diff --git a/README.md b/README.md index bf9e568..f2dae46 100644 --- a/README.md +++ b/README.md @@ -66,6 +66,8 @@ $ ssh-add ~/.ssh/id_rsa Then just run the install script on the bastion: ``` +$ sed "s/\${aws_instance.master.public_ip}/$(terraform output master-public_ip)/" inventory.template.cfg > inventory.cfg +$ scp ./inventory.cfg ec2-user@$(terraform output bastion-public_dns):~ $ cat install-from-bastion.sh | ssh -A ec2-user@$(terraform output bastion-public_dns) ``` @@ -85,15 +87,15 @@ TODO screenshot Access the master or nodes to update configuration and add feature as needed: -``` -$ ssh -A ec2-user@$(terraform output bastion-public_dns) -$ ssh -A master.openshift.local -$ sudo su +```bash +$ oc login https://$(terraform output master-public_dns):8443 + $ oc get nodes NAME STATUS AGE master.openshift.local Ready 1h node1.openshift.local Ready 1h node2.openshift.local Ready 1h + ``` ## Destroying the Cluster diff --git a/install-from-bastion.sh b/install-from-bastion.sh index 95814e9..4c88223 100644 --- a/install-from-bastion.sh +++ b/install-from-bastion.sh @@ -10,47 +10,9 @@ pip install -Iv ansible==2.2.0.0 # Clone the openshift-ansible repo, which contains the installer. git clone https://github.com/openshift/openshift-ansible -cd openshift-ansible - -# Create our Ansible inventory: -mkdir -p /etc/ansible -cat > /etc/ansible/hosts <<- EOF -# Create an OSEv3 group that contains the masters and nodes groups -[OSEv3:children] -masters -nodes - -# Set variables common for all OSEv3 hosts -[OSEv3:vars] -# SSH user, this user should allow ssh based auth without requiring a password -ansible_ssh_user=ec2-user - -# If ansible_ssh_user is not root, ansible_become must be set to true -ansible_become=true - -deployment_type=origin - -# uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvider -# openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}] - -# Create the masters host group. Be explicit with the openshift_hostname, -# otherwise it will resolve to something like ip-10-0-1-98.ec2.internal and use -# that as the node name. -[masters] -master.openshift.local openshift_hostname=master.openshift.local - -# host group for etcd -[etcd] -master.openshift.local - -# host group for nodes, includes region info -[nodes] -master.openshift.local openshift_node_labels="{'region': 'infra', 'zone': 'default'}" openshift_schedulable=true -node1.openshift.local openshift_hostname=node1.openshift.local openshift_node_labels="{'region': 'primary', 'zone': 'east'}" -node2.openshift.local openshift_hostname=node2.openshift.local openshift_node_labels="{'region': 'primary', 'zone': 'west'}" -EOF # Run the playbook. -ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook playbooks/byo/config.yml +ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ./inventory.cfg ./openshift-ansible/playbooks/byo/config.yml -ansible-playbook playbooks/adhoc/uninstall.yml +# If needed, uninstall with the below: +# ansible-playbook playbooks/adhoc/uninstall.yml diff --git a/inventory.template.cfg b/inventory.template.cfg new file mode 100644 index 0000000..6e5600f --- /dev/null +++ b/inventory.template.cfg @@ -0,0 +1,37 @@ +# Create an OSEv3 group that contains the masters and nodes groups +[OSEv3:children] +masters +nodes + +# Set variables common for all OSEv3 hosts +[OSEv3:vars] +# SSH user, this user should allow ssh based auth without requiring a password +ansible_ssh_user=ec2-user + +# If ansible_ssh_user is not root, ansible_become must be set to true +ansible_become=true + +deployment_type=origin + +# We need a wildcard DNS setup for our public access to services, fortunately +# we can use the superb xip.io to get one for free. +openshift_master_default_subdomain=${aws_instance.master.public_ip}.xip.io + +# uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvider +# openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}] + +# Create the masters host group. Be explicit with the openshift_hostname, +# otherwise it will resolve to something like ip-10-0-1-98.ec2.internal and use +# that as the node name. +[masters] +master.openshift.local openshift_hostname=master.openshift.local + +# host group for etcd +[etcd] +master.openshift.local + +# host group for nodes, includes region info +[nodes] +master.openshift.local openshift_node_labels="{'region': 'infra', 'zone': 'default'}" openshift_schedulable=true +node1.openshift.local openshift_hostname=node1.openshift.local openshift_node_labels="{'region': 'primary', 'zone': 'east'}" +node2.openshift.local openshift_hostname=node2.openshift.local openshift_node_labels="{'region': 'primary', 'zone': 'west'}" diff --git a/modules/openshift/files/setup-master.sh b/modules/openshift/files/setup-master.sh index 5a5febc..3286f71 100644 --- a/modules/openshift/files/setup-master.sh +++ b/modules/openshift/files/setup-master.sh @@ -7,24 +7,32 @@ set -x exec > /var/log/user-data.log 2>&1 -# Create a folder to hold our AWS logs config. -# mkdir -p /var/awslogs/etc +# Create initial logs config. +cat > ./awslogs.conf << EOF +[general] +state_file = /var/awslogs/state/agent-state -# Download and run the AWS logs agent. -curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O -python ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c /var/awslogs/etc/awslogs.conf +[/var/log/messages] +log_stream_name = {instance_id} +log_group_name = /var/log/messages +file = /var/log/messages +datetime_format = %b %d %H:%M:%S +buffer_duration = 5000 +initial_position = start_of_file -# Create a the awslogs config. -cat >> /var/awslogs/etc/awslogs.conf <<- EOF [/var/log/user-data.log] -file = /var/log/user-data.log -log_group_name = /var/log/user-data.log log_stream_name = {instance_id} +log_group_name = /var/log/user-data.log +file = /var/log/user-data.log EOF +# Download and run the AWS logs agent. +curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O +python ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c ./awslogs.conf + # Start the awslogs service, also start on reboot. # Note: Errors go to /var/log/awslogs.log -service awslogs restart +service awslogs start chkconfig awslogs on # OpenShift setup diff --git a/modules/openshift/files/setup-node.sh b/modules/openshift/files/setup-node.sh index 5a5febc..1802d35 100644 --- a/modules/openshift/files/setup-node.sh +++ b/modules/openshift/files/setup-node.sh @@ -7,24 +7,32 @@ set -x exec > /var/log/user-data.log 2>&1 -# Create a folder to hold our AWS logs config. -# mkdir -p /var/awslogs/etc +# Create initial logs config. +cat > ./awslogs.conf <<- EOF +[general] +state_file = /var/awslogs/state/agent-state -# Download and run the AWS logs agent. -curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O -python ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c /var/awslogs/etc/awslogs.conf +[/var/log/messages] +log_stream_name = {instance_id} +log_group_name = /var/log/messages +file = /var/log/messages +datetime_format = %b %d %H:%M:%S +buffer_duration = 5000 +initial_position = start_of_file -# Create a the awslogs config. -cat >> /var/awslogs/etc/awslogs.conf <<- EOF [/var/log/user-data.log] -file = /var/log/user-data.log -log_group_name = /var/log/user-data.log log_stream_name = {instance_id} +log_group_name = /var/log/user-data.log +file = /var/log/user-data.log EOF +# Download and run the AWS logs agent. +curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O +python ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c ./awslogs.conf + # Start the awslogs service, also start on reboot. # Note: Errors go to /var/log/awslogs.log -service awslogs restart +service awslogs start chkconfig awslogs on # OpenShift setup diff --git a/terraform.tfstate b/terraform.tfstate index 8d05ba8..fb19f75 100644 --- a/terraform.tfstate +++ b/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 3, "terraform_version": "0.8.1", - "serial": 19, + "serial": 23, "lineage": "0011e481-2822-42cf-ada3-4655a9ed3816", "modules": [ { @@ -12,82 +12,82 @@ "bastion-private_dns": { "sensitive": false, "type": "string", - "value": "ip-10-0-1-198.ec2.internal" + "value": "ip-10-0-1-186.ec2.internal" }, "bastion-private_ip": { "sensitive": false, "type": "string", - "value": "10.0.1.198" + "value": "10.0.1.186" }, "bastion-public_dns": { "sensitive": false, "type": "string", - "value": "ec2-54-152-212-19.compute-1.amazonaws.com" + "value": "ec2-54-87-230-197.compute-1.amazonaws.com" }, "bastion-public_ip": { "sensitive": false, "type": "string", - "value": "54.152.212.19" + "value": "54.87.230.197" }, "master-private_dns": { "sensitive": false, "type": "string", - "value": "ip-10-0-1-199.ec2.internal" + "value": "ip-10-0-1-74.ec2.internal" }, "master-private_ip": { "sensitive": false, "type": "string", - "value": "10.0.1.199" + "value": "10.0.1.74" }, "master-public_dns": { "sensitive": false, "type": "string", - "value": "ec2-54-208-6-234.compute-1.amazonaws.com" + "value": "ec2-54-158-88-104.compute-1.amazonaws.com" }, "master-public_ip": { "sensitive": false, "type": "string", - "value": "54.208.6.234" + "value": "54.158.88.104" }, "node1-private_dns": { "sensitive": false, "type": "string", - "value": "ip-10-0-1-98.ec2.internal" + "value": "ip-10-0-1-205.ec2.internal" }, "node1-private_ip": { "sensitive": false, "type": "string", - "value": "10.0.1.98" + "value": "10.0.1.205" }, "node1-public_dns": { "sensitive": false, "type": "string", - "value": "ec2-54-205-212-122.compute-1.amazonaws.com" + "value": "ec2-54-174-31-134.compute-1.amazonaws.com" }, "node1-public_ip": { "sensitive": false, "type": "string", - "value": "54.205.212.122" + "value": "54.174.31.134" }, "node2-private_dns": { "sensitive": false, "type": "string", - "value": "ip-10-0-1-215.ec2.internal" + "value": "ip-10-0-1-20.ec2.internal" }, "node2-private_ip": { "sensitive": false, "type": "string", - "value": "10.0.1.215" + "value": "10.0.1.20" }, "node2-public_dns": { "sensitive": false, "type": "string", - "value": "ec2-52-90-148-134.compute-1.amazonaws.com" + "value": "ec2-54-85-132-247.compute-1.amazonaws.com" }, "node2-public_ip": { "sensitive": false, "type": "string", - "value": "52.90.148.134" + "value": "54.85.132.247" } }, "resources": {}, @@ -111,82 +111,82 @@ "bastion-private_dns": { "sensitive": false, "type": "string", - "value": "ip-10-0-1-198.ec2.internal" + "value": "ip-10-0-1-186.ec2.internal" }, "bastion-private_ip": { "sensitive": false, "type": "string", - "value": "10.0.1.198" + "value": "10.0.1.186" }, "bastion-public_dns": { "sensitive": false, "type": "string", - "value": "ec2-54-152-212-19.compute-1.amazonaws.com" + "value": "ec2-54-87-230-197.compute-1.amazonaws.com" }, "bastion-public_ip": { "sensitive": false, "type": "string", - "value": "54.152.212.19" + "value": "54.87.230.197" }, "master-private_dns": { "sensitive": false, "type": "string", - "value": "ip-10-0-1-199.ec2.internal" + "value": "ip-10-0-1-74.ec2.internal" }, "master-private_ip": { "sensitive": false, "type": "string", - "value": "10.0.1.199" + "value": "10.0.1.74" }, "master-public_dns": { "sensitive": false, "type": "string", - "value": "ec2-54-208-6-234.compute-1.amazonaws.com" + "value": "ec2-54-158-88-104.compute-1.amazonaws.com" }, "master-public_ip": { "sensitive": false, "type": "string", - "value": "54.208.6.234" + "value": "54.158.88.104" }, "node1-private_dns": { "sensitive": false, "type": "string", - "value": "ip-10-0-1-98.ec2.internal" + "value": "ip-10-0-1-205.ec2.internal" }, "node1-private_ip": { "sensitive": false, "type": "string", - "value": "10.0.1.98" + "value": "10.0.1.205" }, "node1-public_dns": { "sensitive": false, "type": "string", - "value": "ec2-54-205-212-122.compute-1.amazonaws.com" + "value": "ec2-54-174-31-134.compute-1.amazonaws.com" }, "node1-public_ip": { "sensitive": false, "type": "string", - "value": "54.205.212.122" + "value": "54.174.31.134" }, "node2-private_dns": { "sensitive": false, "type": "string", - "value": "ip-10-0-1-215.ec2.internal" + "value": "ip-10-0-1-20.ec2.internal" }, "node2-private_ip": { "sensitive": false, "type": "string", - "value": "10.0.1.215" + "value": "10.0.1.20" }, "node2-public_dns": { "sensitive": false, "type": "string", - "value": "ec2-52-90-148-134.compute-1.amazonaws.com" + "value": "ec2-54-85-132-247.compute-1.amazonaws.com" }, "node2-public_ip": { "sensitive": false, "type": "string", - "value": "52.90.148.134" + "value": "54.85.132.247" } }, "resources": { @@ -261,11 +261,11 @@ "attributes": { "arn": "arn:aws:iam::705383350627:role/openshift-instance-role", "assume_role_policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n", - "create_date": "2017-01-30T04:10:40Z", + "create_date": "2017-01-30T11:36:19Z", "id": "openshift-instance-role", "name": "openshift-instance-role", "path": "/", - "unique_id": "AROAILT3FTXQFM73K44WS" + "unique_id": "AROAJUWMOXUFEM5ZAN6R4" }, "meta": {}, "tainted": false @@ -284,7 +284,7 @@ "data.aws_ami.amazonlinux" ], "primary": { - "id": "i-001382932f6463dd9", + "id": "i-0afe8605c940b176a", "attributes": { "ami": "ami-0b33d91d", "associate_public_ip_address": "true", @@ -294,16 +294,16 @@ "ebs_optimized": "false", "ephemeral_block_device.#": "0", "iam_instance_profile": "", - "id": "i-001382932f6463dd9", + "id": "i-0afe8605c940b176a", "instance_state": "running", "instance_type": "t2.micro", "key_name": "openshift", "monitoring": "false", - "network_interface_id": "eni-ad66fb4c", - "private_dns": "ip-10-0-1-198.ec2.internal", - "private_ip": "10.0.1.198", - "public_dns": "ec2-54-152-212-19.compute-1.amazonaws.com", - "public_ip": "54.152.212.19", + "network_interface_id": "eni-2843dac9", + "private_dns": "ip-10-0-1-186.ec2.internal", + "private_ip": "10.0.1.186", + "public_dns": "ec2-54-87-230-197.compute-1.amazonaws.com", + "public_ip": "54.87.230.197", "root_block_device.#": "1", "root_block_device.0.delete_on_termination": "true", "root_block_device.0.iops": "100", @@ -311,15 +311,15 @@ "root_block_device.0.volume_type": "gp2", "security_groups.#": "0", "source_dest_check": "true", - "subnet_id": "subnet-0b516d42", + "subnet_id": "subnet-b6023eff", "tags.%": "2", "tags.Name": "OpenShift Bastion", "tags.Project": "openshift", "tenancy": "default", "vpc_security_group_ids.#": "3", - "vpc_security_group_ids.1364463654": "sg-4520a339", - "vpc_security_group_ids.376553491": "sg-4a20a336", - "vpc_security_group_ids.980584819": "sg-4720a33b" + "vpc_security_group_ids.1878880164": "sg-6821ac14", + "vpc_security_group_ids.2188601581": "sg-6f21ac13", + "vpc_security_group_ids.3196933254": "sg-6921ac15" }, "meta": { "schema_version": "1" @@ -342,7 +342,7 @@ "data.template_file.setup-master" ], "primary": { - "id": "i-0275382deea654c2d", + "id": "i-08d54cabd7528ce5a", "attributes": { "ami": "ami-873e6190", "associate_public_ip_address": "true", @@ -352,16 +352,16 @@ "ebs_optimized": "false", "ephemeral_block_device.#": "0", "iam_instance_profile": "openshift-instance-profile", - "id": "i-0275382deea654c2d", + "id": "i-08d54cabd7528ce5a", "instance_state": "running", "instance_type": "t2.large", "key_name": "openshift", "monitoring": "false", - "network_interface_id": "eni-476af7a6", - "private_dns": "ip-10-0-1-199.ec2.internal", - "private_ip": "10.0.1.199", - "public_dns": "ec2-54-208-6-234.compute-1.amazonaws.com", - "public_ip": "54.208.6.234", + "network_interface_id": "eni-2145dcc0", + "private_dns": "ip-10-0-1-74.ec2.internal", + "private_ip": "10.0.1.74", + "public_dns": "ec2-54-158-88-104.compute-1.amazonaws.com", + "public_ip": "54.158.88.104", "root_block_device.#": "1", "root_block_device.0.delete_on_termination": "true", "root_block_device.0.iops": "0", @@ -369,16 +369,16 @@ "root_block_device.0.volume_type": "standard", "security_groups.#": "0", "source_dest_check": "true", - "subnet_id": "subnet-0b516d42", + "subnet_id": "subnet-b6023eff", "tags.%": "2", "tags.Name": "OpenShift Master", "tags.Project": "openshift", "tenancy": "default", - "user_data": "a196f34bc00cd1cc62ec0105e975d0b3b7ec9af5", + "user_data": "93e098d9bdd0dcdd91f16a7b4bd9fe8bdf9b9a4f", "vpc_security_group_ids.#": "3", - "vpc_security_group_ids.1364463654": "sg-4520a339", - "vpc_security_group_ids.84726653": "sg-4620a33a", - "vpc_security_group_ids.980584819": "sg-4720a33b" + "vpc_security_group_ids.1878880164": "sg-6821ac14", + "vpc_security_group_ids.2188601581": "sg-6f21ac13", + "vpc_security_group_ids.2716551675": "sg-6421ac18" }, "meta": { "schema_version": "1" @@ -401,7 +401,7 @@ "data.template_file.setup-node" ], "primary": { - "id": "i-0ec2d3c984d88c3a8", + "id": "i-023eaed82e11ecbb4", "attributes": { "ami": "ami-873e6190", "associate_public_ip_address": "true", @@ -411,16 +411,16 @@ "ebs_optimized": "false", "ephemeral_block_device.#": "0", "iam_instance_profile": "openshift-instance-profile", - "id": "i-0ec2d3c984d88c3a8", + "id": "i-023eaed82e11ecbb4", "instance_state": "running", "instance_type": "t2.large", "key_name": "openshift", "monitoring": "false", - "network_interface_id": "eni-8f64f96e", - "private_dns": "ip-10-0-1-98.ec2.internal", - "private_ip": "10.0.1.98", - "public_dns": "ec2-54-205-212-122.compute-1.amazonaws.com", - "public_ip": "54.205.212.122", + "network_interface_id": "eni-7244dd93", + "private_dns": "ip-10-0-1-205.ec2.internal", + "private_ip": "10.0.1.205", + "public_dns": "ec2-54-174-31-134.compute-1.amazonaws.com", + "public_ip": "54.174.31.134", "root_block_device.#": "1", "root_block_device.0.delete_on_termination": "true", "root_block_device.0.iops": "0", @@ -428,16 +428,16 @@ "root_block_device.0.volume_type": "standard", "security_groups.#": "0", "source_dest_check": "true", - "subnet_id": "subnet-0b516d42", + "subnet_id": "subnet-b6023eff", "tags.%": "2", "tags.Name": "OpenShift Node 1", "tags.Project": "openshift", "tenancy": "default", - "user_data": "a196f34bc00cd1cc62ec0105e975d0b3b7ec9af5", + "user_data": "4e037dd13c7af6be21026b01ce36221614c0f722", "vpc_security_group_ids.#": "3", - "vpc_security_group_ids.1364463654": "sg-4520a339", - "vpc_security_group_ids.84726653": "sg-4620a33a", - "vpc_security_group_ids.980584819": "sg-4720a33b" + "vpc_security_group_ids.1878880164": "sg-6821ac14", + "vpc_security_group_ids.2188601581": "sg-6f21ac13", + "vpc_security_group_ids.2716551675": "sg-6421ac18" }, "meta": { "schema_version": "1" @@ -459,7 +459,7 @@ "data.aws_ami.rhel7_2" ], "primary": { - "id": "i-0d8251f79c573670e", + "id": "i-05dc69e457d5b3245", "attributes": { "ami": "ami-873e6190", "associate_public_ip_address": "true", @@ -469,16 +469,16 @@ "ebs_optimized": "false", "ephemeral_block_device.#": "0", "iam_instance_profile": "openshift-instance-profile", - "id": "i-0d8251f79c573670e", + "id": "i-05dc69e457d5b3245", "instance_state": "running", "instance_type": "t2.large", "key_name": "openshift", "monitoring": "false", - "network_interface_id": "eni-d360fd32", - "private_dns": "ip-10-0-1-215.ec2.internal", - "private_ip": "10.0.1.215", - "public_dns": "ec2-52-90-148-134.compute-1.amazonaws.com", - "public_ip": "52.90.148.134", + "network_interface_id": "eni-7344dd92", + "private_dns": "ip-10-0-1-20.ec2.internal", + "private_ip": "10.0.1.20", + "public_dns": "ec2-54-85-132-247.compute-1.amazonaws.com", + "public_ip": "54.85.132.247", "root_block_device.#": "1", "root_block_device.0.delete_on_termination": "true", "root_block_device.0.iops": "0", @@ -486,15 +486,15 @@ "root_block_device.0.volume_type": "standard", "security_groups.#": "0", "source_dest_check": "true", - "subnet_id": "subnet-0b516d42", + "subnet_id": "subnet-b6023eff", "tags.%": "2", "tags.Name": "OpenShift Node 2", "tags.Project": "openshift", "tenancy": "default", "vpc_security_group_ids.#": "3", - "vpc_security_group_ids.1364463654": "sg-4520a339", - "vpc_security_group_ids.84726653": "sg-4620a33a", - "vpc_security_group_ids.980584819": "sg-4720a33b" + "vpc_security_group_ids.1878880164": "sg-6821ac14", + "vpc_security_group_ids.2188601581": "sg-6f21ac13", + "vpc_security_group_ids.2716551675": "sg-6421ac18" }, "meta": { "schema_version": "1" @@ -510,13 +510,13 @@ "aws_vpc.openshift" ], "primary": { - "id": "igw-02b9ee65", + "id": "igw-b51d4bd2", "attributes": { - "id": "igw-02b9ee65", + "id": "igw-b51d4bd2", "tags.%": "2", "tags.Name": "OpenShift IGW", "tags.Project": "openshift", - "vpc_id": "vpc-4848de2e" + "vpc_id": "vpc-a8d041ce" }, "meta": {}, "tainted": false @@ -549,18 +549,18 @@ "aws_route53_zone.internal" ], "primary": { - "id": "Z16Z0X6C2UAORQ_master.openshift.local_A", + "id": "Z3G7JOBR146GJ8_master.openshift.local_A", "attributes": { "fqdn": "master.openshift.local", "health_check_id": "", - "id": "Z16Z0X6C2UAORQ_master.openshift.local_A", + "id": "Z3G7JOBR146GJ8_master.openshift.local_A", "name": "master.openshift.local", "records.#": "1", - "records.2604086268": "10.0.1.199", + "records.1953556452": "10.0.1.74", "set_identifier": "", "ttl": "300", "type": "A", - "zone_id": "Z16Z0X6C2UAORQ" + "zone_id": "Z3G7JOBR146GJ8" }, "meta": { "schema_version": "2" @@ -577,18 +577,18 @@ "aws_route53_zone.internal" ], "primary": { - "id": "Z16Z0X6C2UAORQ_node1.openshift.local_A", + "id": "Z3G7JOBR146GJ8_node1.openshift.local_A", "attributes": { "fqdn": "node1.openshift.local", "health_check_id": "", - "id": "Z16Z0X6C2UAORQ_node1.openshift.local_A", + "id": "Z3G7JOBR146GJ8_node1.openshift.local_A", "name": "node1.openshift.local", "records.#": "1", - "records.3812984385": "10.0.1.98", + "records.1090878151": "10.0.1.205", "set_identifier": "", "ttl": "300", "type": "A", - "zone_id": "Z16Z0X6C2UAORQ" + "zone_id": "Z3G7JOBR146GJ8" }, "meta": { "schema_version": "2" @@ -605,18 +605,18 @@ "aws_route53_zone.internal" ], "primary": { - "id": "Z16Z0X6C2UAORQ_node2.openshift.local_A", + "id": "Z3G7JOBR146GJ8_node2.openshift.local_A", "attributes": { "fqdn": "node2.openshift.local", "health_check_id": "", - "id": "Z16Z0X6C2UAORQ_node2.openshift.local_A", + "id": "Z3G7JOBR146GJ8_node2.openshift.local_A", "name": "node2.openshift.local", "records.#": "1", - "records.1478380422": "10.0.1.215", + "records.241883064": "10.0.1.20", "set_identifier": "", "ttl": "300", "type": "A", - "zone_id": "Z16Z0X6C2UAORQ" + "zone_id": "Z3G7JOBR146GJ8" }, "meta": { "schema_version": "2" @@ -632,11 +632,11 @@ "aws_vpc.openshift" ], "primary": { - "id": "Z16Z0X6C2UAORQ", + "id": "Z3G7JOBR146GJ8", "attributes": { "comment": "OpenShift Cluster Internal DNS", "force_destroy": "false", - "id": "Z16Z0X6C2UAORQ", + "id": "Z3G7JOBR146GJ8", "name": "openshift.local", "name_servers.#": "4", "name_servers.0": "ns-0.awsdns-00.com.", @@ -646,9 +646,9 @@ "tags.%": "2", "tags.Name": "OpenShift Internal DNS", "tags.Project": "openshift", - "vpc_id": "vpc-4848de2e", + "vpc_id": "vpc-a8d041ce", "vpc_region": "us-east-1", - "zone_id": "Z16Z0X6C2UAORQ" + "zone_id": "Z3G7JOBR146GJ8" }, "meta": {}, "tainted": false @@ -663,21 +663,21 @@ "aws_vpc.openshift" ], "primary": { - "id": "rtb-7fed3c06", + "id": "rtb-1865b461", "attributes": { - "id": "rtb-7fed3c06", + "id": "rtb-1865b461", "propagating_vgws.#": "0", "route.#": "1", - "route.1967899660.cidr_block": "0.0.0.0/0", - "route.1967899660.gateway_id": "igw-02b9ee65", - "route.1967899660.instance_id": "", - "route.1967899660.nat_gateway_id": "", - "route.1967899660.network_interface_id": "", - "route.1967899660.vpc_peering_connection_id": "", + "route.51416430.cidr_block": "0.0.0.0/0", + "route.51416430.gateway_id": "igw-b51d4bd2", + "route.51416430.instance_id": "", + "route.51416430.nat_gateway_id": "", + "route.51416430.network_interface_id": "", + "route.51416430.vpc_peering_connection_id": "", "tags.%": "2", "tags.Name": "OpenShift Public Route Table", "tags.Project": "openshift", - "vpc_id": "vpc-4848de2e" + "vpc_id": "vpc-a8d041ce" }, "meta": {}, "tainted": false @@ -692,11 +692,11 @@ "aws_subnet.public-subnet" ], "primary": { - "id": "rtbassoc-4e2e9736", + "id": "rtbassoc-5e9c2726", "attributes": { - "id": "rtbassoc-4e2e9736", - "route_table_id": "rtb-7fed3c06", - "subnet_id": "subnet-0b516d42" + "id": "rtbassoc-5e9c2726", + "route_table_id": "rtb-1865b461", + "subnet_id": "subnet-b6023eff" }, "meta": {}, "tainted": false @@ -710,7 +710,7 @@ "aws_vpc.openshift" ], "primary": { - "id": "sg-4520a339", + "id": "sg-6821ac14", "attributes": { "description": "Security group that allows egress to the internet for instances over HTTP and HTTPS.", "egress.#": "2", @@ -730,14 +730,14 @@ "egress.2617001939.security_groups.#": "0", "egress.2617001939.self": "false", "egress.2617001939.to_port": "443", - "id": "sg-4520a339", + "id": "sg-6821ac14", "ingress.#": "0", "name": "openshift-public-egress", "owner_id": "705383350627", "tags.%": "2", "tags.Name": "OpenShift Public Access", "tags.Project": "openshift", - "vpc_id": "vpc-4848de2e" + "vpc_id": "vpc-a8d041ce" }, "meta": {}, "tainted": false @@ -751,11 +751,11 @@ "aws_vpc.openshift" ], "primary": { - "id": "sg-4620a33a", + "id": "sg-6421ac18", "attributes": { "description": "Security group that allows public ingress to instances, HTTP, HTTPS and more.", "egress.#": "0", - "id": "sg-4620a33a", + "id": "sg-6421ac18", "ingress.#": "4", "ingress.2214680975.cidr_blocks.#": "1", "ingress.2214680975.cidr_blocks.0": "0.0.0.0/0", @@ -790,7 +790,7 @@ "tags.%": "2", "tags.Name": "OpenShift Public Access", "tags.Project": "openshift", - "vpc_id": "vpc-4848de2e" + "vpc_id": "vpc-a8d041ce" }, "meta": {}, "tainted": false @@ -804,11 +804,11 @@ "aws_vpc.openshift" ], "primary": { - "id": "sg-4a20a336", + "id": "sg-6921ac15", "attributes": { "description": "Security group that allows public ingress over SSH.", "egress.#": "0", - "id": "sg-4a20a336", + "id": "sg-6921ac15", "ingress.#": "1", "ingress.2541437006.cidr_blocks.#": "1", "ingress.2541437006.cidr_blocks.0": "0.0.0.0/0", @@ -822,7 +822,7 @@ "tags.%": "2", "tags.Name": "OpenShift SSH Access", "tags.Project": "openshift", - "vpc_id": "vpc-4848de2e" + "vpc_id": "vpc-a8d041ce" }, "meta": {}, "tainted": false @@ -836,7 +836,7 @@ "aws_vpc.openshift" ], "primary": { - "id": "sg-4720a33b", + "id": "sg-6f21ac13", "attributes": { "description": "Default security group that allows all instances in the VPC to talk to each other over any port and protocol.", "egress.#": "1", @@ -847,7 +847,7 @@ "egress.753360330.security_groups.#": "0", "egress.753360330.self": "true", "egress.753360330.to_port": "0", - "id": "sg-4720a33b", + "id": "sg-6f21ac13", "ingress.#": "1", "ingress.753360330.cidr_blocks.#": "0", "ingress.753360330.from_port": "0", @@ -860,7 +860,7 @@ "tags.%": "2", "tags.Name": "OpenShift Internal VPC", "tags.Project": "openshift", - "vpc_id": "vpc-4848de2e" + "vpc_id": "vpc-a8d041ce" }, "meta": {}, "tainted": false @@ -875,16 +875,16 @@ "aws_vpc.openshift" ], "primary": { - "id": "subnet-0b516d42", + "id": "subnet-b6023eff", "attributes": { "availability_zone": "us-east-1a", "cidr_block": "10.0.1.0/24", - "id": "subnet-0b516d42", + "id": "subnet-b6023eff", "map_public_ip_on_launch": "true", "tags.%": "2", "tags.Name": "OpenShift Public Subnet", "tags.Project": "openshift", - "vpc_id": "vpc-4848de2e" + "vpc_id": "vpc-a8d041ce" }, "meta": {}, "tainted": false @@ -896,19 +896,19 @@ "type": "aws_vpc", "depends_on": [], "primary": { - "id": "vpc-4848de2e", + "id": "vpc-a8d041ce", "attributes": { "cidr_block": "10.0.0.0/16", - "default_network_acl_id": "acl-03277d65", - "default_route_table_id": "rtb-97ea3bee", - "default_security_group_id": "sg-8921a2f5", + "default_network_acl_id": "acl-5bb4ee3d", + "default_route_table_id": "rtb-3465b44d", + "default_security_group_id": "sg-bd26abc1", "dhcp_options_id": "dopt-3309ea56", "enable_classiclink": "false", "enable_dns_hostnames": "true", "enable_dns_support": "true", - "id": "vpc-4848de2e", + "id": "vpc-a8d041ce", "instance_tenancy": "default", - "main_route_table_id": "rtb-97ea3bee", + "main_route_table_id": "rtb-3465b44d", "tags.%": "2", "tags.Name": "OpenShift VPC", "tags.Project": "openshift" @@ -1046,11 +1046,11 @@ "type": "template_file", "depends_on": [], "primary": { - "id": "0ed9578c29557f8cc79483d8cde362be7e98c025851daec98b504275e2cc1282", + "id": "722f64efd6df3a1e7c385567270f23eef1cf10e702d9007e458c225104b1bada", "attributes": { - "id": "0ed9578c29557f8cc79483d8cde362be7e98c025851daec98b504275e2cc1282", - "rendered": "#!/usr/bin/env bash\n\n# This script template is expected to be populated during the setup of a\n# OpenShift node. It runs on host startup.\n\n# Log everything we do.\nset -x\nexec \u003e /var/log/user-data.log 2\u003e\u00261\n\n# Create a folder to hold our AWS logs config.\n# mkdir -p /var/awslogs/etc\n\n# Download and run the AWS logs agent.\ncurl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O\npython ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c /var/awslogs/etc/awslogs.conf\n\n# Create a the awslogs config.\ncat \u003e\u003e /var/awslogs/etc/awslogs.conf \u003c\u003c- EOF\n[/var/log/user-data.log]\nfile = /var/log/user-data.log\nlog_group_name = /var/log/user-data.log\nlog_stream_name = {instance_id}\nEOF\n\n# Start the awslogs service, also start on reboot.\n# Note: Errors go to /var/log/awslogs.log\nservice awslogs restart\nchkconfig awslogs on\n\n# OpenShift setup\n# See: https://docs.openshift.org/latest/install_config/install/host_preparation.html\n\n# Install packages required to setup OpenShift.\nyum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion\nyum update -y\n\n# Note: The step below is not in the official docs, I needed it to install\n# Docker. If anyone finds out why, I'd love to know.\n# See: https://forums.aws.amazon.com/thread.jspa?messageID=574126\nyum-config-manager --enable rhui-REGION-rhel-server-extras\n\n# Docker setup. Check the version with `docker version`, should be 1.12.\nyum install -y docker\n\n# Update the docker config to allow OpenShift's local insecure registry.\nsed -i '/OPTIONS=.*/c\\OPTIONS=\"--selinux-enabled --insecure-registry 172.30.0.0/16 --log-opt max-size=1M --log-opt max-file=3\"' \\\n/etc/sysconfig/docker\nsystemctl restart docker\n\n# Note we are not configuring Docker storage as per the guide.\n", - "template": "#!/usr/bin/env bash\n\n# This script template is expected to be populated during the setup of a\n# OpenShift node. It runs on host startup.\n\n# Log everything we do.\nset -x\nexec \u003e /var/log/user-data.log 2\u003e\u00261\n\n# Create a folder to hold our AWS logs config.\n# mkdir -p /var/awslogs/etc\n\n# Download and run the AWS logs agent.\ncurl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O\npython ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c /var/awslogs/etc/awslogs.conf\n\n# Create a the awslogs config.\ncat \u003e\u003e /var/awslogs/etc/awslogs.conf \u003c\u003c- EOF\n[/var/log/user-data.log]\nfile = /var/log/user-data.log\nlog_group_name = /var/log/user-data.log\nlog_stream_name = {instance_id}\nEOF\n\n# Start the awslogs service, also start on reboot.\n# Note: Errors go to /var/log/awslogs.log\nservice awslogs restart\nchkconfig awslogs on\n\n# OpenShift setup\n# See: https://docs.openshift.org/latest/install_config/install/host_preparation.html\n\n# Install packages required to setup OpenShift.\nyum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion\nyum update -y\n\n# Note: The step below is not in the official docs, I needed it to install\n# Docker. If anyone finds out why, I'd love to know.\n# See: https://forums.aws.amazon.com/thread.jspa?messageID=574126\nyum-config-manager --enable rhui-REGION-rhel-server-extras\n\n# Docker setup. Check the version with `docker version`, should be 1.12.\nyum install -y docker\n\n# Update the docker config to allow OpenShift's local insecure registry.\nsed -i '/OPTIONS=.*/c\\OPTIONS=\"--selinux-enabled --insecure-registry 172.30.0.0/16 --log-opt max-size=1M --log-opt max-file=3\"' \\\n/etc/sysconfig/docker\nsystemctl restart docker\n\n# Note we are not configuring Docker storage as per the guide.\n" + "id": "722f64efd6df3a1e7c385567270f23eef1cf10e702d9007e458c225104b1bada", + "rendered": "#!/usr/bin/env bash\n\n# This script template is expected to be populated during the setup of a\n# OpenShift node. It runs on host startup.\n\n# Log everything we do.\nset -x\nexec \u003e /var/log/user-data.log 2\u003e\u00261\n\n# Create initial logs config.\ncat \u003e ./awslogs.conf \u003c\u003c EOF\n[general]\nstate_file = /var/awslogs/state/agent-state\n\n[/var/log/messages]\nlog_stream_name = {instance_id}\nlog_group_name = /var/log/messages\nfile = /var/log/messages\ndatetime_format = %b %d %H:%M:%S\nbuffer_duration = 5000\ninitial_position = start_of_file\n\n[/var/log/user-data.log]\nlog_stream_name = {instance_id}\nlog_group_name = /var/log/user-data.log\nfile = /var/log/user-data.log\nEOF\n\n# Download and run the AWS logs agent.\ncurl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O\npython ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c ./awslogs.conf\n\n# Start the awslogs service, also start on reboot.\n# Note: Errors go to /var/log/awslogs.log\nservice awslogs start\nchkconfig awslogs on\n\n# OpenShift setup\n# See: https://docs.openshift.org/latest/install_config/install/host_preparation.html\n\n# Install packages required to setup OpenShift.\nyum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion\nyum update -y\n\n# Note: The step below is not in the official docs, I needed it to install\n# Docker. If anyone finds out why, I'd love to know.\n# See: https://forums.aws.amazon.com/thread.jspa?messageID=574126\nyum-config-manager --enable rhui-REGION-rhel-server-extras\n\n# Docker setup. Check the version with `docker version`, should be 1.12.\nyum install -y docker\n\n# Update the docker config to allow OpenShift's local insecure registry.\nsed -i '/OPTIONS=.*/c\\OPTIONS=\"--selinux-enabled --insecure-registry 172.30.0.0/16 --log-opt max-size=1M --log-opt max-file=3\"' \\\n/etc/sysconfig/docker\nsystemctl restart docker\n\n# Note we are not configuring Docker storage as per the guide.\n", + "template": "#!/usr/bin/env bash\n\n# This script template is expected to be populated during the setup of a\n# OpenShift node. It runs on host startup.\n\n# Log everything we do.\nset -x\nexec \u003e /var/log/user-data.log 2\u003e\u00261\n\n# Create initial logs config.\ncat \u003e ./awslogs.conf \u003c\u003c EOF\n[general]\nstate_file = /var/awslogs/state/agent-state\n\n[/var/log/messages]\nlog_stream_name = {instance_id}\nlog_group_name = /var/log/messages\nfile = /var/log/messages\ndatetime_format = %b %d %H:%M:%S\nbuffer_duration = 5000\ninitial_position = start_of_file\n\n[/var/log/user-data.log]\nlog_stream_name = {instance_id}\nlog_group_name = /var/log/user-data.log\nfile = /var/log/user-data.log\nEOF\n\n# Download and run the AWS logs agent.\ncurl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O\npython ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c ./awslogs.conf\n\n# Start the awslogs service, also start on reboot.\n# Note: Errors go to /var/log/awslogs.log\nservice awslogs start\nchkconfig awslogs on\n\n# OpenShift setup\n# See: https://docs.openshift.org/latest/install_config/install/host_preparation.html\n\n# Install packages required to setup OpenShift.\nyum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion\nyum update -y\n\n# Note: The step below is not in the official docs, I needed it to install\n# Docker. If anyone finds out why, I'd love to know.\n# See: https://forums.aws.amazon.com/thread.jspa?messageID=574126\nyum-config-manager --enable rhui-REGION-rhel-server-extras\n\n# Docker setup. Check the version with `docker version`, should be 1.12.\nyum install -y docker\n\n# Update the docker config to allow OpenShift's local insecure registry.\nsed -i '/OPTIONS=.*/c\\OPTIONS=\"--selinux-enabled --insecure-registry 172.30.0.0/16 --log-opt max-size=1M --log-opt max-file=3\"' \\\n/etc/sysconfig/docker\nsystemctl restart docker\n\n# Note we are not configuring Docker storage as per the guide.\n" }, "meta": {}, "tainted": false @@ -1062,11 +1062,11 @@ "type": "template_file", "depends_on": [], "primary": { - "id": "0ed9578c29557f8cc79483d8cde362be7e98c025851daec98b504275e2cc1282", + "id": "b7ecdbd023621c2f9b8be8ce005c16089223b3f3e4b33ab7afdcb62fea430891", "attributes": { - "id": "0ed9578c29557f8cc79483d8cde362be7e98c025851daec98b504275e2cc1282", - "rendered": "#!/usr/bin/env bash\n\n# This script template is expected to be populated during the setup of a\n# OpenShift node. It runs on host startup.\n\n# Log everything we do.\nset -x\nexec \u003e /var/log/user-data.log 2\u003e\u00261\n\n# Create a folder to hold our AWS logs config.\n# mkdir -p /var/awslogs/etc\n\n# Download and run the AWS logs agent.\ncurl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O\npython ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c /var/awslogs/etc/awslogs.conf\n\n# Create a the awslogs config.\ncat \u003e\u003e /var/awslogs/etc/awslogs.conf \u003c\u003c- EOF\n[/var/log/user-data.log]\nfile = /var/log/user-data.log\nlog_group_name = /var/log/user-data.log\nlog_stream_name = {instance_id}\nEOF\n\n# Start the awslogs service, also start on reboot.\n# Note: Errors go to /var/log/awslogs.log\nservice awslogs restart\nchkconfig awslogs on\n\n# OpenShift setup\n# See: https://docs.openshift.org/latest/install_config/install/host_preparation.html\n\n# Install packages required to setup OpenShift.\nyum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion\nyum update -y\n\n# Note: The step below is not in the official docs, I needed it to install\n# Docker. If anyone finds out why, I'd love to know.\n# See: https://forums.aws.amazon.com/thread.jspa?messageID=574126\nyum-config-manager --enable rhui-REGION-rhel-server-extras\n\n# Docker setup. Check the version with `docker version`, should be 1.12.\nyum install -y docker\n\n# Update the docker config to allow OpenShift's local insecure registry.\nsed -i '/OPTIONS=.*/c\\OPTIONS=\"--selinux-enabled --insecure-registry 172.30.0.0/16 --log-opt max-size=1M --log-opt max-file=3\"' \\\n/etc/sysconfig/docker\nsystemctl restart docker\n\n# Note we are not configuring Docker storage as per the guide.\n", - "template": "#!/usr/bin/env bash\n\n# This script template is expected to be populated during the setup of a\n# OpenShift node. It runs on host startup.\n\n# Log everything we do.\nset -x\nexec \u003e /var/log/user-data.log 2\u003e\u00261\n\n# Create a folder to hold our AWS logs config.\n# mkdir -p /var/awslogs/etc\n\n# Download and run the AWS logs agent.\ncurl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O\npython ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c /var/awslogs/etc/awslogs.conf\n\n# Create a the awslogs config.\ncat \u003e\u003e /var/awslogs/etc/awslogs.conf \u003c\u003c- EOF\n[/var/log/user-data.log]\nfile = /var/log/user-data.log\nlog_group_name = /var/log/user-data.log\nlog_stream_name = {instance_id}\nEOF\n\n# Start the awslogs service, also start on reboot.\n# Note: Errors go to /var/log/awslogs.log\nservice awslogs restart\nchkconfig awslogs on\n\n# OpenShift setup\n# See: https://docs.openshift.org/latest/install_config/install/host_preparation.html\n\n# Install packages required to setup OpenShift.\nyum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion\nyum update -y\n\n# Note: The step below is not in the official docs, I needed it to install\n# Docker. If anyone finds out why, I'd love to know.\n# See: https://forums.aws.amazon.com/thread.jspa?messageID=574126\nyum-config-manager --enable rhui-REGION-rhel-server-extras\n\n# Docker setup. Check the version with `docker version`, should be 1.12.\nyum install -y docker\n\n# Update the docker config to allow OpenShift's local insecure registry.\nsed -i '/OPTIONS=.*/c\\OPTIONS=\"--selinux-enabled --insecure-registry 172.30.0.0/16 --log-opt max-size=1M --log-opt max-file=3\"' \\\n/etc/sysconfig/docker\nsystemctl restart docker\n\n# Note we are not configuring Docker storage as per the guide.\n" + "id": "b7ecdbd023621c2f9b8be8ce005c16089223b3f3e4b33ab7afdcb62fea430891", + "rendered": "#!/usr/bin/env bash\n\n# This script template is expected to be populated during the setup of a\n# OpenShift node. It runs on host startup.\n\n# Log everything we do.\nset -x\nexec \u003e /var/log/user-data.log 2\u003e\u00261\n\n# Create initial logs config.\ncat \u003e ./awslogs.conf \u003c\u003c- EOF\n[general]\nstate_file = /var/awslogs/state/agent-state\n\n[/var/log/messages]\nlog_stream_name = {instance_id}\nlog_group_name = /var/log/messages\nfile = /var/log/messages\ndatetime_format = %b %d %H:%M:%S\nbuffer_duration = 5000\ninitial_position = start_of_file\n\n[/var/log/user-data.log]\nlog_stream_name = {instance_id}\nlog_group_name = /var/log/user-data.log\nfile = /var/log/user-data.log\nEOF\n\n# Download and run the AWS logs agent.\ncurl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O\npython ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c ./awslogs.conf\n\n# Start the awslogs service, also start on reboot.\n# Note: Errors go to /var/log/awslogs.log\nservice awslogs start\nchkconfig awslogs on\n\n# OpenShift setup\n# See: https://docs.openshift.org/latest/install_config/install/host_preparation.html\n\n# Install packages required to setup OpenShift.\nyum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion\nyum update -y\n\n# Note: The step below is not in the official docs, I needed it to install\n# Docker. If anyone finds out why, I'd love to know.\n# See: https://forums.aws.amazon.com/thread.jspa?messageID=574126\nyum-config-manager --enable rhui-REGION-rhel-server-extras\n\n# Docker setup. Check the version with `docker version`, should be 1.12.\nyum install -y docker\n\n# Update the docker config to allow OpenShift's local insecure registry.\nsed -i '/OPTIONS=.*/c\\OPTIONS=\"--selinux-enabled --insecure-registry 172.30.0.0/16 --log-opt max-size=1M --log-opt max-file=3\"' \\\n/etc/sysconfig/docker\nsystemctl restart docker\n\n# Note we are not configuring Docker storage as per the guide.\n", + "template": "#!/usr/bin/env bash\n\n# This script template is expected to be populated during the setup of a\n# OpenShift node. It runs on host startup.\n\n# Log everything we do.\nset -x\nexec \u003e /var/log/user-data.log 2\u003e\u00261\n\n# Create initial logs config.\ncat \u003e ./awslogs.conf \u003c\u003c- EOF\n[general]\nstate_file = /var/awslogs/state/agent-state\n\n[/var/log/messages]\nlog_stream_name = {instance_id}\nlog_group_name = /var/log/messages\nfile = /var/log/messages\ndatetime_format = %b %d %H:%M:%S\nbuffer_duration = 5000\ninitial_position = start_of_file\n\n[/var/log/user-data.log]\nlog_stream_name = {instance_id}\nlog_group_name = /var/log/user-data.log\nfile = /var/log/user-data.log\nEOF\n\n# Download and run the AWS logs agent.\ncurl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O\npython ./awslogs-agent-setup.py --non-interactive --region us-east-1 -c ./awslogs.conf\n\n# Start the awslogs service, also start on reboot.\n# Note: Errors go to /var/log/awslogs.log\nservice awslogs start\nchkconfig awslogs on\n\n# OpenShift setup\n# See: https://docs.openshift.org/latest/install_config/install/host_preparation.html\n\n# Install packages required to setup OpenShift.\nyum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion\nyum update -y\n\n# Note: The step below is not in the official docs, I needed it to install\n# Docker. If anyone finds out why, I'd love to know.\n# See: https://forums.aws.amazon.com/thread.jspa?messageID=574126\nyum-config-manager --enable rhui-REGION-rhel-server-extras\n\n# Docker setup. Check the version with `docker version`, should be 1.12.\nyum install -y docker\n\n# Update the docker config to allow OpenShift's local insecure registry.\nsed -i '/OPTIONS=.*/c\\OPTIONS=\"--selinux-enabled --insecure-registry 172.30.0.0/16 --log-opt max-size=1M --log-opt max-file=3\"' \\\n/etc/sysconfig/docker\nsystemctl restart docker\n\n# Note we are not configuring Docker storage as per the guide.\n" }, "meta": {}, "tainted": false