Return-Path: X-Original-To: apmail-brooklyn-dev-archive@minotaur.apache.org Delivered-To: apmail-brooklyn-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id E0AE11778E for ; Thu, 25 Sep 2014 15:20:08 +0000 (UTC) Received: (qmail 57830 invoked by uid 500); 25 Sep 2014 15:20:08 -0000 Delivered-To: apmail-brooklyn-dev-archive@brooklyn.apache.org Received: (qmail 57800 invoked by uid 500); 25 Sep 2014 15:20:08 -0000 Mailing-List: contact dev-help@brooklyn.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@brooklyn.incubator.apache.org Delivered-To: mailing list dev@brooklyn.incubator.apache.org Received: (qmail 57789 invoked by uid 99); 25 Sep 2014 15:20:08 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 25 Sep 2014 15:20:08 +0000 X-ASF-Spam-Status: No, hits=-2000.8 required=5.0 tests=ALL_TRUSTED,RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO mail.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with SMTP; Thu, 25 Sep 2014 15:19:44 +0000 Received: (qmail 55303 invoked by uid 99); 25 Sep 2014 15:19:42 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 25 Sep 2014 15:19:42 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 2927C91422E; Thu, 25 Sep 2014 15:19:42 +0000 (UTC) From: andreaturli To: dev@brooklyn.incubator.apache.org Reply-To: dev@brooklyn.incubator.apache.org References: In-Reply-To: Subject: [GitHub] incubator-brooklyn pull request: Brooklyn Install Script Content-Type: text/plain Message-Id: <20140925151942.2927C91422E@tyr.zones.apache.org> Date: Thu, 25 Sep 2014 15:19:42 +0000 (UTC) X-Virus-Checked: Checked by ClamAV on apache.org Github user andreaturli commented on a diff in the pull request: https://github.com/apache/incubator-brooklyn/pull/186#discussion_r18038189 --- Diff: brooklyn-install.sh --- @@ -0,0 +1,321 @@ +#!/bin/bash +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Brooklyn remote install script. +# +# Usage: +# brooklyn-install.sh [-h] [-q] [-s] [-e] [-g] [-u user] [-k key] [-r root] [-p port] [-v version] hostname +# +#set -x # DEBUG + +function help() { + cat <> ${LOG} + if [ "$1" == "-n" ]; then + shift + fi + if [ "$*" != "..." ]; then + echo "Log: $*" | sed -e "s/\.\.\.//" >> ${LOG} + fi +} + +function fail() { + log "...failed!" + error "$*" +} + +function error() { + echo "Error: $*" | tee -a "${LOG}" + usage +} + +function usage() { + echo "Usage: $(basename ${0}) [-h] [-q] [-s] [-e] [-g] [-u user] [-r root] [-k key] [-p port] [-v version] hostname" + exit 1 +} + +function retry() { + COMMAND="$@" + MAX=10 + N=1 + while [ ${N} -le ${MAX} ]; do + eval "${COMMAND}" 2>&1 + if [ $? -eq 0 ]; then + return 0 + else + echo -n "..." + sleep 1 + N=$(($N + 1)) + fi + done + return 1 +} + +QUIET=false +GENERATE_PASSWORD=false +LOG="brooklyn-install.log" +BROOKLYN_VERSION="0.7.0-M1" +ROOT=root +SSH_PORT=22 + +while getopts ":hqsegu:r:k:p:v:" o; do + case "${o}" in + h) help + ;; + q) QUIET=true + ;; + s) SETUP_USER=true + ;; + e) SETUP_RANDOM=true + ;; + g) GENERATE_PASSWORD=true + log "Warning: Not supported in 0.7.0-M1 and earlier releases" + ;; + u) BROOKLYN_USER="${OPTARG}" + ;; + r) ROOT="${OPTARG}" + ;; + k) PRIVATE_KEY_FILE="${OPTARG}" + ;; + p) SSH_PORT="${OPTARG}" + ;; + v) BROOKLYN_VERSION="${OPTARG}" + ;; + *) usage "Invalid option: $*" + ;; + esac +done +shift $((OPTIND-1)) + +if [ $# -ne 1 ]; then + error "Must specify remote hostname as last argument" +fi + +HOST="$1" +USER="${BROOKLYN_USER:-brooklyn}" +PRIVATE_KEY_FILE="${PRIVATE_KEY_FILE:-${HOME}/.ssh/id_rsa}" +if [ "${ROOT}" != "root" ]; then + SUDO="sudo" +fi + +# Configure SSH +SSH_OPTS="-o StrictHostKeyChecking=no -p ${SSH_PORT}" +if [ -f "${PRIVATE_KEY_FILE}" ]; then + SSH_OPTS="${SSH_OPTS} -i ${PRIVATE_KEY_FILE}" +else + error "SSH private key '${PRIVATE_KEY_FILE}' not found" +fi +SSH_PUBLIC_KEY_DATA=$(ssh-keygen -y -f ${PRIVATE_KEY_FILE}) + +log "Installing Brooklyn ${BROOKLYN_VERSION}" + +# Pre-requisites for this script +log -n "Checking '${HOST}:${SSH_PORT}' SSH connection... " +ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} id" >> ${LOG} 2>&1 || fail "SSH connection as ${ROOT} failed" +log "...ok!" + +# Install packages +log -n "Installing prerequisite packages..." +ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} yum check-update || ${SUDO} apt-get update" >> ${LOG} 2>&1 +for package in "curl" "sed" "tar" "wget"; do + ssh ${SSH_OPTS} ${ROOT}@${HOST} "which ${package} || { ${SUDO} yum -y --nogpgcheck -q install ${package} || ${SUDO} ${SUDO} apt-get -y --allow-unauthenticated install ${package}; }" >> ${LOG} 2>&1 +done +log "...done!" + +# Install Java 7 +log -n "Installing Java 7 packages..." +if [ "${INSTALL_EXAMPLES}" ]; then + check="javac" +else + check="java" + JAVA_HOME="/usr" +fi +ssh ${SSH_OPTS} ${ROOT}@${HOST} "which ${check} || { ${SUDO} yum -y -q install java-1.7.0-openjdk-devel || ${SUDO} apt-get -y install openjdk-7-jdk; }" >> ${LOG} 2>&1 +for java in "jre" "jdk" "java-1.7.0-openjdk" "java-1.7.0-openjdk-amd64"; do + if ssh ${SSH_OPTS} ${ROOT}@${HOST} "test -d /usr/lib/jvm/${java}"; then + JAVA_HOME="/usr/lib/jvm/${java}/" && echo "Java: ${JAVA_HOME}" >> ${LOG} + fi +done +ssh ${SSH_OPTS} ${ROOT}@${HOST} "test -x ${JAVA_HOME}/bin/${check}" >> ${LOG} 2>&1 || fail "Java is not installed" +log "...done!" + +# Increase linux kernel entropy for faster ssh connections +if [ "${SETUP_RANDOM}" ]; then + log -n "Installing rng-tool to increase entropy..." + ssh ${SSH_OPTS} ${ROOT}@${HOST} "which rng-tools || { ${SUDO} yum -y -q install rng-tools || ${SUDO} apt-get -y install rng-tools; }" >> ${LOG} 2>&1 + if ssh ${SSH_OPTS} ${ROOT}@${HOST} "test -f /etc/default/rng-tools"; then + echo "HRNGDEVICE=/dev/urandom" | ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} tee -a /etc/default/rng-tools" > /dev/null 2>&1 + ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} /etc/init.d/rng-tools start" >> ${LOG} 2>&1 + else + echo "EXTRAOPTIONS=\"-r /dev/urandom\"" | ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} tee -a /etc/sysconfig/rngd" > /dev/null 2>&1 + ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} /etc/init.d/rngd start" >> ${LOG} 2>&1 + fi + log "...done!" +fi + +# Create Brooklyn user if required +if ! ssh ${SSH_OPTS} ${ROOT}@${HOST} "id ${USER} > /dev/null 2>&1"; then + if [ -z "${SETUP_USER}" ]; then + error "User '${USER}' does not exist on ${HOST}" + fi + log -n "Creating '${USER}' user..." + ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} useradd ${USER} -s /bin/bash -d /home/${USER} -m" >> ${LOG} 2>&1 + ssh ${SSH_OPTS} ${ROOT}@${HOST} "id ${USER}" >> ${LOG} 2>&1 || fail "User was not created" + log "...done!" +fi + +# Setup Brooklyn user +if [ "${SETUP_USER}" ]; then + log -n "Setting up '${USER}' user... " + echo "${USER} ALL = (ALL) NOPASSWD: ALL" | ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} tee -a /etc/sudoers" > /dev/null 2>&1 + ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} sed -i.brooklyn.bak 's/.*requiretty.*/#brooklyn-removed-require-tty/' /etc/sudoers" + ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} mkdir -p /home/${USER}/.ssh" + ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} chmod 700 /home/${USER}/.ssh" + echo "${SSH_PUBLIC_KEY_DATA}" | ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} tee -a /home/${USER}/.ssh/authorized_keys" > /dev/null 2>&1 + ssh ${SSH_OPTS} ${ROOT}@${HOST} "${SUDO} chown -R ${USER}.${USER} /home/${USER}/.ssh" + ssh ${SSH_OPTS} ${USER}@${HOST} "ssh-keygen -q -t rsa -N \"\" -f .ssh/id_rsa" + ssh ${SSH_OPTS} ${USER}@${HOST} "ssh-keygen -y -f .ssh/id_rsa >> .ssh/authorized_keys" + log "...done!" +fi + +# Setup Brooklyn +log -n "Downloading Brooklyn distribution..." +ssh ${SSH_OPTS} ${USER}@${HOST} "curl -L -s -o brooklyn-${BROOKLYN_VERSION}.tar.gz http://search.maven.org/remotecontent?filepath=io/brooklyn/brooklyn-dist/${BROOKLYN_VERSION}/brooklyn-dist-${BROOKLYN_VERSION}-dist.tar.gz" +ssh ${SSH_OPTS} ${USER}@${HOST} "tar zxvf brooklyn-${BROOKLYN_VERSION}.tar.gz" >> ${LOG} 2>&1 +ssh ${SSH_OPTS} ${USER}@${HOST} "test -x brooklyn-${BROOKLYN_VERSION}/bin/brooklyn" || fail "Brooklyn was not downloaded correctly" +log "...done!" + +# Configure Brooklyn if no brooklyn.properties +if ! ssh ${SSH_OPTS} ${USER}@${HOST} "test -f .brooklyn/brooklyn.properties"; then + log -n "Configuring Brooklyn properties..." + ssh ${SSH_OPTS} ${USER}@${HOST} "mkdir -p .brooklyn" + ssh ${SSH_OPTS} ${USER}@${HOST} "curl -L -s -o .brooklyn/brooklyn.properties http://brooklyncentral.github.io/use/guide/quickstart/brooklyn.properties" + ssh ${SSH_OPTS} ${USER}@${HOST} "curl -L -s -o .brooklyn/catalog.xml http://brooklyncentral.github.io/use/guide/quickstart/catalog.xml" + + # Generate Brooklyn admin password + if ${GENERATE_PASSWORD}; then + GENERATED=$(dd if=/dev/random bs=1 count=8 2> /dev/null | uuencode -m - | sed -n 2p | tr -dc "A-Za-z0-9") + SALT=$(echo ${GENERATED} | cut -c1-4) + PASSWORD=$(echo ${GENERATED} | cut -c5-12) + which shasum && SHA256="shasum -a 256" + which sha256sumi && SHA256="sha256sum" + HASH=$(echo -n ${SALT}${PASSWORD} | ${SHA256} | cut -d\ -f1) + ssh ${SSH_OPTS} ${USER}@${HOST} "tee -a .brooklyn/brooklyn.properties" > /dev/null 2>&1 < .brooklyn/catalog.xml" < + + Brooklyn Demos + + + + + +