Munkkeli/install.sh

## install.sh
CONSUL_VERSION="1.6.0"
NOMAD_VERSION="0.9.5"

SERVER_IP=$(hostname -I | awk '{print $1}')

sudo apt-get update
sleep 2
sudo apt-get install -y unzip apt-transport-https ca-certificates curl software-properties-common
sleep 2

# Download Consul binary
curl --silent --remote-name https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_amd64.zip

# Install Consul
unzip consul_${CONSUL_VERSION}_linux_amd64.zip
sudo chown root:root consul
sudo mv consul /usr/local/bin/

rm consul_${CONSUL_VERSION}_linux_amd64.zip

consul -autocomplete-install
complete -C /usr/local/bin/consul consul

sudo useradd --system --home /etc/consul.d --shell /bin/false consul
sudo mkdir --parents /opt/consul
sudo chown --recursive consul:consul /opt/consul

sudo tee -a /etc/systemd/system/consul.service > /dev/null <<EOT
[Unit]
Description="HashiCorp Consul - A service mesh solution"
Documentation=https://www.consul.io/
Requires=network-online.target
After=network-online.target
ConditionFileNotEmpty=/etc/consul.d/consul.hcl

[Service]
User=consul
Group=consul
ExecStart=/usr/local/bin/consul agent -config-dir=/etc/consul.d/
ExecReload=/usr/local/bin/consul reload
KillMode=process
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
EOT

sudo mkdir --parents /etc/consul.d

sudo tee -a /etc/consul.d/consul.hcl > /dev/null <<EOT
datacenter = "dc1"
data_dir = "/opt/consul"
encrypt = "Luj2FZWwlt8475wD1WtwUQ=="
EOT

sudo chown --recursive consul:consul /etc/consul.d
sudo chmod 640 /etc/consul.d/consul.hcl

sudo mkdir --parents /etc/consul.d

sudo tee -a /etc/consul.d/server.hcl > /dev/null <<EOT
server = true
bootstrap_expect = 1
ui = true
client_addr = "0.0.0.0"
EOT

sudo chown --recursive consul:consul /etc/consul.d
sudo chmod 640 /etc/consul.d/server.hcl

sudo systemctl enable consul
sleep 2
sudo systemctl start consul
sleep 2

# Download Nomad binary
curl --silent --remote-name https://releases.hashicorp.com/nomad/${NOMAD_VERSION}/nomad_${NOMAD_VERSION}_linux_amd64.zip

# Install Nomad
unzip nomad_${NOMAD_VERSION}_linux_amd64.zip
sudo chown root:root nomad
sudo mv nomad /usr/local/bin/

rm nomad_${NOMAD_VERSION}_linux_amd64.zip

nomad -autocomplete-install
complete -C /usr/local/bin/nomad nomad

sudo mkdir --parents /opt/nomad

sudo tee -a /etc/systemd/system/nomad.service > /dev/null <<EOT
[Unit]
Description=Nomad
Documentation=https://nomadproject.io/docs/
Wants=network-online.target
After=network-online.target

[Service]
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/usr/local/bin/nomad agent -config /etc/nomad.d -bind=$SERVER_IP
KillMode=process
KillSignal=SIGINT
LimitNOFILE=infinity
LimitNPROC=infinity
Restart=on-failure
RestartSec=2
StartLimitBurst=3
StartLimitIntervalSec=10
TasksMax=infinity

[Install]
WantedBy=multi-user.target
EOT

sudo mkdir --parents /etc/nomad.d
sudo chmod 700 /etc/nomad.d

sudo tee -a /etc/nomad.d/nomad.hcl > /dev/null <<EOT
datacenter = "dc1"
data_dir = "/opt/nomad"
EOT

sudo tee -a /etc/nomad.d/server.hcl > /dev/null <<EOT
server {
  enabled = true
  bootstrap_expect = 1
}
EOT

sudo tee -a /etc/nomad.d/server.hcl > /dev/null <<EOT
client {
  enabled = true
  options {
    "docker.privileged.enabled" = "true"
  }
}
EOT

sudo systemctl enable nomad
sleep 2
sudo systemctl start nomad
sleep 2

# Install Docker
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"
sleep 2

sudo apt update
sleep 2
sudo apt install -y docker-ce
sleep 2

sudo usermod -aG docker ${USER}

# Download Traefik binary
curl -L --silent --remote-name https://github.com/containous/traefik/releases/download/v1.7.14/traefik_linux-amd64

# Install Traefik
sudo chown root:root traefik_linux-amd64
sudo chmod +x traefik_linux-amd64
sudo mv traefik_linux-amd64 /usr/local/bin/traefik

sudo mkdir --parents /etc/traefik.d
sudo chmod 700 /etc/traefik.d

sudo tee -a /etc/traefik.d/traefik.toml > /dev/null <<EOT
defaultEntryPoints = ["http", "https"]
logLevel = "DEBUG"

[entryPoints.minecraft]
address = ":25565"

[api]
dashboard = true

[consulCatalog]
endpoint = "127.0.0.1:8500"
exposedByDefault = false
stale = false
strictChecks = true
prefix = "traefik"
domain = "localhost"
frontEndRule = ""
EOT

sudo tee -a /etc/systemd/system/traefik.service > /dev/null <<EOT
[Unit]
Description=Traefik
Documentation=https://docs.traefik.io/
Wants=network-online.target
After=network-online.target

[Service]
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/usr/local/bin/traefik -c /etc/traefik.d/traefik.toml
KillMode=process
KillSignal=SIGINT
LimitNOFILE=infinity
LimitNPROC=infinity
Restart=on-failure
RestartSec=2
StartLimitBurst=3
StartLimitIntervalSec=10
TasksMax=infinity

[Install]
WantedBy=multi-user.target
EOT

sudo systemctl enable traefik
sleep 2
sudo systemctl start traefik
sleep 2

# Install Portworx
sudo tee -a /tmp/portworx.nomad > /dev/null <<EOT
[Unit]
job "portworx" {
  type        = "service"
  datacenters = ["dc1"]

  group "portworx" {
    count = 3

    constraint {
      operator  = "distinct_hosts"
      value     = "true"
    }

    # restart policy for failed portworx tasks
    restart {
      attempts = 3
      delay    = "30s"
      interval = "5m"
      mode     = "fail"
    }

    # how to handle upgrades of portworx instances
    update {
      max_parallel     = 1
      health_check     = "checks"
      min_healthy_time = "10s"
      healthy_deadline = "5m"
      auto_revert      = true
      canary           = 0
      stagger          = "30s"
    }

    task "px-node" {
      driver = "docker"
      kill_timeout = "120s"   # allow portworx 2 min to gracefully shut down
      kill_signal = "SIGTERM" # use SIGTERM to shut down the nodes

      # consul service check for portworx instances
      service {
        name = "portworx"
        check {
          port     = "portworx"
          type     = "http"
          path     = "/health"
          interval = "10s"
          timeout  = "2s"
        }
      }

      # setup environment variables for px-nodes
      env {
        "AUTO_NODE_RECOVERY_TIMEOUT_IN_SECS" = "1500"
        "PX_TEMPLATE_VERSION"                = "V4"
       }

      # container config
      config {
        image        = "portworx/oci-monitor:2.1.1"
        network_mode = "host"
        ipc_mode = "host"
        privileged = true

        # configure your parameters below
        # do not remove the last parameter (needed for health check)
        args = [
            "-c", "px-cluster-nomadv8",
            "-a",
            "-k", "consul://127.0.0.1:8500",
            "--endpoint", "0.0.0.0:9015"
        ]

        volumes = [
            "/var/cores:/var/cores",
            "/var/run/docker.sock:/var/run/docker.sock",
            "/run/containerd:/run/containerd",
            "/etc/pwx:/etc/pwx",
            "/opt/pwx:/opt/pwx",
            "/proc:/host_proc",
            "/etc/systemd/system:/etc/systemd/system",
            "/var/run/log:/var/run/log",
            "/var/log:/var/log",
            "/var/run/dbus:/var/run/dbus"
        ]
      }

      # resource config
      resources {
        cpu    = 1024
        memory = 2048

        network {
          mbits = 100
          port "portworx" {
            static = "9015"
          }
        }
      }
    }
  }
}
EOT

# Print status of all services
sudo systemctl status consul --lines=0
sudo systemctl status nomad --lines=0
sudo systemctl status docker --lines=0
sudo systemctl status traefik --lines=0

echo ""
echo "Consul: http://${SERVER_IP}:8500/ui"
echo "Nomad: http://${SERVER_IP}:4646/ui"
echo "Traefik: http://${SERVER_IP}:8080/"
echo ""

echo "Run \"su - ${USER}\" to enable docker without sudo"
	CONSUL_VERSION="1.6.0"
	NOMAD_VERSION="0.9.5"

	SERVER_IP=$(hostname -I \| awk '{print $1}')

	sudo apt-get update
	sleep 2
	sudo apt-get install -y unzip apt-transport-https ca-certificates curl software-properties-common
	sleep 2

	# Download Consul binary
	curl --silent --remote-name https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_amd64.zip

	# Install Consul
	unzip consul_${CONSUL_VERSION}_linux_amd64.zip
	sudo chown root:root consul
	sudo mv consul /usr/local/bin/

	rm consul_${CONSUL_VERSION}_linux_amd64.zip

	consul -autocomplete-install
	complete -C /usr/local/bin/consul consul

	sudo useradd --system --home /etc/consul.d --shell /bin/false consul
	sudo mkdir --parents /opt/consul
	sudo chown --recursive consul:consul /opt/consul

	sudo tee -a /etc/systemd/system/consul.service > /dev/null <<EOT
	[Unit]
	Description="HashiCorp Consul - A service mesh solution"
	Documentation=https://www.consul.io/
	Requires=network-online.target
	After=network-online.target
	ConditionFileNotEmpty=/etc/consul.d/consul.hcl

	[Service]
	User=consul
	Group=consul
	ExecStart=/usr/local/bin/consul agent -config-dir=/etc/consul.d/
	ExecReload=/usr/local/bin/consul reload
	KillMode=process
	Restart=on-failure
	LimitNOFILE=65536

	[Install]
	WantedBy=multi-user.target
	EOT

	sudo mkdir --parents /etc/consul.d

	sudo tee -a /etc/consul.d/consul.hcl > /dev/null <<EOT
	datacenter = "dc1"
	data_dir = "/opt/consul"
	encrypt = "Luj2FZWwlt8475wD1WtwUQ=="
	EOT

	sudo chown --recursive consul:consul /etc/consul.d
	sudo chmod 640 /etc/consul.d/consul.hcl

	sudo mkdir --parents /etc/consul.d

	sudo tee -a /etc/consul.d/server.hcl > /dev/null <<EOT
	server = true
	bootstrap_expect = 1
	ui = true
	client_addr = "0.0.0.0"
	EOT

	sudo chown --recursive consul:consul /etc/consul.d
	sudo chmod 640 /etc/consul.d/server.hcl

	sudo systemctl enable consul
	sleep 2
	sudo systemctl start consul
	sleep 2

	# Download Nomad binary
	curl --silent --remote-name https://releases.hashicorp.com/nomad/${NOMAD_VERSION}/nomad_${NOMAD_VERSION}_linux_amd64.zip

	# Install Nomad
	unzip nomad_${NOMAD_VERSION}_linux_amd64.zip
	sudo chown root:root nomad
	sudo mv nomad /usr/local/bin/

	rm nomad_${NOMAD_VERSION}_linux_amd64.zip

	nomad -autocomplete-install
	complete -C /usr/local/bin/nomad nomad

	sudo mkdir --parents /opt/nomad

	sudo tee -a /etc/systemd/system/nomad.service > /dev/null <<EOT
	[Unit]
	Description=Nomad
	Documentation=https://nomadproject.io/docs/
	Wants=network-online.target
	After=network-online.target

	[Service]
	ExecReload=/bin/kill -HUP $MAINPID
	ExecStart=/usr/local/bin/nomad agent -config /etc/nomad.d -bind=$SERVER_IP
	KillMode=process
	KillSignal=SIGINT
	LimitNOFILE=infinity
	LimitNPROC=infinity
	Restart=on-failure
	RestartSec=2
	StartLimitBurst=3
	StartLimitIntervalSec=10
	TasksMax=infinity

	[Install]
	WantedBy=multi-user.target
	EOT

	sudo mkdir --parents /etc/nomad.d
	sudo chmod 700 /etc/nomad.d

	sudo tee -a /etc/nomad.d/nomad.hcl > /dev/null <<EOT
	datacenter = "dc1"
	data_dir = "/opt/nomad"
	EOT

	sudo tee -a /etc/nomad.d/server.hcl > /dev/null <<EOT
	server {
	enabled = true
	bootstrap_expect = 1
	}
	EOT

	sudo tee -a /etc/nomad.d/server.hcl > /dev/null <<EOT
	client {
	enabled = true
	options {
	"docker.privileged.enabled" = "true"
	}
	}
	EOT

	sudo systemctl enable nomad
	sleep 2
	sudo systemctl start nomad
	sleep 2

	# Install Docker
	curl -fsSL https://download.docker.com/linux/ubuntu/gpg \| sudo apt-key add -
	sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"
	sleep 2

	sudo apt update
	sleep 2
	sudo apt install -y docker-ce
	sleep 2

	sudo usermod -aG docker ${USER}

	# Download Traefik binary
	curl -L --silent --remote-name https://github.com/containous/traefik/releases/download/v1.7.14/traefik_linux-amd64

	# Install Traefik
	sudo chown root:root traefik_linux-amd64
	sudo chmod +x traefik_linux-amd64
	sudo mv traefik_linux-amd64 /usr/local/bin/traefik

	sudo mkdir --parents /etc/traefik.d
	sudo chmod 700 /etc/traefik.d

	sudo tee -a /etc/traefik.d/traefik.toml > /dev/null <<EOT
	defaultEntryPoints = ["http", "https"]
	logLevel = "DEBUG"

	[entryPoints.minecraft]
	address = ":25565"

	[api]
	dashboard = true

	[consulCatalog]
	endpoint = "127.0.0.1:8500"
	exposedByDefault = false
	stale = false
	strictChecks = true
	prefix = "traefik"
	domain = "localhost"
	frontEndRule = ""
	EOT

	sudo tee -a /etc/systemd/system/traefik.service > /dev/null <<EOT
	[Unit]
	Description=Traefik
	Documentation=https://docs.traefik.io/
	Wants=network-online.target
	After=network-online.target

	[Service]
	ExecReload=/bin/kill -HUP $MAINPID
	ExecStart=/usr/local/bin/traefik -c /etc/traefik.d/traefik.toml
	KillMode=process
	KillSignal=SIGINT
	LimitNOFILE=infinity
	LimitNPROC=infinity
	Restart=on-failure
	RestartSec=2
	StartLimitBurst=3
	StartLimitIntervalSec=10
	TasksMax=infinity

	[Install]
	WantedBy=multi-user.target
	EOT

	sudo systemctl enable traefik
	sleep 2
	sudo systemctl start traefik
	sleep 2

	# Install Portworx
	sudo tee -a /tmp/portworx.nomad > /dev/null <<EOT
	[Unit]
	job "portworx" {
	type = "service"
	datacenters = ["dc1"]

	group "portworx" {
	count = 3

	constraint {
	operator = "distinct_hosts"
	value = "true"
	}

	# restart policy for failed portworx tasks
	restart {
	attempts = 3
	delay = "30s"
	interval = "5m"
	mode = "fail"
	}

	# how to handle upgrades of portworx instances
	update {
	max_parallel = 1
	health_check = "checks"
	min_healthy_time = "10s"
	healthy_deadline = "5m"
	auto_revert = true
	canary = 0
	stagger = "30s"
	}

	task "px-node" {
	driver = "docker"
	kill_timeout = "120s" # allow portworx 2 min to gracefully shut down
	kill_signal = "SIGTERM" # use SIGTERM to shut down the nodes

	# consul service check for portworx instances
	service {
	name = "portworx"
	check {
	port = "portworx"
	type = "http"
	path = "/health"
	interval = "10s"
	timeout = "2s"
	}
	}

	# setup environment variables for px-nodes
	env {
	"AUTO_NODE_RECOVERY_TIMEOUT_IN_SECS" = "1500"
	"PX_TEMPLATE_VERSION" = "V4"
	}

	# container config
	config {
	image = "portworx/oci-monitor:2.1.1"
	network_mode = "host"
	ipc_mode = "host"
	privileged = true

	# configure your parameters below
	# do not remove the last parameter (needed for health check)
	args = [
	"-c", "px-cluster-nomadv8",
	"-a",
	"-k", "consul://127.0.0.1:8500",
	"--endpoint", "0.0.0.0:9015"
	]

	volumes = [
	"/var/cores:/var/cores",
	"/var/run/docker.sock:/var/run/docker.sock",
	"/run/containerd:/run/containerd",
	"/etc/pwx:/etc/pwx",
	"/opt/pwx:/opt/pwx",
	"/proc:/host_proc",
	"/etc/systemd/system:/etc/systemd/system",
	"/var/run/log:/var/run/log",
	"/var/log:/var/log",
	"/var/run/dbus:/var/run/dbus"
	]
	}

	# resource config
	resources {
	cpu = 1024
	memory = 2048

	network {
	mbits = 100
	port "portworx" {
	static = "9015"
	}
	}
	}
	}
	}
	}
	EOT

	# Print status of all services
	sudo systemctl status consul --lines=0
	sudo systemctl status nomad --lines=0
	sudo systemctl status docker --lines=0
	sudo systemctl status traefik --lines=0

	echo ""
	echo "Consul: http://${SERVER_IP}:8500/ui"
	echo "Nomad: http://${SERVER_IP}:4646/ui"
	echo "Traefik: http://${SERVER_IP}:8080/"
	echo ""

	echo "Run \"su - ${USER}\" to enable docker without sudo"