Last active
May 4, 2017 14:36
-
-
Save miminar/a081a79be2fd312386db63042a7afa4d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| function get_ip() { | |
| for intf in enp0s8 eth1 eth0 enp0s3 net0; do | |
| ip=`ip addr show $intf | sed -n 's,^\s\+inet\s\+\(\([0-9]\+\)\.[^/]\+\)/.*brd.*,\1,p'` | |
| if [[ -n "$ip" ]]; then | |
| echo "$ip" | |
| return 0 | |
| fi | |
| done | |
| return 1 | |
| } | |
| #readonly DEFAULT_IMAGES='registry.access.redhat.com/openshift3/ose-${component}:latest' | |
| #readonly DEFAULT_IMAGES='rcm-img-docker01.build.eng.bos.redhat.com:5001/openshift3/ose-${component}:latest' | |
| readonly DEFAULT_IMAGES='openshift/origin-${component}:latest' | |
| USE_IMAGES="${USE_IMAGES:-$DEFAULT_IMAGES}" | |
| SERVER_CONFIG_DIR="/etc/origin" | |
| MASTER_CONFIG_DIR="${SERVER_CONFIG_DIR}/master" | |
| NODE_CONFIG_DIR="$SERVER_CONFIG_DIR/node-$HOSTNAME" | |
| CERT_DIR="${MASTER_CONFIG_DIR}" | |
| MASTER_IP=`get_ip` | |
| MASTER_IP_URL="https://$MASTER_IP:8443" | |
| MASTER_API_URL="$MASTER_IP_URL" | |
| PUBLIC_MASTER_API_URL="https://$HOSTNAME:8443" | |
| WORKING_DIR='/var/lib/origin' | |
| OSE_NETWORK_CIDR="${OSE_NETWORK_CIDR:-10.128.0.0/16}" | |
| NETPLUG_PATH=/usr/libexec/kubernetes/kubelet-plugins/net/exec | |
| OVS_PLUG_SRC_PATH=Godeps/_workspace/src/github.com/openshift/openshift-sdn/plugins/osdn/ovs/bin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| IFS=$'\n\t' | |
| readonly LINKED_DEPS=( | |
| "k8s.io/kubernetes", | |
| "github.com/docker/distribution" | |
| ) | |
| readonly USAGE="Usage: | |
| $(basename ${BASH_SOURCE[0]}) [-hrcis] | |
| Options: | |
| -r Force rebuild. | |
| -c Force cert and config recreation. | |
| -i Force install. | |
| -s Skip build. | |
| -h Show this help. | |
| " | |
| force_rebuild=0 | |
| skip_build=0 | |
| recreate_config=0 | |
| force_install=0 | |
| if [[ -z "${WSP:-}" ]]; then | |
| echo "WSP must be set!" >&2 | |
| exit 1 | |
| fi | |
| . `dirname ${BASH_SOURCE[0]}`/ose-base.sh | |
| if ! [[ "$WSP" =~ /$ ]]; then | |
| WSP="$WSP/" | |
| fi | |
| if [[ -z "$GOPATH" ]]; then | |
| echo "GOPATH must be set!" >&2 | |
| exit 1 | |
| fi | |
| GPTH="${GOPATH%%:*}" | |
| while getopts "sihrc" opt; do | |
| case $opt in | |
| h) | |
| echo "$USAGE" >&2 | |
| exit 0 | |
| ;; | |
| r) | |
| force_rebuild=1 | |
| ;; | |
| s) | |
| skip_build=1 | |
| ;; | |
| c) | |
| recreate_config=1 | |
| ;; | |
| i) | |
| force_install=1 | |
| ;; | |
| *) | |
| echo "Invalid option $opt!" >&2 | |
| exit 1 | |
| ;; | |
| esac | |
| done | |
| function unique_list() { | |
| echo "$1" | tr ',' '\n' | sort -u | tr '\n' ',' | sed 's/,\+$//' | |
| } | |
| pushd "$WSP" >/dev/null | |
| sudo systemctl stop origin-{master,node} ||: | |
| if [[ $force_rebuild = 1 ]]; then | |
| sudo rm -rf _output ||: | |
| sudo rm -rf Godeps/_workspace/pkg ||: | |
| fi | |
| sudo rm -rf /usr/libexec/kubernetes/kubelet-plugins/net/exec/* ||: | |
| if ! [[ -e /etc/pki/ca-trust/source/anchors/registry.qe.openshift.com-ca.crt ]]; then | |
| sudo cp -v /mnt/shared/certs/registry.qe.openshift.com-ca.crt \ | |
| /etc/pki/ca-trust/source/anchors/ | |
| sudo mkdir -p /etc/docker/certs.d/registry.qe.openshift.com ||: | |
| sudo ln -s /etc/pki/ca-trust/source/anchors/registry.qe.openshift.com-ca.crt \ | |
| /etc/docker/certs.d/registry.qe.openshift.com/ca.crt | |
| sudo update-ca-trust check | |
| sudo update-ca-trust enable | |
| sudo update-ca-trust extract | |
| fi | |
| if [[ $USE_IMAGES =~ ^rcm-img-docker01.build.eng.bos.redhat.com ]]; then | |
| if ! egrep -q rcm-img-docker01.build.eng.bos.redhat.com:5001 /etc/sysconfig/docker; then | |
| sudo sed -i \ | |
| -e 's/^#\s*INSECURE_REGISTRY=.*/INSECURE_REGISTRY=""/' \ | |
| -e 's/^\(INSECURE_REGISTRY=["'"'"']\)/\1--insecure-registry rcm-img-docker01.build.eng.bos.redhat.com:5001 /' \ | |
| /etc/sysconfig/docker | |
| sudo systemctl stop docker | |
| fi | |
| fi | |
| # allow a containerized app to contact OpenShift master's dns server | |
| if ! sudo iptables -C INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT 2>/dev/null; then | |
| sudo iptables -I INPUT 5 -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT | |
| sudo iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT | |
| sudo sed -i -e '/REJECT/ i\ | |
| -A INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT' \ | |
| -e '/REJECT/ i\ | |
| -A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT' /etc/sysconfig/iptables | |
| fi | |
| # allow to reach master api | |
| if ! sudo iptables -C INPUT -p tcp -m state --state NEW -m tcp --dport 8443 -j ACCEPT 2>/dev/null; then | |
| sudo iptables -I INPUT 7 -p tcp -m state --state NEW -m tcp --dport 8443 -j ACCEPT | |
| sudo sed -i '/REJECT/ i\ | |
| -I INPUT -p tcp -m state --state NEW -m tcp --dport 8443 -j ACCEPT' /etc/sysconfig/iptables | |
| fi | |
| sudo cp -av contrib/completions/bash/* /etc/bash_completion.d/ | |
| binpth=_output/local/go/bin | |
| [[ "$(ls -A _output/local/bin/linux/amd64 2>/dev/null)" ]] && binpth=_output/local/bin/linux/amd64 ||: | |
| if [[ $skip_build == 0 && ( $force_rebuild = 1 || ! -e $binpth/openshift ) ]]; then | |
| echo "Building OpenShift locally" | |
| hack/build-go.sh | |
| fi | |
| binpth=_output/local/go/bin | |
| [[ "$(ls -A _output/local/bin/linux/amd64 2>/dev/null)" ]] && binpth=_output/local/bin/linux/amd64 ||: | |
| if [[ ! -e /usr/bin/openshift ]] || [[ $(($force_rebuild + $force_install)) -gt 0 ]]; then | |
| echo "Installing binaries" | |
| find "$binpth" -maxdepth 1 \( -type l -o -type f \) -print | \ | |
| grep "\(openshift\|origin\|oc\|oadm\|kubelet\|kubectl\|kubernetes\)$" | \ | |
| xargs -r -i sudo cp -vdRa '{}' /usr/bin/ | |
| fi | |
| plugin="redhat/openshift-ovs-subnet" | |
| if [[ -e "$OVS_PLUG_SRC_PATH/openshift-sdn-ovs" ]]; then | |
| dir="openshift-sdn-ovs" | |
| sudo mkdir -p "$NETPLUG_PATH/$dir" ||: | |
| find $OVS_PLUG_SRC_PATH -type f | while read -r l; do | |
| fn=`basename "$l"` | |
| sudo install -m 755 -v "$l" /usr/bin/$fn | |
| done | |
| elif [[ -e "$OVS_PLUG_SRC_PATH" ]]; then | |
| sudo mkdir -p "$NETPLUG_PATH" | |
| find $OVS_PLUG_SRC_PATH -type f -executable | while read -r l; | |
| do | |
| sudo cp -v "$l" /usr/bin/ | |
| sudo cp -v "$l" "$NETPLUG_PATH/$(echo $plugin | tr '/' '~')" | |
| done | |
| elif [[ -e Godeps/_workspace/src/github.com/openshift/openshift-sdn/pkg/ovssubnet/controller/kube/bin ]]; then | |
| sudo mkdir -p "$NETPLUG_PATH/$plugin" ||: | |
| pushd Godeps/_workspace/src/github.com/openshift/openshift-sdn/pkg/ovssubnet/controller/kube/bin >/dev/null | |
| sudo cp -v openshift-sdn-kube-subnet-setup.sh /usr/bin | |
| sudo cp -v openshift-ovs-subnet "$NETPLUG_PATH/$(echo $plugin | tr '/' '~')" | |
| popd | |
| fi | |
| if [[ $recreate_config = 1 ]]; then | |
| sudo rm -rf "${SERVER_CONFIG_DIR}" | |
| fi | |
| if [[ ! -e "${SERVER_CONFIG_DIR}" ]] || [[ ! -e $CERT_DIR/ca.crt ]]; then | |
| echo "Creating certificates" | |
| sudo mkdir -p "${SERVER_CONFIG_DIR}" | |
| set -x | |
| sudo openshift admin ca create-master-certs \ | |
| --cert-dir=${CERT_DIR} \ | |
| --master="${MASTER_API_URL}" \ | |
| --hostnames=`unique_list "${HOSTNAME},172.30.0.1,${MASTER_IP}"` \ | |
| --public-master="${PUBLIC_MASTER_API_URL}" \ | |
| --overwrite | |
| if [[ "$(id -u)" != 0 ]]; then | |
| sudo chown -R "root:$(id -gn)" "${SERVER_CONFIG_DIR}" | |
| sudo chmod -R g+rw "${SERVER_CONFIG_DIR}" | |
| fi | |
| { set +x; } >/dev/null 2>&1 | |
| fi | |
| if ! [[ -e "${MASTER_CONFIG_DIR}/policy.json" ]]; then | |
| sudo oadm create-bootstrap-policy-file --filename=${MASTER_CONFIG_DIR}/policy.json | |
| fi | |
| if ! [[ -e "${MASTER_CONFIG_DIR}/master-config.yaml" ]]; then | |
| echo "Writing master config file" | |
| set -x | |
| sudo /usr/bin/openshift start master \ | |
| --write-config=${MASTER_CONFIG_DIR} \ | |
| --images="${USE_IMAGES}" \ | |
| --public-master="$PUBLIC_MASTER_API_URL" \ | |
| --create-certs=false \ | |
| --master="$MASTER_API_URL" \ | |
| --listen="$MASTER_IP_URL" \ | |
| --etcd-dir="${WORKING_DIR}/openshift.local.etcd" | |
| if [[ "$(id -u)" != 0 ]]; then | |
| sudo chown -R "root:$(id -gn)" "${MASTER_CONFIG_DIR}" | |
| sudo chmod -R g+rw "${MASTER_CONFIG_DIR}" | |
| fi | |
| { set +x; } >/dev/null 2>&1 | |
| fi | |
| if ! [[ -e "${NODE_CONFIG_DIR}/node-config.yaml" ]]; then | |
| echo "Writing master config file" | |
| set -x | |
| sudo /usr/bin/openshift admin create-node-config \ | |
| --listen="https://0.0.0.0:10250" \ | |
| --dns-domain="$HOSTNAME" \ | |
| --dns-ip="$MASTER_IP" \ | |
| --images="${USE_IMAGES}" \ | |
| --node-dir="${NODE_CONFIG_DIR}" \ | |
| --node="$HOSTNAME" \ | |
| --hostnames="$HOSTNAME,172.30.0.1,$MASTER_IP" \ | |
| --master="$MASTER_API_URL" \ | |
| --node-client-certificate-authority="${CERT_DIR}/ca.crt" \ | |
| --certificate-authority="${CERT_DIR}/ca.crt" \ | |
| --signer-cert="${CERT_DIR}/ca.crt" \ | |
| --signer-key="${CERT_DIR}/ca.key" \ | |
| --signer-serial="${CERT_DIR}/ca.serial.txt" \ | |
| --volume-dir="${WORKING_DIR}/openshift.local.volumes" | |
| if [[ "$(id -u)" != 0 ]]; then | |
| sudo chown -R "root:$(id -gn)" "${NODE_CONFIG_DIR}" | |
| sudo chmod -R g+rw "${NODE_CONFIG_DIR}" | |
| fi | |
| { set +x; } >/dev/null 2>&1 | |
| fi | |
| if ! [[ -e /etc/sysconfig/origin-master ]]; then | |
| cfg=`find ${SERVER_CONFIG_DIR} -type f -name 'master-config.yaml' | head -n 1` | |
| if [[ -z "${cfg:-}" ]]; then | |
| echo "Failed to find master config file!" >&2 | |
| exit 1 | |
| fi | |
| sudo -s <<-EOF | |
| echo "CONFIG_FILE=${cfg}" >/etc/sysconfig/origin-master | |
| echo "OPTIONS=''" >>/etc/sysconfig/origin-master | |
| EOF | |
| fi | |
| if ! [[ -e /etc/sysconfig/origin-node ]]; then | |
| cfg="$(find "${NODE_CONFIG_DIR}" -type f -name 'node-config.yaml' | head -n 1)" | |
| if [[ -z "${cfg:-}" ]]; then | |
| echo "Failed to find node config file!" >&2 | |
| exit 1 | |
| fi | |
| sudo -s <<-EOF | |
| echo "CONFIG_FILE=${cfg}" >/etc/sysconfig/origin-node | |
| echo "OPTIONS='--loglevel=4'" >>/etc/sysconfig/origin-node | |
| EOF | |
| fi | |
| if ! [[ -e /etc/sysconfig/origin ]]; then | |
| mcfg="$(find "${SERVER_CONFIG_DIR}" -type f -name 'master-config.yaml' | head -n 1)" | |
| if [[ -z "${mcfg:-}" ]]; then | |
| echo "Failed to find master config file!" >&2 | |
| exit 1 | |
| fi | |
| sudo -s <<< "echo 'MASTER_CONFIG_FILE="'"'"$mcfg"'"'"' >/etc/sysconfig/origin" | |
| ncfg="$(find "${NODE_CONFIG_DIR}" -type f -name 'node-config.yaml' | head -n 1)" | |
| if [[ -z "${ncfg:-}" ]]; then | |
| echo "Failed to find node config file!" >&2 | |
| exit 1 | |
| fi | |
| echo "NODE_CONFIG_FILE=${ncfg}" | sudo tee -a /etc/sysconfig/origin >/dev/null | |
| echo "OPTIONS='--loglevel=4'" | sudo tee -a /etc/sysconfig/origin >/dev/null | |
| fi | |
| if ! [[ -e /etc/systemd/system/origin-node.service.d/origin-sdn-ovs.conf ]]; then | |
| sudo mkdir /etc/systemd/system/origin-node.service.d ||: | |
| sudo cp -v /mnt/shared/origin/origin-sdn-ovs.conf \ | |
| /etc/systemd/system/origin-node.service.d | |
| fi | |
| if [[ ! -e /etc/systemd/system/docker.service.d/docker-sdn-ovs.conf && -e contrib/systemd/docker-sdn-ovs.conf ]]; then | |
| sudo mkdir /etc/systemd/system/docker.service.d ||: | |
| sudo cp -v contrib/systemd/docker-sdn-ovs.conf \ | |
| /etc/systemd/system/docker.service.d | |
| fi | |
| if ! [[ -e /etc/systemd/system/origin-master.service ]]; then | |
| echo "Setting up origin master service" | |
| sudo sed \ | |
| -e 's,atomic-openshift,openshift,g' \ | |
| -e 's,sysconfig/openshift-,sysconfig/origin-,g' \ | |
| -e 's,openshift-\(master\|node\),origin-\1,g' \ | |
| -e 's,\<openshift\>,origin,g' \ | |
| -e "s,^\(WorkingDirectory=\).*,\1$WORKING_DIR," \ | |
| contrib/systemd/atomic-openshift-master.service | | |
| sudo tee /etc/systemd/system/origin-master.service >/dev/null | |
| fi | |
| if ! [[ -e /etc/systemd/system/origin.service ]]; then | |
| echo "Setting up origin service" | |
| sudo sed \ | |
| -e 's,atomic-openshift,openshift,g' \ | |
| -e 's,sysconfig/openshift-,sysconfig/origin-,g' \ | |
| -e 's,openshift-\(master\|node\),origin-\1,g' \ | |
| -e 's,\<openshift\>,origin,g' \ | |
| -e '/origin-node.service/d' \ | |
| -e 's,-master,,g' \ | |
| -e 's,start master,start,' \ | |
| -e 's,--config=[^ '"'"']\+,--master-config=${MASTER_CONFIG_FILE} --node-config=${NODE_CONFIG_FILE},g' \ | |
| -e "s,^\(WorkingDirectory=\).*,\1$WORKING_DIR," \ | |
| contrib/systemd/atomic-openshift-master.service | | |
| sudo tee /etc/systemd/system/origin.service >/dev/null | |
| fi | |
| if ! [[ -e "$WORKING_DIR" ]]; then | |
| sudo mkdir -p "$WORKING_DIR" | |
| fi | |
| if ! [[ -e /etc/systemd/system/origin-node.service ]]; then | |
| echo "Setting up origin node service" | |
| sudo sed \ | |
| -e 's,atomic-openshift,openshift,' \ | |
| -e 's,sysconfig/openshift-,sysconfig/origin-,' \ | |
| -e 's,openshift-\(master\|node\),origin-\1,g' \ | |
| -e 's,\<openshift\>,origin,g' \ | |
| -e "s,^\(WorkingDirectory=\).*,\1$WORKING_DIR," \ | |
| contrib/systemd/atomic-openshift-node.service | | |
| sudo tee /etc/systemd/system/origin-node.service >/dev/null | |
| fi | |
| if ! egrep -q 'export KUBECONFIG' ~/.bashrc; then | |
| sudo -s <<< "echo 'export KUBECONFIG="'"'"$MASTER_CONFIG_DIR/admin.kubeconfig"'"'"' >> ~/.bashrc" | |
| fi | |
| sudo systemctl daemon-reload | |
| echo "Starting origin" | |
| sudo systemctl start origin-master | |
| sudo systemctl start origin-node | |
| popd >/dev/null |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| IFS=$'\n\t' | |
| . `dirname ${BASH_SOURCE[0]}`/ose-base.sh | |
| readonly USAGE="Usage: | |
| $(basename ${BASH_SOURCE[0]}) [-hb] | |
| Options: | |
| -b Keep built binaries. | |
| -h Show this help. | |
| " | |
| keep_binaries=0 | |
| while getopts "b" opt; do | |
| case $opt in | |
| h) | |
| echo "$USAGE" >&2 | |
| exit 0 | |
| ;; | |
| b) | |
| keep_binaries=1 | |
| ;; | |
| *) | |
| echo "Invalid option $opt!" >&2 | |
| exit 1 | |
| ;; | |
| esac | |
| done | |
| sudo systemctl stop origin-{master,node} ||: | |
| sudo systemctl disable origin-{master,node} ||: | |
| sudo rm -rf /etc/origin /var/lib/origin ||: | |
| if [[ $keep_binaries = 0 ]]; then | |
| sudo rm -rf /usr/bin/openshift-* ||: | |
| sudo rm /usr/bin/{openshift,oc,oadm,kubelet,kubectl} ||: | |
| fi | |
| sudo rm -rf $NETPLUG_PATH/* ||: | |
| sudo rm -rf /run/openshift-sdn ||: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| IFS=$'\n\t' | |
| readonly os_release=`sed -n 's/^ID=["'"'"']\?\([^"'"'"']\+\).*/\1/p' /etc/os-release` | |
| case ${os_release:-unknown} in | |
| fedora) | |
| PMGR=dnf | |
| ;; | |
| rhel) | |
| PMGR=yum | |
| if ! [[ -e /etc/yum.repos.d/dnf-stack-el7.repo ]]; then | |
| cp /mnt/shared/yum/dnf-stack-el7.repo /etc/yum.repos.d/ | |
| fi | |
| rpm -q --quiet dnf >/dev/null || yum install dnf | |
| dnf install dnf-yum dnf-plugins-core --allowerase | |
| PMGR=dnf | |
| ;; | |
| *) | |
| echo "Unsupported os release: $os_release" >&2 | |
| exit 1 | |
| ;; | |
| esac | |
| readonly PMGR |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment