ambled/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Docker, CoreOS, ProfitBricks

Outline version

Create Data Center using ProfitBricks DCD (Data Center Designer)


Signup for 14 day trial http://cloud.weave.sh Referal link to http://profitbricks.com
Login to DCD
Create a new datacenter
Setup cluster
Setup Node
Assemble storage and network
Provision datacenter (receive credentials via email)
Login to ubuntu bootstrap to build CoreOS volume
Change root password

On Host

Setup defaults for this host


apt-get update
configure default ssh public key
export DEFAULT_SSH_PUBKEY="ssh-rsa AAAAB3NzaC1yc2EA..."
setup hostname
export DEFAULT_HOSTNAME=node00

Grab configuration tools


Pull ProfitBricks awk templates

   curl https://gist.githubusercontent.com/ambled/a4fc74af3f3fb15d9d07/raw/de25cfd7c5d84b6e23fa73413d6d9656030e4556/cloud-config-template.awk > cloud-config-template.awk
   curl https://gist.githubusercontent.com/ambled/a4fc74af3f3fb15d9d07/raw/4527592fee20f8944858c0a73192e5c3b629a267/mknetwork.awk > mknetwork.awk


Get ProfitBricks Setup.sh
curl https://gist.githubusercontent.com/ambled/a4fc74af3f3fb15d9d07/raw/6bf19a61b3a15448957d169c0139f22b6978df39/setup.sh > setup.sh


Generate cloud-config.yaml template
/bin/bash setup.sh > cloud-config.yaml


Edit cloud-config.yaml for any additional changes per CoreOS docs (example uncomment #hostname, set etcd/fleet ip addresses based on network config settings, etc)


Get coreos-install script
curl https://raw.githubusercontent.com/coreos/init/master/bin/coreos-install > coreos-install.sh


Build CoreOS Image
/bin/bash coreos-install.sh -d /dev/vdb -C stable -c ~/cloud-config.yaml


logout


Switch from bootstrap OS to CoreOS


Using DCD, change boot partition to CoreOS
Disconnect/reuse bootstrap OS volume
Apply changes (Provision Data Center)
When provisioning is finished, attach to remote console.
When CoreOS is finished booting, notice only IPv6 detected on boot (however network config scripts are now ready)
Select "Send Key"->"Control+Alt+Del" or use the DCD to reboot
Can also connect from an existing node on the same private network using ipv6

ssh -A user@tunnelhost
ping6 -I eth1 fe80::...:1234
(from tunnelhost)  ssh core@fe80::....:1234%eth1
After reboot


connect to node


launch a sample container
docker run --name hello_nginx -d -p 80:80 nginx


browse to public ip address
http://164.200.16.99


stop sample container
docker stop hello_nginx


## cloud-config-template.awk
# Now generate a write_files for any detected interfaces
END {
  # Ok, write config for the file
  printf ("\
#cloud-config\n\
\n\
ssh_authorized_keys:\n\
  - %s\n\
\n\
\n\
#hostname: %s\n\
\n\
#coreos:\n\
#  etcd:\n\
#    name: %s\n\
#    discovery: https://discovery.etcd.io/%s\n\
#    addr: 164.200.16.99:4001\n\
#    peer-addr: 10.1.18.10:7001\n\
#  fleet:\n\
#    public-ip: 164.200.16.99\n\
#  units:\n\
#    - name: etcd.service\n\
#      command: start\n\
#    - name: fleet.service\n\
#      command: start\n\
\n",SSH_PUBKEY,HOSTNAME,HOSTNAME,DISCOVERY_ETCD);
}

## mknetwork.awk
## Generate local network configuration for CoreOS cloud_config
## ProfitBricks with Ubuntu 14.04 Server bootstrap host
## ip addr |awk -f mknetwork.awk

# New interface, reset select flag
($1 ~ /^[0-9]+/){parse=0;}
# Select interfaces like eth0..eth99+, case parse=1
($1 ~ /^[0-9]+:/  && $2 ~ /^eth[0-9]+:/){ split($2,s,":");  ifindex=s[1];  iflabel[ifindex]=s[1]; ifalias[ifindex]=""; parse=1;}
# Select alias interfaces like eth0:0, case parse=1
($1 ~ /^[0-9]+:/  && $2 ~ /^eth[0-9]+:[0-9]+/){ split($2,s,":");  ifindex=sprintf("%s-%d",s[1],s[2]); iflabel[ifindex]=s[1]; ifalias[ifindex]=1+s[2]; parse=1;}
# Grab the MAC Address
(parse==1 && /link\/ether/) {link[ifindex]=$2;}
# Find an ipv4 address
(parse==1 && $1=="inet") {inet4[ifindex]=$2;brd4[ifindex]=$4;}
# Find an ipv6 address
(parse==1 && $1=="inet6") {inet6[ifindex]=$2;brd6[ifindex]=$4;}

# Now generate a write_files for any detected interfaces
END {
  # Did we find any expected interfaces?
  for (ifindex in link){

    # Have we printed the header (or passed in with -v skip_header=1)?
    if (skip_header!=1) { printf "write_files:\n"; skip_header=1;}

    # define Match interface
    interface=iflabel[ifindex];
    # Is this an alias?
    if (ifalias[ifindex]>0) { interface=sprintf("%s:%d",iflabel[ifindex],ifalias[ifindex]-1);}

    # Default gateway is X.X.X.1, split ipv4 address
    split(inet4[ifindex],s,"[./]");
    # build address variable
    address=sprintf("%d.%d.%d.%d/24",s[1],s[2],s[3],s[4]);
    # Private 10.X.X.X networks don't have a gateway
    if (s[1]!=10) {
      gateway=sprintf("Gateway=%d.%d.%d.1\n",s[1],s[2],s[3]);
      #Insert DNS entry to first non-private interface
      if (skip_dns!=1) { dns="DNS=8.8.8.8"; skip_dns=1; } else { dns=""; }
    } else { gateway=""; dns="";}

    # Ok, write config for the file
    printf ("\
      -  path: /etc/systemd/network/%s.network\n\
         permissions: 0644\n\
         owner: root\n\
         content: |\n\
           [Match]\n\
           Name=%s\n\
           \n\
           [Network]\n\
           Address=%s\n\
           %s\n\
           %s",ifindex,interface,address,gateway,dns);
  }
  # if we didn't find anything, die
  if (skip_header!=1) { print "ERROR: mknetwork found no acceptable networks\n" > "/dev/stderr"; exit 1; }

  # otherwise print a final newline to end the content block
  print "";
}

## setup.sh
#!/bin/bash
set -euo pipefail
IFS=$'\n\t'

# pass in ssh credential with env
SSH_PUBKEY=${DEFAULT_SSH_PUBKEY:-}

# next try one deployed to this bootsrap image
if [[ -z "${SSH_PUBKEY}" ]] && [ -f ~/.ssh/id_rsa.pub ]; then
  SSH_PUBKEY=$(cat ~/.ssh/id_rsa.pub)
fi

# "Should we fail or should we go" on.
if [[ -z "${SSH_PUBKEY}" ]]; then
  SSH_PUBKEY="ssh_rsa YOU_NEED_TO_REPLACE_THIS_IF_YOU_HOPE_TO_LOGIN who@from"
fi

# Comment above if you want to fail if no ssh key
if [[ -z "${SSH_PUBKEY}" ]]; then
  echo "ERROR: ssh public key not set DEFAULT_SSH_PUBKEY or ~/.ssh/id_rsa.pub" >&2
  exit 1
fi

# pass in hostname with env
HOSTNAME=${DEFAULT_HOSTNAME:-}
# or let hostname tell us?
if [[ -z "${HOSTNAME}" ]]; then
  [ -x /bin/hostname ] && HOSTNAME=$(/bin/hostname)
fi
# default pass response (comment out to fail by default)
: ${HOSTNAME:-localhost}

# Do you really want to fail if default not set? it is commented out anyway
if [[ -z "${HOSTNAME}" ]]; then
  echo "ERROR: hostname not set DEFAULT_HOSTNAME or via /bin/hostname" >&2
  exit 1
fi


echo "" |awk -f cloud-config-template.awk -v HOSTNAME="${HOSTNAME}" -v SSH_PUBKEY="${SSH_PUBKEY}" -v DISCOVERY_ETCD="${DISCOVERY_ETCD:-<token>}"
ip addr |awk -f mknetwork.awk
	# Now generate a write_files for any detected interfaces
	END {
	# Ok, write config for the file
	printf ("\
	#cloud-config\n\
	\n\
	ssh_authorized_keys:\n\
	- %s\n\
	\n\
	\n\
	#hostname: %s\n\
	\n\
	#coreos:\n\
	# etcd:\n\
	# name: %s\n\
	# discovery: https://discovery.etcd.io/%s\n\
	# addr: 164.200.16.99:4001\n\
	# peer-addr: 10.1.18.10:7001\n\
	# fleet:\n\
	# public-ip: 164.200.16.99\n\
	# units:\n\
	# - name: etcd.service\n\
	# command: start\n\
	# - name: fleet.service\n\
	# command: start\n\
	\n",SSH_PUBKEY,HOSTNAME,HOSTNAME,DISCOVERY_ETCD);
	}
	## Generate local network configuration for CoreOS cloud_config
	## ProfitBricks with Ubuntu 14.04 Server bootstrap host
	## ip addr \|awk -f mknetwork.awk

	# New interface, reset select flag
	($1 ~ /^[0-9]+/){parse=0;}
	# Select interfaces like eth0..eth99+, case parse=1
	($1 ~ /^[0-9]+:/ && $2 ~ /^eth[0-9]+:/){ split($2,s,":"); ifindex=s[1]; iflabel[ifindex]=s[1]; ifalias[ifindex]=""; parse=1;}
	# Select alias interfaces like eth0:0, case parse=1
	($1 ~ /^[0-9]+:/ && $2 ~ /^eth[0-9]+:[0-9]+/){ split($2,s,":"); ifindex=sprintf("%s-%d",s[1],s[2]); iflabel[ifindex]=s[1]; ifalias[ifindex]=1+s[2]; parse=1;}
	# Grab the MAC Address
	(parse==1 && /link\/ether/) {link[ifindex]=$2;}
	# Find an ipv4 address
	(parse==1 && $1=="inet") {inet4[ifindex]=$2;brd4[ifindex]=$4;}
	# Find an ipv6 address
	(parse==1 && $1=="inet6") {inet6[ifindex]=$2;brd6[ifindex]=$4;}

	# Now generate a write_files for any detected interfaces
	END {
	# Did we find any expected interfaces?
	for (ifindex in link){

	# Have we printed the header (or passed in with -v skip_header=1)?
	if (skip_header!=1) { printf "write_files:\n"; skip_header=1;}

	# define Match interface
	interface=iflabel[ifindex];
	# Is this an alias?
	if (ifalias[ifindex]>0) { interface=sprintf("%s:%d",iflabel[ifindex],ifalias[ifindex]-1);}

	# Default gateway is X.X.X.1, split ipv4 address
	split(inet4[ifindex],s,"[./]");
	# build address variable
	address=sprintf("%d.%d.%d.%d/24",s[1],s[2],s[3],s[4]);
	# Private 10.X.X.X networks don't have a gateway
	if (s[1]!=10) {
	gateway=sprintf("Gateway=%d.%d.%d.1\n",s[1],s[2],s[3]);
	#Insert DNS entry to first non-private interface
	if (skip_dns!=1) { dns="DNS=8.8.8.8"; skip_dns=1; } else { dns=""; }
	} else { gateway=""; dns="";}

	# Ok, write config for the file
	printf ("\
	- path: /etc/systemd/network/%s.network\n\
	permissions: 0644\n\
	owner: root\n\
	content: \|\n\
	[Match]\n\
	Name=%s\n\
	\n\
	[Network]\n\
	Address=%s\n\
	%s\n\
	%s",ifindex,interface,address,gateway,dns);
	}
	# if we didn't find anything, die
	if (skip_header!=1) { print "ERROR: mknetwork found no acceptable networks\n" > "/dev/stderr"; exit 1; }

	# otherwise print a final newline to end the content block
	print "";
	}
	#!/bin/bash
	set -euo pipefail
	IFS=$'\n\t'

	# pass in ssh credential with env
	SSH_PUBKEY=${DEFAULT_SSH_PUBKEY:-}

	# next try one deployed to this bootsrap image
	if [[ -z "${SSH_PUBKEY}" ]] && [ -f ~/.ssh/id_rsa.pub ]; then
	SSH_PUBKEY=$(cat ~/.ssh/id_rsa.pub)
	fi

	# "Should we fail or should we go" on.
	if [[ -z "${SSH_PUBKEY}" ]]; then
	SSH_PUBKEY="ssh_rsa YOU_NEED_TO_REPLACE_THIS_IF_YOU_HOPE_TO_LOGIN who@from"
	fi

	# Comment above if you want to fail if no ssh key
	if [[ -z "${SSH_PUBKEY}" ]]; then
	echo "ERROR: ssh public key not set DEFAULT_SSH_PUBKEY or ~/.ssh/id_rsa.pub" >&2
	exit 1
	fi

	# pass in hostname with env
	HOSTNAME=${DEFAULT_HOSTNAME:-}
	# or let hostname tell us?
	if [[ -z "${HOSTNAME}" ]]; then
	[ -x /bin/hostname ] && HOSTNAME=$(/bin/hostname)
	fi
	# default pass response (comment out to fail by default)
	: ${HOSTNAME:-localhost}

	# Do you really want to fail if default not set? it is commented out anyway
	if [[ -z "${HOSTNAME}" ]]; then
	echo "ERROR: hostname not set DEFAULT_HOSTNAME or via /bin/hostname" >&2
	exit 1
	fi


	echo "" \|awk -f cloud-config-template.awk -v HOSTNAME="${HOSTNAME}" -v SSH_PUBKEY="${SSH_PUBKEY}" -v DISCOVERY_ETCD="${DISCOVERY_ETCD:-<token>}"
	ip addr \|awk -f mknetwork.awk