744 lines
30 KiB
YAML
744 lines
30 KiB
YAML
heat_template_version: 2013-05-23
|
|
description: >
|
|
Nested HOT template for deploying a highly available OpenShift Enterprise
|
|
environment. Deploys 3 HA brokers, 3 nodes, with floating IPs, LBaaS, cinder
|
|
attached storage (nodes) and dynamic DNS on broker1
|
|
parameter_groups:
|
|
- label: General parameters
|
|
description: General OpenShift parameters
|
|
parameters:
|
|
- broker1_hostname
|
|
- broker2_hostname
|
|
- broker3_hostname
|
|
- node1_hostname
|
|
- node2_hostname
|
|
- node3_hostname
|
|
- load_bal_hostname
|
|
- broker_image
|
|
- node_image
|
|
- broker_server_flavor
|
|
- node_server_flavor
|
|
- label: Networking parameters
|
|
description: Networking-related parameters
|
|
parameters:
|
|
- domain
|
|
- hosts_domain
|
|
- named_hostname
|
|
- named_ip
|
|
- upstream_dns_ip
|
|
- replicants
|
|
- cartridges
|
|
- public_net_id
|
|
- private_net_id
|
|
- private_subnet_id
|
|
- label: Credentials
|
|
description: >
|
|
Username and password parameters for OpenShift and dependent service
|
|
parameters:
|
|
- openshift_user1
|
|
- openshift_pass1
|
|
- mongo_broker_user
|
|
- mongo_broker_pass
|
|
- mcollective_user
|
|
- mcollective_pass
|
|
- activemq_admin_pass
|
|
- activemq_user_pass
|
|
parameters:
|
|
key_name:
|
|
description: Name of an existing keypair to enable SSH access to the instances
|
|
type: string
|
|
domain:
|
|
description: Your DNS domain
|
|
type: string
|
|
hosts_domain:
|
|
description: Openshift hosts domain
|
|
type: string
|
|
broker_server_flavor:
|
|
description: Flavor of broker server
|
|
type: string
|
|
default: m1.small
|
|
primary_avail_zone:
|
|
description: >
|
|
Primary availability zone to ensure distribution of brokers and nodes
|
|
type: string
|
|
default: nova
|
|
secondary_avail_zone:
|
|
description: >
|
|
Secondary availability zone to ensure distribution of brokers and nodes
|
|
type: string
|
|
default: nova
|
|
node_server_flavor:
|
|
description: Flavor of node servers
|
|
type: string
|
|
default: m1.medium
|
|
node_vol_size:
|
|
description: Node cinder volume size (GB)
|
|
type: number
|
|
default: 10
|
|
broker1_hostname:
|
|
description: Broker 1 hostname
|
|
type: string
|
|
default: broker1
|
|
broker2_hostname:
|
|
description: Broker 2 hostname
|
|
type: string
|
|
default: broker2
|
|
broker3_hostname:
|
|
description: Broker 3 hostname
|
|
type: string
|
|
default: broker3
|
|
node1_hostname:
|
|
description: Node 1 hostname
|
|
type: string
|
|
default: node1
|
|
node2_hostname:
|
|
description: Node 2 hostname
|
|
type: string
|
|
default: node2
|
|
node3_hostname:
|
|
description: Node 3 hostname
|
|
type: string
|
|
default: node3
|
|
load_bal_hostname:
|
|
description: Load balancer hostname
|
|
type: string
|
|
default: broker
|
|
broker_image:
|
|
description: Broker image name
|
|
type: string
|
|
default: centos65-x86_64-broker
|
|
node_image:
|
|
description: Node image name
|
|
type: string
|
|
default: centos65-x86_64-node
|
|
openshift_repo_base:
|
|
description: OSE Repository Base URL
|
|
type: string
|
|
default: ""
|
|
openshift_extra_repo_base:
|
|
description: OSE Extra Repository Base URL
|
|
type: string
|
|
default: ""
|
|
jboss_repo_base:
|
|
description: JBoss Repository Base URL
|
|
type: string
|
|
default: ""
|
|
named_hostname:
|
|
description: named server hostname
|
|
type: string
|
|
default: broker1
|
|
named_ip:
|
|
description: named server IP address
|
|
type: string
|
|
default: ""
|
|
upstream_dns_ip:
|
|
description: Upstream DNS IP address for zone transfer
|
|
type: string
|
|
default: ""
|
|
replicants:
|
|
description: >
|
|
Comma-separated list (no spaces) of broker hosts (FQDN) running ActiveMQ and MongoDB
|
|
type: string
|
|
cartridges:
|
|
description: >
|
|
Cartridges to install. "all" for all cartridges; "standard" for all cartridges except for JBossEWS or JBossEAP
|
|
type: string
|
|
default: "cron,diy,haproxy,mysql,nodejs,perl,php,postgresql,python,ruby"
|
|
public_net_id:
|
|
type: string
|
|
description: >
|
|
ID of public network for which floating IP addresses will be allocated
|
|
private_net_id:
|
|
type: string
|
|
description: ID of private network into which servers get deployed
|
|
private_subnet_id:
|
|
type: string
|
|
description: ID of private sub network into which servers get deployed
|
|
openshift_user1:
|
|
description: OpenShift username
|
|
type: string
|
|
default: user1
|
|
openshift_pass1:
|
|
description: OpenShift user password
|
|
type: string
|
|
hidden: true
|
|
mongo_broker_user:
|
|
description: MongoDB broker username
|
|
type: string
|
|
default: openshift
|
|
mongo_broker_pass:
|
|
description: MongoDB broker password
|
|
type: string
|
|
hidden: true
|
|
mcollective_user:
|
|
description: MCollective username
|
|
type: string
|
|
default: mcollective
|
|
mcollective_pass:
|
|
description: MCollective password
|
|
type: string
|
|
hidden: true
|
|
activemq_admin_pass:
|
|
description: ActiveMQ admin user password
|
|
type: string
|
|
hidden: true
|
|
activemq_user_pass:
|
|
description: ActiveMQ user password
|
|
type: string
|
|
hidden: true
|
|
|
|
resources:
|
|
oso_broker_sec_grp:
|
|
type: AWS::EC2::SecurityGroup
|
|
properties:
|
|
GroupDescription: broker firewall rules
|
|
SecurityGroupIngress:
|
|
- {IpProtocol: tcp, FromPort: '22', ToPort: '22', CidrIp: 0.0.0.0/0}
|
|
- {IpProtocol: udp, FromPort: '53', ToPort: '53', CidrIp: 0.0.0.0/0}
|
|
- {IpProtocol: tcp, FromPort: '53', ToPort: '53', CidrIp: 0.0.0.0/0}
|
|
- {IpProtocol: tcp, FromPort: '80', ToPort: '80', CidrIp: 0.0.0.0/0}
|
|
- {IpProtocol: tcp, FromPort: '443', ToPort: '443', CidrIp: 0.0.0.0/0}
|
|
- {IpProtocol: tcp, FromPort: '27017', ToPort: '27017', CidrIp: 0.0.0.0/0}
|
|
- {IpProtocol: tcp, FromPort: '61613', ToPort: '61613', CidrIp: 0.0.0.0/0}
|
|
- {IpProtocol: tcp, FromPort: '61616', ToPort: '61616', CidrIp: 0.0.0.0/0}
|
|
|
|
broker1_port:
|
|
type: OS::Neutron::Port
|
|
properties:
|
|
security_groups: [{ get_resource: oso_broker_sec_grp }]
|
|
network_id: { get_param: private_net_id }
|
|
fixed_ips:
|
|
- subnet_id: { get_param: private_subnet_id }
|
|
|
|
broker1_floating_ip:
|
|
type: OS::Neutron::FloatingIP
|
|
properties:
|
|
floating_network_id: { get_param: public_net_id }
|
|
port_id: { get_resource: broker1_port }
|
|
|
|
broker2_port:
|
|
type: OS::Neutron::Port
|
|
properties:
|
|
security_groups: [{ get_resource: oso_broker_sec_grp }]
|
|
network_id: { get_param: private_net_id }
|
|
fixed_ips:
|
|
- subnet_id: { get_param: private_subnet_id }
|
|
|
|
broker2_floating_ip:
|
|
type: OS::Neutron::FloatingIP
|
|
properties:
|
|
floating_network_id: { get_param: public_net_id }
|
|
port_id: { get_resource: broker2_port }
|
|
|
|
broker3_port:
|
|
type: OS::Neutron::Port
|
|
properties:
|
|
security_groups: [{ get_resource: oso_broker_sec_grp }]
|
|
network_id: { get_param: private_net_id }
|
|
fixed_ips:
|
|
- subnet_id: { get_param: private_subnet_id }
|
|
|
|
broker3_floating_ip:
|
|
type: OS::Neutron::FloatingIP
|
|
properties:
|
|
floating_network_id: { get_param: public_net_id }
|
|
port_id: { get_resource: broker3_port }
|
|
|
|
broker1_wait_handle:
|
|
type: AWS::CloudFormation::WaitConditionHandle
|
|
|
|
broker1_wait_condition:
|
|
type: AWS::CloudFormation::WaitCondition
|
|
properties:
|
|
Handle: { get_resource: broker1_wait_handle }
|
|
Timeout: '6000'
|
|
|
|
broker2_wait_handle:
|
|
type: AWS::CloudFormation::WaitConditionHandle
|
|
|
|
broker2_wait_condition:
|
|
type: AWS::CloudFormation::WaitCondition
|
|
properties:
|
|
Handle: { get_resource: broker2_wait_handle }
|
|
Timeout: '6000'
|
|
|
|
broker3_wait_handle:
|
|
type: AWS::CloudFormation::WaitConditionHandle
|
|
|
|
broker3_wait_condition:
|
|
type: AWS::CloudFormation::WaitCondition
|
|
properties:
|
|
Handle: { get_resource: broker3_wait_handle }
|
|
Timeout: '6000'
|
|
|
|
|
|
###
|
|
# load balancer
|
|
###
|
|
lb_vip_port:
|
|
type: OS::Neutron::Port
|
|
properties:
|
|
security_groups: [{ get_resource: oso_broker_sec_grp }]
|
|
network_id: { get_param: private_net_id }
|
|
fixed_ips:
|
|
- subnet_id: { get_param: private_subnet_id }
|
|
|
|
lb_vip_floating_ip:
|
|
type: OS::Neutron::FloatingIP
|
|
properties:
|
|
floating_network_id: { get_param: public_net_id }
|
|
port_id: { get_resource: lb_vip_port }
|
|
|
|
lb_pool_vip:
|
|
type: OS::Neutron::FloatingIPAssociation
|
|
properties:
|
|
floatingip_id: { get_resource: lb_vip_floating_ip }
|
|
port_id: { 'Fn::Select': ['port_id', {get_attr: [pool, vip] } ] }
|
|
|
|
monitor:
|
|
type: OS::Neutron::HealthMonitor
|
|
properties:
|
|
type: HTTPS
|
|
delay: 15
|
|
max_retries: 5
|
|
timeout: 10
|
|
|
|
pool:
|
|
type: OS::Neutron::Pool
|
|
properties:
|
|
name: oso_broker_lb_pool
|
|
description: Load balancer for OpenShift Enterprise broker hosts
|
|
protocol: HTTPS
|
|
subnet_id: { get_param: private_subnet_id }
|
|
lb_method: ROUND_ROBIN
|
|
monitors: [ { get_resource: monitor } ]
|
|
vip:
|
|
name: oso_broker_vip
|
|
description: broker virtual IP (VIP)
|
|
protocol_port: 443
|
|
session_persistence:
|
|
type: SOURCE_IP
|
|
|
|
mylb:
|
|
type: OS::Neutron::LoadBalancer
|
|
properties:
|
|
members: [ { get_resource: broker1_instance }, { get_resource: broker2_instance }, { get_resource: broker3_instance } ]
|
|
pool_id: { get_resource: pool }
|
|
protocol_port: 443
|
|
|
|
###
|
|
# Broker 1
|
|
###
|
|
broker1_instance:
|
|
type: OS::Nova::Server
|
|
depends_on: [broker2_wait_condition, broker3_wait_condition]
|
|
properties:
|
|
name: oso_broker1
|
|
image: { get_param: broker_image }
|
|
flavor: { get_param: broker_server_flavor }
|
|
availability_zone: { get_param: primary_avail_zone }
|
|
key_name: { get_param: key_name }
|
|
networks:
|
|
- port: { get_resource: broker1_port }
|
|
user_data:
|
|
str_replace:
|
|
template: |
|
|
#!/bin/bash -x
|
|
|
|
export CONF_BROKER_IP_ADDR=P_BROKER_FLOATING_IP
|
|
export CONF_BROKER2_IP_ADDR=P_BROKER2_FLOATING_IP
|
|
export CONF_BROKER3_IP_ADDR=P_BROKER3_FLOATING_IP
|
|
export CONF_DOMAIN=P_DOMAIN
|
|
export CONF_BROKER_HOSTNAME=P_BROKER_HOSTNAME
|
|
export CONF_BROKER2_HOSTNAME=P_BROKER2_HOSTNAME
|
|
export CONF_BROKER3_HOSTNAME=P_BROKER3_HOSTNAME
|
|
export CONF_NAMED_HOSTNAME=P_NAMED_HOSTNAME
|
|
export CONF_NAMED_IP_ADDR=P_NAMED_IP
|
|
export CONF_NAMED_ENTRIES=P_BROKER2_HOSTNAME:P_BROKER2_FLOATING_IP,P_BROKER3_HOSTNAME:P_BROKER3_FLOATING_IP,P_NODE1_HOSTNAME:P_NODE1_FLOATING_IP,P_NODE2_HOSTNAME:P_NODE2_FLOATING_IP,P_NODE3_HOSTNAME:P_NODE3_FLOATING_IP,P_LOAD_BAL_HOSTNAME:P_LOAD_BAL_IP
|
|
export CONF_BIND_KEYALGORITHM="HMAC-MD5"
|
|
export CONF_ACTIVEMQ_HOSTNAME=P_BROKER_HOSTNAME
|
|
export CONF_DATASTORE_HOSTNAME=P_BROKER_HOSTNAME
|
|
export CONF_DATASTORE_REPLICANTS=P_REPLICANTS
|
|
export CONF_ACTIVEMQ_REPLICANTS=P_REPLICANTS
|
|
export CONF_INSTALL_METHOD='osoyum'
|
|
export CONF_OSE_REPOS_BASE=P_CONF_OSE_REPOS_BASE
|
|
export CONF_OSE_EXTRA_REPO_BASE=P_CONF_OSE_EXTRA_REPOS_BASE
|
|
export CONF_JBOSS_REPO_BASE=P_CONF_JBOSS_REPO_BASE
|
|
export CONF_INSTALL_COMPONENTS=broker,activemq,datastore,named
|
|
export CONF_ACTIONS=do_all_actions,configure_datastore_add_replicants
|
|
export CONF_OPENSHIFT_USER1=P_CONF_OPENSHIFT_USER1
|
|
export CONF_OPENSHIFT_PASSWORD1=P_CONF_OPENSHIFT_PASSWORD1
|
|
export CONF_MONGODB_BROKER_USER=P_CONF_MONGODB_BROKER_USER
|
|
export CONF_MONGODB_BROKER_PASSWORD=P_CONF_MONGODB_BROKER_PASSWORD
|
|
export CONF_MCOLLECTIVE_USER=P_CONF_MCOLLECTIVE_USER
|
|
export CONF_MCOLLECTIVE_PASSWORD=P_CONF_MCOLLECTIVE_PASSWORD
|
|
export CONF_ACTIVEMQ_ADMIN_PASSWORD=P_CONF_ACTIVEMQ_ADMIN_PASSWORD
|
|
export CONF_ACTIVEMQ_AMQ_USER_PASSWORD=P_CONF_ACTIVEMQ_AMQ_USER_PASSWORD
|
|
|
|
while [ ! -f openshift.sh ]; do
|
|
echo "Attempting to fetch installer script"
|
|
curl -O https://raw.githubusercontent.com/jpeeler/openshift-extras/enterprise-2.0/enterprise/install-scripts/generic/openshift.sh -k
|
|
return=$?
|
|
echo "Attempt resulted in $result"
|
|
sleep 5
|
|
done
|
|
chmod +x ./openshift.sh
|
|
./openshift.sh 2>&1 | tee /tmp/openshift.out
|
|
sed -i '/type master/a \
|
|
also-notify { P_UPSTREAM_DNS_IP; };\n notify yes;' /etc/named.conf
|
|
setenforce 1
|
|
cd /etc/init.d
|
|
for i in `ls cloud-*`; do chkconfig $i off; done
|
|
# FIXME: shouldn't need this. DIB step? selinux enabled when pkg instld? see rpm -q --scripts ruby193-rubygem-passenger-native
|
|
#semodule -i /opt/rh/ruby193/root/usr/share/selinux/packages/ruby193-rubygem-passenger/ruby193-rubygem-passenger.pp 2>/dev/null
|
|
#fixfiles -R ruby193-rubygem-passenger restore
|
|
#fixfiles -R ruby193-rubygem-passenger-native restore
|
|
/usr/bin/cfn-signal -e 0 -s "Broker 1 setup complete" -i "P_BROKER_HOSTNAME.P_DOMAIN" "P_BROKER_WAIT_HANDLE"
|
|
echo "date >> /var/www/html/broker_up; restorecon -r /var/www/openshift" >> /etc/rc.local
|
|
reboot
|
|
params:
|
|
P_BROKER_FLOATING_IP: { get_attr: [ broker1_floating_ip, floating_ip_address ] }
|
|
P_NODE1_FLOATING_IP: { get_attr: [ node1_instance, node_floating_ip ] }
|
|
P_NODE2_FLOATING_IP: { get_attr: [ node2_instance, node_floating_ip ] }
|
|
P_NODE3_FLOATING_IP: { get_attr: [ node3_instance, node_floating_ip ] }
|
|
P_BROKER2_FLOATING_IP: { get_attr: [ broker2_floating_ip, floating_ip_address ] }
|
|
P_BROKER3_FLOATING_IP: { get_attr: [ broker3_floating_ip, floating_ip_address ] }
|
|
P_DOMAIN: { get_param: domain }
|
|
P_HOSTS_DOMAIN: { get_param: hosts_domain }
|
|
P_LOAD_BAL_HOSTNAME: { get_param: load_bal_hostname }
|
|
P_LOAD_BAL_IP: { get_attr: [ lb_vip_floating_ip, floating_ip_address ] }
|
|
P_BROKER_HOSTNAME: { get_param: broker1_hostname }
|
|
P_BROKER2_HOSTNAME: { get_param: broker2_hostname }
|
|
P_BROKER3_HOSTNAME: { get_param: broker3_hostname }
|
|
P_NODE1_HOSTNAME: { get_param: node1_hostname }
|
|
P_NODE2_HOSTNAME: { get_param: node2_hostname }
|
|
P_NODE3_HOSTNAME: { get_param: node3_hostname }
|
|
P_NAMED_HOSTNAME: { get_param: named_hostname }
|
|
P_NAMED_IP: { get_attr: [ broker1_floating_ip, floating_ip_address ] }
|
|
P_UPSTREAM_DNS_IP: { get_param: upstream_dns_ip }
|
|
P_REPLICANTS: { get_param: replicants }
|
|
P_CONF_OSE_REPOS_BASE: { get_param: openshift_repo_base}
|
|
P_CONF_OSE_EXTRA_REPOS_BASE: { get_param: openshift_extra_repo_base}
|
|
P_CONF_JBOSS_REPO_BASE: { get_param: jboss_repo_base}
|
|
P_CONF_OPENSHIFT_USER1: { get_param: openshift_user1 }
|
|
P_CONF_OPENSHIFT_PASSWORD1: { get_param: openshift_pass1 }
|
|
P_CONF_MONGODB_BROKER_USER: { get_param: mongo_broker_user }
|
|
P_CONF_MONGODB_BROKER_PASSWORD: { get_param: mongo_broker_pass }
|
|
P_CONF_MCOLLECTIVE_USER: { get_param: mcollective_user }
|
|
P_CONF_MCOLLECTIVE_PASSWORD: { get_param: mcollective_pass }
|
|
P_CONF_ACTIVEMQ_ADMIN_PASSWORD: { get_param: activemq_admin_pass }
|
|
P_CONF_ACTIVEMQ_AMQ_USER_PASSWORD: { get_param: activemq_user_pass }
|
|
P_BROKER_WAIT_HANDLE: { get_resource: broker1_wait_handle }
|
|
|
|
###
|
|
# Broker 2
|
|
###
|
|
broker2_instance:
|
|
type: OS::Nova::Server
|
|
properties:
|
|
name: oso_broker2
|
|
image: { get_param: broker_image }
|
|
flavor: { get_param: broker_server_flavor }
|
|
availability_zone: { get_param: secondary_avail_zone }
|
|
key_name: { get_param: key_name }
|
|
networks:
|
|
- port: { get_resource: broker2_port }
|
|
user_data:
|
|
str_replace:
|
|
template: |
|
|
#!/bin/bash -x
|
|
|
|
export CONF_BROKER_IP_ADDR=P_BROKER_FLOATING_IP
|
|
export CONF_DOMAIN=P_DOMAIN
|
|
export CONF_BROKER_HOSTNAME=P_BROKER_HOSTNAME
|
|
export CONF_NAMED_HOSTNAME=P_NAMED_HOSTNAME
|
|
export CONF_NAMED_IP_ADDR=P_NAMED_IP
|
|
export CONF_DATASTORE_REPLICANTS=P_REPLICANTS
|
|
export CONF_ACTIVEMQ_REPLICANTS=P_REPLICANTS
|
|
export CONF_INSTALL_METHOD='osoyum'
|
|
export CONF_OSE_REPOS_BASE=P_CONF_OSE_REPOS_BASE
|
|
export CONF_OSE_EXTRA_REPO_BASE=P_CONF_OSE_EXTRA_REPOS_BASE
|
|
export CONF_JBOSS_REPO_BASE=P_CONF_JBOSS_REPO_BASE
|
|
export CONF_INSTALL_COMPONENTS=broker,activemq,datastore
|
|
export CONF_ACTIONS=do_all_actions
|
|
export CONF_OPENSHIFT_USER1=P_CONF_OPENSHIFT_USER1
|
|
export CONF_OPENSHIFT_PASSWORD1=P_CONF_OPENSHIFT_PASSWORD1
|
|
export CONF_MONGODB_BROKER_USER=P_CONF_MONGODB_BROKER_USER
|
|
export CONF_MONGODB_BROKER_PASSWORD=P_CONF_MONGODB_BROKER_PASSWORD
|
|
export CONF_MCOLLECTIVE_USER=P_CONF_MCOLLECTIVE_USER
|
|
export CONF_MCOLLECTIVE_PASSWORD=P_CONF_MCOLLECTIVE_PASSWORD
|
|
export CONF_ACTIVEMQ_ADMIN_PASSWORD=P_CONF_ACTIVEMQ_ADMIN_PASSWORD
|
|
export CONF_ACTIVEMQ_AMQ_USER_PASSWORD=P_CONF_ACTIVEMQ_AMQ_USER_PASSWORD
|
|
|
|
while [ ! -f openshift.sh ]; do
|
|
echo "Attempting to fetch installer script"
|
|
curl -O https://raw.githubusercontent.com/jpeeler/openshift-extras/enterprise-2.0/enterprise/install-scripts/generic/openshift.sh -k
|
|
return=$?
|
|
echo "Attempt resulted in $result"
|
|
sleep 5
|
|
done
|
|
|
|
chmod +x ./openshift.sh
|
|
./openshift.sh 2>&1 | tee /tmp/openshift.out
|
|
setenforce 1
|
|
cd /etc/init.d
|
|
for i in `ls cloud-*`; do chkconfig $i off; done
|
|
# FIXME: shouldn't need this. DIB step? selinux enabled when pkg instld? see rpm -q --scripts ruby193-rubygem-passenger-native
|
|
#semodule -i /opt/rh/ruby193/root/usr/share/selinux/packages/ruby193-rubygem-passenger/ruby193-rubygem-passenger.pp 2>/dev/null
|
|
#fixfiles -R ruby193-rubygem-passenger restore
|
|
#fixfiles -R ruby193-rubygem-passenger-native restore
|
|
/usr/bin/cfn-signal -e 0 -s "Broker 2 setup complete" -i "P_BROKER_HOSTNAME.P_DOMAIN" "P_BROKER_WAIT_HANDLE"
|
|
|
|
RESULT=1
|
|
until [ $RESULT -eq 0 ]; do
|
|
bind_key=$(wget -q -O - --no-check-certificate "https://P_NAMED_IP/rsync_bind_key")
|
|
RESULT=$?
|
|
if [ $RESULT -ne 0 ]; then
|
|
echo 'Waiting for rsync bind key...'
|
|
sleep 5
|
|
fi
|
|
done
|
|
|
|
sed -i "s,\(BIND_KEYVALUE=\).*,\1\"$bind_key\"," /etc/openshift/plugins.d/openshift-origin-dns-nsupdate.conf
|
|
|
|
# prevents broker1 from attempting mongod setup while host is rebooting
|
|
RESULT=1
|
|
until [ $RESULT -eq 0 ]; do
|
|
timestamp=$(wget -q -O - --no-check-certificate "https://P_NAMED_IP/broker_up")
|
|
RESULT=$?
|
|
if [ $RESULT -ne 0 ]; then
|
|
echo "Waiting for broker1..."
|
|
sleep 5
|
|
else
|
|
echo "Broker1 up at $timestamp"
|
|
fi
|
|
done
|
|
|
|
echo "date >> /var/www/html/broker_up; restorecon -r /var/www/openshift" >> /etc/rc.local
|
|
reboot
|
|
params:
|
|
P_BROKER_FLOATING_IP: { get_attr: [ broker2_floating_ip, floating_ip_address ] }
|
|
P_DOMAIN: { get_param: domain }
|
|
P_HOSTS_DOMAIN: { get_param: hosts_domain }
|
|
P_BROKER_HOSTNAME: { get_param: broker2_hostname }
|
|
P_NAMED_HOSTNAME: { get_param: named_hostname }
|
|
P_NAMED_IP: { get_attr: [ broker1_floating_ip, floating_ip_address ] }
|
|
P_REPLICANTS: { get_param: replicants }
|
|
P_CONF_OSE_REPOS_BASE: { get_param: openshift_repo_base}
|
|
P_CONF_OSE_EXTRA_REPOS_BASE: { get_param: openshift_extra_repo_base}
|
|
P_CONF_JBOSS_REPO_BASE: { get_param: jboss_repo_base}
|
|
P_CONF_OPENSHIFT_USER1: { get_param: openshift_user1 }
|
|
P_CONF_OPENSHIFT_PASSWORD1: { get_param: openshift_pass1 }
|
|
P_CONF_MONGODB_BROKER_USER: { get_param: mongo_broker_user }
|
|
P_CONF_MONGODB_BROKER_PASSWORD: { get_param: mongo_broker_pass }
|
|
P_CONF_MCOLLECTIVE_USER: { get_param: mcollective_user }
|
|
P_CONF_MCOLLECTIVE_PASSWORD: { get_param: mcollective_pass }
|
|
P_CONF_ACTIVEMQ_ADMIN_PASSWORD: { get_param: activemq_admin_pass }
|
|
P_CONF_ACTIVEMQ_AMQ_USER_PASSWORD: { get_param: activemq_user_pass }
|
|
P_BROKER_WAIT_HANDLE: { get_resource: broker2_wait_handle}
|
|
|
|
###
|
|
# Broker3
|
|
###
|
|
broker3_instance:
|
|
type: OS::Nova::Server
|
|
properties:
|
|
name: oso_broker3
|
|
image: { get_param: broker_image }
|
|
flavor: { get_param: broker_server_flavor }
|
|
availability_zone: { get_param: primary_avail_zone }
|
|
key_name: { get_param: key_name }
|
|
networks:
|
|
- port: { get_resource: broker3_port }
|
|
user_data:
|
|
str_replace:
|
|
template: |
|
|
#!/bin/bash -x
|
|
|
|
export CONF_BROKER_IP_ADDR=P_BROKER_FLOATING_IP
|
|
export CONF_DOMAIN=P_DOMAIN
|
|
export CONF_BROKER_HOSTNAME=P_BROKER_HOSTNAME
|
|
export CONF_NAMED_HOSTNAME=P_NAMED_HOSTNAME
|
|
export CONF_NAMED_IP_ADDR=P_NAMED_IP
|
|
export CONF_DATASTORE_REPLICANTS=P_REPLICANTS
|
|
export CONF_ACTIVEMQ_REPLICANTS=P_REPLICANTS
|
|
export CONF_INSTALL_METHOD='osoyum'
|
|
export CONF_OSE_REPOS_BASE=P_CONF_OSE_REPOS_BASE
|
|
export CONF_OSE_EXTRA_REPO_BASE=P_CONF_OSE_EXTRA_REPOS_BASE
|
|
export CONF_JBOSS_REPO_BASE=P_CONF_JBOSS_REPO_BASE
|
|
export CONF_INSTALL_COMPONENTS=broker,activemq,datastore
|
|
export CONF_ACTIONS=do_all_actions
|
|
export CONF_OPENSHIFT_USER1=P_CONF_OPENSHIFT_USER1
|
|
export CONF_OPENSHIFT_PASSWORD1=P_CONF_OPENSHIFT_PASSWORD1
|
|
export CONF_MONGODB_BROKER_USER=P_CONF_MONGODB_BROKER_USER
|
|
export CONF_MONGODB_BROKER_PASSWORD=P_CONF_MONGODB_BROKER_PASSWORD
|
|
export CONF_MCOLLECTIVE_USER=P_CONF_MCOLLECTIVE_USER
|
|
export CONF_MCOLLECTIVE_PASSWORD=P_CONF_MCOLLECTIVE_PASSWORD
|
|
export CONF_ACTIVEMQ_ADMIN_PASSWORD=P_CONF_ACTIVEMQ_ADMIN_PASSWORD
|
|
export CONF_ACTIVEMQ_AMQ_USER_PASSWORD=P_CONF_ACTIVEMQ_AMQ_USER_PASSWORD
|
|
|
|
while [ ! -f openshift.sh ]; do
|
|
echo "Attempting to fetch installer script"
|
|
curl -O https://raw.githubusercontent.com/jpeeler/openshift-extras/enterprise-2.0/enterprise/install-scripts/generic/openshift.sh -k
|
|
return=$?
|
|
echo "Attempt resulted in $result"
|
|
sleep 5
|
|
done
|
|
|
|
chmod +x ./openshift.sh
|
|
./openshift.sh 2>&1 | tee /tmp/openshift.out
|
|
setenforce 1
|
|
cd /etc/init.d
|
|
for i in `ls cloud-*`; do chkconfig $i off; done
|
|
# FIXME: shouldn't need this. DIB step? selinux enabled when pkg instld? see rpm -q --scripts ruby193-rubygem-passenger-native
|
|
#semodule -i /opt/rh/ruby193/root/usr/share/selinux/packages/ruby193-rubygem-passenger/ruby193-rubygem-passenger.pp 2>/dev/null
|
|
#fixfiles -R ruby193-rubygem-passenger restore
|
|
#fixfiles -R ruby193-rubygem-passenger-native restore
|
|
/usr/bin/cfn-signal -e 0 -s "Broker 3 setup complete" -i "P_BROKER_HOSTNAME.P_DOMAIN" "P_BROKER_WAIT_HANDLE"
|
|
|
|
RESULT=1
|
|
until [ $RESULT -eq 0 ]; do
|
|
bind_key=$(wget -q -O - --no-check-certificate "https://P_NAMED_IP/rsync_bind_key")
|
|
RESULT=$?
|
|
if [ $RESULT -ne 0 ]; then
|
|
echo 'Waiting for rsync bind key...'
|
|
sleep 5
|
|
fi
|
|
done
|
|
|
|
sed -i "s,\(BIND_KEYVALUE=\).*,\1\"$bind_key\"," /etc/openshift/plugins.d/openshift-origin-dns-nsupdate.conf
|
|
|
|
# prevents broker1 from attempting mongod setup while host is rebooting
|
|
RESULT=1
|
|
until [ $RESULT -eq 0 ]; do
|
|
timestamp=$(wget -q -O - --no-check-certificate "https://P_NAMED_IP/broker_up")
|
|
RESULT=$?
|
|
if [ $RESULT -ne 0 ]; then
|
|
echo "Waiting for broker1..."
|
|
sleep 5
|
|
else
|
|
echo "Broker1 up at $timestamp"
|
|
fi
|
|
done
|
|
|
|
echo "date >> /var/www/html/broker_up; restorecon -r /var/www/openshift" >> /etc/rc.local
|
|
reboot
|
|
params:
|
|
P_BROKER_FLOATING_IP: { get_attr: [ broker3_floating_ip, floating_ip_address ] }
|
|
P_DOMAIN: { get_param: domain }
|
|
P_HOSTS_DOMAIN: { get_param: hosts_domain }
|
|
P_BROKER_HOSTNAME: { get_param: broker3_hostname }
|
|
P_NAMED_HOSTNAME: { get_param: named_hostname }
|
|
P_NAMED_IP: { get_attr: [ broker1_floating_ip, floating_ip_address ] }
|
|
P_REPLICANTS: { get_param: replicants }
|
|
P_CONF_OSE_REPOS_BASE: { get_param: openshift_repo_base}
|
|
P_CONF_OSE_EXTRA_REPOS_BASE: { get_param: openshift_extra_repo_base}
|
|
P_CONF_JBOSS_REPO_BASE: { get_param: jboss_repo_base}
|
|
P_CONF_OPENSHIFT_USER1: { get_param: openshift_user1 }
|
|
P_CONF_OPENSHIFT_PASSWORD1: { get_param: openshift_pass1 }
|
|
P_CONF_MONGODB_BROKER_USER: { get_param: mongo_broker_user }
|
|
P_CONF_MONGODB_BROKER_PASSWORD: { get_param: mongo_broker_pass }
|
|
P_CONF_MCOLLECTIVE_USER: { get_param: mcollective_user }
|
|
P_CONF_MCOLLECTIVE_PASSWORD: { get_param: mcollective_pass }
|
|
P_CONF_ACTIVEMQ_ADMIN_PASSWORD: { get_param: activemq_admin_pass }
|
|
P_CONF_ACTIVEMQ_AMQ_USER_PASSWORD: { get_param: activemq_user_pass }
|
|
P_BROKER_WAIT_HANDLE: { get_resource: broker3_wait_handle}
|
|
|
|
###
|
|
# Node
|
|
###
|
|
node1_instance:
|
|
type: OpenShift::Node::Server
|
|
properties:
|
|
key_name: { get_param: key_name }
|
|
domain: { get_param: domain }
|
|
hosts_domain: { get_param: hosts_domain }
|
|
broker1_hostname: { get_param: broker1_hostname }
|
|
broker1_floating_ip: { get_attr: [ broker1_floating_ip, floating_ip_address ] }
|
|
node_hostname: { get_param: node1_hostname }
|
|
load_bal_hostname: { get_param: load_bal_hostname }
|
|
node_image: { get_param: node_image }
|
|
replicants: { get_param: replicants }
|
|
cartridges: { get_param: cartridges }
|
|
openshift_repo_base: { get_param: openshift_repo_base }
|
|
openshift_extra_repo_base: { get_param: openshift_extra_repo_base }
|
|
jboss_repo_base: { get_param: jboss_repo_base }
|
|
public_net_id: { get_param: public_net_id }
|
|
private_net_id: { get_param: private_net_id }
|
|
private_subnet_id: { get_param: private_subnet_id }
|
|
mcollective_user: { get_param: mcollective_user }
|
|
mcollective_pass: { get_param: mcollective_pass }
|
|
activemq_admin_pass: { get_param: activemq_admin_pass }
|
|
activemq_user_pass: { get_param: activemq_user_pass }
|
|
avail_zone: { get_param: primary_avail_zone }
|
|
node_server_flavor: { get_param: node_server_flavor }
|
|
|
|
node2_instance:
|
|
type: OpenShift::Node::Server
|
|
properties:
|
|
key_name: { get_param: key_name }
|
|
domain: { get_param: domain }
|
|
hosts_domain: { get_param: hosts_domain }
|
|
broker1_hostname: { get_param: broker1_hostname }
|
|
broker1_floating_ip: { get_attr: [ broker1_floating_ip, floating_ip_address ] }
|
|
node_hostname: { get_param: node2_hostname }
|
|
load_bal_hostname: { get_param: load_bal_hostname }
|
|
node_image: { get_param: node_image }
|
|
replicants: { get_param: replicants }
|
|
cartridges: { get_param: cartridges }
|
|
openshift_repo_base: { get_param: openshift_repo_base }
|
|
openshift_extra_repo_base: { get_param: openshift_extra_repo_base }
|
|
jboss_repo_base: { get_param: jboss_repo_base }
|
|
public_net_id: { get_param: public_net_id }
|
|
private_net_id: { get_param: private_net_id }
|
|
private_subnet_id: { get_param: private_subnet_id }
|
|
mcollective_user: { get_param: mcollective_user }
|
|
mcollective_pass: { get_param: mcollective_pass }
|
|
activemq_admin_pass: { get_param: activemq_admin_pass }
|
|
activemq_user_pass: { get_param: activemq_user_pass }
|
|
avail_zone: { get_param: secondary_avail_zone }
|
|
node_server_flavor: { get_param: node_server_flavor }
|
|
|
|
node3_instance:
|
|
type: OpenShift::Node::Server
|
|
properties:
|
|
key_name: { get_param: key_name }
|
|
domain: { get_param: domain }
|
|
hosts_domain: { get_param: hosts_domain }
|
|
broker1_hostname: { get_param: broker1_hostname }
|
|
broker1_floating_ip: { get_attr: [ broker1_floating_ip, floating_ip_address ] }
|
|
node_hostname: { get_param: node3_hostname }
|
|
load_bal_hostname: { get_param: load_bal_hostname }
|
|
node_image: { get_param: node_image }
|
|
replicants: { get_param: replicants }
|
|
cartridges: { get_param: cartridges }
|
|
openshift_repo_base: { get_param: openshift_repo_base }
|
|
openshift_extra_repo_base: { get_param: openshift_extra_repo_base }
|
|
jboss_repo_base: { get_param: jboss_repo_base }
|
|
public_net_id: { get_param: public_net_id }
|
|
private_net_id: { get_param: private_net_id }
|
|
private_subnet_id: { get_param: private_subnet_id }
|
|
mcollective_user: { get_param: mcollective_user }
|
|
mcollective_pass: { get_param: mcollective_pass }
|
|
activemq_admin_pass: { get_param: activemq_admin_pass }
|
|
activemq_user_pass: { get_param: activemq_user_pass }
|
|
avail_zone: { get_param: secondary_avail_zone }
|
|
node_server_flavor: { get_param: node_server_flavor }
|
|
|
|
outputs:
|
|
console_url:
|
|
description: OpenShift Enterprise console URL
|
|
value:
|
|
str_replace:
|
|
template: |
|
|
https://host.domain/console
|
|
params:
|
|
host: { get_param: load_bal_hostname }
|
|
domain: { get_param: domain }
|
|
default_user:
|
|
description: OpenShift Enterprise default user
|
|
value: { get_param: openshift_user1 }
|
|
load_balancer_floating_ip:
|
|
description: load balancer floating IP address
|
|
value: { get_attr: [ lb_vip_floating_ip, floating_ip_address ] }
|