-
Notifications
You must be signed in to change notification settings - Fork 1
/
kuryr_heat_pike
executable file
·219 lines (185 loc) · 7.55 KB
/
kuryr_heat_pike
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
#!/bin/bash
function sub_stack() {
local deployment=${1:-heat-kuryr-k8s}
# create stack
echo "Deploying the stack"
openstack stack create -e hot/parameters.yml -t hot/kuryr_heat_template.yml "$deployment"
sub_show "$deployment"
}
function sub_unstack()
{
local deployment
deployment=${1:-heat-kuryr-k8s}
# destroying the stack
echo "Destroying the stack"
openstack stack delete "$deployment"
}
function _wait_for_after_in_progress() {
local deployment
local status
deployment="$1"
while true; do
status=$(openstack stack show "${deployment}" -c stack_status -f value)
if [[ ! "$status" =~ IN_PROGRESS$ ]]; then
break
fi
done
}
function sub_show() {
local deployment
local workers_output
local masters_output
local hostname
local address
local fqdn
deployment=${1:-heat-kuryr-k8s}
_wait_for_after_in_progress "$deployment"
echo "VM subnet: $(openstack stack output show "${deployment}" vm_subnet -f json | jq -r '.output_value')"
echo "Pod subnet: $(openstack stack output show "${deployment}" pod_subnet -f json | jq -r '.output_value')"
echo "Service subnet: $(openstack stack output show "${deployment}" service_subnet -f json | jq -r '.output_value')"
echo "K8s API Sec. group: $(openstack stack output show "${deployment}" k8s_api_sg -f json | jq -r '.output_value')"
echo "Pod kubelet/Service Access Sec. group: $(openstack stack output show "${deployment}" pod_access_sg -f json | jq -r '.output_value')"
echo "master FIPs: $(openstack stack output show "${deployment}" master_fips -f json | jq -r '.output_value' | jq -r '.[]' | xargs echo)"
workers_output=$(openstack stack output show "${deployment}" trunk_dns -f json | jq .output_value -r | jq .[] -r)
masters_output=$(openstack stack output show "${deployment}" master_port_dns -f json | jq .output_value -r | jq .[] -r)
echo "Master nodes:"
echo $masters_output | jq -r '"\(.fqdn) \(.fixed_ips.ip_address)"'
echo "Worker nodes:"
echo $workers_output | jq -r '"\(.fqdn) \(.fixed_ips.ip_address)"'
printf "\n"
}
function sub_update_dns_server() {
local ns_update_temp
local masters_output
local workers_output
local domain
local deployment
local key
deployment="$1"
domain="$2"
key="$3"
ns_update_temp=$(mktemp)
masters_output=$(openstack stack output show "${deployment}" master_port_dns -f json | jq .output_value -r | jq .[] -r)
workers_output=$(openstack stack output show "${deployment}" trunk_dns -f json | jq .output_value -r | jq .[] -r)
cat > "$ns_update_temp" << NS_EOF
server ns.${domain}
zone ${domain}
NS_EOF
echo "$masters_output" | jq -r '"\(.fqdn) \(.fixed_ips.ip_address)"' | \
awk '{printf "update delete %s. A\nupdate add %s. 3600 A %s\n", $1, $1, $2}' >> "$ns_update_temp"
echo "$workers_output" | jq -r '"\(.fqdn) \(.fixed_ips.ip_address)"' | \
awk '{printf "update delete %s. A\nupdate add %s. 3600 A %s\n", $1, $1, $2}' >> "$ns_update_temp"
cat >> "$ns_update_temp" << NS_EOF
show
send
NS_EOF
echo "Updating DNS zone ${domain} with:"
cat "$ns_update_temp"
nsupdate -k "$key" -v "$ns_update_temp"
}
function sub_getkey() {
local deployment
deployment=${1:-heat-kuryr-k8s}
echo "$(openstack stack output show ${deployment} master_key_priv -f json | jq -r '.output_value')"
}
function sub_ansible_inventory() {
local deployment
local external_dns
local tmp
local masters_output
local workers_output
local project_id
local pod_sgs
local pod_subnet_id
local vm_subnet_id
local service_subnet_id
deployment=${1:-heat-kuryr-k8s}
external_dns="$2"
tmp=$(mktemp)
project_id="$(openstack project show ${OS_PROJECT_NAME} -f value -c id)"
pod_subnet_id=$(openstack stack output show "${deployment}" pod_subnet -f json | jq -r '.output_value')
vm_subnet_id=$(openstack stack output show "${deployment}" vm_subnet -f json | jq -r '.output_value')
service_subnet_id=$(openstack stack output show "${deployment}" service_subnet -f json | jq -r '.output_value')
# Get comma separated SGs to apply to pods
pod_sgs="$(openstack security group list --project "${project_id}" -f value | awk '$2 ~ /default/ {print $1}')"
pod_sgs="${pod_sgs},$(openstack stack output show "${deployment}" pod_access_sg -f json | jq -r '.output_value')"
cat > "$tmp" << EOF
[OSEv3:children]
masters
nodes
etcd
[OSEv3:vars]
openshift_use_kuryr=True
openshift_use_openshift_sdn=False
os_sdn_network_plugin_name=cni
kuryr_cni_link_interface=eth0
openshift_use_dnsmasq=True
openshift_dns_ip=${external_dns}
openshift_disable_check=disk_availability,docker_storage,memory_availability
# Set userspace so that there's no iptables remains
openshift_node_proxy_mode=userspace
ansible_ssh_user=centos
ansible_become=yes
debug_level=2
openshift_deployment_type=origin
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]
openshift_master_api_env_vars={"ENABLE_HTTP2": "true"}
openshift_master_controllers_env_vars={"ENABLE_HTTP2": "true"}
openshift_node_env_vars={"ENABLE_HTTP2": "true"}
# Disable management of the OpenShift Registry
openshift_hosted_manage_registry=false
# Disable management of the OpenShift Router
openshift_hosted_manage_router=false
# Openstack
kuryr_openstack_auth_url=${OS_AUTH_URL}
kuryr_openstack_user_domain_name=${OS_USER_DOMAIN_ID}
kuryr_openstack_user_project_name=${OS_PROJECT_NAME}
kuryr_openstack_project_id=${project_id}
kuryr_openstack_username=${OS_USERNAME}
kuryr_openstack_password=${OS_PASSWORD}
kuryr_openstack_pod_sg_id=${pod_sgs}
kuryr_openstack_pod_subnet_id=${pod_subnet_id}
kuryr_openstack_worker_nodes_subnet_id=${vm_subnet_id}
kuryr_openstack_service_subnet_id=${service_subnet_id}
kuryr_openstack_pod_project_id=${project_id}
kuryr_openstack_enable_pools=True
kuryr_openstack_pool_max=0
kuryr_openstack_pool_min=1
kuryr_openstack_pool_batch=5
kuryr_openstack_pool_update_frequency=20
EOF
masters_output=$(openstack stack output show "${deployment}" master_port_dns -f json | jq .output_value -r | jq .[] -r)
workers_output=$(openstack stack output show "${deployment}" trunk_dns -f json | jq .output_value -r | jq .[] -r)
echo "$masters_output" | jq -r '"\(.fqdn) \(.fixed_ips.ip_address)"' | \
awk 'BEGIN{print "[masters]"}; {print $1}' >> "$tmp"
echo "$masters_output" | jq -r '"\(.fqdn) \(.fixed_ips.ip_address)"' | \
awk 'BEGIN{print "[etcd]"}; {print $1}' >> "$tmp"
echo "$workers_output" | jq -r '"\(.fqdn) \(.fixed_ips.ip_address)"' | \
awk 'BEGIN{print "[nodes]"}; {print $1}' >> "$tmp"
cat "$tmp"
}
function sub_help() {
local myname
myname=$(basename "$0")
printf "Usage: %s <subcommand> [options]\n" "$myname"
printf "Subcommands:\n"
printf " stack my_stack_name Create Heat stack\n"
printf " unstack my_stack_name Delete Heat stack\n"
printf " show my_stack_name Show important info about the deployed Heat stack\n"
printf " getkey my_stack_name Output the Heat stack instances privkey to stdout\n"
}
command=$1
case $command in
"" | "-h" | "--help")
sub_help
;;
*)
shift
"sub_${command}" "$@"
if [ $? = 127 ]; then
echo "Error: '$command' is not a known kuryr heat command." >&2
echo " Run \'$(basename "$0") --help\' for a list of known subcommands." >&2
exit 1
fi
;;
esac