225 lines
7.1 KiB
Bash
Executable File
225 lines
7.1 KiB
Bash
Executable File
#!/bin/bash
|
|
# Install & configure OpenNebula with MariaDB Galera Cluster as HA
|
|
# This script is idempotent like an Ansible playbook!
|
|
# I.e. run it as many times as you want to, it won't hurt!
|
|
|
|
# -e = stop on exception, -x = debug, -a = export all variables
|
|
set -e -x -a
|
|
|
|
# Include config
|
|
. all_vars
|
|
|
|
### Check host variables
|
|
if [ -z "$play_host" -o -z "$node_name" -o -z "$int_ip" ]; then
|
|
echo "play_host/node_name/int_ip not specified"
|
|
exit 1
|
|
fi
|
|
|
|
### Find 1G and 10G network interfaces (10G is used for keepalived and galera)
|
|
eth10g=
|
|
eth1g=
|
|
export $(ssh root@$play_host '
|
|
for i in /sys/class/net/*; do
|
|
ip link set ${i##/sys/class/net/} up
|
|
if [ x`cat /sys/class/net/enp4s0/carrier 2>/dev/null` == "x1" ]; then
|
|
if [ x`cat $i/speed 2>/dev/null` == "x10000" ]; then
|
|
echo eth10g=${i##/sys/class/net/}
|
|
elif [ x`cat $i/speed 2>/dev/null` == "x1000" ]; then
|
|
echo eth1g=${i##/sys/class/net/}
|
|
fi
|
|
fi
|
|
done')
|
|
|
|
if [ -z "$eth10g" ]; then
|
|
echo "10GbE network not found on $play_host"
|
|
exit 1
|
|
fi
|
|
|
|
### Configure network
|
|
envsubst < ./etc/rc.local.env | ssh root@$play_host 'cat > /etc/rc.local'
|
|
envsubst < ./etc/network/interfaces.env | ssh root@$play_host 'cat > /etc/network/interfaces.new'
|
|
ssh root@$play_host <<EOF
|
|
set -e
|
|
|
|
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confdef" \
|
|
-o Dpkg::Options::="--force-confold" install -y \
|
|
bridge-utils
|
|
|
|
chmod 755 /etc/rc.local
|
|
/etc/rc.local
|
|
systemctl enable rc-local
|
|
if ! cmp -s /etc/network/interfaces /etc/network/interfaces.new; then
|
|
nmcli dev disconnect $eth1g; true
|
|
mv /etc/network/interfaces.new /etc/network/interfaces
|
|
ifup br0
|
|
service networking restart
|
|
fi
|
|
EOF
|
|
|
|
### Install packages
|
|
scp ./etc/apt/sources.list.d/opennebula.list root@$play_host:/etc/apt/sources.list.d/opennebula.list
|
|
scp ./etc/apt/sources.list.d/mariadb.list root@$play_host:/etc/apt/sources.list.d/mariadb.list
|
|
|
|
ssh root@$play_host <<EOF
|
|
set -e
|
|
|
|
wget -q -O - https://downloads.opennebula.org/repo/repo.key | apt-key add -
|
|
|
|
apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
|
|
|
|
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confdef" \
|
|
-o Dpkg::Options::="--force-confold" install -y \
|
|
lsb-release keepalived sudo qemu-kvm qemu-block-extra mariadb-server netcat-openbsd \
|
|
opennebula opennebula-sunstone opennebula-gate opennebula-flow opennebula-node opennebula-tools
|
|
|
|
/usr/share/one/install_gems --yes
|
|
EOF
|
|
|
|
### Setup keepalived
|
|
envsubst < ./etc/keepalived/keepalived.conf.env | \
|
|
ssh root@$play_host 'cat > /etc/keepalived/keepalived.conf'
|
|
ssh root@$play_host 'systemctl restart keepalived'
|
|
|
|
### Setup or join MariaDB Galera Cluster
|
|
scp ./etc/mysql/mariadb.conf.d/50-client.cnf root@$play_host:/etc/mysql/mariadb.conf.d/50-client.cnf
|
|
|
|
# Put all hosts except this one in wsrep_cluster_address
|
|
galera_hosts=
|
|
for host in $opennebula_hosts; do
|
|
if [ "$host" != "$play_host" ]; then
|
|
galera_hosts=$galera_hosts,$host
|
|
fi
|
|
done
|
|
galera_hosts=${galera_hosts##,}
|
|
envsubst < ./etc/mysql/mariadb.conf.d/50-server.cnf.env | \
|
|
ssh root@$play_host 'cat > /etc/mysql/mariadb.conf.d/50-server.cnf'
|
|
|
|
# Create a user for Galera (if not yet)
|
|
ssh root@$play_host <<EOF
|
|
set -e -x
|
|
|
|
if ! (echo 'SELECT 1' | mysql --host=$play_host -u sst_user --password=$galera_password); then
|
|
service mysql restart
|
|
mysql <<EOM
|
|
GRANT USAGE ON *.* to sst_user@'%' IDENTIFIED BY '$galera_password';
|
|
GRANT ALL PRIVILEGES on *.* to sst_user@'%';
|
|
FLUSH PRIVILEGES;
|
|
EOM
|
|
fi
|
|
|
|
[ -h /etc/mysql/my.cnf ] || rm /etc/mysql/my.cnf && ln -fs /etc/mysql/mariadb.cnf /etc/mysql/my.cnf
|
|
EOF
|
|
|
|
if [ "$init_db" -eq 1 ]; then
|
|
# Create a new cluster
|
|
ssh root@$play_host <<EOF
|
|
set -e -x
|
|
systemctl stop mysql
|
|
systemctl start mysql --wsrep-new-cluster
|
|
mysql <<EOM
|
|
CREATE DATABASE opennebula;
|
|
GRANT ALL PRIVILEGES ON opennebula.* TO 'oneadmin' IDENTIFIED BY '$opennebula_db_password';
|
|
FLUSH PRIVILEGES;
|
|
EOM
|
|
EOF
|
|
else
|
|
# Or just join it
|
|
ssh root@$play_host 'systemctl restart mysql'
|
|
fi
|
|
|
|
### Setup OpenNebula oned and sunstone
|
|
ssh root@$play_host <<EOF
|
|
echo oneadmin:$oneadmin_password > /var/lib/one/.one/one_auth
|
|
echo serveradmin:$serveradmin_password > /var/lib/one/.one/ec2_auth
|
|
echo serveradmin:$serveradmin_password > /var/lib/one/.one/occi_auth
|
|
echo serveradmin:$serveradmin_password > /var/lib/one/.one/oneflow_auth
|
|
echo serveradmin:$serveradmin_password > /var/lib/one/.one/onegate_auth
|
|
echo serveradmin:$serveradmin_password > /var/lib/one/.one/sunstone_auth
|
|
echo $one_key > /var/lib/one/.one/one_key
|
|
chown oneadmin:oneadmin /var/lib/one/.one/*
|
|
chmod 600 /var/lib/one/.one/*
|
|
EOF
|
|
|
|
ssh root@$play_host <<EOF
|
|
set -e -x
|
|
|
|
perl -i -pe 's!^DB\s*=.*!DB = [ backend = "mysql", server = "localhost", port = 0, user = "oneadmin", passwd = "$opennebula_db_password", db_name = "opennebula" ]!' /etc/one/oned.conf
|
|
|
|
while ! echo SELECT 1 | mysql; do
|
|
echo Waiting for MySQL...
|
|
done
|
|
|
|
systemctl enable opennebula
|
|
systemctl enable opennebula-sunstone
|
|
systemctl restart opennebula
|
|
systemctl restart opennebula-sunstone
|
|
EOF
|
|
|
|
# Setup onedns
|
|
envsubst < ./etc/systemd/system/onedns.service.env | \
|
|
ssh root@$play_host 'cat > /etc/systemd/system/onedns.service'
|
|
scp etc/sysctl.conf root@$play_host:/etc/
|
|
ssh root@$play_host <<EOF
|
|
set -e -x
|
|
[ -e onedns ] || git clone https://github.com/vitalif/onedns
|
|
cd onedns
|
|
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confdef" \
|
|
-o Dpkg::Options::="--force-confold" install -y \
|
|
python-setuptools
|
|
python setup.py install
|
|
sysctl --load=/etc/sysctl.conf
|
|
systemctl enable onedns
|
|
systemctl restart onedns
|
|
EOF
|
|
|
|
# Setup passwordless ssh for `oneadmin` (authorized_keys and known_hosts)
|
|
ssh root@$play_host <<EOF
|
|
set -e -x
|
|
|
|
if [ ! -f /var/lib/one/.ssh/id_rsa.pub ]; then
|
|
su - oneadmin -c 'ssh-keygen -t rsa -f /root/.ssh/id_rsa -q -P ""'
|
|
fi
|
|
|
|
if [ ! -f /var/lib/one/.ssh/known_hosts ]; then
|
|
su - oneadmin -c 'ssh-keyscan localhost >> /var/lib/one/.ssh/known_hosts'
|
|
for host in $opennebula_hosts; do
|
|
su - oneadmin -c "ssh-keyscan \$host >> /var/lib/one/.ssh/known_hosts"
|
|
done
|
|
fi
|
|
EOF
|
|
|
|
> tmp$$
|
|
for host in $opennebula_hosts; do
|
|
ssh root@$host 'cat /var/lib/one/.ssh/id_rsa.pub' >> tmp$$
|
|
done
|
|
ssh root@$play_host 'cat /var/lib/one/.ssh/authorized_keys; true' >> tmp$$
|
|
cat tmp$$ | sort | uniq | ssh root@$play_host 'cat > /var/lib/one/.ssh/authorized_keys'
|
|
rm tmp$$
|
|
|
|
# Add a host to OpenNebula and set reserved memory to 16G
|
|
ssh root@$play_host <<EOF
|
|
set -e -x
|
|
service libvirtd restart
|
|
host_name=
|
|
export \$(onehost show -x $play_host | /var/lib/one/remotes/datastore/xpath.rb \
|
|
"concat('host_name=', /HOST/NAME/text(), ' host_mem=', /HOST/TEMPLATE/RESERVED_MEM/text())" | tr '\0' '\n')
|
|
if [ -z "\$host_name" ]; then
|
|
onehost create $play_host -i kvm -v kvm
|
|
fi
|
|
if [ "\$host_mem" != "16777216" ]; then
|
|
echo 'RESERVED_MEM="16777216"' > tmp$$
|
|
onehost update -a $play_host tmp$$
|
|
rm tmp$$
|
|
fi
|
|
EOF
|
|
|
|
# Apply the patch
|
|
scp opennebula-ceph-cpds-clone.diff root@$play_host:~/
|
|
ssh root@$play_host <<EOF
|
|
set -e -x
|
|
if ! grep -q clone /var/lib/one/remotes/tm/ceph/cpds; then
|
|
cd /
|
|
patch -p0 < /root/opennebula-ceph-cpds-clone.diff
|
|
fi
|
|
EOF
|