courtneyfaulkner/1_install_docker.sh

## 1_install_docker.sh
#! /bin/bash
# run on all nodes

# https://docs.docker.com/cs-engine/1.13/
curl -s 'https://sks-keyservers.net/pks/lookup?op=get&search=0xee6d536cf7dc86e2d7d56f59a178ac6c6238f52e' | sudo apt-key add --import
sudo apt-get update && sudo apt-get install apt-transport-https
sudo apt-get install -y linux-image-extra-$(uname -r) linux-image-extra-virtual
echo "deb https://packages.docker.com/1.13/apt/repo ubuntu-xenial main" | sudo tee /etc/apt/sources.list.d/docker.list
sudo apt-get update && sudo apt-get install docker-engine

sudo usermod -aG docker `whoami`
exec bash

## 2_install_docker_ucp.sh
#! /bin/bash
# run these commands on the UCP control nodes

export LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4 ; echo`
export PUBLIC_IP=`curl -s http://169.254.169.254/latest/meta-data/public-ipv4 ; echo`
export PUBLIC_HOST=`curl -s http://169.254.169.254/latest/meta-data/public-hostname; echo`
export UCP_DOMAIN='ucp.dev.dais.com'

# install docker universal control plane
docker pull docker/ucp
docker run --rm -it --name ucp -v /var/run/docker.sock:/var/run/docker.sock docker/ucp \
  install --host-address $LOCAL_IP \
  --san $UCP_DOMAIN --san $LOCAL_IP --san $PUBLIC_IP --san $PUBLIC_HOST \
  --interactive --external-server-cert

# optional, create real certificates via Let's Encrypt
# docker volume create --name certbot-route53-letsencrypt
# docker run -e "DOMAIN=ucp.dev.dais.com" -e "EMAIL=cam@dais.com" \
#  -e "AWS_ACCESS_KEY_ID=<the access key>" \
#  -e "AWS_SECRET_ACCESS_KEY=<the secret key>" \
#  -e "TZPATH=America/Chicago" \
#  -v certbot-route53-letsencrypt:/etc/letsencrypt \
#  -v ucp-controller-server-certs:/var/ucp-certs \
#  ntcnvisia/certbot-route53-ucp

# copy this for the ucp ip to use for joining worker nodes to the swarm
echo $LOCAL_IP

# copy the output of this to run on new worker nodes
docker swarm join-token worker

## 3_add_worker_node_to_swarm.sh
#! /bin/bash
export LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4 ; echo`
export WORKER_TOKEN=<worker join token>
export UCP_PRIVATE_IP=<ucp private ip>

# this should be pulled by UCP automatically, but just in case it isn't
docker pull docker/ucp-agent

docker swarm join --advertise-addr $LOCAL_IP --token $WORKER_TOKEN $UCP_PRIVATE_IP:2377

## 4_install_dtr.sh
#! /bin/bash
# run these on the ucp node

export DTR_URL='https://dtr.dev.dais.com'
export UCP_URL='https://ucp.dev.dais.com'

# --ucp-insecure-tls is unnecessary if real certs have been installed in UCP
docker run -it --rm docker/dtr install --dtr-external-url $DTR_URL --ucp-username admin \
  --ucp-url $UCP_URL --ucp-insecure-tls
	#! /bin/bash
	# run on all nodes

	# https://docs.docker.com/cs-engine/1.13/
	curl -s 'https://sks-keyservers.net/pks/lookup?op=get&search=0xee6d536cf7dc86e2d7d56f59a178ac6c6238f52e' \| sudo apt-key add --import
	sudo apt-get update && sudo apt-get install apt-transport-https
	sudo apt-get install -y linux-image-extra-$(uname -r) linux-image-extra-virtual
	echo "deb https://packages.docker.com/1.13/apt/repo ubuntu-xenial main" \| sudo tee /etc/apt/sources.list.d/docker.list
	sudo apt-get update && sudo apt-get install docker-engine

	sudo usermod -aG docker `whoami`
	exec bash
	#! /bin/bash
	# run these commands on the UCP control nodes

	export LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4 ; echo`
	export PUBLIC_IP=`curl -s http://169.254.169.254/latest/meta-data/public-ipv4 ; echo`
	export PUBLIC_HOST=`curl -s http://169.254.169.254/latest/meta-data/public-hostname; echo`
	export UCP_DOMAIN='ucp.dev.dais.com'

	# install docker universal control plane
	docker pull docker/ucp
	docker run --rm -it --name ucp -v /var/run/docker.sock:/var/run/docker.sock docker/ucp \
	install --host-address $LOCAL_IP \
	--san $UCP_DOMAIN --san $LOCAL_IP --san $PUBLIC_IP --san $PUBLIC_HOST \
	--interactive --external-server-cert

	# optional, create real certificates via Let's Encrypt
	# docker volume create --name certbot-route53-letsencrypt
	# docker run -e "DOMAIN=ucp.dev.dais.com" -e "EMAIL=cam@dais.com" \
	# -e "AWS_ACCESS_KEY_ID=<the access key>" \
	# -e "AWS_SECRET_ACCESS_KEY=<the secret key>" \
	# -e "TZPATH=America/Chicago" \
	# -v certbot-route53-letsencrypt:/etc/letsencrypt \
	# -v ucp-controller-server-certs:/var/ucp-certs \
	# ntcnvisia/certbot-route53-ucp

	# copy this for the ucp ip to use for joining worker nodes to the swarm
	echo $LOCAL_IP

	# copy the output of this to run on new worker nodes
	docker swarm join-token worker
	#! /bin/bash
	export LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4 ; echo`
	export WORKER_TOKEN=<worker join token>
	export UCP_PRIVATE_IP=<ucp private ip>

	# this should be pulled by UCP automatically, but just in case it isn't
	docker pull docker/ucp-agent

	docker swarm join --advertise-addr $LOCAL_IP --token $WORKER_TOKEN $UCP_PRIVATE_IP:2377
	#! /bin/bash
	# run these on the ucp node

	export DTR_URL='https://dtr.dev.dais.com'
	export UCP_URL='https://ucp.dev.dais.com'

	# --ucp-insecure-tls is unnecessary if real certs have been installed in UCP
	docker run -it --rm docker/dtr install --dtr-external-url $DTR_URL --ucp-username admin \
	--ucp-url $UCP_URL --ucp-insecure-tls