Skip to content
This repository has been archived by the owner on Jan 11, 2023. It is now read-only.

Deploying DCOS clusters using bootstrap node (starting v1.11) #2825

Merged
merged 23 commits into from
May 2, 2018
Merged
Show file tree
Hide file tree
Changes from 20 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
118 changes: 118 additions & 0 deletions parts/dcos/bstrap/bootstrapcustomdata.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
#cloud-config

bootcmd:
- bash -c "if [ ! -f /var/lib/sdb-gpt ];then echo DCOS-5890;parted -s /dev/sdb mklabel
gpt;touch /var/lib/sdb-gpt;fi"
disk_setup:
ephemeral0:
layout:
- 50
- 50
overwrite: true
table_type: gpt
fs_setup:
- device: ephemeral0.1
filesystem: ext4
overwrite: true
- device: ephemeral0.2
filesystem: ext4
overwrite: true
mounts:
- - ephemeral0.1
- /var/lib/mesos
- - ephemeral0.2
- /var/lib/docker
runcmd: PREPROVISION_EXTENSION
- [ ln, -s, /bin/rm, /usr/bin/rm ]
- [ ln, -s, /bin/mkdir, /usr/bin/mkdir ]
- [ ln, -s, /bin/tar, /usr/bin/tar ]
- [ ln, -s, /bin/ln, /usr/bin/ln ]
- [ ln, -s, /bin/cp, /usr/bin/cp ]
- [ ln, -s, /bin/systemctl, /usr/bin/systemctl ]
- [ ln, -s, /bin/mount, /usr/bin/mount ]
- [ ln, -s, /bin/bash, /usr/bin/bash ]
- [ ln, -s, /usr/sbin/useradd, /usr/bin/useradd ]
- [ systemctl, disable, --now, resolvconf.service ]
- [ systemctl, mask, --now, lxc-net.service ]
- [ systemctl, disable, --now, unscd.service ]
- [ systemctl, stop, --now, unscd.service ]
- /opt/azure/containers/provision.sh
- [ systemctl, start, dcos-docker-install.service ]
- [ systemctl, restart, systemd-journald.service ]
- [ systemctl, restart, docker.service ]
- /opt/azure/dcos/init_bootstrap.sh
write_files:
- content: |
[Unit]
After=network-online.target
Wants=network-online.target
[Service]
Type=oneshot
Environment=DEBIAN_FRONTEND=noninteractive
StandardOutput=journal+console
StandardError=journal+console
ExecStartPre=/usr/bin/curl -fLsSv --retry 20 -Y 100000 -y 60 -o /var/tmp/d.deb https://download.docker.com/linux/ubuntu/dists/xenial/pool/stable/amd64/docker-ce_17.09.0~ce-0~ubuntu_amd64.deb
ExecStart=/usr/bin/bash -c "try=1;until dpkg -D3 -i /var/tmp/d.deb || ((try>9));do echo retry $((try++));sleep $((try*try));done;systemctl --now start docker;systemctl restart docker.socket"
path: /etc/systemd/system/dcos-docker-install.service
permissions: '0644'
- content: |
[Service]
Restart=always
StartLimitInterval=0
RestartSec=15
ExecStartPre=-/sbin/ip link del docker0
ExecStart=
ExecStart=/usr/bin/dockerd --storage-driver=overlay
path: /etc/systemd/system/docker.service.d/execstart.conf
permissions: '0644'
- content: |
[Unit]
PartOf=docker.service
[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker
ListenStream=2375
BindIPv6Only=both
[Install]
WantedBy=sockets.target
path: /etc/systemd/system/docker.socket
permissions: '0644'
- content: |
#!/bin/sh

curl -H Metadata:true -fsSL "http://169.254.169.254/metadata/instance/network/interface/0/ipv4/ipAddress/0/privateIpAddress?api-version=2017-04-02&format=text"
owner: root
path: /opt/azure/dcos/genconf/ip-detect
permissions: '0755'
- content: |
bootstrap_url: http://BOOTSTRAP_IP:8086
cluster_name: azure-dcos
exhibitor_storage_backend: static
master_discovery: static
oauth_enabled: BOOTSTRAP_OAUTH_ENABLED
ip_detect_public_filename: genconf/ip-detect
master_list:
MASTER_IP_LIST
resolvers:
- 198.51.100.1
- 198.51.100.2
- 198.51.100.3
owner: root
path: /opt/azure/dcos/genconf/config.yaml
permissions: '0644'
- content: |
#!/bin/bash
cd /opt/azure/dcos
curl -O BOOTSTRAP_INSTALLER_URL

bash dcos_generate_config.sh
docker run -d -p 8086:80 -v $PWD/genconf/serve:/usr/share/nginx/html:ro nginx
owner: root
path: /opt/azure/dcos/init_bootstrap.sh
permissions: '0755'
- content: 'PROVISION_STR'
path: /opt/azure/containers/provision.sh
permissions: "0744"
owner: "root"
181 changes: 181 additions & 0 deletions parts/dcos/bstrap/bootstrapparams.t
Original file line number Diff line number Diff line change
@@ -0,0 +1,181 @@
"linuxAdminUsername": {
"metadata": {
"description": "User name for the Linux Virtual Machines (SSH or Password)."
},
"type": "string"
},
"bootstrapEndpointDNSNamePrefix": {
"metadata": {
"description": "Sets the Domain name label for the bootstrap IP Address. The concatenation of the domain name label and the regional DNS zone make up the fully qualified domain name associated with the public IP address."
},
"type": "string"
},
{{range .ExtensionProfiles}}
"{{.Name}}Parameters": {
"metadata": {
"description": "Parameters for the extension"
},
"type": "securestring"
},
{{end}}
{{if IsHostedBootstrap}}
"bootstrapSubnet": {
"defaultValue": "{{.HostedBootstrapProfile.Subnet}}",
"metadata": {
"description": "Sets the subnet for the VMs in the cluster."
},
"type": "string"
},
"bootstrapEndpoint": {
"defaultValue": "{{.HostedBootstrapProfile.FQDN}}",
"metadata": {
"description": "Sets the static IP of the first bootstrap"
},
"type": "string"
},
{{else}}
"bootstrapFirstConsecutiveStaticIP": {
"metadata": {
"description": "Sets the static IP of the first bootstrap"
},
"type": "string"
},
"bootstrapVMSize": {
{{GetDCOSBootstrapAllowedSizes}}
"metadata": {
"description": "The size of the Virtual Machine."
},
"type": "string"
},
"bootstrapCount": {
"metadata": {
"description": "The number of the Virtual Machines in the set."
},
"type": "int"
},
{{end}}
"sshRSAPublicKey": {
"metadata": {
"description": "SSH public key used for auth to all Linux machines. Not Required. If not set, you must provide a password key."
},
"type": "string"
},
"nameSuffix": {
"defaultValue": "{{GetUniqueNameSuffix}}",
"metadata": {
"description": "A string hash of the bootstrap DNS name to uniquely identify the cluster."
},
"type": "string"
},
"osImageName": {
"defaultValue": "",
"metadata": {
"description": "Name of a Linux OS image. Needs to be used in conjuction with osImageResourceGroup."
},
"type": "string"
},
"osImageResourceGroup": {
"defaultValue": "",
"metadata": {
"description": "Resource group of a Linux OS image. Needs to be used in conjuction with osImageName."
},
"type": "string"
},
"osImageOffer": {
"defaultValue": "UbuntuServer",
"metadata": {
"description": "Linux OS image type."
},
"type": "string"
},
"osImagePublisher": {
"defaultValue": "Canonical",
"metadata": {
"description": "OS image publisher."
},
"type": "string"
},
"osImageSKU": {
"defaultValue": "16.04-LTS",
"metadata": {
"description": "OS image SKU."
},
"type": "string"
},
"osImageVersion": {
"defaultValue": "16.04.201804050",
"metadata": {
"description": "OS image version."
},
"type": "string"
},
"fqdnEndpointSuffix":{
"defaultValue": "cloudapp.azure.com",
"metadata": {
"description": "Endpoint of FQDN."
},
"type": "string"
},
"targetEnvironment": {
"defaultValue": "AzurePublicCloud",
"metadata": {
"description": "The azure deploy environment. Currently support: AzurePublicCloud, AzureChinaCloud"
},
"type": "string"
},
"location": {
"defaultValue": "{{GetLocation}}",
"metadata": {
"description": "Sets the location for all resources in the cluster"
},
"type": "string"
}
{{if GetClassicMode}}
,{{template "classicparams.t" .}}
{{end}}
{{if .LinuxProfile.HasSecrets}}
{{range $vIndex, $vault := .LinuxProfile.Secrets}}
,
"linuxKeyVaultID{{$vIndex}}": {
"metadata": {
"description": "KeyVaultId{{$vIndex}} to install certificates from on linux machines."
},
"type": "string"
}
{{range $cIndex, $cert := $vault.VaultCertificates}}
,
"linuxKeyVaultID{{$vIndex}}CertificateURL{{$cIndex}}": {
"metadata": {
"description": "CertificateURL{{$cIndex}} to install from KeyVaultId{{$vIndex}} on linux machines."
},
"type": "string"
}
{{end}}
{{end}}
{{end}}
{{if .HasWindows}}{{if .WindowsProfile.HasSecrets}}
{{range $vIndex, $vault := .WindowsProfile.Secrets}}
,
"windowsKeyVaultID{{$vIndex}}": {
"metadata": {
"description": "KeyVaultId{{$vIndex}} to install certificates from on windows machines."
},
"type": "string"
}
{{range $cIndex, $cert := $vault.VaultCertificates}}
,
"windowsKeyVaultID{{$vIndex}}CertificateURL{{$cIndex}}": {
"metadata": {
"description": "Url to retrieve Certificate{{$cIndex}} from KeyVaultId{{$vIndex}} to install on windows machines."
},
"type": "string"
},
"windowsKeyVaultID{{$vIndex}}CertificateStore{{$cIndex}}": {
"metadata": {
"description": "CertificateStore to install Certificate{{$cIndex}} from KeyVaultId{{$vIndex}} on windows machines."
},
"type": "string"
}
{{end}}
{{end}}
{{end}} {{end}}
33 changes: 33 additions & 0 deletions parts/dcos/bstrap/bootstrapprovision.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
#!/bin/bash

retrycmd_if_failure() { retries=$1; wait=$2; timeout=$3; shift && shift && shift; for i in $(seq 1 $retries); do timeout $timeout ${@}; [ $? -eq 0 ] && break || sleep $wait; done; echo Executed \"$@\" $i times; }

TMPDIR="/tmp/dcos"
mkdir -p $TMPDIR

# default dc/os component download address (Azure CDN)
DOCKER_ENGINE_DOWNLOAD_URL=https://mesosphere.blob.core.windows.net/dcos-deps/docker-engine_1.13.1-0-ubuntu-xenial_amd64.deb
LIBIPSET_DOWNLOAD_URL=https://az837203.vo.msecnd.net/dcos-deps/libipset3_6.29-1_amd64.deb
IPSET_DOWNLOAD_URL=https://az837203.vo.msecnd.net/dcos-deps/ipset_6.29-1_amd64.deb
UNZIP_DOWNLOAD_URL=https://az837203.vo.msecnd.net/dcos-deps/unzip_6.0-20ubuntu1_amd64.deb
LIBLTDL_DOWNLOAD_URL=https://az837203.vo.msecnd.net/dcos-deps/libltdl7_2.4.6-0.1_amd64.deb

case $DCOS_ENVIRONMENT in
# because of Chinese GreatWall Firewall, the default packages on Azure CDN is blocked. So the following Chinese local mirror url should be used instead.
AzureChinaCloud)
DOCKER_ENGINE_DOWNLOAD_URL=http://acsengine.blob.core.chinacloudapi.cn/dcos/docker-engine_1.11.2-0~xenial_amd64.deb
LIBIPSET_DOWNLOAD_URL=http://acsengine.blob.core.chinacloudapi.cn/dcos/libipset3_6.29-1_amd64.deb
IPSET_DOWNLOAD_URL=http://acsengine.blob.core.chinacloudapi.cn/dcos/ipset_6.29-1_amd64.deb
UNZIP_DOWNLOAD_URL=http://acsengine.blob.core.chinacloudapi.cn/dcos/unzip_6.0-20ubuntu1_amd64.deb
LIBLTDL_DOWNLOAD_URL=http://acsengine.blob.core.chinacloudapi.cn/dcos/libltdl7_2.4.6-0.1_amd64.deb
;;
esac

curl -fLsSv --retry 20 -Y 100000 -y 60 -o $TMPDIR/d.deb $DOCKER_ENGINE_DOWNLOAD_URL &
curl -fLsSv --retry 20 -Y 100000 -y 60 -o $TMPDIR/1.deb $LIBIPSET_DOWNLOAD_URL &
curl -fLsSv --retry 20 -Y 100000 -y 60 -o $TMPDIR/2.deb $IPSET_DOWNLOAD_URL &
curl -fLsSv --retry 20 -Y 100000 -y 60 -o $TMPDIR/3.deb $UNZIP_DOWNLOAD_URL &
curl -fLsSv --retry 20 -Y 100000 -y 60 -o $TMPDIR/4.deb $LIBLTDL_DOWNLOAD_URL &
wait

retrycmd_if_failure 10 10 120 dpkg -i $TMPDIR/{1,2,3,4}.deb
Loading