JosiahKerley/quick-and-dirty-serf-demo.sh

## quick-and-dirty-serf-demo.sh
#!/bin/bash
<< COMMENT
  If you are using lab rPi's or rhel-based/debian-based vagrant machines,
this should install the serf binary, install a few support packages as well
as a demo tool that uses serf as well as a side-car service.
COMMENT

## Settings
URL=https://releases.hashicorp.com/serf/0.8.1/serf_0.8.1_linux_amd64.zip
[[ -f /etc/rpi-issue ]] && URL=https://releases.hashicorp.com/serf/0.8.1/serf_0.8.1_linux_arm.zip
if lscpu | grep arm > /dev/null
then
  URL=https://releases.hashicorp.com/serf/0.8.1/serf_0.8.1_linux_arm.zip
fi


## Handy multi-distro
function install_pkg(){
  if ! which $1 > /dev/null
  then
    if which yum
    then
      yum clean all
      yum install -y $1
    else
      apt-get update
      apt-get install -y $1
    fi
  fi
}


## ./configure this host
for pkg in unzip jq wget nmap
do
  install_pkg $pkg
done


## Create an updater if I need to update during the class
cat > /usr/bin/serf-qad-update << 'BASH'
#!/bin/bash
curl -s https://gist.githubusercontent.com/JosiahKerley/20b6c30b0db301699cb4a0f286b600fc/raw | bash
BASH
chmod +x /usr/bin/serf-qad-update


## Install serf binary
[[ -f /usr/bin/serf ]] || (
  cd /opt
  [[ -f serf.zip ]] || (
    wget ${URL} -O serf.zip.in-progress && \
      mv -f serf.zip.in-progress serf.zip
  )
  unzip serf.zip && \
    mv -f serf /usr/bin/serf && \
    chmod +x /usr/bin/serf
  rm -f serf serf.zip
)


## Create a hosts updater file
cat > /usr/bin/serf-update-hosts << 'SH'
#!/bin/bash
sed -i '/## Discovered by serf/d' /etc/hosts
seq 0 $(( `serf members | wc -l` -1 )) | xargs -I {} bash -c '
  NAME=`serf members -format=json | jq -r .members[{}].name`
  IP=`serf members -format=json | jq -r .members[{}].tags.ip`
  if [ ! "${IP}" == "null" ]
  then
    echo "${IP} ${NAME} ## Discovered by serf" >> /etc/hosts
  fi
'
cat /etc/hosts
SH
chmod +x /usr/bin/serf-update-hosts


## Serf unit itself
cat > /etc/systemd/system/serf.service << UNIT
[Unit]

[Service]

User=root
ExecStart=/usr/bin/serf agent -discover local
ExecStartPost=-/usr/bin/serf-nmap-join
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target
UNIT


## Installs a service that creates tags
cat > /usr/bin/serf-tags << 'BASH'
#!/bin/bash
serf tags -set ip=`ip r get 8.8.8.8 | awk '/via/{print $7}'`
BASH
chmod +x /usr/bin/serf-tags


cat > /etc/systemd/system/serf-tags.service << UNIT
[Unit]
Requires=serf.service
BindTo=serf.service

[Service]
User=root
ExecStart=/bin/bash -c "while serf-tags; do sleep 15m; done"
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target
UNIT


cat > /etc/systemd/system/serf-lab-reset.service << UNIT
[Unit]

[Service]
User=root
ExecStart=/bin/bash -c "while true; do if which serf-reset-lab; then serf-reset-lab; sleep 8h; done"
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target
UNIT


## Example bootstrapping join
cat > /usr/bin/serf-nmap-join << 'BASH'
for PORT in `ss -tulpn | awk '/serf/{print $5}' | rev | cut -d':' -f1 | rev`
do
  ip li | \
    awk '/UP/{print $2}' | \
      cut -d':' -f1 | \
        xargs -I {} ip addr show dev {} | \
          awk '/inet/{print $2}' | \
            grep -vE '(127.0.0.1|127.0.1.1|::|169.254)' | \
              xargs -I {} nmap -n -P0 -sS -p ${PORT} -oG - {} | \
                fgrep /open/ | \
                  awk '{print $2}' | \
                    xargs -I [] bash -c 'echo found []; serf join []'
done
BASH
chmod +x /usr/bin/serf-nmap-join


## Add cron jobs
cat > /etc/cron.d/serf << CRON
*/5 * * * * root serf-nmap-join
CRON


## Setup services
systemctl daemon-reload
systemctl enable serf
systemctl restart serf
systemctl enable serf-tags
systemctl restart serf-tags
serf-nmap-join
	#!/bin/bash
	<< COMMENT
	If you are using lab rPi's or rhel-based/debian-based vagrant machines,
	this should install the serf binary, install a few support packages as well
	as a demo tool that uses serf as well as a side-car service.
	COMMENT

	## Settings
	URL=https://releases.hashicorp.com/serf/0.8.1/serf_0.8.1_linux_amd64.zip
	[[ -f /etc/rpi-issue ]] && URL=https://releases.hashicorp.com/serf/0.8.1/serf_0.8.1_linux_arm.zip
	if lscpu \| grep arm > /dev/null
	then
	URL=https://releases.hashicorp.com/serf/0.8.1/serf_0.8.1_linux_arm.zip
	fi


	## Handy multi-distro
	function install_pkg(){
	if ! which $1 > /dev/null
	then
	if which yum
	then
	yum clean all
	yum install -y $1
	else
	apt-get update
	apt-get install -y $1
	fi
	fi
	}


	## ./configure this host
	for pkg in unzip jq wget nmap
	do
	install_pkg $pkg
	done


	## Create an updater if I need to update during the class
	cat > /usr/bin/serf-qad-update << 'BASH'
	#!/bin/bash
	curl -s https://gist.githubusercontent.com/JosiahKerley/20b6c30b0db301699cb4a0f286b600fc/raw \| bash
	BASH
	chmod +x /usr/bin/serf-qad-update


	## Install serf binary
	[[ -f /usr/bin/serf ]] \|\| (
	cd /opt
	[[ -f serf.zip ]] \|\| (
	wget ${URL} -O serf.zip.in-progress && \
	mv -f serf.zip.in-progress serf.zip
	)
	unzip serf.zip && \
	mv -f serf /usr/bin/serf && \
	chmod +x /usr/bin/serf
	rm -f serf serf.zip
	)


	## Create a hosts updater file
	cat > /usr/bin/serf-update-hosts << 'SH'
	#!/bin/bash
	sed -i '/## Discovered by serf/d' /etc/hosts
	seq 0 $(( `serf members \| wc -l` -1 )) \| xargs -I {} bash -c '
	NAME=`serf members -format=json \| jq -r .members[{}].name`
	IP=`serf members -format=json \| jq -r .members[{}].tags.ip`
	if [ ! "${IP}" == "null" ]
	then
	echo "${IP} ${NAME} ## Discovered by serf" >> /etc/hosts
	fi
	'
	cat /etc/hosts
	SH
	chmod +x /usr/bin/serf-update-hosts


	## Serf unit itself
	cat > /etc/systemd/system/serf.service << UNIT
	[Unit]

	[Service]

	User=root
	ExecStart=/usr/bin/serf agent -discover local
	ExecStartPost=-/usr/bin/serf-nmap-join
	Restart=always
	RestartSec=10

	[Install]
	WantedBy=multi-user.target
	UNIT


	## Installs a service that creates tags
	cat > /usr/bin/serf-tags << 'BASH'
	#!/bin/bash
	serf tags -set ip=`ip r get 8.8.8.8 \| awk '/via/{print $7}'`
	BASH
	chmod +x /usr/bin/serf-tags


	cat > /etc/systemd/system/serf-tags.service << UNIT
	[Unit]
	Requires=serf.service
	BindTo=serf.service

	[Service]
	User=root
	ExecStart=/bin/bash -c "while serf-tags; do sleep 15m; done"
	Restart=always
	RestartSec=10

	[Install]
	WantedBy=multi-user.target
	UNIT


	cat > /etc/systemd/system/serf-lab-reset.service << UNIT
	[Unit]

	[Service]
	User=root
	ExecStart=/bin/bash -c "while true; do if which serf-reset-lab; then serf-reset-lab; sleep 8h; done"
	Restart=always
	RestartSec=10

	[Install]
	WantedBy=multi-user.target
	UNIT


	## Example bootstrapping join
	cat > /usr/bin/serf-nmap-join << 'BASH'
	for PORT in `ss -tulpn \| awk '/serf/{print $5}' \| rev \| cut -d':' -f1 \| rev`
	do
	ip li \| \
	awk '/UP/{print $2}' \| \
	cut -d':' -f1 \| \
	xargs -I {} ip addr show dev {} \| \
	awk '/inet/{print $2}' \| \
	grep -vE '(127.0.0.1\|127.0.1.1\|::\|169.254)' \| \
	xargs -I {} nmap -n -P0 -sS -p ${PORT} -oG - {} \| \
	fgrep /open/ \| \
	awk '{print $2}' \| \
	xargs -I [] bash -c 'echo found []; serf join []'
	done
	BASH
	chmod +x /usr/bin/serf-nmap-join


	## Add cron jobs
	cat > /etc/cron.d/serf << CRON
	/5 * * * root serf-nmap-join
	CRON


	## Setup services
	systemctl daemon-reload
	systemctl enable serf
	systemctl restart serf
	systemctl enable serf-tags
	systemctl restart serf-tags
	serf-nmap-join