Skip to content

Instantly share code, notes, and snippets.

@epcim epcim/habitat_systemd.md
Last active May 24, 2019

Embed
What would you like to do?
hab habitat hab-sup deployment

Simple deployment script to install habitat container with the app as systemd service.

export ALT=500 # Prefix for all the service names/ports used (apply to habitat/ inner service service)
# cleanup
systemctl stop etcd-$ALT
sleep 3
rm -f /etc/systemd/system/etcd-$ALT.service /etc/default/etcd-$ALT*
rm -rf /srv/etcd-$ALT
# setup
touch /etc/default/etcd-$ALT
cat <<-EOF >/etc/default/etcd-${ALT}
HAB_ETCD={ "etcd-client-end":"${ALT}23", "etcd-server-end":"${ALT}80" }
EOF
mkdir -p /srv/etcd-$ALT/data
cat <<-EOF >/etc/systemd/system/etcd-$ALT.service
[Unit]
Description=VES Etcd
BindsTo=docker.service
After=network.target
After=docker.service
After=oem-cloudinit.service
# Wants=docker-images-update.timer
# Wants=docker-images-update.service

[Service]
Environment="ALT=${ALT}"
EnvironmentFile=/etc/environment
# hab sup secret generate
Environment="HAB_CTL_SECRET=kruhL2oUbwCCn48bDzPEATlPvZABwYs3AC0kwpB1G+JFtP2chlCHIVQA8gzWVPQRwsj6ekp6qVkse4SCmDwDbw=="
# hab ring key generate etcd
# Environment="HAB_RING_KEY=tkiwrVzmNH+afXdgYziOlhfp7irPHT+wAH4SYvzWYxA=%"
Environment="HAB_LICENSE=accept-no-persist"
EnvironmentFile=/etc/default/etcd-${ALT}
RestartSec=3s
TimeoutStopSec=0
Restart=always
TimeoutStartSec=0
EOF

cat <<-'EOF' >>/etc/systemd/system/etcd-$ALT.service
# ExecStartPre=/bin/bash -c "while systemctl is-active --quiet docker-mages-update; do sleep 0.5; done"
ExecStart=/usr/bin/docker run --rm --name etcd-${ALT} --net host --uts=host \
        -v /srv/etcd-${ALT}/:/hab/svc/etcd/ \
        -p 9631:${ALT}31 \
        -p ${ALT}32:${ALT}32 \
        -p 9638:${ALT}38 \
        -p ${ALT}79:${ALT}79 \
        -p ${ALT}80:${ALT}80 \
        -e HAB_LICENSE \
        -e HAB_CTL_SECRET \
        --env-file=/etc/default/etcd-${ALT} \
        epcim/etcd --topology leader \
          --listen-gossip 0.0.0.0:${ALT}38 --listen-ctl 0.0.0.0:${ALT}32 --listen-http 0.0.0.0:${ALT}31 \
          --peer master-0:${ALT}38 --peer master-1:${ALT}38 --peer master-2:${ALT}38
ExecStop=/usr/bin/docker rm -f etcd-ves

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl enable etcd-$ALT
systemctl start etcd-$ALT
journalctl -fu etcd-$ALT

setup coreos VMs

get coreos stable CoreOS Container Linux ISO | Booting Container Linux via ISO

Setup:

  • live boot from iso
  • 2GB of RAM
  • 4GB of Storage
  • networking adapeter (bridge, host-only)

install your ssh keys in VM:

curl -lsq https://github.com/epcim.keys | update-ssh-keys -A epcim
ssh core@192.168.99.100 -C "echo $(cat ~/.ssh/id_rsa_bootstrap_insecure.pub) >> ~/.ssh/authorized_keys"

Install habitat

Login over ssh and shoot: ssh core@192.168.99.100

#export HAB_RING_KEY=
#export HAB_REMOTE=192.168.99.100
sudo su -
set -o vi

systemctl stop hab-supervisor || true
rm -rf /hab || true
rm -f /etc/systemd/system/hab-supervisor.service || true

# configurationo setings
export HABSUP_CLUSTER=(192.168.3.33 192.168.3.34 192.168.3.35)
export HABSUP_PEERS="$(for i in ${HABSUP_CLUSTER[*]};do echo -ne " --peer=$i "; done)"
#
export HAB_CTL_SECRET="FIXME FIXME FIXME"
export HAB_BINLINK_DIR=/hab/bin
export HAB_LISTEN_CTL="0.0.0.0:9632"
export HAB_LICENSE=accept
export PATH=$PATH:/hab/bin

# systemd service
sudo groupadd hab
sudo useradd -g hab hab

cat <<- EOF > /etc/systemd/system/hab-supervisor.service 
[Unit]
Description=Habitat Supervisor

[Service]
User=root
Group=hab
ExecStart=/hab/bin/hab sup run -A -v $HABSUP_PEERS --listen-ctl 0.0.0.0:9632 --channel stable --strategy rolling --topology leader $HABSUP_GROUP --url https://bldr.habitat.sh
Restart=on-failure
Environment=HAB_CTL_SECRET=$HAB_CTL_SECRET
Environment=HAB_BINLINK_DIR=$HAB_BINLINK_DIR
[Install]
WantedBy=default.target
EOF
    
# install
which curl || apt-get install curl vim nc -y
curl https://raw.githubusercontent.com/habitat-sh/habitat/master/components/hab/install.sh | sudo -E bash
echo "export PATH=$PATH" >> ~/.bashrc
mkdir -p /hab/sup/default || true
echo $HAB_CTL_SECRET > /hab/sup/default/CTL_SECRET
sudo chown -R root:hab /hab 

# run
/hab/bin/hab license accept
systemctl daemon-reload
systemctl start hab-supervisor
journalctl -fu hab-supervisor

Create recovery point

Stop, safe, duplicate as cores1,2,3 VMs

configure habitat workspace

Update your .envrc

export HAB_CTL_SECRET=${HAB_CTL_SECRET:-}
export HAB_REMOTE=192.168.99.100

deploy services

export REMOTE_SUP="--remote-sup=$HAB_REMOTE:9632"
hab svc load epcim/vesbox-ipxe --channel staging --topology standalone --group staging --strategy at-once $REMOTE_SUP
hab svc status $REMOTE_SUP
#hab svc unload epcim/vesbox-ipxe $REMOTE_SUP

update configuration:

hab config apply vesbox-ipxe.staging 2 --remote-sup=$HAB_REMOTE:9632 config/vbox-vesbox-ipxe.toml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.