github.com/Ilhicas/nomad@v1.0.4-0.20210304152020-e86851182bc3/e2e/terraform/packer/ubuntu-bionic-amd64/setup.sh

github.com/Ilhicas/nomad@v1.0.4-0.20210304152020-e86851182bc3/e2e/terraform/packer/ubuntu-bionic-amd64/setup.sh (about)

     1  #!/bin/bash
     2  # setup script for Ubuntu Linux 18.04. Assumes that Packer has placed
     3  # build-time config files at /tmp/linux
     4  
     5  set -e
     6  
     7  # Will be overwritten at test time with the version specified
     8  NOMADVERSION=0.12.7
     9  CONSULVERSION=1.9.0
    10  VAULTVERSION=1.5.4
    11  
    12  NOMAD_PLUGIN_DIR=/opt/nomad/plugins/
    13  
    14  mkdir_for_root() {
    15      sudo mkdir -p "$1"
    16      sudo chmod 755 "$1"
    17  }
    18  
    19  # Disable interactive apt prompts
    20  export DEBIAN_FRONTEND=noninteractive
    21  echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections
    22  
    23  sudo mkdir -p /ops/shared
    24  sudo chown -R ubuntu:ubuntu /ops/shared
    25  
    26  mkdir_for_root /opt
    27  mkdir_for_root /srv/data # for host volumes
    28  
    29  # Dependencies
    30  sudo apt-get update
    31  sudo apt-get upgrade -y
    32  sudo apt-get install -y \
    33       software-properties-common \
    34       dnsmasq unzip tree redis-tools jq curl tmux awscli nfs-common \
    35       apt-transport-https ca-certificates gnupg2
    36  
    37  # Install sockaddr
    38  aws s3 cp "s3://nomad-team-dev-test-binaries/tools/sockaddr_linux_amd64" /tmp/sockaddr
    39  sudo mv /tmp/sockaddr /usr/local/bin
    40  sudo chmod +x /usr/local/bin/sockaddr
    41  sudo chown root:root /usr/local/bin/sockaddr
    42  
    43  # Disable the firewall
    44  sudo ufw disable || echo "ufw not installed"
    45  
    46  echo "Install Consul"
    47  curl -fsL -o /tmp/consul.zip \
    48       "https://releases.hashicorp.com/consul/${CONSULVERSION}/consul_${CONSULVERSION}_linux_amd64.zip"
    49  sudo unzip -q /tmp/consul.zip -d /usr/local/bin
    50  sudo chmod 0755 /usr/local/bin/consul
    51  sudo chown root:root /usr/local/bin/consul
    52  
    53  echo "Configure Consul"
    54  mkdir_for_root /etc/consul.d
    55  mkdir_for_root /opt/consul
    56  sudo mv /tmp/linux/consul.service /etc/systemd/system/consul.service
    57  
    58  echo "Install Vault"
    59  curl -fsL -o /tmp/vault.zip \
    60       "https://releases.hashicorp.com/vault/${VAULTVERSION}/vault_${VAULTVERSION}_linux_amd64.zip"
    61  sudo unzip -q /tmp/vault.zip -d /usr/local/bin
    62  sudo chmod 0755 /usr/local/bin/vault
    63  sudo chown root:root /usr/local/bin/vault
    64  
    65  echo "Configure Vault"
    66  mkdir_for_root /etc/vault.d
    67  mkdir_for_root /opt/vault
    68  sudo mv /tmp/linux/vault.service /etc/systemd/system/vault.service
    69  
    70  sudo setcap cap_ipc_lock=+ep /usr/local/bin/vault
    71  sudo useradd --system --home /etc/vault.d --shell /bin/false vault
    72  
    73  echo "Configure Nomad"
    74  mkdir_for_root /etc/nomad.d
    75  mkdir_for_root /opt/nomad
    76  mkdir_for_root $NOMAD_PLUGIN_DIR
    77  sudo mv /tmp/linux/nomad.service /etc/systemd/system/nomad.service
    78  
    79  echo "Install Nomad"
    80  sudo mv /tmp/linux/provision.sh /opt/provision.sh
    81  sudo chmod +x /opt/provision.sh
    82  /opt/provision.sh --nomad_version $NOMADVERSION --nostart
    83  
    84  echo "Installing third-party apt repositories"
    85  
    86  # Docker
    87  distro=$(lsb_release -si | tr '[:upper:]' '[:lower:]')
    88  curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
    89  sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/${distro} $(lsb_release -cs) stable"
    90  
    91  # Java
    92  sudo add-apt-repository -y ppa:openjdk-r/ppa
    93  
    94  # Podman
    95  . /etc/os-release
    96  curl -fsSL "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/Release.key" | sudo apt-key add -
    97  sudo add-apt-repository "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/ /"
    98  
    99  sudo apt-get update
   100  
   101  echo "Installing Docker"
   102  sudo apt-get install -y docker-ce
   103  
   104  echo "Installing Java"
   105  sudo apt-get install -y openjdk-14-jdk-headless
   106  
   107  echo "Installing CNI plugins"
   108  sudo mkdir -p /opt/cni/bin
   109  wget -q -O - \
   110       https://github.com/containernetworking/plugins/releases/download/v0.9.0/cni-plugins-linux-amd64-v0.9.0.tgz \
   111      | sudo tar -C /opt/cni/bin -xz
   112  
   113  echo "Installing Podman"
   114  sudo apt-get -y install podman
   115  
   116  # get catatonit (to check podman --init switch)
   117  wget -q -P /tmp https://github.com/openSUSE/catatonit/releases/download/v0.1.4/catatonit.x86_64
   118  mkdir -p /usr/libexec/podman
   119  sudo mv /tmp/catatonit* /usr/libexec/podman/catatonit
   120  sudo chmod +x /usr/libexec/podman/catatonit
   121  
   122  echo "Installing latest podman task driver"
   123  # install nomad-podman-driver and move to plugin dir
   124  latest_podman=$(curl -s https://releases.hashicorp.com/nomad-driver-podman/index.json | jq --raw-output '.versions |= with_entries(select(.key|match("^\\d+\\.\\d+\\.\\d+$"))) | .versions | keys[]' | sort -rV | head -n1)
   125  
   126  wget -q -P /tmp "https://releases.hashicorp.com/nomad-driver-podman/${latest_podman}/nomad-driver-podman_${latest_podman}_linux_amd64.zip"
   127  sudo unzip -q "/tmp/nomad-driver-podman_${latest_podman}_linux_amd64.zip" -d "$NOMAD_PLUGIN_DIR"
   128  sudo chmod +x "${NOMAD_PLUGIN_DIR}/nomad-driver-podman"
   129  
   130  # enable varlink socket (not included in ubuntu package)
   131  sudo mv /tmp/linux/io.podman.service /etc/systemd/system/io.podman.service
   132  sudo mv /tmp/linux/io.podman.socket /etc/systemd/system/io.podman.socket
   133  
   134  echo "Configuring dnsmasq"
   135  
   136  # disable systemd-resolved and configure dnsmasq to forward local requests to
   137  # consul. the resolver files need to dynamic configuration based on the VPC
   138  # address and docker bridge IP, so those will be rewritten at boot time.
   139  sudo systemctl disable systemd-resolved.service
   140  sudo mv /tmp/linux/dnsmasq /etc/dnsmasq.d/default
   141  sudo chown root:root /etc/dnsmasq.d/default
   142  
   143  # this is going to be overwritten at provisioning time, but we need something
   144  # here or we can't fetch binaries to do the provisioning
   145  echo 'nameserver 8.8.8.8' > /tmp/resolv.conf
   146  sudo mv /tmp/resolv.conf /etc/resolv.conf
   147  
   148  sudo mv /tmp/linux/dnsmasq.service /etc/systemd/system/dnsmasq.service
   149  sudo mv /tmp/linux/dnsconfig.sh /usr/local/bin/dnsconfig.sh
   150  sudo chmod +x /usr/local/bin/dnsconfig.sh
   151  sudo systemctl daemon-reload
   152  
   153  echo "Updating boot parameters"
   154  
   155  # enable cgroup_memory and swap
   156  sudo sed -i 's/GRUB_CMDLINE_LINUX="[^"]*/& cgroup_enable=memory swapaccount=1/' /etc/default/grub
   157  sudo update-grub
   158  
   159  echo "Configuring user shell"
   160  sudo tee -a /home/ubuntu/.bashrc << 'EOF'
   161  IP_ADDRESS=$(/usr/local/bin/sockaddr eval 'GetPrivateIP')
   162  export CONSUL_RPC_ADDR=$IP_ADDRESS:8400
   163  export CONSUL_HTTP_ADDR=$IP_ADDRESS:8500
   164  export VAULT_ADDR=http://$IP_ADDRESS:8200
   165  export NOMAD_ADDR=http://$IP_ADDRESS:4646
   166  export JAVA_HOME=/usr/lib/jvm/java-14-openjdk-amd64/bin
   167  
   168  EOF