diff --git a/README.md b/README.md index 1720c49..2419630 100644 --- a/README.md +++ b/README.md @@ -126,6 +126,7 @@ ansible-playbook -v -i hosts /usr/share/ansible/openshift-ansible/playbooks/byo/ From the bastion host run the following ``` ansible 'masters' -i hosts -b -m shell -a "htpasswd -b /etc/origin/master/htpasswd " +ansible 'masters' -i hosts -b -m shell -a "oadm policy add-cluster-role-to-user cluster-admin admin" ``` ## Clean up diff --git a/cleanup-gcp.sh b/cleanup-gcp.sh index f81e537..8e2b710 100755 --- a/cleanup-gcp.sh +++ b/cleanup-gcp.sh @@ -3,14 +3,16 @@ set -e gcloud config set project $GCLOUD_PROJECT +#echo "delete google storage buckets" #delete google storage buckets for i in $(gsutil ls); do gsutil rm -r $i & done; wait +#echo "delete firewall rules" #delete firewall rules -for i in $(gcloud compute firewall-rules list -r ^oc-.* | awk 'NR>1 {print $1}'); do +for i in $(gcloud compute firewall-rules list --filter="name~'^oc-.*'" | awk 'NR>1 {print $1}'); do gcloud compute firewall-rules delete -q $i & done; wait @@ -47,7 +49,7 @@ wait #delete instance-groups for k in us-central1-a us-central1-b us-central1-f; do - for i in $(gcloud compute instance-groups unmanaged list --zones $k | awk 'NR>1 {print $1}'); do + for i in $(gcloud compute instance-groups unmanaged list --filter="zone:( $k )" | awk 'NR>1 {print $1}'); do gcloud compute instance-groups unmanaged delete -q $i --zone $k & done; done; @@ -55,7 +57,7 @@ wait #delete VMs for k in us-central1-a us-central1-b us-central1-f; do - for i in $(gcloud compute instances list --zones $k| awk 'NR>1 {print $1}'); do + for i in $(gcloud compute instances list --filter="zone:( $k )" | awk 'NR>1 {print $1}'); do gcloud compute instances delete $i -q --zone "$k" & done; done; @@ -64,7 +66,7 @@ wait #delete disks for k in us-central1-a us-central1-b us-central1-f; do - for i in $(gcloud compute disks list --zones $k | awk 'NR>1 {print $1}'); do + for i in $(gcloud compute disks list --filter="zone:( $k )" | awk 'NR>1 {print $1}'); do gcloud compute disks delete -q $i --zone $k & done; done diff --git a/hosts b/hosts index f5262fd..963c1e5 100644 --- a/hosts +++ b/hosts @@ -7,7 +7,7 @@ nodes etcd nfs #{% if {{ env[GLUSTER] }} equals 'yes' %} -glusterfs +#glusterfs #{% endif %} # Set variables common for all OSEv3 hosts @@ -15,7 +15,7 @@ glusterfs # SSH user, this user should allow ssh based auth without requiring a # password. If using ssh key based auth, then the key should be managed by an # ssh agent. -ansible_ssh_user=BASTION_USERNAME +ansible_ssh_user=scottes # If ansible_ssh_user is not root, ansible_become must be set to true and the # user must be configured for passwordless sudo @@ -80,11 +80,11 @@ osm_cockpit_plugins=['cockpit-kubernetes'] # or to one or all of the masters defined in the inventory if no load # balancer is present. openshift_master_cluster_method=native -openshift_master_cluster_hostname=master.10.128.0.10.xip.io -openshift_master_cluster_public_hostname=master.104.197.199.131.xip.io +openshift_master_cluster_hostname=mi.ocp.scottes.io +openshift_master_cluster_public_hostname=master.ocp.scottes.io # default subdomain to use for exposed routes -openshift_master_default_subdomain=apps.104.198.35.122.xip.io +openshift_master_default_subdomain=apps.ocp.scottes.io # OpenShift Router Options # @@ -110,31 +110,53 @@ openshift_hosted_manage_registry=true # See: https://docs.openshift.com/enterprise/latest/install_config/cluster_metrics.html # # By default metrics are not automatically deployed, set this to enable them -openshift_hosted_metrics_deploy=true +#openshift_hosted_metrics_deploy=true #openshift_hosted_metrics_deployer_version=3.3.0 -openshift_hosted_metrics_storage_kind=dynamic -openshift_hosted_metrics_storage_volume_size= 10Gi -openshift_metrics_hawkular_replicas=2 -openshift_metrics_cassandra_replicas=3 -openshift_metrics_hawkular_nodeselector='{"region":"infra"}' -openshift_metrics_cassandra_nodeselector='{"region":"infra"}' -openshift_metrics_heapster_nodeselector='{"region":"infra"}' -openshift_metrics_selector="region=infra" +#openshift_hosted_metrics_storage_kind=nfs +#openshift_hosted_metrics_storage_volume_size=10Gi +#openshift_metrics_hawkular_replicas=2 +#openshift_metrics_cassandra_replicas=3 +#openshift_metrics_hawkular_nodeselector='{"region":"infra"}' +#openshift_metrics_cassandra_nodeselector='{"region":"infra"}' +#openshift_metrics_heapster_nodeselector='{"region":"infra"}' +#openshift_metrics_selector="region=infra" # Logging deployment # # Currently logging deployment is disabled by default, enable it by setting this -openshift_hosted_logging_deploy=false +#openshift_hosted_logging_deploy=false +openshift_hosted_logging_deploy=true #openshift_hosted_logging_deployer_version=3.3.0 -#openshift_hosted_metrics_storage_kind=dynamic -#openshift_logging_es_pvc_size= 100Gi -#openshift_logging_es_cluster_size= 3 +openshift_logging_image_version=v3.6 +#openshift_logging_es_pvc_size=100Gi +openshift_logging_es_cluster_size=3 #openshift_logging_es_number_of_replicas=2 #openshift_logging_kibana_replica_count=2 -#openshift_logging_es_nodeselector='{"region":"infra"}' -#openshift_logging_kibana_nodeselector='{"region":"infra"}' -#openshift_logging_curator_nodeselector='{"region":"infra"}' +openshift_logging_es_nodeselector='{"region":"infra"}' +openshift_logging_kibana_nodeselector='{"region":"infra"}' +openshift_logging_curator_nodeselector='{"region":"infra"}' + +#openshift_hosted_logging_storage_host=host +openshift_hosted_logging_storage_kind=nfs +openshift_hosted_logging_storage_access_modes=['ReadWriteOnce'] +openshift_hosted_logging_storage_nfs_directory=/exports +openshift_hosted_logging_storage_nfs_options='*(rw,root_squash)' +openshift_hosted_logging_storage_volume_name=logging +openshift_hosted_logging_storage_volume_size=10Gi +openshift_hosted_logging_storage_labels={'storage': 'logging'} +openshift_logging_es_pvc_dynamic=false +openshift_logging_es_ops_pvc_dynamic=false +#openshift_logging_kibana_hostname= +#openshift_hosted_logging_hostname= + +#openshift_hosted_logging_storage_kind=nfs +#openshift_hosted_logging_storage_access_modes=['ReadWriteOnce'] +#openshift_hosted_logging_storage_host=ose-bastion.c.ocp-demo.internal +#openshift_hosted_logging_storage_nfs_directory=/NotBackedUp/nfs/ose36 +#openshift_hosted_logging_storage_volume_name=logging +#openshift_hosted_logging_storage_volume_size=10Gi +#openshift_hosted_logging_storage_labels={'storage': 'logging'} # Configure the multi-tenant SDN plugin (default is 'redhat/openshift-ovs-subnet') os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant' @@ -198,8 +220,8 @@ openshift_disable_check=docker_storage,memory_availability,disk_availability #{% if {{ env[GLUSTER] }} equals = 'yes' %} #gluster -openshift_storage_glusterfs_namespace=glusterfs -openshift_storage_glusterfs_name=storage +#openshift_storage_glusterfs_namespace=glusterfs +#openshift_storage_glusterfs_name=storage #{% endif %} @@ -223,7 +245,7 @@ infranode[1:3] openshift_node_labels="{'region': 'infra'}" #{% if {{ env[GLUSTER] }} equals 'yes' %} -[glusterfs] -node[1:3] glusterfs_ip="{{ ansible_default_ipv4.address }}" glusterfs_devices='[ "/dev/sdc" ]' +#[glusterfs] +#node[1:3] glusterfs_ip="{{ ansible_default_ipv4.address }}" glusterfs_devices='[ "/dev/sdc" ]' #{% endif %} diff --git a/post-cluster-creation/delete-pvs.sh b/post-cluster-creation/delete-pvs.sh new file mode 100755 index 0000000..ce43bb5 --- /dev/null +++ b/post-cluster-creation/delete-pvs.sh @@ -0,0 +1,15 @@ +#!/bin/bash +set -e + +#crate necessary dirs in nfs server + +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'for i in {1..30}; do echo "/exports/pv$i *(rw,root_squash)" | sudo tee -a /etc/exports.d/openshift-ansible.exports > /dev/null; done;' +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'for i in {1..30}; do sudo mkdir "/exports/pv$i" && sudo chown nfsnobody:nfsnobody "/exports/pv$i" && sudo chmod 777 "/exports/pv$i"; done;' + +#restart nfs +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo systemctl restart nfs + +# create pvs +for i in {1..30}; do + oc delete pv pv$i +done diff --git a/post-cluster-creation/new-configure-pvs.sh b/post-cluster-creation/new-configure-pvs.sh new file mode 100755 index 0000000..53f8e74 --- /dev/null +++ b/post-cluster-creation/new-configure-pvs.sh @@ -0,0 +1,15 @@ +#!/bin/bash +set -e + +#crate necessary dirs in nfs server + +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'for i in {1..30}; do echo "/exports/pv$i *(rw,root_squash)" | sudo tee -a /etc/exports.d/openshift-ansible.exports > /dev/null; done;' +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'for i in {1..30}; do sudo mkdir "/exports/pv$i" && sudo chown nfsnobody:nfsnobody "/exports/pv$i" && sudo chmod 777 "/exports/pv$i"; done;' + +#restart nfs +#ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo systemctl restart nfs + +# create pvs +for i in {1..30}; do + oc process -f pv_template.yaml -p NFS_EXPORT="pv$i" -p PV_NAME="pv$i" | oc create -f - +done diff --git a/post-cluster-creation/pv_template.yaml b/post-cluster-creation/pv_template.yaml index 0ad4929..7e7bf27 100644 --- a/post-cluster-creation/pv_template.yaml +++ b/post-cluster-creation/pv_template.yaml @@ -9,7 +9,7 @@ objects: accessModes: - ReadWriteOnce capacity: - storage: 10Gi + storage: 100Gi nfs: path: /exports/${NFS_EXPORT} server: ose-bastion @@ -20,4 +20,4 @@ parameters: required: true - name: NFS_EXPORT description: name of the nfs export - required: true \ No newline at end of file + required: true diff --git a/prepare-bastion.sh b/prepare-bastion.sh index 9be1765..fd4a72a 100755 --- a/prepare-bastion.sh +++ b/prepare-bastion.sh @@ -7,9 +7,13 @@ a=`whoami` sed -i "s/^/$a:/" ./my_id.pub export BASTION_USERNAME=$a + +[ -z "$OCP_VERSION" ] && OCP_VERSION=3.10 + gcloud compute project-info add-metadata --metadata-from-file sshKeys=./my_id.pub # prepare bastion to receive variables +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo yum -y --disablerepo=rhui* install google-rhui-client-rhel7' ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'echo AcceptEnv RHN_USERNAME RHN_PASSWORD DNS_DOMAIN BASTION_USERNAME RHN_SUB_POOL GLUSTER | sudo tee -a /etc/ssh/sshd_config > /dev/null' ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo systemctl restart sshd # disable host check on ssh connections @@ -21,9 +25,9 @@ ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'su #subscribe ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` sudo subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD # configure subscriptions -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'sudo subscription-manager attach --pool=$RHN_SUB_POOL && sudo subscription-manager refresh && sudo subscription-manager repos --disable="*" && sudo subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-optional-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-3.6-rpms" --enable="rhel-7-fast-datapath-rpms"' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'sudo subscription-manager attach --pool=$RHN_SUB_POOL && sudo subscription-manager refresh && sudo subscription-manager repos --disable="*" && sudo subscription-manager repos --enable="rhel-7-server-rpms" --enable="rhel-7-server-optional-rpms" --enable="rhel-7-server-extras-rpms" --enable="rhel-7-server-ose-$OCP_VERSION-rpms" --enable="rhel-7-fast-datapath-rpms"' #update install packages -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo yum update -y && sudo yum install -y git ansible atomic-openshift-utils screen bind-utils atomic-openshift-clients' +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'sudo yum update -y && sudo yum install -y git ansible atomic-openshift-utils screen bind-utils atomic-openshift-clients openshift-ansible' # generate and add keys ssh `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` 'ssh-keygen -t rsa -f .ssh/id_rsa -N ""' # set the key in gcloud metadata @@ -34,7 +38,7 @@ gcloud compute project-info add-metadata --metadata-from-file sshKeys=./my_id.pu # download git -ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` git clone https://github.com/raffaelespazzoli/openshift-enablement-exam +ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` git clone https://github.com/sully6768/openshift-enablement-exam # prepare hostfile ssh -t `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` -o SendEnv=RHN_USERNAME -o SendEnv=RHN_PASSWORD -o SendEnv=DNS_DOMAIN -o SendEnv=RHN_SUB_POOL -o SendEnv=BASTION_USERNAME 'sed -i "s/master.10.128.0.10.xip.io/mi.$DNS_DOMAIN/g" /home/$BASTION_USERNAME/openshift-enablement-exam/hosts' diff --git a/prepare-cluster.sh b/prepare-cluster.sh index a912205..797aca7 100755 --- a/prepare-cluster.sh +++ b/prepare-cluster.sh @@ -1,13 +1,14 @@ #!/bin/bash set -e -# Prepare Cluster -ansible nodes -b -i hosts -m shell -a "yum install -y subscription-manager && subscription-manager clean" -ansible nodes -b -i hosts -m shell -a "subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD && subscription-manager attach --pool=$RHN_SUB_POOL && subscription-manager refresh" +# Prepare Cluster +ansible nodes -b -i hosts -m shell -a "yum -y --disablerepo=rhui* install google-rhui-client-rhel7" +ansible nodes -b -i hosts -m shell -a "yum install -y subscription-manager && subscription-manager clean" +ansible nodes -b -i hosts -m shell -a "subscription-manager register --username=$RHN_USERNAME --password=$RHN_PASSWORD && subscription-manager attach --pool=$RHN_SUB_POOL && subscription-manager refresh" ansible nodes -b -i hosts -m shell -a "subscription-manager repos --disable='*' && subscription-manager repos --enable=rhel-7-server-rpms --enable=rhel-7-server-optional-rpms --enable=rhel-7-server-extras-rpms --enable=rhel-7-server-ose-3.6-rpms --enable=rhel-7-fast-datapath-rpms" ansible nodes -b -i hosts -m shell -a "yum update -y && yum install -y docker wget git net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct" ansible 'nodes:!masters' -i hosts -b -m copy -a "src=docker-storage-setup dest=/etc/sysconfig/docker-storage-setup" #this is non-idempotent ansible 'nodes:!masters' -i hosts -b -m shell -a "yum install -y docker && docker-storage-setup" ansible nodes -b -i hosts -m service -a "name=docker enabled=true state=started" -ansible nodes -b -i hosts -m shell -a "reboot" \ No newline at end of file +ansible nodes -b -i hosts -m shell -a "reboot" diff --git a/provision-gcp.sh b/provision-gcp.sh index c1c74e6..2e48524 100755 --- a/provision-gcp.sh +++ b/provision-gcp.sh @@ -1,96 +1,216 @@ #!/bin/bash set -e +[ -z "$OCP_VERSION" ] && OCP_VERSION=3.10 +[ -z "$RHEL_VERSION" ] && RHEL_VERSION=`gcloud compute images list | awk '{print $1}' | grep rhel-7-v` +[ -z "$OCP_MASTER_COUNT" ] && OCP_MASTER_COUNT=1 +[ -z "$OCP_INFRA_COUNT" ] && OCP_INFRA_COUNT=1 +[ -z "$OCP_NODE_COUNT" ] && OCP_NODE_COUNT=2 + +DEFAULT_SCOPE="https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" + +echo "RHEL_VERSION == $RHEL_VERSION" + gcloud config set project $GCLOUD_PROJECT -#create docker disks -gcloud compute disks create "infranode1-docker" --size "50" --zone "us-central1-a" --type "pd-standard" & -gcloud compute disks create "infranode2-docker" --size "50" --zone "us-central1-b" --type "pd-standard" & -gcloud compute disks create "infranode3-docker" --size "50" --zone "us-central1-f" --type "pd-standard" & -gcloud compute disks create "node1-docker" --size "50" --zone "us-central1-a" --type "pd-standard" & -gcloud compute disks create "node2-docker" --size "50" --zone "us-central1-b" --type "pd-standard" & -gcloud compute disks create "node3-docker" --size "50" --zone "us-central1-f" --type "pd-standard" & -wait -if [ $GLUSTER == "yes" ]; then +#################################################################################### +# +# Create the docker disk storage for INFRA and NODE +# +#################################################################################### +for (( I=1; I<=$OCP_INFRA_COUNT; I++ )) +do + echo $I + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute disks create "infranode$I-docker" --size "50" --zone "$ZONE" --type "pd-standard" & +done + +for (( I=1; I<=$OCP_NODE_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute disks create "node$I-docker" --size "50" --zone "$ZONE" --type "pd-standard" & +done - #create gluster disks - gcloud compute disks create "node1-gluster" --size "200" --zone "us-central1-a" --type "pd-standard" & - gcloud compute disks create "node2-gluster" --size "200" --zone "us-central1-b" --type "pd-standard" & - gcloud compute disks create "node3-gluster" --size "200" --zone "us-central1-f" --type "pd-standard" & - wait -fi +wait +#################################################################################### + + + +#################################################################################### +# +# Create the MASTER, INFRA, and COMPUTE Nodes +# +#################################################################################### +for (( I=1; I<=$OCP_MASTER_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute instances create "master$I"\ + --zone "$ZONE"\ + --machine-type "n1-standard-2"\ + --subnet "default"\ + --maintenance-policy "TERMINATE"\ + --service-account default\ + --scopes "$DEEFAULT_SCOPE"\ + --image-project "rhel-cloud"\ + --image "$RHEL_VERSION"\ + --boot-disk-size "50"\ + --boot-disk-type "pd-standard"\ + --boot-disk-device-name "master$I"\ + --tags "master" & +done + +for (( I=1; I<=$OCP_INFRA_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute instances create "infranode$I"\ + --zone "$ZONE"\ + --machine-type "n1-standard-2"\ + --subnet "default"\ + --maintenance-policy "TERMINATE"\ + --service-account default\ + --scopes "$DEFAULT_SCOPE"\ + --disk "name=infranode$I-docker,device-name=disk-1,mode=rw,boot=no"\ + --image-project "rhel-cloud"\ + --image "$RHEL_VERSION"\ + --boot-disk-size "20"\ + --boot-disk-type "pd-standard"\ + --boot-disk-device-name "infranode$I"\ + --tags "infranode" & +done + +for (( I=1; I<=$OCP_NODE_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute instances create "node$I"\ + --zone "$ZONE"\ + --machine-type "n1-standard-2"\ + --subnet "default"\ + --maintenance-policy "TERMINATE"\ + --service-account default\ + --scopes "$DEFAULT_SCOPE"\ + --disk "name=node$I-docker,device-name=disk-1,mode=rw,boot=no"\ + --image-project "rhel-cloud"\ + --image "$RHEL_VERSION"\ + --boot-disk-size "20"\ + --boot-disk-type "pd-standard"\ + --boot-disk-device-name "node$I"\ + --tags "node" & +done + +wait +#################################################################################### -#Masters -gcloud compute instances create "master1" --zone "us-central1-a" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master1" --tags "master" & -gcloud compute instances create "master2" --zone "us-central1-b" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master2" --tags "master" & -gcloud compute instances create "master3" --zone "us-central1-f" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "master3" --tags "master" & - -#infranodes -gcloud compute instances create "infranode1" --zone "us-central1-a" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode1-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode1" --tags "infranode" & -gcloud compute instances create "infranode2" --zone "us-central1-b" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode2-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode2" --tags "infranode" & -gcloud compute instances create "infranode3" --zone "us-central1-f" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=infranode3-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "infranode3" --tags "infranode" & - - -if [ $GLUSTER == "yes" ]; then - - #nodes - gcloud compute instances create "node1" --zone "us-central1-a" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node1-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node1-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node1" & - gcloud compute instances create "node2" --zone "us-central1-b" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node2-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node2-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node2" & - gcloud compute instances create "node3" --zone "us-central1-f" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node3-docker,device-name=disk-1,mode=rw,boot=no" --disk "name=node3-gluster,device-name=disk-2,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "50" --boot-disk-type "pd-standard" --boot-disk-device-name "node3" & - wait - -else - - #nodes - gcloud compute instances create "node1" --zone "us-central1-a" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node1-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node1" & - gcloud compute instances create "node2" --zone "us-central1-b" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node2-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node2" & - gcloud compute instances create "node3" --zone "us-central1-f" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/devstorage.read_write" --disk "name=node3-docker,device-name=disk-1,mode=rw,boot=no" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "node3" & - wait -fi +#################################################################################### +# # create static addresses +# +#################################################################################### gcloud compute addresses create "master-external" --region "us-central1" & gcloud compute addresses create "infranode-external" --region "us-central1" & gcloud compute addresses create "ose-bastion" --region "us-central1" & wait +#################################################################################### +# # create health checks +# +#################################################################################### gcloud compute health-checks create https master-health-check --port 8443 --request-path /healthz gcloud compute health-checks create http router-health-check --port 80 --request-path / +#################################################################################### +# # create target pools +# +#################################################################################### gcloud compute target-pools create master-pool --region us-central1 & gcloud compute target-pools create infranode-pool --region us-central1 & wait -gcloud compute target-pools add-instances master-pool --instances master1 --instances-zone us-central1-a & -gcloud compute target-pools add-instances master-pool --instances master2 --instances-zone us-central1-b & -gcloud compute target-pools add-instances master-pool --instances master3 --instances-zone us-central1-f & -gcloud compute target-pools add-instances infranode-pool --instances infranode1 --instances-zone us-central1-a & -gcloud compute target-pools add-instances infranode-pool --instances infranode2 --instances-zone us-central1-b & -gcloud compute target-pools add-instances infranode-pool --instances infranode3 --instances-zone us-central1-f & -wait -#create instance groups -gcloud compute instance-groups unmanaged create master1 --zone us-central1-a & -gcloud compute instance-groups unmanaged create master2 --zone us-central1-b & -gcloud compute instance-groups unmanaged create master3 --zone us-central1-f & +#################################################################################### +# +# Create the MASTER and INFRA POOLS +# +#################################################################################### +for (( I=1; I<=$OCP_MASTER_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute target-pools add-instances master-pool --instances master$I --instances-zone $ZONE & +done + +for (( I=1; I<=$OCP_INFRA_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute target-pools add-instances infranode-pool --instances infranode$I --instances-zone $ZONE & +done + wait -gcloud compute instance-groups unmanaged add-instances master1 --instances master1 --zone us-central1-a & -gcloud compute instance-groups unmanaged add-instances master2 --instances master2 --zone us-central1-b & -gcloud compute instance-groups unmanaged add-instances master3 --instances master3 --zone us-central1-f & +#################################################################################### +# +# create instance groups +# +#################################################################################### +for (( I=1; I<=$OCP_MASTER_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute instance-groups unmanaged create master$I --zone $ZONE & +done + wait -#create back-end service -gcloud beta compute backend-services create master-internal --load-balancing-scheme internal --region us-central1 --protocol tcp --port 8443 --health-checks master-health-check +for (( I=1; I<=$OCP_MASTER_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud compute instance-groups unmanaged add-instances master$I --instances master$I --zone $ZONE & +done + +wait -gcloud beta compute backend-services add-backend master-internal --instance-group master1 --instance-group-zone us-central1-a --region us-central1 -gcloud beta compute backend-services add-backend master-internal --instance-group master2 --instance-group-zone us-central1-b --region us-central1 -gcloud beta compute backend-services add-backend master-internal --instance-group master3 --instance-group-zone us-central1-f --region us-central1 +#################################################################################### +# +# Create the Firewall Rules +# +#################################################################################### +gcloud compute firewall-rules create "oc-master" --allow tcp:8443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "master" +gcloud compute firewall-rules create "oc-infranode" --allow tcp:80,tcp:443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "infranode" +#################################################################################### +# +# Create back-end service +# +#################################################################################### +gcloud beta compute backend-services create master-internal --load-balancing-scheme internal --region us-central1 --protocol tcp --port-name "oc-master" --health-checks master-health-check + +for (( I=1; I<=$OCP_MASTER_COUNT; I++ )) +do + [ $I == "1" ] && ZONE=us-central1-a + [ $I == "2" ] && ZONE=us-central1-b + [ $I == "3" ] && ZONE=us-central1-f + gcloud beta compute backend-services add-backend master-internal --instance-group master$I --instance-group-zone $ZONE --region us-central1 +done #create load balancers gcloud compute forwarding-rules create master-external --region us-central1 --ports 8443 --address `gcloud compute addresses list | grep master-external | awk '{print $3}'` --target-pool master-pool & @@ -99,18 +219,26 @@ gcloud compute forwarding-rules create infranode-external-80 --region us-central gcloud beta compute forwarding-rules create master-internal --load-balancing-scheme internal --ports 8443 --region us-central1 --backend-service master-internal & wait -#create firewall rules -gcloud compute firewall-rules create "oc-master" --allow tcp:8443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "master" -gcloud compute firewall-rules create "oc-infranode" --allow tcp:80,tcp:443 --network "default" --source-ranges "0.0.0.0/0" --target-tags "infranode" - #ose-bastion -gcloud compute instances create "ose-bastion" --zone "us-central1-a" --machine-type "n1-standard-2" --preemptible --subnet "default" --maintenance-policy "TERMINATE" --service-account default --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/trace.append" --image-project "rhel-cloud" --image "rhel-7-v20170816" --boot-disk-size "20" --boot-disk-type "pd-standard" --boot-disk-device-name "ose-bastion" --address `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` +gcloud compute instances create "ose-bastion"\ + --zone "us-central1-a"\ + --machine-type "n1-standard-2"\ + --subnet "default"\ + --maintenance-policy "TERMINATE"\ + --service-account default\ + --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring.write","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/compute.readonly","https://www.googleapis.com/auth/compute","https://www.googleapis.com/auth/trace.append"\ + --image-project "rhel-cloud"\ + --image "$RHEL_VERSION"\ + --boot-disk-size "20"\ + --boot-disk-type "pd-standard"\ + --boot-disk-device-name "ose-bastion"\ + --address `gcloud compute addresses list | grep ose-bastion | awk '{print $3}'` #create storage for registry gsutil mb -c Standard -l us-central1 -p $GCLOUD_PROJECT gs://$GCLOUD_PROJECT-registry #create dns zone only if it already does not exists -if [ `gcloud dns managed-zones list | grep $DNS_DOMAIN | wc -l` -ne 1 ]; then +if [[ `gcloud dns managed-zones list | grep $DNS_DOMAIN | wc -l` -ne 1 ]]; then gcloud dns managed-zones create --dns-name="$DNS_DOMAIN" --description="A zone" "$GCLOUD_PROJECT" fi @@ -121,3 +249,5 @@ gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="*.apps.$DNS_ gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="master-internal.$DNS_DOMAIN" --type=A --ttl=300 `gcloud compute forwarding-rules list master-internal | awk 'NR>1 {print $3}'` gcloud dns record-sets transaction add -z="$GCLOUD_PROJECT" --name="mi.$DNS_DOMAIN" --type=A --ttl=300 `gcloud compute forwarding-rules list master-internal | awk 'NR>1 {print $3}'` gcloud dns record-sets transaction execute -z="$GCLOUD_PROJECT" + +