-manager clean && subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD && subscription-manager attach --pool=8a85f9843e3d687a013e3ddd471a083e && subscription-manager refresh && subscription-manager repos --disable='*' && subscription-manager repos --enable=rhel-7-server-rpms --enable=rhel-7-server-optional-rpms --enable=rhel-7-server-extras-rpms --enable=rhel-7-server-ose-3.3-rpms && yum update -y && yum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion" +ansible nodes -b -i hosts -m shell -a "yum install -y subscription-manager && subscription-manager clean && subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD && subscription-manager attach --pool=$RHN_SUB_POOL && subscription-manager refresh && subscription-manager repos --disable='*' && subscription-manager repos --enable=rhel-7-server-rpms --enable=rhel-7-server-optional-rpms --enable=rhel-7-server-extras-rpms --enable=rhel-7-server-ose-3.3-rpms && yum update -y && yum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion" ansible 'nodes:!masters' -i hosts -b -m copy -a "src=docker-storage-setup dest=/etc/sysconfig/docker-storage-setup" ansible 'nodes:!masters' -i hosts -b -m shell -a "yum install -y docker && docker-storage-setup" \ No newline at end of file From e3e64e461fda572e4b8e0518c8907ef295aca9b1 Mon Sep 17 00:00:00 2001 From: SES Date: Sun, 23 Oct 2016 14:45:53 -0500 Subject: [PATCH 04/12] Added BASTION_USERNAME to the hosts file for sed script substitution --- hosts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts b/hosts index 1785418..c34e2e5 100644 --- a/hosts +++ b/hosts @@ -12,7 +12,7 @@ nfs # SSH user, this user should allow ssh based auth without requiring a # password. If using ssh key based auth, then the key should be managed by an # ssh agent. -ansible_ssh_user=rspazzol +ansible_ssh_user=BASTION_USERNAME # If ansible_ssh_user is not root, ansible_become must be set to true and the # user must be configured for passwordless sudo From 80564d8c1706d5913cf8aa190a96117a8e9542ad Mon Sep 17 00:00:00 2001 From: SES Date: Tue, 15 Nov 2016 09:02:51 -0500 Subject: [PATCH 05/12] update provisioning utilities --- prepare-bastion.sh | 11 ++++++++--- provision-gcp.sh | 31 ++++++++++++++++--------------- 2 files changed, 24 insertions(+), 18 deletions(-) diff --git a/prepare-bastion.sh b/prepare-bastion.sh index 5bc5d47..d882c20 100755 --- a/prepare-bastion.sh +++ b/prepare-bastion.sh @@ -46,12 +46,17 @@ cat id_rsa.pub >> my_id.pub gcloud compute project-info add-metadata --metadata-from-file sshKeys=./my_id.pub # prepare bastion to receive variables -#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'echo AcceptEnv RHN_USERNAME RHN_PASSWORD DNS_DOMAIN | sudo tee -a /etc/ssh/sshd_config > /dev/null' -#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo systemctl restart sshd # disable host check on ssh connections ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'echo StrictHostKeyChecking no | sudo tee -a /etc/ssh/ssh_config > /dev/null' # download git -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` git clone https://github.com/raffaelespazzoli/openshift-enablement-exam +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` git clone https://github.com/sully6768/openshift-enablement-exam + +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'sed -i "s/master.10.128.0.10.xip.io/master-internal.ocp.$DNS_DOMAIN/g" /home/$BASTION_USERNAME/openshift-enablement-exam/hosts' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'sed -i "s/master.104.197.199.131.xip.io/master.ocp.$DNS_DOMAIN/g" /home/$BASTION_USERNAME/openshift-enablement-exam/hosts' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'sed -i "s/apps.104.198.35.122.xip.io/apps.ocp.$DNS_DOMAIN/g" /home/$BASTION_USERNAME/openshift-enablement-exam/hosts' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'sed -i "s/BASTION_USERNAME/$BASTION_USERNAME/g" /home/$BASTION_USERNAME/openshift-enablement-exam/hosts' + + unset BASTION_USERNAME \ No newline at end of file diff --git a/provision-gcp.sh b/provision-gcp.sh index bfe1fac..045379c 100755 --- a/provision-gcp.sh +++ b/provision-gcp.sh @@ -12,18 +12,18 @@ gcloud compute disks create "node3-docker" --size "200" --zone "us-central1-c" - wait #Masters -gcloud compute instances create "master1" --zone "us-central1-a" --machine-type "n1-standard-4" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "master1" --tags "master" & -gcloud compute instances create "master2" --zone "us-central1-b" --machine-type "n1-standard-4" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "master2" --tags "master" & -gcloud compute instances create "master3" --zone "us-central1-c" --machine-type "n1-standard-4" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "master3" --tags "master" & +gcloud compute instances create "master1" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "master1" --tags "master" & +gcloud compute instances create "master2" --zone "us-central1-b" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "master2" --tags "master" & +gcloud compute instances create "master3" --zone "us-central1-c" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "master3" --tags "master" & #infranodes -gcloud compute instances create "infranode1" --zone "us-central1-a" --machine-type "n1-highmem-4" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode1-docker,device-name=disk-1,mode=rw,boot=no" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode1" --tags "infranode" & -gcloud compute instances create "infranode2" --zone "us-central1-c" --machine-type "n1-highmem-4" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode2-docker,device-name=disk-1,mode=rw,boot=no" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode2" --tags "infranode" & +gcloud compute instances create "infranode1" --zone "us-central1-a" --machine-type "n1-highmem-2" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode1-docker,device-name=disk-1,mode=rw,boot=no" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode1" --tags "infranode" & +gcloud compute instances create "infranode2" --zone "us-central1-c" --machine-type "n1-highmem-2" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode2-docker,device-name=disk-1,mode=rw,boot=no" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode2" --tags "infranode" & #nodes -gcloud compute instances create "node1" --zone "us-central1-c" --machine-type "n1-highmem-4" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node1-docker,device-name=disk-1,mode=rw,boot=no" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node1" & -gcloud compute instances create "node2" --zone "us-central1-c" --machine-type "n1-highmem-4" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node2-docker,device-name=disk-1,mode=rw,boot=no" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node2" & -gcloud compute instances create "node3" --zone "us-central1-c" --machine-type "n1-highmem-4" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node3-docker,device-name=disk-1,mode=rw,boot=no" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node3" & +gcloud compute instances create "node1" --zone "us-central1-c" --machine-type "n1-highmem-2" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node1-docker,device-name=disk-1,mode=rw,boot=no" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node1" & +gcloud compute instances create "node2" --zone "us-central1-c" --machine-type "n1-highmem-2" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node2-docker,device-name=disk-1,mode=rw,boot=no" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node2" & +gcloud compute instances create "node3" --zone "us-central1-c" --machine-type "n1-highmem-2" --subnet "default" --maintenance-policy "MIGRATE" --scopes default="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node3-docker,device-name=disk-1,mode=rw,boot=no" --image "/rhel-cloud/rhel-7-v20160921" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node3" & wait # create static addresses @@ -62,9 +62,9 @@ wait #create back-end service gcloud beta compute backend-services create master-internal --load-balancing-scheme internal --region us-central1 --protocol tcp --port 8443 --health-checks master-health-check -gcloud beta compute backend-services add-backend master-internal --instance-group master1 --instance-group-zone us-central1-a --region us-central1 -gcloud beta compute backend-services add-backend master-internal --instance-group master2 --instance-group-zone us-central1-b --region us-central1 -gcloud beta compute backend-services add-backend master-internal --instance-group master3 --instance-group-zone us-central1-c --region us-central1 +gcloud beta compute backend-services add-backend master-internal --instance-group master1 --instance-group-zone us-central1-a --region us-central1 +gcloud beta compute backend-services add-backend master-internal --instance-group master2 --instance-group-zone us-central1-b --region us-central1 +gcloud beta compute backend-services add-backend master-internal --instance-group master3 --instance-group-zone us-central1-c --region us-central1 #create load balancers @@ -75,7 +75,6 @@ gcloud beta compute forwarding-rules create master-internal --load-balancing-sch wait #create firewall rules -gcloud compute firewall-rules create "oc-ssh" --allow tcp:22 --network "default" --source-ranges "0.0.0.0/0" gcloud compute firewall-rules create "oc-master" --allow tcp:8443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "master" gcloud compute firewall-rules create "oc-infranode" --allow tcp:80,tcp:443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "infranode" @@ -90,9 +89,11 @@ if [ `gcloud dns managed-zones list | grep $DNS_DOMAIN | wc -l` -ne 1 ]; then gcloud dns managed-zones create --dns-name="$DNS_DOMAIN" --description="A zone" "$GCLOUD_PROJECT" fi +# ns-cloud-e1.googledomains.com + # add records to dns zone gcloud dns record-sets transaction start -z="$GCLOUD_PROJECT" -gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="master.$DNS_DOMAIN" --type=A --ttl=300 `gcloud compute addresses list | grep master-external | awk '{print $3}'` -gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="*.apps.$DNS_DOMAIN" --type=A --ttl=300 `gcloud compute addresses list | grep infranode-external | awk '{print $3}'` -gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="master-internal.$DNS_DOMAIN" --type=A --ttl=300 `gcloud compute forwarding-rules list master-internal | awk 'NR>1 {print $3}'` +gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="master.ocp.$DNS_DOMAIN" --type=A --ttl=300 `gcloud compute addresses list | grep master-external | awk '{print $3}'` +gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="*.apps.ocp.$DNS_DOMAIN" --type=A --ttl=300 `gcloud compute addresses list | grep infranode-external | awk '{print $3}'` +gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="master-internal.ocp.$DNS_DOMAIN" --type=A --ttl=300 `gcloud compute forwarding-rules list master-internal | awk 'NR>1 {print $3}'` gcloud dns record-sets transaction execute -z="$GCLOUD_PROJECT" From 8be5fc7b60c45450c2661b93fd00e4c682b8db96 Mon Sep 17 00:00:00 2001 From: SES Date: Fri, 20 Jan 2017 12:04:16 -0600 Subject: [PATCH 06/12] added new SSH vars: RHN_SUB_POOL -o SendEnv=BASTION_USERNAME --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3edbd6d..26471f2 100644 --- a/README.md +++ b/README.md @@ -62,7 +62,7 @@ Run the prepare bastion script. Shell in the bastion host ``` -ssh -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` +ssh -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` cd openshift-enablement-exam ``` Run the prepare cluster script From 6a785499343952f6565cc08987def51be1f9192d Mon Sep 17 00:00:00 2001 From: Scott ES Date: Sun, 26 Nov 2017 18:05:15 -0600 Subject: [PATCH 07/12] updated with new google mirrors --- prepare-bastion.sh | 3 ++- prepare-cluster.sh | 9 +++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/prepare-bastion.sh b/prepare-bastion.sh index 9be1765..4af8851 100755 --- a/prepare-bastion.sh +++ b/prepare-bastion.sh @@ -10,6 +10,7 @@ export BASTION_USERNAME=$a gcloud compute project-info add-metadata --metadata-from-file sshKeys=./my_id.pub # prepare bastion to receive variables +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo yum -y --disablerepo=rhui* install google-rhui-client-rhel7' ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'echo AcceptEnv RHN_USERNAME RHN_PASSWORD DNS_DOMAIN BASTION_USERNAME RHN_SUB_POOL GLUSTER | sudo tee -a /etc/ssh/sshd_config > /dev/null' ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo systemctl restart sshd # disable host check on ssh connections @@ -34,7 +35,7 @@ gcloud compute project-info add-metadata --metadata-from-file sshKeys=./my_id.pu # download git -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` git clone https://github.com/raffaelespazzoli/openshift-enablement-exam +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` https://github.com/sully6768/openshift-enablement-exam # prepare hostfile ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'sed -i "s/master.10.128.0.10.xip.io/mi.$DNS_DOMAIN/g" /home/$BASTION_USERNAME/openshift-enablement-exam/hosts' diff --git a/prepare-cluster.sh b/prepare-cluster.sh index a912205..797aca7 100755 --- a/prepare-cluster.sh +++ b/prepare-cluster.sh @@ -1,13 +1,14 @@ #!/bin/bash set -e -# Prepare Cluster -ansible nodes -b -i hosts -m shell -a "yum install -y subscription-manager && subscription-manager clean" -ansible nodes -b -i hosts -m shell -a "subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD && subscription-manager attach --pool=$RHN_SUB_POOL && subscription-manager refresh" +# Prepare Cluster +ansible nodes -b -i hosts -m shell -a "yum -y --disablerepo=rhui* install google-rhui-client-rhel7" +ansible nodes -b -i hosts -m shell -a "yum install -y subscription-manager && subscription-manager clean" +ansible nodes -b -i hosts -m shell -a "subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD && subscription-manager attach --pool=$RHN_SUB_POOL && subscription-manager refresh" ansible nodes -b -i hosts -m shell -a "subscription-manager repos --disable='*' && subscription-manager repos --enable=rhel-7-server-rpms --enable=rhel-7-server-optional-rpms --enable=rhel-7-server-extras-rpms --enable=rhel-7-server-ose-3.6-rpms --enable=rhel-7-fast-datapath-rpms" ansible nodes -b -i hosts -m shell -a "yum update -y && yum install -y docker wget git net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct" ansible 'nodes:!masters' -i hosts -b -m copy -a "src=docker-storage-setup dest=/etc/sysconfig/docker-storage-setup" #this is non-idempotent ansible 'nodes:!masters' -i hosts -b -m shell -a "yum install -y docker && docker-storage-setup" ansible nodes -b -i hosts -m service -a "name=docker enabled=true state=started" -ansible nodes -b -i hosts -m shell -a "reboot" \ No newline at end of file +ansible nodes -b -i hosts -m shell -a "reboot" From d2623a443f5c2271fa641434b1cc1339f6ecc740 Mon Sep 17 00:00:00 2001 From: Scott ES Date: Sun, 26 Nov 2017 18:08:36 -0600 Subject: [PATCH 08/12] removed preemptable tag --- provision-gcp.sh | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/provision-gcp.sh b/provision-gcp.sh index c1c74e6..026653d 100755 --- a/provision-gcp.sh +++ b/provision-gcp.sh @@ -12,7 +12,7 @@ gcloud compute disks create "node2-docker" --size "50" --zone "us-central1-b" -- gcloud compute disks create "node3-docker" --size "50" --zone "us-central1-f" --type "pd-standard" & wait -if [ $GLUSTER == "yes" ]; then +if [ $GLUSTER == "yes" ]; then #create gluster disks gcloud compute disks create "node1-gluster" --size "200" --zone "us-central1-a" --type "pd-standard" & @@ -22,30 +22,30 @@ if [ $GLUSTER == "yes" ]; then fi #Masters -gcloud compute instances create "master1" --zone "us-central1-a" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master1" --tags "master" & -gcloud compute instances create "master2" --zone "us-central1-b" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master2" --tags "master" & -gcloud compute instances create "master3" --zone "us-central1-f" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master3" --tags "master" & +gcloud compute instances create "master1" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master1" --tags "master" & +gcloud compute instances create "master2" --zone "us-central1-b" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master2" --tags "master" & +gcloud compute instances create "master3" --zone "us-central1-f" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master3" --tags "master" & #infranodes -gcloud compute instances create "infranode1" --zone "us-central1-a" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode1-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode1" --tags "infranode" & -gcloud compute instances create "infranode2" --zone "us-central1-b" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode2-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode2" --tags "infranode" & -gcloud compute instances create "infranode3" --zone "us-central1-f" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode3-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode3" --tags "infranode" & +gcloud compute instances create "infranode1" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode1-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode1" --tags "infranode" & +gcloud compute instances create "infranode2" --zone "us-central1-b" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode2-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode2" --tags "infranode" & +gcloud compute instances create "infranode3" --zone "us-central1-f" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode3-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode3" --tags "infranode" & -if [ $GLUSTER == "yes" ]; then - +if [ $GLUSTER == "yes" ]; then + #nodes - gcloud compute instances create "node1" --zone "us-central1-a" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node1-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node1-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node1" & - gcloud compute instances create "node2" --zone "us-central1-b" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node2-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node2-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node2" & - gcloud compute instances create "node3" --zone "us-central1-f" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node3-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node3-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node3" & + gcloud compute instances create "node1" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node1-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node1-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node1" & + gcloud compute instances create "node2" --zone "us-central1-b" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node2-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node2-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node2" & + gcloud compute instances create "node3" --zone "us-central1-f" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node3-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node3-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node3" & wait - + else - + #nodes - gcloud compute instances create "node1" --zone "us-central1-a" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node1-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node1" & - gcloud compute instances create "node2" --zone "us-central1-b" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node2-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node2" & - gcloud compute instances create "node3" --zone "us-central1-f" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node3-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node3" & + gcloud compute instances create "node1" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node1-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node1" & + gcloud compute instances create "node2" --zone "us-central1-b" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node2-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node2" & + gcloud compute instances create "node3" --zone "us-central1-f" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node3-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node3" & wait fi @@ -87,9 +87,9 @@ wait #create back-end service gcloud beta compute backend-services create master-internal --load-balancing-scheme internal --region us-central1 --protocol tcp --port 8443 --health-checks master-health-check -gcloud beta compute backend-services add-backend master-internal --instance-group master1 --instance-group-zone us-central1-a --region us-central1 -gcloud beta compute backend-services add-backend master-internal --instance-group master2 --instance-group-zone us-central1-b --region us-central1 -gcloud beta compute backend-services add-backend master-internal --instance-group master3 --instance-group-zone us-central1-f --region us-central1 +gcloud beta compute backend-services add-backend master-internal --instance-group master1 --instance-group-zone us-central1-a --region us-central1 +gcloud beta compute backend-services add-backend master-internal --instance-group master2 --instance-group-zone us-central1-b --region us-central1 +gcloud beta compute backend-services add-backend master-internal --instance-group master3 --instance-group-zone us-central1-f --region us-central1 #create load balancers @@ -104,7 +104,7 @@ gcloud compute firewall-rules create "oc-master" --allow tcp:8443 --network "def gcloud compute firewall-rules create "oc-infranode" --allow tcp:80,tcp:443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "infranode" #ose-bastion -gcloud compute instances create "ose-bastion" --zone "us-central1-a" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/trace.append" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "ose-bastion" --address `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` +gcloud compute instances create "ose-bastion" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/trace.append" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "ose-bastion" --address `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` #create storage for registry gsutil mb -c Standard -l us-central1 -p $GCLOUD_PROJECT gs://$GCLOUD_PROJECT-registry From 14f160c9840104ca7e52dbcde3b8d4c7b2b90912 Mon Sep 17 00:00:00 2001 From: Scott ES Date: Sun, 26 Nov 2017 18:46:48 -0600 Subject: [PATCH 09/12] fixed missing git command --- prepare-bastion.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prepare-bastion.sh b/prepare-bastion.sh index 4af8851..52dd763 100755 --- a/prepare-bastion.sh +++ b/prepare-bastion.sh @@ -35,7 +35,7 @@ gcloud compute project-info add-metadata --metadata-from-file sshKeys=./my_id.pu # download git -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` https://github.com/sully6768/openshift-enablement-exam +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` git clone https://github.com/sully6768/openshift-enablement-exam # prepare hostfile ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'sed -i "s/master.10.128.0.10.xip.io/mi.$DNS_DOMAIN/g" /home/$BASTION_USERNAME/openshift-enablement-exam/hosts' From f5bff9b819789074ba6f60192ac14fe5244aa2d4 Mon Sep 17 00:00:00 2001 From: Scott ES Date: Mon, 27 Nov 2017 23:31:53 +0000 Subject: [PATCH 10/12] config updates --- hosts | 72 ++++++++++++++-------- post-cluster-creation/delete-pvs.sh | 15 +++++ post-cluster-creation/new-configure-pvs.sh | 15 +++++ post-cluster-creation/pv_template.yaml | 4 +- 4 files changed, 79 insertions(+), 27 deletions(-) create mode 100755 post-cluster-creation/delete-pvs.sh create mode 100755 post-cluster-creation/new-configure-pvs.sh diff --git a/hosts b/hosts index f5262fd..963c1e5 100644 --- a/hosts +++ b/hosts @@ -7,7 +7,7 @@ nodes etcd nfs #{% if {{ env[GLUSTER] }} equals 'yes' %} -glusterfs +#glusterfs #{% endif %} # Set variables common for all OSEv3 hosts @@ -15,7 +15,7 @@ glusterfs # SSH user, this user should allow ssh based auth without requiring a # password. If using ssh key based auth, then the key should be managed by an # ssh agent. -ansible_ssh_user=BASTION_USERNAME +ansible_ssh_user=scottes # If ansible_ssh_user is not root, ansible_become must be set to true and the # user must be configured for passwordless sudo @@ -80,11 +80,11 @@ osm_cockpit_plugins=['cockpit-kubernetes'] # or to one or all of the masters defined in the inventory if no load # balancer is present. openshift_master_cluster_method=native -openshift_master_cluster_hostname=master.10.128.0.10.xip.io -openshift_master_cluster_public_hostname=master.104.197.199.131.xip.io +openshift_master_cluster_hostname=mi.ocp.scottes.io +openshift_master_cluster_public_hostname=master.ocp.scottes.io # default subdomain to use for exposed routes -openshift_master_default_subdomain=apps.104.198.35.122.xip.io +openshift_master_default_subdomain=apps.ocp.scottes.io # OpenShift Router Options # @@ -110,31 +110,53 @@ openshift_hosted_manage_registry=true # See: https://docs.openshift.com/enterprise/latest/install_config/cluster_metrics.html # # By default metrics are not automatically deployed, set this to enable them -openshift_hosted_metrics_deploy=true +#openshift_hosted_metrics_deploy=true #openshift_hosted_metrics_deployer_version=3.3.0 -openshift_hosted_metrics_storage_kind=dynamic -openshift_hosted_metrics_storage_volume_size= 10Gi -openshift_metrics_hawkular_replicas=2 -openshift_metrics_cassandra_replicas=3 -openshift_metrics_hawkular_nodeselector='{"region":"infra"}' -openshift_metrics_cassandra_nodeselector='{"region":"infra"}' -openshift_metrics_heapster_nodeselector='{"region":"infra"}' -openshift_metrics_selector="region=infra" +#openshift_hosted_metrics_storage_kind=nfs +#openshift_hosted_metrics_storage_volume_size=10Gi +#openshift_metrics_hawkular_replicas=2 +#openshift_metrics_cassandra_replicas=3 +#openshift_metrics_hawkular_nodeselector='{"region":"infra"}' +#openshift_metrics_cassandra_nodeselector='{"region":"infra"}' +#openshift_metrics_heapster_nodeselector='{"region":"infra"}' +#openshift_metrics_selector="region=infra" # Logging deployment # # Currently logging deployment is disabled by default, enable it by setting this -openshift_hosted_logging_deploy=false +#openshift_hosted_logging_deploy=false +openshift_hosted_logging_deploy=true #openshift_hosted_logging_deployer_version=3.3.0 -#openshift_hosted_metrics_storage_kind=dynamic -#openshift_logging_es_pvc_size= 100Gi -#openshift_logging_es_cluster_size= 3 +openshift_logging_image_version=v3.6 +#openshift_logging_es_pvc_size=100Gi +openshift_logging_es_cluster_size=3 #openshift_logging_es_number_of_replicas=2 #openshift_logging_kibana_replica_count=2 -#openshift_logging_es_nodeselector='{"region":"infra"}' -#openshift_logging_kibana_nodeselector='{"region":"infra"}' -#openshift_logging_curator_nodeselector='{"region":"infra"}' +openshift_logging_es_nodeselector='{"region":"infra"}' +openshift_logging_kibana_nodeselector='{"region":"infra"}' +openshift_logging_curator_nodeselector='{"region":"infra"}' + +#openshift_hosted_logging_storage_host=host +openshift_hosted_logging_storage_kind=nfs +openshift_hosted_logging_storage_access_modes=['ReadWriteOnce'] +openshift_hosted_logging_storage_nfs_directory=/exports +openshift_hosted_logging_storage_nfs_options='*(rw,root_squash)' +openshift_hosted_logging_storage_volume_name=logging +openshift_hosted_logging_storage_volume_size=10Gi +openshift_hosted_logging_storage_labels={'storage': 'logging'} +openshift_logging_es_pvc_dynamic=false +openshift_logging_es_ops_pvc_dynamic=false +#openshift_logging_kibana_hostname= +#openshift_hosted_logging_hostname= + +#openshift_hosted_logging_storage_kind=nfs +#openshift_hosted_logging_storage_access_modes=['ReadWriteOnce'] +#openshift_hosted_logging_storage_host=ose-bastion.c.ocp-demo.internal +#openshift_hosted_logging_storage_nfs_directory=/NotBackedUp/nfs/ose36 +#openshift_hosted_logging_storage_volume_name=logging +#openshift_hosted_logging_storage_volume_size=10Gi +#openshift_hosted_logging_storage_labels={'storage': 'logging'} # Configure the multi-tenant SDN plugin (default is 'redhat/openshift-ovs-subnet') os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant' @@ -198,8 +220,8 @@ openshift_disable_check=docker_storage,memory_availability,disk_availability #{% if {{ env[GLUSTER] }} equals = 'yes' %} #gluster -openshift_storage_glusterfs_namespace=glusterfs -openshift_storage_glusterfs_name=storage +#openshift_storage_glusterfs_namespace=glusterfs +#openshift_storage_glusterfs_name=storage #{% endif %} @@ -223,7 +245,7 @@ infranode[1:3] openshift_node_labels="{'region': 'infra'}" #{% if {{ env[GLUSTER] }} equals 'yes' %} -[glusterfs] -node[1:3] glusterfs_ip="{{ ansible_default_ipv4.address }}" glusterfs_devices='[ "/dev/sdc" ]' +#[glusterfs] +#node[1:3] glusterfs_ip="{{ ansible_default_ipv4.address }}" glusterfs_devices='[ "/dev/sdc" ]' #{% endif %} diff --git a/post-cluster-creation/delete-pvs.sh b/post-cluster-creation/delete-pvs.sh new file mode 100755 index 0000000..ce43bb5 --- /dev/null +++ b/post-cluster-creation/delete-pvs.sh @@ -0,0 +1,15 @@ +#!/bin/bash +set -e + +#crate necessary dirs in nfs server + +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'for i in {1..30}; do echo "/exports/pv$i *(rw,root_squash)" | sudo tee -a /etc/exports.d/openshift-ansible.exports > /dev/null; done;' +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'for i in {1..30}; do sudo mkdir "/exports/pv$i" && sudo chown nfsnobody:nfsnobody "/exports/pv$i" && sudo chmod 777 "/exports/pv$i"; done;' + +#restart nfs +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo systemctl restart nfs + +# create pvs +for i in {1..30}; do + oc delete pv pv$i +done diff --git a/post-cluster-creation/new-configure-pvs.sh b/post-cluster-creation/new-configure-pvs.sh new file mode 100755 index 0000000..53f8e74 --- /dev/null +++ b/post-cluster-creation/new-configure-pvs.sh @@ -0,0 +1,15 @@ +#!/bin/bash +set -e + +#crate necessary dirs in nfs server + +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'for i in {1..30}; do echo "/exports/pv$i *(rw,root_squash)" | sudo tee -a /etc/exports.d/openshift-ansible.exports > /dev/null; done;' +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'for i in {1..30}; do sudo mkdir "/exports/pv$i" && sudo chown nfsnobody:nfsnobody "/exports/pv$i" && sudo chmod 777 "/exports/pv$i"; done;' + +#restart nfs +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo systemctl restart nfs + +# create pvs +for i in {1..30}; do + oc process -f pv_template.yaml -p NFS_EXPORT="pv$i" -p PV_NAME="pv$i" | oc create -f - +done diff --git a/post-cluster-creation/pv_template.yaml b/post-cluster-creation/pv_template.yaml index 0ad4929..7e7bf27 100644 --- a/post-cluster-creation/pv_template.yaml +++ b/post-cluster-creation/pv_template.yaml @@ -9,7 +9,7 @@ objects: accessModes: - ReadWriteOnce capacity: - storage: 10Gi + storage: 100Gi nfs: path: /exports/${NFS_EXPORT} server: ose-bastion @@ -20,4 +20,4 @@ parameters: required: true - name: NFS_EXPORT description: name of the nfs export - required: true \ No newline at end of file + required: true From 377d88a0ae6f9550760aa1aefc9eb24520c10b89 Mon Sep 17 00:00:00 2001 From: Scott ES Date: Mon, 27 Nov 2017 23:32:43 -0500 Subject: [PATCH 11/12] added cluster admin setup --- README.md | 1 + provision-gcp.sh | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 1720c49..2419630 100644 --- a/README.md +++ b/README.md @@ -126,6 +126,7 @@ ansible-playbook -v -i hosts /usr/share/ansible/openshift-ansible/playbooks/byo/ From the bastion host run the following ``` ansible 'masters' -i hosts -b -m shell -a "htpasswd -b /etc/origin/master/htpasswd " +ansible 'masters' -i hosts -b -m shell -a "oadm policy add-cluster-role-to-user cluster-admin admin" ``` ## Clean up diff --git a/provision-gcp.sh b/provision-gcp.sh index 026653d..dce4dcd 100755 --- a/provision-gcp.sh +++ b/provision-gcp.sh @@ -12,7 +12,7 @@ gcloud compute disks create "node2-docker" --size "50" --zone "us-central1-b" -- gcloud compute disks create "node3-docker" --size "50" --zone "us-central1-f" --type "pd-standard" & wait -if [ $GLUSTER == "yes" ]; then +if [[ $GLUSTER == "yes" ]]; then #create gluster disks gcloud compute disks create "node1-gluster" --size "200" --zone "us-central1-a" --type "pd-standard" & @@ -32,7 +32,7 @@ gcloud compute instances create "infranode2" --zone "us-central1-b" --machine-ty gcloud compute instances create "infranode3" --zone "us-central1-f" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode3-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode3" --tags "infranode" & -if [ $GLUSTER == "yes" ]; then +if [[ $GLUSTER == "yes" ]]; then #nodes gcloud compute instances create "node1" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node1-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node1-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node1" & @@ -110,7 +110,7 @@ gcloud compute instances create "ose-bastion" --zone "us-central1-a" --machine-t gsutil mb -c Standard -l us-central1 -p $GCLOUD_PROJECT gs://$GCLOUD_PROJECT-registry #create dns zone only if it already does not exists -if [ `gcloud dns managed-zones list | grep $DNS_DOMAIN | wc -l` -ne 1 ]; then +if [[ `gcloud dns managed-zones list | grep $DNS_DOMAIN | wc -l` -ne 1 ]]; then gcloud dns managed-zones create --dns-name="$DNS_DOMAIN" --description="A zone" "$GCLOUD_PROJECT" fi From 103490d92300de07e1255eab7c4c670f76679be4 Mon Sep 17 00:00:00 2001 From: SES Date: Wed, 26 Sep 2018 13:44:03 -0500 Subject: [PATCH 12/12] updating to 3.10 and adding replication loops --- cleanup-gcp.sh | 10 +- prepare-bastion.sh | 7 +- provision-gcp.sh | 256 ++++++++++++++++++++++++++++++++++----------- 3 files changed, 204 insertions(+), 69 deletions(-) diff --git a/cleanup-gcp.sh b/cleanup-gcp.sh index f81e537..8e2b710 100755 --- a/cleanup-gcp.sh +++ b/cleanup-gcp.sh @@ -3,14 +3,16 @@ set -e gcloud config set project $GCLOUD_PROJECT +#echo "delete google storage buckets" #delete google storage buckets for i in $(gsutil ls); do gsutil rm -r $i & done; wait +#echo "delete firewall rules" #delete firewall rules -for i in $(gcloud compute firewall-rules list -r ^oc-.* | awk 'NR>1 {print $1}'); do +for i in $(gcloud compute firewall-rules list --filter="name~'^oc-.*'" | awk 'NR>1 {print $1}'); do gcloud compute firewall-rules delete -q $i & done; wait @@ -47,7 +49,7 @@ wait #delete instance-groups for k in us-central1-a us-central1-b us-central1-f; do - for i in $(gcloud compute instance-groups unmanaged list --zones $k | awk 'NR>1 {print $1}'); do + for i in $(gcloud compute instance-groups unmanaged list --filter="zone:( $k )" | awk 'NR>1 {print $1}'); do gcloud compute instance-groups unmanaged delete -q $i --zone $k & done; done; @@ -55,7 +57,7 @@ wait #delete VMs for k in us-central1-a us-central1-b us-central1-f; do - for i in $(gcloud compute instances list --zones $k| awk 'NR>1 {print $1}'); do + for i in $(gcloud compute instances list --filter="zone:( $k )" | awk 'NR>1 {print $1}'); do gcloud compute instances delete $i -q --zone "$k" & done; done; @@ -64,7 +66,7 @@ wait #delete disks for k in us-central1-a us-central1-b us-central1-f; do - for i in $(gcloud compute disks list --zones $k | awk 'NR>1 {print $1}'); do + for i in $(gcloud compute disks list --filter="zone:( $k )" | awk 'NR>1 {print $1}'); do gcloud compute disks delete -q $i --zone $k & done; done diff --git a/prepare-bastion.sh b/prepare-bastion.sh index 52dd763..fd4a72a 100755 --- a/prepare-bastion.sh +++ b/prepare-bastion.sh @@ -7,6 +7,9 @@ a=`whoami` sed -i "s/^/$a:/" ./my_id.pub export BASTION_USERNAME=$a + +[ -z "$OCP_VERSION" ] && OCP_VERSION=3.10 + gcloud compute project-info add-metadata --metadata-from-file sshKeys=./my_id.pub # prepare bastion to receive variables @@ -22,9 +25,9 @@ ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'su #subscribe ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD # configure subscriptions -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'sudo subscription-manager attach --pool=$RHN_SUB_POOL && sudo subscription-manager refresh && sudo subscription-manager repos --disable="*" && sudo subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-optional-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-3.6-rpms" --enable="rhel-7-fast-datapath-rpms"' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'sudo subscription-manager attach --pool=$RHN_SUB_POOL && sudo subscription-manager refresh && sudo subscription-manager repos --disable="*" && sudo subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-optional-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-$OCP_VERSION-rpms" --enable="rhel-7-fast-datapath-rpms"' #update install packages -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo yum update -y && sudo yum install -y git ansible atomic-openshift-utils screen bind-utils atomic-openshift-clients' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo yum update -y && sudo yum install -y git ansible atomic-openshift-utils screen bind-utils atomic-openshift-clients openshift-ansible' # generate and add keys ssh `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'ssh-keygen -t rsa -f .ssh/id_rsa -N ""' # set the key in gcloud metadata diff --git a/provision-gcp.sh b/provision-gcp.sh index dce4dcd..2e48524 100755 --- a/provision-gcp.sh +++ b/provision-gcp.sh @@ -1,96 +1,216 @@ #!/bin/bash set -e -gcloud config set project $GCLOUD_PROJECT - -#create docker disks -gcloud compute disks create "infranode1-docker" --size "50" --zone "us-central1-a" --type "pd-standard" & -gcloud compute disks create "infranode2-docker" --size "50" --zone "us-central1-b" --type "pd-standard" & -gcloud compute disks create "infranode3-docker" --size "50" --zone "us-central1-f" --type "pd-standard" & -gcloud compute disks create "node1-docker" --size "50" --zone "us-central1-a" --type "pd-standard" & -gcloud compute disks create "node2-docker" --size "50" --zone "us-central1-b" --type "pd-standard" & -gcloud compute disks create "node3-docker" --size "50" --zone "us-central1-f" --type "pd-standard" & -wait +[ -z "$OCP_VERSION" ] && OCP_VERSION=3.10 +[ -z "$RHEL_VERSION" ] && RHEL_VERSION=`gcloud compute images list | awk '{print $1}' | grep rhel-7-v` +[ -z "$OCP_MASTER_COUNT" ] && OCP_MASTER_COUNT=1 +[ -z "$OCP_INFRA_COUNT" ] && OCP_INFRA_COUNT=1 +[ -z "$OCP_NODE_COUNT" ] && OCP_NODE_COUNT=2 -if [[ $GLUSTER == "yes" ]]; then +DEFAULT_SCOPE="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" - #create gluster disks - gcloud compute disks create "node1-gluster" --size "200" --zone "us-central1-a" --type "pd-standard" & - gcloud compute disks create "node2-gluster" --size "200" --zone "us-central1-b" --type "pd-standard" & - gcloud compute disks create "node3-gluster" --size "200" --zone "us-central1-f" --type "pd-standard" & - wait -fi - -#Masters -gcloud compute instances create "master1" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master1" --tags "master" & -gcloud compute instances create "master2" --zone "us-central1-b" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master2" --tags "master" & -gcloud compute instances create "master3" --zone "us-central1-f" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master3" --tags "master" & +echo "RHEL_VERSION == $RHEL_VERSION" -#infranodes -gcloud compute instances create "infranode1" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode1-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode1" --tags "infranode" & -gcloud compute instances create "infranode2" --zone "us-central1-b" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode2-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode2" --tags "infranode" & -gcloud compute instances create "infranode3" --zone "us-central1-f" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode3-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode3" --tags "infranode" & +gcloud config set project $GCLOUD_PROJECT -if [[ $GLUSTER == "yes" ]]; then +#################################################################################### +# +# Create the docker disk storage for INFRA and NODE +# +#################################################################################### +for (( I=1; I<=$OCP_INFRA_COUNT; I++ )) +do + echo $I + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute disks create "infranode$I-docker" --size "50" --zone "$ZONE" --type "pd-standard" & +done + +for (( I=1; I<=$OCP_NODE_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute disks create "node$I-docker" --size "50" --zone "$ZONE" --type "pd-standard" & +done - #nodes - gcloud compute instances create "node1" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node1-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node1-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node1" & - gcloud compute instances create "node2" --zone "us-central1-b" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node2-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node2-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node2" & - gcloud compute instances create "node3" --zone "us-central1-f" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node3-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node3-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node3" & - wait +wait +#################################################################################### + + + +#################################################################################### +# +# Create the MASTER, INFRA, and COMPUTE Nodes +# +#################################################################################### +for (( I=1; I<=$OCP_MASTER_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute instances create "master$I"\ + --zone "$ZONE"\ + --machine-type "n1-standard-2"\ + --subnet "default"\ + --maintenance-policy "TERMINATE"\ + --service-account default\ + --scopes "$DEEFAULT_SCOPE"\ + --image-project "rhel-cloud"\ + --image "$RHEL_VERSION"\ + --boot-disk-size "50"\ + --boot-disk-type "pd-standard"\ + --boot-disk-device-name "master$I"\ + --tags "master" & +done + +for (( I=1; I<=$OCP_INFRA_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute instances create "infranode$I"\ + --zone "$ZONE"\ + --machine-type "n1-standard-2"\ + --subnet "default"\ + --maintenance-policy "TERMINATE"\ + --service-account default\ + --scopes "$DEFAULT_SCOPE"\ + --disk "name=infranode$I-docker,device-name=disk-1,mode=rw,boot=no"\ + --image-project "rhel-cloud"\ + --image "$RHEL_VERSION"\ + --boot-disk-size "20"\ + --boot-disk-type "pd-standard"\ + --boot-disk-device-name "infranode$I"\ + --tags "infranode" & +done + +for (( I=1; I<=$OCP_NODE_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute instances create "node$I"\ + --zone "$ZONE"\ + --machine-type "n1-standard-2"\ + --subnet "default"\ + --maintenance-policy "TERMINATE"\ + --service-account default\ + --scopes "$DEFAULT_SCOPE"\ + --disk "name=node$I-docker,device-name=disk-1,mode=rw,boot=no"\ + --image-project "rhel-cloud"\ + --image "$RHEL_VERSION"\ + --boot-disk-size "20"\ + --boot-disk-type "pd-standard"\ + --boot-disk-device-name "node$I"\ + --tags "node" & +done -else +wait +#################################################################################### - #nodes - gcloud compute instances create "node1" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node1-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node1" & - gcloud compute instances create "node2" --zone "us-central1-b" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node2-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node2" & - gcloud compute instances create "node3" --zone "us-central1-f" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node3-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node3" & - wait -fi +#################################################################################### +# # create static addresses +# +#################################################################################### gcloud compute addresses create "master-external" --region "us-central1" & gcloud compute addresses create "infranode-external" --region "us-central1" & gcloud compute addresses create "ose-bastion" --region "us-central1" & wait +#################################################################################### +# # create health checks +# +#################################################################################### gcloud compute health-checks create https master-health-check --port 8443 --request-path /healthz gcloud compute health-checks create http router-health-check --port 80 --request-path / +#################################################################################### +# # create target pools +# +#################################################################################### gcloud compute target-pools create master-pool --region us-central1 & gcloud compute target-pools create infranode-pool --region us-central1 & wait -gcloud compute target-pools add-instances master-pool --instances master1 --instances-zone us-central1-a & -gcloud compute target-pools add-instances master-pool --instances master2 --instances-zone us-central1-b & -gcloud compute target-pools add-instances master-pool --instances master3 --instances-zone us-central1-f & -gcloud compute target-pools add-instances infranode-pool --instances infranode1 --instances-zone us-central1-a & -gcloud compute target-pools add-instances infranode-pool --instances infranode2 --instances-zone us-central1-b & -gcloud compute target-pools add-instances infranode-pool --instances infranode3 --instances-zone us-central1-f & -wait -#create instance groups -gcloud compute instance-groups unmanaged create master1 --zone us-central1-a & -gcloud compute instance-groups unmanaged create master2 --zone us-central1-b & -gcloud compute instance-groups unmanaged create master3 --zone us-central1-f & +#################################################################################### +# +# Create the MASTER and INFRA POOLS +# +#################################################################################### +for (( I=1; I<=$OCP_MASTER_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute target-pools add-instances master-pool --instances master$I --instances-zone $ZONE & +done + +for (( I=1; I<=$OCP_INFRA_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute target-pools add-instances infranode-pool --instances infranode$I --instances-zone $ZONE & +done + wait -gcloud compute instance-groups unmanaged add-instances master1 --instances master1 --zone us-central1-a & -gcloud compute instance-groups unmanaged add-instances master2 --instances master2 --zone us-central1-b & -gcloud compute instance-groups unmanaged add-instances master3 --instances master3 --zone us-central1-f & +#################################################################################### +# +# create instance groups +# +#################################################################################### +for (( I=1; I<=$OCP_MASTER_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute instance-groups unmanaged create master$I --zone $ZONE & +done + wait -#create back-end service -gcloud beta compute backend-services create master-internal --load-balancing-scheme internal --region us-central1 --protocol tcp --port 8443 --health-checks master-health-check +for (( I=1; I<=$OCP_MASTER_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute instance-groups unmanaged add-instances master$I --instances master$I --zone $ZONE & +done + +wait -gcloud beta compute backend-services add-backend master-internal --instance-group master1 --instance-group-zone us-central1-a --region us-central1 -gcloud beta compute backend-services add-backend master-internal --instance-group master2 --instance-group-zone us-central1-b --region us-central1 -gcloud beta compute backend-services add-backend master-internal --instance-group master3 --instance-group-zone us-central1-f --region us-central1 +#################################################################################### +# +# Create the Firewall Rules +# +#################################################################################### +gcloud compute firewall-rules create "oc-master" --allow tcp:8443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "master" +gcloud compute firewall-rules create "oc-infranode" --allow tcp:80,tcp:443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "infranode" +#################################################################################### +# +# Create back-end service +# +#################################################################################### +gcloud beta compute backend-services create master-internal --load-balancing-scheme internal --region us-central1 --protocol tcp --port-name "oc-master" --health-checks master-health-check + +for (( I=1; I<=$OCP_MASTER_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud beta compute backend-services add-backend master-internal --instance-group master$I --instance-group-zone $ZONE --region us-central1 +done #create load balancers gcloud compute forwarding-rules create master-external --region us-central1 --ports 8443 --address `gcloud compute addresses list | grep master-external | awk '{print $3}'` --target-pool master-pool & @@ -99,12 +219,20 @@ gcloud compute forwarding-rules create infranode-external-80 --region us-central gcloud beta compute forwarding-rules create master-internal --load-balancing-scheme internal --ports 8443 --region us-central1 --backend-service master-internal & wait -#create firewall rules -gcloud compute firewall-rules create "oc-master" --allow tcp:8443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "master" -gcloud compute firewall-rules create "oc-infranode" --allow tcp:80,tcp:443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "infranode" - #ose-bastion -gcloud compute instances create "ose-bastion" --zone "us-central1-a" --machine-type "n1-standard-2" --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/trace.append" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "ose-bastion" --address `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` +gcloud compute instances create "ose-bastion"\ + --zone "us-central1-a"\ + --machine-type "n1-standard-2"\ + --subnet "default"\ + --maintenance-policy "TERMINATE"\ + --service-account default\ + --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/trace.append"\ + --image-project "rhel-cloud"\ + --image "$RHEL_VERSION"\ + --boot-disk-size "20"\ + --boot-disk-type "pd-standard"\ + --boot-disk-device-name "ose-bastion"\ + --address `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` #create storage for registry gsutil mb -c Standard -l us-central1 -p $GCLOUD_PROJECT gs://$GCLOUD_PROJECT-registry @@ -121,3 +249,5 @@ gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="*.apps.$DNS_ gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="master-internal.$DNS_DOMAIN" --type=A --ttl=300 `gcloud compute forwarding-rules list master-internal | awk 'NR>1 {print $3}'` gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="mi.$DNS_DOMAIN" --type=A --ttl=300 `gcloud compute forwarding-rules list master-internal | awk 'NR>1 {print $3}'` gcloud dns record-sets transaction execute -z="$GCLOUD_PROJECT" + +