Finalised the setup.

dwmkerr · Jan 30, 2017 · 60476f1 · 60476f1
1 parent c2d85a8
commit 60476f1
Show file tree

Hide file tree

Showing 6 changed files with 224 additions and 207 deletions.
diff --git a/README.md b/README.md
@@ -66,6 +66,8 @@ $ ssh-add ~/.ssh/id_rsa
 Then just run the install script on the bastion:
 
 ```
+$ sed "s/\${aws_instance.master.public_ip}/$(terraform output master-public_ip)/" inventory.template.cfg > inventory.cfg
+$ scp ./inventory.cfg ec2-user@$(terraform output bastion-public_dns):~
 $ cat install-from-bastion.sh | ssh -A ec2-user@$(terraform output bastion-public_dns)
 ```
 
@@ -85,15 +87,15 @@ TODO screenshot
 
 Access the master or nodes to update configuration and add feature as needed:
 
-```
-$ ssh -A ec2-user@$(terraform output bastion-public_dns)
-$ ssh -A master.openshift.local
-$ sudo su
+```bash
+$ oc login https://$(terraform output master-public_dns):8443
+
 $ oc get nodes
 NAME                     STATUS    AGE
 master.openshift.local   Ready     1h
 node1.openshift.local    Ready     1h
 node2.openshift.local    Ready     1h
+
 ```
 
 ## Destroying the Cluster

diff --git a/install-from-bastion.sh b/install-from-bastion.sh
@@ -10,47 +10,9 @@ pip install -Iv ansible==2.2.0.0
 
 # Clone the openshift-ansible repo, which contains the installer.
 git clone https://github.com/openshift/openshift-ansible
-cd openshift-ansible
-
-# Create our Ansible inventory:
-mkdir -p /etc/ansible
-cat > /etc/ansible/hosts <<- EOF
-# Create an OSEv3 group that contains the masters and nodes groups
-[OSEv3:children]
-masters
-nodes
-
-# Set variables common for all OSEv3 hosts
-[OSEv3:vars]
-# SSH user, this user should allow ssh based auth without requiring a password
-ansible_ssh_user=ec2-user
-
-# If ansible_ssh_user is not root, ansible_become must be set to true
-ansible_become=true
-
-deployment_type=origin
-
-# uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvider
-# openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]
-
-# Create the masters host group. Be explicit with the openshift_hostname,
-# otherwise it will resolve to something like ip-10-0-1-98.ec2.internal and use
-# that as the node name.
-[masters]
-master.openshift.local openshift_hostname=master.openshift.local
-
-# host group for etcd
-[etcd]
-master.openshift.local
-
-# host group for nodes, includes region info
-[nodes]
-master.openshift.local openshift_node_labels="{'region': 'infra', 'zone': 'default'}" openshift_schedulable=true
-node1.openshift.local openshift_hostname=node1.openshift.local openshift_node_labels="{'region': 'primary', 'zone': 'east'}"
-node2.openshift.local openshift_hostname=node2.openshift.local openshift_node_labels="{'region': 'primary', 'zone': 'west'}"
-EOF
 
 # Run the playbook.
-ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook playbooks/byo/config.yml
+ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ./inventory.cfg ./openshift-ansible/playbooks/byo/config.yml
 
-ansible-playbook playbooks/adhoc/uninstall.yml
+# If needed, uninstall with the below:
+# ansible-playbook playbooks/adhoc/uninstall.yml
diff --git a/inventory.template.cfg b/inventory.template.cfg
@@ -0,0 +1,37 @@
+# Create an OSEv3 group that contains the masters and nodes groups
+[OSEv3:children]
+masters
+nodes
+
+# Set variables common for all OSEv3 hosts
+[OSEv3:vars]
+# SSH user, this user should allow ssh based auth without requiring a password
+ansible_ssh_user=ec2-user
+
+# If ansible_ssh_user is not root, ansible_become must be set to true
+ansible_become=true
+
+deployment_type=origin
+
+# We need a wildcard DNS setup for our public access to services, fortunately
+# we can use the superb xip.io to get one for free.
+openshift_master_default_subdomain=${aws_instance.master.public_ip}.xip.io
+
+# uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvider
+# openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]
+
+# Create the masters host group. Be explicit with the openshift_hostname,
+# otherwise it will resolve to something like ip-10-0-1-98.ec2.internal and use
+# that as the node name.
+[masters]
+master.openshift.local openshift_hostname=master.openshift.local
+
+# host group for etcd
+[etcd]
+master.openshift.local
+
+# host group for nodes, includes region info
+[nodes]
+master.openshift.local openshift_node_labels="{'region': 'infra', 'zone': 'default'}" openshift_schedulable=true
+node1.openshift.local openshift_hostname=node1.openshift.local openshift_node_labels="{'region': 'primary', 'zone': 'east'}"
+node2.openshift.local openshift_hostname=node2.openshift.local openshift_node_labels="{'region': 'primary', 'zone': 'west'}"
diff --git a/modules/openshift/files/setup-master.sh b/modules/openshift/files/setup-master.sh
@@ -7,24 +7,32 @@
 set -x
 exec > /var/log/user-data.log 2>&1
 
-# Create a folder to hold our AWS logs config.
-# mkdir -p /var/awslogs/etc
+# Create initial logs config.
+cat > ./awslogs.conf << EOF
+[general]
+state_file = /var/awslogs/state/agent-state
 
-# Download and run the AWS logs agent.
-curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O
-python ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c /var/awslogs/etc/awslogs.conf
+[/var/log/messages]
+log_stream_name = {instance_id}
+log_group_name = /var/log/messages
+file = /var/log/messages
+datetime_format = %b %d %H:%M:%S
+buffer_duration = 5000
+initial_position = start_of_file
 
-# Create a the awslogs config.
-cat >> /var/awslogs/etc/awslogs.conf <<- EOF
 [/var/log/user-data.log]
-file = /var/log/user-data.log
-log_group_name = /var/log/user-data.log
 log_stream_name = {instance_id}
+log_group_name = /var/log/user-data.log
+file = /var/log/user-data.log
 EOF
 
+# Download and run the AWS logs agent.
+curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O
+python ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c ./awslogs.conf
+
 # Start the awslogs service, also start on reboot.
 # Note: Errors go to /var/log/awslogs.log
-service awslogs restart
+service awslogs start
 chkconfig awslogs on
 
 # OpenShift setup

diff --git a/modules/openshift/files/setup-node.sh b/modules/openshift/files/setup-node.sh
@@ -7,24 +7,32 @@
 set -x
 exec > /var/log/user-data.log 2>&1
 
-# Create a folder to hold our AWS logs config.
-# mkdir -p /var/awslogs/etc
+# Create initial logs config.
+cat > ./awslogs.conf <<- EOF
+[general]
+state_file = /var/awslogs/state/agent-state
 
-# Download and run the AWS logs agent.
-curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O
-python ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c /var/awslogs/etc/awslogs.conf
+[/var/log/messages]
+log_stream_name = {instance_id}
+log_group_name = /var/log/messages
+file = /var/log/messages
+datetime_format = %b %d %H:%M:%S
+buffer_duration = 5000
+initial_position = start_of_file
 
-# Create a the awslogs config.
-cat >> /var/awslogs/etc/awslogs.conf <<- EOF
 [/var/log/user-data.log]
-file = /var/log/user-data.log
-log_group_name = /var/log/user-data.log
 log_stream_name = {instance_id}
+log_group_name = /var/log/user-data.log
+file = /var/log/user-data.log
 EOF
 
+# Download and run the AWS logs agent.
+curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O
+python ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c ./awslogs.conf
+
 # Start the awslogs service, also start on reboot.
 # Note: Errors go to /var/log/awslogs.log
-service awslogs restart
+service awslogs start
 chkconfig awslogs on
 
 # OpenShift setup