Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Linux-cluster-test-minimal-ubuntu1804
hacluster_pwd="$1"
hafence_pwd="$2"
HOSTNAME=$(hostname)
HOSTID=$(echo $HOSTNAME | sed 's/.*-//')
eths=$(ip address | grep '^[0-9]' | awk '{print $2}' | uniq | grep -v lo | sed 's/://g' | sed 's/@.*$//')
eth1=$(echo $eths | awk '{print $1}')
eth2=$(echo $eths | awk '{print $2}')
eth3=$(echo $eths | awk '{print $3}')
localectl set-locale LANG=en_US.utf8
echo "updating software via apt-get update"
apt-get -q update >/dev/null 2>&1
#apt dist-upgrade -y -q
echo -e "installing cluster software"
apt install -y -q pacemaker corosync-qdevice pcs apache2 wget >/dev/null 2>&1
pcs cluster destroy --force
echo -e "configuring private cluster network on ${eth2}"
echo -e "\tupdate cluster network in /etc/hosts"
echo -e "192.168.33.11\t cl-u18-node-1" >>/etc/hosts
echo -e "192.168.33.12\t cl-u18-node-2" >>/etc/hosts
echo -e "192.168.33.13\t cl-u18-node-3" >>/etc/hosts
addr=192.168.33.$(($HOSTID + 10))/24
cat <<EOF >/etc/netplan/60-cluster00.yaml
---
network:
version: 2
renderer: networkd
ethernets:
${eth2}:
addresses:
- ${addr}
EOF
netplan generate
systemctl restart systemd-networkd.service
echo -e "configuring fence cluster network on ${eth3}"
echo -e "192.168.43.11\t cl-u18-nodefence-1" >>/etc/hosts
echo -e "192.168.43.12\t cl-u18-nodefence-2" >>/etc/hosts
echo -e "192.168.43.13\t cl-u18-nodefence-3" >>/etc/hosts
addr=192.168.43.$(($HOSTID + 10))/24
cat <<EOF >/etc/netplan/60-cluster05-fence.yaml
---
network:
version: 2
renderer: networkd
ethernets:
${eth3}:
addresses:
- ${addr}
EOF
netplan generate
systemctl restart systemd-networkd.service
echo -e "\tDownload fence_ssh from github into /usr/sbin/fence_ssh"
wget -q -O /usr/sbin/fence_ssh https://raw.githubusercontent.com/nannafudge/fence_ssh/master/fence_ssh
chmod +x /usr/sbin/fence_ssh
echo -e "\tcreate user fence with password '$hafence_pwd'"
useradd -c "Fence ssh user" -m -s /bin/bash fence
echo "fence:$hafence_pwd" | chpasswd
cat <<EOF >/etc/sudoers.d/fence
fence ALL = NOPASSWD: /sbin/shutdown
EOF
sed -i 's/^PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config
systemctl restart sshd
a2enmod status
systemctl stop apache2 >/dev/null 2>&1
systemctl disable apache2 >/dev/null 2>&1
if [ -e "/var/www/html/index.html" ]; then
mv /var/www/html/index.html /var/www/html/index.html.orig
chmod 600 /var/www/html/index.html.orig
fi
cat <<EOF >>/var/www/html/index.html
<!DOCTYPE html>
<html> <head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<style id='linux-text-cluster-inline-quolltech-css' type='text/css'>
body {margin: 0;}
#top { position:fixed; top:86px; left:72px; transform:rotate(90deg); transform-origin:0% 0%; background-color: #f94701; background-image: linear-gradient(to right,#a6a6a6,#c9c925,#1e73be,#fe36f9,#0fe22a,#fe4809); text-align:center; padding:5px; border-radius:5px; opacity:0.9;}
#top div {font-size:14px;}
h2 { font-size:20px; margin-bottom:10px; margin-top:10px; }
#test_frame {width:100vw;height:99vh;border:0px hidden;margin:0;padding:0;}
</style> </head>
<body>
<div id="top"> <h2>Linux Cluster Test: Cps, Pacemaker, Corosync</h2> <div>$HOSTNAME - by Quoll Tech</div> </div>
<iframe id="test_frame" src="https://quoll.it/servizi-chiedi-un-preventivo/"></iframe>
<script type="text/javascript">
function quoll_resize() {el=document.getElementById("top"); el_h=el.offsetHeight; el.style.left = el_h +"px";}
quoll_resize()
window.onresize = quoll_resize;
</script>
</body> </html>
EOF
echo "Setting hapassword to '$hacluster_pwd'"
echo "hacluster:$hacluster_pwd" | chpasswd
echo -e "Set $firewall firewall package and rules"
cat <<EOF >/etc/ufw/applications.d/cluster
[cluster]
title=Cluster
description=Cluster linux with Pacemaker and Corosync.
ports=2224/tcp|3121/tcp|5403/tcp|5404/udp|5405/udp|21064/tcp|9929/tcp|9929/udp
EOF
cat <<EOF >/etc/ufw/applications.d/apache
[apache]
title=Apache
description=Apache web server
ports=80/tcp|443/tcp
EOF
echo -e "\tactiving ufw firewall"
ufw --force enable >/dev/null 2>&1
ufw allow OpenSSH
ufw allow cluster
ufw allow apache
echo "Start and enable pcsd service ..."
systemctl start pcsd.service >/dev/null 2>&1
systemctl enable pcsd.service >/dev/null 2>&1
hacluster_pwd="$1"
fencecluster_pwd="$2"
cluster_nodes="cl-u18-node-1 cl-u18-node-2 cl-u18-node-3"
echo -e "\tinizializing the cluster on nodes ${cluster_nodes}"
pcs cluster auth ${cluster_nodes} -u hacluster -p "$hacluster_pwd"
pcs cluster setup --start --name "quolltech_cluster" ${cluster_nodes} --force
pcs cluster enable --all
# disable stonith
pcs property set stonith-enabled=false
sleep 5
echo "Check cluster resource"
pcs resource create first_test_ip IPaddr2 ip=192.168.33.31 cidr_netmask=24 --group apachegroup
pcs resource create Web1 apache configfile="/etc/apache2/apache2.conf" statusurl="http://127.0.0.1/server-status" --group apachegroup
pcs resource create second_test_ip IPaddr2 ip=192.168.33.32 cidr_netmask=24 --group group_second_test_ip
pcs resource create last_test_ip IPaddr2 ip=192.168.33.33 cidr_netmask=24 --group group_last_test_ip
echo "fence agents: enable ssh with private key"
apt install -y -q sshpass >/dev/null 2>&1
cd /root
rm -rf .ssh
echo -e "\tgenerating ssh key to auto login in fence user and moving it in /home/fence/.ssh"
ssh-keygen -q -C "fence_agent_key" -f /root/.ssh/id_rsa -N ''
cp -a .ssh/id_rsa.pub .ssh/authorized_keys
cat <<EOF >.ssh/config
Host 192.168.43.* ${pre_node}fence-*
StrictHostKeyChecking no
EOF
rm -rf /home/fence/.ssh
mv -f .ssh/ /home/fence/
chown -R fence:fence /home/fence/.ssh
cd /home/fence
echo -e "\tcopying fence ssh key (id_rsa,id_rsa.pub,authorized_keys,config) on fence@cl-u18-nodefence-2"
tar cf - .ssh/ | sshpass -p "$fencecluster_pwd" ssh -i /home/fence/.ssh/id_rsa -o StrictHostKeyChecking=no -o LogLevel=ERROR fence@cl-u18-nodefence-2 tar xf - --warning=no-timestamp
echo -e "\tcopying fence ssh key (id_rsa,id_rsa.pub,authorized_keys,config) on fence@cl-u18-nodefence-2"
tar cf - .ssh/ | sshpass -p "$fencecluster_pwd" ssh -i /home/fence/.ssh/id_rsa -o StrictHostKeyChecking=no -o LogLevel=ERROR fence@cl-u18-nodefence-3 tar xf - --warning=no-timestamp
echo "Creating fence resource"
pcs stonith create stonith-ssh-1 fence_ssh user=fence sudo=true private-key="/home/fence/.ssh/id_rsa" hostname="cl-u18-nodefence-1" pcmk_host_list="cl-u18-node-1" --force --disabled >/dev/null 2>&1
pcs stonith create stonith-ssh-2 fence_ssh user=fence sudo=true private-key="/home/fence/.ssh/id_rsa" hostname="cl-u18-nodefence-2" pcmk_host_list="cl-u18-node-2" --force --disabled >/dev/null 2>&1
pcs stonith create stonith-ssh-3 fence_ssh user=fence sudo=true private-key="/home/fence/.ssh/id_rsa" hostname="cl-u18-nodefence-3" pcmk_host_list="cl-u18-node-3" --force --disabled >/dev/null 2>&1
pcs constraint location stonith-ssh-1 avoids cl-u18-node-1
pcs constraint location stonith-ssh-2 avoids cl-u18-node-2
pcs constraint location stonith-ssh-3 avoids cl-u18-node-3
pcs stonith enable stonith-ssh-1
pcs stonith enable stonith-ssh-2
pcs stonith enable stonith-ssh-3
pcs property set stonith-enabled=true
pcs cluster status
pcs status
pcs quorum status
# **
# Linux-cluster-test-minimal-ubuntu-18-04-lts
# Copyright (c) 2020 Enio Carboni (enio.carboni __at__ gmail.com)
# Distributed under the GNU GPL v3. For full terms see https://www.gnu.org/licenses/gpl-3.0.html.
# For complete project see https://github.com/eniocarboni/linux-cluster-test
# **
# random_password method: return a 12 (or length) random characters for user password
$CHARS = ('0'..'9').to_a + ('A'..'Z').to_a + ('a'..'z').to_a + ('#'..'&').to_a + (':'..'?').to_a
def random_password(length=12)
p=''
(0..length).each do
p+=$CHARS[rand($CHARS.size)]
end
return p
end
$hacluster_pwd=random_password
$fencecluster_pwd=random_password
Vagrant.configure("2") do |config|
[2, 3, 1].each do |i|
config.vm.define "cl-u18-node-#{i}" do |node|
node.vm.box = "ubuntu/bionic64"
# Cluster private net for Carousync
node.vm.network "private_network", ip: "192.168.33.#{i + 10}", auto_config: false
# private net for fencing (pcs stonith)
node.vm.network "private_network", ip: "192.168.43.#{i + 10}", auto_config: false
node.vm.hostname = "cluster-cl-u18-node-#{i}"
node.vm.synced_folder ".", "/vagrant", disabled: true
node.vm.provider "virtualbox" do |vb, override|
vb.name = "cl-u18-node-#{i}"
vb.memory = "1024"
vb.customize ["modifyvm", :id, "--groups", "/cluster/ubuntu1804"]
end
node.vm.provision "Update software and configure node",
type: "shell",
path: "provision_scripts/10-node_configuration.sh",
args: "'#{$hacluster_pwd}' '#{$fencecluster_pwd}'"
if i == 1
node.vm.provision "Configuring Cluster via pcs on all nodes",
type: "shell",
path: "provision_scripts/90-single-cluster_configuration.sh",
args: "'#{$hacluster_pwd}' '#{$fencecluster_pwd}'"
end
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.