Last active
March 22, 2022 07:30
-
-
Save eniocarboni/5bd6d652cac8246a8543407764d2273e to your computer and use it in GitHub Desktop.
Linux-cluster-test-minimal-ubuntu1804
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hacluster_pwd="$1" | |
hafence_pwd="$2" | |
HOSTNAME=$(hostname) | |
HOSTID=$(echo $HOSTNAME | sed 's/.*-//') | |
eths=$(ip address | grep '^[0-9]' | awk '{print $2}' | uniq | grep -v lo | sed 's/://g' | sed 's/@.*$//') | |
eth1=$(echo $eths | awk '{print $1}') | |
eth2=$(echo $eths | awk '{print $2}') | |
eth3=$(echo $eths | awk '{print $3}') | |
localectl set-locale LANG=en_US.utf8 | |
echo "updating software via apt-get update" | |
apt-get -q update >/dev/null 2>&1 | |
#apt dist-upgrade -y -q | |
echo -e "installing cluster software" | |
apt install -y -q pacemaker corosync-qdevice pcs apache2 wget >/dev/null 2>&1 | |
pcs cluster destroy --force | |
echo -e "configuring private cluster network on ${eth2}" | |
echo -e "\tupdate cluster network in /etc/hosts" | |
echo -e "192.168.33.11\t cl-u18-node-1" >>/etc/hosts | |
echo -e "192.168.33.12\t cl-u18-node-2" >>/etc/hosts | |
echo -e "192.168.33.13\t cl-u18-node-3" >>/etc/hosts | |
addr=192.168.33.$(($HOSTID + 10))/24 | |
cat <<EOF >/etc/netplan/60-cluster00.yaml | |
--- | |
network: | |
version: 2 | |
renderer: networkd | |
ethernets: | |
${eth2}: | |
addresses: | |
- ${addr} | |
EOF | |
netplan generate | |
systemctl restart systemd-networkd.service | |
echo -e "configuring fence cluster network on ${eth3}" | |
echo -e "192.168.43.11\t cl-u18-nodefence-1" >>/etc/hosts | |
echo -e "192.168.43.12\t cl-u18-nodefence-2" >>/etc/hosts | |
echo -e "192.168.43.13\t cl-u18-nodefence-3" >>/etc/hosts | |
addr=192.168.43.$(($HOSTID + 10))/24 | |
cat <<EOF >/etc/netplan/60-cluster05-fence.yaml | |
--- | |
network: | |
version: 2 | |
renderer: networkd | |
ethernets: | |
${eth3}: | |
addresses: | |
- ${addr} | |
EOF | |
netplan generate | |
systemctl restart systemd-networkd.service | |
echo -e "\tDownload fence_ssh from github into /usr/sbin/fence_ssh" | |
wget -q -O /usr/sbin/fence_ssh https://raw.githubusercontent.com/nannafudge/fence_ssh/master/fence_ssh | |
chmod +x /usr/sbin/fence_ssh | |
echo -e "\tcreate user fence with password '$hafence_pwd'" | |
useradd -c "Fence ssh user" -m -s /bin/bash fence | |
echo "fence:$hafence_pwd" | chpasswd | |
cat <<EOF >/etc/sudoers.d/fence | |
fence ALL = NOPASSWD: /sbin/shutdown | |
EOF | |
sed -i 's/^PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config | |
systemctl restart sshd | |
a2enmod status | |
systemctl stop apache2 >/dev/null 2>&1 | |
systemctl disable apache2 >/dev/null 2>&1 | |
if [ -e "/var/www/html/index.html" ]; then | |
mv /var/www/html/index.html /var/www/html/index.html.orig | |
chmod 600 /var/www/html/index.html.orig | |
fi | |
cat <<EOF >>/var/www/html/index.html | |
<!DOCTYPE html> | |
<html> <head> | |
<meta charset="UTF-8"> | |
<meta name="viewport" content="width=device-width, initial-scale=1"> | |
<style id='linux-text-cluster-inline-quolltech-css' type='text/css'> | |
body {margin: 0;} | |
#top { position:fixed; top:86px; left:72px; transform:rotate(90deg); transform-origin:0% 0%; background-color: #f94701; background-image: linear-gradient(to right,#a6a6a6,#c9c925,#1e73be,#fe36f9,#0fe22a,#fe4809); text-align:center; padding:5px; border-radius:5px; opacity:0.9;} | |
#top div {font-size:14px;} | |
h2 { font-size:20px; margin-bottom:10px; margin-top:10px; } | |
#test_frame {width:100vw;height:99vh;border:0px hidden;margin:0;padding:0;} | |
</style> </head> | |
<body> | |
<div id="top"> <h2>Linux Cluster Test: Cps, Pacemaker, Corosync</h2> <div>$HOSTNAME - by Quoll Tech</div> </div> | |
<iframe id="test_frame" src="https://quoll.it/servizi-chiedi-un-preventivo/"></iframe> | |
<script type="text/javascript"> | |
function quoll_resize() {el=document.getElementById("top"); el_h=el.offsetHeight; el.style.left = el_h +"px";} | |
quoll_resize() | |
window.onresize = quoll_resize; | |
</script> | |
</body> </html> | |
EOF | |
echo "Setting hapassword to '$hacluster_pwd'" | |
echo "hacluster:$hacluster_pwd" | chpasswd | |
echo -e "Set $firewall firewall package and rules" | |
cat <<EOF >/etc/ufw/applications.d/cluster | |
[cluster] | |
title=Cluster | |
description=Cluster linux with Pacemaker and Corosync. | |
ports=2224/tcp|3121/tcp|5403/tcp|5404/udp|5405/udp|21064/tcp|9929/tcp|9929/udp | |
EOF | |
cat <<EOF >/etc/ufw/applications.d/apache | |
[apache] | |
title=Apache | |
description=Apache web server | |
ports=80/tcp|443/tcp | |
EOF | |
echo -e "\tactiving ufw firewall" | |
ufw --force enable >/dev/null 2>&1 | |
ufw allow OpenSSH | |
ufw allow cluster | |
ufw allow apache | |
echo "Start and enable pcsd service ..." | |
systemctl start pcsd.service >/dev/null 2>&1 | |
systemctl enable pcsd.service >/dev/null 2>&1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hacluster_pwd="$1" | |
fencecluster_pwd="$2" | |
cluster_nodes="cl-u18-node-1 cl-u18-node-2 cl-u18-node-3" | |
echo -e "\tinizializing the cluster on nodes ${cluster_nodes}" | |
pcs cluster auth ${cluster_nodes} -u hacluster -p "$hacluster_pwd" | |
pcs cluster setup --start --name "quolltech_cluster" ${cluster_nodes} --force | |
pcs cluster enable --all | |
# disable stonith | |
pcs property set stonith-enabled=false | |
sleep 5 | |
echo "Check cluster resource" | |
pcs resource create first_test_ip IPaddr2 ip=192.168.33.31 cidr_netmask=24 --group apachegroup | |
pcs resource create Web1 apache configfile="/etc/apache2/apache2.conf" statusurl="http://127.0.0.1/server-status" --group apachegroup | |
pcs resource create second_test_ip IPaddr2 ip=192.168.33.32 cidr_netmask=24 --group group_second_test_ip | |
pcs resource create last_test_ip IPaddr2 ip=192.168.33.33 cidr_netmask=24 --group group_last_test_ip | |
echo "fence agents: enable ssh with private key" | |
apt install -y -q sshpass >/dev/null 2>&1 | |
cd /root | |
rm -rf .ssh | |
echo -e "\tgenerating ssh key to auto login in fence user and moving it in /home/fence/.ssh" | |
ssh-keygen -q -C "fence_agent_key" -f /root/.ssh/id_rsa -N '' | |
cp -a .ssh/id_rsa.pub .ssh/authorized_keys | |
cat <<EOF >.ssh/config | |
Host 192.168.43.* ${pre_node}fence-* | |
StrictHostKeyChecking no | |
EOF | |
rm -rf /home/fence/.ssh | |
mv -f .ssh/ /home/fence/ | |
chown -R fence:fence /home/fence/.ssh | |
cd /home/fence | |
echo -e "\tcopying fence ssh key (id_rsa,id_rsa.pub,authorized_keys,config) on fence@cl-u18-nodefence-2" | |
tar cf - .ssh/ | sshpass -p "$fencecluster_pwd" ssh -i /home/fence/.ssh/id_rsa -o StrictHostKeyChecking=no -o LogLevel=ERROR fence@cl-u18-nodefence-2 tar xf - --warning=no-timestamp | |
echo -e "\tcopying fence ssh key (id_rsa,id_rsa.pub,authorized_keys,config) on fence@cl-u18-nodefence-2" | |
tar cf - .ssh/ | sshpass -p "$fencecluster_pwd" ssh -i /home/fence/.ssh/id_rsa -o StrictHostKeyChecking=no -o LogLevel=ERROR fence@cl-u18-nodefence-3 tar xf - --warning=no-timestamp | |
echo "Creating fence resource" | |
pcs stonith create stonith-ssh-1 fence_ssh user=fence sudo=true private-key="/home/fence/.ssh/id_rsa" hostname="cl-u18-nodefence-1" pcmk_host_list="cl-u18-node-1" --force --disabled >/dev/null 2>&1 | |
pcs stonith create stonith-ssh-2 fence_ssh user=fence sudo=true private-key="/home/fence/.ssh/id_rsa" hostname="cl-u18-nodefence-2" pcmk_host_list="cl-u18-node-2" --force --disabled >/dev/null 2>&1 | |
pcs stonith create stonith-ssh-3 fence_ssh user=fence sudo=true private-key="/home/fence/.ssh/id_rsa" hostname="cl-u18-nodefence-3" pcmk_host_list="cl-u18-node-3" --force --disabled >/dev/null 2>&1 | |
pcs constraint location stonith-ssh-1 avoids cl-u18-node-1 | |
pcs constraint location stonith-ssh-2 avoids cl-u18-node-2 | |
pcs constraint location stonith-ssh-3 avoids cl-u18-node-3 | |
pcs stonith enable stonith-ssh-1 | |
pcs stonith enable stonith-ssh-2 | |
pcs stonith enable stonith-ssh-3 | |
pcs property set stonith-enabled=true | |
pcs cluster status | |
pcs status | |
pcs quorum status |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ** | |
# Linux-cluster-test-minimal-ubuntu-18-04-lts | |
# Copyright (c) 2020 Enio Carboni (enio.carboni __at__ gmail.com) | |
# Distributed under the GNU GPL v3. For full terms see https://www.gnu.org/licenses/gpl-3.0.html. | |
# For complete project see https://github.com/eniocarboni/linux-cluster-test | |
# ** | |
# random_password method: return a 12 (or length) random characters for user password | |
$CHARS = ('0'..'9').to_a + ('A'..'Z').to_a + ('a'..'z').to_a + ('#'..'&').to_a + (':'..'?').to_a | |
def random_password(length=12) | |
p='' | |
(0..length).each do | |
p+=$CHARS[rand($CHARS.size)] | |
end | |
return p | |
end | |
$hacluster_pwd=random_password | |
$fencecluster_pwd=random_password | |
Vagrant.configure("2") do |config| | |
[2, 3, 1].each do |i| | |
config.vm.define "cl-u18-node-#{i}" do |node| | |
node.vm.box = "ubuntu/bionic64" | |
# Cluster private net for Carousync | |
node.vm.network "private_network", ip: "192.168.33.#{i + 10}", auto_config: false | |
# private net for fencing (pcs stonith) | |
node.vm.network "private_network", ip: "192.168.43.#{i + 10}", auto_config: false | |
node.vm.hostname = "cluster-cl-u18-node-#{i}" | |
node.vm.synced_folder ".", "/vagrant", disabled: true | |
node.vm.provider "virtualbox" do |vb, override| | |
vb.name = "cl-u18-node-#{i}" | |
vb.memory = "1024" | |
vb.customize ["modifyvm", :id, "--groups", "/cluster/ubuntu1804"] | |
end | |
node.vm.provision "Update software and configure node", | |
type: "shell", | |
path: "provision_scripts/10-node_configuration.sh", | |
args: "'#{$hacluster_pwd}' '#{$fencecluster_pwd}'" | |
if i == 1 | |
node.vm.provision "Configuring Cluster via pcs on all nodes", | |
type: "shell", | |
path: "provision_scripts/90-single-cluster_configuration.sh", | |
args: "'#{$hacluster_pwd}' '#{$fencecluster_pwd}'" | |
end | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment