You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
146 lines
8.6 KiB
146 lines
8.6 KiB
#cloud-config
|
|
mounts:
|
|
- [ "LABEL=puppetconfig", "/media/ephemeral/puppet-config/", "xfs", "noatime,nofail", "0", "2"]
|
|
# - [ "/media/ephemeral/puppet-config/foreman", "/etc/foreman", "none", "bind"]
|
|
# - [ "/media/ephemeral/puppet-config/foreman-installer", "/etc/foreman-installer", "none", "bind"]
|
|
# - [ "/media/ephemeral/puppet-config/foreman-proxy", "/etc/foreman-proxy", "none", "bind"]
|
|
- [ "/media/ephemeral/puppet-config/puppet", "/etc/puppet", "none", "bind"]
|
|
- [ "/media/ephemeral/puppet-config/puppetdb", "/etc/puppetdb", "none", "bind"]
|
|
- [ "/media/ephemeral/puppet-config/puppetlabs", "/etc/puppetlabs", "none", "bind"]
|
|
|
|
# disk_setup:
|
|
# /dev/vdb:
|
|
# table_type: gpt
|
|
# layout: true
|
|
# overwrite: false
|
|
#
|
|
# fs_setup:
|
|
# - label: puppetconfig
|
|
# filesystem: xfs
|
|
# device: /dev/vdb
|
|
|
|
package_update: true
|
|
package_upgrade: true
|
|
package_reboot_if_required: true
|
|
packages:
|
|
- software-properties-common
|
|
- curl
|
|
- htop
|
|
- docker-compose
|
|
- ca-certificates
|
|
- libbcprov-java
|
|
|
|
users:
|
|
- name: sapian
|
|
- passwd: $6$eCW4Ypue$XkpcNkvem1O3KD9eyM7V9jp/p5T0BdWv9vYcgqeV3MD2qXEbHdTWyNa1zB42cwsmsRyNSNAhFxZAaQyBsSnic/
|
|
|
|
chpasswd:
|
|
list: |
|
|
root:sap64adm
|
|
sapian:sap64adm
|
|
expire: False
|
|
|
|
ssh_authorized_keys:
|
|
- ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyumXwdCn27ELM56o1aHOUwybRcX3Rk76ny3TOMzjiCjapntTaPtcPZ9/84g5tjZmDlUNitRZF0XV76xJ2JJ0PU4Mx7nka6nnvmywFTAIx/PFLQtj4iQH/7osOEy6lKaYKJT9bFEhZ0llb6JtF+kPTZ7NV7EKvXx/U6pXVM8h7KShx1H/8GJroR8Uc5IdWApSwslG19DOjMZMyhe+PfWQw+SG1MC32OcuH43fuUdNRIDL6tTaFkGH2upX9ALO75CQ/8NDRoSCne0MnDHKFipi86AU0Dr2GmCC4rRx6L9J4tAejViKIjVsLy/aHnHknVgipu1ajCfhTpRjqh3/fWUEow== sebastian.rojo@sapian.com.co
|
|
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCeAesfotBI9sbnKBsaycSJ2y0ln7OSGxtdEvN+BISLJPWbjLRqrv69ftlUotW5NABxqXn9mYT3RT031C/pdr/OAqyGnMkkb5/pzmOrKdW3vT7hcAAQQtzrA2LdxJdBUKMIE51XafQbQGKwZtKl9kxcX3QQkyvwDGyYhvi3RYcy5FfUFbifyQojB8o0gLro7pEfR660GE5rUvjUdqSc0V3vPTb7hsUI0x8AvCCOpZ6VVI9uKWxGlncO5B6Vjjefq9FKXxied0Dj5psyjZ9A6WfhFhoyU0NLbYfeQpVog7jV63fiUxXNnp7fcOudHnbScaol4H61EUldnf+d8QgP985/ oscar.garcia@sapian.com.co
|
|
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCupLxala6Hc1bRfAwtGELlfn3ermP9UEzploYwKsiAxmlz3jfr9fWxZW4lJVrTyNKTD+yFvstOjaYHksQdVB1Tx9m6Po5FvqAd7jKX92nPPhxLBcnSHTdk/1MlfoOavm5ljHBsr9QFp7EFQW6q6HRL+/Cj1bA4pHRYZoRF6v3SFwAJ2nlMxn9xxaoR7/s8VlwHxA+l8ygTUV66jIN0yvEdAnhZcqKSWhrzy7zyTO0EmhhaPoKO62BcGhUR+Eh7DidA9Lw3gPMwBRdfIUAvYzmZynlJ9iw2o82BTMgoiuBXrNK3ae0WH2/J9eJ6j3BPXhSRKVoGGgPkZ8p99Aoh61eP victor.patino@sapian.com.co
|
|
|
|
swap:
|
|
filename: /swap.img
|
|
size: "auto" # or size in bytes
|
|
maxsize: 1G
|
|
|
|
write_files:
|
|
- path: /etc/systemd/network/dummy0.netdev
|
|
content: |
|
|
[NetDev]
|
|
Name=dummy0
|
|
Kind=dummy
|
|
- path: /etc/systemd/network/dummy0.network
|
|
content: |
|
|
[Match]
|
|
Name=dummy0
|
|
|
|
[Network]
|
|
Address=169.254.1.1/32
|
|
- path: /etc/docker/daemon.json
|
|
content: |
|
|
{
|
|
"bip": "10.70.69.1/24",
|
|
"mtu": 1436,
|
|
"dns": ["172.16.243.254","172.16.243.253"],
|
|
"log-driver": "json-file",
|
|
"log-opts": {"max-size": "10m", "max-file": "3"}
|
|
}
|
|
- path: /etc/consul.d/config.json
|
|
content: |
|
|
{
|
|
"leave_on_terminate": true,
|
|
"client_addr": "169.254.1.1",
|
|
"encrypt": "BW1Uy3ifJad8boAdAs5fMg==",
|
|
"datacenter": "dc-sapian-cur",
|
|
"retry_join": ["provider=k8s kubeconfig=/etc/consul.d/.kube/config"]
|
|
}
|
|
- path: /etc/consul.d/.kube/config
|
|
content: |
|
|
apiVersion: v1
|
|
clusters:
|
|
- cluster:
|
|
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURWRENDQWp5Z0F3SUJBZ0lVTzBuUEN2MDZkQ3QxTjdmczhJTFJFQXAzNGtBd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0dURVhNQlVHQTFVRUF3d09NVGN5TGpFMkxqSTBOUzR4TlRZd0hoY05NakF3TXpFeU1EQXpOakF3V2hjTgpNekF3TXpFd01EQXpOakF3V2pBWk1SY3dGUVlEVlFRRERBNHhOekl1TVRZdU1qUTFMakUxTmpDQ0FTSXdEUVlKCktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQU9CUGgwOGJKOCt5QWtUQ2QvWGVyODFOQmtSZWxKR3YKcThiZWdQclcrNVdacWt0ODNJNVFnRUtoM1kxOEU0YThPMW9iSU9iM2d2cGFTZVkzN0FwSTNvWkE3TmpvV3Z6VwpTd0hwRXFzUlFFbGUvenkwYlg3THBxM0libm53V2NDSDRpakpXUkFsR3ljZTl4UVRvOC9kVkFOUCsycDJyZTVJCi9qUnlLSUlwRWl6c1dndzQ0aVgzT2pTcUFzclVzTUNGL0ZqNjBCWlgyekxwVDJsWk8rQTlNRFVwVVlUY0pnaXUKMjBXZG05OHZsOEZUK3BkSHF5S29BQnVEMFp0MFBLaEhxdnk5YmNEV2gyTVJYUkdKdzVSRmNPbExMV0VKekpteQpLbkJyQ0hRaUJlUDlENHBndDRXS1VEZFliYmgvb1BKUXd0U0Jub1c3VWllL3dCNlFreFRiZFRrQ0F3RUFBYU9CCmt6Q0JrREFkQmdOVkhRNEVGZ1FVV1VnOWd1dWRQQUg5K0tDeTVnYlNBY0tlaWFjd1ZBWURWUjBqQkUwd1M0QVUKV1VnOWd1dWRQQUg5K0tDeTVnYlNBY0tlaWFlaEhhUWJNQmt4RnpBVkJnTlZCQU1NRGpFM01pNHhOaTR5TkRVdQpNVFUyZ2hRN1NjOEsvVHAwSzNVM3QrendndEVRQ25maVFEQU1CZ05WSFJNRUJUQURBUUgvTUFzR0ExVWREd1FFCkF3SUJCakFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBVVdQRE1GU2hpWThFaEp5TlcxL1hhSmZMKzVxWE9IUnYKL05ZT2dNWlduQWdPRU03M0x1cjdDamQvUGlDTDlzRzE2NTZLdFhhOFE1dCtJUWpPeWhMYnNTRWZodVhwRFdjUApwMUdLcEh0ekpISUtUL0U4MHJYZldnVHRxbXJ6aTNmb0JOL0FwUFlKK2NJQTBsYXgweGoxUHZERHZGYTlpUUJTCkFBTWJTWGtBbkZzbGJydWpNeElrTTBNYm0wVU1yK1ZaL3BvWWN3bjlBZDBTNFFkR2xBNDhKVjRkQkVxVWx1THEKOHpla0twNk9yZUpJK0YzK1NqTTgxaWRNM2lvK2JMa2hna0xVWVlHQXhsU2FJOEVCSzh3UnR3ZHBxYmRlMlZKOApQUWlQK09zYXpxc3lvbFNQWlNubnVKMUQwNk56ZGJrVVI1ZkNBS3VCOVp2N1JsWjN6Y0dhWGc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
|
|
server: https://k8s-cur.cur.sapian.local:443
|
|
name: k8s-cur
|
|
contexts:
|
|
- context:
|
|
cluster: k8s-cur
|
|
user: consul-dc-sapian-cur-consul-client
|
|
name: k8s-cur-context
|
|
current-context: k8s-cur-context
|
|
kind: Config
|
|
preferences: {}
|
|
users:
|
|
- name: consul-dc-sapian-cur-consul-client
|
|
user:
|
|
token: eyJhbGciOiJSUzI1NiIsImtpZCI6ImRfWWJ4eUtTMExpUnFva0lMTFFScm85Q2JMaVNCTVM5UHBiRUVNTlRqdlkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImNvbnN1bC1kYy1zYXBpYW4tY3VyLWNvbnN1bC1jbGllbnQtdG9rZW4tNjVqcXEiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiY29uc3VsLWRjLXNhcGlhbi1jdXItY29uc3VsLWNsaWVudCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImNiZWQyNmE0LTQ1NjgtNGZmMi05Nzc4LTI5ZGJiNzQxMzNkNCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmNvbnN1bC1kYy1zYXBpYW4tY3VyLWNvbnN1bC1jbGllbnQifQ.dI9pg8_PmOKXg8lIo4z-vBav0Db3wM-N30O3jrqQynVsZNGfFfa5P9_ttrNC8ky2xPDPrb8lDSL-jhMAH395VpvJnHvG9vW-j6pX01jvOEXOyyDDUNrJZZzcEeW29JdCT3N7ya9c0xgYN1BfPzPNzPU6IAEKkFaAylM-2JzuEBzlJ-MYU-M0N00LnGmPBusLzTFrgy7fUKfzp2BHCnbRgHF4xaZLGtzS-HcBumXcDnZw7TE5GMdEgdKZdd-gAPizEhOv3xS-IYjsCb-wK6wKkZDC_8f3VtUzWdUKivaRjUNVls1AfxULsoud5g0RUnHmgEvG-bRdI_gJp-LwNOE2Vg
|
|
|
|
runcmd:
|
|
- systemctl enable systemd-networkd
|
|
- systemctl start systemd-networkd
|
|
- curl -fsSL https://get.docker.com/ | sh
|
|
- curl -fsSL https://get.docker.com/gpg | sudo apt-key add -
|
|
- [ systemctl, daemon-reload ]
|
|
- [ systemctl, enable, docker.service ]
|
|
- [ systemctl, start, --no-block, docker.service ]
|
|
- [ systemctl, daemon-reload ]
|
|
- export DATA_LOCAL_IPV4=$(curl http://169.254.169.254/latest/meta-data/local-ipv4);
|
|
- docker run -d --restart=always --net=host -v /etc/consul.d/:/etc/consul.d/ consul agent -config-dir=/etc/consul.d -bind=${DATA_LOCAL_IPV4}
|
|
- curl -L https://github.com/docker/compose/releases/download/1.25.4/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
|
|
- chmod +x /usr/local/bin/docker-compose
|
|
- mkdir -p /var/lib/docker/composer/
|
|
# - curl -o /tmp/puppet5-release-bionic.deb https://apt.puppetlabs.com/puppet5-release-bionic.deb
|
|
# - dpkg -i /tmp/puppet5-release-bionic.deb
|
|
# - echo "deb http://deb.theforeman.org/ bionic 1.19" > /etc/apt/sources.list.d/foreman.list
|
|
# - echo "deb http://deb.theforeman.org/ plugins 1.19" >> /etc/apt/sources.list.d/foreman.list
|
|
# - wget -q https://deb.theforeman.org/pubkey.gpg -O- | apt-key add -
|
|
# - apt-get --yes update
|
|
# - apt-get --yes install foreman-installer
|
|
# - sudo foreman-installer \
|
|
# --no-enable-foreman \
|
|
# --no-enable-foreman-cli \
|
|
# --no-enable-foreman-plugin-bootdisk \
|
|
# --no-enable-foreman-plugin-setup \
|
|
# --enable-puppet \
|
|
# --puppet-server-ca=true \
|
|
# --puppet-server-foreman-url=https://foreman.sapian.com.co \
|
|
# --enable-foreman-proxy \
|
|
# --foreman-proxy-puppetca=true \
|
|
# --foreman-proxy-tftp=false \
|
|
# --foreman-proxy-foreman-base-url=https://foreman.sapian.com.co \
|
|
# --foreman-proxy-trusted-hosts=foreman.sapian.com.co \
|
|
# --foreman-proxy-oauth-consumer-key=XjSMkBhYzV6atbXBYtDb4eywydduE3CJ \
|
|
# --foreman-proxy-oauth-consumer-secret=8TbhGv9PXDoSHU8ViudXNxLD446uXwhk \
|
|
# --verbose
|
|
|
|
final_message:
|
|
- "The system is finally up, after $UPTIME seconds"
|
|
- "https://tickets.puppetlabs.com/browse/SERVER-17?focusedCommentId=357002&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-357002"
|