#!/bin/bash
-# SPDX-license-identifier: Apache-2.0
-##############################################################################
-# Copyright (c) Ericsson AB and others
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Apache License, Version 2.0
-# which accompanies this distribution, and is available at
-# http://www.apache.org/licenses/LICENSE-2.0
-##############################################################################
+
+# SPDX-FileCopyrightText: 2021 Ericsson AB and others
+#
+# SPDX-License-Identifier: Apache-2.0
+
+info() {
+ _print_msg "INFO" "$1"
+}
+
+error() {
+ _print_msg "ERROR" "$1"
+ exit 1
+}
+
+_print_msg() {
+ echo "$(date +%H:%M:%S) - $1: $2"
+}
+
+assert_non_empty() {
+ if [ -z "$1" ]; then
+ error "$2"
+ fi
+}
+if [ "${DEBUG:-false}" == "true" ]; then
+ set -o xtrace
+fi
check_prerequisites() {
- echo "Info : Check prerequisites"
+ info "Check prerequisites"
+
+ #-------------------------------------------------------------------------------
+ # Check for DEPLOYMENT type
+ #-------------------------------------------------------------------------------
+ if ! [[ "$DEPLOYMENT" =~ ^(full|k8s)$ ]]; then
+ error "Unsupported value for DEPLOYMENT ($DEPLOYMENT)"
+ fi
#-------------------------------------------------------------------------------
# We shouldn't be running as root
#-------------------------------------------------------------------------------
- if [[ "$(whoami)" == "root" ]]; then
- echo "ERROR : This script must not be run as root!"
- echo " Please switch to a regular user before running the script."
- exit 1
+ if [[ "$(whoami)" == "root" ]] && [[ "$DEPLOYMENT" != "k8s" ]]; then
+ error "This script must not be run as root! Please switch to a regular user before running the script."
fi
#-------------------------------------------------------------------------------
# Check for passwordless sudo
#-------------------------------------------------------------------------------
if ! sudo -n "true"; then
- echo "ERROR : passwordless sudo is needed for '$(id -nu)' user."
- exit 1
+ error "passwordless sudo is needed for '$(id -nu)' user."
fi
#-------------------------------------------------------------------------------
# Check if SSH key exists
#-------------------------------------------------------------------------------
if [[ ! -f "$HOME/.ssh/id_rsa" ]]; then
- echo "ERROR : You must have SSH keypair in order to run this script!"
- exit 1
+ error "You must have SSH keypair in order to run this script!"
fi
#-------------------------------------------------------------------------------
sudo sed -i "s/^Defaults.*env_reset/#&/" /etc/sudoers
#-------------------------------------------------------------------------------
- # Check if Ansible is installed
+ # Check if necessary tools are installed
#-------------------------------------------------------------------------------
- if ! command -v ansible &> /dev/null; then
- echo "ERROR : Ansible not found. Please install."
- exit 1
- fi
-
- #-------------------------------------------------------------------------------
- # Check is yq is installed
- #-------------------------------------------------------------------------------
- if ! command -v yq &> /dev/null; then
- echo "ERROR : yq not found. Please install."
- exit 1
- fi
-
- #-------------------------------------------------------------------------------
- # Check is libvirt is installed
- #-------------------------------------------------------------------------------
- if ! command -v virsh &> /dev/null; then
- echo "ERROR : Libvirt not found. Please install."
- exit 1
- fi
+ for tool in ansible yq virsh jq docker virtualenv pip; do
+ if ! command -v "$tool" &> /dev/null; then
+ error "$tool not found. Please install."
+ fi
+ done
#-------------------------------------------------------------------------------
# Check if user belongs to libvirt's group
libvirt_group+="d"
fi
if ! groups | grep "$libvirt_group"; then
- echo "ERROR : $(id -nu) user doesn't belong to $libvirt_group group."
- exit 1
+ error "$(id -nu) user doesn't belong to $libvirt_group group."
fi
}
-# Get jumphost VM IP
+# Get jumphost VM PXE IP
get_host_pxe_ip() {
local PXE_NETWORK
local PXE_IF_INDEX
local PXE_IF_IP
host=$1
- if [[ "$host" == "" ]]; then
- echo "ERROR : get_ip - host parameter not provided"
- exit 1
- fi
+ assert_non_empty "$host" "get_ip - host parameter not provided"
- PXE_NETWORK=$(yq r "$CURRENTPATH"/hw_config/"$VENDOR"/idf.yaml engine.pxe_network)
- if [[ "$PXE_NETWORK" == "" ]]; then
- echo "ERROR : PXE network for jump VM not defined in IDF."
- exit 1
- fi
+ PXE_NETWORK=$(yq r "$CURRENTPATH"/hw_config/"$VENDOR"/idf.yaml engine.pxe_network)
+ assert_non_empty "$PXE_NETWORK" "PXE network for jump VM not defined in IDF."
PXE_IF_INDEX=$(yq r "$CURRENTPATH"/hw_config/"${VENDOR}"/idf.yaml idf.net_config."$PXE_NETWORK".interface)
- if [[ "$PXE_IF_INDEX" == "" ]]; then
- echo "ERROR : Index of PXE interface not found in IDF."
- exit 1
- fi
+ assert_non_empty "$PXE_IF_INDEX" "Index of PXE interface not found in IDF."
PXE_IF_IP=$(yq r "$CURRENTPATH"/hw_config/"${VENDOR}"/pdf.yaml "$host".interfaces["$PXE_IF_INDEX"].address)
- if [[ "$PXE_IF_IP" == "" ]]; then
- echo "ERROR : IP of PXE interface not found in PDF."
- exit 1
- fi
+ assert_non_empty "$PXE_IF_IP" "IP of PXE interface not found in PDF."
+
echo "$PXE_IF_IP"
}
+# Get public MAC for VM
+get_host_pub_mac() {
+ local PUB_NETWORK
+ local PUB_IF_INDEX
+ local PUB_IF_MAC
+
+ host=$1
+ assert_non_empty "$host" "get_mac - host parameter not provided"
+
+ PUB_NETWORK=$(yq r "$CURRENTPATH"/hw_config/"$VENDOR"/idf.yaml engine.public_network)
+ assert_non_empty "$PUB_NETWORK" "Public network for jump VM not defined in IDF."
+
+ PUB_IF_INDEX=$(yq r "$CURRENTPATH"/hw_config/"${VENDOR}"/idf.yaml idf.net_config."$PUB_NETWORK".interface)
+ assert_non_empty "$PUB_IF_INDEX" "Index of public interface not found in IDF."
+
+ PUB_IF_MAC=$(yq r "$CURRENTPATH"/hw_config/"${VENDOR}"/pdf.yaml "$host".interfaces["$PUB_IF_INDEX"].mac_address)
+ assert_non_empty "$PUB_IF_MAC" "MAC of public interface not found in PDF."
+ echo "$PUB_IF_MAC"
+}
+
+# Get jumphost VM IP
get_vm_ip() {
- ip=$(get_host_pxe_ip "jumphost")
+ if [[ "$DEPLOYMENT" == "full" ]]; then
+ ip=$(get_host_pxe_ip "jumphost")
+ else
+ mac=$(get_host_pub_mac "jumphost")
+ JUMPHOST_NAME=$(yq r "$CURRENTPATH"/hw_config/"$VENDOR"/pdf.yaml jumphost.name)
+ ipblock=$(virsh domifaddr "$JUMPHOST_NAME" --full | grep "$mac" | awk '{print $4}' | tail -n 1)
+ assert_non_empty "$ipblock" "IP subnet for VM not available."
+ ip="${ipblock%/*}"
+ fi
echo "$ip"
}
-
# Copy files needed by Infra engine & BMRA in the jumphost VM
copy_files_jump() {
+ vm_ip="$(get_vm_ip)"
+ docker_config="/opt/kuberef/docker_config"
scp -r -o StrictHostKeyChecking=no \
"$CURRENTPATH"/{hw_config/"$VENDOR"/,sw_config/"$INSTALLER"/} \
- "$USERNAME@$(get_vm_ip):$PROJECT_ROOT"
+ "$USERNAME@${vm_ip}:$PROJECT_ROOT"
+ if [[ "$DEPLOYMENT" != "full" ]]; then
+ scp -r -o StrictHostKeyChecking=no \
+ ~/.ssh/id_rsa \
+ "$USERNAME@${vm_ip}:.ssh/id_rsa"
+ fi
+ if [ -f "$docker_config" ]; then
+ scp -r -o StrictHostKeyChecking=no \
+ "$docker_config" "$USERNAME@${vm_ip}:$PROJECT_ROOT"
+ fi
}
# Host Provisioning
-provision_hosts() {
+provision_hosts_baremetal() {
# shellcheck disable=SC2087
ssh -o StrictHostKeyChecking=no -tT "$USERNAME"@"$(get_vm_ip)" << EOF
# Install and run cloud-infra
-if [ ! -d "${PROJECT_ROOT}/engine" ]; then
- ssh-keygen -t rsa -N "" -f ${PROJECT_ROOT}/.ssh/id_rsa
+if [ ! -d "${PROJECT_ROOT}"/engine" ]; then
+ ssh-keygen -t rsa -N "" -f "${PROJECT_ROOT}"/.ssh/id_rsa
git clone https://gerrit.nordix.org/infra/engine.git
- cp $PROJECT_ROOT/$VENDOR/{pdf.yaml,idf.yaml} \
- ${PROJECT_ROOT}/engine/engine
+ cp "${PROJECT_ROOT}"/"${VENDOR}"/{pdf.yaml,idf.yaml} \
+ "${PROJECT_ROOT}"/engine/engine
fi
-cd ${PROJECT_ROOT}/engine/engine
-./deploy.sh -s ironic -d centos7 \
--p file:///${PROJECT_ROOT}/engine/engine/pdf.yaml \
--i file:///${PROJECT_ROOT}/engine/engine/idf.yaml
+cd "${PROJECT_ROOT}"/engine/engine || return
+./deploy.sh -s ironic -d "${DISTRO}" \
+-p file:///"${PROJECT_ROOT}"/engine/engine/pdf.yaml \
+-i file:///"${PROJECT_ROOT}"/engine/engine/idf.yaml
EOF
}
+provision_hosts_vms() {
+ # shellcheck disable=SC2087
+# Install and run cloud-infra
+if [ ! -d "$CURRENTPATH/engine" ]; then
+ git clone https://gerrit.nordix.org/infra/engine.git "${CURRENTPATH}"/engine
+ cp "$CURRENTPATH"/hw_config/"$VENDOR"/{pdf.yaml,idf.yaml} \
+ "${CURRENTPATH}"/engine/engine
+fi
+cd "$CURRENTPATH"/engine/engine || return
+./deploy.sh -s ironic \
+-p file:///"${CURRENTPATH}"/engine/engine/pdf.yaml \
+-i file:///"${CURRENTPATH}"/engine/engine/idf.yaml
+}
+
# Setup networking on provisioned hosts (Adapt setup_network.sh according to your network setup)
setup_network() {
-# Set Upper limit of number nodes in RI2 cluster (starting from 0)
-NODE_MAX_ID=$(($(yq r "$CURRENTPATH"/hw_config/"$VENDOR"/idf.yaml --length idf.kubespray.hostnames)-1))
+ # Set Upper limit of number nodes in RI2 cluster (starting from 0)
+ NODE_MAX_ID=$(($(yq r "$CURRENTPATH"/hw_config/"$VENDOR"/idf.yaml --length idf.kubespray.hostnames)-1))
-for idx in $(seq 0 "$NODE_MAX_ID")
-do
- NODE_IP=$(get_host_pxe_ip "nodes[${idx}]")
-# SSH to jumphost
- # shellcheck disable=SC2087
- ssh -o StrictHostKeyChecking=no -tT "$USERNAME"@"$(get_vm_ip)" << EOF
-ssh -o StrictHostKeyChecking=no root@${NODE_IP} \
- 'bash -s' < ${PROJECT_ROOT}/${VENDOR}/setup_network.sh
+ for idx in $(seq 0 "$NODE_MAX_ID"); do
+ NODE_IP=$(get_host_pxe_ip "nodes[${idx}]")
+ # SSH to jumphost
+ # shellcheck disable=SC2087
+ ssh -o StrictHostKeyChecking=no -tT "$USERNAME"@"$(get_vm_ip)" << EOF
+ssh -o StrictHostKeyChecking=no root@"${NODE_IP}" \
+ 'bash -s' < "${PROJECT_ROOT}"/"${VENDOR}"/setup_network.sh
EOF
-done
+ done
}
# k8s Provisioning (currently BMRA)
-provision_k8s() {
+provision_k8s_baremetal() {
+ ansible_cmd="/bin/bash -c '"
+ if [[ "$DEPLOYMENT" == "k8s" ]]; then
+ ansible-playbook -i "$CURRENTPATH"/sw_config/bmra/inventory.ini "$CURRENTPATH"/playbooks/pre-install.yaml
+ ansible_cmd+="yum -y remove python-netaddr; pip install --upgrade pip; pip install ansible==2.9.17; ansible-playbook -i /bmra/inventory.ini /bmra/playbooks/k8s/patch_kubespray.yml;"
+ fi
+ ansible_cmd+="ansible-playbook -i /bmra/inventory.ini /bmra/playbooks/${BMRA_PROFILE}.yml'"
+
# shellcheck disable=SC2087
ssh -o StrictHostKeyChecking=no -tT "$USERNAME"@"$(get_vm_ip)" << EOF
# Install BMRA
sleep 2
done
fi
-if [ ! -d "${PROJECT_ROOT}/container-experience-kits" ]; then
- git clone --recurse-submodules --depth 1 https://github.com/intel/container-experience-kits.git -b v1.4.1 ${PROJECT_ROOT}/container-experience-kits/
- cp -r ${PROJECT_ROOT}/container-experience-kits/examples/group_vars ${PROJECT_ROOT}/container-experience-kits/
-#TODO Remove this once the reported issue is fixed in the next BMRA Release
- sed -i '/\openshift/a \ extra_args: --ignore-installed PyYAML' \
- ${PROJECT_ROOT}/container-experience-kits/roles/net-attach-defs-create/tasks/main.yml
+if [ ! -d "${PROJECT_ROOT}"/container-experience-kits" ]; then
+ git clone --recurse-submodules --depth 1 https://github.com/intel/container-experience-kits.git -b v21.03 "${PROJECT_ROOT}"/container-experience-kits/
+ cp -r "${PROJECT_ROOT}"/container-experience-kits/examples/"${BMRA_PROFILE}"/group_vars "${PROJECT_ROOT}"/container-experience-kits/
+fi
+if [ -f "${PROJECT_ROOT}/docker_config" ]; then
+ cp "${PROJECT_ROOT}"/docker_config \
+ "${PROJECT_ROOT}"/"${INSTALLER}"/dockerhub_credentials/vars/main.yml
+ cp -r "${PROJECT_ROOT}"/"${INSTALLER}"/dockerhub_credentials \
+ "${PROJECT_ROOT}"/container-experience-kits/roles/
+ cp "${PROJECT_ROOT}"/"${INSTALLER}"/patched_k8s.yml \
+ "${PROJECT_ROOT}"/container-experience-kits/playbooks/k8s/k8s.yml
+fi
+cp "${PROJECT_ROOT}"/"${INSTALLER}"/{inventory.ini,ansible.cfg} \
+ "${PROJECT_ROOT}"/container-experience-kits/
+cp "${PROJECT_ROOT}"/"${INSTALLER}"/{all.yml,kube-node.yml} \
+ "${PROJECT_ROOT}"/container-experience-kits/group_vars/
+cp "${PROJECT_ROOT}"/"${INSTALLER}"/patched_cmk_build.yml \
+ "${PROJECT_ROOT}"/container-experience-kits/roles/cmk_install/tasks/main.yml
+cp "${PROJECT_ROOT}"/"${INSTALLER}"/patched_vfio.yml \
+ "${PROJECT_ROOT}"/container-experience-kits/roles/sriov_nic_init/tasks/bind_vf_driver.yml
+cp "${PROJECT_ROOT}"/"${INSTALLER}"/patched_rhel_packages.yml \
+ "${PROJECT_ROOT}"/container-experience-kits/roles/bootstrap/install_packages/tasks/rhel.yml
+cp "${PROJECT_ROOT}"/"${INSTALLER}"/patched_packages.yml \
+ "${PROJECT_ROOT}"/container-experience-kits/roles/bootstrap/install_packages/tasks/main.yml
+cp "${PROJECT_ROOT}"/"${INSTALLER}"/patched_kubespray_requirements.txt \
+ "${PROJECT_ROOT}"/container-experience-kits/playbooks/k8s/kubespray/requirements.txt
+
+sudo docker run --rm \
+-e ANSIBLE_CONFIG=/bmra/ansible.cfg \
+-e PROFILE="${BMRA_PROFILE}" \
+-v "${PROJECT_ROOT}"/container-experience-kits:/bmra \
+-v ~/.ssh/:/root/.ssh/ rihabbanday/bmra21.03-install:centos \
+"${ansible_cmd}"
+EOF
+}
+
+provision_k8s_vms() {
+ # shellcheck disable=SC2087
+# Install BMRA
+if [ ! -d "${CURRENTPATH}/container-experience-kits" ]; then
+ git clone --recurse-submodules --depth 1 https://github.com/intel/container-experience-kits.git -b v21.03 "${CURRENTPATH}"/container-experience-kits/
+ cp -r "${CURRENTPATH}"/container-experience-kits/examples/"${BMRA_PROFILE}"/group_vars "${CURRENTPATH}"/container-experience-kits/
fi
-cp ${PROJECT_ROOT}/${INSTALLER}/inventory.ini \
- ${PROJECT_ROOT}/container-experience-kits/
-cp ${PROJECT_ROOT}/${INSTALLER}/{all.yml,kube-node.yml} \
- ${PROJECT_ROOT}/container-experience-kits/group_vars/
+cp "${CURRENTPATH}"/sw_config/bmra/{inventory.ini,ansible.cfg} \
+ "${CURRENTPATH}"/container-experience-kits/
+cp "${CURRENTPATH}"/sw_config/bmra/{all.yml,kube-node.yml} \
+ "${CURRENTPATH}"/container-experience-kits/group_vars/
+cp "${CURRENTPATH}"/sw_config/bmra/patched_cmk_build.yml \
+ "${CURRENTPATH}"/container-experience-kits/roles/cmk_install/tasks/main.yml
+cp "${CURRENTPATH}"/sw_config/bmra/patched_vfio.yml \
+ "${CURRENTPATH}"/container-experience-kits/roles/sriov_nic_init/tasks/bind_vf_driver.yml
+cp "${CURRENTPATH}"/sw_config/bmra/patched_rhel_packages.yml \
+ "${CURRENTPATH}"/container-experience-kits/roles/bootstrap/install_packages/tasks/rhel.yml
+cp "${CURRENTPATH}"/sw_config/bmra/patched_packages.yml \
+ "${CURRENTPATH}"/container-experience-kits/roles/bootstrap/install_packages/tasks/main.yml
+cp "${CURRENTPATH}"/sw_config/"${INSTALLER}"/patched_kubespray_requirements.txt \
+ "${CURRENTPATH}"/container-experience-kits/playbooks/k8s/kubespray/requirements.txt
+
+ansible-playbook -i "$CURRENTPATH"/sw_config/bmra/inventory.ini "$CURRENTPATH"/playbooks/pre-install.yaml
+
sudo docker run --rm \
-e ANSIBLE_CONFIG=/bmra/ansible.cfg \
--v ${PROJECT_ROOT}/container-experience-kits:/bmra \
--v ~/.ssh/:/root/.ssh/ rihabbanday/bmra-install:centos \
-ansible-playbook -i /bmra/inventory.ini /bmra/playbooks/cluster.yml
+-e PROFILE="${BMRA_PROFILE}" \
+-v "${CURRENTPATH}"/container-experience-kits:/bmra \
+-v ~/.ssh/:/root/.ssh/ rihabbanday/bmra21.03-install:centos \
+ansible-playbook -i /bmra/inventory.ini /bmra/playbooks/"${BMRA_PROFILE}".yml
+}
+
+# Copy kubeconfig to the appropriate location needed by functest containers
+copy_k8s_config() {
+# TODO Use Kubespray variables in BMRA to simplify this
+ MASTER_IP=$(get_host_pxe_ip "nodes[0]")
+ # shellcheck disable=SC2087
+ ssh -o StrictHostKeyChecking=no -tT "$USERNAME"@"$(get_vm_ip)" << EOF
+scp -o StrictHostKeyChecking=no -q root@"$MASTER_IP":/root/.kube/config "${PROJECT_ROOT}"/kubeconfig
EOF
+
+# Copy kubeconfig from Jump VM to appropriate location in Jump Host
+# Direct scp to the specified location doesn't work due to permission/ssh-keys
+ scp -o StrictHostKeyChecking=no "$USERNAME"@"$(get_vm_ip)":"${PROJECT_ROOT}"/kubeconfig kubeconfig
+ if [ -d "/home/opnfv/functest-kubernetes" ]; then
+ sudo cp kubeconfig /home/opnfv/functest-kubernetes/config
+ fi
+}
+
+# Creates a python virtual environment
+creates_virtualenv() {
+ if [ ! -d "$CURRENTPATH/.venv" ]; then
+ virtualenv .venv
+ fi
+ # shellcheck disable=SC1090
+ source "$CURRENTPATH/.venv/bin/activate"
+ pip install -r "$CURRENTPATH/requirements.txt"
+}
+
+# Executes a specific Ansible playbook
+run_playbook() {
+ ansible_cmd="$(command -v ansible-playbook) -i $CURRENTPATH/inventory/localhost.ini -e ansible_python_interpreter=$(command -v python)"
+ if [ "${DEBUG:-false}" == "true" ]; then
+ ansible_cmd+=" -vvv"
+ fi
+ eval "$ansible_cmd $CURRENTPATH/playbooks/${1}.yaml"
}